drivers/s390/crypto/zcrypt_ep11misc.h

Source file repositories/reference/linux-study-clean/drivers/s390/crypto/zcrypt_ep11misc.h

File Facts

System
Linux kernel
Corpus path
drivers/s390/crypto/zcrypt_ep11misc.h
Extension
.h
Size
5702 bytes
Lines
159
Domain
Driver Families
Bucket
drivers/s390
Inferred role
Driver Families: implementation source
Status
source implementation candidate

Why This File Exists

Repeatable hardware-adapter layer. Deep compatibility for every driver is out of scope; this atlas records patterns, probe lifecycles, bus glue, IRQ/DMA usage, and links back to core abstractions.

Dependency Surface

Detected Declarations

Annotated Snippet

struct ep11keyblob {
	union {
		u8 session[32];
		/* only used for PKEY_TYPE_EP11: */
		struct ep11kblob_header head;
	};
	u8  wkvp[16];  /* wrapping key verification pattern */
	u64 attr;      /* boolean key attributes */
	u64 mode;      /* mode bits */
	u16 version;   /* 0x1234, EP11_STRUCT_MAGIC */
	u8  iv[14];
	u8  encrypted_key_data[144];
	u8  mac[32];
} __packed;

/* check ep11 key magic to find out if this is an ep11 key blob */
static inline bool is_ep11_keyblob(const u8 *key)
{
	struct ep11keyblob *kb = (struct ep11keyblob *)key;

	return (kb->version == EP11_STRUCT_MAGIC);
}

/*
 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification
 * pattern. Otherwise NULL.
 */
const u8 *ep11_kb_wkvp(const u8 *kblob, u32 kbloblen);

/*
 * Simple check if the key blob is a valid EP11 AES key blob with header.
 * If checkcpacfexport is enabled, the key is also checked for the
 * attributes needed to export this key for CPACF use.
 * Returns 0 on success or errno value on failure.
 */
int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl,
				const u8 *key, u32 keylen, int checkcpacfexp);

/*
 * Simple check if the key blob is a valid EP11 ECC key blob with header.
 * If checkcpacfexport is enabled, the key is also checked for the
 * attributes needed to export this key for CPACF use.
 * Returns 0 on success or errno value on failure.
 */
int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl,
				const u8 *key, u32 keylen, int checkcpacfexp);

/*
 * Simple check if the key blob is a valid EP11 AES key blob with
 * the header in the session field (old style EP11 AES key).
 * If checkcpacfexport is enabled, the key is also checked for the
 * attributes needed to export this key for CPACF use.
 * Returns 0 on success or errno value on failure.
 */
int ep11_check_aes_key(debug_info_t *dbg, int dbflvl,
		       const u8 *key, u32 keylen, int checkcpacfexp);

/* EP11 card info struct */
struct ep11_card_info {
	u64  op_mode;	    /* card operational mode(s) */
	char serial[16];    /* serial number string (16 ascii, no 0x00 !) */
	u32  API_ord_nr;    /* API ordinal number */
	u16  FW_version;    /* Firmware major and minor version */
};

/* EP11 domain info struct */
struct ep11_domain_info {
	u64  op_mode;	    /* domain operational mode(s) */
	u8   cur_wkvp[32];  /* current wrapping key verification pattern */
	u8   new_wkvp[32];  /* new wrapping key verification pattern */
	char cur_wk_state;  /* '0' invalid, '1' valid */
	char new_wk_state;  /* '0' empty, '1' uncommitted, '2' committed */
};

/*
 * Provide information about an EP11 card.
 */
int ep11_get_card_info(u16 card, struct ep11_card_info *info, u32 xflags);

/*
 * Provide information about a domain within an EP11 card.
 */
int ep11_get_domain_info(u16 card, u16 domain,
			 struct ep11_domain_info *info, u32 xflags);

/*
 * Generate (random) EP11 AES secure key.
 */
int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
		   u8 *keybuf, u32 *keybufsize, u32 keybufver, u32 xflags);

Annotation

Implementation Notes