s390-tools/s390-tools-sles15sp2-02-zipl-allow-stand-alone-secure-option-on-command-l.patch

Subject: [PATCH] [BZ 184396] zipl: allow stand alone secure option on command line
From: Stefan Haberland <sth@linux.ibm.com>

Description:   zipl: fix secure boot config handling
Symptom:       The config file parsing for secure boot worked not as
               it was expected to be. For example a config section
               setting was not evaluated properly.
               It is not possible to specify command line option -S
               without other options.
               Additionally the man page showed an invalid example.
Problem:       The config file parsing was not implemented properly.
Solution:      The hierarchy of the secure boot settings in the config
               file is:
                    defaultboot > menu > section
               Allow that --secure or -S is specified on command line
               without the need to allow all options on the command
               line. Also ensure that the command line option
               overrules the config option and correctly ensure that
               secure boot is only set for SCSI devices.
               Fix man page example.
Reproduction:  Run zipl with a secure= setting in a configuration
               section or specify -S on command line.
Upstream-ID:   27f6c0a167da8d08f7f3343360528528f85d661f
Problem-ID:    184396

Upstream-Description:

              zipl: allow stand alone secure option on command line

              Allow that --secure or -S is specified on command line without the need to
              allow all options on the command line.
              Also ensure that the command line option overrules the config option and
              correctly ensure that secure boot is only set for SCSI devices.

              Signed-off-by: Stefan Haberland <sth@linux.ibm.com>
              Reviewed-by: Philipp Rudo <prudo@linux.ibm.com>
              Signed-off-by: Jan Hoeppner <hoeppner@linux.ibm.com>


Signed-off-by: Stefan Haberland <sth@linux.ibm.com>
---
 zipl/src/bootmap.c |    6 ++++++
 zipl/src/job.c     |   52 +++++++++++++++++++++++++---------------------------
 2 files changed, 31 insertions(+), 27 deletions(-)

--- a/zipl/src/bootmap.c
+++ b/zipl/src/bootmap.c
@@ -1133,6 +1133,12 @@ bootmap_create(struct job_data *job, dis
 			     disk_get_type_name(info->type));
 		goto out_disk_free_info;
 	}
+	/* Check if secure boot was enabled only for SCSI */
+	if (job->is_secure == SECURE_BOOT_ENABLED &&
+	    info->type != disk_type_scsi) {
+		error_reason("Secure boot forced for non-SCSI disk type");
+		goto out_disk_free_info;
+	}
 	if (verbose) {
 		printf("Target device information\n");
 		disk_print_info(info);
--- a/zipl/src/job.c
+++ b/zipl/src/job.c
@@ -72,6 +72,7 @@ struct command_line {
 	int add_files;
 	int dry_run;
 	int force;
+	int is_secure;
 	enum scan_section_type type;
 };
 
@@ -89,6 +90,22 @@ store_option(struct command_line* cmdlin
 	return 0;
 }
 
+static int
+set_secure_ipl(char *keyword, int *is_secure)
+{
+	if (strcmp(keyword, "auto") == 0) {
+		*is_secure = SECURE_BOOT_AUTO;
+	} else if (strcmp(keyword, "0") == 0) {
+		*is_secure = SECURE_BOOT_DISABLED;
+	} else if (strcmp(keyword, "1") == 0) {
+		*is_secure = SECURE_BOOT_ENABLED;
+	} else {
+		error_reason("Invalid secure boot setting '%s'",
+			     keyword);
+		return -1;
+	}
+	return 0;
+}
 
 static int
 get_command_line(int argc, char* argv[], struct command_line* line)
@@ -217,9 +234,7 @@ get_command_line(int argc, char* argv[],
 				cmdline.menu = optarg;
 			break;
 		case 'S':
-			is_keyword = 1;
-			rc = store_option(&cmdline, scan_keyword_secure,
-					  optarg);
+			rc = set_secure_ipl(optarg, &cmdline.is_secure);
 			break;
 		case 'h':
 			cmdline.help = 1;
@@ -1270,27 +1285,6 @@ type_from_target(char *target, disk_type
 }
 
 static int
-set_secure_ipl(char *keyword, struct job_data *job)
-{
-	if (strcmp(keyword, "auto") == 0) {
-		job->is_secure = SECURE_BOOT_AUTO;
-	} else if (strcmp(keyword, "0") == 0) {
-		job->is_secure = SECURE_BOOT_DISABLED;
-	} else if (strcmp(keyword, "1") == 0) {
-		if (job->target.targettype != disk_type_scsi) {
-			error_reason("Secure boot forced for non-SCSI disk type");
-			return -1;
-		}
-		job->is_secure = SECURE_BOOT_ENABLED;
-	} else {
-		error_reason("Invalid secure boot setting '%s'",
-			     keyword);
-		return -1;
-	}
-	return 0;
-}
-
-static int
 get_job_from_section_data(char* data[], struct job_data* job, char* section)
 {
 	int rc;
@@ -1374,7 +1368,7 @@ get_job_from_section_data(char* data[],
 		/* Fill in secure boot */
 		if (data[(int) scan_keyword_secure] != NULL) {
 			rc = set_secure_ipl(data[(int) scan_keyword_secure],
-					    job);
+					    &job->is_secure);
 			if (rc)
 				return rc;
 		}
@@ -1538,7 +1532,7 @@ get_menu_job(struct scan_token* scan, ch
 				case scan_keyword_secure:
 					rc = set_secure_ipl(
 						scan[i].content.keyword.value,
-						job);
+						&job->is_secure);
 					if (rc)
 						return rc;
 					break;
@@ -1880,7 +1874,6 @@ job_get(int argc, char* argv[], struct j
 	job->add_files = cmdline.add_files;
 	job->data.mvdump.force = cmdline.force;
 	job->dry_run = cmdline.dry_run;
-	job->is_secure = SECURE_BOOT_AUTO;
 	/* Get job data from user input */
 	if (cmdline.help) {
 		job->command_line = 1;
@@ -1899,6 +1892,11 @@ job_get(int argc, char* argv[], struct j
 		job_free(job);
 		return rc;
 	}
+	if (cmdline.is_secure)
+		job->is_secure = cmdline.is_secure;
+	else
+		job->is_secure = job->is_secure ? : SECURE_BOOT_AUTO;
+
 	/* Check job data for validity */
 	rc = check_job_data(job);
 	if (rc) {