Re: [PATCH v1 2/2] s390/uv: Provide host-key hashes in sysfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/30/24 3:20 PM, Steffen Eiden wrote:
Utilize the new Query Ultravisor Keys to give user space the information
which host-keys are installed on the system.

Create a new sysfs directory 'firmware/uv/keys' that contains the hash
of the host-key and the backup host-key of that system. Additionally,
the file 'all' contains the response from the UVC possibly containing
more key-hashes than currently known.

Reviewed-by: Christoph Schlameuss <schlameuss@xxxxxxxxxxxxx>
Signed-off-by: Steffen Eiden <seiden@xxxxxxxxxxxxx>
---
  arch/s390/include/asm/uv.h | 16 ++++++++
  arch/s390/kernel/uv.c      | 75 ++++++++++++++++++++++++++++++++++++++
  2 files changed, 91 insertions(+)

diff --git a/arch/s390/include/asm/uv.h b/arch/s390/include/asm/uv.h
index 153d93468b77..7eda73073cdd 100644
--- a/arch/s390/include/asm/uv.h
+++ b/arch/s390/include/asm/uv.h
@@ -31,6 +31,7 @@
  #define UVC_RC_NEED_DESTROY	0x8000
#define UVC_CMD_QUI 0x0001
+#define UVC_CMD_QUK			0x0002

Should've used the long form here as well.

  #define UVC_CMD_INIT_UV			0x000f
  #define UVC_CMD_CREATE_SEC_CONF		0x0100
  #define UVC_CMD_DESTROY_SEC_CONF	0x0101
@@ -94,6 +95,7 @@ enum uv_cmds_inst {
  	BIT_UVC_CMD_ADD_SECRET = 29,
  	BIT_UVC_CMD_LIST_SECRETS = 30,
  	BIT_UVC_CMD_LOCK_SECRETS = 31,
+	BIT_UVC_CMD_QUERY_KEYS = 34,
  };

[...]

  static int __init uv_sysfs_dir_init(const struct attribute_group *grp,
@@ -789,6 +859,11 @@ static int __init uv_sysfs_init(void)
  	rc = uv_sysfs_dir_init(&uv_query_attr_group, &uv_query_kset, "query");
  	if (rc)
  		goto out_ind_files;
+
+	// Get installed key hashes if available, ignore any errors

Please use:
/* */

+	if (test_bit_inv(BIT_UVC_CMD_QUERY_KEYS, uv_info.inst_calls_list))
+		uv_sysfs_dir_init(&uv_keys_attr_group, &uv_keys_kset, "keys");
+
  	return 0;
out_ind_files:





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux