review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Harald Freudenberger <freude@linux.ibm.com>
	Thu, 24 Mar 2022 12:23:53 +0000 (13:23 +0100)
committer	Heiko Carstens <hca@linux.ibm.com>
	Mon, 25 Apr 2022 11:54:13 +0000 (13:54 +0200)
commit	28d3417a946762bed46815e59627bbd749347906
tree	8b197a8270754b12010d45f3723b3884341665d3	tree \| snapshot
parent	2ba24343bdb8637135bd0d9b5e249c44bd751670	commit \| diff

s390/zcrypt: add display of ASYM master key verification pattern

This patch extends the sysfs attribute mkvps for CCA cards
to show the states and master key verification patterns for
the old, current and new ASYM master key registers.

With this patch now all relevant master key verification
patterns related to a CCA HSM are available with the mkvps
sysfs attribute. This is a requirement for some exploiters
like the kubernetes cex plugin or initrd code needing to
verify the master key verification patterns on HSMs before
use.

A sample output:
  cat /sys/devices/ap/card04/04.0005/mkvps
  AES NEW: empty 0x0000000000000000
  AES CUR: valid 0xe9a49a58cd039bed
  AES OLD: valid 0x7d10d17bc8a409c4
  APKA NEW: empty 0x0000000000000000
  APKA CUR: valid 0x5f2f27aaa2d59b4a
  APKA OLD: valid 0x82a5e2cd5030d5ec
  ASYM NEW: empty 0x00000000000000000000000000000000
  ASYM CUR: valid 0x650c25a89c27e716d0e692b6c83f10e5
  ASYM OLD: valid 0xf8ae2acf8bfc57f0a0957c732c16078b

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Jörg Schmidbauer <jschmidb@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>

drivers/s390/crypto/zcrypt_ccamisc.c		diff \| blob \| history
drivers/s390/crypto/zcrypt_ccamisc.h		diff \| blob \| history
drivers/s390/crypto/zcrypt_cex4.c		diff \| blob \| history