SecurityEdit online These device drivers and features support security aspects of Red Hat® Enterprise Linux® 8.6 for IBM Z. RestrictionsFor prerequisites and restrictions see the IBM Z® architecture specific information in the Red Hat Enterprise Linux 8.6 release notes at https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux Generic cryptographic device driverThe generic cryptographic device driver (zcrypt) supports cryptographic coprocessor and accelerator hardware. Cryptographic coprocessors provide secure key cryptographic operations for the IBM® Common Cryptographic Architecture (CCA). Cryptographic coprocessors also support Enterprise PKCS #11 (EP11). CCA and EP11 coprocessors operate as Hardware Security Modules (HSMs).Pseudorandom number generator device driverThe pseudorandom number generator (PRNG) device driver provides user-space applications with pseudorandom numbers generated by the IBM Z CP Assist for Cryptographic Function (CPACF).True random-number generator device driverThe true random number generator (TRNG) device driver provides user-space applications with random data generated from the IBM Z hardware CPACF true random source.Protected key device driverThe protected key device driver provides functions for generating and verifying protected keys.Hardware-accelerated in-kernel cryptographyIn-kernel cryptographic and checksum operations can be performed by platform-specific implementations instead of the generic implementations within the Linux kernel.Instruction execution protectionThe instruction execution protection feature on IBM® mainframes protects against data execution, similar to the NX feature on other architectures.Parent topic: Device Drivers, Features, and Commands on Red Hat Enterprise Linux 8.6
