lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7268565b-bb34-43fa-463e-8b9bf732b721@linux.ibm.com>
Date:   Wed, 16 Mar 2022 10:04:41 +0100
From:   Janosch Frank <frankja@...ux.ibm.com>
To:     Steffen Eiden <seiden@...ux.ibm.com>, linux-s390@...r.kernel.org
Cc:     Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ux.ibm.com>,
        Alexander Gordeev <agordeev@...ux.ibm.com>,
        David Hildenbrand <david@...hat.com>,
        Claudio Imbrenda <imbrenda@...ux.ibm.com>,
        Shuah Khan <shuah@...nel.org>, Nico Boehr <nrb@...ux.ibm.com>,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v3 0/4] s390: Ultravisor device

On 3/4/22 15:11, Steffen Eiden wrote:
> This series adds an Ultravisor(UV) device letting the userspace send some
> Ultravisor calls to the UV. Currently two calls are supported.
> Query Ultravisor Information (QUI) and
> Receive Attestation Measurement (Attest[ation]).
> 
> The UV device is implemented as a miscdevice accepting only IOCTLs.
> The IOCTL cmd specifies the UV call and the IOCTL arg the request
> and response data depending on the UV call.
> The device driver writes the UV response in the ioctl argument data.
> 
> The 'uvdevice' does no checks on the request beside faulty userspace
> addresses, if sizes are in a sane range before allocating in kernel space,
> and other tests that prevent the system from corruption.
> Especially, no checks are made, that will be performed by the UV anyway
> (E.g. 'invalid command' in case of attestation on unsupported hardware).
> These errors are reported back to Userspace using the UV return code
> field.
> 
> The first two patches introduce the new device as a module configured to be
> compiled directly into the kernel (y) similar to the s390 SCLP and CHSH
> miscdevice modules. Patch 3&4 introduce Kselftests which verify error
> paths of the ioctl.

Please fixup the commit message in the first patch and then push patches 
#1 and #3 to devel so we get CI coverage.

For now I'd opt to not include the qui patches but please put them on a 
branch. They might prove to be useful at a later time.

> 
> v2->v3:
>     The main change is that QUI is now introduced after Attestation as we
>     might not want pick it. Also the Kselftest patch is splitted into
>     Attestation and QUI so that they can be picked without requiring
>     QUI support of the uvdevice.
> 
>    * dropped the Kconfig dependency
>    * reorganized the series:
>      - Patch 1 now covers the introduction of the uvdevice and Attestation
>      - Patch 2 adds QUI to uvdevice
>      - Patch 3/4 add Kselftests for Attestation and QUI
>    * fixed some nits
>    * added some comments
> 
> v1->v2:
>    * ioctl returns -ENOIOCTLCMD in case of a invalid ioctl command
>    * streamlined reserved field test
>    * default Kconfig is y instead of m
>    * improved selftest documentation
> 
> Steffen Eiden (4):
>    drivers/s390/char: Add Ultravisor io device
>    drivers/s390/char: Add Query Ultravisor Information to uvdevice
>    selftests: drivers/s390x: Add uvdevice tests
>    selftests: drivers/s390x: Add uvdevice  QUI tests
> 
>   MAINTAINERS                                   |   3 +
>   arch/s390/include/asm/uv.h                    |  23 +-
>   arch/s390/include/uapi/asm/uvdevice.h         |  53 +++
>   drivers/s390/char/Kconfig                     |  10 +
>   drivers/s390/char/Makefile                    |   1 +
>   drivers/s390/char/uvdevice.c                  | 320 ++++++++++++++++++
>   tools/testing/selftests/Makefile              |   1 +
>   tools/testing/selftests/drivers/.gitignore    |   1 +
>   .../selftests/drivers/s390x/uvdevice/Makefile |  22 ++
>   .../selftests/drivers/s390x/uvdevice/config   |   1 +
>   .../drivers/s390x/uvdevice/test_uvdevice.c    | 281 +++++++++++++++
>   11 files changed, 715 insertions(+), 1 deletion(-)
>   create mode 100644 arch/s390/include/uapi/asm/uvdevice.h
>   create mode 100644 drivers/s390/char/uvdevice.c
>   create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/Makefile
>   create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/config
>   create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/test_uvdevice.c
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ