| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Feb 2019 15:26:09 -0500
From: Tony Krowiak <akrowiak@...ux.ibm.com>
To: Harald Freudenberger <freude@...ux.ibm.com>,
Heiko Carstens <heiko.carstens@...ibm.com>
Cc: Sebastian Ott <sebott@...ux.ibm.com>, linux-s390@...r.kernel.org,
linux-kernel@...r.kernel.org,
Martin Schwidefsky <schwidefsky@...ibm.com>,
oberpar@...ux.ibm.com, pmorel@...ux.ibm.com, pasic@...ux.ibm.com,
cohuck@...hat.com
Subject: Re: [PATCH] zcrypt: handle AP Info notification from CHSC SEI command
On 2/4/19 5:06 AM, Harald Freudenberger wrote:
> On 01.02.19 16:38, Tony Krowiak wrote:
>> On 2/1/19 4:01 AM, Heiko Carstens wrote:
>>> On Thu, Jan 31, 2019 at 06:28:39PM -0500, Tony Krowiak wrote:
>>>> On 1/30/19 1:32 PM, Sebastian Ott wrote:
>>>>> On Wed, 30 Jan 2019, Tony Krowiak wrote:
>>>>>> +#if IS_ENABLED(CONFIG_ZCRYPT)
>>>>>> +void ap_bus_cfg_chg(void);
>>>>>> +#else
>>>>>> +#error "no CONFIG_ZCRYPT"
>>>>> ^
>>>>> I don't think that's the right thing to do here.
>>>>
>>>> I'd like to leave it. If somebody edits .config
>>>> and sets CONFIG_ZCRYPT=n, then the build will
>>>> fail. The preprocessor error above tells them
>>>> why.
>>>
>>> No, the kernel build should never fail if a config option is not set.
>>> Also the above should be "#ifdef CONFIG_ZCRYPT".
>>
>> Will do.
>>
>>>
>>> In addition (this isn't quoted unfortunately) the alternative function
>>> in the header file is missing the "inline" attribute. Can you please
>>> add that too?
>>
>> I can.
>>
>>>
>>> static inline void ap_bus_cfg_chg(void) { }
>>>
>>>>>> +* A config change has happened, Force an ap bus rescan.
>>>>>> +*/
>>>>>> +void ap_bus_cfg_chg(void)
>>>>>> +{
>>>>>> + AP_DBF(DBF_INFO, "%s config change, forcing bus rescan\n", __func__);
>>>>>> +
>>>>>> + ap_bus_force_rescan();
>>>>>> +}
>>>>>> +EXPORT_SYMBOL(ap_bus_cfg_chg);
>>>>>
>>>>> There is no need for the export symbol - you don't call that function
>>>> >from module code.
>>>>> As an unrelated question, just to be sure: ap_bus.c is compiled as
>>>>> built-in even with ZCRYPT=m, right?
>>>>
>>>> No. If you edit .config and set CONFIG_ZCRYPT=m, ap_bus.c will be built
>>>> into the zcrypt.ko module. Through some other magic, the zcrypt module
>>>> is loaded when linux boots.
>>>
>>> If that happens, then we have a build problem that needs to be
>>> fixed. What exactly are you doing to get the ap code linked into the
>>> zcrypt module?
>>
>> To tell you the truth, I don't know. The build configuration precedes my
>> creating this patch by many years. I only discovered these anomalies by
>> playing with the CONFIG_ZCRYPT option in response to Sebastian's
>> comments. I will have to take this up with our internal IBM maintainer.
>>
>>>
>>
> As Martin already pointed out the ap bus code is statically build into the kernel
> with this line in the Makefile:
> obj-$(subst m,y,$(CONFIG_ZCRYPT)) += ap.o
> So CONFIG_ZCRYPT may have the value 'm' or 'y'
> and this is also the reason why a simple #ifdef CONFIG_ZCRYPT does not
> work, instead #if IS_ENABLED(CONFIG_ZCRYPT) has to be used.
>
> Only the ap stuff (which is: ap_bus.o, ap_card.o and ap_queue.o) is statically
> build into the kernel. The zcrypt kernel module is loaded as a dependency
> when a crypto card is detected. So detecting a CEX4 forces kernel module
> zcrypt_cex4.ko which forces the zcrypt.ko to insert into the kernel.
> So all global functions in ap_bus.c are available when CONFIG_ZCRYPT is
> enabled. However, I thought the symbol still needs an EXPORT_SYMBOL()
> statement. Otherwise I should throw out all these statements.
>
> Harald
Thank you for explaining that Harald.
Tony K
>
Powered by blists - more mailing lists