iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers
History
Anastasia Eskova 8cf57d7217 s390: add support for user-defined certificates 
Enable receiving the user-defined certificates from the s390x
hypervisor via new diagnose 0x320 calls, and make them available to the
Linux root user as 'cert_store_key' type keys in a so-called
'cert_store' keyring.

New user-space interfaces:

  /sys/firmware/cert_store/refresh

    Writing to this attribute re-fetches certificates via DIAG 0x320

  /sys/firmware/cert_store/cs_status

    Reading from this attribute returns either of:

	  "uninitialized"
	    If no certificate has been retrieved yet
	  "ok"
	    If certificates have been successfully retrieved
	  "failed (<number>)"
	    If certificate retrieval failed with reason code <number>

New debug trace areas:

  /sys/kernel/debug/s390dbf/cert_store_msg

  /sys/kernel/debug/s390dbf/cert_store_hexdump

Usage example:

To initiate request for certificates available to the system as root:

  $ echo 1 > /sys/firmware/cert_store/refresh

Upon success the '/sys/firmware/cert_store/cs_status' contains
the value 'ok'.

  $ cat /sys/firmware/cert_store/cs_status
  ok

Get the ID of the keyring 'cert_store':

  $ keyctl search @us keyring cert_store
OR
  $ keyctl link @us @s; keyctl request keyring cert_store

Obtain list of IDs of certificates:

  $ keyctl rlist <cert_store keyring ID>

Display certificate content as hex-dump:

  $ keyctl read <certificate ID>

Read certificate contents as binary data:

  $ keyctl pipe <certificate ID> >cert_data

Display certificate description:

  $ keyctl describe <certificate ID>

The certificate description has the following format:

  <64 bytes certificate name in EBCDIC> ':'
  <certificate index as obtained from hypervisor> ':'
  <certificate store token obtained from hypervisor>

The certificate description in /proc/keys has certificate name
represented in ASCII.

Users can read but cannot update the content of the certificate.

Signed-off-by: Anastasia Eskova <anastasia.eskova@ibm.com>
Reviewed-by: Peter Oberparleiter <oberpar@linux.ibm.com>
Acked-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
2023-07-24 12:12:21 +02:00
..
accel
Memory leak fixes in drm/client, memory access/leak fixes for
2023-07-21 12:14:05 +10:00
accessibility
acpi
More ACPI updates for 6.5-rc1
2023-07-06 22:25:06 -07:00
amba
android
ata
ata: pata_parport: Add missing protocol modules description
2023-07-17 08:30:41 +09:00
atm
auxdisplay
drm changes for 6.5-rc1:
2023-06-29 11:00:17 -07:00
base
regmap: Disable locking for RBTREE and MAPLE unit tests
2023-07-20 13:57:01 +01:00
bcma
block
block-6.5-2023-07-21
2023-07-22 11:05:15 -07:00
bluetooth
Bluetooth: btusb: Fix bluetooth on Intel Macbook 2014
2023-07-20 11:26:56 -07:00
bus
SoC fixes for 6.5, part 1
2023-07-06 09:56:53 -07:00
cdrom
cdrom/gdrom: Fix build error
2023-06-29 08:09:31 -06:00
cdx
cdx: Replace custom mcdi logging with print_hex_dump_debug()
2023-06-15 13:42:16 +02:00
char
tpm,tpm_tis: Disable interrupts after 1000 unhandled IRQs
2023-07-17 19:40:27 +00:00
clk
Another set of clk driver updates and fixes for the merge window. The
2023-07-04 11:07:45 -07:00
clocksource
RISC-V Patches for the 6.5 Merge Window, Part 1
2023-06-30 09:37:26 -07:00
comedi
comedi: make all 'class' structures const
2023-06-23 10:29:02 +02:00
connector
counter
First set of Counter updates for the 6.5 cycle
2023-06-15 13:07:59 +02:00
cpufreq
cpufreq: sparc: Don't mark cpufreq callbacks with __init
2023-07-12 12:45:18 +02:00
cpuidle
crypto
s390 updates for 6.5 merge window part 2
2023-07-06 13:18:30 -07:00
cxl
cxl: Fix one kernel-doc comment
2023-06-29 16:03:58 -07:00
dax
dax: enable dax fault handler to report VM_FAULT_HWPOISON
2023-06-26 07:54:23 -06:00
dca
devfreq
dio
dma
dmaengine updates for v6.5
2023-07-06 09:48:31 -07:00
dma-buf
dma-buf/dma-resv: Stop leaking on krealloc() failure
2023-07-15 13:57:30 +02:00
edac
- Add initial support for RAS hardware found on AMD server GPUs (MI200).
2023-06-26 15:09:18 -07:00
eisa
extcon
firewire
firewire: net: fix use after free in fwnet_finish_incoming_packet()
2023-06-24 14:03:46 +09:00
firmware
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
fpga
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
fsi
gnss
gpio
gpio: mvebu: fix irq domain leak
2023-07-20 14:38:36 +02:00
gpu
drm/atomic: Fix potential use-after-free in nonblocking commits
2023-07-21 09:53:30 -07:00
greybus
hid
for-linus-2023071101
2023-07-12 11:56:22 -07:00
hsi
hte
hv
x86/hyperv: Fix hyperv_pcpu_input_arg handling when CPUs go online/offline
2023-06-17 23:09:47 +00:00
hwmon
driver core changes for 6.5-rc1
2023-07-03 12:56:23 -07:00
hwspinlock
hwtracing
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
i2c
Part 2 of I2C patches for 6.5
2023-07-08 12:28:00 -07:00
i3c
idle
Revert "intel_idle: Add support for using intel_idle in a VM guest using just hlt"
2023-07-19 20:10:03 +02:00
iio
driver core changes for 6.5-rc1
2023-07-03 12:56:23 -07:00
infiniband
v6.5 merge window RDMA pull request
2023-06-29 21:01:17 -07:00
input
ARM: SoC changes for 6.5
2023-06-29 15:28:33 -07:00
interconnect
iommu
iommu/sva: Fix signedness bug in iommu_sva_alloc_pasid()
2023-07-14 14:53:19 +02:00
ipack
irqchip
RISC-V Patches for the 6.5 Merge Window, Part 1
2023-06-30 09:37:26 -07:00
isdn
leds
- New Drivers
2023-07-03 11:26:05 -07:00
macintosh
macintosh: Use of_property_read_reg() to parse "reg"
2023-06-21 14:08:54 +10:00
mailbox
mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
2023-06-30 17:35:45 -05:00
mcb
md
hardening fixes for v6.5-rc1
2023-07-08 12:08:39 -07:00
media
media updates for v6.5-rc1
2023-07-05 10:42:32 -07:00
memory
asm-generic updates for 6.5
2023-07-06 10:06:04 -07:00
memstick
message
mfd
- New Drivers
2023-07-03 10:55:04 -07:00
misc
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
mmc
mmc: Revert "mmc: core: Allow mmc_start_host() synchronously detect a card"
2023-06-30 14:06:51 +02:00
most
mtd
Core MTD changes:
2023-06-28 14:02:03 -07:00
mux
mux: adg792a: Switch back to use i2c_driver's .probe()
2023-06-15 13:42:18 +02:00
net
net: phy: prevent stale pointer dereference in phy_init()
2023-07-20 12:47:25 -07:00
nfc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-06-22 18:40:38 -07:00
ntb
ntb: hw: amd: Fix debugfs_create_dir error checking
2023-07-08 13:55:44 -04:00
nubus
nvdimm
dax: enable dax fault handler to report VM_FAULT_HWPOISON
2023-06-26 07:54:23 -06:00
nvme
SCSI fixes on 20230714
2023-07-14 19:57:29 -07:00
nvmem
nvmem: rmem: Use NVMEM_DEVID_AUTO
2023-06-15 13:42:18 +02:00
of
of: Preserve "of-display" device name for compatibility
2023-07-11 16:33:01 -06:00
opp
OPP: Properly propagate error along when failing to get icc_path
2023-06-27 07:35:14 +05:30
parisc
parisc: Move init function declarations into header file
2023-06-30 17:14:15 +02:00
parport
Char/Misc and other driver subsystem updates for 6.5-rc1
2023-07-03 12:46:47 -07:00
pci
Fixes for pci_clean_master, error handling in driver inits, and various
2023-07-09 09:35:51 -07:00
pcmcia
pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
2023-06-15 13:42:18 +02:00
peci
perf
perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start()
2023-07-12 07:41:23 -07:00
phy
phy-for-6.5-v2
2023-07-05 21:38:13 -07:00
pinctrl
pinctrl: renesas: Fixes for v6.5
2023-07-13 00:05:52 +02:00
platform
platform/x86: touchscreen_dmi: Add info for the Archos 101 Cesium Educ tablet
2023-07-11 12:15:30 +02:00
pnp
power
power supply and reset changes for the 6.5 series
2023-07-03 17:23:16 -07:00
powercap
ARM: SoC drivers for 6.5
2023-06-29 15:22:19 -07:00
pps
ps3
ptp
ptp: Make max_phase_adjustment sysfs device attribute invisible when not supported
2023-07-03 13:17:25 -07:00
pwm
pwm: Changes for v6.5-rc1
2023-07-05 12:55:06 -07:00
rapidio
ras
regulator
regulator: da9063: fix null pointer deref with partial DT config
2023-07-17 06:15:18 +01:00
remoteproc
remoteproc updates for v6.5
2023-07-03 17:03:05 -07:00
reset
ARM: SoC drivers for 6.5
2023-06-29 15:22:19 -07:00
rpmsg
rtc
RTC for 6.5
2023-07-03 10:43:10 -07:00
s390
s390: add support for user-defined certificates
2023-07-24 12:12:21 +02:00
sbus
oradax: make 'cl' a static const structure
2023-06-23 10:27:02 +02:00
scsi
scsi: storvsc: Handle SRB status value 0x30
2023-07-11 12:38:49 -04:00
sh
siox
slimbus
soc
USB / Thunderbolt driver updates for 6.5-rc1
2023-07-03 13:23:10 -07:00
soundwire
soundwire: stream: Make master_list ordered to prevent deadlocks
2023-06-21 16:31:45 +05:30
spi
spi: Fixes for v6.5
2023-07-15 08:51:02 -07:00
spmi
ssb
staging
media updates for v6.5-rc1
2023-07-05 10:42:32 -07:00
target
SCSI misc on 20230708
2023-07-08 12:35:18 -07:00
tc
tee
ARM: SoC drivers for 6.5
2023-06-29 15:22:19 -07:00
thermal
Thermal control updates for 6.5-rc1
2023-06-26 19:41:26 -07:00
thunderbolt
thunderbolt: Add test case for 3 DisplayPort tunnels
2023-06-16 09:53:29 +03:00
tty
TTY/Serial driver updates for 6.5-rc1.
2023-07-03 13:14:58 -07:00
ufs
Merge branch '6.5/scsi-staging' into 6.5/scsi-fixes
2023-07-11 12:15:15 -04:00
uio
usb
USB / Thunderbolt driver updates for 6.5-rc1
2023-07-03 13:23:10 -07:00
vdpa
virtio: features, fixes, cleanups
2023-07-03 15:38:26 -07:00
vfio
VFIO updates for v6.5-rc1
2023-06-30 15:22:09 -07:00
vhost
virtio: features, fixes, cleanups
2023-07-03 15:38:26 -07:00
video
fbdev: Explicitly include correct DT includes
2023-07-20 07:56:30 +02:00
virt
workqueue: Ordered workqueue creation cleanups
2023-06-27 16:46:06 -07:00
virtio
virtio: allow caller to override device DMA mask in vp_modern
2023-06-27 10:47:08 -04:00
vlynq
w1
watchdog
watchdog: sp5100_tco: support Hygon FCH/SCH (Server Controller Hub)
2023-06-26 14:30:07 +02:00
xen
xen: branch for v6.5-rc2
2023-07-13 13:39:36 -07:00
zorro
Kconfig
Makefile