mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
f688429549
Add a new parameter xflags to the in-kernel API function pkey_key2protkey(). Currently there is only one flag supported: * PKEY_XFLAG_NOMEMALLOC: If this flag is given in the xflags parameter, the pkey implementation is not allowed to allocate memory but instead should fall back to use preallocated memory or simple fail with -ENOMEM. This flag is for protected key derive within a cipher or similar which must not allocate memory which would cause io operations - see also the CRYPTO_ALG_ALLOCATES_MEMORY flag in crypto.h. The one and only user of this in-kernel API - the skcipher implementations PAES in paes_s390.c set this flag upon request to derive a protected key from the given raw key material. Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Reviewed-by: Holger Dengler <dengler@linux.ibm.com> Link: https://lore.kernel.org/r/20250424133619.16495-26-freude@linux.ibm.com Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
41 lines
1.3 KiB
C
41 lines
1.3 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Kernelspace interface to the pkey device driver
|
|
*
|
|
* Copyright IBM Corp. 2016, 2023
|
|
*
|
|
* Author: Harald Freudenberger <freude@de.ibm.com>
|
|
*
|
|
*/
|
|
|
|
#ifndef _KAPI_PKEY_H
|
|
#define _KAPI_PKEY_H
|
|
|
|
#include <linux/ioctl.h>
|
|
#include <linux/types.h>
|
|
#include <uapi/asm/pkey.h>
|
|
|
|
/*
|
|
* In-kernel API: Transform an key blob (of any type) into a protected key.
|
|
* @param key pointer to a buffer containing the key blob
|
|
* @param keylen size of the key blob in bytes
|
|
* @param protkey pointer to buffer receiving the protected key
|
|
* @param xflags additional execution flags (see PKEY_XFLAG_* definitions below)
|
|
* As of now the only supported flag is PKEY_XFLAG_NOMEMALLOC.
|
|
* @return 0 on success, negative errno value on failure
|
|
*/
|
|
int pkey_key2protkey(const u8 *key, u32 keylen,
|
|
u8 *protkey, u32 *protkeylen, u32 *protkeytype,
|
|
u32 xflags);
|
|
|
|
/*
|
|
* If this flag is given in the xflags parameter, the pkey implementation
|
|
* is not allowed to allocate memory but instead should fall back to use
|
|
* preallocated memory or simple fail with -ENOMEM.
|
|
* This flag is for protected key derive within a cipher or similar
|
|
* which must not allocate memory which would cause io operations - see
|
|
* also the CRYPTO_ALG_ALLOCATES_MEMORY flag in crypto.h.
|
|
*/
|
|
#define PKEY_XFLAG_NOMEMALLOC 0x0001
|
|
|
|
#endif /* _KAPI_PKEY_H */
|