1. 30 Sep, 2020 8 commits
    • Vasily Gorbik's avatar
      s390: remove orphaned function declarations · 402e9228
      Vasily Gorbik authored
      arch/s390/pci/pci_bus.h: zpci_bus_init - only declaration left after
      commit 05bc1be6 ("s390/pci: create zPCI bus")
      
      arch/s390/include/asm/gmap.h: gmap_pte_notify - only declaration left
      after commit 4be130a0 ("s390/mm: add shadow gmap support")
      
      arch/s390/include/asm/pgalloc.h: rcu_table_freelist_finish - only
      declaration left after commit 36409f63 ("[S390] use generic RCU
      page-table freeing code")
      
      arch/s390/include/asm/tlbflush.h: smp_ptlb_all - only declaration left
      after commit 5a79859a ("s390: remove 31 bit support")
      
      arch/s390/include/asm/vtimer.h: init_cpu_vtimer - only declaration left
      after commit b5f87f15 ("s390/idle: consolidate idle functions and
      definitions")
      
      arch/s390/include/asm/pci.h: zpci_debug_info - only declaration left
      after commit 386aa051 ("s390/pci: remove per device debug attribute")
      
      arch/s390/include/asm/vdso.h: vdso_alloc_boot_cpu - only declaration
      left after commit 4bff8cb5 ("s390: convert to GENERIC_VDSO")
      
      arch/s390/include/asm/smp.h: smp_vcpu_scheduled - only declaration left
      after commit 67626fad ("s390: enforce CONFIG_SMP")
      
      arch/s390/kernel/entry.h: restart_call_handler - only declaration left
      after commit 8b646bd7 ("[S390] rework smp code")
      
      arch/s390/kernel/entry.h: startup_init_nobss - only declaration left
      after commit 2e83e0eb ("s390: clean .bss before running uncompressed
      kernel")
      
      arch/s390/kernel/entry.h: s390_early_resume - only declaration left after
      commit 39421627 ("s390: remove broken hibernate / power management
      support")
      
      drivers/s390/char/raw3270.h: raw3270_request_alloc_bootmem - only
      declaration left after commit 33403dcf ("[S390] 3270 console:
      convert from bootmem to slab")
      
      drivers/s390/cio/device.h: ccw_device_schedule_sch_unregister - only
      declaration left after commit 37de53bb ("[S390] cio: introduce ccw
      device todos")
      
      drivers/s390/char/tape.h: tape_hotplug_event - has only declaration
      since recorded git history.
      
      drivers/s390/char/tape.h: tape_oper_handler - has only declaration since
      recorded git history.
      
      drivers/s390/char/tape.h: tape_noper_handler - has only declaration
      since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_check_locate - only declaration
      left after commit 161beff8 ("s390/tape: remove tape block leftovers")
      
      drivers/s390/char/tape_std.h: tape_std_default_handler - has only
      declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_unexpect_uchk_handler - has only
      declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_irq - has only declaration since
      recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery - has only
      declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery_has_failed -
      has only declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery_succeded - has
      only declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery_do_retry - has
      only declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery_read_opposite -
      has only declaration since recorded git history.
      
      drivers/s390/char/tape_std.h: tape_std_error_recovery_HWBUG - has only
      declaration since recorded git history.
      Reviewed-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      402e9228
    • Vasily Gorbik's avatar
      s390/startup: add kaslr_offset to pgm check info print · 3ca8b855
      Vasily Gorbik authored
      startup pgm check handler is active since the very beginning of kernel
      code execution until uncompressed kernel sets up s390_base_pgm_handler.
      
      It is useful not just for the decompressor debugging itself, but also for
      early code of uncompressed kernel, in particular Kasan initialization. But
      since there is no stack trace or symbolic representation of failing psw
      address it is impossible to figure out faulty code location without
      knowing Kaslr kernel base. So, let's add it to the startup pgm check
      info printed as well.
      Reviewed-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      3ca8b855
    • Vasily Gorbik's avatar
      s390/sclp: remove orphaned sclp_set_columns and sclp_set_htab · 3372e88b
      Vasily Gorbik authored
      sclp_set_columns and sclp_set_htab are leftovers since commit 095761d2
      ("[S390] sclp_tty: remove ioctl interface."), remove them as a dead code.
      Reviewed-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      3372e88b
    • Vasily Gorbik's avatar
      s390/sclp_sdias: remove unused sclp_sdias_exit · f980ec9e
      Vasily Gorbik authored
      sclp_sdias cannot be built as a module, CRASH_DUMP option is a bool not a
      tristate. zcore_exit() has already been removed with commit cbe62fac
      ("s390: char: make zcore explicitly non-modular"). Remove orphaned
      sclp_sdias_exit for consistency as well.
      Reviewed-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      f980ec9e
    • Vasily Gorbik's avatar
      s390/startup: correct "dfltcc" option parsing · 86cde618
      Vasily Gorbik authored
      Currently if just "dfltcc" is passed as a kernel command line option
      "val" going to be NULL, this leads to reading at address 0 in
      strcmp(val, "off")
      
      Fix that by making sure "val" is not NULL. This does not affect option
      handling logic.
      Reviewed-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      86cde618
    • Vasily Gorbik's avatar
      s390/vdso: remove orphaned declarations · 3731ac57
      Vasily Gorbik authored
      Remove couple of declarations which are unused since commit 4bff8cb5
      ("s390: convert to GENERIC_VDSO").
      Acked-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      3731ac57
    • Vasily Gorbik's avatar
      s390/cio: remove unused channel_subsystem_reinit · 54530ce6
      Vasily Gorbik authored
      Added with commit 77e844b9 ("s390/hibernate: add early resume
      function") unused since commit 39421627 ("s390: remove broken
      hibernate / power management support").
      Reviewed-by: default avatarVineeth Vijayan <vneethv@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      54530ce6
    • Sven Schnelle's avatar
      s390: remove cad commandline option · ad3e6948
      Sven Schnelle authored
      remove the cad command line option as the instruction was never
      published and never used by userspace.
      Signed-off-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Reviewed-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      Acked-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      ad3e6948
  2. 29 Sep, 2020 5 commits
  3. 26 Sep, 2020 6 commits
  4. 24 Sep, 2020 2 commits
    • Harald Freudenberger's avatar
      s390/pkey: support CCA and EP11 secure ECC private keys · fa6999e3
      Harald Freudenberger authored
      This patch extends the pkey kernel module to support CCA
      and EP11 secure ECC (private) keys as source for deriving
      ECC protected (private) keys.
      
      There is yet another new ioctl to support this: PKEY_KBLOB2PROTK3
      can handle all the old keys plus CCA and EP11 secure ECC keys.
      For details see ioctl description in pkey.h.
      
      The CPACF unit currently only supports a subset of 5
      different ECC curves (P-256, P-384, P-521, ED25519, ED448) and
      so only keys of this curve type can be transformed into
      protected keys. However, the pkey and the cca/ep11 low level
      functions do not check this but simple pass-through the key
      blob to the firmware onto the crypto cards. So most likely
      the failure will be a response carrying an error code
      resulting in user space errno value EIO instead of EINVAL.
      
      Deriving a protected key from an EP11 ECC secure key
      requires a CEX7 in EP11 mode. Deriving a protected key from
      an CCA ECC secure key requires a CEX7 in CCA mode.
      
      Together with this new ioctl the ioctls for querying lists
      of apqns (PKEY_APQNS4K and PKEY_APQNS4KT) have been extended
      to support EP11 and CCA ECC secure key type and key blobs.
      
      Together with this ioctl there comes a new struct ep11kblob_header
      which is to be prepended onto the EP11 key blob. See details
      in pkey.h for the fields in there. The older EP11 AES key blob
      with some info stored in the (unused) session field is also
      supported with this new ioctl.
      Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
      Reviewed-by: default avatarIngo Franzki <ifranzki@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      fa6999e3
    • Harald Freudenberger's avatar
      s390/zcrypt: Support for CCA APKA master keys · 32ca04bb
      Harald Freudenberger authored
      Support for CCA APKA (used for CCA ECC keys) master keys.
      The existing mkvps sysfs attribute for each queue for cards
      in CCA mode is extended to show the APKA master key register
      states and verification pattern:
      
      Improve the mkvps sysfs attribute to display the APKA
      master key verification patterns for old, current and new
      master key registers. The APKA master key is used to
      encrypt CCA ECC secure keys. The syntax is analog to the
      existing AES mk verification patterns:
      
          APKA NEW: <new_apka_mk_state> <new_apka_mk_mkvp>
          APKA CUR: <cur_apka_mk_state> <cur_apka_mk_mkvp>
          APKA OLD: <old_apka_mk_state> <old_apka_mk_mkvp>
        with
          <new_apka_mk_state>: 'empty' or 'partial' or 'full'
          <cur_apka_mk_state>: 'valid' or 'invalid'
          <old_apka_mk_state>: 'valid' or 'invalid'
          <new_apka_mk_mkvp>, <cur_apka_mk_mkvp>, <old_apka_mk_mkvp>
            8 byte hex string with leading 0x
      
      MKVP means Master Key Verification Pattern and is a folded hash over
      the key value. Only the states 'full' and 'valid' result in displaying
      a useful mkvp, otherwise a mkvp of all bytes zero is shown. If for any
      reason the FQ fails and the (cached) information is not available, the
      state '-' will be shown with the mkvp value also '-'. The values shown
      here are the very same as the cca panel tools displays.
      
      The internal function cca_findcard2() also supports to match
      against the APKA master key verification patterns and the pkey
      kernel module which uses this function needed compatible rewrite
      of these invocations.
      Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      32ca04bb
  5. 21 Sep, 2020 3 commits
  6. 17 Sep, 2020 5 commits
  7. 16 Sep, 2020 8 commits
    • Vasily Gorbik's avatar
      s390/kasan: support protvirt with 4-level paging · c360c9a2
      Vasily Gorbik authored
      Currently the kernel crashes in Kasan instrumentation code if
      CONFIG_KASAN_S390_4_LEVEL_PAGING is used on protected virtualization
      capable machine where the ultravisor imposes addressing limitations on
      the host and those limitations are lower then KASAN_SHADOW_OFFSET.
      
      The problem is that Kasan has to know in advance where vmalloc/modules
      areas would be. With protected virtualization enabled vmalloc/modules
      areas are moved down to the ultravisor secure storage limit while kasan
      still expects them at the very end of 4-level paging address space.
      
      To fix that make Kasan recognize when protected virtualization is enabled
      and predefine vmalloc/modules areas position which are compliant with
      ultravisor secure storage limit.
      
      Kasan shadow itself stays in place and might reside above that ultravisor
      secure storage limit.
      
      One slight difference compaired to a kernel without Kasan enabled is that
      vmalloc/modules areas position is not reverted to default if ultravisor
      initialization fails. It would still be below the ultravisor secure
      storage limit.
      
      Kernel layout with kasan, 4-level paging and protected virtualization
      enabled (ultravisor secure storage limit is at 0x0000800000000000):
      ---[ vmemmap Area Start ]---
      0x0000400000000000-0x0000400080000000
      ---[ vmemmap Area End ]---
      ---[ vmalloc Area Start ]---
      0x00007fe000000000-0x00007fff80000000
      ---[ vmalloc Area End ]---
      ---[ Modules Area Start ]---
      0x00007fff80000000-0x0000800000000000
      ---[ Modules Area End ]---
      ---[ Kasan Shadow Start ]---
      0x0018000000000000-0x001c000000000000
      ---[ Kasan Shadow End ]---
      0x001c000000000000-0x0020000000000000         1P PGD I
      
      Kernel layout with kasan, 4-level paging and protected virtualization
      disabled/unsupported:
      ---[ vmemmap Area Start ]---
      0x0000400000000000-0x0000400060000000
      ---[ vmemmap Area End ]---
      ---[ Kasan Shadow Start ]---
      0x0018000000000000-0x001c000000000000
      ---[ Kasan Shadow End ]---
      ---[ vmalloc Area Start ]---
      0x001fffe000000000-0x001fffff80000000
      ---[ vmalloc Area End ]---
      ---[ Modules Area Start ]---
      0x001fffff80000000-0x0020000000000000
      ---[ Modules Area End ]---
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      c360c9a2
    • Vasily Gorbik's avatar
      s390/protvirt: support ultravisor without secure storage limit · c2314cb2
      Vasily Gorbik authored
      Avoid potential crash due to lack of secure storage limit. Check that
      max_sec_stor_addr is not 0 before adjusting vmalloc position.
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      c2314cb2
    • Vasily Gorbik's avatar
      s390/protvirt: parse prot_virt option in the decompressor · 1d6671ae
      Vasily Gorbik authored
      To make early kernel address space layout definition possible parse
      prot_virt option in the decompressor and pass it to the uncompressed
      kernel. This enables kasan to take ultravisor secure storage limit into
      consideration and pre-define vmalloc position correctly.
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      1d6671ae
    • Vasily Gorbik's avatar
      s390/kasan: avoid unnecessary moving of vmemmap · 8f78657c
      Vasily Gorbik authored
      Currently vmemmap area is unconditionally moved beyond Kasan shadow
      memory. When Kasan is not enabled vmemmap area position is calculated
      in setup_memory_end() and depends on limiting factors like ultravisor
      secure storage limit. Try to follow the same logic with Kasan enabled
      as well and avoid unnecessary vmemmap area position changes unless it
      really intersects with Kasan shadow.
      Reviewed-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      8f78657c
    • Vasily Gorbik's avatar
      s390/mm,ptdump: sort markers · ee4b2ce6
      Vasily Gorbik authored
      Kasan configuration options and size of physical memory present could
      affect kernel memory layout. In particular vmemmap, vmalloc and modules
      might come before kasan shadow or after it. To make ptdump correctly
      output markers in the right order markers have to be sorted.
      
      To preserve the original order of markers with the same start address
      avoid using sort() from lib/sort.c (which is not stable sorting algorithm)
      and sort markers in place.
      Reviewed-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      ee4b2ce6
    • Niklas Schnelle's avatar
      s390/pci: add missing pci_iov.h include · 4904e194
      Niklas Schnelle authored
      this fixes a missing prototype compiler warning spotted by the kernel
      test robot.
      
      Fixes: abb95b75 ("s390/pci: consolidate SR-IOV specific code")
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Signed-off-by: default avatarNiklas Schnelle <schnelle@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      4904e194
    • Heiko Carstens's avatar
      s390/mm,ptdump: add proper ifdefs · 48111b48
      Heiko Carstens authored
      Use ifdefs instead of IS_ENABLED() to avoid compile error
      for !PTDUMP_DEBUGFS:
      
      arch/s390/mm/dump_pagetables.c: In function ‘pt_dump_init’:
      arch/s390/mm/dump_pagetables.c:248:64: error: ‘ptdump_fops’ undeclared (first use in this function); did you mean ‘pidfd_fops’?
         debugfs_create_file("kernel_page_tables", 0400, NULL, NULL, &ptdump_fops);
      Reported-by: default avatarJulian Wiedmann <jwi@linux.ibm.com>
      Fixes: 08c8e685 ("s390: add ARCH_HAS_DEBUG_WX support")
      Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      48111b48
    • Alexander Egorenkov's avatar
      s390/boot: enable .bss section for compressed kernel · 980d5f9a
      Alexander Egorenkov authored
      - Support static uninitialized variables in compressed kernel.
      - Remove chkbss script
      - Get rid of workarounds for not having .bss section
      Signed-off-by: default avatarAlexander Egorenkov <egorenar@linux.ibm.com>
      Reviewed-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      980d5f9a
  8. 14 Sep, 2020 3 commits