lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <e2d475e4-d710-4387-8917-c126455facd7@linux.ibm.com>
Date: Tue, 29 Oct 2024 10:33:32 +0100
From: Janosch Frank <frankja@...ux.ibm.com>
To: Steffen Eiden <seiden@...ux.ibm.com>, linux-kernel@...r.kernel.org,
        linux-s390@...r.kernel.org
Cc: Ingo Franzki <ifranzki@...ux.ibm.com>,
        Harald Freudenberger <freude@...ux.ibm.com>,
        Christoph Schlameuss <schlameuss@...ux.ibm.com>,
        Claudio Imbrenda <imbrenda@...ux.ibm.com>
Subject: Re: [PATCH v5 0/6] s390/uv: Retrieve Secrets Ultravisor Call support

On 10/24/24 8:26 AM, Steffen Eiden wrote:
> A new secret type (group) allows SE-guests to retrieve the secret value
> from the UV secret store. All retrieved secrets (but plaintext) are
> retrieved as a PCMKO-wrapped key so that they will never appear in
> plaintext in the secure guest. Supported key/secret types are:
> AES, AES-XTS, HMAC, and EC. Add support for an in-kernel API and an UAPI
> to retrieve a previously added secret. If the hardware supports it,
> adding secrets works with the same infrastructure that is used by
> associate secrets introduced with AP-pass-through support.
> 

I've picked up everything but patch #5 a couple of days ago.

Also these patches will go through the s390 tree and not through KVM 390 
as the crypto team has a series that's based on this one.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ