mirror of
https://github.com/torvalds/linux.git
synced 2024-11-23 04:31:50 +00:00
f370f45c64
This is an internal rework of the pkey code to not use the struct pkey_protkey internal any more. This struct has a hard coded protected key buffer with MAXPROTKEYSIZE = 64 bytes. However, with support for ECC protected key, this limit is too short and thus this patch reworks all the internal code to use the triple u8 *protkey, u32 protkeylen, u32 protkeytype instead. So the ioctl which still has to deal with this struct coming from userspace and/or provided to userspace invoke all the internal functions now with the triple instead of passing a pointer to struct pkey_protkey. Also the struct pkey_clrkey has been internally replaced in a similar way. This struct also has a hard coded clear key buffer of MAXCLRKEYSIZE = 32 bytes and thus is not usable with e.g. ECC clear key material. This is a transparent rework for userspace applications using the pkey API. The internal kernel API used by the PAES crypto ciphers has been adapted to this change to make it possible to provide ECC protected keys via this interface in the future. Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Reviewed-by: Holger Dengler <dengler@linux.ibm.com> Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
29 lines
756 B
C
29 lines
756 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Kernelspace interface to the pkey device driver
|
|
*
|
|
* Copyright IBM Corp. 2016, 2023
|
|
*
|
|
* Author: Harald Freudenberger <freude@de.ibm.com>
|
|
*
|
|
*/
|
|
|
|
#ifndef _KAPI_PKEY_H
|
|
#define _KAPI_PKEY_H
|
|
|
|
#include <linux/ioctl.h>
|
|
#include <linux/types.h>
|
|
#include <uapi/asm/pkey.h>
|
|
|
|
/*
|
|
* In-kernel API: Transform an key blob (of any type) into a protected key.
|
|
* @param key pointer to a buffer containing the key blob
|
|
* @param keylen size of the key blob in bytes
|
|
* @param protkey pointer to buffer receiving the protected key
|
|
* @return 0 on success, negative errno value on failure
|
|
*/
|
|
int pkey_keyblob2pkey(const u8 *key, u32 keylen,
|
|
u8 *protkey, u32 *protkeylen, u32 *protkeytype);
|
|
|
|
#endif /* _KAPI_PKEY_H */
|