• Harald Freudenberger's avatar
    s390/zcrypt: Fix wrong dispatching for control domain CPRBs · 7379e652
    Harald Freudenberger authored
    The zcrypt device driver does not handle CPRBs which address
    a control domain correctly. This fix introduces a workaround:
    The domain field of the request CPRB is checked if there is
    a valid domain value in there. If this is true and the value
    is a control only domain (a domain which is enabled in the
    crypto config ADM mask but disabled in the AQM mask) the
    CPRB is forwarded to the default usage domain. If there is
    no default domain, the request is rejected with an ENODEV.
    
    This fix is important for maintaining crypto adapters. For
    example one LPAR can use a crypto adapter domain ('Control
    and Usage') but another LPAR needs to be able to maintain
    this adapter domain ('Control'). Scenarios like this did
    not work properly and the patch enables this.
    Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
    Signed-off-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
    7379e652
zcrypt_api.c 46.6 KB