[v1,22/24] pc-bios/s390-ccw: Handle true secure IPL mode

Message ID	20250408155527.123341-23-zycai@linux.ibm.com (mailing list archive)
State	New
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Zhuoying Cai <zycai@linux.ibm.com> To: thuth@redhat.com, richard.henderson@linaro.org, david@redhat.com, pbonzini@redhat.com Cc: walling@linux.ibm.com, jjherne@linux.ibm.com, jrossi@linux.ibm.com, fiuczy@linux.ibm.com, pasic@linux.ibm.com, borntraeger@linux.ibm.com, farman@linux.ibm.com, iii@linux.ibm.com, qemu-s390x@nongnu.org, qemu-devel@nongnu.org, zycai@linux.ibm.com Subject: [PATCH v1 22/24] pc-bios/s390-ccw: Handle true secure IPL mode Date: Tue, 8 Apr 2025 11:55:24 -0400 Message-ID: <20250408155527.123341-23-zycai@linux.ibm.com> In-Reply-To: <20250408155527.123341-1-zycai@linux.ibm.com> References: <20250408155527.123341-1-zycai@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=148.163.156.1; envelope-from=zycai@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Series	Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices \| expand [v1,00/24] Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices [v1,01/24] Add -boot-certificates /path/dir:/path/file option in QEMU command line [v1,02/24] hw/s390x/ipl: Create certificate store [v1,03/24] s390x: Guest support for Certificate Store Facility (CS) [v1,04/24] s390x/diag: Introduce DIAG 320 for certificate store facility [v1,05/24] s390x/diag: Refactor address validation check from diag308_parm_check [v1,06/24] s390x/diag: Implement DIAG 320 subcode 1 [v1,07/24] s390x/diag: Implement DIAG 320 subcode 2 [v1,08/24] s390x/diag: Introduce DIAG 508 for secure IPL operations [v1,09/24] s390x/diag: Implement DIAG 508 subcode 2 for signature verification [v1,10/24] pc-bios/s390-ccw: Introduce IPL Information Report Block (IIRB) [v1,11/24] pc-bios/s390-ccw: Define memory for IPLB and convert IPLB to pointers [v1,12/24] hw/s390x/ipl: Add IPIB flags to IPL Parameter Block [v1,13/24] hw/s390x/ipl: Set iplb->len to maximum length of IPL Parameter Block [v1,14/24] s390x: Guest support for Secure-IPL Facility [v1,15/24] pc-bios/s390-ccw: Refactor zipl_run() [v1,16/24] pc-bios/s390-ccw: Refactor zipl_load_segment function [v1,17/24] pc-bios/s390-ccw: Add signature verification for secure boot in audit mode [v1,18/24] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF) [v1,19/24] pc-bios/s390-ccw: Add additional security checks for secure boot [v1,20/24] Add -secure-boot on\|off option in QEMU command line [v1,21/24] hw/s390x/ipl: Set IPIB flags for secure IPL [v1,22/24] pc-bios/s390-ccw: Handle true secure IPL mode [v1,23/24] pc-bios/s390-ccw: Handle secure boot with multiple boot devices [v1,24/24] hw/s390x/ipl: Handle secure boot without specifying a boot device

Message ID

20250408155527.123341-23-zycai@linux.ibm.com (mailing list archive)

State

New

Headers

From: Zhuoying Cai <zycai@linux.ibm.com>
To: thuth@redhat.com, richard.henderson@linaro.org, david@redhat.com,
 pbonzini@redhat.com
Cc: walling@linux.ibm.com, jjherne@linux.ibm.com, jrossi@linux.ibm.com,
 fiuczy@linux.ibm.com, pasic@linux.ibm.com, borntraeger@linux.ibm.com,
 farman@linux.ibm.com, iii@linux.ibm.com, qemu-s390x@nongnu.org,
 qemu-devel@nongnu.org, zycai@linux.ibm.com
Subject: [PATCH v1 22/24] pc-bios/s390-ccw: Handle true secure IPL mode
Date: Tue,  8 Apr 2025 11:55:24 -0400
Message-ID: <20250408155527.123341-23-zycai@linux.ibm.com>
In-Reply-To: <20250408155527.123341-1-zycai@linux.ibm.com>
References: <20250408155527.123341-1-zycai@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=148.163.156.1; envelope-from=zycai@linux.ibm.com;
 helo=mx0a-001b2d01.pphosted.com
X-Spam_score_int: -26
X-Spam_score: -2.7
X-Spam_bar: --
X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7,
 RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Mailman-Approved-At: Tue, 08 Apr 2025 12:17:35 -0400
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org

Series

Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices | expand

Commit Message

Zhuoying Cai April 8, 2025, 3:55 p.m. UTC

When secure boot is enabled (-secure-boot on) and certificate(s) are
provided, the boot operates in True Secure IPL mode.

Any verification error during True Secure IPL mode will cause the
entire boot process to terminate.

Secure IPL in audit mode requires at least one certificate provided in
the key store along with necessary facilities. If secure boot is enabled
but no certificate is provided, the boot process will also terminate, as
this is not a valid secure boot configuration.

Note: True Secure IPL mode is implemented for the SCSI scheme of
virtio-blk/virtio-scsi devices.

Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
---
 pc-bios/s390-ccw/bootmap.c  | 25 ++++++++++++++++++++-----
 pc-bios/s390-ccw/iplb.h     |  7 +++++++
 pc-bios/s390-ccw/main.c     |  6 +++++-
 pc-bios/s390-ccw/s390-ccw.h |  2 ++
 4 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/pc-bios/s390-ccw/bootmap.c b/pc-bios/s390-ccw/bootmap.c
index 4bc6311802..a22061e1ad 100644
--- a/pc-bios/s390-ccw/bootmap.c
+++ b/pc-bios/s390-ccw/bootmap.c
@@ -757,6 +757,10 @@  static void valid_sclab_check(SclabOriginLocator *sclab_locator,
         comps->device_entries[comp_index].cei |= S390_IPL_COMPONENT_CEI_INVALID_SCLAB;
 
         /* a missing SCLAB will not be reported in audit mode */
+        if (boot_mode == ZIPL_SECURE_MODE) {
+            print_func(is_magic_match, "Magic is not matched. SCLAB does not exist");
+        }
+
         return;
     }
 
@@ -1164,7 +1168,11 @@  static int zipl_run_secure(ComponentEntry *entry, uint8_t *tmp_sec)
     int addr_range_index = 0;
 
     void (*print_func)(bool, const char *) = NULL;
-    print_func = &IPL_check;
+    if (boot_mode == ZIPL_SECURE_MODE) {
+        print_func = &IPL_assert;
+    } else if (boot_mode == ZIPL_SECURE_AUDIT_MODE) {
+        print_func = &IPL_check;
+    }
 
     if (!secure_ipl_supported()) {
         return -1;
@@ -1321,6 +1329,7 @@  static int zipl_run(ScsiBlockPtr *pte)
     entry = (ComponentEntry *)(&header[1]);
 
     switch (boot_mode) {
+    case ZIPL_SECURE_MODE:
     case ZIPL_SECURE_AUDIT_MODE:
         if (zipl_run_secure(entry, tmp_sec)) {
             return -1;
@@ -1692,10 +1701,16 @@  static int zipl_load_vscsi(void)
 int zipl_mode(void)
 {
     uint32_t cert_len;
+    bool secure;
 
     cert_len = request_certificate((uint64_t *)certs_sec, 0);
+    secure = is_secure_boot_on(iplb->hdr_flags);
 
-    return (cert_len > 0) ? ZIPL_SECURE_AUDIT_MODE : ZIPL_NORMAL_MODE;
+    if (secure) {
+        return (cert_len > 0) ? ZIPL_SECURE_MODE : ZIPL_SECURE_INVALID_MODE;
+    } else {
+        return (cert_len > 0) ? ZIPL_SECURE_AUDIT_MODE : ZIPL_NORMAL_MODE;
+    }
 }
 
 void zipl_load(void)
@@ -1703,7 +1718,7 @@  void zipl_load(void)
     VDev *vdev = virtio_get_device();
 
     if (vdev->is_cdrom) {
-        if (boot_mode == ZIPL_SECURE_AUDIT_MODE) {
+        if (boot_mode == ZIPL_SECURE_AUDIT_MODE || boot_mode == ZIPL_SECURE_MODE) {
             panic("Secure boot from ISO image is not supported!");
         }
         ipl_iso_el_torito();
@@ -1712,7 +1727,7 @@  void zipl_load(void)
     }
 
     if (virtio_get_device_type() == VIRTIO_ID_NET) {
-        if (boot_mode == ZIPL_SECURE_AUDIT_MODE) {
+        if (boot_mode == ZIPL_SECURE_AUDIT_MODE || boot_mode == ZIPL_SECURE_MODE) {
             panic("Virtio net boot device does not support secure boot!");
         }
         netmain();
@@ -1725,7 +1740,7 @@  void zipl_load(void)
         return;
     }
 
-    if (boot_mode == ZIPL_SECURE_AUDIT_MODE) {
+    if (boot_mode == ZIPL_SECURE_AUDIT_MODE || boot_mode == ZIPL_SECURE_MODE) {
         panic("ECKD boot device does not support secure boot!");
     }
 
diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h
index 42a9e081fe..734d049f42 100644
--- a/pc-bios/s390-ccw/iplb.h
+++ b/pc-bios/s390-ccw/iplb.h
@@ -185,6 +185,13 @@  static inline bool load_next_iplb(void)
     return true;
 }
 
+static inline bool is_secure_boot_on(uint8_t hdr_flags)
+{
+    /* If secure boot is on, SIPL bit and IPLIR bit must be on. */
+    return (hdr_flags & DIAG308_IPIB_FLAGS_SIPL) &&
+           (hdr_flags & DIAG308_IPIB_FLAGS_IPLIR);
+}
+
 static inline uint64_t diag320(void *data, unsigned long subcode)
 {
     register unsigned long addr asm("0") = (unsigned long)data;
diff --git a/pc-bios/s390-ccw/main.c b/pc-bios/s390-ccw/main.c
index 92004a6f82..6189a5a7ba 100644
--- a/pc-bios/s390-ccw/main.c
+++ b/pc-bios/s390-ccw/main.c
@@ -277,10 +277,14 @@  static void ipl_boot_device(void)
         boot_mode = zipl_mode();
     }
 
+    if (boot_mode == ZIPL_SECURE_INVALID_MODE) {
+        panic("Need at least one certificate for secure boot!");
+    }
+
     switch (cutype) {
     case CU_TYPE_DASD_3990:
     case CU_TYPE_DASD_2107:
-        if (boot_mode == ZIPL_SECURE_AUDIT_MODE) {
+        if (boot_mode == ZIPL_SECURE_AUDIT_MODE || boot_mode == ZIPL_SECURE_MODE) {
             panic("Passthrough (vfio) device does not support secure boot!");
         }
 
diff --git a/pc-bios/s390-ccw/s390-ccw.h b/pc-bios/s390-ccw/s390-ccw.h
index 20d6827a4c..e8ff3f7883 100644
--- a/pc-bios/s390-ccw/s390-ccw.h
+++ b/pc-bios/s390-ccw/s390-ccw.h
@@ -84,6 +84,8 @@  void zipl_load(void);
 
 #define ZIPL_NORMAL_MODE           1
 #define ZIPL_SECURE_AUDIT_MODE     2
+#define ZIPL_SECURE_MODE           3
+#define ZIPL_SECURE_INVALID_MODE  -1
 
 int zipl_mode(void);

[v1,22/24] pc-bios/s390-ccw: Handle true secure IPL mode

Commit Message

Patch