lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230517175428.14489c11@p-imbrenda>
Date:   Wed, 17 May 2023 17:54:28 +0200
From:   Claudio Imbrenda <imbrenda@...ux.ibm.com>
To:     Steffen Eiden <seiden@...ux.ibm.com>
Cc:     kvm@...r.kernel.org, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Viktor Mihajlovski <mihajlov@...ux.ibm.com>,
        Janosch Frank <frankja@...ux.ibm.com>,
        Nico Boehr <nrb@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ux.ibm.com>,
        Heiko Carstens <hca@...ux.ibm.com>,
        Hendrik Brueckner <brueckner@...ux.ibm.com>
Subject: Re: [PATCH 5/5] s390/uv: Update query for secret-UVCs

On Fri, 12 May 2023 11:31:53 +0200
Steffen Eiden <seiden@...ux.ibm.com> wrote:

> Update the query struct such that secret-UVC related
> information can be parsed.
> Add sysfs files for these new values.
> 
> Signed-off-by: Steffen Eiden <seiden@...ux.ibm.com>
> ---
>  arch/s390/boot/uv.c        |  4 ++++
>  arch/s390/include/asm/uv.h | 11 ++++++++++-
>  arch/s390/kernel/uv.c      | 40 ++++++++++++++++++++++++++++++++++++++
>  3 files changed, 54 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/s390/boot/uv.c b/arch/s390/boot/uv.c
> index 0a077c0a2056..323b5cae3cf1 100644
> --- a/arch/s390/boot/uv.c
> +++ b/arch/s390/boot/uv.c
> @@ -47,6 +47,10 @@ void uv_query_info(void)
>  		uv_info.conf_dump_finalize_len = uvcb.conf_dump_finalize_len;
>  		uv_info.supp_att_req_hdr_ver = uvcb.supp_att_req_hdr_ver;
>  		uv_info.supp_att_pflags = uvcb.supp_att_pflags;
> +		uv_info.supp_add_secret_req_ver = uvcb.supp_add_secret_req_ver;
> +		uv_info.supp_add_secret_pcf = uvcb.supp_add_secret_pcf;
> +		uv_info.supp_secret_types = uvcb.supp_secret_types;
> +		uv_info.max_secrets = uvcb.max_num_secrets;
>  	}
>  
>  #ifdef CONFIG_PROTECTED_VIRTUALIZATION_GUEST
> diff --git a/arch/s390/include/asm/uv.h b/arch/s390/include/asm/uv.h
> index 6180ac8909d5..eb2e11d8123f 100644
> --- a/arch/s390/include/asm/uv.h
> +++ b/arch/s390/include/asm/uv.h
> @@ -135,7 +135,12 @@ struct uv_cb_qui {
>  	u64 reservedd8;				/* 0x00d8 */
>  	u64 supp_att_req_hdr_ver;		/* 0x00e0 */
>  	u64 supp_att_pflags;			/* 0x00e8 */
> -	u8 reservedf0[256 - 240];		/* 0x00f0 */
> +	u64 reservedf0;				/* 0x00f0 */
> +	u64 supp_add_secret_req_ver;		/* 0x00f8 */
> +	u64 supp_add_secret_pcf;		/* 0x0100 */
> +	u64 supp_secret_types;			/* 0x0180 */
> +	u16 max_num_secrets;			/* 0x0110 */
> +	u8 reserved112[288 - 274];		/* 0x0112 */

I think it would be more readable and maintainable if you put the
offsets in hex (i.e. reserved112[0x120 - 0x112])

otherwise, something like this:

u16 max_num_secrets;
u16 reserved112[3]
u64 reserved118;

(I know it was not in hex before, it was not necessarily nice as it was)

>  } __packed __aligned(8);
>  
>  /* Initialize Ultravisor */
> @@ -384,6 +389,10 @@ struct uv_info {
>  	unsigned long conf_dump_finalize_len;
>  	unsigned long supp_att_req_hdr_ver;
>  	unsigned long supp_att_pflags;
> +	unsigned long supp_add_secret_req_ver;
> +	unsigned long supp_add_secret_pcf;
> +	unsigned long supp_secret_types;
> +	unsigned short max_secrets;
>  };
>  
>  extern struct uv_info uv_info;
> diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c
> index 9f18a4af9c13..381444511bb7 100644
> --- a/arch/s390/kernel/uv.c
> +++ b/arch/s390/kernel/uv.c
> @@ -587,6 +587,42 @@ static ssize_t uv_query_supp_att_pflags(struct kobject *kobj,
>  static struct kobj_attribute uv_query_supp_att_pflags_attr =
>  	__ATTR(supp_att_pflags, 0444, uv_query_supp_att_pflags, NULL);
>  
> +static ssize_t uv_query_supp_add_secret_req_ver(struct kobject *kobj,
> +						struct kobj_attribute *attr, char *page)
> +{
> +	return scnprintf(page, PAGE_SIZE, "%lx\n", uv_info.supp_add_secret_req_ver);
> +}
> +
> +static struct kobj_attribute uv_query_supp_add_secret_req_ver_attr =
> +	__ATTR(supp_add_secret_req_ver, 0444, uv_query_supp_add_secret_req_ver, NULL);
> +
> +static ssize_t uv_query_supp_add_secret_pcf(struct kobject *kobj,
> +					    struct kobj_attribute *attr, char *page)
> +{
> +	return scnprintf(page, PAGE_SIZE, "%lx\n", uv_info.supp_add_secret_pcf);
> +}
> +
> +static struct kobj_attribute uv_query_supp_add_secret_pcf_attr =
> +	__ATTR(supp_add_secret_pcf, 0444, uv_query_supp_add_secret_pcf, NULL);
> +
> +static ssize_t uv_query_supp_secret_types(struct kobject *kobj,
> +					  struct kobj_attribute *attr, char *page)
> +{
> +	return scnprintf(page, PAGE_SIZE, "%lx\n", uv_info.supp_secret_types);
> +}
> +
> +static struct kobj_attribute uv_query_supp_secret_types_attr =
> +	__ATTR(supp_secret_types, 0444, uv_query_supp_secret_types, NULL);
> +
> +static ssize_t uv_query_max_secrets(struct kobject *kobj,
> +				    struct kobj_attribute *attr, char *page)
> +{
> +	return scnprintf(page, PAGE_SIZE, "%d\n", uv_info.max_secrets);
> +}
> +
> +static struct kobj_attribute uv_query_max_num_secrets_attr =
> +	__ATTR(max_secrets, 0444, uv_query_max_secrets, NULL);
> +
>  static struct attribute *uv_query_attrs[] = {
>  	&uv_query_facilities_attr.attr,
>  	&uv_query_feature_indications_attr.attr,
> @@ -600,6 +636,10 @@ static struct attribute *uv_query_attrs[] = {
>  	&uv_query_dump_cpu_len_attr.attr,
>  	&uv_query_supp_att_req_hdr_ver_attr.attr,
>  	&uv_query_supp_att_pflags_attr.attr,
> +	&uv_query_supp_add_secret_req_ver_attr.attr,
> +	&uv_query_supp_add_secret_pcf_attr.attr,
> +	&uv_query_supp_secret_types_attr.attr,
> +	&uv_query_max_num_secrets_attr.attr,
>  	NULL,
>  };
>  

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ