diff options
| author | Srish Srinivasan <ssrish@linux.ibm.com> | 2026-01-27 20:22:26 +0530 |
|---|---|---|
| committer | Madhavan Srinivasan <maddy@linux.ibm.com> | 2026-01-30 09:27:26 +0530 |
| commit | 133aa79e211d2572c5c9b9671461a55d50bebda8 (patch) | |
| tree | cf937f7e6397eb1d901baffe39a0b0fa4c48c4c8 /include/linux/phy | |
| parent | 447eb1d5ef00f7da918221ed690cac980385d993 (diff) | |
pseries/plpks: add HCALLs for PowerVM Key Wrapping Module
The hypervisor generated wrapping key is an AES-GCM-256 symmetric key which
is stored in a non-volatile, secure, and encrypted storage called the Power
LPAR Platform KeyStore. It has policy based protections that prevent it
from being read out or exposed to the user.
Implement H_PKS_GEN_KEY, H_PKS_WRAP_OBJECT, and H_PKS_UNWRAP_OBJECT HCALLs
to enable using the PowerVM Key Wrapping Module (PKWM) as a new trust
source for trusted keys. Disallow H_PKS_READ_OBJECT, H_PKS_SIGNED_UPDATE,
and H_PKS_WRITE_OBJECT for objects with the 'wrapping key' policy set.
Capture the availability status for the H_PKS_WRAP_OBJECT interface.
Signed-off-by: Srish Srinivasan <ssrish@linux.ibm.com>
Tested-by: Nayna Jain <nayna@linux.ibm.com>
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: Madhavan Srinivasan <maddy@linux.ibm.com>
Link: https://patch.msgid.link/20260127145228.48320-5-ssrish@linux.ibm.com
Diffstat (limited to 'include/linux/phy')
0 files changed, 0 insertions, 0 deletions