LXR linux/arch/s390/include/uapi/asm/zcrypt.h

   1/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
   2/*
   3 *  include/asm-s390/zcrypt.h
   4 *
   5 *  zcrypt 2.2.1 (user-visible header)
   6 *
   7 *  Copyright IBM Corp. 2001, 2019
   8 *  Author(s): Robert Burroughs
   9 *             Eric Rossman (edrossma@us.ibm.com)
  10 *
  11 *  Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
  12 */
  13
  14#ifndef __ASM_S390_ZCRYPT_H
  15#define __ASM_S390_ZCRYPT_H
  16
  17#define ZCRYPT_VERSION 2
  18#define ZCRYPT_RELEASE 2
  19#define ZCRYPT_VARIANT 1
  20
  21#include <linux/ioctl.h>
  22#include <linux/compiler.h>
  23#include <linux/types.h>
  24
  25/* Name of the zcrypt device driver. */
  26#define ZCRYPT_NAME "zcrypt"
  27
  28/**
  29 * struct ica_rsa_modexpo
  30 *
  31 * Requirements:
  32 * - outputdatalength is at least as large as inputdatalength.
  33 * - All key parts are right justified in their fields, padded on
  34 *   the left with zeroes.
  35 * - length(b_key) = inputdatalength
  36 * - length(n_modulus) = inputdatalength
  37 */
  38struct ica_rsa_modexpo {
  39        __u8 __user  *inputdata;
  40        __u32         inputdatalength;
  41        __u8 __user  *outputdata;
  42        __u32         outputdatalength;
  43        __u8 __user  *b_key;
  44        __u8 __user  *n_modulus;
  45};
  46
  47/**
  48 * struct ica_rsa_modexpo_crt
  49 *
  50 * Requirements:
  51 * - inputdatalength is even.
  52 * - outputdatalength is at least as large as inputdatalength.
  53 * - All key parts are right justified in their fields, padded on
  54 *   the left with zeroes.
  55 * - length(bp_key)     = inputdatalength/2 + 8
  56 * - length(bq_key)     = inputdatalength/2
  57 * - length(np_key)     = inputdatalength/2 + 8
  58 * - length(nq_key)     = inputdatalength/2
  59 * - length(u_mult_inv) = inputdatalength/2 + 8
  60 */
  61struct ica_rsa_modexpo_crt {
  62        __u8 __user  *inputdata;
  63        __u32         inputdatalength;
  64        __u8 __user  *outputdata;
  65        __u32         outputdatalength;
  66        __u8 __user  *bp_key;
  67        __u8 __user  *bq_key;
  68        __u8 __user  *np_prime;
  69        __u8 __user  *nq_prime;
  70        __u8 __user  *u_mult_inv;
  71};
  72
  73/**
  74 * CPRBX
  75 *        Note that all shorts and ints are big-endian.
  76 *        All pointer fields are 16 bytes long, and mean nothing.
  77 *
  78 *        A request CPRB is followed by a request_parameter_block.
  79 *
  80 *        The request (or reply) parameter block is organized thus:
  81 *          function code
  82 *          VUD block
  83 *          key block
  84 */
  85struct CPRBX {
  86        __u16        cprb_len;          /* CPRB length        220        */
  87        __u8         cprb_ver_id;       /* CPRB version id.   0x02       */
  88        __u8         pad_000[3];        /* Alignment pad bytes           */
  89        __u8         func_id[2];        /* function id        0x5432     */
  90        __u8         cprb_flags[4];     /* Flags                         */
  91        __u32        req_parml;         /* request parameter buffer len  */
  92        __u32        req_datal;         /* request data buffer           */
  93        __u32        rpl_msgbl;         /* reply  message block length   */
  94        __u32        rpld_parml;        /* replied parameter block len   */
  95        __u32        rpl_datal;         /* reply data block len          */
  96        __u32        rpld_datal;        /* replied data block len        */
  97        __u32        req_extbl;         /* request extension block len   */
  98        __u8         pad_001[4];        /* reserved                      */
  99        __u32        rpld_extbl;        /* replied extension block len   */
 100        __u8         padx000[16 - sizeof(__u8 *)];
 101        __u8 __user *req_parmb;         /* request parm block 'address'  */
 102        __u8         padx001[16 - sizeof(__u8 *)];
 103        __u8 __user *req_datab;         /* request data block 'address'  */
 104        __u8         padx002[16 - sizeof(__u8 *)];
 105        __u8 __user *rpl_parmb;         /* reply parm block 'address'    */
 106        __u8         padx003[16 - sizeof(__u8 *)];
 107        __u8 __user *rpl_datab;         /* reply data block 'address'    */
 108        __u8         padx004[16 - sizeof(__u8 *)];
 109        __u8 __user *req_extb;          /* request extension block 'addr'*/
 110        __u8         padx005[16 - sizeof(__u8 *)];
 111        __u8 __user *rpl_extb;          /* reply extension block 'address'*/
 112        __u16        ccp_rtcode;        /* server return code            */
 113        __u16        ccp_rscode;        /* server reason code            */
 114        __u32        mac_data_len;      /* Mac Data Length               */
 115        __u8         logon_id[8];       /* Logon Identifier              */
 116        __u8         mac_value[8];      /* Mac Value                     */
 117        __u8         mac_content_flgs;  /* Mac content flag byte         */
 118        __u8         pad_002;           /* Alignment                     */
 119        __u16        domain;            /* Domain                        */
 120        __u8         usage_domain[4];   /* Usage domain                  */
 121        __u8         cntrl_domain[4];   /* Control domain                */
 122        __u8         S390enf_mask[4];   /* S/390 enforcement mask        */
 123        __u8         pad_004[36];       /* reserved                      */
 124} __attribute__((packed));
 125
 126/**
 127 * xcRB
 128 */
 129struct ica_xcRB {
 130        __u16         agent_ID;
 131        __u32         user_defined;
 132        __u16         request_ID;
 133        __u32         request_control_blk_length;
 134        __u8          _padding1[16 - sizeof(__u8 *)];
 135        __u8 __user  *request_control_blk_addr;
 136        __u32         request_data_length;
 137        __u8          _padding2[16 - sizeof(__u8 *)];
 138        __u8 __user  *request_data_address;
 139        __u32         reply_control_blk_length;
 140        __u8          _padding3[16 - sizeof(__u8 *)];
 141        __u8 __user  *reply_control_blk_addr;
 142        __u32         reply_data_length;
 143        __u8          __padding4[16 - sizeof(__u8 *)];
 144        __u8 __user  *reply_data_addr;
 145        __u16         priority_window;
 146        __u32         status;
 147} __attribute__((packed));
 148
 149/**
 150 * struct ep11_cprb - EP11 connectivity programming request block
 151 * @cprb_len:           CPRB header length [0x0020]
 152 * @cprb_ver_id:        CPRB version id.   [0x04]
 153 * @pad_000:            Alignment pad bytes
 154 * @flags:              Admin bit [0x80], Special bit [0x20]
 155 * @func_id:            Function id / subtype [0x5434] "T4"
 156 * @source_id:          Source id [originator id]
 157 * @target_id:          Target id [usage/ctrl domain id]
 158 * @ret_code:           Return code
 159 * @reserved1:          Reserved
 160 * @reserved2:          Reserved
 161 * @payload_len:        Payload length
 162 */
 163struct ep11_cprb {
 164        __u16   cprb_len;
 165        __u8    cprb_ver_id;
 166        __u8    pad_000[2];
 167        __u8    flags;
 168        __u8    func_id[2];
 169        __u32   source_id;
 170        __u32   target_id;
 171        __u32   ret_code;
 172        __u32   reserved1;
 173        __u32   reserved2;
 174        __u32   payload_len;
 175} __attribute__((packed));
 176
 177/**
 178 * struct ep11_target_dev - EP11 target device list
 179 * @ap_id:      AP device id
 180 * @dom_id:     Usage domain id
 181 */
 182struct ep11_target_dev {
 183        __u16 ap_id;
 184        __u16 dom_id;
 185};
 186
 187/**
 188 * struct ep11_urb - EP11 user request block
 189 * @targets_num:        Number of target adapters
 190 * @targets:            Addr to target adapter list
 191 * @weight:             Level of request priority
 192 * @req_no:             Request id/number
 193 * @req_len:            Request length
 194 * @req:                Addr to request block
 195 * @resp_len:           Response length
 196 * @resp:               Addr to response block
 197 */
 198struct ep11_urb {
 199        __u16           targets_num;
 200        __u8 __user    *targets;
 201        __u64           weight;
 202        __u64           req_no;
 203        __u64           req_len;
 204        __u8 __user    *req;
 205        __u64           resp_len;
 206        __u8 __user    *resp;
 207} __attribute__((packed));
 208
 209/**
 210 * struct zcrypt_device_status_ext
 211 * @hwtype:             raw hardware type
 212 * @qid:                8 bit device index, 8 bit domain
 213 * @functions:          AP device function bit field 'abcdef'
 214 *                      a, b, c = reserved
 215 *                      d = CCA coprocessor
 216 *                      e = Accelerator
 217 *                      f = EP11 coprocessor
 218 * @online              online status
 219 * @reserved            reserved
 220 */
 221struct zcrypt_device_status_ext {
 222        unsigned int hwtype:8;
 223        unsigned int qid:16;
 224        unsigned int online:1;
 225        unsigned int functions:6;
 226        unsigned int reserved:1;
 227};
 228
 229#define MAX_ZDEV_CARDIDS_EXT 256
 230#define MAX_ZDEV_DOMAINS_EXT 256
 231
 232/* Maximum number of zcrypt devices */
 233#define MAX_ZDEV_ENTRIES_EXT (MAX_ZDEV_CARDIDS_EXT * MAX_ZDEV_DOMAINS_EXT)
 234
 235/* Device matrix of all zcrypt devices */
 236struct zcrypt_device_matrix_ext {
 237        struct zcrypt_device_status_ext device[MAX_ZDEV_ENTRIES_EXT];
 238};
 239
 240#define AUTOSELECT  0xFFFFFFFF
 241#define AUTOSEL_AP  ((__u16) 0xFFFF)
 242#define AUTOSEL_DOM ((__u16) 0xFFFF)
 243
 244#define ZCRYPT_IOCTL_MAGIC 'z'
 245
 246/**
 247 * Interface notes:
 248 *
 249 * The ioctl()s which are implemented (along with relevant details)
 250 * are:
 251 *
 252 *   ICARSAMODEXPO
 253 *     Perform an RSA operation using a Modulus-Exponent pair
 254 *     This takes an ica_rsa_modexpo struct as its arg.
 255 *
 256 *     NOTE: please refer to the comments preceding this structure
 257 *           for the implementation details for the contents of the
 258 *           block
 259 *
 260 *   ICARSACRT
 261 *     Perform an RSA operation using a Chinese-Remainder Theorem key
 262 *     This takes an ica_rsa_modexpo_crt struct as its arg.
 263 *
 264 *     NOTE: please refer to the comments preceding this structure
 265 *           for the implementation details for the contents of the
 266 *           block
 267 *
 268 *   ZSECSENDCPRB
 269 *     Send an arbitrary CPRB to a crypto card.
 270 *
 271 *   ZSENDEP11CPRB
 272 *     Send an arbitrary EP11 CPRB to an EP11 coprocessor crypto card.
 273 *
 274 *   ZCRYPT_DEVICE_STATUS
 275 *     The given struct zcrypt_device_matrix_ext is updated with
 276 *     status information for each currently known apqn.
 277 *
 278 *   ZCRYPT_STATUS_MASK
 279 *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned chars for the
 280 *     status of all devices.
 281 *       0x01: PCICA
 282 *       0x02: PCICC
 283 *       0x03: PCIXCC_MCL2
 284 *       0x04: PCIXCC_MCL3
 285 *       0x05: CEX2C
 286 *       0x06: CEX2A
 287 *       0x07: CEX3C
 288 *       0x08: CEX3A
 289 *       0x0a: CEX4
 290 *       0x0b: CEX5
 291 *       0x0c: CEX6 and CEX7
 292 *       0x0d: device is disabled
 293 *
 294 *   ZCRYPT_QDEPTH_MASK
 295 *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned chars for the
 296 *     queue depth of all devices.
 297 *
 298 *   ZCRYPT_PERDEV_REQCNT
 299 *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned integers for
 300 *     the number of successfully completed requests per device since the
 301 *     device was detected and made available.
 302 *
 303 */
 304
 305/**
 306 * Supported ioctl calls
 307 */
 308#define ICARSAMODEXPO   _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x05, 0)
 309#define ICARSACRT       _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x06, 0)
 310#define ZSECSENDCPRB    _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x81, 0)
 311#define ZSENDEP11CPRB   _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x04, 0)
 312
 313#define ZCRYPT_DEVICE_STATUS _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x5f, 0)
 314#define ZCRYPT_STATUS_MASK   _IOR(ZCRYPT_IOCTL_MAGIC, 0x58, char[MAX_ZDEV_CARDIDS_EXT])
 315#define ZCRYPT_QDEPTH_MASK   _IOR(ZCRYPT_IOCTL_MAGIC, 0x59, char[MAX_ZDEV_CARDIDS_EXT])
 316#define ZCRYPT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x5a, int[MAX_ZDEV_CARDIDS_EXT])
 317
 318/*
 319 * Support for multiple zcrypt device nodes.
 320 */
 321
 322/* Nr of minor device node numbers to allocate. */
 323#define ZCRYPT_MAX_MINOR_NODES 256
 324
 325/* Max amount of possible ioctls */
 326#define MAX_ZDEV_IOCTLS (1 << _IOC_NRBITS)
 327
 328/*
 329 * Only deprecated defines, structs and ioctls below this line.
 330 */
 331
 332/* Deprecated: use MAX_ZDEV_CARDIDS_EXT */
 333#define MAX_ZDEV_CARDIDS 64
 334/* Deprecated: use MAX_ZDEV_DOMAINS_EXT */
 335#define MAX_ZDEV_DOMAINS 256
 336
 337/* Deprecated: use MAX_ZDEV_ENTRIES_EXT */
 338#define MAX_ZDEV_ENTRIES (MAX_ZDEV_CARDIDS * MAX_ZDEV_DOMAINS)
 339
 340/* Deprecated: use struct zcrypt_device_status_ext */
 341struct zcrypt_device_status {
 342        unsigned int hwtype:8;
 343        unsigned int qid:14;
 344        unsigned int online:1;
 345        unsigned int functions:6;
 346        unsigned int reserved:3;
 347};
 348
 349/* Deprecated: use struct zcrypt_device_matrix_ext */
 350struct zcrypt_device_matrix {
 351        struct zcrypt_device_status device[MAX_ZDEV_ENTRIES];
 352};
 353
 354/* Deprecated: use ZCRYPT_DEVICE_STATUS */
 355#define ZDEVICESTATUS _IOC(_IOC_READ|_IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x4f, 0)
 356/* Deprecated: use ZCRYPT_STATUS_MASK */
 357#define Z90STAT_STATUS_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x48, char[64])
 358/* Deprecated: use ZCRYPT_QDEPTH_MASK */
 359#define Z90STAT_QDEPTH_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x49, char[64])
 360/* Deprecated: use ZCRYPT_PERDEV_REQCNT */
 361#define Z90STAT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4a, int[64])
 362
 363/* Deprecated: use sysfs to query these values */
 364#define Z90STAT_REQUESTQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x44, int)
 365#define Z90STAT_PENDINGQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x45, int)
 366#define Z90STAT_TOTALOPEN_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x46, int)
 367#define Z90STAT_DOMAIN_INDEX    _IOR(ZCRYPT_IOCTL_MAGIC, 0x47, int)
 368
 369/*
 370 * The ioctl number ranges 0x40 - 0x42 and 0x4b - 0x4e had been used in the
 371 * past, don't assign new ioctls for these.
 372 */
 373
 374#endif /* __ASM_S390_ZCRYPT_H */
 375