On Wed, Oct 02, 2024 at 06:05:28PM +0200, Steffen Eiden wrote:
> Provide a kernel API to retrieve secrets from the UV secret store.
> Add two new functions:
> * `uv_get_secret_metadata` - get metadata for a given secret identifier
> * `uv_retrieve_secret` - get the secret value for the secret index
>
> With those two functions one can extract the secret for a given secret
> id, if the secret is retrievable.
>
> Signed-off-by: Steffen Eiden <seiden@xxxxxxxxxxxxx>
> ---
> arch/s390/include/asm/uv.h | 131 ++++++++++++++++++++++++++++++++++++-
> arch/s390/kernel/uv.c | 127 ++++++++++++++++++++++++++++++++++-
> 2 files changed, 256 insertions(+), 2 deletions(-)
> +/** uv_list_secrets() - Do a List Secrets UVC
> + * @buf: Buffer to write list into; size of one page
This is not kerneldoc style.
> +int uv_get_secret_metadata(const u8 secret_id[UV_SECRET_ID_LEN],
> + struct uv_secret_list_item_hdr *secret)
> +{
> + struct uv_secret_list *buf;
> + int rc;
> +
> + buf = kzalloc(sizeof(*buf), GFP_KERNEL);
> + rc = find_secret(secret_id, buf, secret);
> + kfree(buf);
if (!buf) ...
error checking is missing.
