2006-09-20 21:58:27 +08:00
|
|
|
/*
|
2006-09-20 21:58:36 +08:00
|
|
|
* zcrypt 2.1.0
|
2006-09-20 21:58:27 +08:00
|
|
|
*
|
2012-08-28 22:45:36 +08:00
|
|
|
* Copyright IBM Corp. 2001, 2012
|
2006-09-20 21:58:27 +08:00
|
|
|
* Author(s): Robert Burroughs
|
|
|
|
* Eric Rossman (edrossma@us.ibm.com)
|
|
|
|
* Cornelia Huck <cornelia.huck@de.ibm.com>
|
|
|
|
*
|
|
|
|
* Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
|
|
|
|
* Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
|
|
|
|
* Ralph Wuerthner <rwuerthn@de.ibm.com>
|
2012-08-28 22:45:36 +08:00
|
|
|
* MSGTYPE restruct: Holger Dengler <hd@linux.vnet.ibm.com>
|
2006-09-20 21:58:27 +08:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation; either version 2, or (at your option)
|
|
|
|
* any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _ZCRYPT_API_H_
|
|
|
|
#define _ZCRYPT_API_H_
|
|
|
|
|
2012-09-11 03:34:26 +08:00
|
|
|
#include <linux/atomic.h>
|
|
|
|
#include <asm/debug.h>
|
2006-09-20 21:58:27 +08:00
|
|
|
#include <asm/zcrypt.h>
|
2012-09-11 03:34:26 +08:00
|
|
|
#include "ap_bus.h"
|
2006-09-20 21:58:27 +08:00
|
|
|
|
|
|
|
/* deprecated status calls */
|
|
|
|
#define ICAZ90STATUS _IOR(ZCRYPT_IOCTL_MAGIC, 0x10, struct ica_z90_status)
|
|
|
|
#define Z90STAT_PCIXCCCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x43, int)
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This structure is deprecated and the corresponding ioctl() has been
|
|
|
|
* replaced with individual ioctl()s for each piece of data!
|
|
|
|
*/
|
|
|
|
struct ica_z90_status {
|
|
|
|
int totalcount;
|
|
|
|
int leedslitecount; // PCICA
|
|
|
|
int leeds2count; // PCICC
|
|
|
|
// int PCIXCCCount; is not in struct for backward compatibility
|
|
|
|
int requestqWaitCount;
|
|
|
|
int pendingqWaitCount;
|
|
|
|
int totalOpenCount;
|
|
|
|
int cryptoDomain;
|
|
|
|
// status: 0=not there, 1=PCICA, 2=PCICC, 3=PCIXCC_MCL2, 4=PCIXCC_MCL3,
|
|
|
|
// 5=CEX2C
|
|
|
|
unsigned char status[64];
|
|
|
|
// qdepth: # work elements waiting for each device
|
|
|
|
unsigned char qdepth[64];
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* device type for an actual device is either PCICA, PCICC, PCIXCC_MCL2,
|
|
|
|
* PCIXCC_MCL3, CEX2C, or CEX2A
|
|
|
|
*
|
|
|
|
* NOTE: PCIXCC_MCL3 refers to a PCIXCC with May 2004 version of Licensed
|
|
|
|
* Internal Code (LIC) (EC J12220 level 29).
|
|
|
|
* PCIXCC_MCL2 refers to any LIC before this level.
|
|
|
|
*/
|
|
|
|
#define ZCRYPT_PCICA 1
|
|
|
|
#define ZCRYPT_PCICC 2
|
|
|
|
#define ZCRYPT_PCIXCC_MCL2 3
|
|
|
|
#define ZCRYPT_PCIXCC_MCL3 4
|
|
|
|
#define ZCRYPT_CEX2C 5
|
|
|
|
#define ZCRYPT_CEX2A 6
|
2009-12-07 19:51:57 +08:00
|
|
|
#define ZCRYPT_CEX3C 7
|
|
|
|
#define ZCRYPT_CEX3A 8
|
2013-11-20 17:47:13 +08:00
|
|
|
#define ZCRYPT_CEX4 10
|
2015-01-23 21:56:25 +08:00
|
|
|
#define ZCRYPT_CEX5 11
|
2006-09-20 21:58:27 +08:00
|
|
|
|
2008-04-17 13:46:15 +08:00
|
|
|
/**
|
|
|
|
* Large random numbers are pulled in 4096 byte chunks from the crypto cards
|
2011-03-31 09:57:33 +08:00
|
|
|
* and stored in a page. Be careful when increasing this buffer due to size
|
2008-04-17 13:46:15 +08:00
|
|
|
* limitations for AP requests.
|
|
|
|
*/
|
|
|
|
#define ZCRYPT_RNG_BUFFER_SIZE 4096
|
|
|
|
|
2006-09-20 21:58:27 +08:00
|
|
|
struct zcrypt_device;
|
|
|
|
|
|
|
|
struct zcrypt_ops {
|
|
|
|
long (*rsa_modexpo)(struct zcrypt_device *, struct ica_rsa_modexpo *);
|
|
|
|
long (*rsa_modexpo_crt)(struct zcrypt_device *,
|
|
|
|
struct ica_rsa_modexpo_crt *);
|
2006-09-20 21:58:36 +08:00
|
|
|
long (*send_cprb)(struct zcrypt_device *, struct ica_xcRB *);
|
2013-11-20 17:47:13 +08:00
|
|
|
long (*send_ep11_cprb)(struct zcrypt_device *, struct ep11_urb *);
|
2008-04-17 13:46:15 +08:00
|
|
|
long (*rng)(struct zcrypt_device *, char *);
|
2012-08-28 22:45:36 +08:00
|
|
|
struct list_head list; /* zcrypt ops list. */
|
|
|
|
struct module *owner;
|
|
|
|
int variant;
|
s390/zcrypt: Fix initialisation when zcrypt is built-in
ap_bus and zcrypt_api assumed module information to always be present
and initialisation to be done in module loading order (symbol
dependencies). These assumptions don't hold if zcrypt is built-in;
THIS_MODULE will be NULL in this case and init call order is linker
order, i.e. Makefile order.
Fix initialisation order by ordering the object files in the Makefile
according to their dependencies, like the module loader would do.
Fix message type registration by using a dedicated "name" field rather
than piggy-backing on the module ("owner") information. There's no
change to the requirement that module name and msgtype name are
identical. The existing name macros are used.
We don't need any special code for dealing with the drivers being
built-in; the generic module support code already does the right
thing.
Test results:
1. CONFIG_MODULES=y, CONFIG_ZCRYPT=y
KVM: boots, no /sys/bus/ap (expected)
LPAR with CEX5: boots, /sys/bus/ap/devices/card*/type present
2. CONFIG_MODULES=y, CONFIG_ZCRYPT=m=:
KVM: boots, loading zcrypt_cex4 (and ap) fails (expected)
LPAR with CEX5: boots, loading =zcrypt_cex4= succeeds,
/sys/bus/ap/devices/card*/type present after explicit module
loading
3. CONFIG_MODULES unset, CONFIG_ZCRYPT=y:
KVM: boots, no /sys/bus/ap (expected)
LPAR with CEX5: boots, /sys/bus/ap/devices/card*/type present
No further testing (user-space functionality) was done.
Fixes: 3b6245fd303f ("s390/zcrypt: Separate msgtype implementation from card modules.")
Signed-off-by: Sascha Silbe <silbe@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-10-28 18:06:08 +08:00
|
|
|
char name[128];
|
2006-09-20 21:58:27 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
struct zcrypt_device {
|
|
|
|
struct list_head list; /* Device list. */
|
|
|
|
spinlock_t lock; /* Per device lock. */
|
|
|
|
struct kref refcount; /* device refcounting */
|
|
|
|
struct ap_device *ap_dev; /* The "real" ap device. */
|
|
|
|
struct zcrypt_ops *ops; /* Crypto operations. */
|
|
|
|
int online; /* User online/offline */
|
|
|
|
|
|
|
|
int user_space_type; /* User space device id. */
|
|
|
|
char *type_string; /* User space device name. */
|
|
|
|
int min_mod_size; /* Min number of bits. */
|
|
|
|
int max_mod_size; /* Max number of bits. */
|
|
|
|
int short_crt; /* Card has crt length restriction. */
|
|
|
|
int speed_rating; /* Speed of the crypto device. */
|
|
|
|
|
|
|
|
int request_count; /* # current requests. */
|
|
|
|
|
|
|
|
struct ap_message reply; /* Per-device reply structure. */
|
2011-01-05 19:47:47 +08:00
|
|
|
int max_exp_bit_length;
|
2012-09-11 03:34:26 +08:00
|
|
|
|
|
|
|
debug_info_t *dbf_area; /* debugging */
|
2006-09-20 21:58:27 +08:00
|
|
|
};
|
|
|
|
|
2012-09-11 03:34:26 +08:00
|
|
|
/* transport layer rescanning */
|
|
|
|
extern atomic_t zcrypt_rescan_req;
|
|
|
|
|
2006-09-20 21:58:27 +08:00
|
|
|
struct zcrypt_device *zcrypt_device_alloc(size_t);
|
|
|
|
void zcrypt_device_free(struct zcrypt_device *);
|
|
|
|
void zcrypt_device_get(struct zcrypt_device *);
|
|
|
|
int zcrypt_device_put(struct zcrypt_device *);
|
|
|
|
int zcrypt_device_register(struct zcrypt_device *);
|
|
|
|
void zcrypt_device_unregister(struct zcrypt_device *);
|
2012-08-28 22:45:36 +08:00
|
|
|
void zcrypt_msgtype_register(struct zcrypt_ops *);
|
|
|
|
void zcrypt_msgtype_unregister(struct zcrypt_ops *);
|
|
|
|
struct zcrypt_ops *zcrypt_msgtype_request(unsigned char *, int);
|
|
|
|
void zcrypt_msgtype_release(struct zcrypt_ops *);
|
2006-09-20 21:58:27 +08:00
|
|
|
int zcrypt_api_init(void);
|
|
|
|
void zcrypt_api_exit(void);
|
|
|
|
|
|
|
|
#endif /* _ZCRYPT_API_H_ */
|