[libvirt] [PATCH 0/4] Enable support for s390 crypto key mgmt operations

Tony Krowiak akrowiak at linux.vnet.ibm.com
Tue May 12 15:16:05 UTC 2015


On 04/27/2015 05:57 PM, akrowiak at linux.vnet.ibm.com wrote:
> From: Tony Krowiak <akrowiak at linux.vnet.ibm.com>
>
> The IBM System z Central Processor Assist for Cryptographic Functions (CPACF)
> hardware provides a set of CPU instructions for use in clear-key encryption,
> pseudo random number generation, hash functions, and protected-key encryption.
> The CPACF protected key cryptographic functions operate with a protected key
> which is encrypted under a unique wrapping key that is stored in the Hardware
> System Area (HSA) of the machine and can only be accessed by firmware. The
> wrapping key cannot be accessed by the operating system or application
> programs. There are two wrapping keys: One for wrapping AES keys and one for
> wrapping DES/TDES keys. This patch set enables the support for encrypting
> clear keys under the AES and DES/TDES wrapping keys for guests started on hosts
> running on s390 hardware that supports key wrapping.
>
> Tony Krowiak (4):
>    libvirt: docs: XML to enable/disable protected key mgmt ops
>    libvirt: conf: parse XML for protected key management ops
>    libvirt: qemu: enable/disable protected key management ops
>    libvirt: tests: test protected key mgmt ops support
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
Any comments?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150512/1f48d82c/attachment-0001.htm>


More information about the libvir-list mailing list