1 // SPDX-License-Identifier: GPL-2.0
32  * Key blobs smaller/bigger than these defines are rejected
33  * by the common code even before the individual setkey function
34  * is called. As paes can handle different kinds of key blobs
49 	 * key point to the memory where the key is stored.
50 	 * The code distinguishes by checking keylen against
53 	u8 *key;  member
59 			     const u8 *key,  in _key_to_kb()  argument
75 		/* clear key value, prepare pkey clear key token in keybuf */  in _key_to_kb()
76 		memset(kb->keybuf, 0, sizeof(kb->keybuf));  in _key_to_kb()
77 		h = (struct clearkey_header *) kb->keybuf;  in _key_to_kb()
78 		h->version = 0x02; /* TOKVER_CLEAR_KEY */  in _key_to_kb()
79 		h->keytype = (keylen - 8) >> 3;  in _key_to_kb()
80 		h->len = keylen;  in _key_to_kb()
81 		memcpy(kb->keybuf + sizeof(*h), key, keylen);  in _key_to_kb()
82 		kb->keylen = sizeof(*h) + keylen;  in _key_to_kb()
83 		kb->key = kb->keybuf;  in _key_to_kb()
86 		/* other key material, let pkey handle this */  in _key_to_kb()
87 		if (keylen <= sizeof(kb->keybuf))  in _key_to_kb()
88 			kb->key = kb->keybuf;  in _key_to_kb()
90 			kb->key = kmalloc(keylen, GFP_KERNEL);  in _key_to_kb()
91 			if (!kb->key)  in _key_to_kb()
92 				return -ENOMEM;  in _key_to_kb()
94 		memcpy(kb->key, key, keylen);  in _key_to_kb()
95 		kb->keylen = keylen;  in _key_to_kb()
104 	if (kb->key && kb->key != kb->keybuf  in _free_kb_keybuf()
105 	    && kb->keylen > sizeof(kb->keybuf)) {  in _free_kb_keybuf()
106 		kfree(kb->key);  in _free_kb_keybuf()
107 		kb->key = NULL;  in _free_kb_keybuf()
132 		if (i > 0 && ret == -EAGAIN && in_task())  in __paes_keyblob2pkey()
134 				return -EINTR;  in __paes_keyblob2pkey()
135 		ret = pkey_keyblob2pkey(kb->key, kb->keylen, pk);  in __paes_keyblob2pkey()
148 	ret = __paes_keyblob2pkey(&ctx->kb, &pkey);  in __paes_convert_key()
152 	spin_lock_bh(&ctx->pk_lock);  in __paes_convert_key()
153 	memcpy(&ctx->pk, &pkey, sizeof(pkey));  in __paes_convert_key()
154 	spin_unlock_bh(&ctx->pk_lock);  in __paes_convert_key()
163 	ctx->kb.key = NULL;  in ecb_paes_init()
164 	spin_lock_init(&ctx->pk_lock);  in ecb_paes_init()
173 	_free_kb_keybuf(&ctx->kb);  in ecb_paes_exit()
185 	/* Pick the correct function code based on the protected key type */  in __ecb_paes_set_key()
186 	fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KM_PAES_128 :  in __ecb_paes_set_key()
187 		(ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KM_PAES_192 :  in __ecb_paes_set_key()
188 		(ctx->pk.type == PKEY_KEYTYPE_AES_256) ? CPACF_KM_PAES_256 : 0;  in __ecb_paes_set_key()
190 	/* Check if the function code is available */  in __ecb_paes_set_key()
191 	ctx->fc = (fc && cpacf_test_func(&km_functions, fc)) ? fc : 0;  in __ecb_paes_set_key()
193 	return ctx->fc ? 0 : -EINVAL;  in __ecb_paes_set_key()
202 	_free_kb_keybuf(&ctx->kb);  in ecb_paes_set_key()
203 	rc = _key_to_kb(&ctx->kb, in_key, key_len);  in ecb_paes_set_key()
218 		u8 key[MAXPROTKEYSIZE];  in ecb_paes_crypt()  member
225 	spin_lock_bh(&ctx->pk_lock);  in ecb_paes_crypt()
226 	memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in ecb_paes_crypt()
227 	spin_unlock_bh(&ctx->pk_lock);  in ecb_paes_crypt()
231 		n = nbytes & ~(AES_BLOCK_SIZE - 1);  in ecb_paes_crypt()
232 		k = cpacf_km(ctx->fc | modifier, &param,  in ecb_paes_crypt()
235 			ret = skcipher_walk_done(&walk, nbytes - k);  in ecb_paes_crypt()
238 				return skcipher_walk_done(&walk, -EIO);  in ecb_paes_crypt()
239 			spin_lock_bh(&ctx->pk_lock);  in ecb_paes_crypt()
240 			memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in ecb_paes_crypt()
241 			spin_unlock_bh(&ctx->pk_lock);  in ecb_paes_crypt()
259 	.base.cra_driver_name	=	"ecb-paes-s390",
278 	ctx->kb.key = NULL;  in cbc_paes_init()
279 	spin_lock_init(&ctx->pk_lock);  in cbc_paes_init()
288 	_free_kb_keybuf(&ctx->kb);  in cbc_paes_exit()
300 	/* Pick the correct function code based on the protected key type */  in __cbc_paes_set_key()
301 	fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KMC_PAES_128 :  in __cbc_paes_set_key()
302 		(ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KMC_PAES_192 :  in __cbc_paes_set_key()
303 		(ctx->pk.type == PKEY_KEYTYPE_AES_256) ? CPACF_KMC_PAES_256 : 0;  in __cbc_paes_set_key()
305 	/* Check if the function code is available */  in __cbc_paes_set_key()
306 	ctx->fc = (fc && cpacf_test_func(&kmc_functions, fc)) ? fc : 0;  in __cbc_paes_set_key()
308 	return ctx->fc ? 0 : -EINVAL;  in __cbc_paes_set_key()
317 	_free_kb_keybuf(&ctx->kb);  in cbc_paes_set_key()
318 	rc = _key_to_kb(&ctx->kb, in_key, key_len);  in cbc_paes_set_key()
334 		u8 key[MAXPROTKEYSIZE];  in cbc_paes_crypt()  member
342 	spin_lock_bh(&ctx->pk_lock);  in cbc_paes_crypt()
343 	memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in cbc_paes_crypt()
344 	spin_unlock_bh(&ctx->pk_lock);  in cbc_paes_crypt()
348 		n = nbytes & ~(AES_BLOCK_SIZE - 1);  in cbc_paes_crypt()
349 		k = cpacf_kmc(ctx->fc | modifier, &param,  in cbc_paes_crypt()
353 			ret = skcipher_walk_done(&walk, nbytes - k);  in cbc_paes_crypt()
357 				return skcipher_walk_done(&walk, -EIO);  in cbc_paes_crypt()
358 			spin_lock_bh(&ctx->pk_lock);  in cbc_paes_crypt()
359 			memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in cbc_paes_crypt()
360 			spin_unlock_bh(&ctx->pk_lock);  in cbc_paes_crypt()
378 	.base.cra_driver_name	=	"cbc-paes-s390",
379 	.base.cra_priority	=	402,	/* ecb-paes-s390 + 1 */
398 	ctx->kb[0].key = NULL;  in xts_paes_init()
399 	ctx->kb[1].key = NULL;  in xts_paes_init()
400 	spin_lock_init(&ctx->pk_lock);  in xts_paes_init()
409 	_free_kb_keybuf(&ctx->kb[0]);  in xts_paes_exit()
410 	_free_kb_keybuf(&ctx->kb[1]);  in xts_paes_exit()
417 	if (__paes_keyblob2pkey(&ctx->kb[0], &pkey0) ||  in __xts_paes_convert_key()
418 	    __paes_keyblob2pkey(&ctx->kb[1], &pkey1))  in __xts_paes_convert_key()
419 		return -EINVAL;  in __xts_paes_convert_key()
421 	spin_lock_bh(&ctx->pk_lock);  in __xts_paes_convert_key()
422 	memcpy(&ctx->pk[0], &pkey0, sizeof(pkey0));  in __xts_paes_convert_key()
423 	memcpy(&ctx->pk[1], &pkey1, sizeof(pkey1));  in __xts_paes_convert_key()
424 	spin_unlock_bh(&ctx->pk_lock);  in __xts_paes_convert_key()
434 		return -EINVAL;  in __xts_paes_set_key()
436 	if (ctx->pk[0].type != ctx->pk[1].type)  in __xts_paes_set_key()
437 		return -EINVAL;  in __xts_paes_set_key()
439 	/* Pick the correct function code based on the protected key type */  in __xts_paes_set_key()
440 	fc = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? CPACF_KM_PXTS_128 :  in __xts_paes_set_key()
441 		(ctx->pk[0].type == PKEY_KEYTYPE_AES_256) ?  in __xts_paes_set_key()
444 	/* Check if the function code is available */  in __xts_paes_set_key()
445 	ctx->fc = (fc && cpacf_test_func(&km_functions, fc)) ? fc : 0;  in __xts_paes_set_key()
447 	return ctx->fc ? 0 : -EINVAL;  in __xts_paes_set_key()
459 		return -EINVAL;  in xts_paes_set_key()
463 	_free_kb_keybuf(&ctx->kb[0]);  in xts_paes_set_key()
464 	_free_kb_keybuf(&ctx->kb[1]);  in xts_paes_set_key()
465 	rc = _key_to_kb(&ctx->kb[0], in_key, key_len);  in xts_paes_set_key()
468 	rc = _key_to_kb(&ctx->kb[1], in_key + key_len, key_len);  in xts_paes_set_key()
477 	 * xts_check_key verifies the key length is not odd and makes  in xts_paes_set_key()
481 	ckey_len = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ?  in xts_paes_set_key()
483 	memcpy(ckey, ctx->pk[0].protkey, ckey_len);  in xts_paes_set_key()
484 	memcpy(ckey + ckey_len, ctx->pk[1].protkey, ckey_len);  in xts_paes_set_key()
496 		u8 key[MAXPROTKEYSIZE];	/* key + verification pattern */  in xts_paes_crypt()  member
503 		u8 key[MAXPROTKEYSIZE];	/* key + verification pattern */  in xts_paes_crypt()  member
511 	keylen = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? 48 : 64;  in xts_paes_crypt()
512 	offset = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? 16 : 0;  in xts_paes_crypt()
516 	spin_lock_bh(&ctx->pk_lock);  in xts_paes_crypt()
517 	memcpy(pcc_param.key + offset, ctx->pk[1].protkey, keylen);  in xts_paes_crypt()
518 	memcpy(xts_param.key + offset, ctx->pk[0].protkey, keylen);  in xts_paes_crypt()
519 	spin_unlock_bh(&ctx->pk_lock);  in xts_paes_crypt()
520 	cpacf_pcc(ctx->fc, pcc_param.key + offset);  in xts_paes_crypt()
525 		n = nbytes & ~(AES_BLOCK_SIZE - 1);  in xts_paes_crypt()
526 		k = cpacf_km(ctx->fc | modifier, xts_param.key + offset,  in xts_paes_crypt()
529 			ret = skcipher_walk_done(&walk, nbytes - k);  in xts_paes_crypt()
532 				return skcipher_walk_done(&walk, -EIO);  in xts_paes_crypt()
533 			spin_lock_bh(&ctx->pk_lock);  in xts_paes_crypt()
534 			memcpy(xts_param.key + offset,  in xts_paes_crypt()
535 			       ctx->pk[0].protkey, keylen);  in xts_paes_crypt()
536 			spin_unlock_bh(&ctx->pk_lock);  in xts_paes_crypt()
555 	.base.cra_driver_name	=	"xts-paes-s390",
556 	.base.cra_priority	=	402,	/* ecb-paes-s390 + 1 */
575 	ctx->kb.key = NULL;  in ctr_paes_init()
576 	spin_lock_init(&ctx->pk_lock);  in ctr_paes_init()
585 	_free_kb_keybuf(&ctx->kb);  in ctr_paes_exit()
597 	/* Pick the correct function code based on the protected key type */  in __ctr_paes_set_key()
598 	fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KMCTR_PAES_128 :  in __ctr_paes_set_key()
599 		(ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KMCTR_PAES_192 :  in __ctr_paes_set_key()
600 		(ctx->pk.type == PKEY_KEYTYPE_AES_256) ?  in __ctr_paes_set_key()
603 	/* Check if the function code is available */  in __ctr_paes_set_key()
604 	ctx->fc = (fc && cpacf_test_func(&kmctr_functions, fc)) ? fc : 0;  in __ctr_paes_set_key()
606 	return ctx->fc ? 0 : -EINVAL;  in __ctr_paes_set_key()
615 	_free_kb_keybuf(&ctx->kb);  in ctr_paes_set_key()
616 	rc = _key_to_kb(&ctx->kb, in_key, key_len);  in ctr_paes_set_key()
629 	n = (nbytes > PAGE_SIZE) ? PAGE_SIZE : nbytes & ~(AES_BLOCK_SIZE - 1);  in __ctrblk_init()
630 	for (i = (n / AES_BLOCK_SIZE) - 1; i > 0; i--) {  in __ctrblk_init()
647 		u8 key[MAXPROTKEYSIZE];  in ctr_paes_crypt()  member
654 	spin_lock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
655 	memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in ctr_paes_crypt()
656 	spin_unlock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
665 		k = cpacf_kmctr(ctx->fc, &param, walk.dst.virt.addr,  in ctr_paes_crypt()
669 				memcpy(walk.iv, ctrptr + k - AES_BLOCK_SIZE,  in ctr_paes_crypt()
672 			ret = skcipher_walk_done(&walk, nbytes - k);  in ctr_paes_crypt()
678 				return skcipher_walk_done(&walk, -EIO);  in ctr_paes_crypt()
680 			spin_lock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
681 			memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in ctr_paes_crypt()
682 			spin_unlock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
692 			if (cpacf_kmctr(ctx->fc, &param, buf,  in ctr_paes_crypt()
697 				return skcipher_walk_done(&walk, -EIO);  in ctr_paes_crypt()
698 			spin_lock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
699 			memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE);  in ctr_paes_crypt()
700 			spin_unlock_bh(&ctx->pk_lock);  in ctr_paes_crypt()
712 	.base.cra_driver_name	=	"ctr-paes-s390",
713 	.base.cra_priority	=	402,	/* ecb-paes-s390 + 1 */
731 	if (!list_empty(&alg->base.cra_list))  in __crypto_unregister_skcipher()
782 			ret = -ENOMEM;  in paes_s390_init()