File s390-tools-sles15sp4-pvattest-Improve-error-reporting.patch of Package s390-tools.29120
Subject: [PATCH] [FEAT VS2038] pvattest: Improve error reporting
From: Steffen Eiden <seiden@linux.ibm.com>
Summary: pvattest: Create, perform, and verify attestation measurements
Description: pvattest is a tool to attest an IBM Secure Execution guest.
In a trusted environment, one can create a request using
`pvattest create`. To get a measurement of an untrusted
IBM Secure Execution guest call 'pvattest perform'.
Again in a trusted environment, call 'pvattest verify'
to verify that the measurement is the expected one.
The tool runs on s390 and x86.
It has the same requirements like libpv and therefore
requires openssl v1.1.1+, glib2.56+, and libcurl.
Additionally, to measure, the linux kernel must provide
the Ultravisor userspace interface `uvdevice` at /dev/uv
and must be executed on an IBM Secure Execution guest on
hardware with Ultravisor attestation support,
like IBM z16 or later.
Upstream-ID: 148460c23536c7c06490088edda101013c6d55c5
Problem-ID: VS2038
Upstream-Description:
pvattest: Improve error reporting
Map the Ultravisor return code 0x2 to "Invalid UV command" string. This
results in better error messages.
Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Signed-off-by: Jan Hoeppner <hoeppner@linux.ibm.com>
Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
---
pvattest/src/uvio.c | 2 ++
1 file changed, 2 insertions(+)
--- a/pvattest/src/uvio.c
+++ b/pvattest/src/uvio.c
@@ -156,6 +156,8 @@ int uvio_open(const char *uv_path, GErro
const char *uvio_uv_rc_to_str(const int rc)
{
switch (rc) {
+ case 0x02:
+ return _("Invalid UV command");
case 0x106:
return _("Unsupported attestation request version");
case 0x108: