commit d6ba9ff61743ce869a5a677f6f77339642efef4b
Author: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Tue Sep 24 14:35:59 2019 +0200
EP11: Support tolerated new crypto cards
With just toleration support of new crypt cards, new crypto
cards are reported as the last known crypto card version.
E.g. a CEX7 card is reported as CEX6, when CEX6 is the last
known crypto card version.
The EP11 token checks the card versions and needs to distinguish
tolerated cards from supported cards. New (tolerated) crypto cards
may have different API and firmware versions, and thus need to be
handled differently.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
diff --git a/usr/lib/ep11_stdll/ep11_specific.c b/usr/lib/ep11_stdll/ep11_specific.c
index e22dad5d..a65accea 100644
--- a/usr/lib/ep11_stdll/ep11_specific.c
+++ b/usr/lib/ep11_stdll/ep11_specific.c
@@ -8253,6 +8253,7 @@ static CK_RV get_card_type(uint_32 adapter, CK_ULONG *type)
char fname[PATH_MAX];
char buf[250];
CK_RV rc;
+ CK_ULONG hwtype, rawtype;
sprintf(fname, "%scard%02x/type", SYSFS_DEVICES_AP, adapter);
rc = file_fgets(fname, buf, sizeof(buf));
@@ -8260,6 +8261,28 @@ static CK_RV get_card_type(uint_32 adapter, CK_ULONG *type)
return rc;
if (sscanf(buf, "CEX%luP", type) != 1)
return CKR_FUNCTION_FAILED;
+
+ sprintf(fname, "%scard%02x/hwtype", SYSFS_DEVICES_AP, adapter);
+ rc = file_fgets(fname, buf, sizeof(buf));
+ if (rc != CKR_OK)
+ return rc;
+ if (sscanf(buf, "%lu", &hwtype) != 1)
+ return CKR_FUNCTION_FAILED;
+
+ sprintf(fname, "%scard%02x/raw_hwtype", SYSFS_DEVICES_AP, adapter);
+ rc = file_fgets(fname, buf, sizeof(buf));
+ if (rc != CKR_OK)
+ return rc;
+ if (sscanf(buf, "%lu", &rawtype) != 1)
+ return CKR_FUNCTION_FAILED;
+
+ if (rawtype > hwtype) {
+ TRACE_DEVEL("%s adapter: %u hwtype: %lu raw_hwtype: %lu\n",
+ __func__, adapter, hwtype, rawtype);
+ /* Tolerated new card level: report calculated type */
+ *type += (rawtype - hwtype);
+ }
+
return CKR_OK;
}