Kernel API for protected key handling
modulename: pkey.ko
configname: CONFIG_PKEY
Linux Kernel Configuration
└─>Cryptographic API
└─>Hardware crypto devices
└─>Kernel API for protected key handling
In linux kernel since version 3.10 (release Date: 2013-06-30)
							With this option enabled the pkey kernel modules provide an API
						
for creation and handling of protected keys. Other parts of the
kernel or userspace applications may use these functions.
							
						
The protected key support is distributed into:
- A pkey base and API kernel module (pkey.ko) which offers the
infrastructure for the pkey handler kernel modules, the ioctl
and the sysfs API and the in-kernel API to the crypto cipher
implementations using protected key.
- A pkey pckmo kernel module (pkey-pckmo.ko) which is automatically
loaded when pckmo support (that is generation of protected keys
from clear key values) is available.
- A pkey CCA kernel module (pkey-cca.ko) which is automatically
loaded when a CEX crypto card is available.
- A pkey EP11 kernel module (pkey-ep11.ko) which is automatically
loaded when a CEX crypto card is available.
- A pkey UV kernel module (pkey-uv.ko) which is automatically
loaded when the Ultravisor feature is available within a
protected execution environment.
							
						
Select this option if you want to enable the kernel and userspace
API for protected key handling.
							
						
					
					for creation and handling of protected keys. Other parts of the
kernel or userspace applications may use these functions.
The protected key support is distributed into:
- A pkey base and API kernel module (pkey.ko) which offers the
infrastructure for the pkey handler kernel modules, the ioctl
and the sysfs API and the in-kernel API to the crypto cipher
implementations using protected key.
- A pkey pckmo kernel module (pkey-pckmo.ko) which is automatically
loaded when pckmo support (that is generation of protected keys
from clear key values) is available.
- A pkey CCA kernel module (pkey-cca.ko) which is automatically
loaded when a CEX crypto card is available.
- A pkey EP11 kernel module (pkey-ep11.ko) which is automatically
loaded when a CEX crypto card is available.
- A pkey UV kernel module (pkey-uv.ko) which is automatically
loaded when the Ultravisor feature is available within a
protected execution environment.
Select this option if you want to enable the kernel and userspace
API for protected key handling.
