Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.6:Update
s390-tools.28248
s390-tools-sles15sp4-pvattest-Add-more-informat...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File s390-tools-sles15sp4-pvattest-Add-more-information-to-verbose-logging.patch of Package s390-tools.28248
Subject: [PATCH] [FEAT VS2038] pvattest: Add more information to verbose logging From: Steffen Eiden <seiden@linux.ibm.com> Summary: pvattest: Create, perform, and verify attestation measurements Description: pvattest is a tool to attest an IBM Secure Execution guest. In a trusted environment, one can create a request using `pvattest create`. To get a measurement of an untrusted IBM Secure Execution guest call 'pvattest perform'. Again in a trusted environment, call 'pvattest verify' to verify that the measurement is the expected one. The tool runs on s390 and x86. It has the same requirements like libpv and therefore requires openssl v1.1.1+, glib2.56+, and libcurl. Additionally, to measure, the linux kernel must provide the Ultravisor userspace interface `uvdevice` at /dev/uv and must be executed on an IBM Secure Execution guest on hardware with Ultravisor attestation support, like IBM z16 or later. Upstream-ID: a4e396fdd7bddb69570c5f7fea4e34ae7ac36294 Problem-ID: VS2038 Upstream-Description: pvattest: Add more information to verbose logging In verbose mode (-v) `pvattest verify´ now also prints "Attestation measurement verified", if the verification was successful and the Config UID of the SE-guest and any additional data if available. $ pvattest -V verify [...] Attestation measurement verified Config UID: 1a1a1a1a1a1a1a1a1a1a1a1a1a1a1a1a Additional Data: 1b1b1b1b1b1b1b1b1b1b1b1b1b1b1b1b 1b1b1b1b1b1b1b1b1b1b1b1b1b1b1b1b Signed-off-by: Steffen Eiden <seiden@linux.ibm.com> Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com> Signed-off-by: Jan Höppner <hoeppner@linux.ibm.com> Signed-off-by: Steffen Eiden <seiden@linux.ibm.com> --- pvattest/src/pvattest.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) --- a/pvattest/src/pvattest.c +++ b/pvattest/src/pvattest.c @@ -322,8 +322,17 @@ static int do_verify(pvattest_verify_con return PVATTEST_EXIT_MEASURE_NOT_VERIFIED; } - pvattest_log_debug(_("Measurement verified.")); + pvattest_log_info(_("Attestation measurement verified")); + pvattest_log_info(_("Config UID:")); + pvattest_log_bytes(g_bytes_get_data(config_uid, NULL), g_bytes_get_size(config_uid), 16L, + "", FALSE, PVATTEST_LOG_LVL_INFO); + if (additional_data) { + pvattest_log_info(_("\nAdditional Data:")); + pvattest_log_bytes(g_bytes_get_data(additional_data, NULL), + g_bytes_get_size(additional_data), 16L, "", FALSE, + PVATTEST_LOG_LVL_INFO); + } return EXIT_SUCCESS; err_exit:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor