Re: [PATCH 02/10] s390/cio: Provide Endpoint-Security Mode per CU

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri,  2 Oct 2020 21:39:32 +0200
Stefan Haberland <sth@xxxxxxxxxxxxx> wrote:

> From: Vineeth Vijayan <vneethv@xxxxxxxxxxxxx>
> 
> Add an interface in the CIO layer to retrieve the information about the
> Endpoint-Security Mode (ESM) of the specified CU. The ESM values are
> defined as 0-None, 1-Authenticated or 2, 3-Encrypted.
> 
> Reference-ID: IO1812
> Signed-off-by: Sebastian Ott <sebott@xxxxxxxxxxxxx>
> [vneethv@xxxxxxxxxxxxx: cleaned-up and modified description]
> Signed-off-by: Vineeth Vijayan <vneethv@xxxxxxxxxxxxx>
> Reviewed-by: Peter Oberparleiter <oberpar@xxxxxxxxxxxxx>
> Acked-by: Vasily Gorbik <gor@xxxxxxxxxxxxx>
> Signed-off-by: Stefan Haberland <sth@xxxxxxxxxxxxx>
> ---
>  arch/s390/include/asm/cio.h |  1 +
>  drivers/s390/cio/chsc.c     | 83 +++++++++++++++++++++++++++++++++++++
>  2 files changed, 84 insertions(+)
 
(...)

> +/**
> + * chsc_scud() - Store control-unit description.
> + * @cu:		number of the control-unit
> + * @esm:	8 1-byte endpoint security mode values
> + * @esm_valid:	validity mask for @esm
> + *
> + * Interface to retrieve information about the endpoint security
> + * modes for up to 8 paths of a control unit.
> + *
> + * Returns 0 on success.
> + */
> +int chsc_scud(u16 cu, u64 *esm, u8 *esm_valid)
> +{
> +	struct chsc_scud *scud = chsc_page;
> +	int ret;
> +

I'm wondering if it would make sense to check in the chsc
characteristics whether that chsc is actually installed (if there's
actually a bit for it, although I'd expect so). Some existing chscs
check for bits in the characteristics, others don't. (Don't know
whether QEMU is the only platform that doesn't provide this chsc.)

> +	spin_lock_irq(&chsc_page_lock);
> +	memset(chsc_page, 0, PAGE_SIZE);
> +	scud->request.length = SCUD_REQ_LEN;
> +	scud->request.code = SCUD_REQ_CMD;
> +	scud->fmt = 0;
> +	scud->cssid = 0;
> +	scud->first_cu = cu;
> +	scud->last_cu = cu;
> +
> +	ret = chsc(scud);
> +	if (!ret)
> +		ret = chsc_error_from_response(scud->response.code);
> +
> +	if (!ret && (scud->response.length <= 8 || scud->fmt_resp != 0
> +			|| !(scud->cudb[0].flags & 0x80)
> +			|| scud->cudb[0].cu != cu)) {
> +
> +		CIO_MSG_EVENT(2, "chsc: scud failed rc=%04x, L2=%04x "
> +			"FMT=%04x, cudb.flags=%02x, cudb.cu=%04x",
> +			scud->response.code, scud->response.length,
> +			scud->fmt_resp, scud->cudb[0].flags, scud->cudb[0].cu);
> +		ret = -EINVAL;
> +	}
> +
> +	if (ret)
> +		goto out;
> +
> +	memcpy(esm, scud->cudb[0].esm, sizeof(*esm));
> +	*esm_valid = scud->cudb[0].esm_valid;
> +out:
> +	spin_unlock_irq(&chsc_page_lock);
> +	return ret;
> +}
> +EXPORT_SYMBOL_GPL(chsc_scud);




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux