asedeno.scripts.mit.edu Git - linux.git/commit

author	Ingo Franzki <ifranzki@linux.ibm.com>
	Fri, 24 Aug 2018 08:29:43 +0000 (10:29 +0200)
committer	Martin Schwidefsky <schwidefsky@de.ibm.com>
	Wed, 10 Oct 2018 05:37:17 +0000 (07:37 +0200)
commit	af504452d10ece7c6d68bc9f90f478ebecd7ce76
tree	904566d846351ce6bff8fa1d454dd67f6ae81de1	tree \| snapshot
parent	d632c0478d64427cfbca999955e02b26986ae09e	commit \| diff

s390/pkey: Add sysfs attributes to emit secure key blobs

Add binary read-only sysfs attributes for the pkey module
that can be used to read random ccadata secure keys from.
Keys are read from these attributes using a cat-like interface.

A typical use case for those keys is to encrypt a swap device
using the paes cipher. During processing of /etc/crypttab, the
random random ccadata secure key to encrypt the swap device is
read from one of the attributes.

The following attributes are added:
  ccadata/aes_128
  ccadata/aes_192
  ccadata/aes_256
  ccadata/aes_128_xts
  ccadata/aes_256_xts
Each attribute emits a secure key blob for the corresponding
key size and cipher mode.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Hendrik Brueckner <brueckner@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>