LSZCRYPT(8) | System Manager's Manual | LSZCRYPT(8) |
NAME¶
lszcrypt - display zcrypt device and configuration informationSYNOPSIS¶
- lszcrypt
- [ -V ] [ <device-id> [...]]
- lszcrypt
- -c <card-id>
- lszcrypt -b
- lszcrypt -d
- lszcrypt -h
- lszcrypt -v
DESCRIPTION¶
The lszcrypt command is used to display information about cryptographic devices managed by zcrypt and the AP bus attributes of zcrypt. Displayed information depends on the kernel version. lszcrypt requires that sysfs is mounted.The following information can be displayed for each cryptographic device: card ID, domain ID, card type (symbolic), mode, online status, hardware card type (numeric), installed function facilities, card capability, hardware queue depth, request count, number of requests in hardware queue, and the number of outstanding requests. The following AP bus attributes can be displayed: AP domain, Max AP domain, configuration timer, poll thread status, poll timeout, and AP interrupt status.
OPTIONS¶
- -V, --verbose
- The verbose level for cryptographic device information. With this verbose level additional information like hardware card type, hardware queue depth, pending request queue count, outstanding request queue count, and installed function facilities are displayed.
- <device-id>
- Specifies a cryptographic device to display. A cryptographic device can be either a card device or a queue device. If no devices are specified information about all available devices is displayed. Please note that the card device representation and the queue device are both in hexadecimal notation.
- -b, --bus
- Displays the AP bus attributes and exits.
- -c, --capability <card-id>
- Shows the capabilities of a cryptographic card device of hardware type 6 or higher. The card device id value may be given as decimal or hex value (with a leading 0x). The capabilities of a cryptographic card device depend on the card type and the installed function facilities. A cryptographic card device can provide one or more of the following capabilities:
- o
- RSA 2K Clear Key
- o
- RSA 4K Clear Key
- o
- CCA Secure Key
- o
- EP11 Secure Key
- o
- Long RNG
The CCA Secure Key capability may be limited by a
hypervisor layer. The remarks 'full function set' or 'restricted function set'
may reflect this. For details about these limitations please check the
hypervisor documentation.
- -d, --domains
- Shows the usage and control domains of the cryptographic devices. The displayed domains of the cryptographic device depends on the initial cryptographic configuration.
- o
- C - indicate a control domain
- o
- U - indicate a usage domain
- o
- B - indicate both (control and usage domain)
- -h, --help
- Displays help text and exits.
- -v, --version
- Displays version information and exits.
EXAMPLES¶
- lszcrypt
- Displays the card/domain ID, card type (short name), mode (long name), online status and request count of all available cryptographic devices.
- lszcrypt 1 3 5
- Displays the card/domain ID, card type, mode, online status and request count for cryptographic devices 1, 3, and 5.
- lszcrypt -V 3 7 11
- Displays the card/domain ID, card type, mode, online status, request count, number of requests in the hardware queue, number of outstanding requests and installed function facilities for cryptographic devices 3, 7 and 17 (0x11).
- lszcrypt 10.0038
- Displays information of the cryptographic device '10.0038' respectively card id 16 (0x10) with domain 56 (0x38).
- lszcrypt .0038
- Displays information of all available queue devices (potentially multiple adapters) with domain 56 (0x38).
- lszcrypt -b
- Displays AP bus information.
- lszcrypt -c 7
Coprocessor card07 provides capability for:
CCA Secure Key
RSA 4K Clear Key
Long RNG
SEE ALSO¶
chzcrypt(8)OCT 2017 | s390-tools |