1. Patchew
  2. QEMU
  3. [PATCH v6 00/28] Secure IPL Support for SCSI Scheme of virtio-blk/virtio-scsi Devices
  4. View patch

[PATCH v6 20/28] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF)

Zhuoying Cai posted 28 patches 4 months, 3 weeks ago
Maintainers: "Daniel P. Berrangé" <berrange@redhat.com>, Thomas Huth <thuth@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, David Hildenbrand <david@redhat.com>, Ilya Leoshkevich <iii@linux.ibm.com>, Halil Pasic <pasic@linux.ibm.com>, Christian Borntraeger <borntraeger@linux.ibm.com>, Eric Farman <farman@linux.ibm.com>, Matthew Rosato <mjrosato@linux.ibm.com>, Jared Rossi <jrossi@linux.ibm.com>, Zhuoying Cai <zycai@linux.ibm.com>, Jason Herne <jjherne@linux.ibm.com>, Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>
There is a newer version of this series
[PATCH v6 20/28] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF)
Posted by Zhuoying Cai 4 months, 3 weeks ago 
The secure-IPL-code-loading-attributes facility (SCLAF)
provides additional security during secure IPL.

Availability of SCLAF is determined by byte 136 bit 3 of the
SCLP Read Info block.

This feature is available starting with the gen16 CPU model.

Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
Reviewed-by: Collin Walling <walling@linux.ibm.com>
---
 docs/specs/s390x-secure-ipl.rst     | 25 +++++++++++++++++++++++++
 target/s390x/cpu_features.c         |  2 ++
 target/s390x/cpu_features_def.h.inc |  1 +
 target/s390x/cpu_models.c           |  3 +++
 target/s390x/gen-features.c         |  2 ++
 target/s390x/kvm/kvm.c              |  1 +
 6 files changed, 34 insertions(+)

diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst
index 760a066084..a19b976e25 100644
--- a/docs/specs/s390x-secure-ipl.rst
+++ b/docs/specs/s390x-secure-ipl.rst
@@ -85,3 +85,28 @@ operations such as:
 * certificate data
 
 The guest kernel will inspect the IIRB and build the keyring.
+
+
+Secure Code Loading Attributes Facility
+---------------------------------
+
+The Secure Code Loading Attributes Facility (SCLAF) enhances system security during the
+IPL by enforcing additional verification rules.
+
+When SCLAF is available, its behavior depends on the IPL mode. It introduces verification
+of both signed and unsigned components to help ensure that only authorized code is loaded
+during the IPL process. Any errors detected by SCLAF are reported in the IIRB.
+
+Unsigned components are restricted to load addresses at or above absolute storage address
+``0x2000``.
+
+Signed components must include a Secure Code Loading Attribute Block (SCLAB), which is
+appended at the very end of the component. The SCLAB defines security attributes for
+handling the signed code. Specifically, it may:
+
+* Provide direction on how to process the rest of the component.
+
+* Provide further validation of information on where to load the signed binary code
+  from the load device.
+
+* Specify where to start the execution of the loaded OS code.
diff --git a/target/s390x/cpu_features.c b/target/s390x/cpu_features.c
index 200bd8c15b..29ea3bfec2 100644
--- a/target/s390x/cpu_features.c
+++ b/target/s390x/cpu_features.c
@@ -120,6 +120,7 @@ void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
      * - All SIE facilities because SIE is not available
      * - DIAG318
      * - Secure IPL Facility
+     * - Secure IPL Code Loading Attributes Facility
      *
      * As VMs can move in and out of protected mode the CPU model
      * doesn't protect us from that problem because it is only
@@ -152,6 +153,7 @@ void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
         break;
     case S390_FEAT_TYPE_SCLP_FAC_IPL:
         clear_be_bit(s390_feat_def(S390_FEAT_SIPL)->bit, data);
+        clear_be_bit(s390_feat_def(S390_FEAT_SCLAF)->bit, data);
         break;
     default:
         return;
diff --git a/target/s390x/cpu_features_def.h.inc b/target/s390x/cpu_features_def.h.inc
index 55eef618b8..ecfca0faef 100644
--- a/target/s390x/cpu_features_def.h.inc
+++ b/target/s390x/cpu_features_def.h.inc
@@ -142,6 +142,7 @@ DEF_FEAT(CERT_STORE, "cstore", SCLP_FAC134, 5, "Provide Certificate Store functi
 
 /* Features exposed via SCLP SCCB Facilities byte 136 - 137 (bit numbers relative to byte-136) */
 DEF_FEAT(SIPL, "sipl", SCLP_FAC_IPL, 1, "Secure-IPL facility")
+DEF_FEAT(SCLAF, "sclaf", SCLP_FAC_IPL, 3, "Secure-IPL-code-loading-attributes facility")
 
 /* Features exposed via SCLP CPU info. */
 DEF_FEAT(SIE_F2, "sief2", SCLP_CPU, 4, "SIE: interception format 2 (Virtual SIE)")
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
index f99536ef9a..7d214b5f72 100644
--- a/target/s390x/cpu_models.c
+++ b/target/s390x/cpu_models.c
@@ -264,6 +264,7 @@ bool s390_has_feat(S390Feat feat)
         case S390_FEAT_SIE_PFMFI:
         case S390_FEAT_SIE_IBS:
         case S390_FEAT_SIPL:
+        case S390_FEAT_SCLAF:
         case S390_FEAT_CONFIGURATION_TOPOLOGY:
             return false;
             break;
@@ -509,6 +510,8 @@ static void check_consistency(const S390CPUModel *model)
         { S390_FEAT_DIAG_318, S390_FEAT_EXTENDED_LENGTH_SCCB },
         { S390_FEAT_CERT_STORE, S390_FEAT_EXTENDED_LENGTH_SCCB },
         { S390_FEAT_SIPL, S390_FEAT_EXTENDED_LENGTH_SCCB },
+        { S390_FEAT_SCLAF, S390_FEAT_EXTENDED_LENGTH_SCCB },
+        { S390_FEAT_SCLAF, S390_FEAT_SIPL },
         { S390_FEAT_NNPA, S390_FEAT_VECTOR },
         { S390_FEAT_RDP, S390_FEAT_LOCAL_TLB_CLEARING },
         { S390_FEAT_UV_FEAT_AP, S390_FEAT_AP },
diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
index bd2060ab93..c3e0c6ceff 100644
--- a/target/s390x/gen-features.c
+++ b/target/s390x/gen-features.c
@@ -722,6 +722,7 @@ static uint16_t full_GEN16_GA1[] = {
     S390_FEAT_UV_FEAT_AP_INTR,
     S390_FEAT_CERT_STORE,
     S390_FEAT_SIPL,
+    S390_FEAT_SCLAF,
 };
 
 static uint16_t full_GEN17_GA1[] = {
@@ -924,6 +925,7 @@ static uint16_t qemu_MAX[] = {
     S390_FEAT_EXTENDED_LENGTH_SCCB,
     S390_FEAT_CERT_STORE,
     S390_FEAT_SIPL,
+    S390_FEAT_SCLAF,
 };
 
 /****** END FEATURE DEFS ******/
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index 31bd574dec..2ed11fab52 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -2522,6 +2522,7 @@ bool kvm_s390_get_host_cpu_model(S390CPUModel *model, Error **errp)
 
     /* Some Secure IPL facilities are emulated by QEMU */
     set_bit(S390_FEAT_SIPL, model->features);
+    set_bit(S390_FEAT_SCLAF, model->features);
 
     /* Test for Ultravisor features that influence secure guest behavior */
     query_uv_feat_guest(model->features);
-- 
2.50.1
Re: [PATCH v6 20/28] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF)
Posted by Thomas Huth 4 months, 1 week ago 
On 18/09/2025 01.21, Zhuoying Cai wrote:
> The secure-IPL-code-loading-attributes facility (SCLAF)
> provides additional security during secure IPL.
> 
> Availability of SCLAF is determined by byte 136 bit 3 of the
> SCLP Read Info block.
> 
> This feature is available starting with the gen16 CPU model.
> 
> Signed-off-by: Zhuoying Cai <zycai@linux.ibm.com>
> Reviewed-by: Collin Walling <walling@linux.ibm.com>
> ---
>   docs/specs/s390x-secure-ipl.rst     | 25 +++++++++++++++++++++++++
>   target/s390x/cpu_features.c         |  2 ++
>   target/s390x/cpu_features_def.h.inc |  1 +
>   target/s390x/cpu_models.c           |  3 +++
>   target/s390x/gen-features.c         |  2 ++
>   target/s390x/kvm/kvm.c              |  1 +
>   6 files changed, 34 insertions(+)
> 
> diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst
> index 760a066084..a19b976e25 100644
> --- a/docs/specs/s390x-secure-ipl.rst
> +++ b/docs/specs/s390x-secure-ipl.rst
> @@ -85,3 +85,28 @@ operations such as:
>   * certificate data
>   
>   The guest kernel will inspect the IIRB and build the keyring.
> +
> +
> +Secure Code Loading Attributes Facility
> +---------------------------------
> +
> +The Secure Code Loading Attributes Facility (SCLAF) enhances system security during the
> +IPL by enforcing additional verification rules.

Please wrap your text so that it fits into 80 columns.
(Not sure why checkpatch.pl is not warning here...?)

> +When SCLAF is available, its behavior depends on the IPL mode. It introduces verification
> +of both signed and unsigned components to help ensure that only authorized code is loaded
> +during the IPL process. Any errors detected by SCLAF are reported in the IIRB.
>
> +Unsigned components are restricted to load addresses at or above absolute storage address
> +``0x2000``.
> +
> +Signed components must include a Secure Code Loading Attribute Block (SCLAB), which is
> +appended at the very end of the component. The SCLAB defines security attributes for
> +handling the signed code. Specifically, it may:
> +
> +* Provide direction on how to process the rest of the component.
> +
> +* Provide further validation of information on where to load the signed binary code
> +  from the load device.
> +
> +* Specify where to start the execution of the loaded OS code.

Do you maybe want to mention any tool from s390-tools that helps with this 
task (assuming that there is one)? (or should that rather not be part of the 
specs here?)

...
> diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
> index bd2060ab93..c3e0c6ceff 100644
> --- a/target/s390x/gen-features.c
> +++ b/target/s390x/gen-features.c
> @@ -722,6 +722,7 @@ static uint16_t full_GEN16_GA1[] = {
>       S390_FEAT_UV_FEAT_AP_INTR,
>       S390_FEAT_CERT_STORE,
>       S390_FEAT_SIPL,
> +    S390_FEAT_SCLAF,
>   };
 >
>   static uint16_t full_GEN17_GA1[] = {
> @@ -924,6 +925,7 @@ static uint16_t qemu_MAX[] = {
>       S390_FEAT_EXTENDED_LENGTH_SCCB,
>       S390_FEAT_CERT_STORE,
>       S390_FEAT_SIPL,
> +    S390_FEAT_SCLAF,
>   };

In the cover letter you wrote "All actions must be performed on a KVM guest" 
... so does this feature depend on KVM or not? If you cannot use the feature 
with TCG, I think you should not add this to the "qemu_MAX" CPU model?

  Thomas
Re: [PATCH v6 20/28] s390x: Guest support for Secure-IPL Code Loading Attributes Facility (SCLAF)
Posted by Thomas Huth 4 months, 1 week ago 
On 29/09/2025 14.25, Thomas Huth wrote:
> On 18/09/2025 01.21, Zhuoying Cai wrote:
> ...
>> diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
>> index bd2060ab93..c3e0c6ceff 100644
>> --- a/target/s390x/gen-features.c
>> +++ b/target/s390x/gen-features.c
>> @@ -722,6 +722,7 @@ static uint16_t full_GEN16_GA1[] = {
>>       S390_FEAT_UV_FEAT_AP_INTR,
>>       S390_FEAT_CERT_STORE,
>>       S390_FEAT_SIPL,
>> +    S390_FEAT_SCLAF,
>>   };
>  >
>>   static uint16_t full_GEN17_GA1[] = {
>> @@ -924,6 +925,7 @@ static uint16_t qemu_MAX[] = {
>>       S390_FEAT_EXTENDED_LENGTH_SCCB,
>>       S390_FEAT_CERT_STORE,
>>       S390_FEAT_SIPL,
>> +    S390_FEAT_SCLAF,
>>   };
> 
> In the cover letter you wrote "All actions must be performed on a KVM 
> guest" ... so does this feature depend on KVM or not? If you cannot use the 
> feature with TCG, I think you should not add this to the "qemu_MAX" CPU model?

Ok, after reading through a bunch of patches now, it seems like this feature 
also works with TCG, right? So the modification to qemu_MAX should stay, 
never mind me previous comment here, I was just confused by the term "KVM 
guest" in the cover letter.

  Thomas

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.