Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp10021147rwr; Fri, 12 May 2023 02:38:14 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4KZGw+AnXrFYHDiyhslA/DdHuLOcw+RMfZmUhTsn7DMNp9hIRcOKeCEfs+jtLjE5t0ZI+2 X-Received: by 2002:a17:90a:8807:b0:249:842d:312f with SMTP id s7-20020a17090a880700b00249842d312fmr24242683pjn.4.1683884293957; Fri, 12 May 2023 02:38:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683884293; cv=none; d=google.com; s=arc-20160816; b=p9+OGAoYsQF3nq+C65CWw2PTN4+mfnVwI1FSlNjb+9AW3oqDarNuRh2ArhFX5VIkMe vh8Bs/OJqL6y9iwAeRoVpNzbe85jADddjdjoTyrZ59i4LLU8I+q6+M1tFUul3gLgULla UZ/WZxrL/q806xP1JQRqbDns/jaCKv5aB8/LYUTd+hl6UYNaN7PsI5lNVqmQF2gqgsGT VAN6jJB46xwbKda2/fVjb8eL5gPDQLfsOseclMeciVxnhOC8DMY/ex4O2ia86RQ1PKOj CkIyrwGZiRtpznWYZ+Q0xJIhpMuiJLz6Tda7mO0w4/x5yXDaFO7qVZdE3b1DDsyc0HsU kqSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=okP6Pq6MJ09PNXRXbF+JgVfwUd0jdWmjvDe2AGlc6BM=; b=xx6nlqorNeK3sngiT/ZbS8vB3+9xTACgDGvZF5qEVckZ37GrVrbvZm5tuR1dylZhSG yfhuRSFn8ZzP9WMQSKpwDWcen5gFw5cKqksKmsbtB48LI0334R0chHs4QqP+Jf6T5qBC ACEGxK1tKWw/w/wNqXcZUAM82M2PHf8Iw8iKwcfwAizkmH8FScIvdYtHKdi9zfNmy5yP Rmqp9HLjQEzBlS3mKQ8SCiDC0bp+xuPIA6tFWsnMmedUX72L85z75HMyzW+C1Z1IeLLJ TVtCm1mXw8LaHPb+403dCDg5IZ2gHHS0bq4uatBgQN884pwGp3geADIIiPjCUcorFKvk GMmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=l1ZMCoPD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x7-20020a17090a2b0700b0024e43558fbdsi21998276pjc.129.2023.05.12.02.38.02; Fri, 12 May 2023 02:38:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=l1ZMCoPD; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240448AbjELJcE (ORCPT + 99 others); Fri, 12 May 2023 05:32:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58984 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240239AbjELJcD (ORCPT ); Fri, 12 May 2023 05:32:03 -0400 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E48825596; Fri, 12 May 2023 02:32:00 -0700 (PDT) Received: from pps.filterd (m0353724.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 34C9PiHh007243; Fri, 12 May 2023 09:32:00 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=okP6Pq6MJ09PNXRXbF+JgVfwUd0jdWmjvDe2AGlc6BM=; b=l1ZMCoPDhgMOSqmMyt81xndvK2d5lqwUo8chV+6QaQ+E6Z+u7JkPQRB/qsTLijFKCNen rFj5KamcG/AJu4OZc6dRr91fRVacURejOcWQcWv423rPO3R4UyM0r0B7lqToSRl1Fgpu RhjLitlwjLKcthXRw+JA7YwgTCKFPcySpPM+ZIs0BsLNIqEwST+399FP0DFCGLasurV0 5Y0Cm2xOsZ4oni+xfaz3PVBBjwBt3PA+q8wGWxqKBOPuGV0Lm0CrZ39JP540tbrF3X0e 2S2FKTL7F4sc3xx1YbszdOjtisRMctALHggz5A6fcTfEcup3CpDAq/xaDPO5YygOWKI5 sg== Received: from ppma06ams.nl.ibm.com (66.31.33a9.ip4.static.sl-reverse.com [169.51.49.102]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3qhjtbg5fm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 12 May 2023 09:31:59 +0000 Received: from pps.filterd (ppma06ams.nl.ibm.com [127.0.0.1]) by ppma06ams.nl.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 34C29Xpe018116; Fri, 12 May 2023 09:31:57 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma06ams.nl.ibm.com (PPS) with ESMTPS id 3qf896t8es-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 12 May 2023 09:31:57 +0000 Received: from smtpav05.fra02v.mail.ibm.com (smtpav05.fra02v.mail.ibm.com [10.20.54.104]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 34C9VriS30278280 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 12 May 2023 09:31:53 GMT Received: from smtpav05.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9769820040; Fri, 12 May 2023 09:31:53 +0000 (GMT) Received: from smtpav05.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 45FC820043; Fri, 12 May 2023 09:31:53 +0000 (GMT) Received: from a46lp73.lnxne.boe (unknown [9.152.108.100]) by smtpav05.fra02v.mail.ibm.com (Postfix) with ESMTP; Fri, 12 May 2023 09:31:53 +0000 (GMT) From: Steffen Eiden To: kvm@vger.kernel.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, Viktor Mihajlovski Cc: Janosch Frank , Claudio Imbrenda , Nico Boehr , Christian Borntraeger , Heiko Carstens , Hendrik Brueckner Subject: [PATCH 0/5] s390/uvdevice: Expose secret UVCs Date: Fri, 12 May 2023 11:31:48 +0200 Message-Id: <20230512093153.206378-1-seiden@linux.ibm.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: RdJfXh1_JHc8vv_vpylVrCeum6m2H6Sg X-Proofpoint-GUID: RdJfXh1_JHc8vv_vpylVrCeum6m2H6Sg X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-05-12_06,2023-05-05_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 priorityscore=1501 mlxscore=0 bulkscore=0 mlxlogscore=680 phishscore=0 lowpriorityscore=0 clxscore=1011 adultscore=0 impostorscore=0 malwarescore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2304280000 definitions=main-2305120075 X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org IBM Secure Execution guests may want to inject secrets into the Ultravisor(UV). Also they should be able to know which secrets the UV possesses and prevent the further addition of more secrets. Therefore, add three new Ultravisor-Calls and expose them via the uvdevice: Add Secret, List Secrets, and Lock Secrets. The uvdevice still acts as the messenger only and does not inspect or modify the requests. Only some sanity checks are made to prevent the kernel from corruption. Also add a new IOCTL to get information about the supported UV-calls of the uvdevice. As userspace wants to know which secrets, types, etc. are supported expose the corresponding UV Query info data to userspace via sysfs. The series contains: * A new info IOCTL, giving information about the capabilities of the uvdevice and UV * 3 patches adding new Ultravisor-Calls and expose them to userspace * A patch with an Ultravisor Query Info update for the new secret related information Steffen Steffen Eiden (5): s390/uvdevice: Add info IOCTL s390/uvdevice: Add 'Add Secret' UVC s390/uvdevice: Add 'List Secrets' UVC s390/uvdevice: Add 'Lock Secret Store' UVC s390/uv: Update query for secret-UVCs arch/s390/boot/uv.c | 4 + arch/s390/include/asm/uv.h | 30 +++- arch/s390/include/uapi/asm/uvdevice.h | 56 ++++++- arch/s390/kernel/uv.c | 40 +++++ drivers/s390/char/uvdevice.c | 229 +++++++++++++++++++++++++- 5 files changed, 350 insertions(+), 9 deletions(-) -- 2.40.1