Add documentation for secure IPL Signed-off-by: Collin Walling <wall...@linux.ibm.com> --- docs/specs/s390x-secure-ipl.rst | 53 +++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+)
diff --git a/docs/specs/s390x-secure-ipl.rst b/docs/specs/s390x-secure-ipl.rst index 72ab901014..dab25cb8c1 100644 --- a/docs/specs/s390x-secure-ipl.rst +++ b/docs/specs/s390x-secure-ipl.rst @@ -1,5 +1,58 @@ .. SPDX-License-Identifier: GPL-2.0-or-later +s390 Secure IPL +=============== + +Secure IPL (a.k.a. secure boot) enables s390-ccw virtual machines to +leverage qcrypto libraries and z/Architecture emulations to verify the +integrity of signed kernels. The qcrypto libraries are used to perform +certificate validation and signature-verification, whereas the +z/Architecture emulations are used to ensure secure IPL data has not +been tampered with, convey data between QEMU and userspace, and set up +the relevant secure IPL data structures with verification results. + +To find out more about using this feature, see ``docs/system/s390x/secure-ipl.rst``. + +Note that "userspace" will refer to the s390-ccw BIOS unless stated +otherwise. + +Both QEMU and userspace work in tandem to perform secure IPL. The Secure +Loading Attributes Facility (SCLAF) is used to check the Secure Code +Loading Attribute Block (SCLAB) and ensure that secure IPL data has not +been tampered with. DIAGNOSE 'X'320' is invoked by userspace to query +the certificate store info and retrieve specific certificates from QEMU. +DIAGNOSE 'X'508' is used by userspace to leverage qcrypto libraries to +perform signature-verification in QEMU. Lastly, userspace generates and +appends an IPL Information Report Block (IIRB) at the end of the IPL +Parameter Block, which is used by the kernel to store signed and +verified entries. + +The logical steps are as follows: + +- Userspace reads data payload from disk (e.g. stage3 boot loader, kernel) +- Userspace checks the validity of the SCLAB +- Userspace invokes DIAG 508 subcode 1 and provides it the payload +- QEMU handles DIAG 508 request by reading the payload and retrieving the + certificate store +- QEMU DIAG 508 utilizes qcrypto libraries to perform signature-verification on + the payload, attempting with each cert in the store (until success or exhausted) +- QEMU DIAG 508 returns: + + - success: index of cert used to verify payload + - failure: error code + +- Userspace responds to this operation: + + - success: retrieves cert from store via DIAG 320 using returned index + - failure: reports with warning (audit mode), aborts with error (secure mode) + +- Userspace appends IIRB at the end of the IPLB +- Userspace kicks off IPL + +More information regarding the respective DIAGNOSE commands and IPL data +structures are outlined within this document. + + s390 Certificate Store and Functions ==================================== -- 2.50.1
