Skip to content

Commit 133aa79

Browse files
ssrish17maddy-kerneldev
authored andcommitted
pseries/plpks: add HCALLs for PowerVM Key Wrapping Module
The hypervisor generated wrapping key is an AES-GCM-256 symmetric key which is stored in a non-volatile, secure, and encrypted storage called the Power LPAR Platform KeyStore. It has policy based protections that prevent it from being read out or exposed to the user. Implement H_PKS_GEN_KEY, H_PKS_WRAP_OBJECT, and H_PKS_UNWRAP_OBJECT HCALLs to enable using the PowerVM Key Wrapping Module (PKWM) as a new trust source for trusted keys. Disallow H_PKS_READ_OBJECT, H_PKS_SIGNED_UPDATE, and H_PKS_WRITE_OBJECT for objects with the 'wrapping key' policy set. Capture the availability status for the H_PKS_WRAP_OBJECT interface. Signed-off-by: Srish Srinivasan <ssrish@linux.ibm.com> Tested-by: Nayna Jain <nayna@linux.ibm.com> Reviewed-by: Nayna Jain <nayna@linux.ibm.com> Signed-off-by: Madhavan Srinivasan <maddy@linux.ibm.com> Link: https://patch.msgid.link/20260127145228.48320-5-ssrish@linux.ibm.com
1 parent 447eb1d commit 133aa79

3 files changed

Lines changed: 394 additions & 2 deletions

File tree

Documentation/arch/powerpc/papr_hcalls.rst

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -300,6 +300,49 @@ H_HTM supports setup, configuration, control and dumping of Hardware Trace
300300
Macro (HTM) function and its data. HTM buffer stores tracing data for functions
301301
like core instruction, core LLAT and nest.
302302

303+
**H_PKS_GEN_KEY**
304+
305+
| Input: authorization, objectlabel, objectlabellen, policy, out, outlen
306+
| Out: *Hypervisor Generated Key, or None when the wrapping key policy is set*
307+
| Return Value: *H_SUCCESS, H_Function, H_State, H_R_State, H_Parameter, H_P2,
308+
H_P3, H_P4, H_P5, H_P6, H_Authority, H_Nomem, H_Busy, H_Resource,
309+
H_Aborted*
310+
311+
H_PKS_GEN_KEY is used to have the hypervisor generate a new random key.
312+
This key is stored as an object in the Power LPAR Platform KeyStore with
313+
the provided object label. With the wrapping key policy set the key is only
314+
visible to the hypervisor, while the key's label would still be visible to
315+
the user. Generation of wrapping keys is supported only for a key size of
316+
32 bytes.
317+
318+
**H_PKS_WRAP_OBJECT**
319+
320+
| Input: authorization, wrapkeylabel, wrapkeylabellen, objectwrapflags, in,
321+
| inlen, out, outlen, continue-token
322+
| Out: *continue-token, byte size of wrapped object, wrapped object*
323+
| Return Value: *H_SUCCESS, H_Function, H_State, H_R_State, H_Parameter, H_P2,
324+
H_P3, H_P4, H_P5, H_P6, H_P7, H_P8, H_P9, H_Authority, H_Invalid_Key,
325+
H_NOT_FOUND, H_Busy, H_LongBusy, H_Aborted*
326+
327+
H_PKS_WRAP_OBJECT is used to wrap an object using a wrapping key stored in the
328+
Power LPAR Platform KeyStore and return the wrapped object to the caller. The
329+
caller provides a label to a wrapping key with the 'wrapping key' policy set,
330+
which must have been previously created with H_PKS_GEN_KEY. The provided object
331+
is then encrypted with the wrapping key and additional metadata and the result
332+
is returned to the caller.
333+
334+
335+
**H_PKS_UNWRAP_OBJECT**
336+
337+
| Input: authorization, objectwrapflags, in, inlen, out, outlen, continue-token
338+
| Out: *continue-token, byte size of unwrapped object, unwrapped object*
339+
| Return Value: *H_SUCCESS, H_Function, H_State, H_R_State, H_Parameter, H_P2,
340+
H_P3, H_P4, H_P5, H_P6, H_P7, H_Authority, H_Unsupported, H_Bad_Data,
341+
H_NOT_FOUND, H_Invalid_Key, H_Busy, H_LongBusy, H_Aborted*
342+
343+
H_PKS_UNWRAP_OBJECT is used to unwrap an object that was previously warapped with
344+
H_PKS_WRAP_OBJECT.
345+
303346
References
304347
==========
305348
.. [1] "Power Architecture Platform Reference"

arch/powerpc/include/asm/plpks.h

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,6 +113,16 @@ void plpks_early_init_devtree(void);
113113
int plpks_populate_fdt(void *fdt);
114114

115115
int plpks_config_create_softlink(struct kobject *from);
116+
117+
bool plpks_wrapping_is_supported(void);
118+
119+
int plpks_gen_wrapping_key(void);
120+
121+
int plpks_wrap_object(u8 **input_buf, u32 input_len, u16 wrap_flags,
122+
u8 **output_buf, u32 *output_len);
123+
124+
int plpks_unwrap_object(u8 **input_buf, u32 input_len,
125+
u8 **output_buf, u32 *output_len);
116126
#else // CONFIG_PSERIES_PLPKS
117127
static inline bool plpks_is_available(void) { return false; }
118128
static inline u16 plpks_get_passwordlen(void) { BUILD_BUG(); }

0 commit comments

Comments
 (0)