1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * Kernelspace interface to the pkey device driver 4 * 5 * Copyright IBM Corp. 2016, 2023 6 * 7 * Author: Harald Freudenberger <freude@de.ibm.com> 8 * 9 */ 10 11 #ifndef _KAPI_PKEY_H 12 #define _KAPI_PKEY_H 13 14 #include <linux/ioctl.h> 15 #include <linux/types.h> 16 #include <uapi/asm/pkey.h> 17 18 /* 19 * In-kernel API: Transform an key blob (of any type) into a protected key. 20 * @param key pointer to a buffer containing the key blob 21 * @param keylen size of the key blob in bytes 22 * @param protkey pointer to buffer receiving the protected key 23 * @param xflags additional execution flags (see PKEY_XFLAG_* definitions below) 24 * As of now the only supported flag is PKEY_XFLAG_NOMEMALLOC. 25 * @return 0 on success, negative errno value on failure 26 */ 27 int pkey_key2protkey(const u8 *key, u32 keylen, 28 u8 *protkey, u32 *protkeylen, u32 *protkeytype, 29 u32 xflags); 30 31 /* 32 * If this flag is given in the xflags parameter, the pkey implementation 33 * is not allowed to allocate memory but instead should fall back to use 34 * preallocated memory or simple fail with -ENOMEM. 35 * This flag is for protected key derive within a cipher or similar 36 * which must not allocate memory which would cause io operations - see 37 * also the CRYPTO_ALG_ALLOCATES_MEMORY flag in crypto.h. 38 */ 39 #define PKEY_XFLAG_NOMEMALLOC 0x0001 40 41 #endif /* _KAPI_PKEY_H */ 42