diff --git a/s390-tools-1.19.0-fedora.patch b/s390-tools-1.19.0-fedora.patch index 2d987b0..bf37242 100644 --- a/s390-tools-1.19.0-fedora.patch +++ b/s390-tools-1.19.0-fedora.patch @@ -1,7 +1,7 @@ From 911c72bbf7ae362111593e82c4dfe730a44a1e8f Mon Sep 17 00:00:00 2001 From: Dan Horak Date: Sun, 20 Jul 2008 09:24:05 +0200 -Subject: [PATCH 1/4] s390-tools-1.5.3-zipl-zfcpdump-2 +Subject: [PATCH 1/5] s390-tools-1.5.3-zipl-zfcpdump-2 --- common.mak | 4 ++-- @@ -29,7 +29,7 @@ index 5321ccb..541a232 100644 From d8a4a2d505564e597cefab16871c35cfb6f06854 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= Date: Thu, 23 Apr 2009 11:46:01 +0200 -Subject: [PATCH 2/4] s390-tools-1.8.1-fdasd-su +Subject: [PATCH 2/5] s390-tools-1.8.1-fdasd-su --- fdasd/fdasd.c | 10 ++++++---- @@ -63,7 +63,7 @@ index 842e72a..3ab81c0 100644 From 39ac18ef1622f4ae1254983530e120a7d036aff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= Date: Fri, 19 Jun 2009 10:01:30 +0200 -Subject: [PATCH 3/4] s390-tools-1.8.1-zipl-kdump-man +Subject: [PATCH 3/5] s390-tools-1.8.1-zipl-kdump-man Description: Add kdump kernel installation instruction to zipl man page. Symptom: User wants to prepare SCSI disk for dump, but has not installed @@ -95,7 +95,7 @@ index 01d18c5..e699b59 100644 From 0dc93d3f17430677e1e218124bef32730d4f35ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= Date: Tue, 21 Aug 2012 09:58:21 +0200 -Subject: [PATCH 4/4] Support for new storage device on System z (rhbz#847086) +Subject: [PATCH 4/5] Support for new storage device on System z (rhbz#847086) Allow Linux to access a new storage device as a block device using a new interface. That includes the adaption of common IO functions to allow to attach, configure @@ -404,3 +404,391 @@ index 0000000..25a8a2a -- 1.7.7.6 + +From 93b91117cbe2c0d036bf10a8cc139bee2ba94caf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Dan=20Hor=C3=A1k?= +Date: Mon, 27 Aug 2012 16:34:25 +0200 +Subject: [PATCH 5/5] lszcrypt/chzcrypt: Add support for CEX4 crypto card + (rhbz#847092) + +--- + zconf/chzcrypt | 3 + + zconf/lszcrypt | 131 ++++++++++++++++++++++++++++++++++++++++++++++-------- + zconf/lszcrypt.8 | 89 ++++++++++++++++++++++++++++--------- + 3 files changed, 183 insertions(+), 40 deletions(-) + +diff --git a/zconf/chzcrypt b/zconf/chzcrypt +index e222d43..1a9f574 100755 +--- a/zconf/chzcrypt ++++ b/zconf/chzcrypt +@@ -246,6 +246,9 @@ for DEV in $DEV_LIST ; do + echo "$CMD: error - cryptographic adapter $CARD does not exist!" >&2 + exit 1 + fi ++ if [ ! -w $DEV/online ] ; then ++ continue ++ fi + verbose "Setting cryptographic adapter $CARD $ONLINE_TEXT." + echo $ONLINE > "$DEV/online" 2> /dev/null + if [ "$( cat $DEV/online )" != "$ONLINE" ] ; then +diff --git a/zconf/lszcrypt b/zconf/lszcrypt +index a0c9473..2a371d4 100755 +--- a/zconf/lszcrypt ++++ b/zconf/lszcrypt +@@ -1,6 +1,6 @@ + #!/bin/bash + #============================================================================== +-# Copyright IBM Corp. 2008. ++# Copyright IBM Corp. 2012. + # + # lszcrypt + # +@@ -8,6 +8,7 @@ + # + # Author(s): Ralph Wuerthner + # Felix Beck ++# Holger Dengler + # + # This file is part of s390-tools + # +@@ -28,17 +29,29 @@ + + CMD="$( basename $0 )" + ++CAP_RSA2K="RSA 2K Clear Key" ++CAP_RSA4K="RSA 4K Clear Key" ++CAP_CCA="CCA Secure Key" ++CAP_RNG="Long RNG" ++ ++let MASK_RSA4K=0x60000000 ++let MASK_COPRO=0x10000000 ++let MASK_ACCEL=0x08000000 ++ + function print_usage() { + cat <<-EOF + Usage: $CMD [] [] ++ $CMD -c|--capability + Display zcrypt device and configuration information. + + + -b|--bus + Show AP bus attributes and exit. ++ -c|--capability ++ Shows the capabilities of a cryptographic adapter. + -V|--verbose + Increase verbose level for cryptographic adapter information. Maximum +- verbose level is two. ++ verbose level is three. + -v|--version + Show version information and exit. + -h|--help +@@ -46,14 +59,14 @@ function print_usage() { + + + List of cryptographic adapter ids separated by blanks which will be displayed. +- If not ids are given all available adapters are displayed. ++ If no ids are given all available adapters are displayed. + EOF + } + + function print_version() { + cat <<-EOF + $CMD: version %S390_TOOLS_VERSION% +- Copyright IBM Corp. 2007 ++ Copyright IBM Corp. 2012 + EOF + } + +@@ -89,6 +102,65 @@ show_bus() { + fi + } + ++show_capability() { ++ CARD="$( printf "card%02x" "$1" 2> /dev/null )" ++ DEV=$SYSFS/devices/ap/$CARD ++ if [ ! -d $DEV ] ; then ++ echo "$CMD: error - cryptographic adapter $CARD does not exist!" >&2 ++ exit 1 ++ fi ++ HWTYPE="$( cat $DEV/hwtype 2> /dev/null )" ++ FUNCS="$( cat $DEV/ap_functions 2> /dev/null )" ++ # If sysfs attribute is missing, set functions to 0 ++ if [ "x"$FUNCS == "x" ] ; then ++ FUNCS="0x00000000" ++ fi ++ # skip devices, which are not supported by zcrypt layer ++ if [ ! -r $DEV/type -a ! -r $DEV/online ] ; then ++ CAPS="Detailed capability information for $CARD" ++ CAPS+=" (hardware type $HWTYPE) is not available." ++ echo -e $CAPS ++ return; ++ fi ++ let FUNC_VAL=$FUNCS ++ CAPS="$CARD provides capability for:\n" ++ case $HWTYPE in ++ 6|8) ++ if (( FUNC_VAL&$MASK_RSA4K )) ; then ++ CAPS+="$CAP_RSA4K" ++ else ++ CAPS+="$CAP_RSA2K" ++ fi ++ ;; ++ 7|9) ++ CAPS+="$CAP_RSA4K\n" ++ CAPS+="$CAP_CCA\n" ++ CAPS+="$CAP_RNG" ++ ;; ++ 10) ++ if (( FUNC_VAL&$MASK_ACCEL )) ; then ++ if (( FUNC_VAL&$MASK_RSA4K )) ; then ++ CAPS+="$CAP_RSA4K" ++ else ++ CAPS+="$CAP_RSA2K" ++ fi ++ elif (( FUNC_VAL&$MASK_COPRO )) ; then ++ CAPS+="$CAP_RSA4K\n" ++ CAPS+="$CAP_CCA\n" ++ CAPS+="$CAP_RNG" ++ else ++ CAPS="Detailed capability information for $CARD" ++ CAPS+=" (hardware type $HWTYPE) is not available." ++ fi ++ ;; ++ *) ++ CAPS="Detailed capability information for $CARD" ++ CAPS+=" (hardware type $HWTYPE) is not available." ++ ;; ++ esac ++ echo -e $CAPS ++} ++ + show_device() { + CARD="$1" + DEV="$SYSFS/bus/ap/devices/$CARD" +@@ -96,37 +168,48 @@ show_device() { + echo "$CMD: error - cryptographic adapter $CARD does not exist!" >&2 + exit 1 + fi +- if [ -r $DEV/type ] ; then +- TYPE="$( cat $DEV/type 2> /dev/null )" +- else +- TYPE=unknown ++ if [ ! -r $DEV/type -a ! -r $DEV/online ] ; then ++ # skip devices, which are not supported by zcrypt layer ++ return; + fi +- if [ -r $DEV/online ] ; then +- if [ "$( cat $DEV/online 2> /dev/null )" -eq 0 ] ; then +- ONLINE=offline +- else +- ONLINE=online +- fi ++ TYPE="$( cat $DEV/type 2> /dev/null )" ++ if [ "$( cat $DEV/online 2> /dev/null )" -eq 0 ] ; then ++ ONLINE=offline + else +- ONLINE=unknown ++ ONLINE=online + fi + case $VERBOSE in + 0) echo "$CARD: $TYPE" + ;; + 1) printf "%s: %-11s %-7s\n" $CARD $TYPE $ONLINE + ;; +- *) ++ 2) + HWTYPE="$( cat $DEV/hwtype 2> /dev/null )" + DEPTH="$( cat $DEV/depth 2> /dev/null )" + REQ_CNT="$( cat $DEV/request_count 2> /dev/null )" + printf "%s: %-11s %-7s hwtype=%-2d depth=%d request_count=%-10d\n" \ + $CARD $TYPE $ONLINE $HWTYPE $DEPTH $REQ_CNT ++ ;; ++ *) ++ HWTYPE="$( cat $DEV/hwtype 2> /dev/null )" ++ DEPTH="$( cat $DEV/depth 2> /dev/null )" ++ REQ_CNT="$( cat $DEV/request_count 2> /dev/null )" ++ REQQ_CNT="$( cat $DEV/requestq_count 2> /dev/null )" ++ PENQ_CNT="$( cat $DEV/pendingq_count 2> /dev/null )" ++ FUNCS="$( cat $DEV/ap_functions 2> /dev/null )" ++ FMT="%s: %-11s %-7s hwtype=%-2d depth=%d" ++ FMT+=" request_count=%d pendingq_count=%d requestq_count=%d" ++ FMT+=" functions=%-10s\n" ++ printf "$FMT" \ ++ $CARD $TYPE $ONLINE $HWTYPE $DEPTH \ ++ $REQ_CNT $PENQ_CNT $REQQ_CNT \ ++ $FUNCS + esac + } + + # Parse command line +-TEMP=`getopt -o bhvV \ +- --long bus,help,version,verbose \ ++TEMP=`getopt -o bchvV \ ++ --long bus,capability,help,version,verbose \ + -n "$CMD" -- "$@"` + if [ $? != 0 ] ; then + exit 1 +@@ -139,6 +222,8 @@ while true ; do + case "$1" in + -b|--bus) SHOW_BUS=1 + shift;; ++ -c|--capability) SHOW_CAPABILITY=1 ++ shift;; + -h|--help) print_usage + exit 0;; + -v|--version) print_version +@@ -168,7 +253,15 @@ fi + if [ -n "$SHOW_BUS" ] ; then + show_bus + exit 0 +-fi ++fi ++ ++if [ -n "$SHOW_CAPABILITY" ] ; then ++ if [ $# -ne 1 ] ; then ++ invalid_cmdline "capability option requires a single cryptographic device id" ++ fi ++ show_capability $@ ++ exit 0 ++fi + + if [ $# -eq 0 ] ; then + DEVLIST="$( find $SYSFS/bus/ap/devices -name 'card*' -printf '%f\n' | sort )" +diff --git a/zconf/lszcrypt.8 b/zconf/lszcrypt.8 +index 01d4fa7..e8ca6ce 100644 +--- a/zconf/lszcrypt.8 ++++ b/zconf/lszcrypt.8 +@@ -4,11 +4,15 @@ lszcrypt \- display zcrypt device and configuration information + .SH SYNOPSIS + .TP 9 + .B lszcrypt +-.RB "[ " -V " | " -VV " ] " ++.RB "[ " -V " | " -VV " | " -VVV " ] " + [ + .I + [...]] + .TP ++.B lszcrypt ++.B -c ++ ++.TP + .B lszcrypt -b + .TP + .B lszcrypt -h +@@ -18,50 +22,93 @@ lszcrypt \- display zcrypt device and configuration information + The + .B lszcrypt + command is used to display information about cryptographic adapters managed by +-zcrypt and zcrypt's AP bus attributes. Displayed information depends on the ++zcrypt and the AP bus attributes of zcrypt. Displayed information depends on the + kernel version. + .B lszcrypt +-requires that the sysfs filesystem is mounted. ++requires that sysfs is mounted. + .P +-The following information can be displayed for each cryptographic adapter: card +-type, online status, hardware card type, hardware queue depth, and request +-count. The following AP bus attributes can be displayed: AP domain, +-configuration timer, poll thread status, poll timeout, and AP interrupt status. ++The following information can be displayed for each cryptographic ++adapter: card type (symbolic), online status, hardware card ++type (numeric), installed function facilities, card capability, hardware ++queue depth, request count, number of requests in hardware queue, and ++the number of outstanding requests. ++The following AP bus attributes can be displayed: AP domain, ++configuration timer, poll thread status, poll timeout, and AP interrupt ++status. + .SH OPTIONS + .TP 8 + .B -V, --verbose +-Increase verbose level for cryptographic adapter information. Maximum verbose +-level is two. At verbose level one card type and online status are displayed. +-At verbose level two card type, online status, hardware card type, hardware +-queue depth, and request count are displayed. ++Increases the verbose level for cryptographic adapter information. ++The maximum verbose level is three. At verbose level one card type ++and online status are displayed. At verbose level two card type, ++online status, hardware card type, hardware queue depth, and ++request count are displayed. At verbose level three card type, ++online status, hardware card type, hardware queue depth, ++request count, pending request queue count, outstanding ++request queue count, and installed function facilities are displayed. + .TP 8 + .B +-Specifies a cryptographic adapter which will be displayed. A cryptographic ++Specifies a cryptographic adapter to display. A cryptographic + adapter can be specified either in decimal or hexadecimal notation using + a '0x' prefix. If no adapters are specified information about all available +-adapters will be displayed. ++adapters is displayed. + .TP 8 + .B -b, --bus +-Show AP bus attributes and exit. ++Displays the AP bus attributes and exits. ++.TP 8 ++.B -c, --capability ++Shows the capabilities of a cryptographic adapter of hardware type 6 or ++higher. The capabilities of a cryptographic adapter depend on the card ++type and the installed function facilities. A cryptographic adapter can ++provide one or more of the following capabilities: ++.RS ++.IP "o" 3 ++RSA 2K Clear Key ++.IP "o" ++RSA 4K Clear Key ++.IP "o" ++CCA Secure Key ++.IP "o" ++Long RNG ++.RE + .TP 8 + .B -h, --help +-Print help text and exit. ++Displays help text and exits. + .TP 8 + .B -v, --version +-Print version information and exit. ++Displays version information and exits. + .SH EXAMPLES + .TP + .B lszcrypt -V +-Will display card type and online status of all available cryptographic ++Displays card type and online status of all available cryptographic + adapters. + .TP + .B lszcrypt -VV 0 1 10 12 +-Will display card type, online status, hardware card type, hardware queue +-depth, and request count for cryptographic adapters in decimal notation 0, 1, +-10, and 12. ++Displays the card type in hexadecimal notation, online status, ++hardware card type, hardware queue depth, and request count for ++cryptographic adapters 0, 1, 10, and 12 in decimal notation. ++.TP ++.B lszcrypt -VVV 3 7 11 ++Displays the card ID and the installed function facility in ++hexadecimal notation, as well as card type, online status, hardware ++card type, hardware queue depth, request count, pending request ++queue count, and outstanding request queue count for cryptographic ++adapters 3, 7, and 11 in decimal notation. + .TP + .B lszcrypt -b +-Will display AP bus information. ++Displays AP bus information. ++.TP ++.B lszcrypt -c 7 ++.RS ++.br ++Coprocessor card07 provides capability for: ++.br ++CCA Secure Key ++.br ++RSA 4K Clear Key ++.br ++Long RNG ++.RE + .SH SEE ALSO + \fBchzcrypt\fR(8) + .SH AUTHOR +-- +1.7.7.6 + diff --git a/s390utils.spec b/s390utils.spec index 4b205fd..77bd351 100644 --- a/s390utils.spec +++ b/s390utils.spec @@ -8,7 +8,7 @@ Name: s390utils Summary: Utilities and daemons for IBM System/z Group: System Environment/Base Version: 1.19.0 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 2 License: GPLv2 and GPLv2+ and CPL ExclusiveArch: s390 s390x @@ -857,6 +857,9 @@ User-space development files for the s390/s390x architecture. %changelog +* Mon Aug 27 2012 Dan Horák 2:1.19.0-2 +- add support fro CEX4 devices to chzcrypt/lszcrypt (#847092) + * Mon Aug 27 2012 Dan Horák 2:1.19.0-1 - updated to 1.19.0 (#804774) - fixed syntax in s390.sh script (#851096)