pkey.h - OpenGrok cross reference for /Linux-v6.1/arch/s390/include/uapi/asm/pkey.h

Lines Matching +full:secure +full:- +full:only
1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
23 #define SECKEYBLOBSIZE	64	   /* secure key blob size is always 64 bytes */
78 /* Struct to hold a CCA AES secure key blob */
80 	__u8  seckey[SECKEYBLOBSIZE];		  /* the secure key blob */
110  * Generate CCA AES secure key.
116 	struct pkey_seckey seckey;  /* out: the secure key blob		 */
121  * Construct CCA AES secure key from clear key value
128 	struct pkey_seckey seckey;  /* out: the secure key blob		 */
133  * Fabricate AES protected key from a CCA AES secure key
138 	struct pkey_seckey seckey;   /* in: the secure key blob		  */
155  * Verification Pattern provided inside a CCA AES secure key.
158 	struct pkey_seckey seckey;	       /* in: the secure key blob */
168 	struct pkey_seckey seckey;   /* in: the secure key blob		  */
174  * Verify the given CCA AES secure key for being able to be usable with
179  * only AES), flag if key is wrapped with an old MKVP.
182 	struct pkey_seckey seckey;	       /* in: the secure key blob */
222  * Generate secure key, version 2.
223  * Generate CCA AES secure key, CCA AES cipher key or EP11 AES secure key.
230  * (return -1 with errno ENODEV). You may use the PKEY_APQNS4KT ioctl to
236  * only exportable for CPACF (PKEY_KEYGEN_XPRT_CPAC).
254  * Generate secure key from clear key value, version 2.
255  * Construct an CCA AES secure key, CCA AES cipher key or EP11 AES secure
263  * (return -1 with errno ENODEV). You may use the PKEY_APQNS4KT ioctl to
269  * only exportable for CPACF (PKEY_KEYGEN_XPRT_CPAC).
288  * Verify the given secure key, version 2.
295  * For CCA AES secure keys and CCA AES cipher keys this means to check
302  * CCA AES secure keys are also checked to have the CPACF export allowed
310  * apqn does not match or there is no such apqn found, -1 with errno
332  * (return -1 with errno ENODEV). You may use the PKEY_APQNS4K ioctl to
334  * Deriving ECC protected keys from ECC secure keys is not supported with
348  * Is able to find out which type of secure key is given (CCA AES secure
355  * only) of the apqns. The flags argument may be used to limit the matching
356  * apqns. If the PKEY_FLAGS_MATCH_CUR_MKVP is given, only the current mkvp of
361  * ignored (but needs to be given as PKEY_FLAGS_MATCH_CUR_MKVP) as there is only
392  * should match. If the PKEY_FLAGS_MATCH_CUR_MKVP is given, only the current
397  * For EP11 keys there is only the current wkvp. So if the apqns should also
399  * set. The wkvp value is 32 bytes but only the leftmost 16 bytes are compared
425  * So this ioctl is also able to handle EP11 and CCA ECC secure keys and
433  * (return -1 with errno ENODEV). You may use the PKEY_APQNS4K ioctl to