1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  *  Copyright IBM Corp. 2019
4  *  Author(s): Harald Freudenberger <freude@linux.ibm.com>
5  *
6  *  Collection of EP11 misc functions used by zcrypt and pkey
7  */
8 
9 #define KMSG_COMPONENT "zcrypt"
10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
11 
12 #include <linux/init.h>
13 #include <linux/module.h>
14 #include <linux/slab.h>
15 #include <linux/random.h>
16 #include <asm/zcrypt.h>
17 #include <asm/pkey.h>
18 #include <crypto/aes.h>
19 
20 #include "ap_bus.h"
21 #include "zcrypt_api.h"
22 #include "zcrypt_debug.h"
23 #include "zcrypt_msgtype6.h"
24 #include "zcrypt_ep11misc.h"
25 #include "zcrypt_ccamisc.h"
26 
27 #define EP11_PINBLOB_V1_BYTES 56
28 
29 /* default iv used here */
30 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
31 			       0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
32 
33 /* ep11 card info cache */
34 struct card_list_entry {
35 	struct list_head list;
36 	u16 cardnr;
37 	struct ep11_card_info info;
38 };
39 static LIST_HEAD(card_list);
40 static DEFINE_SPINLOCK(card_list_lock);
41 
card_cache_fetch(u16 cardnr,struct ep11_card_info * ci)42 static int card_cache_fetch(u16 cardnr, struct ep11_card_info *ci)
43 {
44 	int rc = -ENOENT;
45 	struct card_list_entry *ptr;
46 
47 	spin_lock_bh(&card_list_lock);
48 	list_for_each_entry(ptr, &card_list, list) {
49 		if (ptr->cardnr == cardnr) {
50 			memcpy(ci, &ptr->info, sizeof(*ci));
51 			rc = 0;
52 			break;
53 		}
54 	}
55 	spin_unlock_bh(&card_list_lock);
56 
57 	return rc;
58 }
59 
card_cache_update(u16 cardnr,const struct ep11_card_info * ci)60 static void card_cache_update(u16 cardnr, const struct ep11_card_info *ci)
61 {
62 	int found = 0;
63 	struct card_list_entry *ptr;
64 
65 	spin_lock_bh(&card_list_lock);
66 	list_for_each_entry(ptr, &card_list, list) {
67 		if (ptr->cardnr == cardnr) {
68 			memcpy(&ptr->info, ci, sizeof(*ci));
69 			found = 1;
70 			break;
71 		}
72 	}
73 	if (!found) {
74 		ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC);
75 		if (!ptr) {
76 			spin_unlock_bh(&card_list_lock);
77 			return;
78 		}
79 		ptr->cardnr = cardnr;
80 		memcpy(&ptr->info, ci, sizeof(*ci));
81 		list_add(&ptr->list, &card_list);
82 	}
83 	spin_unlock_bh(&card_list_lock);
84 }
85 
card_cache_scrub(u16 cardnr)86 static void card_cache_scrub(u16 cardnr)
87 {
88 	struct card_list_entry *ptr;
89 
90 	spin_lock_bh(&card_list_lock);
91 	list_for_each_entry(ptr, &card_list, list) {
92 		if (ptr->cardnr == cardnr) {
93 			list_del(&ptr->list);
94 			kfree(ptr);
95 			break;
96 		}
97 	}
98 	spin_unlock_bh(&card_list_lock);
99 }
100 
card_cache_free(void)101 static void __exit card_cache_free(void)
102 {
103 	struct card_list_entry *ptr, *pnext;
104 
105 	spin_lock_bh(&card_list_lock);
106 	list_for_each_entry_safe(ptr, pnext, &card_list, list) {
107 		list_del(&ptr->list);
108 		kfree(ptr);
109 	}
110 	spin_unlock_bh(&card_list_lock);
111 }
112 
ep11_kb_split(const u8 * kb,size_t kblen,u32 kbver,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,u8 ** kbpl,size_t * kbplsize)113 static int ep11_kb_split(const u8 *kb, size_t kblen, u32 kbver,
114 			 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
115 			 u8 **kbpl, size_t *kbplsize)
116 {
117 	struct ep11kblob_header *hdr = NULL;
118 	size_t hdrsize, plsize = 0;
119 	int rc = -EINVAL;
120 	u8 *pl = NULL;
121 
122 	if (kblen < sizeof(struct ep11kblob_header))
123 		goto out;
124 	hdr = (struct ep11kblob_header *)kb;
125 
126 	switch (kbver) {
127 	case TOKVER_EP11_AES:
128 		/* header overlays the payload */
129 		hdrsize = 0;
130 		break;
131 	case TOKVER_EP11_ECC_WITH_HEADER:
132 	case TOKVER_EP11_AES_WITH_HEADER:
133 		/* payload starts after the header */
134 		hdrsize = sizeof(struct ep11kblob_header);
135 		break;
136 	default:
137 		goto out;
138 	}
139 
140 	plsize = kblen - hdrsize;
141 	pl = (u8 *)kb + hdrsize;
142 
143 	if (kbhdr)
144 		*kbhdr = hdr;
145 	if (kbhdrsize)
146 		*kbhdrsize = hdrsize;
147 	if (kbpl)
148 		*kbpl = pl;
149 	if (kbplsize)
150 		*kbplsize = plsize;
151 
152 	rc = 0;
153 out:
154 	return rc;
155 }
156 
ep11_kb_decode(const u8 * kb,size_t kblen,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,struct ep11keyblob ** kbpl,size_t * kbplsize)157 static int ep11_kb_decode(const u8 *kb, size_t kblen,
158 			  struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
159 			  struct ep11keyblob **kbpl, size_t *kbplsize)
160 {
161 	struct ep11kblob_header *tmph, *hdr = NULL;
162 	size_t hdrsize = 0, plsize = 0;
163 	struct ep11keyblob *pl = NULL;
164 	int rc = -EINVAL;
165 	u8 *tmpp;
166 
167 	if (kblen < sizeof(struct ep11kblob_header))
168 		goto out;
169 	tmph = (struct ep11kblob_header *)kb;
170 
171 	if (tmph->type != TOKTYPE_NON_CCA &&
172 	    tmph->len > kblen)
173 		goto out;
174 
175 	if (ep11_kb_split(kb, kblen, tmph->version,
176 			  &hdr, &hdrsize, &tmpp, &plsize))
177 		goto out;
178 
179 	if (plsize < sizeof(struct ep11keyblob))
180 		goto out;
181 
182 	if (!is_ep11_keyblob(tmpp))
183 		goto out;
184 
185 	pl = (struct ep11keyblob *)tmpp;
186 	plsize = hdr->len - hdrsize;
187 
188 	if (kbhdr)
189 		*kbhdr = hdr;
190 	if (kbhdrsize)
191 		*kbhdrsize = hdrsize;
192 	if (kbpl)
193 		*kbpl = pl;
194 	if (kbplsize)
195 		*kbplsize = plsize;
196 
197 	rc = 0;
198 out:
199 	return rc;
200 }
201 
202 /*
203  * For valid ep11 keyblobs, returns a reference to the wrappingkey verification
204  * pattern. Otherwise NULL.
205  */
ep11_kb_wkvp(const u8 * keyblob,u32 keybloblen)206 const u8 *ep11_kb_wkvp(const u8 *keyblob, u32 keybloblen)
207 {
208 	struct ep11keyblob *kb;
209 
210 	if (ep11_kb_decode(keyblob, keybloblen, NULL, NULL, &kb, NULL))
211 		return NULL;
212 	return kb->wkvp;
213 }
214 EXPORT_SYMBOL(ep11_kb_wkvp);
215 
216 /*
217  * Simple check if the key blob is a valid EP11 AES key blob with header.
218  */
ep11_check_aes_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)219 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl,
220 				const u8 *key, u32 keylen, int checkcpacfexp)
221 {
222 	struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
223 	struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
224 
225 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
226 
227 	if (keylen < sizeof(*hdr) + sizeof(*kb)) {
228 		DBF("%s key check failed, keylen %u < %zu\n",
229 		    __func__, keylen, sizeof(*hdr) + sizeof(*kb));
230 		return -EINVAL;
231 	}
232 
233 	if (hdr->type != TOKTYPE_NON_CCA) {
234 		if (dbg)
235 			DBF("%s key check failed, type 0x%02x != 0x%02x\n",
236 			    __func__, (int)hdr->type, TOKTYPE_NON_CCA);
237 		return -EINVAL;
238 	}
239 	if (hdr->hver != 0x00) {
240 		if (dbg)
241 			DBF("%s key check failed, header version 0x%02x != 0x00\n",
242 			    __func__, (int)hdr->hver);
243 		return -EINVAL;
244 	}
245 	if (hdr->version != TOKVER_EP11_AES_WITH_HEADER) {
246 		if (dbg)
247 			DBF("%s key check failed, version 0x%02x != 0x%02x\n",
248 			    __func__, (int)hdr->version, TOKVER_EP11_AES_WITH_HEADER);
249 		return -EINVAL;
250 	}
251 	if (hdr->len > keylen) {
252 		if (dbg)
253 			DBF("%s key check failed, header len %d keylen %u mismatch\n",
254 			    __func__, (int)hdr->len, keylen);
255 		return -EINVAL;
256 	}
257 	if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
258 		if (dbg)
259 			DBF("%s key check failed, header len %d < %zu\n",
260 			    __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
261 		return -EINVAL;
262 	}
263 
264 	if (kb->version != EP11_STRUCT_MAGIC) {
265 		if (dbg)
266 			DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
267 			    __func__, (int)kb->version, EP11_STRUCT_MAGIC);
268 		return -EINVAL;
269 	}
270 	if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
271 		if (dbg)
272 			DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
273 			    __func__);
274 		return -EINVAL;
275 	}
276 
277 #undef DBF
278 
279 	return 0;
280 }
281 EXPORT_SYMBOL(ep11_check_aes_key_with_hdr);
282 
283 /*
284  * Simple check if the key blob is a valid EP11 ECC key blob with header.
285  */
ep11_check_ecc_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)286 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl,
287 				const u8 *key, u32 keylen, int checkcpacfexp)
288 {
289 	struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
290 	struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
291 
292 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
293 
294 	if (keylen < sizeof(*hdr) + sizeof(*kb)) {
295 		DBF("%s key check failed, keylen %u < %zu\n",
296 		    __func__, keylen, sizeof(*hdr) + sizeof(*kb));
297 		return -EINVAL;
298 	}
299 
300 	if (hdr->type != TOKTYPE_NON_CCA) {
301 		if (dbg)
302 			DBF("%s key check failed, type 0x%02x != 0x%02x\n",
303 			    __func__, (int)hdr->type, TOKTYPE_NON_CCA);
304 		return -EINVAL;
305 	}
306 	if (hdr->hver != 0x00) {
307 		if (dbg)
308 			DBF("%s key check failed, header version 0x%02x != 0x00\n",
309 			    __func__, (int)hdr->hver);
310 		return -EINVAL;
311 	}
312 	if (hdr->version != TOKVER_EP11_ECC_WITH_HEADER) {
313 		if (dbg)
314 			DBF("%s key check failed, version 0x%02x != 0x%02x\n",
315 			    __func__, (int)hdr->version, TOKVER_EP11_ECC_WITH_HEADER);
316 		return -EINVAL;
317 	}
318 	if (hdr->len > keylen) {
319 		if (dbg)
320 			DBF("%s key check failed, header len %d keylen %u mismatch\n",
321 			    __func__, (int)hdr->len, keylen);
322 		return -EINVAL;
323 	}
324 	if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
325 		if (dbg)
326 			DBF("%s key check failed, header len %d < %zu\n",
327 			    __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
328 		return -EINVAL;
329 	}
330 
331 	if (kb->version != EP11_STRUCT_MAGIC) {
332 		if (dbg)
333 			DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
334 			    __func__, (int)kb->version, EP11_STRUCT_MAGIC);
335 		return -EINVAL;
336 	}
337 	if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
338 		if (dbg)
339 			DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
340 			    __func__);
341 		return -EINVAL;
342 	}
343 
344 #undef DBF
345 
346 	return 0;
347 }
348 EXPORT_SYMBOL(ep11_check_ecc_key_with_hdr);
349 
350 /*
351  * Simple check if the key blob is a valid EP11 AES key blob with
352  * the header in the session field (old style EP11 AES key).
353  */
ep11_check_aes_key(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)354 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl,
355 		       const u8 *key, u32 keylen, int checkcpacfexp)
356 {
357 	struct ep11keyblob *kb = (struct ep11keyblob *)key;
358 
359 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
360 
361 	if (keylen < sizeof(*kb)) {
362 		DBF("%s key check failed, keylen %u < %zu\n",
363 		    __func__, keylen, sizeof(*kb));
364 		return -EINVAL;
365 	}
366 
367 	if (kb->head.type != TOKTYPE_NON_CCA) {
368 		if (dbg)
369 			DBF("%s key check failed, type 0x%02x != 0x%02x\n",
370 			    __func__, (int)kb->head.type, TOKTYPE_NON_CCA);
371 		return -EINVAL;
372 	}
373 	if (kb->head.version != TOKVER_EP11_AES) {
374 		if (dbg)
375 			DBF("%s key check failed, version 0x%02x != 0x%02x\n",
376 			    __func__, (int)kb->head.version, TOKVER_EP11_AES);
377 		return -EINVAL;
378 	}
379 	if (kb->head.len > keylen) {
380 		if (dbg)
381 			DBF("%s key check failed, header len %d keylen %u mismatch\n",
382 			    __func__, (int)kb->head.len, keylen);
383 		return -EINVAL;
384 	}
385 	if (kb->head.len < sizeof(*kb)) {
386 		if (dbg)
387 			DBF("%s key check failed, header len %d < %zu\n",
388 			    __func__, (int)kb->head.len, sizeof(*kb));
389 		return -EINVAL;
390 	}
391 
392 	if (kb->version != EP11_STRUCT_MAGIC) {
393 		if (dbg)
394 			DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
395 			    __func__, (int)kb->version, EP11_STRUCT_MAGIC);
396 		return -EINVAL;
397 	}
398 	if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
399 		if (dbg)
400 			DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
401 			    __func__);
402 		return -EINVAL;
403 	}
404 
405 #undef DBF
406 
407 	return 0;
408 }
409 EXPORT_SYMBOL(ep11_check_aes_key);
410 
411 /*
412  * Allocate and prepare ep11 cprb plus additional payload.
413  */
alloc_cprb(size_t payload_len)414 static inline struct ep11_cprb *alloc_cprb(size_t payload_len)
415 {
416 	size_t len = sizeof(struct ep11_cprb) + payload_len;
417 	struct ep11_cprb *cprb;
418 
419 	cprb = kzalloc(len, GFP_KERNEL);
420 	if (!cprb)
421 		return NULL;
422 
423 	cprb->cprb_len = sizeof(struct ep11_cprb);
424 	cprb->cprb_ver_id = 0x04;
425 	memcpy(cprb->func_id, "T4", 2);
426 	cprb->ret_code = 0xFFFFFFFF;
427 	cprb->payload_len = payload_len;
428 
429 	return cprb;
430 }
431 
432 /*
433  * Some helper functions related to ASN1 encoding.
434  * Limited to length info <= 2 byte.
435  */
436 
437 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0))
438 
asn1tag_write(u8 * ptr,u8 tag,const u8 * pvalue,u16 valuelen)439 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen)
440 {
441 	ptr[0] = tag;
442 	if (valuelen > 255) {
443 		ptr[1] = 0x82;
444 		*((u16 *)(ptr + 2)) = valuelen;
445 		memcpy(ptr + 4, pvalue, valuelen);
446 		return 4 + valuelen;
447 	}
448 	if (valuelen > 127) {
449 		ptr[1] = 0x81;
450 		ptr[2] = (u8)valuelen;
451 		memcpy(ptr + 3, pvalue, valuelen);
452 		return 3 + valuelen;
453 	}
454 	ptr[1] = (u8)valuelen;
455 	memcpy(ptr + 2, pvalue, valuelen);
456 	return 2 + valuelen;
457 }
458 
459 /* EP11 payload > 127 bytes starts with this struct */
460 struct pl_head {
461 	u8  tag;
462 	u8  lenfmt;
463 	u16 len;
464 	u8  func_tag;
465 	u8  func_len;
466 	u32 func;
467 	u8  dom_tag;
468 	u8  dom_len;
469 	u32 dom;
470 } __packed;
471 
472 /* prep ep11 payload head helper function */
prep_head(struct pl_head * h,size_t pl_size,int api,int func)473 static inline void prep_head(struct pl_head *h,
474 			     size_t pl_size, int api, int func)
475 {
476 	h->tag = 0x30;
477 	h->lenfmt = 0x82;
478 	h->len = pl_size - 4;
479 	h->func_tag = 0x04;
480 	h->func_len = sizeof(u32);
481 	h->func = (api << 16) + func;
482 	h->dom_tag = 0x04;
483 	h->dom_len = sizeof(u32);
484 }
485 
486 /* prep urb helper function */
prep_urb(struct ep11_urb * u,struct ep11_target_dev * t,int nt,struct ep11_cprb * req,size_t req_len,struct ep11_cprb * rep,size_t rep_len)487 static inline void prep_urb(struct ep11_urb *u,
488 			    struct ep11_target_dev *t, int nt,
489 			    struct ep11_cprb *req, size_t req_len,
490 			    struct ep11_cprb *rep, size_t rep_len)
491 {
492 	u->targets = (u8 __user *)t;
493 	u->targets_num = nt;
494 	u->req = (u8 __user *)req;
495 	u->req_len = req_len;
496 	u->resp = (u8 __user *)rep;
497 	u->resp_len = rep_len;
498 }
499 
500 /* Check ep11 reply payload, return 0 or suggested errno value. */
check_reply_pl(const u8 * pl,const char * func)501 static int check_reply_pl(const u8 *pl, const char *func)
502 {
503 	int len;
504 	u32 ret;
505 
506 	/* start tag */
507 	if (*pl++ != 0x30) {
508 		ZCRYPT_DBF_ERR("%s reply start tag mismatch\n", func);
509 		return -EIO;
510 	}
511 
512 	/* payload length format */
513 	if (*pl < 127) {
514 		len = *pl;
515 		pl++;
516 	} else if (*pl == 0x81) {
517 		pl++;
518 		len = *pl;
519 		pl++;
520 	} else if (*pl == 0x82) {
521 		pl++;
522 		len = *((u16 *)pl);
523 		pl += 2;
524 	} else {
525 		ZCRYPT_DBF_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n",
526 			       func, *pl);
527 		return -EIO;
528 	}
529 
530 	/* len should cover at least 3 fields with 32 bit value each */
531 	if (len < 3 * 6) {
532 		ZCRYPT_DBF_ERR("%s reply length %d too small\n", func, len);
533 		return -EIO;
534 	}
535 
536 	/* function tag, length and value */
537 	if (pl[0] != 0x04 || pl[1] != 0x04) {
538 		ZCRYPT_DBF_ERR("%s function tag or length mismatch\n", func);
539 		return -EIO;
540 	}
541 	pl += 6;
542 
543 	/* dom tag, length and value */
544 	if (pl[0] != 0x04 || pl[1] != 0x04) {
545 		ZCRYPT_DBF_ERR("%s dom tag or length mismatch\n", func);
546 		return -EIO;
547 	}
548 	pl += 6;
549 
550 	/* return value tag, length and value */
551 	if (pl[0] != 0x04 || pl[1] != 0x04) {
552 		ZCRYPT_DBF_ERR("%s return value tag or length mismatch\n",
553 			       func);
554 		return -EIO;
555 	}
556 	pl += 2;
557 	ret = *((u32 *)pl);
558 	if (ret != 0) {
559 		ZCRYPT_DBF_ERR("%s return value 0x%08x != 0\n", func, ret);
560 		return -EIO;
561 	}
562 
563 	return 0;
564 }
565 
566 /* Check ep11 reply cprb, return 0 or suggested errno value. */
check_reply_cprb(const struct ep11_cprb * rep,const char * func)567 static int check_reply_cprb(const struct ep11_cprb *rep, const char *func)
568 {
569 	/* check ep11 reply return code field */
570 	if (rep->ret_code) {
571 		ZCRYPT_DBF_ERR("%s ep11 reply ret_code=0x%08x\n", __func__,
572 			       rep->ret_code);
573 		if (rep->ret_code == 0x000c0003)
574 			return -EBUSY;
575 		else
576 			return -EIO;
577 	}
578 
579 	return 0;
580 }
581 
582 /*
583  * Helper function which does an ep11 query with given query type.
584  */
ep11_query_info(u16 cardnr,u16 domain,u32 query_type,size_t buflen,u8 * buf)585 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
586 			   size_t buflen, u8 *buf)
587 {
588 	struct ep11_info_req_pl {
589 		struct pl_head head;
590 		u8  query_type_tag;
591 		u8  query_type_len;
592 		u32 query_type;
593 		u8  query_subtype_tag;
594 		u8  query_subtype_len;
595 		u32 query_subtype;
596 	} __packed * req_pl;
597 	struct ep11_info_rep_pl {
598 		struct pl_head head;
599 		u8  rc_tag;
600 		u8  rc_len;
601 		u32 rc;
602 		u8  data_tag;
603 		u8  data_lenfmt;
604 		u16 data_len;
605 	} __packed * rep_pl;
606 	struct ep11_cprb *req = NULL, *rep = NULL;
607 	struct ep11_target_dev target;
608 	struct ep11_urb *urb = NULL;
609 	int api = EP11_API_V1, rc = -ENOMEM;
610 
611 	/* request cprb and payload */
612 	req = alloc_cprb(sizeof(struct ep11_info_req_pl));
613 	if (!req)
614 		goto out;
615 	req_pl = (struct ep11_info_req_pl *)(((u8 *)req) + sizeof(*req));
616 	prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */
617 	req_pl->query_type_tag = 0x04;
618 	req_pl->query_type_len = sizeof(u32);
619 	req_pl->query_type = query_type;
620 	req_pl->query_subtype_tag = 0x04;
621 	req_pl->query_subtype_len = sizeof(u32);
622 
623 	/* reply cprb and payload */
624 	rep = alloc_cprb(sizeof(struct ep11_info_rep_pl) + buflen);
625 	if (!rep)
626 		goto out;
627 	rep_pl = (struct ep11_info_rep_pl *)(((u8 *)rep) + sizeof(*rep));
628 
629 	/* urb and target */
630 	urb = kmalloc(sizeof(*urb), GFP_KERNEL);
631 	if (!urb)
632 		goto out;
633 	target.ap_id = cardnr;
634 	target.dom_id = domain;
635 	prep_urb(urb, &target, 1,
636 		 req, sizeof(*req) + sizeof(*req_pl),
637 		 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen);
638 
639 	rc = zcrypt_send_ep11_cprb(urb);
640 	if (rc) {
641 		ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
642 			       __func__, (int)cardnr, (int)domain, rc);
643 		goto out;
644 	}
645 
646 	/* check ep11 reply cprb */
647 	rc = check_reply_cprb(rep, __func__);
648 	if (rc)
649 		goto out;
650 
651 	/* check payload */
652 	rc = check_reply_pl((u8 *)rep_pl, __func__);
653 	if (rc)
654 		goto out;
655 	if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
656 		ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
657 		rc = -EIO;
658 		goto out;
659 	}
660 	if (rep_pl->data_len > buflen) {
661 		ZCRYPT_DBF_ERR("%s mismatch between reply data len and buffer len\n",
662 			       __func__);
663 		rc = -ENOSPC;
664 		goto out;
665 	}
666 
667 	memcpy(buf, ((u8 *)rep_pl) + sizeof(*rep_pl), rep_pl->data_len);
668 
669 out:
670 	kfree(req);
671 	kfree(rep);
672 	kfree(urb);
673 	return rc;
674 }
675 
676 /*
677  * Provide information about an EP11 card.
678  */
ep11_get_card_info(u16 card,struct ep11_card_info * info,int verify)679 int ep11_get_card_info(u16 card, struct ep11_card_info *info, int verify)
680 {
681 	int rc;
682 	struct ep11_module_query_info {
683 		u32 API_ord_nr;
684 		u32 firmware_id;
685 		u8  FW_major_vers;
686 		u8  FW_minor_vers;
687 		u8  CSP_major_vers;
688 		u8  CSP_minor_vers;
689 		u8  fwid[32];
690 		u8  xcp_config_hash[32];
691 		u8  CSP_config_hash[32];
692 		u8  serial[16];
693 		u8  module_date_time[16];
694 		u64 op_mode;
695 		u32 PKCS11_flags;
696 		u32 ext_flags;
697 		u32 domains;
698 		u32 sym_state_bytes;
699 		u32 digest_state_bytes;
700 		u32 pin_blob_bytes;
701 		u32 SPKI_bytes;
702 		u32 priv_key_blob_bytes;
703 		u32 sym_blob_bytes;
704 		u32 max_payload_bytes;
705 		u32 CP_profile_bytes;
706 		u32 max_CP_index;
707 	} __packed * pmqi = NULL;
708 
709 	rc = card_cache_fetch(card, info);
710 	if (rc || verify) {
711 		pmqi = kmalloc(sizeof(*pmqi), GFP_KERNEL);
712 		if (!pmqi)
713 			return -ENOMEM;
714 		rc = ep11_query_info(card, AUTOSEL_DOM,
715 				     0x01 /* module info query */,
716 				     sizeof(*pmqi), (u8 *)pmqi);
717 		if (rc) {
718 			if (rc == -ENODEV)
719 				card_cache_scrub(card);
720 			goto out;
721 		}
722 		memset(info, 0, sizeof(*info));
723 		info->API_ord_nr = pmqi->API_ord_nr;
724 		info->FW_version =
725 			(pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers;
726 		memcpy(info->serial, pmqi->serial, sizeof(info->serial));
727 		info->op_mode = pmqi->op_mode;
728 		card_cache_update(card, info);
729 	}
730 
731 out:
732 	kfree(pmqi);
733 	return rc;
734 }
735 EXPORT_SYMBOL(ep11_get_card_info);
736 
737 /*
738  * Provide information about a domain within an EP11 card.
739  */
ep11_get_domain_info(u16 card,u16 domain,struct ep11_domain_info * info)740 int ep11_get_domain_info(u16 card, u16 domain, struct ep11_domain_info *info)
741 {
742 	int rc;
743 	struct ep11_domain_query_info {
744 		u32 dom_index;
745 		u8  cur_WK_VP[32];
746 		u8  new_WK_VP[32];
747 		u32 dom_flags;
748 		u64 op_mode;
749 	} __packed * p_dom_info;
750 
751 	p_dom_info = kmalloc(sizeof(*p_dom_info), GFP_KERNEL);
752 	if (!p_dom_info)
753 		return -ENOMEM;
754 
755 	rc = ep11_query_info(card, domain, 0x03 /* domain info query */,
756 			     sizeof(*p_dom_info), (u8 *)p_dom_info);
757 	if (rc)
758 		goto out;
759 
760 	memset(info, 0, sizeof(*info));
761 	info->cur_wk_state = '0';
762 	info->new_wk_state = '0';
763 	if (p_dom_info->dom_flags & 0x10 /* left imprint mode */) {
764 		if (p_dom_info->dom_flags & 0x02 /* cur wk valid */) {
765 			info->cur_wk_state = '1';
766 			memcpy(info->cur_wkvp, p_dom_info->cur_WK_VP, 32);
767 		}
768 		if (p_dom_info->dom_flags & 0x04 || /* new wk present */
769 		    p_dom_info->dom_flags & 0x08 /* new wk committed */) {
770 			info->new_wk_state =
771 				p_dom_info->dom_flags & 0x08 ? '2' : '1';
772 			memcpy(info->new_wkvp, p_dom_info->new_WK_VP, 32);
773 		}
774 	}
775 	info->op_mode = p_dom_info->op_mode;
776 
777 out:
778 	kfree(p_dom_info);
779 	return rc;
780 }
781 EXPORT_SYMBOL(ep11_get_domain_info);
782 
783 /*
784  * Default EP11 AES key generate attributes, used when no keygenflags given:
785  * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE
786  */
787 #define KEY_ATTR_DEFAULTS 0x00200c00
788 
_ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize)789 static int _ep11_genaeskey(u16 card, u16 domain,
790 			   u32 keybitsize, u32 keygenflags,
791 			   u8 *keybuf, size_t *keybufsize)
792 {
793 	struct keygen_req_pl {
794 		struct pl_head head;
795 		u8  var_tag;
796 		u8  var_len;
797 		u32 var;
798 		u8  keybytes_tag;
799 		u8  keybytes_len;
800 		u32 keybytes;
801 		u8  mech_tag;
802 		u8  mech_len;
803 		u32 mech;
804 		u8  attr_tag;
805 		u8  attr_len;
806 		u32 attr_header;
807 		u32 attr_bool_mask;
808 		u32 attr_bool_bits;
809 		u32 attr_val_len_type;
810 		u32 attr_val_len_value;
811 		/* followed by empty pin tag or empty pinblob tag */
812 	} __packed * req_pl;
813 	struct keygen_rep_pl {
814 		struct pl_head head;
815 		u8  rc_tag;
816 		u8  rc_len;
817 		u32 rc;
818 		u8  data_tag;
819 		u8  data_lenfmt;
820 		u16 data_len;
821 		u8  data[512];
822 	} __packed * rep_pl;
823 	struct ep11_cprb *req = NULL, *rep = NULL;
824 	size_t req_pl_size, pinblob_size = 0;
825 	struct ep11_target_dev target;
826 	struct ep11_urb *urb = NULL;
827 	int api, rc = -ENOMEM;
828 	u8 *p;
829 
830 	switch (keybitsize) {
831 	case 128:
832 	case 192:
833 	case 256:
834 		break;
835 	default:
836 		ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
837 			       __func__, keybitsize);
838 		rc = -EINVAL;
839 		goto out;
840 	}
841 
842 	/* request cprb and payload */
843 	api = (!keygenflags || keygenflags & 0x00200000) ?
844 		EP11_API_V4 : EP11_API_V1;
845 	if (ap_is_se_guest()) {
846 		/*
847 		 * genkey within SE environment requires API ordinal 6
848 		 * with empty pinblob
849 		 */
850 		api = EP11_API_V6;
851 		pinblob_size = EP11_PINBLOB_V1_BYTES;
852 	}
853 	req_pl_size = sizeof(struct keygen_req_pl) + ASN1TAGLEN(pinblob_size);
854 	req = alloc_cprb(req_pl_size);
855 	if (!req)
856 		goto out;
857 	req_pl = (struct keygen_req_pl *)(((u8 *)req) + sizeof(*req));
858 	prep_head(&req_pl->head, req_pl_size, api, 21); /* GenerateKey */
859 	req_pl->var_tag = 0x04;
860 	req_pl->var_len = sizeof(u32);
861 	req_pl->keybytes_tag = 0x04;
862 	req_pl->keybytes_len = sizeof(u32);
863 	req_pl->keybytes = keybitsize / 8;
864 	req_pl->mech_tag = 0x04;
865 	req_pl->mech_len = sizeof(u32);
866 	req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */
867 	req_pl->attr_tag = 0x04;
868 	req_pl->attr_len = 5 * sizeof(u32);
869 	req_pl->attr_header = 0x10010000;
870 	req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
871 	req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
872 	req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */
873 	req_pl->attr_val_len_value = keybitsize / 8;
874 	p = ((u8 *)req_pl) + sizeof(*req_pl);
875 	/* pin tag */
876 	*p++ = 0x04;
877 	*p++ = pinblob_size;
878 
879 	/* reply cprb and payload */
880 	rep = alloc_cprb(sizeof(struct keygen_rep_pl));
881 	if (!rep)
882 		goto out;
883 	rep_pl = (struct keygen_rep_pl *)(((u8 *)rep) + sizeof(*rep));
884 
885 	/* urb and target */
886 	urb = kmalloc(sizeof(*urb), GFP_KERNEL);
887 	if (!urb)
888 		goto out;
889 	target.ap_id = card;
890 	target.dom_id = domain;
891 	prep_urb(urb, &target, 1,
892 		 req, sizeof(*req) + req_pl_size,
893 		 rep, sizeof(*rep) + sizeof(*rep_pl));
894 
895 	rc = zcrypt_send_ep11_cprb(urb);
896 	if (rc) {
897 		ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
898 			       __func__, (int)card, (int)domain, rc);
899 		goto out;
900 	}
901 
902 	/* check ep11 reply cprb */
903 	rc = check_reply_cprb(rep, __func__);
904 	if (rc)
905 		goto out;
906 
907 	/* check payload */
908 	rc = check_reply_pl((u8 *)rep_pl, __func__);
909 	if (rc)
910 		goto out;
911 	if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
912 		ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
913 		rc = -EIO;
914 		goto out;
915 	}
916 	if (rep_pl->data_len > *keybufsize) {
917 		ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
918 			       __func__);
919 		rc = -ENOSPC;
920 		goto out;
921 	}
922 
923 	/* copy key blob */
924 	memcpy(keybuf, rep_pl->data, rep_pl->data_len);
925 	*keybufsize = rep_pl->data_len;
926 
927 out:
928 	kfree(req);
929 	kfree(rep);
930 	kfree(urb);
931 	return rc;
932 }
933 
ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u32 keybufver)934 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
935 		   u8 *keybuf, u32 *keybufsize, u32 keybufver)
936 {
937 	struct ep11kblob_header *hdr;
938 	size_t hdr_size, pl_size;
939 	u8 *pl;
940 	int rc;
941 
942 	switch (keybufver) {
943 	case TOKVER_EP11_AES:
944 	case TOKVER_EP11_AES_WITH_HEADER:
945 		break;
946 	default:
947 		return -EINVAL;
948 	}
949 
950 	rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
951 			   &hdr, &hdr_size, &pl, &pl_size);
952 	if (rc)
953 		return rc;
954 
955 	rc = _ep11_genaeskey(card, domain, keybitsize, keygenflags,
956 			     pl, &pl_size);
957 	if (rc)
958 		return rc;
959 
960 	*keybufsize = hdr_size + pl_size;
961 
962 	/* update header information */
963 	hdr->type = TOKTYPE_NON_CCA;
964 	hdr->len = *keybufsize;
965 	hdr->version = keybufver;
966 	hdr->bitlen = keybitsize;
967 
968 	return 0;
969 }
970 EXPORT_SYMBOL(ep11_genaeskey);
971 
ep11_cryptsingle(u16 card,u16 domain,u16 mode,u32 mech,const u8 * iv,const u8 * key,size_t keysize,const u8 * inbuf,size_t inbufsize,u8 * outbuf,size_t * outbufsize)972 static int ep11_cryptsingle(u16 card, u16 domain,
973 			    u16 mode, u32 mech, const u8 *iv,
974 			    const u8 *key, size_t keysize,
975 			    const u8 *inbuf, size_t inbufsize,
976 			    u8 *outbuf, size_t *outbufsize)
977 {
978 	struct crypt_req_pl {
979 		struct pl_head head;
980 		u8  var_tag;
981 		u8  var_len;
982 		u32 var;
983 		u8  mech_tag;
984 		u8  mech_len;
985 		u32 mech;
986 		/*
987 		 * maybe followed by iv data
988 		 * followed by key tag + key blob
989 		 * followed by plaintext tag + plaintext
990 		 */
991 	} __packed * req_pl;
992 	struct crypt_rep_pl {
993 		struct pl_head head;
994 		u8  rc_tag;
995 		u8  rc_len;
996 		u32 rc;
997 		u8  data_tag;
998 		u8  data_lenfmt;
999 		/* data follows */
1000 	} __packed * rep_pl;
1001 	struct ep11_cprb *req = NULL, *rep = NULL;
1002 	struct ep11_target_dev target;
1003 	struct ep11_urb *urb = NULL;
1004 	size_t req_pl_size, rep_pl_size;
1005 	int n, api = EP11_API_V1, rc = -ENOMEM;
1006 	u8 *p;
1007 
1008 	/* the simple asn1 coding used has length limits */
1009 	if (keysize > 0xFFFF || inbufsize > 0xFFFF)
1010 		return -EINVAL;
1011 
1012 	/* request cprb and payload */
1013 	req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0)
1014 		+ ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize);
1015 	req = alloc_cprb(req_pl_size);
1016 	if (!req)
1017 		goto out;
1018 	req_pl = (struct crypt_req_pl *)(((u8 *)req) + sizeof(*req));
1019 	prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19));
1020 	req_pl->var_tag = 0x04;
1021 	req_pl->var_len = sizeof(u32);
1022 	/* mech is mech + mech params (iv here) */
1023 	req_pl->mech_tag = 0x04;
1024 	req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1025 	req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1026 	p = ((u8 *)req_pl) + sizeof(*req_pl);
1027 	if (iv) {
1028 		memcpy(p, iv, 16);
1029 		p += 16;
1030 	}
1031 	/* key and input data */
1032 	p += asn1tag_write(p, 0x04, key, keysize);
1033 	p += asn1tag_write(p, 0x04, inbuf, inbufsize);
1034 
1035 	/* reply cprb and payload, assume out data size <= in data size + 32 */
1036 	rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32);
1037 	rep = alloc_cprb(rep_pl_size);
1038 	if (!rep)
1039 		goto out;
1040 	rep_pl = (struct crypt_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1041 
1042 	/* urb and target */
1043 	urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1044 	if (!urb)
1045 		goto out;
1046 	target.ap_id = card;
1047 	target.dom_id = domain;
1048 	prep_urb(urb, &target, 1,
1049 		 req, sizeof(*req) + req_pl_size,
1050 		 rep, sizeof(*rep) + rep_pl_size);
1051 
1052 	rc = zcrypt_send_ep11_cprb(urb);
1053 	if (rc) {
1054 		ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1055 			       __func__, (int)card, (int)domain, rc);
1056 		goto out;
1057 	}
1058 
1059 	/* check ep11 reply cprb */
1060 	rc = check_reply_cprb(rep, __func__);
1061 	if (rc)
1062 		goto out;
1063 
1064 	/* check payload */
1065 	rc = check_reply_pl((u8 *)rep_pl, __func__);
1066 	if (rc)
1067 		goto out;
1068 	if (rep_pl->data_tag != 0x04) {
1069 		ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1070 		rc = -EIO;
1071 		goto out;
1072 	}
1073 	p = ((u8 *)rep_pl) + sizeof(*rep_pl);
1074 	if (rep_pl->data_lenfmt <= 127) {
1075 		n = rep_pl->data_lenfmt;
1076 	} else if (rep_pl->data_lenfmt == 0x81) {
1077 		n = *p++;
1078 	} else if (rep_pl->data_lenfmt == 0x82) {
1079 		n = *((u16 *)p);
1080 		p += 2;
1081 	} else {
1082 		ZCRYPT_DBF_ERR("%s unknown reply data length format 0x%02hhx\n",
1083 			       __func__, rep_pl->data_lenfmt);
1084 		rc = -EIO;
1085 		goto out;
1086 	}
1087 	if (n > *outbufsize) {
1088 		ZCRYPT_DBF_ERR("%s mismatch reply data len %d / output buffer %zu\n",
1089 			       __func__, n, *outbufsize);
1090 		rc = -ENOSPC;
1091 		goto out;
1092 	}
1093 
1094 	memcpy(outbuf, p, n);
1095 	*outbufsize = n;
1096 
1097 out:
1098 	kfree(req);
1099 	kfree(rep);
1100 	kfree(urb);
1101 	return rc;
1102 }
1103 
_ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize)1104 static int _ep11_unwrapkey(u16 card, u16 domain,
1105 			   const u8 *kek, size_t keksize,
1106 			   const u8 *enckey, size_t enckeysize,
1107 			   u32 mech, const u8 *iv,
1108 			   u32 keybitsize, u32 keygenflags,
1109 			   u8 *keybuf, size_t *keybufsize)
1110 {
1111 	struct uw_req_pl {
1112 		struct pl_head head;
1113 		u8  attr_tag;
1114 		u8  attr_len;
1115 		u32 attr_header;
1116 		u32 attr_bool_mask;
1117 		u32 attr_bool_bits;
1118 		u32 attr_key_type;
1119 		u32 attr_key_type_value;
1120 		u32 attr_val_len;
1121 		u32 attr_val_len_value;
1122 		u8  mech_tag;
1123 		u8  mech_len;
1124 		u32 mech;
1125 		/*
1126 		 * maybe followed by iv data
1127 		 * followed by kek tag + kek blob
1128 		 * followed by empty mac tag
1129 		 * followed by empty pin tag or empty pinblob tag
1130 		 * followed by encryted key tag + bytes
1131 		 */
1132 	} __packed * req_pl;
1133 	struct uw_rep_pl {
1134 		struct pl_head head;
1135 		u8  rc_tag;
1136 		u8  rc_len;
1137 		u32 rc;
1138 		u8  data_tag;
1139 		u8  data_lenfmt;
1140 		u16 data_len;
1141 		u8  data[512];
1142 	} __packed * rep_pl;
1143 	struct ep11_cprb *req = NULL, *rep = NULL;
1144 	size_t req_pl_size, pinblob_size = 0;
1145 	struct ep11_target_dev target;
1146 	struct ep11_urb *urb = NULL;
1147 	int api, rc = -ENOMEM;
1148 	u8 *p;
1149 
1150 	/* request cprb and payload */
1151 	api = (!keygenflags || keygenflags & 0x00200000) ?
1152 		EP11_API_V4 : EP11_API_V1;
1153 	if (ap_is_se_guest()) {
1154 		/*
1155 		 * unwrap within SE environment requires API ordinal 6
1156 		 * with empty pinblob
1157 		 */
1158 		api = EP11_API_V6;
1159 		pinblob_size = EP11_PINBLOB_V1_BYTES;
1160 	}
1161 	req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0)
1162 		+ ASN1TAGLEN(keksize) + ASN1TAGLEN(0)
1163 		+ ASN1TAGLEN(pinblob_size) + ASN1TAGLEN(enckeysize);
1164 	req = alloc_cprb(req_pl_size);
1165 	if (!req)
1166 		goto out;
1167 	req_pl = (struct uw_req_pl *)(((u8 *)req) + sizeof(*req));
1168 	prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */
1169 	req_pl->attr_tag = 0x04;
1170 	req_pl->attr_len = 7 * sizeof(u32);
1171 	req_pl->attr_header = 0x10020000;
1172 	req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1173 	req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1174 	req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */
1175 	req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */
1176 	req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */
1177 	req_pl->attr_val_len_value = keybitsize / 8;
1178 	/* mech is mech + mech params (iv here) */
1179 	req_pl->mech_tag = 0x04;
1180 	req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1181 	req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1182 	p = ((u8 *)req_pl) + sizeof(*req_pl);
1183 	if (iv) {
1184 		memcpy(p, iv, 16);
1185 		p += 16;
1186 	}
1187 	/* kek */
1188 	p += asn1tag_write(p, 0x04, kek, keksize);
1189 	/* empty mac key tag */
1190 	*p++ = 0x04;
1191 	*p++ = 0;
1192 	/* pin tag */
1193 	*p++ = 0x04;
1194 	*p++ = pinblob_size;
1195 	p += pinblob_size;
1196 	/* encrypted key value tag and bytes */
1197 	p += asn1tag_write(p, 0x04, enckey, enckeysize);
1198 
1199 	/* reply cprb and payload */
1200 	rep = alloc_cprb(sizeof(struct uw_rep_pl));
1201 	if (!rep)
1202 		goto out;
1203 	rep_pl = (struct uw_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1204 
1205 	/* urb and target */
1206 	urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1207 	if (!urb)
1208 		goto out;
1209 	target.ap_id = card;
1210 	target.dom_id = domain;
1211 	prep_urb(urb, &target, 1,
1212 		 req, sizeof(*req) + req_pl_size,
1213 		 rep, sizeof(*rep) + sizeof(*rep_pl));
1214 
1215 	rc = zcrypt_send_ep11_cprb(urb);
1216 	if (rc) {
1217 		ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1218 			       __func__, (int)card, (int)domain, rc);
1219 		goto out;
1220 	}
1221 
1222 	/* check ep11 reply cprb */
1223 	rc = check_reply_cprb(rep, __func__);
1224 	if (rc)
1225 		goto out;
1226 
1227 	/* check payload */
1228 	rc = check_reply_pl((u8 *)rep_pl, __func__);
1229 	if (rc)
1230 		goto out;
1231 	if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1232 		ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1233 		rc = -EIO;
1234 		goto out;
1235 	}
1236 	if (rep_pl->data_len > *keybufsize) {
1237 		ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
1238 			       __func__);
1239 		rc = -ENOSPC;
1240 		goto out;
1241 	}
1242 
1243 	/* copy key blob */
1244 	memcpy(keybuf, rep_pl->data, rep_pl->data_len);
1245 	*keybufsize = rep_pl->data_len;
1246 
1247 out:
1248 	kfree(req);
1249 	kfree(rep);
1250 	kfree(urb);
1251 	return rc;
1252 }
1253 
ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u8 keybufver)1254 static int ep11_unwrapkey(u16 card, u16 domain,
1255 			  const u8 *kek, size_t keksize,
1256 			  const u8 *enckey, size_t enckeysize,
1257 			  u32 mech, const u8 *iv,
1258 			  u32 keybitsize, u32 keygenflags,
1259 			  u8 *keybuf, u32 *keybufsize,
1260 			  u8 keybufver)
1261 {
1262 	struct ep11kblob_header *hdr;
1263 	size_t hdr_size, pl_size;
1264 	u8 *pl;
1265 	int rc;
1266 
1267 	rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
1268 			   &hdr, &hdr_size, &pl, &pl_size);
1269 	if (rc)
1270 		return rc;
1271 
1272 	rc = _ep11_unwrapkey(card, domain, kek, keksize, enckey, enckeysize,
1273 			     mech, iv, keybitsize, keygenflags,
1274 			     pl, &pl_size);
1275 	if (rc)
1276 		return rc;
1277 
1278 	*keybufsize = hdr_size + pl_size;
1279 
1280 	/* update header information */
1281 	hdr = (struct ep11kblob_header *)keybuf;
1282 	hdr->type = TOKTYPE_NON_CCA;
1283 	hdr->len = *keybufsize;
1284 	hdr->version = keybufver;
1285 	hdr->bitlen = keybitsize;
1286 
1287 	return 0;
1288 }
1289 
_ep11_wrapkey(u16 card,u16 domain,const u8 * key,size_t keysize,u32 mech,const u8 * iv,u8 * databuf,size_t * datasize)1290 static int _ep11_wrapkey(u16 card, u16 domain,
1291 			 const u8 *key, size_t keysize,
1292 			 u32 mech, const u8 *iv,
1293 			 u8 *databuf, size_t *datasize)
1294 {
1295 	struct wk_req_pl {
1296 		struct pl_head head;
1297 		u8  var_tag;
1298 		u8  var_len;
1299 		u32 var;
1300 		u8  mech_tag;
1301 		u8  mech_len;
1302 		u32 mech;
1303 		/*
1304 		 * followed by iv data
1305 		 * followed by key tag + key blob
1306 		 * followed by dummy kek param
1307 		 * followed by dummy mac param
1308 		 */
1309 	} __packed * req_pl;
1310 	struct wk_rep_pl {
1311 		struct pl_head head;
1312 		u8  rc_tag;
1313 		u8  rc_len;
1314 		u32 rc;
1315 		u8  data_tag;
1316 		u8  data_lenfmt;
1317 		u16 data_len;
1318 		u8  data[1024];
1319 	} __packed * rep_pl;
1320 	struct ep11_cprb *req = NULL, *rep = NULL;
1321 	struct ep11_target_dev target;
1322 	struct ep11_urb *urb = NULL;
1323 	size_t req_pl_size;
1324 	int api, rc = -ENOMEM;
1325 	u8 *p;
1326 
1327 	/* request cprb and payload */
1328 	req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0)
1329 		+ ASN1TAGLEN(keysize) + 4;
1330 	req = alloc_cprb(req_pl_size);
1331 	if (!req)
1332 		goto out;
1333 	if (!mech || mech == 0x80060001)
1334 		req->flags |= 0x20; /* CPACF_WRAP needs special bit */
1335 	req_pl = (struct wk_req_pl *)(((u8 *)req) + sizeof(*req));
1336 	api = (!mech || mech == 0x80060001) ? /* CKM_IBM_CPACF_WRAP */
1337 		EP11_API_V4 : EP11_API_V1;
1338 	prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */
1339 	req_pl->var_tag = 0x04;
1340 	req_pl->var_len = sizeof(u32);
1341 	/* mech is mech + mech params (iv here) */
1342 	req_pl->mech_tag = 0x04;
1343 	req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1344 	req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */
1345 	p = ((u8 *)req_pl) + sizeof(*req_pl);
1346 	if (iv) {
1347 		memcpy(p, iv, 16);
1348 		p += 16;
1349 	}
1350 	/* key blob */
1351 	p += asn1tag_write(p, 0x04, key, keysize);
1352 	/* empty kek tag */
1353 	*p++ = 0x04;
1354 	*p++ = 0;
1355 	/* empty mac tag */
1356 	*p++ = 0x04;
1357 	*p++ = 0;
1358 
1359 	/* reply cprb and payload */
1360 	rep = alloc_cprb(sizeof(struct wk_rep_pl));
1361 	if (!rep)
1362 		goto out;
1363 	rep_pl = (struct wk_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1364 
1365 	/* urb and target */
1366 	urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1367 	if (!urb)
1368 		goto out;
1369 	target.ap_id = card;
1370 	target.dom_id = domain;
1371 	prep_urb(urb, &target, 1,
1372 		 req, sizeof(*req) + req_pl_size,
1373 		 rep, sizeof(*rep) + sizeof(*rep_pl));
1374 
1375 	rc = zcrypt_send_ep11_cprb(urb);
1376 	if (rc) {
1377 		ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1378 			       __func__, (int)card, (int)domain, rc);
1379 		goto out;
1380 	}
1381 
1382 	/* check ep11 reply cprb */
1383 	rc = check_reply_cprb(rep, __func__);
1384 	if (rc)
1385 		goto out;
1386 
1387 	/* check payload */
1388 	rc = check_reply_pl((u8 *)rep_pl, __func__);
1389 	if (rc)
1390 		goto out;
1391 	if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1392 		ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1393 		rc = -EIO;
1394 		goto out;
1395 	}
1396 	if (rep_pl->data_len > *datasize) {
1397 		ZCRYPT_DBF_ERR("%s mismatch reply data len / data buffer len\n",
1398 			       __func__);
1399 		rc = -ENOSPC;
1400 		goto out;
1401 	}
1402 
1403 	/* copy the data from the cprb to the data buffer */
1404 	memcpy(databuf, rep_pl->data, rep_pl->data_len);
1405 	*datasize = rep_pl->data_len;
1406 
1407 out:
1408 	kfree(req);
1409 	kfree(rep);
1410 	kfree(urb);
1411 	return rc;
1412 }
1413 
ep11_clr2keyblob(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,const u8 * clrkey,u8 * keybuf,u32 * keybufsize,u32 keytype)1414 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
1415 		     const u8 *clrkey, u8 *keybuf, u32 *keybufsize,
1416 		     u32 keytype)
1417 {
1418 	int rc;
1419 	u8 encbuf[64], *kek = NULL;
1420 	size_t clrkeylen, keklen, encbuflen = sizeof(encbuf);
1421 
1422 	if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) {
1423 		clrkeylen = keybitsize / 8;
1424 	} else {
1425 		ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
1426 			       __func__, keybitsize);
1427 		return -EINVAL;
1428 	}
1429 
1430 	/* allocate memory for the temp kek */
1431 	keklen = MAXEP11AESKEYBLOBSIZE;
1432 	kek = kmalloc(keklen, GFP_ATOMIC);
1433 	if (!kek) {
1434 		rc = -ENOMEM;
1435 		goto out;
1436 	}
1437 
1438 	/* Step 1: generate AES 256 bit random kek key */
1439 	rc = _ep11_genaeskey(card, domain, 256,
1440 			     0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */
1441 			     kek, &keklen);
1442 	if (rc) {
1443 		ZCRYPT_DBF_ERR("%s generate kek key failed, rc=%d\n",
1444 			       __func__, rc);
1445 		goto out;
1446 	}
1447 
1448 	/* Step 2: encrypt clear key value with the kek key */
1449 	rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen,
1450 			      clrkey, clrkeylen, encbuf, &encbuflen);
1451 	if (rc) {
1452 		ZCRYPT_DBF_ERR("%s encrypting key value with kek key failed, rc=%d\n",
1453 			       __func__, rc);
1454 		goto out;
1455 	}
1456 
1457 	/* Step 3: import the encrypted key value as a new key */
1458 	rc = ep11_unwrapkey(card, domain, kek, keklen,
1459 			    encbuf, encbuflen, 0, def_iv,
1460 			    keybitsize, 0, keybuf, keybufsize, keytype);
1461 	if (rc) {
1462 		ZCRYPT_DBF_ERR("%s importing key value as new key failed,, rc=%d\n",
1463 			       __func__, rc);
1464 		goto out;
1465 	}
1466 
1467 out:
1468 	kfree(kek);
1469 	return rc;
1470 }
1471 EXPORT_SYMBOL(ep11_clr2keyblob);
1472 
ep11_kblob2protkey(u16 card,u16 dom,const u8 * keyblob,u32 keybloblen,u8 * protkey,u32 * protkeylen,u32 * protkeytype)1473 int ep11_kblob2protkey(u16 card, u16 dom,
1474 		       const u8 *keyblob, u32 keybloblen,
1475 		       u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1476 {
1477 	struct ep11kblob_header *hdr;
1478 	struct ep11keyblob *key;
1479 	size_t wkbuflen, keylen;
1480 	struct wk_info {
1481 		u16 version;
1482 		u8  res1[16];
1483 		u32 pkeytype;
1484 		u32 pkeybitsize;
1485 		u64 pkeysize;
1486 		u8  res2[8];
1487 		u8  pkey[];
1488 	} __packed * wki;
1489 	u8 *wkbuf = NULL;
1490 	int rc = -EIO;
1491 
1492 	if (ep11_kb_decode((u8 *)keyblob, keybloblen, &hdr, NULL, &key, &keylen))
1493 		return -EINVAL;
1494 
1495 	if (hdr->version == TOKVER_EP11_AES) {
1496 		/* wipe overlayed header */
1497 		memset(hdr, 0, sizeof(*hdr));
1498 	}
1499 	/* !!! hdr is no longer a valid header !!! */
1500 
1501 	/* alloc temp working buffer */
1502 	wkbuflen = (keylen + AES_BLOCK_SIZE) & (~(AES_BLOCK_SIZE - 1));
1503 	wkbuf = kmalloc(wkbuflen, GFP_ATOMIC);
1504 	if (!wkbuf)
1505 		return -ENOMEM;
1506 
1507 	/* ep11 secure key -> protected key + info */
1508 	rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen,
1509 			   0, def_iv, wkbuf, &wkbuflen);
1510 	if (rc) {
1511 		ZCRYPT_DBF_ERR("%s rewrapping ep11 key to pkey failed, rc=%d\n",
1512 			       __func__, rc);
1513 		goto out;
1514 	}
1515 	wki = (struct wk_info *)wkbuf;
1516 
1517 	/* check struct version and pkey type */
1518 	if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) {
1519 		ZCRYPT_DBF_ERR("%s wk info version %d or pkeytype %d mismatch.\n",
1520 			       __func__, (int)wki->version, (int)wki->pkeytype);
1521 		rc = -EIO;
1522 		goto out;
1523 	}
1524 
1525 	/* check protected key type field */
1526 	switch (wki->pkeytype) {
1527 	case 1: /* AES */
1528 		switch (wki->pkeysize) {
1529 		case 16 + 32:
1530 			/* AES 128 protected key */
1531 			if (protkeytype)
1532 				*protkeytype = PKEY_KEYTYPE_AES_128;
1533 			break;
1534 		case 24 + 32:
1535 			/* AES 192 protected key */
1536 			if (protkeytype)
1537 				*protkeytype = PKEY_KEYTYPE_AES_192;
1538 			break;
1539 		case 32 + 32:
1540 			/* AES 256 protected key */
1541 			if (protkeytype)
1542 				*protkeytype = PKEY_KEYTYPE_AES_256;
1543 			break;
1544 		default:
1545 			ZCRYPT_DBF_ERR("%s unknown/unsupported AES pkeysize %d\n",
1546 				       __func__, (int)wki->pkeysize);
1547 			rc = -EIO;
1548 			goto out;
1549 		}
1550 		break;
1551 	case 3: /* EC-P */
1552 	case 4: /* EC-ED */
1553 	case 5: /* EC-BP */
1554 		if (protkeytype)
1555 			*protkeytype = PKEY_KEYTYPE_ECC;
1556 		break;
1557 	case 2: /* TDES */
1558 	default:
1559 		ZCRYPT_DBF_ERR("%s unknown/unsupported key type %d\n",
1560 			       __func__, (int)wki->pkeytype);
1561 		rc = -EIO;
1562 		goto out;
1563 	}
1564 
1565 	/* copy the translated protected key */
1566 	if (wki->pkeysize > *protkeylen) {
1567 		ZCRYPT_DBF_ERR("%s wk info pkeysize %llu > protkeysize %u\n",
1568 			       __func__, wki->pkeysize, *protkeylen);
1569 		rc = -EINVAL;
1570 		goto out;
1571 	}
1572 	memcpy(protkey, wki->pkey, wki->pkeysize);
1573 	*protkeylen = wki->pkeysize;
1574 
1575 out:
1576 	kfree(wkbuf);
1577 	return rc;
1578 }
1579 EXPORT_SYMBOL(ep11_kblob2protkey);
1580 
ep11_findcard2(u32 ** apqns,u32 * nr_apqns,u16 cardnr,u16 domain,int minhwtype,int minapi,const u8 * wkvp)1581 int ep11_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1582 		   int minhwtype, int minapi, const u8 *wkvp)
1583 {
1584 	struct zcrypt_device_status_ext *device_status;
1585 	u32 *_apqns = NULL, _nr_apqns = 0;
1586 	int i, card, dom, rc = -ENOMEM;
1587 	struct ep11_domain_info edi;
1588 	struct ep11_card_info eci;
1589 
1590 	/* fetch status of all crypto cards */
1591 	device_status = kvcalloc(MAX_ZDEV_ENTRIES_EXT,
1592 				 sizeof(struct zcrypt_device_status_ext),
1593 				 GFP_KERNEL);
1594 	if (!device_status)
1595 		return -ENOMEM;
1596 	zcrypt_device_status_mask_ext(device_status);
1597 
1598 	/* allocate 1k space for up to 256 apqns */
1599 	_apqns = kmalloc_array(256, sizeof(u32), GFP_KERNEL);
1600 	if (!_apqns) {
1601 		kvfree(device_status);
1602 		return -ENOMEM;
1603 	}
1604 
1605 	/* walk through all the crypto apqnss */
1606 	for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1607 		card = AP_QID_CARD(device_status[i].qid);
1608 		dom = AP_QID_QUEUE(device_status[i].qid);
1609 		/* check online state */
1610 		if (!device_status[i].online)
1611 			continue;
1612 		/* check for ep11 functions */
1613 		if (!(device_status[i].functions & 0x01))
1614 			continue;
1615 		/* check cardnr */
1616 		if (cardnr != 0xFFFF && card != cardnr)
1617 			continue;
1618 		/* check domain */
1619 		if (domain != 0xFFFF && dom != domain)
1620 			continue;
1621 		/* check min hardware type */
1622 		if (minhwtype && device_status[i].hwtype < minhwtype)
1623 			continue;
1624 		/* check min api version if given */
1625 		if (minapi > 0) {
1626 			if (ep11_get_card_info(card, &eci, 0))
1627 				continue;
1628 			if (minapi > eci.API_ord_nr)
1629 				continue;
1630 		}
1631 		/* check wkvp if given */
1632 		if (wkvp) {
1633 			if (ep11_get_domain_info(card, dom, &edi))
1634 				continue;
1635 			if (edi.cur_wk_state != '1')
1636 				continue;
1637 			if (memcmp(wkvp, edi.cur_wkvp, 16))
1638 				continue;
1639 		}
1640 		/* apqn passed all filtering criterons, add to the array */
1641 		if (_nr_apqns < 256)
1642 			_apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16)dom);
1643 	}
1644 
1645 	/* nothing found ? */
1646 	if (!_nr_apqns) {
1647 		kfree(_apqns);
1648 		rc = -ENODEV;
1649 	} else {
1650 		/* no re-allocation, simple return the _apqns array */
1651 		*apqns = _apqns;
1652 		*nr_apqns = _nr_apqns;
1653 		rc = 0;
1654 	}
1655 
1656 	kvfree(device_status);
1657 	return rc;
1658 }
1659 EXPORT_SYMBOL(ep11_findcard2);
1660 
zcrypt_ep11misc_exit(void)1661 void __exit zcrypt_ep11misc_exit(void)
1662 {
1663 	card_cache_free();
1664 }
1665