forked from pool/s390-tools
132 lines
4.1 KiB
Diff
132 lines
4.1 KiB
Diff
|
Subject: zcrypt: CEX7S exploitation support
|
||
|
|
From: Harald Freudenberger <freude@linux.ibm.com>
|
||
|
|
|
||
|
|
Summary: s390-tools: CEX7S exploitation support
|
||
|
|
Description: CEX7S exploitation support to lszcrypt, chzcrypt
|
||
|
|
and zcryptstats.
|
||
|
|
Upstream-ID: 4fc0c3cfefb8fb23a83ef629ac3f4a967fc0e77f
|
||
|
|
Problem-ID: SEC1808
|
||
|
|
|
||
|
|
Upstream-Description:
|
||
|
|
|
||
|
|
zcrypt: CEX7S exploitation support
|
||
|
|
|
||
|
|
This patch adds CEX7S exploitation support to lszcrypt and chzcrypt.
|
||
|
|
|
||
|
|
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
|
||
|
|
Signed-off-by: Jan Hoeppner <hoeppner@linux.ibm.com>
|
||
|
|
|
||
|
|
|
||
|
|
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
|
||
|
|
---
|
||
|
|
zconf/zcrypt/chzcrypt.8 | 4 ++--
|
||
|
|
zconf/zcrypt/chzcrypt.c | 4 ++--
|
||
|
|
zconf/zcrypt/lszcrypt.8 | 8 ++++----
|
||
|
|
zconf/zcrypt/lszcrypt.c | 11 ++++++-----
|
||
|
|
4 files changed, 14 insertions(+), 13 deletions(-)
|
||
|
|
|
||
|
|
--- a/zconf/zcrypt/chzcrypt.8
|
||
|
|
+++ b/zconf/zcrypt/chzcrypt.8
|
||
|
|
@@ -1,8 +1,8 @@
|
||
|
|
-.\" Copyright 2017 IBM Corp.
|
||
|
|
+.\" Copyright 2019 IBM Corp.
|
||
|
|
.\" s390-tools is free software; you can redistribute it and/or modify
|
||
|
|
.\" it under the terms of the MIT license. See LICENSE for details.
|
||
|
|
.\"
|
||
|
|
-.TH CHZCRYPT 8 "OCT 2017" "s390-tools"
|
||
|
|
+.TH CHZCRYPT 8 "AUG 2019" "s390-tools"
|
||
|
|
.SH NAME
|
||
|
|
chzcrypt \- modify zcrypt configuration
|
||
|
|
.SH SYNOPSIS
|
||
|
|
--- a/zconf/zcrypt/chzcrypt.c
|
||
|
|
+++ b/zconf/zcrypt/chzcrypt.c
|
||
|
|
@@ -1,7 +1,7 @@
|
||
|
|
/*
|
||
|
|
* chzcrypt - Tool to modify zcrypt configuration
|
||
|
|
*
|
||
|
|
- * Copyright IBM Corp. 2008, 2017
|
||
|
|
+ * Copyright IBM Corp. 2008, 2019
|
||
|
|
*
|
||
|
|
* s390-tools is free software; you can redistribute it and/or modify
|
||
|
|
* it under the terms of the MIT license. See LICENSE for details.
|
||
|
|
@@ -47,7 +47,7 @@ const struct util_prg prg = {
|
||
|
|
{
|
||
|
|
.owner = "IBM Corp.",
|
||
|
|
.pub_first = 2008,
|
||
|
|
- .pub_last = 2017,
|
||
|
|
+ .pub_last = 2019,
|
||
|
|
},
|
||
|
|
UTIL_PRG_COPYRIGHT_END
|
||
|
|
}
|
||
|
|
--- a/zconf/zcrypt/lszcrypt.8
|
||
|
|
+++ b/zconf/zcrypt/lszcrypt.8
|
||
|
|
@@ -1,6 +1,6 @@
|
||
|
|
.\" lszcrypt.8
|
||
|
|
.\"
|
||
|
|
-.\" Copyright 2017 IBM Corp.
|
||
|
|
+.\" Copyright 2019 IBM Corp.
|
||
|
|
.\" s390-tools is free software; you can redistribute it and/or modify
|
||
|
|
.\" it under the terms of the MIT license. See LICENSE for details.
|
||
|
|
.\"
|
||
|
|
@@ -10,7 +10,7 @@
|
||
|
|
.\" nroff -man lszcrypt.8
|
||
|
|
.\" to process this source
|
||
|
|
.\"
|
||
|
|
-.TH LSZCRYPT 8 "JAN 2019" "s390-tools"
|
||
|
|
+.TH LSZCRYPT 8 "AUG 2019" "s390-tools"
|
||
|
|
.SH NAME
|
||
|
|
lszcrypt \- display zcrypt device and configuration information
|
||
|
|
.SH SYNOPSIS
|
||
|
|
@@ -118,7 +118,7 @@ explanation:
|
||
|
|
.B TYPE and HWTYPE
|
||
|
|
The HWTYPE is a numeric value showing which type of hardware the zcrypt
|
||
|
|
device driver presumes that this crypto card is. The currently known values
|
||
|
|
-are 7=CEX3C, 8=CEX3A, 10=CEX4, 11=CEX5 and 12=CEX6.
|
||
|
|
+are 7=CEX3C, 8=CEX3A, 10=CEX4, 11=CEX5, 12=CEX6 and 13=CEX7.
|
||
|
|
.br
|
||
|
|
The TYPE is a human readable value showing the hardware type and the basic
|
||
|
|
function type (A=Accelerator, C=CCA Coprocessor, P=EP11 Coprocessor). So
|
||
|
|
@@ -167,7 +167,7 @@ operations within the guests.
|
||
|
|
.B DRIVER
|
||
|
|
.br
|
||
|
|
Shows which card or queue device driver currently handles this crypto
|
||
|
|
-resource. Currently known drivers are cex4card/cex4queue (CEX4-CEX6
|
||
|
|
+resource. Currently known drivers are cex4card/cex4queue (CEX4-CEX7
|
||
|
|
hardware), cex2card/cex2cqueue (CEX2C and CEX3C hardware),
|
||
|
|
cex2acard/cex2aqueue (CEX2A and CEX3A hardware) and vfio_ap (queue reserved
|
||
|
|
for use by kvm hypervisor for kvm guests and not accessible to host
|
||
|
|
--- a/zconf/zcrypt/lszcrypt.c
|
||
|
|
+++ b/zconf/zcrypt/lszcrypt.c
|
||
|
|
@@ -1,7 +1,7 @@
|
||
|
|
/**
|
||
|
|
* lszcrypt - Display zcrypt devices and configuration settings
|
||
|
|
*
|
||
|
|
- * Copyright IBM Corp. 2008, 2018
|
||
|
|
+ * Copyright IBM Corp. 2008, 2019
|
||
|
|
*
|
||
|
|
* s390-tools is free software; you can redistribute it and/or modify
|
||
|
|
* it under the terms of the MIT license. See LICENSE for details.
|
||
|
|
@@ -86,7 +86,7 @@ const struct util_prg prg = {
|
||
|
|
{
|
||
|
|
.owner = "IBM Corp.",
|
||
|
|
.pub_first = 2008,
|
||
|
|
- .pub_last = 2018,
|
||
|
|
+ .pub_last = 2019,
|
||
|
|
},
|
||
|
|
UTIL_PRG_COPYRIGHT_END
|
||
|
|
}
|
||
|
|
@@ -302,9 +302,10 @@ static void show_capability(const char *
|
||
|
|
printf("%s\n", CAP_CCA);
|
||
|
|
printf("%s", CAP_RNG);
|
||
|
|
break;
|
||
|
|
- case 10:
|
||
|
|
- case 11:
|
||
|
|
- case 12:
|
||
|
|
+ case 10: /* CEX4S */
|
||
|
|
+ case 11: /* CEX5S */
|
||
|
|
+ case 12: /* CEX6S */
|
||
|
|
+ case 13: /* CEX7S */
|
||
|
|
if (func_val & MASK_ACCEL) {
|
||
|
|
if (func_val & MASK_RSA4K)
|
||
|
|
printf("%s", CAP_RSA4K);
|