[GIT PULL] s390 updates for 6.5 merge window

Alexander Gordeev <agordeev@xxxxxxxxxxxxx> · Tue, 27 Jun 2023 20:38:05 +0200

Hello Linus,

These three commits were on 'protected-key' branch:

  9e436c195e2d s390/pkey: add support for ecc clear key
  f370f45c6475 s390/pkey: do not use struct pkey_protkey
  46a29b039e2e s390/pkey: introduce reverse x-mas trees

and were merged into 'features' branch as:

  e23b4fdb5cd0 Merge branch 'protected-key' into features

The three merged commits are on top of a prerequisite fix
844cf829e5f3 ("s390/pkey: zeroize key blobs"), which together
with the preceding commit are in the mainline already:

  844cf829e5f3 s390/pkey: zeroize key blobs
  8703dd6b238d s390/crypto: use vector instructions only if available for ChaCha20

diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index 5a05d1cdfec2..a8def50c149b 100644
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -1293,6 +1293,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
 			return PTR_ERR(kkey);
 		rc = pkey_keyblob2pkey(kkey, ktp.keylen, &ktp.protkey);
 		DEBUG_DBG("%s pkey_keyblob2pkey()=%d\n", __func__, rc);
+		memzero_explicit(kkey, ktp.keylen);
 		kfree(kkey);
 		if (rc)
 			break;
@@ -1426,6 +1427,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
 					kkey, ktp.keylen, &ktp.protkey);
 		DEBUG_DBG("%s pkey_keyblob2pkey2()=%d\n", __func__, rc);
 		kfree(apqns);
+		memzero_explicit(kkey, ktp.keylen);
 		kfree(kkey);
 		if (rc)
 			break;
@@ -1552,6 +1554,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
 					protkey, &protkeylen);
 		DEBUG_DBG("%s pkey_keyblob2pkey3()=%d\n", __func__, rc);
 		kfree(apqns);
+		memzero_explicit(kkey, ktp.keylen);
 		kfree(kkey);
 		if (rc) {
 			kfree(protkey);
diff --git a/arch/s390/crypto/chacha-glue.c b/arch/s390/crypto/chacha-glue.c
index 7752bd314558..5fae187f947a 100644
--- a/arch/s390/crypto/chacha-glue.c
+++ b/arch/s390/crypto/chacha-glue.c
@@ -82,7 +82,7 @@ void chacha_crypt_arch(u32 *state, u8 *dst, const u8 *src,
 	 * it cannot handle a block of data or less, but otherwise
 	 * it can handle data of arbitrary size
 	 */
-	if (bytes <= CHACHA_BLOCK_SIZE || nrounds != 20)
+	if (bytes <= CHACHA_BLOCK_SIZE || nrounds != 20 || !MACHINE_HAS_VX)
 		chacha_crypt_generic(state, dst, src, bytes, nrounds);
 	else
 		chacha20_crypt_s390(state, dst, src, bytes,

As result, the shortstat when merging will look different
to the one generated with 'git request-pull' below:

  21 files changed, 997 insertions(+), 328 deletions(-)


Please pull s390 changes for 6.5 merge window.

Thank you,
Alexander

The following changes since commit f1fcbaa18b28dec10281551dfe6ed3a3ed80e3d6:

  Linux 6.4-rc2 (2023-05-14 12:51:40 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git tags/s390-6.5-1

for you to fetch changes up to 9b9cf3c77e7e090b30657b3d2c288deb58dfb4f2:

  s390/cpum_cf: rework PER_CPU_DEFINE of struct cpu_cf_events (2023-06-15 13:31:58 +0200)

----------------------------------------------------------------
s390 updates for 6.5 merge window

- Fix the style of protected key API driver source: use
  x-mas tree for all local variable declarations.

- Rework protected key API driver to not use the struct
  pkey_protkey and pkey_clrkey anymore. Both structures
  have a fixed size buffer, but with the support of ECC
  protected key these buffers are not big enough. Use
  dynamic buffers internally and transparently for
  userspace.

- Add support for a new 'non CCA clear key token' with
  ECC clear keys supported: ECC P256, ECC P384, ECC P521,
  ECC ED25519 and ECC ED448. This makes it possible to
  derive a protected key from the ECC clear key input via
  PKEY_KBLOB2PROTK3 ioctl, while currently the only way
  to derive is via PCKMO instruction.

- The s390 PMU of PAI crypto and extension 1 NNPA counters
  use atomic_t for reference counting. Replace this with
  the proper data type refcount_t.

- Select ARCH_SUPPORTS_INT128, but limit this to clang for
  now, since gcc generates inefficient code, which may lead
  to stack overflows.

- Replace one-element array with flexible-array member in
  struct vfio_ccw_parent and refactor the rest of the code
  accordingly. Also, prefer struct_size() over sizeof() open-
  coded versions.

- Introduce OS_INFO_FLAGS_ENTRY pointing to a flags field and
  OS_INFO_FLAG_REIPL_CLEAR flag that informs a dumper whether
  the system memory should be cleared or not once dumped.

- Fix a hang when a user attempts to remove a VFIO-AP mediated
  device attached to a guest: add VFIO_DEVICE_GET_IRQ_INFO and
  VFIO_DEVICE_SET_IRQS IOCTLs and wire up the VFIO bus driver
  callback to request a release of the device.

- Fix calculation for R_390_GOTENT relocations for modules.

- Allow any user space process with CAP_PERFMON capability
  read and display the CPU Measurement facility counter sets.

- Rework large statically-defined per-CPU cpu_cf_events data
  structure and replace it with dynamically allocated structures
  created when a perf_event_open() system call is invoked or
  /dev/hwctr device is accessed.

----------------------------------------------------------------
Alexander Gordeev (1):
      Merge branch 'protected-key' into features

Gustavo A. R. Silva (2):
      vfio/ccw: replace one-element array with flexible-array member
      vfio/ccw: use struct_size() helper

Harald Freudenberger (3):
      s390/pkey: introduce reverse x-mas trees
      s390/pkey: do not use struct pkey_protkey
      s390/pkey: add support for ecc clear key

Heiko Carstens (2):
      s390: select ARCH_SUPPORTS_INT128
      s390/crypto: use vector instructions only if available for ChaCha20

Holger Dengler (1):
      s390/pkey: zeroize key blobs

Mikhail Zaslonko (2):
      s390/ipl: add REIPL_CLEAR flag to os_info
      s390/zcore: conditionally clear memory on reipl

Sumanth Korikkar (1):
      s390/module: fix rela calculation for R_390_GOTENT

Thomas Richter (4):
      s390/pai_crypto: replace atomic_t with refcount_t
      s390/pai_ext: replace atomic_t with refcount_t
      s390/cpum_cf: open access to hwctr device for CAP_PERFMON privileged process
      s390/cpum_cf: rework PER_CPU_DEFINE of struct cpu_cf_events

Tony Krowiak (3):
      s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl
      s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl
      s390/vfio-ap: wire in the vfio_device_ops request callback

 arch/s390/Kconfig                      |   1 +
 arch/s390/crypto/chacha-glue.c         |   2 +-
 arch/s390/crypto/paes_s390.c           |   9 +-
 arch/s390/include/asm/asm-prototypes.h |   4 +
 arch/s390/include/asm/cpacf.h          |   7 +-
 arch/s390/include/asm/os_info.h        |   7 +-
 arch/s390/include/asm/pkey.h           |   4 +-
 arch/s390/include/uapi/asm/pkey.h      |  15 +-
 arch/s390/kernel/ipl.c                 |  16 +
 arch/s390/kernel/module.c              |   3 +-
 arch/s390/kernel/perf_cpum_cf.c        | 452 ++++++++++++++++------
 arch/s390/kernel/perf_pai_crypto.c     |  19 +-
 arch/s390/kernel/perf_pai_ext.c        |  23 +-
 arch/s390/lib/Makefile                 |   2 +-
 arch/s390/lib/tishift.S                |  63 +++
 drivers/s390/char/zcore.c              |  41 +-
 drivers/s390/cio/vfio_ccw_drv.c        |   2 +-
 drivers/s390/cio/vfio_ccw_private.h    |   2 +-
 drivers/s390/crypto/pkey_api.c         | 512 ++++++++++++++++---------
 drivers/s390/crypto/vfio_ap_ops.c      | 134 ++++++-
 drivers/s390/crypto/vfio_ap_private.h  |   3 +
 include/uapi/linux/vfio.h              |   9 +
 22 files changed, 1001 insertions(+), 329 deletions(-)
 create mode 100644 arch/s390/lib/tishift.S






