mirror of
https://github.com/torvalds/linux.git
synced 2024-12-11 21:52:04 +00:00
7379e65279
The zcrypt device driver does not handle CPRBs which address a control domain correctly. This fix introduces a workaround: The domain field of the request CPRB is checked if there is a valid domain value in there. If this is true and the value is a control only domain (a domain which is enabled in the crypto config ADM mask but disabled in the AQM mask) the CPRB is forwarded to the default usage domain. If there is no default domain, the request is rejected with an ENODEV. This fix is important for maintaining crypto adapters. For example one LPAR can use a crypto adapter domain ('Control and Usage') but another LPAR needs to be able to maintain this adapter domain ('Control'). Scenarios like this did not work properly and the patch enables this. Signed-off-by: Harald Freudenberger <freude@linux.ibm.com> Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> |
||
---|---|---|
.. | ||
ap_bus.c | ||
ap_bus.h | ||
ap_card.c | ||
ap_debug.h | ||
ap_queue.c | ||
Makefile | ||
pkey_api.c | ||
vfio_ap_drv.c | ||
vfio_ap_ops.c | ||
vfio_ap_private.h | ||
zcrypt_api.c | ||
zcrypt_api.h | ||
zcrypt_card.c | ||
zcrypt_cca_key.h | ||
zcrypt_cex2a.c | ||
zcrypt_cex2a.h | ||
zcrypt_cex2c.c | ||
zcrypt_cex2c.h | ||
zcrypt_cex4.c | ||
zcrypt_cex4.h | ||
zcrypt_debug.h | ||
zcrypt_error.h | ||
zcrypt_msgtype6.c | ||
zcrypt_msgtype6.h | ||
zcrypt_msgtype50.c | ||
zcrypt_msgtype50.h | ||
zcrypt_queue.c |