From: Jared Rossi <jrossi@linux.ibm.com>
To: Thomas Huth <thuth@redhat.com>,
Zhuoying Cai <zycai@linux.ibm.com>,
richard.henderson@linaro.org, david@redhat.com,
pbonzini@redhat.com
Cc: walling@linux.ibm.com, jjherne@linux.ibm.com,
fiuczy@linux.ibm.com, pasic@linux.ibm.com,
borntraeger@linux.ibm.com, farman@linux.ibm.com,
iii@linux.ibm.com, qemu-s390x@nongnu.org, qemu-devel@nongnu.org
Subject: Re: [PATCH v1 13/24] hw/s390x/ipl: Set iplb->len to maximum length of IPL Parameter Block
Date: Fri, 11 Apr 2025 11:39:35 -0400 [thread overview]
Message-ID: <630be5a9-c27d-40c4-95b3-139e8fcb355d@linux.ibm.com> (raw)
In-Reply-To: <3033a0df-44d5-458d-b738-cb93456e9f75@redhat.com>
On 4/11/25 10:46 AM, Thomas Huth wrote:
> On 08/04/2025 17.55, Zhuoying Cai wrote:
>> The IPL Information Report Block (IIRB) immediately follows the IPL
>> Parameter Block (IPLB).
>>
>> The IPLB struct is allocated 4KB in memory, and iplb->len indicates
>> the amount of memory currently used by the IPLB.
>>
>> To ensure proper alignment of the IIRB and prevent overlap, set
>> iplb->len to the maximum length of the IPLB, allowing alignment
>> constraints to be determined based on its size.
>>
>> Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
>> ---
>> hw/s390x/ipl.c | 6 +++---
>> hw/s390x/ipl.h | 1 +
>> 2 files changed, 4 insertions(+), 3 deletions(-)
>>
>> diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c
>> index 59ec81181d..b646fcc74e 100644
>> --- a/hw/s390x/ipl.c
>> +++ b/hw/s390x/ipl.c
>> @@ -460,7 +460,7 @@ static bool s390_build_iplb(DeviceState *dev_st,
>> IplParameterBlock *iplb)
>> if (scsi_lp && strlen(scsi_lp) > 0) {
>> lp = scsi_lp;
>> }
>> - iplb->len = cpu_to_be32(S390_IPLB_MIN_QEMU_SCSI_LEN);
>> + iplb->len = cpu_to_be32(S390_IPLB_MAX_LEN);
>> iplb->blk0_len =
>> cpu_to_be32(S390_IPLB_MIN_QEMU_SCSI_LEN -
>> S390_IPLB_HEADER_LEN);
>> iplb->pbt = S390_IPL_TYPE_QEMU_SCSI;
>> @@ -471,14 +471,14 @@ static bool s390_build_iplb(DeviceState
>> *dev_st, IplParameterBlock *iplb)
>> iplb->scsi.ssid = ccw_dev->sch->ssid & 3;
>> break;
>> case CCW_DEVTYPE_VFIO:
>> - iplb->len = cpu_to_be32(S390_IPLB_MIN_CCW_LEN);
>> + iplb->len = cpu_to_be32(S390_IPLB_MAX_LEN);
>> iplb->pbt = S390_IPL_TYPE_CCW;
>> iplb->ccw.devno = cpu_to_be16(ccw_dev->sch->devno);
>> iplb->ccw.ssid = ccw_dev->sch->ssid & 3;
>> break;
>> case CCW_DEVTYPE_VIRTIO_NET:
>> case CCW_DEVTYPE_VIRTIO:
>> - iplb->len = cpu_to_be32(S390_IPLB_MIN_CCW_LEN);
>> + iplb->len = cpu_to_be32(S390_IPLB_MAX_LEN);
>> iplb->blk0_len =
>> cpu_to_be32(S390_IPLB_MIN_CCW_LEN -
>> S390_IPLB_HEADER_LEN);
>> iplb->pbt = S390_IPL_TYPE_CCW;
>
> Wouldn't it make sense to only do this iff the secure IPL is also used?
The size of the IPLB struct itself is always the 4K max length, just
that most of it is (currently) unused reserved space at the end. With
secure IPL this matters for alignment, because the next block (IIRB)
must follow immediately after the IPLB in memory, but I think in general
the length of the IPLB as a whole should be 4K anyway, since that is
what's actually allocated for the IplParameterBlock struct.
>
> Thomas
>
next prev parent reply other threads:[~2025-04-11 15:40 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-08 15:55 [PATCH v1 00/24] Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 01/24] Add -boot-certificates /path/dir:/path/file option in QEMU command line Zhuoying Cai
2025-04-11 10:44 ` Thomas Huth
2025-04-11 12:57 ` Daniel P. Berrangé
2025-04-11 13:33 ` Daniel P. Berrangé
2025-04-11 17:45 ` Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 02/24] hw/s390x/ipl: Create certificate store Zhuoying Cai
2025-04-11 12:44 ` Thomas Huth
2025-04-11 13:02 ` Daniel P. Berrangé
2025-04-08 15:55 ` [PATCH v1 03/24] s390x: Guest support for Certificate Store Facility (CS) Zhuoying Cai
2025-04-11 13:28 ` Thomas Huth
2025-04-14 17:53 ` Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 04/24] s390x/diag: Introduce DIAG 320 for certificate store facility Zhuoying Cai
2025-04-11 13:43 ` Thomas Huth
2025-04-11 18:37 ` Collin Walling
2025-04-08 15:55 ` [PATCH v1 05/24] s390x/diag: Refactor address validation check from diag308_parm_check Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 06/24] s390x/diag: Implement DIAG 320 subcode 1 Zhuoying Cai
2025-04-11 13:57 ` Thomas Huth
2025-04-17 19:57 ` Collin Walling
2025-04-11 17:40 ` Farhan Ali
2025-04-08 15:55 ` [PATCH v1 07/24] s390x/diag: Implement DIAG 320 subcode 2 Zhuoying Cai
2025-04-16 21:32 ` Collin Walling
2025-04-08 15:55 ` [PATCH v1 08/24] s390x/diag: Introduce DIAG 508 for secure IPL operations Zhuoying Cai
2025-04-11 14:22 ` Thomas Huth
2025-04-08 15:55 ` [PATCH v1 09/24] s390x/diag: Implement DIAG 508 subcode 2 for signature verification Zhuoying Cai
2025-04-11 14:38 ` Thomas Huth
2025-04-11 17:30 ` Collin Walling
2025-04-08 15:55 ` [PATCH v1 10/24] pc-bios/s390-ccw: Introduce IPL Information Report Block (IIRB) Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 11/24] pc-bios/s390-ccw: Define memory for IPLB and convert IPLB to pointers Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 12/24] hw/s390x/ipl: Add IPIB flags to IPL Parameter Block Zhuoying Cai
2025-04-11 19:13 ` Farhan Ali
2025-04-08 15:55 ` [PATCH v1 13/24] hw/s390x/ipl: Set iplb->len to maximum length of " Zhuoying Cai
2025-04-11 14:46 ` Thomas Huth
2025-04-11 15:39 ` Jared Rossi [this message]
2025-04-08 15:55 ` [PATCH v1 14/24] s390x: Guest support for Secure-IPL Facility Zhuoying Cai
2025-04-17 4:58 ` Thomas Huth
2025-04-17 18:54 ` Collin Walling
2025-04-08 15:55 ` [PATCH v1 15/24] pc-bios/s390-ccw: Refactor zipl_run() Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 16/24] pc-bios/s390-ccw: Refactor zipl_load_segment function Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 17/24] pc-bios/s390-ccw: Add signature verification for secure boot in audit mode Zhuoying Cai
2025-04-13 23:57 ` Jared Rossi
2025-04-17 22:39 ` Collin Walling
2025-04-08 15:55 ` [PATCH v1 18/24] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF) Zhuoying Cai
2025-04-17 4:57 ` Thomas Huth
2025-04-08 15:55 ` [PATCH v1 19/24] pc-bios/s390-ccw: Add additional security checks for secure boot Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 20/24] Add -secure-boot on|off option in QEMU command line Zhuoying Cai
2025-04-11 14:50 ` Thomas Huth
2025-04-08 15:55 ` [PATCH v1 21/24] hw/s390x/ipl: Set IPIB flags for secure IPL Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 22/24] pc-bios/s390-ccw: Handle true secure IPL mode Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 23/24] pc-bios/s390-ccw: Handle secure boot with multiple boot devices Zhuoying Cai
2025-04-08 15:55 ` [PATCH v1 24/24] hw/s390x/ipl: Handle secure boot without specifying a boot device Zhuoying Cai
2025-04-16 22:11 ` Collin Walling
2025-04-17 13:53 ` Jared Rossi
2025-04-17 14:13 ` Zhuoying Cai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=630be5a9-c27d-40c4-95b3-139e8fcb355d@linux.ibm.com \
--to=jrossi@linux.ibm.com \
--cc=borntraeger@linux.ibm.com \
--cc=david@redhat.com \
--cc=farman@linux.ibm.com \
--cc=fiuczy@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=jjherne@linux.ibm.com \
--cc=pasic@linux.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=thuth@redhat.com \
--cc=walling@linux.ibm.com \
--cc=zycai@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).