Re: [PATCH v8 21/30] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF)

Tue, 17 Feb 2026 00:08:08 -0800 

Zhuoying Cai <[email protected]> writes:

> The secure-IPL-code-loading-attributes facility (SCLAF)
> provides additional security during secure IPL.
>
> Availability of SCLAF is determined by byte 136 bit 3 of the
> SCLP Read Info block.
>
> This feature is available starting with the gen16 CPU model.
>
> Signed-off-by: Zhuoying Cai <[email protected]>
> Reviewed-by: Collin Walling <[email protected]>
> ---
>  docs/specs/s390x-secure-ipl.rst     | 19 +++++++++++++++++++
>  target/s390x/cpu_features.c         |  2 ++
>  target/s390x/cpu_features_def.h.inc |  1 +
>  target/s390x/cpu_models.c           |  3 +++
>  target/s390x/gen-features.c         |  2 ++
>  target/s390x/kvm/kvm.c              |  1 +
>  6 files changed, 28 insertions(+)
>
> diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst
> index 82dd8b847a..e7a93806f6 100644
> --- a/docs/specs/s390x-secure-ipl.rst
> +++ b/docs/specs/s390x-secure-ipl.rst
> @@ -109,3 +109,22 @@ operations such as:
>  
>  The guest's kernel inspects the IIRB and uses the certificate data it 
> contains
>  to build the keyring.
> +
> +
> +Secure Code Loading Attributes Facility
> +---------------------------------

Does not build:

    docs/specs/s390x-secure-ipl.rst:170: WARNING: Title underline too short.

    Secure Code Loading Attributes Facility
    --------------------------------- [docutils]

Please test with configure --enable-docs.

> +
> +The Secure Code Loading Attributes Facility (SCLAF) enhances system security
> +during the IPL by enforcing additional verification rules.
> +
> +When SCLAF is available, its behavior depends on the IPL mode. It introduces
> +verification of both signed and unsigned components to help ensure that only
> +authorized code is loaded during the IPL process. Any errors detected by 
> SCLAF
> +are reported in the IIRB.
> +
> +Unsigned components are restricted to load addresses at or above absolute
> +storage address ``0x2000``.
> +
> +Signed components must include a Secure Code Loading Attribute Block (SCLAB),
> +which is appended at the very end of the component. The SCLAB defines 
> security
> +attributes for handling the signed code.

[...]

Reply via email to