cert_store.c source code [linux/arch/s390/kernel/cert_store.c]

1	// SPDX-License-Identifier: GPL-2.0
2	/*
3	* DIAG 0x320 support and certificate store handling
4	*
5	* Copyright IBM Corp. 2023
6	* Author(s): Anastasia Eskova <anastasia.eskova@ibm.com>
7	*/
8
9	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10
11	#include <linux/delay.h>
12	#include <linux/device.h>
13	#include <linux/fs.h>
14	#include <linux/init.h>
15	#include <linux/kernel.h>
16	#include <linux/key-type.h>
17	#include <linux/key.h>
18	#include <linux/keyctl.h>
19	#include <linux/kobject.h>
20	#include <linux/module.h>
21	#include <linux/seq_file.h>
22	#include <linux/slab.h>
23	#include <linux/sysfs.h>
24	#include <linux/vmalloc.h>
25	#include <crypto/sha2.h>
26	#include <keys/user-type.h>
27	#include <asm/debug.h>
28	#include <asm/diag.h>
29	#include <asm/ebcdic.h>
30	#include <asm/sclp.h>
31
32	#define DIAG_MAX_RETRIES 10
33
34	#define VCE_FLAGS_VALID_MASK 0x80
35
36	#define ISM_LEN_DWORDS 4
37	#define VCSSB_LEN_BYTES 128
38	#define VCSSB_LEN_NO_CERTS 4
39	#define VCB_LEN_NO_CERTS 64
40	#define VC_NAME_LEN_BYTES 64
41
42	#define CERT_STORE_KEY_TYPE_NAME "cert_store_key"
43	#define CERT_STORE_KEYRING_NAME "cert_store"
44
45	static debug_info_t *cert_store_dbf;
46	static debug_info_t *cert_store_hexdump;
47
48	#define pr_dbf_msg(fmt, ...) \
49	debug_sprintf_event(cert_store_dbf, 3, fmt "\n", ## __VA_ARGS__)
50
51	enum diag320_subcode {
52	DIAG320_SUBCODES = `0`,
53	DIAG320_STORAGE = `1`,
54	DIAG320_CERT_BLOCK = `2`,
55	};
56
57	enum diag320_rc {
58	DIAG320_RC_OK = `0x0001`,
59	DIAG320_RC_CS_NOMATCH = `0x0306`,
60	};
61
62	/ Verification Certificates Store Support Block (VCSSB). /
63	struct vcssb {
64	u32 vcssb_length;
65	u8 pad_0x04[`3`];
66	u8 version;
67	u8 pad_0x08[`8`];
68	u32 cs_token;
69	u8 pad_0x14[`12`];
70	u16 total_vc_index_count;
71	u16 max_vc_index_count;
72	u8 pad_0x24[`28`];
73	u32 max_vce_length;
74	u32 max_vcxe_length;
75	u8 pad_0x48[`8`];
76	u32 max_single_vcb_length;
77	u32 total_vcb_length;
78	u32 max_single_vcxb_length;
79	u32 total_vcxb_length;
80	u8 pad_0x60[`32`];
81	} __packed __aligned(`8`);
82
83	/ Verification Certificate Entry (VCE) Header. /
84	struct vce_header {
85	u32 vce_length;
86	u8 flags;
87	u8 key_type;
88	u16 vc_index;
89	u8 vc_name[VC_NAME_LEN_BYTES]; / EBCDIC /
90	u8 vc_format;
91	u8 pad_0x49;
92	u16 key_id_length;
93	u8 pad_0x4c;
94	u8 vc_hash_type;
95	u16 vc_hash_length;
96	u8 pad_0x50[`4`];
97	u32 vc_length;
98	u8 pad_0x58[`8`];
99	u16 vc_hash_offset;
100	u16 vc_offset;
101	u8 pad_0x64[`28`];
102	} __packed __aligned(`4`);
103
104	/ Verification Certificate Block (VCB) Header. /
105	struct vcb_header {
106	u32 vcb_input_length;
107	u8 pad_0x04[`4`];
108	u16 first_vc_index;
109	u16 last_vc_index;
110	u32 pad_0x0c;
111	u32 cs_token;
112	u8 pad_0x14[`12`];
113	u32 vcb_output_length;
114	u8 pad_0x24[`3`];
115	u8 version;
116	u16 stored_vc_count;
117	u16 remaining_vc_count;
118	u8 pad_0x2c[`20`];
119	} __packed __aligned(`4`);
120
121	/ Verification Certificate Block (VCB). /
122	struct vcb {
123	struct vcb_header vcb_hdr;
124	u8 vcb_buf[];
125	} __packed __aligned(`4`);
126
127	/ Verification Certificate Entry (VCE). /
128	struct vce {
129	struct vce_header vce_hdr;
130	u8 cert_data_buf[];
131	} __packed __aligned(`4`);
132
133	static void cert_store_key_describe(const struct key key, struct* seq_file *m)
134	{
135	char ascii[VC_NAME_LEN_BYTES + `1`];
136
137	/*
138	* First 64 bytes of the key description is key name in EBCDIC CP 500.
139	* Convert it to ASCII for displaying in /proc/keys.
140	*/
141	strscpy(ascii, key->description);
142	EBCASC_500(ascii, VC_NAME_LEN_BYTES);
143	seq_puts(m, s: ascii);
144
145	seq_puts(m, s: &key->description[VC_NAME_LEN_BYTES]);
146	if (key_is_positive(key))
147	seq_printf(m, fmt: ": %u", key->datalen);
148	}
149
150	/*
151	* Certificate store key type takes over properties of
152	* user key but cannot be updated.
153	*/
154	static struct key_type key_type_cert_store_key = {
155	.name = CERT_STORE_KEY_TYPE_NAME,
156	.preparse = user_preparse,
157	.free_preparse = user_free_preparse,
158	.instantiate = generic_key_instantiate,
159	.revoke = user_revoke,
160	.destroy = user_destroy,
161	.describe = cert_store_key_describe,
162	.read = user_read,
163	};
164
165	/ Logging functions. /
166	static void pr_dbf_vcb(const struct vcb *b)
167	{
168	pr_dbf_msg("VCB Header:");
169	pr_dbf_msg("vcb_input_length: %d", b->vcb_hdr.vcb_input_length);
170	pr_dbf_msg("first_vc_index: %d", b->vcb_hdr.first_vc_index);
171	pr_dbf_msg("last_vc_index: %d", b->vcb_hdr.last_vc_index);
172	pr_dbf_msg("cs_token: %d", b->vcb_hdr.cs_token);
173	pr_dbf_msg("vcb_output_length: %d", b->vcb_hdr.vcb_output_length);
174	pr_dbf_msg("version: %d", b->vcb_hdr.version);
175	pr_dbf_msg("stored_vc_count: %d", b->vcb_hdr.stored_vc_count);
176	pr_dbf_msg("remaining_vc_count: %d", b->vcb_hdr.remaining_vc_count);
177	}
178
179	static void pr_dbf_vce(const struct vce *e)
180	{
181	unsigned char vc_name[VC_NAME_LEN_BYTES + `1`];
182	char log_string[VC_NAME_LEN_BYTES + `40`];
183
184	pr_dbf_msg("VCE Header:");
185	pr_dbf_msg("vce_hdr.vce_length: %d", e->vce_hdr.vce_length);
186	pr_dbf_msg("vce_hdr.flags: %d", e->vce_hdr.flags);
187	pr_dbf_msg("vce_hdr.key_type: %d", e->vce_hdr.key_type);
188	pr_dbf_msg("vce_hdr.vc_index: %d", e->vce_hdr.vc_index);
189	pr_dbf_msg("vce_hdr.vc_format: %d", e->vce_hdr.vc_format);
190	pr_dbf_msg("vce_hdr.key_id_length: %d", e->vce_hdr.key_id_length);
191	pr_dbf_msg("vce_hdr.vc_hash_type: %d", e->vce_hdr.vc_hash_type);
192	pr_dbf_msg("vce_hdr.vc_hash_length: %d", e->vce_hdr.vc_hash_length);
193	pr_dbf_msg("vce_hdr.vc_hash_offset: %d", e->vce_hdr.vc_hash_offset);
194	pr_dbf_msg("vce_hdr.vc_length: %d", e->vce_hdr.vc_length);
195	pr_dbf_msg("vce_hdr.vc_offset: %d", e->vce_hdr.vc_offset);
196
197	/ Certificate name in ASCII. /
198	memcpy(vc_name, e->vce_hdr.vc_name, VC_NAME_LEN_BYTES);
199	EBCASC_500(vc_name, VC_NAME_LEN_BYTES);
200	vc_name[VC_NAME_LEN_BYTES] = `'\0'`;
201
202	snprintf(buf: log_string, size: sizeof(log_string),
203	fmt: "index: %d vce_hdr.vc_name (ASCII): %s",
204	e->vce_hdr.vc_index, vc_name);
205	debug_text_event(cert_store_hexdump, `3`, log_string);
206
207	/ Certificate data. /
208	debug_text_event(cert_store_hexdump, `3`, "VCE: Certificate data start");
209	debug_event(cert_store_hexdump, `3`, (u8 *)e->cert_data_buf, `128`);
210	debug_text_event(cert_store_hexdump, `3`, "VCE: Certificate data end");
211	debug_event(cert_store_hexdump, `3`,
212	(u8 *)e->cert_data_buf + e->vce_hdr.vce_length - `128`, `128`);
213	}
214
215	static void pr_dbf_vcssb(const struct vcssb *s)
216	{
217	debug_text_event(cert_store_hexdump, `3`, "DIAG320 Subcode1");
218	debug_event(cert_store_hexdump, `3`, (u8 *)s, VCSSB_LEN_BYTES);
219
220	pr_dbf_msg("VCSSB:");
221	pr_dbf_msg("vcssb_length: %u", s->vcssb_length);
222	pr_dbf_msg("version: %u", s->version);
223	pr_dbf_msg("cs_token: %u", s->cs_token);
224	pr_dbf_msg("total_vc_index_count: %u", s->total_vc_index_count);
225	pr_dbf_msg("max_vc_index_count: %u", s->max_vc_index_count);
226	pr_dbf_msg("max_vce_length: %u", s->max_vce_length);
227	pr_dbf_msg("max_vcxe_length: %u", s->max_vce_length);
228	pr_dbf_msg("max_single_vcb_length: %u", s->max_single_vcb_length);
229	pr_dbf_msg("total_vcb_length: %u", s->total_vcb_length);
230	pr_dbf_msg("max_single_vcxb_length: %u", s->max_single_vcxb_length);
231	pr_dbf_msg("total_vcxb_length: %u", s->total_vcxb_length);
232	}
233
234	static int __diag320(unsigned long subcode, void *addr)
235	{
236	union register_pair rp = { .even = (unsigned long)addr, };
237
238	asm_inline volatile(
239	" diag %[rp],%[subcode],0x320\n"
240	"0: nopr %%r7\n"
241	EX_TABLE(`0b`, `0b`)
242	: [rp] "+d" (rp.pair)
243	: [subcode] "d" (subcode)
244	: "cc", "memory");
245
246	return rp.odd;
247	}
248
249	static int diag320(unsigned long subcode, void *addr)
250	{
251	diag_stat_inc(DIAG_STAT_X320);
252
253	return __diag320(subcode, addr);
254	}
255
256	/*
257	* Calculate SHA256 hash of the VCE certificate and compare it to hash stored in
258	* VCE. Return -EINVAL if hashes don't match.
259	*/
260	static int check_certificate_hash(const struct vce *vce)
261	{
262	u8 hash[SHA256_DIGEST_SIZE];
263	u16 vc_hash_length;
264	u8 *vce_hash;
265
266	vce_hash = (u8 *)vce + vce->vce_hdr.vc_hash_offset;
267	vc_hash_length = vce->vce_hdr.vc_hash_length;
268	sha256(data: (u8 *)vce + vce->vce_hdr.vc_offset, len: vce->vce_hdr.vc_length, out: hash);
269	if (memcmp(p: vce_hash, q: hash, size: vc_hash_length) == `0`)
270	return `0`;
271
272	pr_dbf_msg("SHA256 hash of received certificate does not match");
273	debug_text_event(cert_store_hexdump, `3`, "VCE hash:");
274	debug_event(cert_store_hexdump, `3`, vce_hash, SHA256_DIGEST_SIZE);
275	debug_text_event(cert_store_hexdump, `3`, "Calculated hash:");
276	debug_event(cert_store_hexdump, `3`, hash, SHA256_DIGEST_SIZE);
277
278	return -EINVAL;
279	}
280
281	static int check_certificate_valid(const struct vce *vce)
282	{
283	if (!(vce->vce_hdr.flags & VCE_FLAGS_VALID_MASK)) {
284	pr_dbf_msg("Certificate entry is invalid");
285	return -EINVAL;
286	}
287	if (vce->vce_hdr.vc_format != `1`) {
288	pr_dbf_msg("Certificate format is not supported");
289	return -EINVAL;
290	}
291	if (vce->vce_hdr.vc_hash_type != `1`) {
292	pr_dbf_msg("Hash type is not supported");
293	return -EINVAL;
294	}
295
296	return check_certificate_hash(vce);
297	}
298
299	static struct key get_user_session_keyring(void*)
300	{
301	key_ref_t us_keyring_ref;
302
303	us_keyring_ref = lookup_user_key(KEY_SPEC_USER_SESSION_KEYRING,
304	flags: KEY_LOOKUP_CREATE, need_perm: KEY_NEED_LINK);
305	if (IS_ERR(ptr: us_keyring_ref)) {
306	pr_dbf_msg("Couldn't get user session keyring: %ld",
307	PTR_ERR(us_keyring_ref));
308	return ERR_PTR(error: -ENOKEY);
309	}
310	key_ref_put(key_ref: us_keyring_ref);
311	return key_ref_to_ptr(key_ref: us_keyring_ref);
312	}
313
314	/ Invalidate all keys from cert_store keyring. /
315	static int invalidate_keyring_keys(struct key *keyring)
316	{
317	unsigned long num_keys, key_index;
318	size_t keyring_payload_len;
319	key_serial_t *key_array;
320	struct key *current_key;
321	int rc;
322
323	keyring_payload_len = key_type_keyring.read(keyring, NULL, `0`);
324	num_keys = keyring_payload_len / sizeof(key_serial_t);
325	key_array = kcalloc(num_keys, sizeof(key_serial_t), GFP_KERNEL);
326	if (!key_array)
327	return -ENOMEM;
328
329	rc = key_type_keyring.read(keyring, (char *)key_array, keyring_payload_len);
330	if (rc != keyring_payload_len) {
331	pr_dbf_msg("Couldn't read keyring payload");
332	goto out;
333	}
334
335	for (key_index = `0`; key_index < num_keys; key_index++) {
336	current_key = key_lookup(id: key_array[key_index]);
337	pr_dbf_msg("Invalidating key %08x", current_key->serial);
338
339	key_invalidate(key: current_key);
340	key_put(key: current_key);
341	rc = key_unlink(keyring, key: current_key);
342	if (rc) {
343	pr_dbf_msg("Couldn't unlink key %08x: %d", current_key->serial, rc);
344	break;
345	}
346	}
347	out:
348	kfree(objp: key_array);
349	return rc;
350	}
351
352	static struct key find_cs_keyring(void*)
353	{
354	key_ref_t cs_keyring_ref;
355	struct key *cs_keyring;
356
357	cs_keyring_ref = keyring_search(keyring: make_key_ref(key: get_user_session_keyring(), possession: true),
358	type: &key_type_keyring, CERT_STORE_KEYRING_NAME,
359	recurse: false);
360	if (!IS_ERR(ptr: cs_keyring_ref)) {
361	cs_keyring = key_ref_to_ptr(key_ref: cs_keyring_ref);
362	key_ref_put(key_ref: cs_keyring_ref);
363	goto found;
364	}
365	/ Search default locations: thread, process, session keyrings /
366	cs_keyring = request_key(type: &key_type_keyring, CERT_STORE_KEYRING_NAME, NULL);
367	if (IS_ERR(ptr: cs_keyring))
368	return NULL;
369	key_put(key: cs_keyring);
370	found:
371	return cs_keyring;
372	}
373
374	static void cleanup_cs_keys(void)
375	{
376	struct key *cs_keyring;
377
378	cs_keyring = find_cs_keyring();
379	if (!cs_keyring)
380	return;
381
382	pr_dbf_msg("Found cert_store keyring. Purging...");
383	/*
384	* Remove cert_store_key_type in case invalidation
385	* of old cert_store keys failed (= severe error).
386	*/
387	if (invalidate_keyring_keys(keyring: cs_keyring))
388	unregister_key_type(ktype: &key_type_cert_store_key);
389
390	keyring_clear(keyring: cs_keyring);
391	key_invalidate(key: cs_keyring);
392	key_put(key: cs_keyring);
393	key_unlink(keyring: get_user_session_keyring(), key: cs_keyring);
394	}
395
396	static struct key create_cs_keyring(void*)
397	{
398	static struct key *cs_keyring;
399
400	/ Cleanup previous cs_keyring and all associated keys if any. /
401	cleanup_cs_keys();
402	cs_keyring = keyring_alloc(CERT_STORE_KEYRING_NAME, GLOBAL_ROOT_UID,
403	GLOBAL_ROOT_GID, current_cred(),
404	perm: (KEY_POS_ALL & ~KEY_POS_SETATTR) \| KEY_USR_VIEW \| KEY_USR_READ,
405	KEY_ALLOC_NOT_IN_QUOTA \| KEY_ALLOC_SET_KEEP,
406	NULL, dest: get_user_session_keyring());
407	if (IS_ERR(cs_keyring)) {
408	pr_dbf_msg("Can't allocate cert_store keyring");
409	return NULL;
410	}
411
412	pr_dbf_msg("Successfully allocated cert_store keyring: %08x", cs_keyring->serial);
413
414	/*
415	* In case a previous clean-up ran into an
416	* error and unregistered key type.
417	*/
418	register_key_type(&key_type_cert_store_key);
419
420	return cs_keyring;
421	}
422
423	/*
424	* Allocate memory and create key description in format
425	* [key name in EBCDIC]:[VCE index]:[CS token].
426	* Return a pointer to key description or NULL if memory
427	* allocation failed. Memory should be freed by caller.
428	*/
429	static char get_key_description(struct* vcssb vcssb, const* struct vce *vce)
430	{
431	size_t len, name_len;
432	u32 cs_token;
433	char *desc;
434
435	cs_token = vcssb->cs_token;
436	/ Description string contains "%64s:%05u:%010u\0". /
437	name_len = sizeof(vce->vce_hdr.vc_name);
438	len = name_len + `1` + `5` + `1` + `10` + `1`;
439	desc = kmalloc(len, GFP_KERNEL);
440	if (!desc)
441	return NULL;
442
443	memcpy(desc, vce->vce_hdr.vc_name, name_len);
444	snprintf(buf: desc + name_len, size: len - name_len, fmt: ":%05u:%010u",
445	vce->vce_hdr.vc_index, cs_token);
446
447	return desc;
448	}
449
450	/*
451	* Create a key of type "cert_store_key" using the data from VCE for key
452	* payload and key description. Link the key to "cert_store" keyring.
453	*/
454	static int create_key_from_vce(struct vcssb vcssb, struct* vce *vce,
455	struct key *keyring)
456	{
457	key_ref_t newkey;
458	char *desc;
459	int rc;
460
461	desc = get_key_description(vcssb, vce);
462	if (!desc)
463	return -ENOMEM;
464
465	newkey = key_create_or_update(
466	keyring: make_key_ref(key: keyring, possession: true), CERT_STORE_KEY_TYPE_NAME,
467	description: desc, payload: (u8 *)vce + vce->vce_hdr.vc_offset,
468	plen: vce->vce_hdr.vc_length,
469	perm: (KEY_POS_ALL & ~KEY_POS_SETATTR) \| KEY_USR_VIEW \| KEY_USR_READ,
470	KEY_ALLOC_NOT_IN_QUOTA);
471
472	rc = PTR_ERR_OR_ZERO(ptr: newkey);
473	if (rc) {
474	pr_dbf_msg("Couldn't create a key from Certificate Entry (%d)", rc);
475	rc = -ENOKEY;
476	goto out;
477	}
478
479	key_ref_put(key_ref: newkey);
480	out:
481	kfree(objp: desc);
482	return rc;
483	}
484
485	/ Get Verification Certificate Storage Size block with DIAG320 subcode2. /
486	static int get_vcssb(struct vcssb *vcssb)
487	{
488	int diag320_rc;
489
490	memset(vcssb, `0`, sizeof(*vcssb));
491	vcssb->vcssb_length = VCSSB_LEN_BYTES;
492	diag320_rc = diag320(subcode: DIAG320_STORAGE, addr: vcssb);
493	pr_dbf_vcssb(s: vcssb);
494
495	if (diag320_rc != DIAG320_RC_OK) {
496	pr_dbf_msg("Diag 320 Subcode 1 returned bad RC: %04x", diag320_rc);
497	return -EIO;
498	}
499	if (vcssb->vcssb_length == VCSSB_LEN_NO_CERTS) {
500	pr_dbf_msg("No certificates available for current configuration");
501	return -ENOKEY;
502	}
503
504	return `0`;
505	}
506
507	static u32 get_4k_mult_vcb_size(struct vcssb *vcssb)
508	{
509	return round_up(vcssb->max_single_vcb_length, PAGE_SIZE);
510	}
511
512	/ Fill input fields of single-entry VCB that will be read by LPAR. /
513	static void fill_vcb_input(struct vcssb vcssb, struct* vcb *vcb, u16 index)
514	{
515	memset(vcb, `0`, sizeof(*vcb));
516	vcb->vcb_hdr.vcb_input_length = get_4k_mult_vcb_size(vcssb);
517	vcb->vcb_hdr.cs_token = vcssb->cs_token;
518
519	/ Request single entry. /
520	vcb->vcb_hdr.first_vc_index = index;
521	vcb->vcb_hdr.last_vc_index = index;
522	}
523
524	static void extract_vce_from_sevcb(struct vcb vcb, struct* vce *vce)
525	{
526	struct vce *extracted_vce;
527
528	extracted_vce = (struct vce *)vcb->vcb_buf;
529	memcpy(vce, vcb->vcb_buf, extracted_vce->vce_hdr.vce_length);
530	pr_dbf_vce(e: vce);
531	}
532
533	static int get_sevcb(struct vcssb vcssb, u16 index, struct* vcb *vcb)
534	{
535	int rc, diag320_rc;
536
537	fill_vcb_input(vcssb, vcb, index);
538
539	diag320_rc = diag320(subcode: DIAG320_CERT_BLOCK, addr: vcb);
540	pr_dbf_msg("Diag 320 Subcode2 RC %2x", diag320_rc);
541	pr_dbf_vcb(b: vcb);
542
543	switch (diag320_rc) {
544	case DIAG320_RC_OK:
545	rc = `0`;
546	if (vcb->vcb_hdr.vcb_output_length == VCB_LEN_NO_CERTS) {
547	pr_dbf_msg("No certificate entry for index %u", index);
548	rc = -ENOKEY;
549	} else if (vcb->vcb_hdr.remaining_vc_count != `0`) {
550	/ Retry on insufficient space. /
551	pr_dbf_msg("Couldn't get all requested certificates");
552	rc = -EAGAIN;
553	}
554	break;
555	case DIAG320_RC_CS_NOMATCH:
556	pr_dbf_msg("Certificate Store token mismatch");
557	rc = -EAGAIN;
558	break;
559	default:
560	pr_dbf_msg("Diag 320 Subcode2 returned bad rc (0x%4x)", diag320_rc);
561	rc = -EINVAL;
562	break;
563	}
564
565	return rc;
566	}
567
568	/*
569	* Allocate memory for single-entry VCB, get VCB via DIAG320 subcode 2 call,
570	* extract VCE and create a key from its' certificate.
571	*/
572	static int create_key_from_sevcb(struct vcssb *vcssb, u16 index,
573	struct key *keyring)
574	{
575	struct vcb *vcb;
576	struct vce *vce;
577	int rc;
578
579	rc = -ENOMEM;
580	vcb = vmalloc(get_4k_mult_vcb_size(vcssb));
581	vce = vmalloc(vcssb->max_single_vcb_length - sizeof(vcb->vcb_hdr));
582	if (!vcb \|\| !vce)
583	goto out;
584
585	rc = get_sevcb(vcssb, index, vcb);
586	if (rc)
587	goto out;
588
589	extract_vce_from_sevcb(vcb, vce);
590	rc = check_certificate_valid(vce);
591	if (rc)
592	goto out;
593
594	rc = create_key_from_vce(vcssb, vce, keyring);
595	if (rc)
596	goto out;
597
598	pr_dbf_msg("Successfully created key from Certificate Entry %d", index);
599	out:
600	vfree(addr: vce);
601	vfree(addr: vcb);
602	return rc;
603	}
604
605	/*
606	* Request a single-entry VCB for each VCE available for the partition.
607	* Create a key from it and link it to cert_store keyring. If no keys
608	* could be created (i.e. VCEs were invalid) return -ENOKEY.
609	*/
610	static int add_certificates_to_keyring(struct vcssb vcssb, struct* key *keyring)
611	{
612	int rc, index, count, added;
613
614	count = `0`;
615	added = `0`;
616	/ Certificate Store entries indices start with 1 and have no gaps. /
617	for (index = `1`; index < vcssb->total_vc_index_count + `1`; index++) {
618	pr_dbf_msg("Creating key from VCE %u", index);
619	rc = create_key_from_sevcb(vcssb, index, keyring);
620	count++;
621
622	if (rc == -EAGAIN)
623	return rc;
624
625	if (rc)
626	pr_dbf_msg("Creating key from VCE %u failed (%d)", index, rc);
627	else
628	added++;
629	}
630
631	if (added == `0`) {
632	pr_dbf_msg("Processed %d entries. No keys created", count);
633	return -ENOKEY;
634	}
635
636	pr_info("Added %d of %d keys to cert_store keyring", added, count);
637
638	/*
639	* Do not allow to link more keys to certificate store keyring after all
640	* the VCEs were processed.
641	*/
642	rc = keyring_restrict(keyring: make_key_ref(key: keyring, possession: true), NULL, NULL);
643	if (rc)
644	pr_dbf_msg("Failed to set restriction to cert_store keyring (%d)", rc);
645
646	return `0`;
647	}
648
649	/*
650	* Check which DIAG320 subcodes are installed.
651	* Return -ENOENT if subcodes 1 or 2 are not available.
652	*/
653	static int query_diag320_subcodes(void)
654	{
655	unsigned long ism[ISM_LEN_DWORDS];
656	int rc;
657
658	rc = diag320(subcode: `0`, addr: ism);
659	if (rc != DIAG320_RC_OK) {
660	pr_dbf_msg("DIAG320 subcode query returned %04x", rc);
661	return -ENOENT;
662	}
663
664	debug_text_event(cert_store_hexdump, `3`, "DIAG320 Subcode 0");
665	debug_event(cert_store_hexdump, `3`, ism, sizeof(ism));
666
667	if (!test_bit_inv(`1`, ism) \|\| !test_bit_inv(`2`, ism)) {
668	pr_dbf_msg("Not all required DIAG320 subcodes are installed");
669	return -ENOENT;
670	}
671
672	return `0`;
673	}
674
675	/*
676	* Check if Certificate Store is supported by the firmware and DIAG320 subcodes
677	* 1 and 2 are installed. Create cert_store keyring and link all certificates
678	* available for the current partition to it as "cert_store_key" type
679	* keys. On refresh or error invalidate cert_store keyring and destroy
680	* all keys of "cert_store_key" type.
681	*/
682	static int fill_cs_keyring(void)
683	{
684	struct key *cs_keyring;
685	struct vcssb *vcssb;
686	int rc;
687
688	rc = -ENOMEM;
689	vcssb = kmalloc(VCSSB_LEN_BYTES, GFP_KERNEL);
690	if (!vcssb)
691	goto cleanup_keys;
692
693	rc = -ENOENT;
694	if (!sclp.has_diag320) {
695	pr_dbf_msg("Certificate Store is not supported");
696	goto cleanup_keys;
697	}
698
699	rc = query_diag320_subcodes();
700	if (rc)
701	goto cleanup_keys;
702
703	rc = get_vcssb(vcssb);
704	if (rc)
705	goto cleanup_keys;
706
707	rc = -ENOMEM;
708	cs_keyring = create_cs_keyring();
709	if (!cs_keyring)
710	goto cleanup_keys;
711
712	rc = add_certificates_to_keyring(vcssb, keyring: cs_keyring);
713	if (rc)
714	goto cleanup_cs_keyring;
715
716	goto out;
717
718	cleanup_cs_keyring:
719	key_put(key: cs_keyring);
720	cleanup_keys:
721	cleanup_cs_keys();
722	out:
723	kfree(objp: vcssb);
724	return rc;
725	}
726
727	static DEFINE_MUTEX(cs_refresh_lock);
728	static int cs_status_val = -`1`;
729
730	static ssize_t cs_status_show(struct kobject *kobj,
731	struct kobj_attribute attr, char* *buf)
732	{
733	if (cs_status_val == -`1`)
734	return sysfs_emit(buf, fmt: "uninitialized\n");
735	else if (cs_status_val == `0`)
736	return sysfs_emit(buf, fmt: "ok\n");
737
738	return sysfs_emit(buf, fmt: "failed (%d)\n", cs_status_val);
739	}
740
741	static struct kobj_attribute cs_status_attr = __ATTR_RO(cs_status);
742
743	static ssize_t refresh_store(struct kobject kobj, struct* kobj_attribute *attr,
744	const char *buf, size_t count)
745	{
746	int rc, retries;
747
748	pr_dbf_msg("Refresh certificate store information requested");
749	rc = mutex_lock_interruptible(&cs_refresh_lock);
750	if (rc)
751	return rc;
752
753	for (retries = `0`; retries < DIAG_MAX_RETRIES; retries++) {
754	/ Request certificates from certificate store. /
755	rc = fill_cs_keyring();
756	if (rc)
757	pr_dbf_msg("Failed to refresh certificate store information (%d)", rc);
758	if (rc != -EAGAIN)
759	break;
760	}
761	cs_status_val = rc;
762	mutex_unlock(lock: &cs_refresh_lock);
763
764	return rc ?: count;
765	}
766
767	static struct kobj_attribute refresh_attr = __ATTR_WO(refresh);
768
769	static const struct attribute *cert_store_attrs[] __initconst = {
770	&cs_status_attr.attr,
771	&refresh_attr.attr,
772	NULL,
773	};
774
775	static struct kobject *cert_store_kobj;
776
777	static int __init cert_store_init(void)
778	{
779	int rc = -ENOMEM;
780
781	cert_store_dbf = debug_register("cert_store_msg", `10`, `1`, `64`);
782	if (!cert_store_dbf)
783	goto cleanup_dbf;
784
785	cert_store_hexdump = debug_register("cert_store_hexdump", `3`, `1`, `128`);
786	if (!cert_store_hexdump)
787	goto cleanup_dbf;
788
789	debug_register_view(cert_store_hexdump, &debug_hex_ascii_view);
790	debug_register_view(cert_store_dbf, &debug_sprintf_view);
791
792	/ Create directory /sys/firmware/cert_store. /
793	cert_store_kobj = kobject_create_and_add(name: "cert_store", parent: firmware_kobj);
794	if (!cert_store_kobj)
795	goto cleanup_dbf;
796
797	rc = sysfs_create_files(kobj: cert_store_kobj, attr: cert_store_attrs);
798	if (rc)
799	goto cleanup_kobj;
800
801	register_key_type(ktype: &key_type_cert_store_key);
802
803	return rc;
804
805	cleanup_kobj:
806	kobject_put(kobj: cert_store_kobj);
807	cleanup_dbf:
808	debug_unregister(cert_store_dbf);
809	debug_unregister(cert_store_hexdump);
810
811	return rc;
812	}
813	device_initcall(cert_store_init);
814

source code of linux/arch/s390/kernel/cert_store.c