[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 0/4] Enable support for s390 crypto key mgmt operations



On 04/27/2015 05:57 PM, akrowiak linux vnet ibm com wrote:
From: Tony Krowiak <akrowiak linux vnet ibm com>

The IBM System z Central Processor Assist for Cryptographic Functions (CPACF)
hardware provides a set of CPU instructions for use in clear-key encryption,
pseudo random number generation, hash functions, and protected-key encryption.
The CPACF protected key cryptographic functions operate with a protected key
which is encrypted under a unique wrapping key that is stored in the Hardware
System Area (HSA) of the machine and can only be accessed by firmware. The
wrapping key cannot be accessed by the operating system or application
programs. There are two wrapping keys: One for wrapping AES keys and one for
wrapping DES/TDES keys. This patch set enables the support for encrypting  
clear keys under the AES and DES/TDES wrapping keys for guests started on hosts 
running on s390 hardware that supports key wrapping.

Tony Krowiak (4):
  libvirt: docs: XML to enable/disable protected key mgmt ops
  libvirt: conf: parse XML for protected key management ops
  libvirt: qemu: enable/disable protected key management ops
  libvirt: tests: test protected key mgmt ops support

--
libvir-list mailing list
libvir-list redhat com
https://www.redhat.com/mailman/listinfo/libvir-list

Any comments?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]