cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

cpacf.h (16214B)


      1/* SPDX-License-Identifier: GPL-2.0 */
      2/*
      3 * CP Assist for Cryptographic Functions (CPACF)
      4 *
      5 * Copyright IBM Corp. 2003, 2017
      6 * Author(s): Thomas Spatzier
      7 *	      Jan Glauber
      8 *	      Harald Freudenberger (freude@de.ibm.com)
      9 *	      Martin Schwidefsky <schwidefsky@de.ibm.com>
     10 */
     11#ifndef _ASM_S390_CPACF_H
     12#define _ASM_S390_CPACF_H
     13
     14#include <asm/facility.h>
     15
     16/*
     17 * Instruction opcodes for the CPACF instructions
     18 */
     19#define CPACF_KMAC		0xb91e		/* MSA	*/
     20#define CPACF_KM		0xb92e		/* MSA	*/
     21#define CPACF_KMC		0xb92f		/* MSA	*/
     22#define CPACF_KIMD		0xb93e		/* MSA	*/
     23#define CPACF_KLMD		0xb93f		/* MSA	*/
     24#define CPACF_PCKMO		0xb928		/* MSA3 */
     25#define CPACF_KMF		0xb92a		/* MSA4 */
     26#define CPACF_KMO		0xb92b		/* MSA4 */
     27#define CPACF_PCC		0xb92c		/* MSA4 */
     28#define CPACF_KMCTR		0xb92d		/* MSA4 */
     29#define CPACF_PRNO		0xb93c		/* MSA5 */
     30#define CPACF_KMA		0xb929		/* MSA8 */
     31#define CPACF_KDSA		0xb93a		/* MSA9 */
     32
     33/*
     34 * En/decryption modifier bits
     35 */
     36#define CPACF_ENCRYPT		0x00
     37#define CPACF_DECRYPT		0x80
     38
     39/*
     40 * Function codes for the KM (CIPHER MESSAGE) instruction
     41 */
     42#define CPACF_KM_QUERY		0x00
     43#define CPACF_KM_DEA		0x01
     44#define CPACF_KM_TDEA_128	0x02
     45#define CPACF_KM_TDEA_192	0x03
     46#define CPACF_KM_AES_128	0x12
     47#define CPACF_KM_AES_192	0x13
     48#define CPACF_KM_AES_256	0x14
     49#define CPACF_KM_PAES_128	0x1a
     50#define CPACF_KM_PAES_192	0x1b
     51#define CPACF_KM_PAES_256	0x1c
     52#define CPACF_KM_XTS_128	0x32
     53#define CPACF_KM_XTS_256	0x34
     54#define CPACF_KM_PXTS_128	0x3a
     55#define CPACF_KM_PXTS_256	0x3c
     56
     57/*
     58 * Function codes for the KMC (CIPHER MESSAGE WITH CHAINING)
     59 * instruction
     60 */
     61#define CPACF_KMC_QUERY		0x00
     62#define CPACF_KMC_DEA		0x01
     63#define CPACF_KMC_TDEA_128	0x02
     64#define CPACF_KMC_TDEA_192	0x03
     65#define CPACF_KMC_AES_128	0x12
     66#define CPACF_KMC_AES_192	0x13
     67#define CPACF_KMC_AES_256	0x14
     68#define CPACF_KMC_PAES_128	0x1a
     69#define CPACF_KMC_PAES_192	0x1b
     70#define CPACF_KMC_PAES_256	0x1c
     71#define CPACF_KMC_PRNG		0x43
     72
     73/*
     74 * Function codes for the KMCTR (CIPHER MESSAGE WITH COUNTER)
     75 * instruction
     76 */
     77#define CPACF_KMCTR_QUERY	0x00
     78#define CPACF_KMCTR_DEA		0x01
     79#define CPACF_KMCTR_TDEA_128	0x02
     80#define CPACF_KMCTR_TDEA_192	0x03
     81#define CPACF_KMCTR_AES_128	0x12
     82#define CPACF_KMCTR_AES_192	0x13
     83#define CPACF_KMCTR_AES_256	0x14
     84#define CPACF_KMCTR_PAES_128	0x1a
     85#define CPACF_KMCTR_PAES_192	0x1b
     86#define CPACF_KMCTR_PAES_256	0x1c
     87
     88/*
     89 * Function codes for the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
     90 * instruction
     91 */
     92#define CPACF_KIMD_QUERY	0x00
     93#define CPACF_KIMD_SHA_1	0x01
     94#define CPACF_KIMD_SHA_256	0x02
     95#define CPACF_KIMD_SHA_512	0x03
     96#define CPACF_KIMD_SHA3_224	0x20
     97#define CPACF_KIMD_SHA3_256	0x21
     98#define CPACF_KIMD_SHA3_384	0x22
     99#define CPACF_KIMD_SHA3_512	0x23
    100#define CPACF_KIMD_GHASH	0x41
    101
    102/*
    103 * Function codes for the KLMD (COMPUTE LAST MESSAGE DIGEST)
    104 * instruction
    105 */
    106#define CPACF_KLMD_QUERY	0x00
    107#define CPACF_KLMD_SHA_1	0x01
    108#define CPACF_KLMD_SHA_256	0x02
    109#define CPACF_KLMD_SHA_512	0x03
    110#define CPACF_KLMD_SHA3_224	0x20
    111#define CPACF_KLMD_SHA3_256	0x21
    112#define CPACF_KLMD_SHA3_384	0x22
    113#define CPACF_KLMD_SHA3_512	0x23
    114
    115/*
    116 * function codes for the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
    117 * instruction
    118 */
    119#define CPACF_KMAC_QUERY	0x00
    120#define CPACF_KMAC_DEA		0x01
    121#define CPACF_KMAC_TDEA_128	0x02
    122#define CPACF_KMAC_TDEA_192	0x03
    123
    124/*
    125 * Function codes for the PCKMO (PERFORM CRYPTOGRAPHIC KEY MANAGEMENT)
    126 * instruction
    127 */
    128#define CPACF_PCKMO_QUERY		0x00
    129#define CPACF_PCKMO_ENC_DES_KEY		0x01
    130#define CPACF_PCKMO_ENC_TDES_128_KEY	0x02
    131#define CPACF_PCKMO_ENC_TDES_192_KEY	0x03
    132#define CPACF_PCKMO_ENC_AES_128_KEY	0x12
    133#define CPACF_PCKMO_ENC_AES_192_KEY	0x13
    134#define CPACF_PCKMO_ENC_AES_256_KEY	0x14
    135
    136/*
    137 * Function codes for the PRNO (PERFORM RANDOM NUMBER OPERATION)
    138 * instruction
    139 */
    140#define CPACF_PRNO_QUERY		0x00
    141#define CPACF_PRNO_SHA512_DRNG_GEN	0x03
    142#define CPACF_PRNO_SHA512_DRNG_SEED	0x83
    143#define CPACF_PRNO_TRNG_Q_R2C_RATIO	0x70
    144#define CPACF_PRNO_TRNG			0x72
    145
    146/*
    147 * Function codes for the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
    148 * instruction
    149 */
    150#define CPACF_KMA_QUERY		0x00
    151#define CPACF_KMA_GCM_AES_128	0x12
    152#define CPACF_KMA_GCM_AES_192	0x13
    153#define CPACF_KMA_GCM_AES_256	0x14
    154
    155/*
    156 * Flags for the KMA (CIPHER MESSAGE WITH AUTHENTICATION) instruction
    157 */
    158#define CPACF_KMA_LPC	0x100	/* Last-Plaintext/Ciphertext */
    159#define CPACF_KMA_LAAD	0x200	/* Last-AAD */
    160#define CPACF_KMA_HS	0x400	/* Hash-subkey Supplied */
    161
    162typedef struct { unsigned char bytes[16]; } cpacf_mask_t;
    163
    164/**
    165 * cpacf_query() - check if a specific CPACF function is available
    166 * @opcode: the opcode of the crypto instruction
    167 * @func: the function code to test for
    168 *
    169 * Executes the query function for the given crypto instruction @opcode
    170 * and checks if @func is available
    171 *
    172 * Returns 1 if @func is available for @opcode, 0 otherwise
    173 */
    174static __always_inline void __cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
    175{
    176	asm volatile(
    177		"	lghi	0,0\n" /* query function */
    178		"	lgr	1,%[mask]\n"
    179		"	spm	0\n" /* pckmo doesn't change the cc */
    180		/* Parameter regs are ignored, but must be nonzero and unique */
    181		"0:	.insn	rrf,%[opc] << 16,2,4,6,0\n"
    182		"	brc	1,0b\n"	/* handle partial completion */
    183		: "=m" (*mask)
    184		: [mask] "d" ((unsigned long)mask), [opc] "i" (opcode)
    185		: "cc", "0", "1");
    186}
    187
    188static __always_inline int __cpacf_check_opcode(unsigned int opcode)
    189{
    190	switch (opcode) {
    191	case CPACF_KMAC:
    192	case CPACF_KM:
    193	case CPACF_KMC:
    194	case CPACF_KIMD:
    195	case CPACF_KLMD:
    196		return test_facility(17);	/* check for MSA */
    197	case CPACF_PCKMO:
    198		return test_facility(76);	/* check for MSA3 */
    199	case CPACF_KMF:
    200	case CPACF_KMO:
    201	case CPACF_PCC:
    202	case CPACF_KMCTR:
    203		return test_facility(77);	/* check for MSA4 */
    204	case CPACF_PRNO:
    205		return test_facility(57);	/* check for MSA5 */
    206	case CPACF_KMA:
    207		return test_facility(146);	/* check for MSA8 */
    208	default:
    209		BUG();
    210	}
    211}
    212
    213static __always_inline int cpacf_query(unsigned int opcode, cpacf_mask_t *mask)
    214{
    215	if (__cpacf_check_opcode(opcode)) {
    216		__cpacf_query(opcode, mask);
    217		return 1;
    218	}
    219	memset(mask, 0, sizeof(*mask));
    220	return 0;
    221}
    222
    223static inline int cpacf_test_func(cpacf_mask_t *mask, unsigned int func)
    224{
    225	return (mask->bytes[func >> 3] & (0x80 >> (func & 7))) != 0;
    226}
    227
    228static __always_inline int cpacf_query_func(unsigned int opcode, unsigned int func)
    229{
    230	cpacf_mask_t mask;
    231
    232	if (cpacf_query(opcode, &mask))
    233		return cpacf_test_func(&mask, func);
    234	return 0;
    235}
    236
    237/**
    238 * cpacf_km() - executes the KM (CIPHER MESSAGE) instruction
    239 * @func: the function code passed to KM; see CPACF_KM_xxx defines
    240 * @param: address of parameter block; see POP for details on each func
    241 * @dest: address of destination memory area
    242 * @src: address of source memory area
    243 * @src_len: length of src operand in bytes
    244 *
    245 * Returns 0 for the query func, number of processed bytes for
    246 * encryption/decryption funcs
    247 */
    248static inline int cpacf_km(unsigned long func, void *param,
    249			   u8 *dest, const u8 *src, long src_len)
    250{
    251	union register_pair d, s;
    252
    253	d.even = (unsigned long)dest;
    254	s.even = (unsigned long)src;
    255	s.odd  = (unsigned long)src_len;
    256	asm volatile(
    257		"	lgr	0,%[fc]\n"
    258		"	lgr	1,%[pba]\n"
    259		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
    260		"	brc	1,0b\n" /* handle partial completion */
    261		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair)
    262		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    263		  [opc] "i" (CPACF_KM)
    264		: "cc", "memory", "0", "1");
    265
    266	return src_len - s.odd;
    267}
    268
    269/**
    270 * cpacf_kmc() - executes the KMC (CIPHER MESSAGE WITH CHAINING) instruction
    271 * @func: the function code passed to KM; see CPACF_KMC_xxx defines
    272 * @param: address of parameter block; see POP for details on each func
    273 * @dest: address of destination memory area
    274 * @src: address of source memory area
    275 * @src_len: length of src operand in bytes
    276 *
    277 * Returns 0 for the query func, number of processed bytes for
    278 * encryption/decryption funcs
    279 */
    280static inline int cpacf_kmc(unsigned long func, void *param,
    281			    u8 *dest, const u8 *src, long src_len)
    282{
    283	union register_pair d, s;
    284
    285	d.even = (unsigned long)dest;
    286	s.even = (unsigned long)src;
    287	s.odd  = (unsigned long)src_len;
    288	asm volatile(
    289		"	lgr	0,%[fc]\n"
    290		"	lgr	1,%[pba]\n"
    291		"0:	.insn	rre,%[opc] << 16,%[dst],%[src]\n"
    292		"	brc	1,0b\n" /* handle partial completion */
    293		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair)
    294		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    295		  [opc] "i" (CPACF_KMC)
    296		: "cc", "memory", "0", "1");
    297
    298	return src_len - s.odd;
    299}
    300
    301/**
    302 * cpacf_kimd() - executes the KIMD (COMPUTE INTERMEDIATE MESSAGE DIGEST)
    303 *		  instruction
    304 * @func: the function code passed to KM; see CPACF_KIMD_xxx defines
    305 * @param: address of parameter block; see POP for details on each func
    306 * @src: address of source memory area
    307 * @src_len: length of src operand in bytes
    308 */
    309static inline void cpacf_kimd(unsigned long func, void *param,
    310			      const u8 *src, long src_len)
    311{
    312	union register_pair s;
    313
    314	s.even = (unsigned long)src;
    315	s.odd  = (unsigned long)src_len;
    316	asm volatile(
    317		"	lgr	0,%[fc]\n"
    318		"	lgr	1,%[pba]\n"
    319		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
    320		"	brc	1,0b\n" /* handle partial completion */
    321		: [src] "+&d" (s.pair)
    322		: [fc] "d" (func), [pba] "d" ((unsigned long)(param)),
    323		  [opc] "i" (CPACF_KIMD)
    324		: "cc", "memory", "0", "1");
    325}
    326
    327/**
    328 * cpacf_klmd() - executes the KLMD (COMPUTE LAST MESSAGE DIGEST) instruction
    329 * @func: the function code passed to KM; see CPACF_KLMD_xxx defines
    330 * @param: address of parameter block; see POP for details on each func
    331 * @src: address of source memory area
    332 * @src_len: length of src operand in bytes
    333 */
    334static inline void cpacf_klmd(unsigned long func, void *param,
    335			      const u8 *src, long src_len)
    336{
    337	union register_pair s;
    338
    339	s.even = (unsigned long)src;
    340	s.odd  = (unsigned long)src_len;
    341	asm volatile(
    342		"	lgr	0,%[fc]\n"
    343		"	lgr	1,%[pba]\n"
    344		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
    345		"	brc	1,0b\n" /* handle partial completion */
    346		: [src] "+&d" (s.pair)
    347		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    348		  [opc] "i" (CPACF_KLMD)
    349		: "cc", "memory", "0", "1");
    350}
    351
    352/**
    353 * cpacf_kmac() - executes the KMAC (COMPUTE MESSAGE AUTHENTICATION CODE)
    354 *		  instruction
    355 * @func: the function code passed to KM; see CPACF_KMAC_xxx defines
    356 * @param: address of parameter block; see POP for details on each func
    357 * @src: address of source memory area
    358 * @src_len: length of src operand in bytes
    359 *
    360 * Returns 0 for the query func, number of processed bytes for digest funcs
    361 */
    362static inline int cpacf_kmac(unsigned long func, void *param,
    363			     const u8 *src, long src_len)
    364{
    365	union register_pair s;
    366
    367	s.even = (unsigned long)src;
    368	s.odd  = (unsigned long)src_len;
    369	asm volatile(
    370		"	lgr	0,%[fc]\n"
    371		"	lgr	1,%[pba]\n"
    372		"0:	.insn	rre,%[opc] << 16,0,%[src]\n"
    373		"	brc	1,0b\n" /* handle partial completion */
    374		: [src] "+&d" (s.pair)
    375		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    376		  [opc] "i" (CPACF_KMAC)
    377		: "cc", "memory", "0", "1");
    378
    379	return src_len - s.odd;
    380}
    381
    382/**
    383 * cpacf_kmctr() - executes the KMCTR (CIPHER MESSAGE WITH COUNTER) instruction
    384 * @func: the function code passed to KMCTR; see CPACF_KMCTR_xxx defines
    385 * @param: address of parameter block; see POP for details on each func
    386 * @dest: address of destination memory area
    387 * @src: address of source memory area
    388 * @src_len: length of src operand in bytes
    389 * @counter: address of counter value
    390 *
    391 * Returns 0 for the query func, number of processed bytes for
    392 * encryption/decryption funcs
    393 */
    394static inline int cpacf_kmctr(unsigned long func, void *param, u8 *dest,
    395			      const u8 *src, long src_len, u8 *counter)
    396{
    397	union register_pair d, s, c;
    398
    399	d.even = (unsigned long)dest;
    400	s.even = (unsigned long)src;
    401	s.odd  = (unsigned long)src_len;
    402	c.even = (unsigned long)counter;
    403	asm volatile(
    404		"	lgr	0,%[fc]\n"
    405		"	lgr	1,%[pba]\n"
    406		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[ctr],0\n"
    407		"	brc	1,0b\n" /* handle partial completion */
    408		: [src] "+&d" (s.pair), [dst] "+&d" (d.pair),
    409		  [ctr] "+&d" (c.pair)
    410		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    411		  [opc] "i" (CPACF_KMCTR)
    412		: "cc", "memory", "0", "1");
    413
    414	return src_len - s.odd;
    415}
    416
    417/**
    418 * cpacf_prno() - executes the PRNO (PERFORM RANDOM NUMBER OPERATION)
    419 *		  instruction
    420 * @func: the function code passed to PRNO; see CPACF_PRNO_xxx defines
    421 * @param: address of parameter block; see POP for details on each func
    422 * @dest: address of destination memory area
    423 * @dest_len: size of destination memory area in bytes
    424 * @seed: address of seed data
    425 * @seed_len: size of seed data in bytes
    426 */
    427static inline void cpacf_prno(unsigned long func, void *param,
    428			      u8 *dest, unsigned long dest_len,
    429			      const u8 *seed, unsigned long seed_len)
    430{
    431	union register_pair d, s;
    432
    433	d.even = (unsigned long)dest;
    434	d.odd  = (unsigned long)dest_len;
    435	s.even = (unsigned long)seed;
    436	s.odd  = (unsigned long)seed_len;
    437	asm volatile (
    438		"	lgr	0,%[fc]\n"
    439		"	lgr	1,%[pba]\n"
    440		"0:	.insn	rre,%[opc] << 16,%[dst],%[seed]\n"
    441		"	brc	1,0b\n"	  /* handle partial completion */
    442		: [dst] "+&d" (d.pair)
    443		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    444		  [seed] "d" (s.pair), [opc] "i" (CPACF_PRNO)
    445		: "cc", "memory", "0", "1");
    446}
    447
    448/**
    449 * cpacf_trng() - executes the TRNG subfunction of the PRNO instruction
    450 * @ucbuf: buffer for unconditioned data
    451 * @ucbuf_len: amount of unconditioned data to fetch in bytes
    452 * @cbuf: buffer for conditioned data
    453 * @cbuf_len: amount of conditioned data to fetch in bytes
    454 */
    455static inline void cpacf_trng(u8 *ucbuf, unsigned long ucbuf_len,
    456			      u8 *cbuf, unsigned long cbuf_len)
    457{
    458	union register_pair u, c;
    459
    460	u.even = (unsigned long)ucbuf;
    461	u.odd  = (unsigned long)ucbuf_len;
    462	c.even = (unsigned long)cbuf;
    463	c.odd  = (unsigned long)cbuf_len;
    464	asm volatile (
    465		"	lghi	0,%[fc]\n"
    466		"0:	.insn	rre,%[opc] << 16,%[ucbuf],%[cbuf]\n"
    467		"	brc	1,0b\n"	  /* handle partial completion */
    468		: [ucbuf] "+&d" (u.pair), [cbuf] "+&d" (c.pair)
    469		: [fc] "K" (CPACF_PRNO_TRNG), [opc] "i" (CPACF_PRNO)
    470		: "cc", "memory", "0");
    471}
    472
    473/**
    474 * cpacf_pcc() - executes the PCC (PERFORM CRYPTOGRAPHIC COMPUTATION)
    475 *		 instruction
    476 * @func: the function code passed to PCC; see CPACF_KM_xxx defines
    477 * @param: address of parameter block; see POP for details on each func
    478 */
    479static inline void cpacf_pcc(unsigned long func, void *param)
    480{
    481	asm volatile(
    482		"	lgr	0,%[fc]\n"
    483		"	lgr	1,%[pba]\n"
    484		"0:	.insn	rre,%[opc] << 16,0,0\n" /* PCC opcode */
    485		"	brc	1,0b\n" /* handle partial completion */
    486		:
    487		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    488		  [opc] "i" (CPACF_PCC)
    489		: "cc", "memory", "0", "1");
    490}
    491
    492/**
    493 * cpacf_pckmo() - executes the PCKMO (PERFORM CRYPTOGRAPHIC KEY
    494 *		  MANAGEMENT) instruction
    495 * @func: the function code passed to PCKMO; see CPACF_PCKMO_xxx defines
    496 * @param: address of parameter block; see POP for details on each func
    497 *
    498 * Returns 0.
    499 */
    500static inline void cpacf_pckmo(long func, void *param)
    501{
    502	asm volatile(
    503		"	lgr	0,%[fc]\n"
    504		"	lgr	1,%[pba]\n"
    505		"       .insn   rre,%[opc] << 16,0,0\n" /* PCKMO opcode */
    506		:
    507		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    508		  [opc] "i" (CPACF_PCKMO)
    509		: "cc", "memory", "0", "1");
    510}
    511
    512/**
    513 * cpacf_kma() - executes the KMA (CIPHER MESSAGE WITH AUTHENTICATION)
    514 *		 instruction
    515 * @func: the function code passed to KMA; see CPACF_KMA_xxx defines
    516 * @param: address of parameter block; see POP for details on each func
    517 * @dest: address of destination memory area
    518 * @src: address of source memory area
    519 * @src_len: length of src operand in bytes
    520 * @aad: address of additional authenticated data memory area
    521 * @aad_len: length of aad operand in bytes
    522 */
    523static inline void cpacf_kma(unsigned long func, void *param, u8 *dest,
    524			     const u8 *src, unsigned long src_len,
    525			     const u8 *aad, unsigned long aad_len)
    526{
    527	union register_pair d, s, a;
    528
    529	d.even = (unsigned long)dest;
    530	s.even = (unsigned long)src;
    531	s.odd  = (unsigned long)src_len;
    532	a.even = (unsigned long)aad;
    533	a.odd  = (unsigned long)aad_len;
    534	asm volatile(
    535		"	lgr	0,%[fc]\n"
    536		"	lgr	1,%[pba]\n"
    537		"0:	.insn	rrf,%[opc] << 16,%[dst],%[src],%[aad],0\n"
    538		"	brc	1,0b\n"	/* handle partial completion */
    539		: [dst] "+&d" (d.pair), [src] "+&d" (s.pair),
    540		  [aad] "+&d" (a.pair)
    541		: [fc] "d" (func), [pba] "d" ((unsigned long)param),
    542		  [opc] "i" (CPACF_KMA)
    543		: "cc", "memory", "0", "1");
    544}
    545
    546#endif	/* _ASM_S390_CPACF_H */