[v1,06/24] s390x/diag: Implement DIAG 320 subcode 1

Message ID	20250408155527.123341-7-zycai@linux.ibm.com (mailing list archive)
State	New
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Zhuoying Cai <zycai@linux.ibm.com> To: thuth@redhat.com, richard.henderson@linaro.org, david@redhat.com, pbonzini@redhat.com Cc: walling@linux.ibm.com, jjherne@linux.ibm.com, jrossi@linux.ibm.com, fiuczy@linux.ibm.com, pasic@linux.ibm.com, borntraeger@linux.ibm.com, farman@linux.ibm.com, iii@linux.ibm.com, qemu-s390x@nongnu.org, qemu-devel@nongnu.org, zycai@linux.ibm.com Subject: [PATCH v1 06/24] s390x/diag: Implement DIAG 320 subcode 1 Date: Tue, 8 Apr 2025 11:55:08 -0400 Message-ID: <20250408155527.123341-7-zycai@linux.ibm.com> In-Reply-To: <20250408155527.123341-1-zycai@linux.ibm.com> References: <20250408155527.123341-1-zycai@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=148.163.156.1; envelope-from=zycai@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Series	Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices \| expand [v1,00/24] Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices [v1,01/24] Add -boot-certificates /path/dir:/path/file option in QEMU command line [v1,02/24] hw/s390x/ipl: Create certificate store [v1,03/24] s390x: Guest support for Certificate Store Facility (CS) [v1,04/24] s390x/diag: Introduce DIAG 320 for certificate store facility [v1,05/24] s390x/diag: Refactor address validation check from diag308_parm_check [v1,06/24] s390x/diag: Implement DIAG 320 subcode 1 [v1,07/24] s390x/diag: Implement DIAG 320 subcode 2 [v1,08/24] s390x/diag: Introduce DIAG 508 for secure IPL operations [v1,09/24] s390x/diag: Implement DIAG 508 subcode 2 for signature verification [v1,10/24] pc-bios/s390-ccw: Introduce IPL Information Report Block (IIRB) [v1,11/24] pc-bios/s390-ccw: Define memory for IPLB and convert IPLB to pointers [v1,12/24] hw/s390x/ipl: Add IPIB flags to IPL Parameter Block [v1,13/24] hw/s390x/ipl: Set iplb->len to maximum length of IPL Parameter Block [v1,14/24] s390x: Guest support for Secure-IPL Facility [v1,15/24] pc-bios/s390-ccw: Refactor zipl_run() [v1,16/24] pc-bios/s390-ccw: Refactor zipl_load_segment function [v1,17/24] pc-bios/s390-ccw: Add signature verification for secure boot in audit mode [v1,18/24] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF) [v1,19/24] pc-bios/s390-ccw: Add additional security checks for secure boot [v1,20/24] Add -secure-boot on\|off option in QEMU command line [v1,21/24] hw/s390x/ipl: Set IPIB flags for secure IPL [v1,22/24] pc-bios/s390-ccw: Handle true secure IPL mode [v1,23/24] pc-bios/s390-ccw: Handle secure boot with multiple boot devices [v1,24/24] hw/s390x/ipl: Handle secure boot without specifying a boot device

Message ID

20250408155527.123341-7-zycai@linux.ibm.com (mailing list archive)

State

New

Headers

From: Zhuoying Cai <zycai@linux.ibm.com>
To: thuth@redhat.com, richard.henderson@linaro.org, david@redhat.com,
 pbonzini@redhat.com
Cc: walling@linux.ibm.com, jjherne@linux.ibm.com, jrossi@linux.ibm.com,
 fiuczy@linux.ibm.com, pasic@linux.ibm.com, borntraeger@linux.ibm.com,
 farman@linux.ibm.com, iii@linux.ibm.com, qemu-s390x@nongnu.org,
 qemu-devel@nongnu.org, zycai@linux.ibm.com
Subject: [PATCH v1 06/24] s390x/diag: Implement DIAG 320 subcode 1
Date: Tue,  8 Apr 2025 11:55:08 -0400
Message-ID: <20250408155527.123341-7-zycai@linux.ibm.com>
In-Reply-To: <20250408155527.123341-1-zycai@linux.ibm.com>
References: <20250408155527.123341-1-zycai@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=148.163.156.1; envelope-from=zycai@linux.ibm.com;
 helo=mx0a-001b2d01.pphosted.com
X-Spam_score_int: -26
X-Spam_score: -2.7
X-Spam_bar: --
X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7,
 RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Mailman-Approved-At: Tue, 08 Apr 2025 12:17:33 -0400
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org

Series

Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices | expand

Commit Message

Zhuoying Cai April 8, 2025, 3:55 p.m. UTC

DIAG 320 subcode 1 provides information needed to determine
the amount of storage to store one or more certificates.

The subcode value is denoted by setting the left-most bit
of an 8-byte field.

The verification-certificate-storage-size block (VCSSB) contains
the output data when the operation completes successfully.

Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
---
 include/hw/s390x/ipl/diag320.h | 25 ++++++++++++++++++++++
 target/s390x/diag.c            | 39 +++++++++++++++++++++++++++++++++-
 2 files changed, 63 insertions(+), 1 deletion(-)

Comments

Thomas Huth April 11, 2025, 1:57 p.m. UTC | #1

On 08/04/2025 17.55, Zhuoying Cai wrote:
> DIAG 320 subcode 1 provides information needed to determine
> the amount of storage to store one or more certificates.
> 
> The subcode value is denoted by setting the left-most bit
> of an 8-byte field.
> 
> The verification-certificate-storage-size block (VCSSB) contains
> the output data when the operation completes successfully.
> 
> Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
> ---
>   include/hw/s390x/ipl/diag320.h | 25 ++++++++++++++++++++++
>   target/s390x/diag.c            | 39 +++++++++++++++++++++++++++++++++-
>   2 files changed, 63 insertions(+), 1 deletion(-)
> 
> diff --git a/include/hw/s390x/ipl/diag320.h b/include/hw/s390x/ipl/diag320.h
> index d6f70c65df..ded336df25 100644
> --- a/include/hw/s390x/ipl/diag320.h
> +++ b/include/hw/s390x/ipl/diag320.h
> @@ -13,7 +13,32 @@
>   #define S390X_DIAG320_H
>   
>   #define DIAG_320_SUBC_QUERY_ISM     0
> +#define DIAG_320_SUBC_QUERY_VCSI    1
>   
>   #define DIAG_320_RC_OK              0x0001
> +#define DIAG_320_RC_NOMEM           0x0202
> +
> +#define VCSSB_MAX_LEN   128
> +#define VCE_HEADER_LEN  128
> +#define VCB_HEADER_LEN  64
> +
> +#define DIAG_320_ISM_QUERY_VCSI     0x4000000000000000
> +
> +struct VerificationCertificateStorageSizeBlock {
> +    uint32_t length;
> +    uint8_t reserved0[3];
> +    uint8_t version;
> +    uint32_t reserved1[6];
> +    uint16_t totalvc;
> +    uint16_t maxvc;
> +    uint32_t reserved3[7];
> +    uint32_t maxvcelen;
> +    uint32_t reserved4[3];
> +    uint32_t largestvcblen;
> +    uint32_t totalvcblen;
> +    uint32_t reserved5[10];
> +} QEMU_PACKED;
> +typedef struct VerificationCertificateStorageSizeBlock \
> +VerificationCertificateStorageSizeBlock;

That's quite a long name, maybe shorten to VerificationCertStorageBlock or 
something similar?

>   
>   #endif
> diff --git a/target/s390x/diag.c b/target/s390x/diag.c
> index c64b935c87..cc639819ec 100644
> --- a/target/s390x/diag.c
> +++ b/target/s390x/diag.c
> @@ -194,6 +194,7 @@ out:
>   void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>   {
>       S390CPU *cpu = env_archcpu(env);
> +    S390IPLCertificateStore *qcs = s390_ipl_get_certificate_store();
>       uint64_t subcode = env->regs[r3];
>       uint64_t addr = env->regs[r1];
>       int rc;
> @@ -210,7 +211,7 @@ void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>   
>       switch (subcode) {
>       case DIAG_320_SUBC_QUERY_ISM:
> -        uint64_t ism =  0;
> +        uint64_t ism = DIAG_320_ISM_QUERY_VCSI;

That likely should be a cpu_to_be64(DIAG_320_ISM_QUERY_VCSI) instead.

>   
>           if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &ism,
>                                       be64_to_cpu(sizeof(ism)))) {
> @@ -218,6 +219,42 @@ void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>               return;
>           }
>   
> +        rc = DIAG_320_RC_OK;
> +        break;
> +    case DIAG_320_SUBC_QUERY_VCSI:
> +        VerificationCertificateStorageSizeBlock vcssb;
> +
> +        if (!diag_parm_addr_valid(addr, sizeof(VerificationCertificateStorageSizeBlock),
> +                                  true)) {
> +            s390_program_interrupt(env, PGM_ADDRESSING, ra);
> +            return;
> +        }
> +
> +        if (!qcs || !qcs->count) {
> +            vcssb.length = 4;
> +        } else {
> +            vcssb.length = VCSSB_MAX_LEN;
> +            vcssb.version = 0;
> +            vcssb.totalvc = qcs->count;
> +            vcssb.maxvc = MAX_CERTIFICATES;
> +            vcssb.maxvcelen = VCE_HEADER_LEN + qcs->max_cert_size;
> +            vcssb.largestvcblen = VCB_HEADER_LEN + vcssb.maxvcelen;
> +            vcssb.totalvcblen = VCB_HEADER_LEN + qcs->count * VCE_HEADER_LEN +
> +                                qcs->total_bytes;

You also need cpu_to_beXX() for these values here, too.

> +        }
> +
> +        if (vcssb.length < 128) {
> +            rc = DIAG_320_RC_NOMEM;
> +            break;
> +        }
> +
> +        if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &vcssb,
> +                                    be64_to_cpu(

And that be64_to_cpu() is wrong here.

  Thomas

> +                                        sizeof(VerificationCertificateStorageSizeBlock)
> +                                    ))) {
> +            s390_cpu_virt_mem_handle_exc(cpu, ra);
> +            return;
> +        }
>           rc = DIAG_320_RC_OK;
>           break;
>       default:

Farhan Ali April 11, 2025, 5:40 p.m. UTC | #2

On 4/8/2025 8:55 AM, Zhuoying Cai wrote:
> DIAG 320 subcode 1 provides information needed to determine
> the amount of storage to store one or more certificates.
>
> The subcode value is denoted by setting the left-most bit
> of an 8-byte field.
>
> The verification-certificate-storage-size block (VCSSB) contains
> the output data when the operation completes successfully.
>
> Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
> ---
>   include/hw/s390x/ipl/diag320.h | 25 ++++++++++++++++++++++
>   target/s390x/diag.c            | 39 +++++++++++++++++++++++++++++++++-
>   2 files changed, 63 insertions(+), 1 deletion(-)
>
> diff --git a/include/hw/s390x/ipl/diag320.h b/include/hw/s390x/ipl/diag320.h
> index d6f70c65df..ded336df25 100644
> --- a/include/hw/s390x/ipl/diag320.h
> +++ b/include/hw/s390x/ipl/diag320.h
> @@ -13,7 +13,32 @@
>   #define S390X_DIAG320_H
>   
>   #define DIAG_320_SUBC_QUERY_ISM     0
> +#define DIAG_320_SUBC_QUERY_VCSI    1
>   
>   #define DIAG_320_RC_OK              0x0001
> +#define DIAG_320_RC_NOMEM           0x0202
> +
> +#define VCSSB_MAX_LEN   128
> +#define VCE_HEADER_LEN  128
> +#define VCB_HEADER_LEN  64
> +
> +#define DIAG_320_ISM_QUERY_VCSI     0x4000000000000000
> +
> +struct VerificationCertificateStorageSizeBlock {
> +    uint32_t length;
> +    uint8_t reserved0[3];
> +    uint8_t version;
> +    uint32_t reserved1[6];
> +    uint16_t totalvc;
> +    uint16_t maxvc;
> +    uint32_t reserved3[7];
> +    uint32_t maxvcelen;
> +    uint32_t reserved4[3];
> +    uint32_t largestvcblen;
> +    uint32_t totalvcblen;
> +    uint32_t reserved5[10];
> +} QEMU_PACKED;
> +typedef struct VerificationCertificateStorageSizeBlock \
> +VerificationCertificateStorageSizeBlock;
>   
>   #endif
> diff --git a/target/s390x/diag.c b/target/s390x/diag.c
> index c64b935c87..cc639819ec 100644
> --- a/target/s390x/diag.c
> +++ b/target/s390x/diag.c
> @@ -194,6 +194,7 @@ out:
>   void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>   {
>       S390CPU *cpu = env_archcpu(env);
> +    S390IPLCertificateStore *qcs = s390_ipl_get_certificate_store();
>       uint64_t subcode = env->regs[r3];
>       uint64_t addr = env->regs[r1];
>       int rc;
> @@ -210,7 +211,7 @@ void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>   
>       switch (subcode) {
>       case DIAG_320_SUBC_QUERY_ISM:
> -        uint64_t ism =  0;
> +        uint64_t ism = DIAG_320_ISM_QUERY_VCSI;
>   
>           if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &ism,
>                                       be64_to_cpu(sizeof(ism)))) {
> @@ -218,6 +219,42 @@ void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
>               return;
>           }
>   
> +        rc = DIAG_320_RC_OK;
> +        break;
> +    case DIAG_320_SUBC_QUERY_VCSI:
> +        VerificationCertificateStorageSizeBlock vcssb;
> +
> +        if (!diag_parm_addr_valid(addr, sizeof(VerificationCertificateStorageSizeBlock),
> +                                  true)) {
> +            s390_program_interrupt(env, PGM_ADDRESSING, ra);
> +            return;
> +        }
> +
> +        if (!qcs || !qcs->count) {
> +            vcssb.length = 4;
> +        } else {
> +            vcssb.length = VCSSB_MAX_LEN;
> +            vcssb.version = 0;
> +            vcssb.totalvc = qcs->count;
> +            vcssb.maxvc = MAX_CERTIFICATES;
> +            vcssb.maxvcelen = VCE_HEADER_LEN + qcs->max_cert_size;
> +            vcssb.largestvcblen = VCB_HEADER_LEN + vcssb.maxvcelen;
> +            vcssb.totalvcblen = VCB_HEADER_LEN + qcs->count * VCE_HEADER_LEN +
> +                                qcs->total_bytes;
> +        }
> +

Do we need this if check below? or can we move it above where we check 
for !qcs || !qcs->count?

> +        if (vcssb.length < 128) {
> +            rc = DIAG_320_RC_NOMEM;
> +            break;
> +        }
> +
> +        if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &vcssb,
> +                                    be64_to_cpu(
> +                                        sizeof(VerificationCertificateStorageSizeBlock)
> +                                    ))) {
> +            s390_cpu_virt_mem_handle_exc(cpu, ra);
> +            return;
> +        }
>           rc = DIAG_320_RC_OK;
>           break;
>       default:

Collin Walling April 17, 2025, 7:57 p.m. UTC | #3

On 4/11/25 9:57 AM, Thomas Huth wrote:
> On 08/04/2025 17.55, Zhuoying Cai wrote:
>> DIAG 320 subcode 1 provides information needed to determine
>> the amount of storage to store one or more certificates.
>>
>> The subcode value is denoted by setting the left-most bit
>> of an 8-byte field.
>>
>> The verification-certificate-storage-size block (VCSSB) contains
>> the output data when the operation completes successfully.
>>
>> Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
>> ---
>>   include/hw/s390x/ipl/diag320.h | 25 ++++++++++++++++++++++
>>   target/s390x/diag.c            | 39 +++++++++++++++++++++++++++++++++-
>>   2 files changed, 63 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/hw/s390x/ipl/diag320.h b/include/hw/s390x/ipl/diag320.h
>> index d6f70c65df..ded336df25 100644
>> --- a/include/hw/s390x/ipl/diag320.h
>> +++ b/include/hw/s390x/ipl/diag320.h
>> @@ -13,7 +13,32 @@
>>   #define S390X_DIAG320_H
>>   
>>   #define DIAG_320_SUBC_QUERY_ISM     0
>> +#define DIAG_320_SUBC_QUERY_VCSI    1
>>   
>>   #define DIAG_320_RC_OK              0x0001
>> +#define DIAG_320_RC_NOMEM           0x0202
>> +
>> +#define VCSSB_MAX_LEN   128
>> +#define VCE_HEADER_LEN  128
>> +#define VCB_HEADER_LEN  64
>> +
>> +#define DIAG_320_ISM_QUERY_VCSI     0x4000000000000000
>> +
>> +struct VerificationCertificateStorageSizeBlock {
>> +    uint32_t length;
>> +    uint8_t reserved0[3];
>> +    uint8_t version;
>> +    uint32_t reserved1[6];
>> +    uint16_t totalvc;
>> +    uint16_t maxvc;
>> +    uint32_t reserved3[7];
>> +    uint32_t maxvcelen;
>> +    uint32_t reserved4[3];
>> +    uint32_t largestvcblen;
>> +    uint32_t totalvcblen;
>> +    uint32_t reserved5[10];
>> +} QEMU_PACKED;
>> +typedef struct VerificationCertificateStorageSizeBlock \
>> +VerificationCertificateStorageSizeBlock;
> 
> That's quite a long name, maybe shorten to VerificationCertStorageBlock or 
> something similar?
> 

I think it would benefit many of the data structures using the
"VerificationCertificate" prefix to be short-handed to "VC".

[...]

diff --git a/include/hw/s390x/ipl/diag320.h b/include/hw/s390x/ipl/diag320.h
index d6f70c65df..ded336df25 100644
--- a/include/hw/s390x/ipl/diag320.h
+++ b/include/hw/s390x/ipl/diag320.h
@@ -13,7 +13,32 @@ 
 #define S390X_DIAG320_H
 
 #define DIAG_320_SUBC_QUERY_ISM     0
+#define DIAG_320_SUBC_QUERY_VCSI    1
 
 #define DIAG_320_RC_OK              0x0001
+#define DIAG_320_RC_NOMEM           0x0202
+
+#define VCSSB_MAX_LEN   128
+#define VCE_HEADER_LEN  128
+#define VCB_HEADER_LEN  64
+
+#define DIAG_320_ISM_QUERY_VCSI     0x4000000000000000
+
+struct VerificationCertificateStorageSizeBlock {
+    uint32_t length;
+    uint8_t reserved0[3];
+    uint8_t version;
+    uint32_t reserved1[6];
+    uint16_t totalvc;
+    uint16_t maxvc;
+    uint32_t reserved3[7];
+    uint32_t maxvcelen;
+    uint32_t reserved4[3];
+    uint32_t largestvcblen;
+    uint32_t totalvcblen;
+    uint32_t reserved5[10];
+} QEMU_PACKED;
+typedef struct VerificationCertificateStorageSizeBlock \
+VerificationCertificateStorageSizeBlock;
 
 #endif
diff --git a/target/s390x/diag.c b/target/s390x/diag.c
index c64b935c87..cc639819ec 100644
--- a/target/s390x/diag.c
+++ b/target/s390x/diag.c
@@ -194,6 +194,7 @@  out:
 void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
 {
     S390CPU *cpu = env_archcpu(env);
+    S390IPLCertificateStore *qcs = s390_ipl_get_certificate_store();
     uint64_t subcode = env->regs[r3];
     uint64_t addr = env->regs[r1];
     int rc;
@@ -210,7 +211,7 @@  void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
 
     switch (subcode) {
     case DIAG_320_SUBC_QUERY_ISM:
-        uint64_t ism =  0;
+        uint64_t ism = DIAG_320_ISM_QUERY_VCSI;
 
         if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &ism,
                                     be64_to_cpu(sizeof(ism)))) {
@@ -218,6 +219,42 @@  void handle_diag_320(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra)
             return;
         }
 
+        rc = DIAG_320_RC_OK;
+        break;
+    case DIAG_320_SUBC_QUERY_VCSI:
+        VerificationCertificateStorageSizeBlock vcssb;
+
+        if (!diag_parm_addr_valid(addr, sizeof(VerificationCertificateStorageSizeBlock),
+                                  true)) {
+            s390_program_interrupt(env, PGM_ADDRESSING, ra);
+            return;
+        }
+
+        if (!qcs || !qcs->count) {
+            vcssb.length = 4;
+        } else {
+            vcssb.length = VCSSB_MAX_LEN;
+            vcssb.version = 0;
+            vcssb.totalvc = qcs->count;
+            vcssb.maxvc = MAX_CERTIFICATES;
+            vcssb.maxvcelen = VCE_HEADER_LEN + qcs->max_cert_size;
+            vcssb.largestvcblen = VCB_HEADER_LEN + vcssb.maxvcelen;
+            vcssb.totalvcblen = VCB_HEADER_LEN + qcs->count * VCE_HEADER_LEN +
+                                qcs->total_bytes;
+        }
+
+        if (vcssb.length < 128) {
+            rc = DIAG_320_RC_NOMEM;
+            break;
+        }
+
+        if (s390_cpu_virt_mem_write(cpu, addr, (uint8_t)r1, &vcssb,
+                                    be64_to_cpu(
+                                        sizeof(VerificationCertificateStorageSizeBlock)
+                                    ))) {
+            s390_cpu_virt_mem_handle_exc(cpu, ra);
+            return;
+        }
         rc = DIAG_320_RC_OK;
         break;
     default:

[v1,06/24] s390x/diag: Implement DIAG 320 subcode 1

Commit Message

Comments

Patch