From: Zhuoying Cai <zycai@linux.ibm.com>
To: thuth@redhat.com, berrange@redhat.com,
richard.henderson@linaro.org, david@redhat.com,
jrossi@linux.ibm.com, qemu-s390x@nongnu.org,
qemu-devel@nongnu.org, brueckner@linux.ibm.com
Cc: walling@linux.ibm.com, jjherne@linux.ibm.com,
pasic@linux.ibm.com, borntraeger@linux.ibm.com,
farman@linux.ibm.com, mjrosato@linux.ibm.com, iii@linux.ibm.com,
eblake@redhat.com, armbru@redhat.com, zycai@linux.ibm.com,
alifm@linux.ibm.com
Subject: [PATCH v7 28/29] docs/specs: Add secure IPL documentation
Date: Mon, 8 Dec 2025 16:32:45 -0500 [thread overview]
Message-ID: <20251208213247.702569-29-zycai@linux.ibm.com> (raw)
In-Reply-To: <20251208213247.702569-1-zycai@linux.ibm.com>
Add documentation for secure IPL
Signed-off-by: Collin Walling <walling@linux.ibm.com>
---
docs/specs/s390x-secure-ipl.rst | 55 +++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst
index 70388d77d8..45f58ab49d 100644
--- a/docs/specs/s390x-secure-ipl.rst
+++ b/docs/specs/s390x-secure-ipl.rst
@@ -1,5 +1,60 @@
.. SPDX-License-Identifier: GPL-2.0-or-later
+s390 Secure IPL
+===============
+
+Secure IPL (a.k.a. secure boot) enables s390-ccw virtual machines to
+leverage qcrypto libraries and z/Architecture emulations to verify the
+integrity of signed kernels. The qcrypto libraries are used to perform
+certificate validation and signature-verification, whereas the
+z/Architecture emulations are used to ensure secure IPL data has not
+been tampered with, convey data between QEMU and userspace, and set up
+the relevant secure IPL data structures with verification results.
+
+To find out more about using this feature, see
+``docs/system/s390x/secure-ipl.rst``.
+
+Note that "userspace" will refer to the s390-ccw BIOS unless stated
+otherwise.
+
+Both QEMU and userspace work in tandem to perform secure IPL. The Secure
+Loading Attributes Facility (SCLAF) is used to check the Secure Code
+Loading Attribute Block (SCLAB) and ensure that secure IPL data has not
+been tampered with. DIAGNOSE 'X'320' is invoked by userspace to query
+the certificate store info and retrieve specific certificates from QEMU.
+DIAGNOSE 'X'508' is used by userspace to leverage qcrypto libraries to
+perform signature-verification in QEMU. Lastly, userspace generates and
+appends an IPL Information Report Block (IIRB) at the end of the IPL
+Parameter Block, which is used by the kernel to store signed and
+verified entries.
+
+The logical steps are as follows:
+
+- Userspace reads data payload from disk (e.g. stage3 boot loader, kernel)
+- Userspace checks the validity of the SCLAB
+- Userspace invokes DIAG 508 subcode 1 and provides it the payload
+- QEMU handles DIAG 508 request by reading the payload and retrieving the
+ certificate store
+- QEMU DIAG 508 utilizes qcrypto libraries to perform signature-verification on
+ the payload, attempting with each cert in the store (until success or
+ exhausted)
+- QEMU DIAG 508 returns:
+
+ - success: index of cert used to verify payload
+ - failure: error code
+
+- Userspace responds to this operation:
+
+ - success: retrieves cert from store via DIAG 320 using returned index
+ - failure: reports with warning (audit mode), aborts with error (secure mode)
+
+- Userspace appends IIRB at the end of the IPLB
+- Userspace kicks off IPL
+
+More information regarding the respective DIAGNOSE commands and IPL data
+structures are outlined within this document.
+
+
s390 Certificate Store and Functions
====================================
--
2.51.1
next prev parent reply other threads:[~2025-12-08 21:34 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-08 21:32 [PATCH v7 00/29] Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 01/29] Add boot-certs to s390-ccw-virtio machine type option Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 02/29] crypto/x509-utils: Refactor with GNUTLS fallback Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 03/29] crypto/x509-utils: Add helper functions for certificate store Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 04/29] hw/s390x/ipl: Create " Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 05/29] s390x/diag: Introduce DIAG 320 for Certificate Store Facility Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 06/29] s390x/diag: Refactor address validation check from diag308_parm_check Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 07/29] s390x/diag: Implement DIAG 320 subcode 1 Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 08/29] crypto/x509-utils: Add helper functions for DIAG 320 subcode 2 Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 09/29] s390x/diag: Implement " Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 10/29] s390x/diag: Introduce DIAG 508 for secure IPL operations Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 11/29] crypto/x509-utils: Add helper functions for DIAG 508 subcode 1 Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 12/29] s390x/diag: Implement DIAG 508 subcode 1 for signature verification Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 13/29] pc-bios/s390-ccw: Introduce IPL Information Report Block (IIRB) Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 14/29] pc-bios/s390-ccw: Define memory for IPLB and convert IPLB to pointers Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 15/29] hw/s390x/ipl: Add IPIB flags to IPL Parameter Block Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 16/29] s390x: Guest support for Secure-IPL Facility Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 17/29] pc-bios/s390-ccw: Refactor zipl_run() Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 18/29] pc-bios/s390-ccw: Rework zipl_load_segment function Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 19/29] pc-bios/s390-ccw: Add signature verification for secure IPL in audit mode Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 20/29] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF) Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 21/29] pc-bios/s390-ccw: Add additional security checks for secure boot Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 22/29] Add secure-boot to s390-ccw-virtio machine type option Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 23/29] hw/s390x/ipl: Set IPIB flags for secure IPL Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 24/29] pc-bios/s390-ccw: Handle true secure IPL mode Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 25/29] pc-bios/s390-ccw: Handle secure boot with multiple boot devices Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 26/29] hw/s390x/ipl: Handle secure boot without specifying a boot device Zhuoying Cai
2025-12-08 21:32 ` [PATCH v7 27/29] tests/functional/s390x: Add secure IPL functional test Zhuoying Cai
2025-12-08 21:32 ` Zhuoying Cai [this message]
2025-12-08 21:32 ` [PATCH v7 29/29] docs/system/s390x: Add secure IPL documentation Zhuoying Cai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251208213247.702569-29-zycai@linux.ibm.com \
--to=zycai@linux.ibm.com \
--cc=alifm@linux.ibm.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=brueckner@linux.ibm.com \
--cc=david@redhat.com \
--cc=eblake@redhat.com \
--cc=farman@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=jjherne@linux.ibm.com \
--cc=jrossi@linux.ibm.com \
--cc=mjrosato@linux.ibm.com \
--cc=pasic@linux.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=thuth@redhat.com \
--cc=walling@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).