summaryrefslogtreecommitdiffstats
path: root/drivers/crypto
diff options
context:
space:
mode:
authorHarald Freudenberger <freude@linux.vnet.ibm.com>2016-11-02 14:37:20 +0100
committerMartin Schwidefsky <schwidefsky@de.ibm.com>2017-02-23 10:06:40 +0100
commite80d4af0a320972aac58e2004d0ba4e44ef4c5c7 (patch)
tree551dffc1e632d0a2c49a04079be59350e6a7f15d /drivers/crypto
parenta1d001e26d5386c934345dc91f16b530e352f8d7 (diff)
downloadlinux-stable-e80d4af0a320972aac58e2004d0ba4e44ef4c5c7.tar.gz
linux-stable-e80d4af0a320972aac58e2004d0ba4e44ef4c5c7.tar.bz2
linux-stable-e80d4af0a320972aac58e2004d0ba4e44ef4c5c7.zip
s390/pkey: Introduce pkey kernel module
This patch introcudes a new kernel module pkey which is providing protected key handling and management functions. The pkey API is available within the kernel for other s390 specific code to create and manage protected keys. Additionally the functions are exported to user space via IOCTL calls. The implementation makes extensive use of functions provided by the zcrypt device driver. For generating protected keys from secure keys there is also a CEX coprocessor card needed. Signed-off-by: Harald Freudenberger <freude@linux.vnet.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'drivers/crypto')
-rw-r--r--drivers/crypto/Kconfig16
1 files changed, 16 insertions, 0 deletions
diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index ae20ec55ab58..57c2d434ea4b 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -73,6 +73,22 @@ config ZCRYPT
+ Crypto Express 2,3,4 or 5 Accelerator (CEXxA)
+ Crypto Express 4 or 5 EP11 Coprocessor (CEXxP)
+config PKEY
+ tristate "Kernel API for protected key handling"
+ depends on S390
+ depends on ZCRYPT
+ help
+ With this option enabled the pkey kernel module provides an API
+ for creation and handling of protected keys. Other parts of the
+ kernel or userspace applications may use these functions.
+
+ Select this option if you want to enable the kernel and userspace
+ API for proteced key handling.
+
+ Please note that creation of protected keys from secure keys
+ requires to have at least one CEX card in coprocessor mode
+ available at runtime.
+
config CRYPTO_SHA1_S390
tristate "SHA1 digest algorithm"
depends on S390