s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This patch introduces support for a new architectured reply
code 0x8B indicating that a hypervisor layer (if any) has
rejected an ap message.

Linux may run as a guest on top of a hypervisor like zVM
or KVM. So the crypto hardware seen by the ap bus may be
restricted by the hypervisor for example only a subset like
only clear key crypto requests may be supported. Other
requests will be filtered out - rejected by the hypervisor.
The new reply code 0x8B will appear in such cases and needs
to get recognized by the ap bus and zcrypt device driver zoo.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>

authored by

Harald Freudenberger and committed by

Vasily Gorbik 6 years ago 6733775a 914d52e4

1 changed file

expand all

drivers

s390

crypto

zcrypt_error.h

drivers/s390/crypto/zcrypt_error.h

··· 61 61 #define REP82_ERROR_EVEN_MOD_IN_OPND 0x85 62 62 #define REP82_ERROR_RESERVED_FIELD 0x88 63 63 #define REP82_ERROR_INVALID_DOMAIN_PENDING 0x8A 64 + #define REP82_ERROR_FILTERED_BY_HYPERVISOR 0x8B 64 65 #define REP82_ERROR_TRANSPORT_FAIL 0x90 65 66 #define REP82_ERROR_PACKET_TRUNCATED 0xA0 66 67 #define REP82_ERROR_ZERO_BUFFER_LEN 0xB0 ··· 92 91 case REP82_ERROR_INVALID_DOMAIN_PRECHECK: 93 92 case REP82_ERROR_INVALID_DOMAIN_PENDING: 94 93 case REP82_ERROR_INVALID_SPECIAL_CMD: 94 + case REP82_ERROR_FILTERED_BY_HYPERVISOR: 95 95 // REP88_ERROR_INVALID_KEY // '82' CEX2A 96 96 // REP88_ERROR_OPERAND // '84' CEX2A 97 97 // REP88_ERROR_OPERAND_EVEN_MOD // '85' CEX2A