<..snip..>
diff --git a/hw/s390x/cert-store.h b/hw/s390x/cert-store.h new file mode 100644 index 0000000000..3f76a00277 --- /dev/null +++ b/hw/s390x/cert-store.h @@ -0,0 +1,39 @@ +/* + * S390 certificate store + * + * Copyright 2025 IBM Corp. + * Author(s): Zhuoying Cai <[email protected]> + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#ifndef HW_S390_CERT_STORE_H +#define HW_S390_CERT_STORE_H + +#include "hw/s390x/ipl/qipl.h" +#include "crypto/x509-utils.h" + +#define VC_NAME_LEN_BYTES 64 + +#define CERT_KEY_ID_LEN QCRYPTO_HASH_DIGEST_LEN_SHA256 +#define CERT_HASH_LEN QCRYPTO_HASH_DIGEST_LEN_SHA256 + +struct S390IPLCertificate { + uint8_t vc_name[VC_NAME_LEN_BYTES]; + size_t size; + size_t der_size; + uint8_t *raw; +}; +typedef struct S390IPLCertificate S390IPLCertificate; + +struct S390IPLCertificateStore { + uint16_t count; + size_t max_cert_size; + size_t total_bytes; + S390IPLCertificate certs[MAX_CERTIFICATES]; +} QEMU_PACKED;
I think the guidance is to avoid using QEMU_PACKED (see Thomas's reply to me https://lore.kernel.org/qemu-devel/[email protected]/). Also this is an internal QEMU structure and not an architecture specific one, so this shouldn't be packed, no?
The rest of the patch LGTM. <...snip...>
