From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3B895CAC59F for ; Wed, 17 Sep 2025 23:27:22 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uz1TL-0005Y4-UJ; Wed, 17 Sep 2025 19:21:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uz1TH-0005Ve-Jz for qemu-devel@nongnu.org; Wed, 17 Sep 2025 19:21:55 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uz1TF-0002QQ-Dz for qemu-devel@nongnu.org; Wed, 17 Sep 2025 19:21:55 -0400 Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 58HHxt5v031253; Wed, 17 Sep 2025 23:21:51 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=dtv+tJpdfslL6s1hJ 5/hA8NjLyVCtoNp3TaUht+P5W0=; b=hpm13sQR70t3es1wio93U9hyZEZvTlGrx FJOlzPHPjEPXGwQpI5QvmWwBYa3jPuKnpdXevSMI/9n7ZzWIi0lhGg+OFadiAf9s YZeBd7cWyr8/PJX0da0TP2Tn1CocOn0utzFnVWrWQWezS8HVXkyMXb0zen3AAlnU xfidhjFVdBpG4961UpNnlzzseP5+lpPhV1veapwOVCPLEB3aRqCAGSkdvt+UCBcn LCoI0J2g6EehYf1z+pyccrb335a7xIUoGscWp+dQA2ORAni6N6AwF79r6W5GPFpT tsBUoMXO5bzrPh3xEHDh+a6CwrWGmVKe/h7UbsPWcvbxqZ49TYBKA== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 497g4hpuvf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 17 Sep 2025 23:21:51 +0000 (GMT) Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id 58HMZaEQ009382; Wed, 17 Sep 2025 23:21:49 GMT Received: from smtprelay02.wdc07v.mail.ibm.com ([172.16.1.69]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 495nn3kghx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 17 Sep 2025 23:21:49 +0000 Received: from smtpav02.dal12v.mail.ibm.com (smtpav02.dal12v.mail.ibm.com [10.241.53.101]) by smtprelay02.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 58HNLmBl32178838 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 17 Sep 2025 23:21:48 GMT Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E2F1B5805E; Wed, 17 Sep 2025 23:21:47 +0000 (GMT) Received: from smtpav02.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DC0495805A; Wed, 17 Sep 2025 23:21:46 +0000 (GMT) Received: from fedora-workstation.ibmuc.com (unknown [9.61.34.172]) by smtpav02.dal12v.mail.ibm.com (Postfix) with ESMTP; Wed, 17 Sep 2025 23:21:46 +0000 (GMT) From: Zhuoying Cai To: thuth@redhat.com, berrange@redhat.com, richard.henderson@linaro.org, david@redhat.com, jrossi@linux.ibm.com, qemu-s390x@nongnu.org, qemu-devel@nongnu.org Cc: walling@linux.ibm.com, jjherne@linux.ibm.com, pasic@linux.ibm.com, borntraeger@linux.ibm.com, farman@linux.ibm.com, mjrosato@linux.ibm.com, iii@linux.ibm.com, eblake@redhat.com, armbru@redhat.com, zycai@linux.ibm.com, alifm@linux.ibm.com Subject: [PATCH v6 13/28] pc-bios/s390-ccw: Introduce IPL Information Report Block (IIRB) Date: Wed, 17 Sep 2025 19:21:15 -0400 Message-ID: <20250917232131.495848-14-zycai@linux.ibm.com> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20250917232131.495848-1-zycai@linux.ibm.com> References: <20250917232131.495848-1-zycai@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: joT-mhsC0nMVBpMoGS4pTiR-J0jdbXsy X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwOTE2MDIwNCBTYWx0ZWRfX8K8W/VFdg6cM 0xlV2LmU2mTejbJ67m3MT978gyM2aC+kMnfkJtG9XU5fAOcb8OfFcZn4yNybOJ6L0Izb1Ydf9fE QqYiv4qBOygB3kDfH6inOw6cM6cwbEToZ7Te3IwW6AZKJgIrLgQAqmlnXN89qwTFHiVEV8kvoHc D+bFsEHYWGKgtsLH5TZxOXjuuT5OVh0UtiQ7YCxku2FGTBg9QoevUjovEeMkf6bDLlzreDA8LVn rQuIoF700c5Fnr8wEos4cQ6IsPdADdY7b73/uWqO/iwyeqYIJkbD2U+aouTIIUZLNU60mje9Z7I 4LB8JhRxlI3iDI9oHvclCNuR1oBt6iRbRNZR/Z3h9+e/oUsUV23/T937IXbF4eOjZQZGvwHCDIW bj6/cY4u X-Proofpoint-GUID: joT-mhsC0nMVBpMoGS4pTiR-J0jdbXsy X-Authority-Analysis: v=2.4 cv=co2bk04i c=1 sm=1 tr=0 ts=68cb428f cx=c_pps a=aDMHemPKRhS1OARIsFnwRA==:117 a=aDMHemPKRhS1OARIsFnwRA==:17 a=yJojWOMRYYMA:10 a=VnNF1IyMAAAA:8 a=1JLT7A-2tSAM-sJnsQYA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1117,Hydra:6.1.9,FMLib:17.12.80.40 definitions=2025-09-17_01,2025-09-17_02,2025-03-28_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 impostorscore=0 priorityscore=1501 suspectscore=0 adultscore=0 phishscore=0 malwarescore=0 spamscore=0 bulkscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.19.0-2507300000 definitions=main-2509160204 Received-SPF: pass client-ip=148.163.156.1; envelope-from=zycai@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org The IPL information report block (IIRB) contains information used to locate IPL records and to report the results of signature verification of one or more secure components of the load device. IIRB is stored immediately following the IPL Parameter Block. Results on component verification in any case (failure or success) are stored. Signed-off-by: Zhuoying Cai --- docs/specs/s390x-secure-ipl.rst | 14 ++++++++ pc-bios/s390-ccw/iplb.h | 62 +++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+) diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst index eec368d17b..760a066084 100644 --- a/docs/specs/s390x-secure-ipl.rst +++ b/docs/specs/s390x-secure-ipl.rst @@ -71,3 +71,17 @@ Subcode 1 - perform signature verification Perform signature-verification on a signed component, using certificates from the certificate store and leveraging qcrypto libraries to perform this operation. + + +IPL Information Report Block +---------------------------- + +The IPL Parameter Block (IPLPB), utilized for IPL operation, is extended with an +IPL Information Report Block (IIRB), which contains the results from secure IPL +operations such as: + +* component data +* verification results +* certificate data + +The guest kernel will inspect the IIRB and build the keyring. diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h index 08f259ff31..bdbc733e16 100644 --- a/pc-bios/s390-ccw/iplb.h +++ b/pc-bios/s390-ccw/iplb.h @@ -23,6 +23,68 @@ extern QemuIplParameters qipl; extern IplParameterBlock iplb __attribute__((__aligned__(PAGE_SIZE))); extern bool have_iplb; +struct IplInfoReportBlockHeader { + uint32_t len; + uint8_t iirb_flags; + uint8_t reserved1[2]; + uint8_t version; + uint8_t reserved2[8]; +} __attribute__ ((packed)); +typedef struct IplInfoReportBlockHeader IplInfoReportBlockHeader; + +struct IplInfoBlockHeader { + uint32_t len; + uint8_t ibt; + uint8_t reserved1[3]; + uint8_t reserved2[8]; +} __attribute__ ((packed)); +typedef struct IplInfoBlockHeader IplInfoBlockHeader; + +enum IplIbt { + IPL_IBT_CERTIFICATES = 1, + IPL_IBT_COMPONENTS = 2, +}; + +struct IplSignatureCertificateEntry { + uint64_t addr; + uint64_t len; +} __attribute__ ((packed)); +typedef struct IplSignatureCertificateEntry IplSignatureCertificateEntry; + +struct IplSignatureCertificateList { + IplInfoBlockHeader ipl_info_header; + IplSignatureCertificateEntry cert_entries[MAX_CERTIFICATES]; +} __attribute__ ((packed)); +typedef struct IplSignatureCertificateList IplSignatureCertificateList; + +#define S390_IPL_COMPONENT_FLAG_SC 0x80 +#define S390_IPL_COMPONENT_FLAG_CSV 0x40 + +struct IplDeviceComponentEntry { + uint64_t addr; + uint64_t len; + uint8_t flags; + uint8_t reserved1[5]; + uint16_t cert_index; + uint8_t reserved2[8]; +} __attribute__ ((packed)); +typedef struct IplDeviceComponentEntry IplDeviceComponentEntry; + +struct IplDeviceComponentList { + IplInfoBlockHeader ipl_info_header; + IplDeviceComponentEntry device_entries[MAX_CERTIFICATES]; +} __attribute__ ((packed)); +typedef struct IplDeviceComponentList IplDeviceComponentList; + +#define COMP_LIST_MAX sizeof(IplDeviceComponentList) +#define CERT_LIST_MAX sizeof(IplSignatureCertificateList) + +struct IplInfoReportBlock { + IplInfoReportBlockHeader hdr; + uint8_t info_blks[COMP_LIST_MAX + CERT_LIST_MAX]; +} __attribute__ ((packed)); +typedef struct IplInfoReportBlock IplInfoReportBlock; + #define S390_IPL_TYPE_FCP 0x00 #define S390_IPL_TYPE_CCW 0x02 #define S390_IPL_TYPE_QEMU_SCSI 0xff -- 2.50.1