1/* 2 * include/asm-s390/zcrypt.h 3 * 4 * zcrypt 2.1.0 (user-visible header) 5 * 6 * Copyright IBM Corp. 2001, 2006 7 * Author(s): Robert Burroughs 8 * Eric Rossman (edrossma@us.ibm.com) 9 * 10 * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com) 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License as published by 14 * the Free Software Foundation; either version 2, or (at your option) 15 * any later version. 16 * 17 * This program is distributed in the hope that it will be useful, 18 * but WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 * GNU General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, write to the Free Software 24 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 25 */ 26 27#ifndef __ASM_S390_ZCRYPT_H 28#define __ASM_S390_ZCRYPT_H 29 30#define ZCRYPT_VERSION 2 31#define ZCRYPT_RELEASE 1 32#define ZCRYPT_VARIANT 1 33 34#include <linux/ioctl.h> 35#include <linux/compiler.h> 36 37/** 38 * struct ica_rsa_modexpo 39 * 40 * Requirements: 41 * - outputdatalength is at least as large as inputdatalength. 42 * - All key parts are right justified in their fields, padded on 43 * the left with zeroes. 44 * - length(b_key) = inputdatalength 45 * - length(n_modulus) = inputdatalength 46 */ 47struct ica_rsa_modexpo { 48 char __user * inputdata; 49 unsigned int inputdatalength; 50 char __user * outputdata; 51 unsigned int outputdatalength; 52 char __user * b_key; 53 char __user * n_modulus; 54}; 55 56/** 57 * struct ica_rsa_modexpo_crt 58 * 59 * Requirements: 60 * - inputdatalength is even. 61 * - outputdatalength is at least as large as inputdatalength. 62 * - All key parts are right justified in their fields, padded on 63 * the left with zeroes. 64 * - length(bp_key) = inputdatalength/2 + 8 65 * - length(bq_key) = inputdatalength/2 66 * - length(np_key) = inputdatalength/2 + 8 67 * - length(nq_key) = inputdatalength/2 68 * - length(u_mult_inv) = inputdatalength/2 + 8 69 */ 70struct ica_rsa_modexpo_crt { 71 char __user * inputdata; 72 unsigned int inputdatalength; 73 char __user * outputdata; 74 unsigned int outputdatalength; 75 char __user * bp_key; 76 char __user * bq_key; 77 char __user * np_prime; 78 char __user * nq_prime; 79 char __user * u_mult_inv; 80}; 81 82/** 83 * CPRBX 84 * Note that all shorts and ints are big-endian. 85 * All pointer fields are 16 bytes long, and mean nothing. 86 * 87 * A request CPRB is followed by a request_parameter_block. 88 * 89 * The request (or reply) parameter block is organized thus: 90 * function code 91 * VUD block 92 * key block 93 */ 94struct CPRBX { 95 unsigned short cprb_len; /* CPRB length 220 */ 96 unsigned char cprb_ver_id; /* CPRB version id. 0x02 */ 97 unsigned char pad_000[3]; /* Alignment pad bytes */ 98 unsigned char func_id[2]; /* function id 0x5432 */ 99 unsigned char cprb_flags[4]; /* Flags */ 100 unsigned int req_parml; /* request parameter buffer len */ 101 unsigned int req_datal; /* request data buffer */ 102 unsigned int rpl_msgbl; /* reply message block length */ 103 unsigned int rpld_parml; /* replied parameter block len */ 104 unsigned int rpl_datal; /* reply data block len */ 105 unsigned int rpld_datal; /* replied data block len */ 106 unsigned int req_extbl; /* request extension block len */ 107 unsigned char pad_001[4]; /* reserved */ 108 unsigned int rpld_extbl; /* replied extension block len */ 109 unsigned char padx000[16 - sizeof (char *)]; 110 unsigned char * req_parmb; /* request parm block 'address' */ 111 unsigned char padx001[16 - sizeof (char *)]; 112 unsigned char * req_datab; /* request data block 'address' */ 113 unsigned char padx002[16 - sizeof (char *)]; 114 unsigned char * rpl_parmb; /* reply parm block 'address' */ 115 unsigned char padx003[16 - sizeof (char *)]; 116 unsigned char * rpl_datab; /* reply data block 'address' */ 117 unsigned char padx004[16 - sizeof (char *)]; 118 unsigned char * req_extb; /* request extension block 'addr'*/ 119 unsigned char padx005[16 - sizeof (char *)]; 120 unsigned char * rpl_extb; /* reply extension block 'address'*/ 121 unsigned short ccp_rtcode; /* server return code */ 122 unsigned short ccp_rscode; /* server reason code */ 123 unsigned int mac_data_len; /* Mac Data Length */ 124 unsigned char logon_id[8]; /* Logon Identifier */ 125 unsigned char mac_value[8]; /* Mac Value */ 126 unsigned char mac_content_flgs;/* Mac content flag byte */ 127 unsigned char pad_002; /* Alignment */ 128 unsigned short domain; /* Domain */ 129 unsigned char usage_domain[4];/* Usage domain */ 130 unsigned char cntrl_domain[4];/* Control domain */ 131 unsigned char S390enf_mask[4];/* S/390 enforcement mask */ 132 unsigned char pad_004[36]; /* reserved */ 133} __attribute__((packed)); 134 135/** 136 * xcRB 137 */ 138struct ica_xcRB { 139 unsigned short agent_ID; 140 unsigned int user_defined; 141 unsigned short request_ID; 142 unsigned int request_control_blk_length; 143 unsigned char padding1[16 - sizeof (char *)]; 144 char __user * request_control_blk_addr; 145 unsigned int request_data_length; 146 char padding2[16 - sizeof (char *)]; 147 char __user * request_data_address; 148 unsigned int reply_control_blk_length; 149 char padding3[16 - sizeof (char *)]; 150 char __user * reply_control_blk_addr; 151 unsigned int reply_data_length; 152 char padding4[16 - sizeof (char *)]; 153 char __user * reply_data_addr; 154 unsigned short priority_window; 155 unsigned int status; 156} __attribute__((packed)); 157#define AUTOSELECT ((unsigned int)0xFFFFFFFF) 158 159#define ZCRYPT_IOCTL_MAGIC 'z' 160 161/** 162 * Interface notes: 163 * 164 * The ioctl()s which are implemented (along with relevant details) 165 * are: 166 * 167 * ICARSAMODEXPO 168 * Perform an RSA operation using a Modulus-Exponent pair 169 * This takes an ica_rsa_modexpo struct as its arg. 170 * 171 * NOTE: please refer to the comments preceding this structure 172 * for the implementation details for the contents of the 173 * block 174 * 175 * ICARSACRT 176 * Perform an RSA operation using a Chinese-Remainder Theorem key 177 * This takes an ica_rsa_modexpo_crt struct as its arg. 178 * 179 * NOTE: please refer to the comments preceding this structure 180 * for the implementation details for the contents of the 181 * block 182 * 183 * ZSECSENDCPRB 184 * Send an arbitrary CPRB to a crypto card. 185 * 186 * Z90STAT_STATUS_MASK 187 * Return an 64 element array of unsigned chars for the status of 188 * all devices. 189 * 0x01: PCICA 190 * 0x02: PCICC 191 * 0x03: PCIXCC_MCL2 192 * 0x04: PCIXCC_MCL3 193 * 0x05: CEX2C 194 * 0x06: CEX2A 195 * 0x0d: device is disabled via the proc filesystem 196 * 197 * Z90STAT_QDEPTH_MASK 198 * Return an 64 element array of unsigned chars for the queue 199 * depth of all devices. 200 * 201 * Z90STAT_PERDEV_REQCNT 202 * Return an 64 element array of unsigned integers for the number 203 * of successfully completed requests per device since the device 204 * was detected and made available. 205 * 206 * Z90STAT_REQUESTQ_COUNT 207 * Return an integer count of the number of entries waiting to be 208 * sent to a device. 209 * 210 * Z90STAT_PENDINGQ_COUNT 211 * Return an integer count of the number of entries sent to all 212 * devices awaiting the reply. 213 * 214 * Z90STAT_TOTALOPEN_COUNT 215 * Return an integer count of the number of open file handles. 216 * 217 * Z90STAT_DOMAIN_INDEX 218 * Return the integer value of the Cryptographic Domain. 219 * 220 * The following ioctls are deprecated and should be no longer used: 221 * 222 * Z90STAT_TOTALCOUNT 223 * Return an integer count of all device types together. 224 * 225 * Z90STAT_PCICACOUNT 226 * Return an integer count of all PCICAs. 227 * 228 * Z90STAT_PCICCCOUNT 229 * Return an integer count of all PCICCs. 230 * 231 * Z90STAT_PCIXCCMCL2COUNT 232 * Return an integer count of all MCL2 PCIXCCs. 233 * 234 * Z90STAT_PCIXCCMCL3COUNT 235 * Return an integer count of all MCL3 PCIXCCs. 236 * 237 * Z90STAT_CEX2CCOUNT 238 * Return an integer count of all CEX2Cs. 239 * 240 * Z90STAT_CEX2ACOUNT 241 * Return an integer count of all CEX2As. 242 * 243 * ICAZ90STATUS 244 * Return some device driver status in a ica_z90_status struct 245 * This takes an ica_z90_status struct as its arg. 246 * 247 * Z90STAT_PCIXCCCOUNT 248 * Return an integer count of all PCIXCCs (MCL2 + MCL3). 249 * This is DEPRECATED now that MCL3 PCIXCCs are treated differently from 250 * MCL2 PCIXCCs. 251 */ 252 253/** 254 * Supported ioctl calls 255 */ 256#define ICARSAMODEXPO _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x05, 0) 257#define ICARSACRT _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x06, 0) 258#define ZSECSENDCPRB _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x81, 0) 259 260/* New status calls */ 261#define Z90STAT_TOTALCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x40, int) 262#define Z90STAT_PCICACOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x41, int) 263#define Z90STAT_PCICCCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x42, int) 264#define Z90STAT_PCIXCCMCL2COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4b, int) 265#define Z90STAT_PCIXCCMCL3COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4c, int) 266#define Z90STAT_CEX2CCOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4d, int) 267#define Z90STAT_CEX2ACOUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4e, int) 268#define Z90STAT_REQUESTQ_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x44, int) 269#define Z90STAT_PENDINGQ_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x45, int) 270#define Z90STAT_TOTALOPEN_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x46, int) 271#define Z90STAT_DOMAIN_INDEX _IOR(ZCRYPT_IOCTL_MAGIC, 0x47, int) 272#define Z90STAT_STATUS_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x48, char[64]) 273#define Z90STAT_QDEPTH_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x49, char[64]) 274#define Z90STAT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4a, int[64]) 275 276#endif /* __ASM_S390_ZCRYPT_H */ 277