kernel/drivers/s390/crypto/zcrypt_error.h, branch linux-5.1.y

s390/zcrypt: improve special ap message cmd handling

2018-11-30T06:22:05Z

There exist very few ap messages which need to have the 'special' flag enabled. This flag tells the firmware layer to do some pre- and maybe postprocessing. However, it may happen that this special flag is enabled but the firmware is unable to deal with this kind of message and thus returns with reply code 0x41. For example older firmware may not know the newest messages triggered by the zcrypt device driver and thus react with reject and the named reply code. Unfortunately this reply code is not known to the zcrypt error routines and thus default behavior is to switch the ap queue offline. This patch now makes the ap error routine aware of the reply code and so userspace is informed about the bad processing result but the queue is not switched to offline state any more. Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390/zcrypt: provide apfs failure code on type 86 error reply

2018-10-09T09:21:36Z

The apfs field (AP final status) is set on transport protocol failures (reply code 0x90) for type 86 replies. For CCA cprbs this value is copied into the xcrb status field which gives userspace a hint for the failure reason. However, for EP11 cprbs there is no such status field in the xcrb struct. So now regardless of the request type, if a reply type 86 with transport protocol failure is seen, the apfs value is printed as part of the debug message. So the user has a chance to see the apfs value without using a special build kernel. Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390/zcrypt: zcrypt device driver cleanup

2018-10-09T09:21:35Z

Some cleanup in the s390 zcrypt device driver: - Removed fragments of pcixx crypto card code. This code can't be reached anymore because the hardware detection function does not recognize crypto cards < CEX2 since commit f56545430736 ("s390/zcrypt: Introduce QACT support for AP bus devices.") - Rename of some files and driver names which where still reflecting pcixx support to cex2a/cex2c. - Removed all the zcrypt version strings in the file headers. There is only one place left - the zcrypt.h header file is now the only place for zcrypt device driver version info. - Zcrypt version pump up from 2.2.0 to 2.2.1. Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390/zcrypt: code beautify

2018-08-20T14:02:11Z

Code beautify by following most of the checkpatch suggestions: - SPDX license identifier line complains by checkpatch - missing space or newline complains by checkpatch - octal numbers for permssions complains by checkpatch - renaming of static sysfs functions complains by checkpatch - fix of block comment complains by checkpatch - fix printf like calls where function name instead of %s __func__ was used - __packed instead of __attribute__((packed)) - init to zero for static variables removed - use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros No functional code changes or API changes! Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390: crypto: Remove redundant license text

2017-11-24T13:28:46Z

Now that the SPDX tag is in all drivers/s390/crypto/ files, that identifies the license in a specific and legally-defined manner. So the extra GPL text wording can be removed as it is no longer needed at all. This is done on a quest to remove the 700+ different ways that files in the kernel describe the GPL license text. And there's unneeded stuff like the address (sometimes incorrect) for the FSF which is never needed. No copyright headers or other non-license-description text was removed. Cc: Harald Freudenberger Cc: Martin Schwidefsky Cc: Heiko Carstens Cc: "Paul E. McKenney" Signed-off-by: Greg Kroah-Hartman Signed-off-by: Heiko Carstens Signed-off-by: Martin Schwidefsky

s390: crypto: add SPDX identifiers to the remaining files

2017-11-24T13:28:39Z

It's good to have SPDX identifiers in all files to make it easier to audit the kernel tree for correct licenses. Update the drivers/s390/crypto/ files with the correct SPDX license identifier based on the license text in the file itself. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. This work is based on a script and data from Thomas Gleixner, Philippe Ombredanne, and Kate Stewart. Cc: Harald Freudenberger Cc: Martin Schwidefsky Cc: Heiko Carstens Cc: Thomas Gleixner Cc: Kate Stewart Cc: Philippe Ombredanne Signed-off-by: Greg Kroah-Hartman Signed-off-by: Heiko Carstens Signed-off-by: Martin Schwidefsky

s390/zcrypt: Rework debug feature invocations.

2016-12-14T15:33:39Z

Rework the debug feature calls and initialization. There are now two debug feature entries used by the zcrypt code. The first is 'ap' with all the AP bus related stuff and the second is 'zcrypt' with all the zcrypt and devices and driver related entries. However, there isn't much traffic on both debug features. The ap bus code emits only some debug info and for zcrypt devices on appearance and disappearance there is an entry written. The new dbf invocations use the sprintf buffer layout, whereas the old implementation used the ascii dbf buffer. There are now 5*8=40 bytes used for each entry, resulting in 5 parameters per call. As the sprintf buffer needs a format string the first parameter provides this and so up to 4 more parameters can be used. Alltogehter the new layout should be much more human readable for customers and test. Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390/zcrypt: Improved invalid domain response handling.

2016-12-14T15:33:39Z

Add defines and switch case code to handle the two invalid domain response codes better. Until now these two response codes are handled via default resulting in -EAGAIN and switching the processed queue to offline. So this kind of malformed request bounced through all suitable queues and switched them off. Now this kind of malformed request is just rejected with EINVAL without switching off the queue. Signed-off-by: Harald Freudenberger Signed-off-by: Martin Schwidefsky

s390/zcrypt: add multi domain support

2016-12-14T15:33:38Z

Currently the ap infrastructure only supports one domain at a time. This feature extends the generic cryptographic device driver to support multiple cryptographic domains simultaneously. There are now card and queue devices on the AP bus with independent card and queue drivers. The new /sys layout is as follows: /sys/bus/ap devices . -> ../../../devices/ap/card/. ... card -> ../../../devices/ap/card ... drivers card card -> ../../../../devices/ap/card queue . -> ../../../../devices/ap/card/. ... /sys/devices/ap card . driver -> ../../../../bus/ap/drivers/queue ... driver -> ../../../bus/ap/drivers/card ... The two digit field is the card number, the four digit field is the queue number and is the name of the device driver, e.g. "cex4". For compatability /sys/bus/ap/card for the old layout has to exist, including the attributes that used to reside there. With additional contributions from Harald Freudenberger and Martin Schwidefsky. Signed-off-by: Ingo Tuchscherer Signed-off-by: Martin Schwidefsky

s390/zcrypt: Fix cryptographic device id in kernel messages

2016-01-26T11:46:58Z

Currently, on card response failures a combination of card domain and domain id is recorded in the kernel messages. According to the message description only the card id will be recorded. The domain id is not relevant, since the whole card including all domains is set offline. Signed-off-by: Ingo Tuchscherer Signed-off-by: Martin Schwidefsky