diff options
author | Michael Holzheu <holzheu@de.ibm.com> | 2007-02-05 21:18:26 +0100 |
---|---|---|
committer | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2007-02-05 21:18:26 +0100 |
commit | cced1dd42ebcebc7fa7f02fe487e48aa71752401 (patch) | |
tree | 989ef44c23b900309f070184b8bf3412d5b98dbf /include/asm-s390 | |
parent | [S390] boot from NSS support (diff) | |
download | linux-cced1dd42ebcebc7fa7f02fe487e48aa71752401.tar.xz linux-cced1dd42ebcebc7fa7f02fe487e48aa71752401.zip |
[S390] Add crypto support for 3592 tape devices
3592 tape devices are able to write data encrpyted on tape mediums.
This z/Linux device driver support includes the following functions:
* ioctl to switch on/off encryption
* ioctl to query encryption status of drive
* ioctls to set and query key encrypting keys (kekls)
* long busy interrupt handling
Signed-off-by: Michael Holzheu <holzheu@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Diffstat (limited to 'include/asm-s390')
-rw-r--r-- | include/asm-s390/tape390.h | 72 |
1 files changed, 68 insertions, 4 deletions
diff --git a/include/asm-s390/tape390.h b/include/asm-s390/tape390.h index f1d66ba0deef..884fba48f1ff 100644 --- a/include/asm-s390/tape390.h +++ b/include/asm-s390/tape390.h @@ -1,11 +1,11 @@ /************************************************************************* * * tape390.h - * enables user programs to display messages on the tape device + * enables user programs to display messages and control encryption + * on s390 tape devices * - * S390 and zSeries version - * Copyright (C) 2001 IBM Corporation - * Author(s): Despina Papadopoulou <despina_p@de.ibm.com> + * Copyright IBM Corp. 2001,2006 + * Author(s): Michael Holzheu <holzheu@de.ibm.com> * *************************************************************************/ @@ -36,4 +36,68 @@ typedef struct display_struct { char message2[8]; } display_struct; +/* + * Tape encryption support + */ + +struct tape390_crypt_info { + char capability; + char status; + char medium_status; +} __attribute__ ((packed)); + + +/* Macros for "capable" field */ +#define TAPE390_CRYPT_SUPPORTED_MASK 0x01 +#define TAPE390_CRYPT_SUPPORTED(x) \ + ((x.capability & TAPE390_CRYPT_SUPPORTED_MASK)) + +/* Macros for "status" field */ +#define TAPE390_CRYPT_ON_MASK 0x01 +#define TAPE390_CRYPT_ON(x) (((x.status) & TAPE390_CRYPT_ON_MASK)) + +/* Macros for "medium status" field */ +#define TAPE390_MEDIUM_LOADED_MASK 0x01 +#define TAPE390_MEDIUM_ENCRYPTED_MASK 0x02 +#define TAPE390_MEDIUM_ENCRYPTED(x) \ + (((x.medium_status) & TAPE390_MEDIUM_ENCRYPTED_MASK)) +#define TAPE390_MEDIUM_LOADED(x) \ + (((x.medium_status) & TAPE390_MEDIUM_LOADED_MASK)) + +/* + * The TAPE390_CRYPT_SET ioctl is used to switch on/off encryption. + * The "encryption_capable" and "tape_status" fields are ignored for this ioctl! + */ +#define TAPE390_CRYPT_SET _IOW('d', 2, struct tape390_crypt_info) + +/* + * The TAPE390_CRYPT_QUERY ioctl is used to query the encryption state. + */ +#define TAPE390_CRYPT_QUERY _IOR('d', 3, struct tape390_crypt_info) + +/* Values for "kekl1/2_type" and "kekl1/2_type_on_tape" fields */ +#define TAPE390_KEKL_TYPE_NONE 0 +#define TAPE390_KEKL_TYPE_LABEL 1 +#define TAPE390_KEKL_TYPE_HASH 2 + +struct tape390_kekl { + unsigned char type; + unsigned char type_on_tape; + char label[65]; +} __attribute__ ((packed)); + +struct tape390_kekl_pair { + struct tape390_kekl kekl[2]; +} __attribute__ ((packed)); + +/* + * The TAPE390_KEKL_SET ioctl is used to set Key Encrypting Key labels. + */ +#define TAPE390_KEKL_SET _IOW('d', 4, struct tape390_kekl_pair) + +/* + * The TAPE390_KEKL_QUERY ioctl is used to query Key Encrypting Key labels. + */ +#define TAPE390_KEKL_QUERY _IOR('d', 5, struct tape390_kekl_pair) + #endif |