mirror of
https://github.com/torvalds/linux.git
synced 2024-11-21 19:46:16 +00:00
73dfc79c6b
This new pkey handler module supports the conversion of Ultravisor retrievable secrets to protected keys. The new module pkey-uv.ko is able to retrieve and verify protected keys backed up by the Ultravisor layer which is only available within protected execution environment. The module is only automatically loaded if there is the UV CPU feature flagged as available. Additionally on module init there is a check for protected execution environment and for UV supporting retrievable secrets. Also if the kernel is not running as a protected execution guest, the module unloads itself with errno ENODEV. The pkey UV module currently supports these Ultravisor secrets and is able to retrieve a protected key for these UV secret types: - UV_SECRET_AES_128 - UV_SECRET_AES_192 - UV_SECRET_AES_256 - UV_SECRET_AES_XTS_128 - UV_SECRET_AES_XTS_256 - UV_SECRET_HMAC_SHA_256 - UV_SECRET_HMAC_SHA_512 - UV_SECRET_ECDSA_P256 - UV_SECRET_ECDSA_P384 - UV_SECRET_ECDSA_P521 - UV_SECRET_ECDSA_ED25519 - UV_SECRET_ECDSA_ED448 Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Reviewed-by: Holger Dengler <dengler@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
39 lines
1.0 KiB
Makefile
39 lines
1.0 KiB
Makefile
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# S/390 crypto devices
|
|
#
|
|
|
|
ap-objs := ap_bus.o ap_card.o ap_queue.o
|
|
obj-$(CONFIG_AP) += ap.o
|
|
# zcrypt_api.o and zcrypt_msgtype*.o depend on ap.o
|
|
zcrypt-objs := zcrypt_api.o zcrypt_card.o zcrypt_queue.o
|
|
zcrypt-objs += zcrypt_msgtype6.o zcrypt_msgtype50.o
|
|
zcrypt-objs += zcrypt_ccamisc.o zcrypt_ep11misc.o
|
|
obj-$(CONFIG_ZCRYPT) += zcrypt.o
|
|
# adapter drivers depend on ap.o and zcrypt.o
|
|
obj-$(CONFIG_ZCRYPT) += zcrypt_cex4.o
|
|
|
|
# pkey base and api module
|
|
pkey-objs := pkey_base.o pkey_api.o pkey_sysfs.o
|
|
obj-$(CONFIG_PKEY) += pkey.o
|
|
|
|
# pkey cca handler module
|
|
pkey-cca-objs := pkey_cca.o
|
|
obj-$(CONFIG_PKEY_CCA) += pkey-cca.o
|
|
|
|
# pkey ep11 handler module
|
|
pkey-ep11-objs := pkey_ep11.o
|
|
obj-$(CONFIG_PKEY_EP11) += pkey-ep11.o
|
|
|
|
# pkey pckmo handler module
|
|
pkey-pckmo-objs := pkey_pckmo.o
|
|
obj-$(CONFIG_PKEY_PCKMO) += pkey-pckmo.o
|
|
|
|
# pkey uv handler module
|
|
pkey-uv-objs := pkey_uv.o
|
|
obj-$(CONFIG_PKEY_UV) += pkey-uv.o
|
|
|
|
# adjunct processor matrix
|
|
vfio_ap-objs := vfio_ap_drv.o vfio_ap_ops.o
|
|
obj-$(CONFIG_VFIO_AP) += vfio_ap.o
|