linux/drivers/s390/crypto
Harald Freudenberger 73dfc79c6b s390/pkey: Add new pkey handler module pkey-uv
This new pkey handler module supports the conversion of
Ultravisor retrievable secrets to protected keys.
The new module pkey-uv.ko is able to retrieve and verify
protected keys backed up by the Ultravisor layer which is
only available within protected execution environment.

The module is only automatically loaded if there is the
UV CPU feature flagged as available. Additionally on module
init there is a check for protected execution environment
and for UV supporting retrievable secrets. Also if the kernel
is not running as a protected execution guest, the module
unloads itself with errno ENODEV.

The pkey UV module currently supports these Ultravisor
secrets and is able to retrieve a protected key for these
UV secret types:
  - UV_SECRET_AES_128
  - UV_SECRET_AES_192
  - UV_SECRET_AES_256
  - UV_SECRET_AES_XTS_128
  - UV_SECRET_AES_XTS_256
  - UV_SECRET_HMAC_SHA_256
  - UV_SECRET_HMAC_SHA_512
  - UV_SECRET_ECDSA_P256
  - UV_SECRET_ECDSA_P384
  - UV_SECRET_ECDSA_P521
  - UV_SECRET_ECDSA_ED25519
  - UV_SECRET_ECDSA_ED448

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
2024-10-29 11:17:18 +01:00
..
ap_bus.c s390 updates for 6.12 merge window 2024-09-21 09:02:54 -07:00
ap_bus.h driver core: have match() callback in struct bus_type take a const * 2024-07-03 15:16:54 +02:00
ap_card.c s390/ap: store TAPQ hwinfo in struct ap_card 2023-11-30 16:24:23 +01:00
ap_debug.h s390/zcrypt: introduce dynamic debugging for AP and zcrypt code 2024-02-16 14:30:12 +01:00
ap_queue.c s390/ap_queue: Cleanup debug code 2024-08-21 16:17:00 +02:00
Makefile s390/pkey: Add new pkey handler module pkey-uv 2024-10-29 11:17:18 +01:00
pkey_api.c [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
pkey_base.c s390/pkey: Add new pkey handler module pkey-uv 2024-10-29 11:17:18 +01:00
pkey_base.h s390/pkey: Simplify protected key length calculation code 2024-10-29 11:17:17 +01:00
pkey_cca.c s390/zcrypt: Cleanup include zcrypt_api.h 2024-10-29 11:17:17 +01:00
pkey_ep11.c s390/zcrypt: Cleanup include zcrypt_api.h 2024-10-29 11:17:17 +01:00
pkey_pckmo.c s390/pkey: Rework pkey verify for protected keys 2024-10-29 11:17:17 +01:00
pkey_sysfs.c s390/zcrypt: Cleanup include zcrypt_api.h 2024-10-29 11:17:17 +01:00
pkey_uv.c s390/pkey: Add new pkey handler module pkey-uv 2024-10-29 11:17:18 +01:00
vfio_ap_debug.h s390-vfio-ap: introduces s390 kernel debug feature for vfio_ap device driver 2022-02-06 23:31:29 +01:00
vfio_ap_drv.c s390/vfio-ap: Driver feature advertisement 2024-09-23 17:57:04 +02:00
vfio_ap_ops.c s390/vfio-ap: Switch over to sysfs_emit() 2024-10-25 16:03:26 +02:00
vfio_ap_private.h s390/vfio-ap: Add write support to sysfs attr ap_config 2024-04-22 12:49:17 +02:00
zcrypt_api.c [tree-wide] finally take no_llseek out 2024-09-27 08:18:43 -07:00
zcrypt_api.h s390/zcrypt: improve zcrypt retry behavior 2024-03-07 14:41:15 +01:00
zcrypt_card.c s390/zcrypt: don't report online if card or queue is in check-stop state 2023-11-05 22:34:57 +01:00
zcrypt_cca_key.h s390/zcrypt: rework arrays with length zero occurrences 2023-04-19 16:47:31 +02:00
zcrypt_ccamisc.c s390/pkey: Rework and split PKEY kernel module code 2024-08-29 22:56:33 +02:00
zcrypt_ccamisc.h s390/zcrypt: Cleanup include zcrypt_api.h 2024-10-29 11:17:17 +01:00
zcrypt_cex2a.c s390/zcrypt: remove CEX2 and CEX3 device drivers 2023-07-24 12:12:22 +02:00
zcrypt_cex2a.h s390/zcrypt: remove CEX2 and CEX3 device drivers 2023-07-24 12:12:22 +02:00
zcrypt_cex2c.c s390/zcrypt: remove CEX2 and CEX3 device drivers 2023-07-24 12:12:22 +02:00
zcrypt_cex2c.h s390/zcrypt: remove CEX2 and CEX3 device drivers 2023-07-24 12:12:22 +02:00
zcrypt_cex4.c s390/ap: store TAPQ hwinfo in struct ap_card 2023-11-30 16:24:23 +01:00
zcrypt_cex4.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
zcrypt_debug.h s390/zcrypt: introduce dynamic debugging for AP and zcrypt code 2024-02-16 14:30:12 +01:00
zcrypt_ep11misc.c s390/pkey: Rework and split PKEY kernel module code 2024-08-29 22:56:33 +02:00
zcrypt_ep11misc.h s390/pkey: Rework and split PKEY kernel module code 2024-08-29 22:56:33 +02:00
zcrypt_error.h s390/zcrypt: improve zcrypt retry behavior 2024-03-07 14:41:15 +01:00
zcrypt_msgtype6.c s390/zcrypt_msgtype6: Cleanup debug code 2024-08-21 16:17:01 +02:00
zcrypt_msgtype6.h s390/zcrypt: code cleanup 2022-04-25 13:54:14 +02:00
zcrypt_msgtype50.c s390/zcrypt_msgtype50: Cleanup debug code 2024-08-21 16:17:01 +02:00
zcrypt_msgtype50.h s390/zcrypt: remove CEX2 and CEX3 device drivers 2023-07-24 12:12:22 +02:00
zcrypt_queue.c s390/zcrypt: don't report online if card or queue is in check-stop state 2023-11-05 22:34:57 +01:00