Merge branch 'protected-key' into features

Harald Freudenberger says:

===================
This patches do some cleanup and reorg of the pkey module code and
extend the existing ioctl with supporting derivation of protected
key material from clear key material for some ECC curves with the
help of the PCKMO instruction.

Please note that 'protected key' is a special type of key only
available on s390. It is similar to an secure key which is encrypted
by a master key sitting inside an HSM. In contrast to secure keys
a protected key is encrypted by a random key located in a hidden
firmware memory accessible by the CPU and thus much faster but
less secure.
===================

The merged updates are:

- Fix the style of protected key API driver source: use
  x-mas tree for all local variable declarations.

- Rework protected key API driver to not use the struct
  pkey_protkey and pkey_clrkey anymore. Both structures
  have a fixed size buffer, but with the support of ECC
  protected key these buffers are not big enough. Use
  dynamic buffers internally and transparently for
  userspace.

- Add support for a new 'non CCA clear key token' with
  ECC clear keys supported: ECC P256, ECC P384, ECC P521,
  ECC ED25519 and ECC ED448. This makes it possible to
  derive a protected key from the ECC clear key input via
  PKEY_KBLOB2PROTK3 ioctl, while currently the only way
  to derive is via PCKMO instruction.

Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>