[PATCH 0/4] enable s390 support for crypto key mgmt operations

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx>

The IBM System z Central Processor Assist for Cryptographic Functions (CPACF)
hardware provides a set of CPU instructions for use in clear-key encryption,
pseudo random number generation, hash functions, and protected-key encryption.
The CPACF protected key cryptographic functions operate with a protected key
that is encrypted under a unique wrapping key stored in the Hardware
System Area (HSA) of the machine and can only be accessed by firmware. The
wrapping key cannot be accessed by the operating system or application
programs. There are two wrapping keys: One for wrapping AES keys and one for
wrapping DEA/TDEA (DES/TDES) keys. This patch set enables the support for 
encrypting clear keys under the AES or DEA/TDEA wrapping key on a guest VM 
running on an s390 host that supports key wrapping.  

Tony Krowiak (4):
  libvirt: docs: XML to enable/disable protected key mgmt ops
  libvirt: conf: parse XML for protected key management ops
  libvirt: qemu: enable/disable protected key management ops
  libvirt: tests: test protected key mgmt ops support

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]