1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * Kernelspace interface to the pkey device driver 4 * 5 * Copyright IBM Corp. 2016, 2023 6 * 7 * Author: Harald Freudenberger <freude@de.ibm.com> 8 * 9 */ 10 11 #ifndef _KAPI_PKEY_H 12 #define _KAPI_PKEY_H 13 14 #include <linux/ioctl.h> 15 #include <linux/types.h> 16 #include <uapi/asm/pkey.h> 17 18 /* 19 * In-kernel API: Transform an key blob (of any type) into a protected key. 20 * @param key pointer to a buffer containing the key blob 21 * @param keylen size of the key blob in bytes 22 * @param protkey pointer to buffer receiving the protected key 23 * @param xflags additional execution flags (see PKEY_XFLAG_* definitions below) 24 * As of now the only supported flags are PKEY_XFLAG_NOMEMALLOC 25 * and PKEY_XFLAG_NOCLEARKEY. 26 * @return 0 on success, negative errno value on failure 27 */ 28 int pkey_key2protkey(const u8 *key, u32 keylen, 29 u8 *protkey, u32 *protkeylen, u32 *protkeytype, 30 u32 xflags); 31 32 /* 33 * If this flag is given in the xflags parameter, the pkey implementation 34 * is not allowed to allocate memory but instead should fall back to use 35 * preallocated memory or simple fail with -ENOMEM. 36 * This flag is for protected key derive within a cipher or similar 37 * which must not allocate memory which would cause io operations - see 38 * also the CRYPTO_ALG_ALLOCATES_MEMORY flag in crypto.h. 39 */ 40 #define PKEY_XFLAG_NOMEMALLOC 0x0001 41 42 /* 43 * Do not accept a clear key token as source for a protected key. 44 */ 45 #define PKEY_XFLAG_NOCLEARKEY 0x0002 46 47 #endif /* _KAPI_PKEY_H */ 48