uapi/asm/zcrypt.h

0001 /* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
0002 /*
0003  *  include/asm-s390/zcrypt.h
0004  *
0005  *  zcrypt 2.2.1 (user-visible header)
0006  *
0007  *  Copyright IBM Corp. 2001, 2022
0008  *  Author(s): Robert Burroughs
0009  *         Eric Rossman (edrossma@us.ibm.com)
0010  *
0011  *  Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
0012  */
0013
0014 #ifndef __ASM_S390_ZCRYPT_H
0015 #define __ASM_S390_ZCRYPT_H
0016
0017 #define ZCRYPT_VERSION 2
0018 #define ZCRYPT_RELEASE 2
0019 #define ZCRYPT_VARIANT 1
0020
0021 #include <linux/ioctl.h>
0022 #include <linux/compiler.h>
0023 #include <linux/types.h>
0024
0025 /* Name of the zcrypt device driver. */
0026 #define ZCRYPT_NAME "zcrypt"
0027
0028 /**
0029  * struct ica_rsa_modexpo
0030  *
0031  * Requirements:
0032  * - outputdatalength is at least as large as inputdatalength.
0033  * - All key parts are right justified in their fields, padded on
0034  *   the left with zeroes.
0035  * - length(b_key) = inputdatalength
0036  * - length(n_modulus) = inputdatalength
0037  */
0038 struct ica_rsa_modexpo {
0039     __u8 __user  *inputdata;
0040     __u32         inputdatalength;
0041     __u8 __user  *outputdata;
0042     __u32         outputdatalength;
0043     __u8 __user  *b_key;
0044     __u8 __user  *n_modulus;
0045 };
0046
0047 /**
0048  * struct ica_rsa_modexpo_crt
0049  *
0050  * Requirements:
0051  * - inputdatalength is even.
0052  * - outputdatalength is at least as large as inputdatalength.
0053  * - All key parts are right justified in their fields, padded on
0054  *   the left with zeroes.
0055  * - length(bp_key) = inputdatalength/2 + 8
0056  * - length(bq_key) = inputdatalength/2
0057  * - length(np_key) = inputdatalength/2 + 8
0058  * - length(nq_key) = inputdatalength/2
0059  * - length(u_mult_inv) = inputdatalength/2 + 8
0060  */
0061 struct ica_rsa_modexpo_crt {
0062     __u8 __user  *inputdata;
0063     __u32         inputdatalength;
0064     __u8 __user  *outputdata;
0065     __u32         outputdatalength;
0066     __u8 __user  *bp_key;
0067     __u8 __user  *bq_key;
0068     __u8 __user  *np_prime;
0069     __u8 __user  *nq_prime;
0070     __u8 __user  *u_mult_inv;
0071 };
0072
0073 /**
0074  * CPRBX
0075  *    Note that all shorts and ints are big-endian.
0076  *    All pointer fields are 16 bytes long, and mean nothing.
0077  *
0078  *    A request CPRB is followed by a request_parameter_block.
0079  *
0080  *    The request (or reply) parameter block is organized thus:
0081  *      function code
0082  *      VUD block
0083  *      key block
0084  */
0085 struct CPRBX {
0086     __u16        cprb_len;      /* CPRB length        220    */
0087     __u8         cprb_ver_id;   /* CPRB version id.   0x02   */
0088     __u8         _pad_000[3];   /* Alignment pad bytes       */
0089     __u8         func_id[2];    /* function id        0x5432     */
0090     __u8         cprb_flags[4]; /* Flags             */
0091     __u32        req_parml;     /* request parameter buffer len  */
0092     __u32        req_datal;     /* request data buffer       */
0093     __u32        rpl_msgbl;     /* reply  message block length   */
0094     __u32        rpld_parml;    /* replied parameter block len   */
0095     __u32        rpl_datal;     /* reply data block len      */
0096     __u32        rpld_datal;    /* replied data block len    */
0097     __u32        req_extbl;     /* request extension block len   */
0098     __u8         _pad_001[4];   /* reserved          */
0099     __u32        rpld_extbl;    /* replied extension block len   */
0100     __u8         _pad_002[16 - sizeof(__u8 *)];
0101     __u8 __user *req_parmb;     /* request parm block 'address'  */
0102     __u8         _pad_003[16 - sizeof(__u8 *)];
0103     __u8 __user *req_datab;     /* request data block 'address'  */
0104     __u8         _pad_004[16 - sizeof(__u8 *)];
0105     __u8 __user *rpl_parmb;     /* reply parm block 'address'    */
0106     __u8         _pad_005[16 - sizeof(__u8 *)];
0107     __u8 __user *rpl_datab;     /* reply data block 'address'    */
0108     __u8         _pad_006[16 - sizeof(__u8 *)];
0109     __u8 __user *req_extb;      /* request extension block 'addr'*/
0110     __u8         _pad_007[16 - sizeof(__u8 *)];
0111     __u8 __user *rpl_extb;      /* reply extension block 'address'*/
0112     __u16        ccp_rtcode;    /* server return code        */
0113     __u16        ccp_rscode;    /* server reason code        */
0114     __u32        mac_data_len;  /* Mac Data Length       */
0115     __u8         logon_id[8];   /* Logon Identifier      */
0116     __u8         mac_value[8];  /* Mac Value             */
0117     __u8         mac_content_flgs;  /* Mac content flag byte     */
0118     __u8         _pad_008;      /* Alignment             */
0119     __u16        domain;        /* Domain            */
0120     __u8         _pad_009[12];  /* reserved, checked for zeros   */
0121     __u8         _pad_010[36];  /* reserved          */
0122 } __attribute__((packed));
0123
0124 /**
0125  * xcRB
0126  */
0127 struct ica_xcRB {
0128     __u16         agent_ID;
0129     __u32         user_defined;
0130     __u16         request_ID;
0131     __u32         request_control_blk_length;
0132     __u8          _padding1[16 - sizeof(__u8 *)];
0133     __u8 __user  *request_control_blk_addr;
0134     __u32         request_data_length;
0135     __u8          _padding2[16 - sizeof(__u8 *)];
0136     __u8 __user  *request_data_address;
0137     __u32         reply_control_blk_length;
0138     __u8          _padding3[16 - sizeof(__u8 *)];
0139     __u8 __user  *reply_control_blk_addr;
0140     __u32         reply_data_length;
0141     __u8          __padding4[16 - sizeof(__u8 *)];
0142     __u8 __user  *reply_data_addr;
0143     __u16         priority_window;
0144     __u32         status;
0145 } __attribute__((packed));
0146
0147 /**
0148  * struct ep11_cprb - EP11 connectivity programming request block
0149  * @cprb_len:       CPRB header length [0x0020]
0150  * @cprb_ver_id:    CPRB version id.   [0x04]
0151  * @pad_000:        Alignment pad bytes
0152  * @flags:      Admin bit [0x80], Special bit [0x20]
0153  * @func_id:        Function id / subtype [0x5434] "T4"
0154  * @source_id:      Source id [originator id]
0155  * @target_id:      Target id [usage/ctrl domain id]
0156  * @ret_code:       Return code
0157  * @reserved1:      Reserved
0158  * @reserved2:      Reserved
0159  * @payload_len:    Payload length
0160  */
0161 struct ep11_cprb {
0162     __u16   cprb_len;
0163     __u8    cprb_ver_id;
0164     __u8    pad_000[2];
0165     __u8    flags;
0166     __u8    func_id[2];
0167     __u32   source_id;
0168     __u32   target_id;
0169     __u32   ret_code;
0170     __u32   reserved1;
0171     __u32   reserved2;
0172     __u32   payload_len;
0173 } __attribute__((packed));
0174
0175 /**
0176  * struct ep11_target_dev - EP11 target device list
0177  * @ap_id:  AP device id
0178  * @dom_id: Usage domain id
0179  */
0180 struct ep11_target_dev {
0181     __u16 ap_id;
0182     __u16 dom_id;
0183 };
0184
0185 /**
0186  * struct ep11_urb - EP11 user request block
0187  * @targets_num:    Number of target adapters
0188  * @targets:        Addr to target adapter list
0189  * @weight:     Level of request priority
0190  * @req_no:     Request id/number
0191  * @req_len:        Request length
0192  * @req:        Addr to request block
0193  * @resp_len:       Response length
0194  * @resp:       Addr to response block
0195  */
0196 struct ep11_urb {
0197     __u16       targets_num;
0198     __u8 __user    *targets;
0199     __u64       weight;
0200     __u64       req_no;
0201     __u64       req_len;
0202     __u8 __user    *req;
0203     __u64       resp_len;
0204     __u8 __user    *resp;
0205 } __attribute__((packed));
0206
0207 /**
0208  * struct zcrypt_device_status_ext
0209  * @hwtype:     raw hardware type
0210  * @qid:        8 bit device index, 8 bit domain
0211  * @functions:      AP device function bit field 'abcdef'
0212  *          a, b, c = reserved
0213  *          d = CCA coprocessor
0214  *          e = Accelerator
0215  *          f = EP11 coprocessor
0216  * @online      online status
0217  * @reserved        reserved
0218  */
0219 struct zcrypt_device_status_ext {
0220     unsigned int hwtype:8;
0221     unsigned int qid:16;
0222     unsigned int online:1;
0223     unsigned int functions:6;
0224     unsigned int reserved:1;
0225 };
0226
0227 #define MAX_ZDEV_CARDIDS_EXT 256
0228 #define MAX_ZDEV_DOMAINS_EXT 256
0229
0230 /* Maximum number of zcrypt devices */
0231 #define MAX_ZDEV_ENTRIES_EXT (MAX_ZDEV_CARDIDS_EXT * MAX_ZDEV_DOMAINS_EXT)
0232
0233 /* Device matrix of all zcrypt devices */
0234 struct zcrypt_device_matrix_ext {
0235     struct zcrypt_device_status_ext device[MAX_ZDEV_ENTRIES_EXT];
0236 };
0237
0238 #define AUTOSELECT  0xFFFFFFFF
0239 #define AUTOSEL_AP  ((__u16)0xFFFF)
0240 #define AUTOSEL_DOM ((__u16)0xFFFF)
0241
0242 #define ZCRYPT_IOCTL_MAGIC 'z'
0243
0244 /**
0245  * Interface notes:
0246  *
0247  * The ioctl()s which are implemented (along with relevant details)
0248  * are:
0249  *
0250  *   ICARSAMODEXPO
0251  *     Perform an RSA operation using a Modulus-Exponent pair
0252  *     This takes an ica_rsa_modexpo struct as its arg.
0253  *
0254  *     NOTE: please refer to the comments preceding this structure
0255  *       for the implementation details for the contents of the
0256  *       block
0257  *
0258  *   ICARSACRT
0259  *     Perform an RSA operation using a Chinese-Remainder Theorem key
0260  *     This takes an ica_rsa_modexpo_crt struct as its arg.
0261  *
0262  *     NOTE: please refer to the comments preceding this structure
0263  *       for the implementation details for the contents of the
0264  *       block
0265  *
0266  *   ZSECSENDCPRB
0267  *     Send an arbitrary CPRB to a crypto card.
0268  *
0269  *   ZSENDEP11CPRB
0270  *     Send an arbitrary EP11 CPRB to an EP11 coprocessor crypto card.
0271  *
0272  *   ZCRYPT_DEVICE_STATUS
0273  *     The given struct zcrypt_device_matrix_ext is updated with
0274  *     status information for each currently known apqn.
0275  *
0276  *   ZCRYPT_STATUS_MASK
0277  *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned chars for the
0278  *     status of all devices.
0279  *   0x01: PCICA
0280  *   0x02: PCICC
0281  *   0x03: PCIXCC_MCL2
0282  *   0x04: PCIXCC_MCL3
0283  *   0x05: CEX2C
0284  *   0x06: CEX2A
0285  *   0x07: CEX3C
0286  *   0x08: CEX3A
0287  *   0x0a: CEX4
0288  *   0x0b: CEX5
0289  *   0x0c: CEX6, CEX7 or CEX8
0290  *   0x0d: device is disabled
0291  *
0292  *   ZCRYPT_QDEPTH_MASK
0293  *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned chars for the
0294  *     queue depth of all devices.
0295  *
0296  *   ZCRYPT_PERDEV_REQCNT
0297  *     Return an MAX_ZDEV_CARDIDS_EXT element array of unsigned integers for
0298  *     the number of successfully completed requests per device since the
0299  *     device was detected and made available.
0300  *
0301  */
0302
0303 /**
0304  * Supported ioctl calls
0305  */
0306 #define ICARSAMODEXPO  _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x05, 0)
0307 #define ICARSACRT      _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x06, 0)
0308 #define ZSECSENDCPRB   _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x81, 0)
0309 #define ZSENDEP11CPRB  _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x04, 0)
0310
0311 #define ZCRYPT_DEVICE_STATUS _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x5f, 0)
0312 #define ZCRYPT_STATUS_MASK   _IOR(ZCRYPT_IOCTL_MAGIC, 0x58, char[MAX_ZDEV_CARDIDS_EXT])
0313 #define ZCRYPT_QDEPTH_MASK   _IOR(ZCRYPT_IOCTL_MAGIC, 0x59, char[MAX_ZDEV_CARDIDS_EXT])
0314 #define ZCRYPT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x5a, int[MAX_ZDEV_CARDIDS_EXT])
0315
0316 /*
0317  * Support for multiple zcrypt device nodes.
0318  */
0319
0320 /* Nr of minor device node numbers to allocate. */
0321 #define ZCRYPT_MAX_MINOR_NODES 256
0322
0323 /* Max amount of possible ioctls */
0324 #define MAX_ZDEV_IOCTLS (1 << _IOC_NRBITS)
0325
0326 /*
0327  * Only deprecated defines, structs and ioctls below this line.
0328  */
0329
0330 /* Deprecated: use MAX_ZDEV_CARDIDS_EXT */
0331 #define MAX_ZDEV_CARDIDS 64
0332 /* Deprecated: use MAX_ZDEV_DOMAINS_EXT */
0333 #define MAX_ZDEV_DOMAINS 256
0334
0335 /* Deprecated: use MAX_ZDEV_ENTRIES_EXT */
0336 #define MAX_ZDEV_ENTRIES (MAX_ZDEV_CARDIDS * MAX_ZDEV_DOMAINS)
0337
0338 /* Deprecated: use struct zcrypt_device_status_ext */
0339 struct zcrypt_device_status {
0340     unsigned int hwtype:8;
0341     unsigned int qid:14;
0342     unsigned int online:1;
0343     unsigned int functions:6;
0344     unsigned int reserved:3;
0345 };
0346
0347 /* Deprecated: use struct zcrypt_device_matrix_ext */
0348 struct zcrypt_device_matrix {
0349     struct zcrypt_device_status device[MAX_ZDEV_ENTRIES];
0350 };
0351
0352 /* Deprecated: use ZCRYPT_DEVICE_STATUS */
0353 #define ZDEVICESTATUS _IOC(_IOC_READ | _IOC_WRITE, ZCRYPT_IOCTL_MAGIC, 0x4f, 0)
0354 /* Deprecated: use ZCRYPT_STATUS_MASK */
0355 #define Z90STAT_STATUS_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x48, char[64])
0356 /* Deprecated: use ZCRYPT_QDEPTH_MASK */
0357 #define Z90STAT_QDEPTH_MASK _IOR(ZCRYPT_IOCTL_MAGIC, 0x49, char[64])
0358 /* Deprecated: use ZCRYPT_PERDEV_REQCNT */
0359 #define Z90STAT_PERDEV_REQCNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x4a, int[64])
0360
0361 /* Deprecated: use sysfs to query these values */
0362 #define Z90STAT_REQUESTQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x44, int)
0363 #define Z90STAT_PENDINGQ_COUNT  _IOR(ZCRYPT_IOCTL_MAGIC, 0x45, int)
0364 #define Z90STAT_TOTALOPEN_COUNT _IOR(ZCRYPT_IOCTL_MAGIC, 0x46, int)
0365 #define Z90STAT_DOMAIN_INDEX    _IOR(ZCRYPT_IOCTL_MAGIC, 0x47, int)
0366
0367 /*
0368  * The ioctl number ranges 0x40 - 0x42 and 0x4b - 0x4e had been used in the
0369  * past, don't assign new ioctls for these.
0370  */
0371
0372 #endif /* __ASM_S390_ZCRYPT_H */