| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Jun 2023 15:19:50 +0200
From: Janosch Frank <frankja@...ux.ibm.com>
To: Steffen Eiden <seiden@...ux.ibm.com>, kvm@...r.kernel.org,
linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
Viktor Mihajlovski <mihajlov@...ux.ibm.com>
Cc: Claudio Imbrenda <imbrenda@...ux.ibm.com>,
Nico Boehr <nrb@...ux.ibm.com>,
Christian Borntraeger <borntraeger@...ux.ibm.com>,
Heiko Carstens <hca@...ux.ibm.com>,
Hendrik Brueckner <brueckner@...ux.ibm.com>
Subject: Re: [PATCH v2 2/6] s390/uvdevice: Add 'Add Secret' UVC
On 5/19/23 11:37, Steffen Eiden wrote:
> Userspace can call the Add Secret Ultravisor Call
> using IOCTLs on the uvdevice.
> During the handling of the new IOCTL nr the uvdevice will do some sanity
> checks first. Then, copy the request data to kernel space, perform the
> Ultravisor command, and copy the return codes to userspace.
> If the Add Secret UV facility is not present,
> UV will return invalid command rc. This won't be fenced in the driver
> and does not result in a negative return value. This is also true for
> any other possible error code the UV can return.
>
> Signed-off-by: Steffen Eiden <seiden@...ux.ibm.com>
> ---
> arch/s390/include/asm/uv.h | 14 +++++++
> arch/s390/include/uapi/asm/uvdevice.h | 4 ++
> drivers/s390/char/uvdevice.c | 58 +++++++++++++++++++++++++++
> 3 files changed, 76 insertions(+)
>
> diff --git a/arch/s390/include/asm/uv.h b/arch/s390/include/asm/uv.h
> index 28a9ad57b6f1..a7dff64e1e24 100644
> --- a/arch/s390/include/asm/uv.h
> +++ b/arch/s390/include/asm/uv.h
> @@ -58,6 +58,7 @@
> #define UVC_CMD_SET_SHARED_ACCESS 0x1000
> #define UVC_CMD_REMOVE_SHARED_ACCESS 0x1001
> #define UVC_CMD_RETR_ATTEST 0x1020
> +#define UVC_CMD_ADD_SECRET 0x1031
>
> /* Bits in installed uv calls */
> enum uv_cmds_inst {
> @@ -88,6 +89,7 @@ enum uv_cmds_inst {
> BIT_UVC_CMD_DUMP_CPU = 26,
> BIT_UVC_CMD_DUMP_COMPLETE = 27,
> BIT_UVC_CMD_RETR_ATTEST = 28,
> + BIT_UVC_CMD_ADD_SECRET = 29,
> };
>
> enum uv_feat_ind {
> @@ -292,6 +294,18 @@ struct uv_cb_dump_complete {
> u64 reserved30[5];
> } __packed __aligned(8);
>
> +/*
> + * A common call for pv guests that contains a single address
control block struct
> + * Examples:
> + * Add Secret
> + */
> +struct uv_cb_guest_addr {
> + struct uv_cb_header header;
> + u64 reserved08[3];
> + u64 addr;
> + u64 reserved28[4];
> +} __packed __aligned(8);
> +
[...]
> +static int uvio_add_secret(struct uvio_ioctl_cb *uv_ioctl)
> +{
> + void __user *user_buf_arg = (void __user *)uv_ioctl->argument_addr;
> + struct uv_cb_guest_addr uvcb = {
> + .header.len = sizeof(uvcb),
> + .header.cmd = UVC_CMD_ADD_SECRET,
> + };
> + void *asrcb = NULL;
> + int ret;
> +
> + if (uv_ioctl->argument_len > UVIO_ADD_SECRET_MAX_LEN)
> + return -EINVAL;
> + if (uv_ioctl->argument_len == 0)
> + return -EINVAL;
> +
> + asrcb = kvzalloc(uv_ioctl->argument_len, GFP_KERNEL);
> + if (!asrcb)
> + return -EINVAL;
-ENOMEM
> +
> + ret = -EFAULT;
> + if (copy_from_user(asrcb, user_buf_arg, uv_ioctl->argument_len))
> + goto out;
> +
> + ret = 0;
> + uvcb.addr = (u64)asrcb;
> + uv_call_sched(0, (u64)&uvcb);
> + uv_ioctl->uv_rc = uvcb.header.rc;
> + uv_ioctl->uv_rrc = uvcb.header.rrc;
> +
> +out:
> + kvfree(asrcb);
> + return ret;
> +}
> +
> static int uvio_copy_and_check_ioctl(struct uvio_ioctl_cb *ioctl, void __user *argp,
> unsigned long cmd)
> {
> @@ -275,6 +330,9 @@ static long uvio_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
> case UVIO_IOCTL_ATT_NR:
> ret = uvio_attestation(&uv_ioctl);
> break;
> + case UVIO_IOCTL_ADD_SECRET_NR:
> + ret = uvio_add_secret(&uv_ioctl);
> + break;
> default:
> ret = -ENOIOCTLCMD;
> break;
Powered by blists - more mailing lists