On 12/8/25 16:32, Zhuoying Cai wrote:
> The IPL information report block (IIRB) contains information used
> to locate IPL records and to report the results of signature verification
> of one or more secure components of the load device.
>
> IIRB is stored immediately following the IPL Parameter Block. Results on
> component verification in any case (failure or success) are stored.
>
> Signed-off-by: Zhuoying Cai <[email protected]>
> ---
> docs/specs/s390x-secure-ipl.rst | 13 +++++++
> pc-bios/s390-ccw/iplb.h | 62 +++++++++++++++++++++++++++++++++
> 2 files changed, 75 insertions(+)
>
> diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst
> index be98dc143d..29c5d59b99 100644
> --- a/docs/specs/s390x-secure-ipl.rst
> +++ b/docs/specs/s390x-secure-ipl.rst
> @@ -86,3 +86,16 @@ Subcode 1 - perform signature verification
> * ``0x0302``: PKCS#7 format signature is invalid
> * ``0x0402``: signature-verification failed
> * ``0x0502``: length of Diag508SigVerifBlock is invalid
> +
> +IPL Information Report Block
> +----------------------------
> +
> +The IPL Parameter Block (IPLPB), utilized for IPL operation, is extended
> with an
> +IPL Information Report Block (IIRB), which contains the results from secure
> IPL
> +operations such as:
> +
> +* component data
> +* verification results
> +* certificate data
> +
> +The guest kernel will inspect the IIRB and build the keyring.
This needs more elaboration. Is the data listed above used in
the keyring? Maybe rewording to "The guest's kernel will use this data
in the IIRB when building its keyring." ?
> diff --git a/pc-bios/s390-ccw/iplb.h b/pc-bios/s390-ccw/iplb.h
> index 08f259ff31..cc3ecc69e5 100644
> --- a/pc-bios/s390-ccw/iplb.h
> +++ b/pc-bios/s390-ccw/iplb.h
> @@ -23,6 +23,68 @@ extern QemuIplParameters qipl;
> extern IplParameterBlock iplb __attribute__((__aligned__(PAGE_SIZE)));
> extern bool have_iplb;
>
> +struct IplInfoReportBlockHeader {
> + uint32_t len;
> + uint8_t iirb_flags;
s/iirb_flags/flags
> + uint8_t reserved1[2];
> + uint8_t version;
Is version used? If not, merge into one `reserved` field.
> + uint8_t reserved2[8];
> +};
> +typedef struct IplInfoReportBlockHeader IplInfoReportBlockHeader;
> +
> +struct IplInfoBlockHeader {
> + uint32_t len;
> + uint8_t ibt;
s/ibt/type
> + uint8_t reserved1[3];
> + uint8_t reserved2[8];
Make this one `reserved[11]`.
> +};
> +typedef struct IplInfoBlockHeader IplInfoBlockHeader;
> +
> +enum IplIbt {
> + IPL_IBT_CERTIFICATES = 1,
> + IPL_IBT_COMPONENTS = 2,
> +};
s/IplIbt/IplInfoBlockType
s/IPL_IBT/IPL_INFO_BLOCK_TYPE
It becomes more verbose, but it's much easier to read.
> +
> +struct IplSignatureCertificateEntry {
> + uint64_t addr;
> + uint64_t len;
> +};
> +typedef struct IplSignatureCertificateEntry IplSignatureCertificateEntry;
> +
> +struct IplSignatureCertificateList {
> + IplInfoBlockHeader ipl_info_header;
> + IplSignatureCertificateEntry cert_entries[MAX_CERTIFICATES];
> +};
> +typedef struct IplSignatureCertificateList IplSignatureCertificateList;
> +
> +#define S390_IPL_COMPONENT_FLAG_SC 0x80
> +#define S390_IPL_COMPONENT_FLAG_CSV 0x40
Rename these to S390_IPL_DEV_COMP_FLAG_*
> +
> +struct IplDeviceComponentEntry {
> + uint64_t addr;
> + uint64_t len;
> + uint8_t flags;
> + uint8_t reserved1[5];
> + uint16_t cert_index;
> + uint8_t reserved2[8];
> +};
> +typedef struct IplDeviceComponentEntry IplDeviceComponentEntry;
> +
> +struct IplDeviceComponentList {
> + IplInfoBlockHeader ipl_info_header;
> + IplDeviceComponentEntry device_entries[MAX_CERTIFICATES];
> +};
> +typedef struct IplDeviceComponentList IplDeviceComponentList;
> +
> +#define COMP_LIST_MAX sizeof(IplDeviceComponentList)
> +#define CERT_LIST_MAX sizeof(IplSignatureCertificateList)
> +
> +struct IplInfoReportBlock {
> + IplInfoReportBlockHeader hdr;
> + uint8_t info_blks[COMP_LIST_MAX + CERT_LIST_MAX];
> +};
> +typedef struct IplInfoReportBlock IplInfoReportBlock;
> +
> #define S390_IPL_TYPE_FCP 0x00
> #define S390_IPL_TYPE_CCW 0x02
> #define S390_IPL_TYPE_QEMU_SCSI 0xff
Other than the nits above, the data structure layouts are correct.
--
Regards,
Collin
