Ubuntu
linux package

[23.10 FEAT] KVM: Implement secrets insertion in the UV Device Driver

Bug #2003675 reported by bugproxy
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
High
Skipper Bug Screeners
linux (Ubuntu)
Fix Released
High
Skipper Bug Screeners

Bug Description

Feature Description:

Extend the Ultravisor Device to accept IBK insertion requests. This requires an extension to the IOCTL introduced for Secure Execution Attestation.

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-201349 severity-high targetmilestone-inin2304
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
Changed in linux (Ubuntu):
importance: Undecided → High
Changed in ubuntu-z-systems:
importance: Undecided → High
Changed in linux (Ubuntu):
status: New → Incomplete
Changed in ubuntu-z-systems:
status: New → Incomplete
bugproxy (bugproxy)
tags: added: targetmilestone-inin2310
removed: targetmilestone-inin2304
Frank Heimes (fheimes)
summary: - [23.04 FEAT] KVM: Implement secrets insertion in the UV Device Driver
+ [23.10 FEAT] KVM: Implement secrets insertion in the UV Device Driver
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2023-07-19 12:30 EDT-------
The required patches for this feature which are included in kernel v6.5 are the following:

db54dfc9f71c s390/uv: Update query for secret-UVCs
78d3326e725e s390/uv: replace scnprintf with sysfs_emit
2d8a26acaf88 s390/uvdevice: Add 'Lock Secret Store' UVC
b96b3ce27201 s390/uvdevice: Add 'List Secrets' UVC
44567ca21aaf s390/uvdevice: Add 'Add Secret' UVC
ea9d97163523 s390/uvdevice: Add info IOCTL

Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: Incomplete → New
Changed in linux (Ubuntu):
status: Incomplete → New
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: New → Confirmed
Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Frank Heimes (fheimes) wrote :

Since we already have kernel 6.5 in our master-next branch for mantic,
and the mentioned commits are all upstream with 6.5
I'm updating the status to Fix Committed.

Changed in linux (Ubuntu):
status: Confirmed → Fix Committed
Changed in ubuntu-z-systems:
status: Confirmed → Fix Committed
Revision history for this message
Frank Heimes (fheimes) wrote :

Updating to Fix Released, since we meanwhile have kernel 6.5 in mantic as default.

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released
information type: Private → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.