• Harald Freudenberger's avatar
    s390/zcrypt: extend EP11 card and queue sysfs attributes · a17becc1
    Harald Freudenberger authored
    This patch introduces new sysfs attributes for EP11 cards
    and queues:
    
    An EP11 card gets four new sysfs attributes:
    
    /sys/devices/ap/cardxx/API_ordinalnr
      The EP11 card firmware API ordinal number.
    
    /sys/devices/ap/cardxx/FW_version
      The EP11 card firmware major and minor version.
    
    /sys/devices/ap/cardxx/serialnr
      Displays the serial number of the EP11 card. The serial
      number is a 16 character string unique for this EP11 card.
    
    /sys/devices/ap/cardxx/op_modes
      Displays operation modes for this EP11 card. Known operation
      modes are: FIPS2009, BSI2009, FIPS2011, BSI2011 and BSICC2017.
    
    The EP11 queues get two new sysfs attributes:
    
    /sys/devices/ap/cardxx/xx.yyyy/mkvps
      Displays information about the master key(s) states and
      verification patterns. Two lines are displayed:
    
      WK CUR: <wk_cur_state> <wk_cur_vp>
      WK NEW: <wk_new_state> <wk_new_vp>
    
      with
    
      <wk_cur_state>: 'invalid' or 'valid'
      <wk_new_state>: 'empty' or 'uncommitted' or 'committed'
      <wk_cur_vp> and <wk_new_vp>: '-' or a 32 byte hash pattern
    
    /sys/devices/ap/cardxx/xx.yyyy/op_modes
      Displays operation modes for this EP11 queue. Known operation
      modes are: FIPS2009, BSI2009, FIPS2011, BSI2011 and BSICC2017.
    
    The card information displayed with the sysfs attributes is fresh
    fetched from the card if the card is online, otherwise cached values
    are used. The queue information displayed with the sysfs attributes is
    always fetched on the fly and not cached. So each read of any of these
    sysfs attributes will cause an request/reply CPRB communication with
    the EP11 crypto card. The queue attributes address the corresponding
    EP11 domain within the EP11 card. The card attributes addresses any
    domain within the EP11 card (subject to the dispatch algorithm within
    the zcrypt device driver). If the addressed domain is offline or for
    card addressing all domains are offline the attributes will display
    '-' for state and verification patterns and an empty string for op
    mode, serial number, API_ordinalnr and FW_version.
    Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
    Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
    a17becc1
zcrypt_cex4.c 19.2 KB