Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3413994rdh; Thu, 28 Sep 2023 10:50:45 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEzlLicsgvozWx/U96vBvDvlDS2FF6TNxqEASrEyqf57UdM5F6B5a98kLqbV30tJEmtMwAa X-Received: by 2002:a05:6870:20d:b0:1c8:c27f:7d9b with SMTP id j13-20020a056870020d00b001c8c27f7d9bmr2155449oad.27.1695923444691; Thu, 28 Sep 2023 10:50:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695923444; cv=none; d=google.com; s=arc-20160816; b=qHDYMMkJnMr/fVDPwtTq0pZXITlF3RADxZnA1KjQW50JISg1wAPUXu3zyjBWwB05xq 4H+f0y3ekWeOaCBuNslZpw6KOp/e3OFx9dD7Zb2RMRmHvmCloX8+DhyiO49AFj7w67bT xcjrmpwT5IKnAUJl4vO376xWzxiI1fX2AgwKOMsfgK6EhNPLpAOqGhIttFXOzaaEidBQ WTtC0xzqh9+M50JLY5Lj+knQUeDBB44JlH0+wKjEdowDnpuwxQRydze+e8Siep+FePKH 7UC8hWgnfFVO/pwO8e6cjUYVktO4N8LzIYGGPZ7Sc548DXqp6jWsag9XMxorMMwJyHX5 LdEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:date:from:message-id; bh=eDo7tzjGNzMBXWUE+SPy2+fMP66CR21rWhG9S+ohDBo=; fh=j94gzfSAT+8kF46ZvOkY3DNYs/HkghetT1vgREBUW1M=; b=C3XK0yDZwVIPPLgYrkMeHaOQCCJ8/WAq+E3N17F5oZCE1p5FRU1Zyf2zXs+gZEGGuy /gKSiwmlDe3QkLO7refiyUzTR+6xHS983F1kdC/bBI0PvWzxxqNcJKL7b0axwcTWJfs6 69qCn7yFyWwqLiHaC21Dm6Ir4BseFCcoObKRZ9axWOT2hAnzW+mBDZvRLNB9WzLDjBnD dO7DcMfNzz8qWgZu1hUkTTV4M+dxx6Z7a2Nd3BCM6S6rdtX7jVEAyabp3bJVmjk4ahWZ OU4rQgrR01aRO2wy6hEaZ3KvZvtyEHn+6Ue+xT507L8IyqEwPgWOPQmtgxMnMw3Im8Cu ZAGA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from pete.vger.email (pete.vger.email. [23.128.96.36]) by mx.google.com with ESMTPS id b26-20020a63931a000000b0057c3aaec1c8si7614430pge.52.2023.09.28.10.50.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 10:50:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) client-ip=23.128.96.36; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.36 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id A80E1809ACA6; Thu, 28 Sep 2023 10:42:00 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232007AbjI1Rlo (ORCPT + 99 others); Thu, 28 Sep 2023 13:41:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232148AbjI1Rla (ORCPT ); Thu, 28 Sep 2023 13:41:30 -0400 X-Greylist: delayed 525 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Thu, 28 Sep 2023 10:41:28 PDT Received: from mailout1.hostsharing.net (mailout1.hostsharing.net [IPv6:2a01:37:1000::53df:5fcc:0]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 860A11A4; Thu, 28 Sep 2023 10:41:28 -0700 (PDT) Received: from h08.hostsharing.net (h08.hostsharing.net [IPv6:2a01:37:1000::53df:5f1c:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by mailout1.hostsharing.net (Postfix) with ESMTPS id A5A2A101920C7; Thu, 28 Sep 2023 19:32:36 +0200 (CEST) Received: from localhost (unknown [89.246.108.87]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by h08.hostsharing.net (Postfix) with ESMTPSA id 8184760E0037; Thu, 28 Sep 2023 19:32:36 +0200 (CEST) X-Mailbox-Line: From 467bff0c4bab93067b1e353e5b8a92f1de353a3f Mon Sep 17 00:00:00 2001 Message-Id: From: Lukas Wunner Date: Thu, 28 Sep 2023 19:32:32 +0200 Subject: [PATCH 00/12] PCI device authentication To: Bjorn Helgaas , David Howells , David Woodhouse , Herbert Xu , "David S. Miller" , Alex Williamson , , , , , , Cc: Jonathan Cameron , , David Box , Dan Williams , Dave Jiang , "Li, Ming" , Zhi Wang , Alistair Francis , Wilfred Mallawa , Alexey Kardashevskiy , Tom Lendacky , Sean Christopherson , Alexander Graf X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Thu, 28 Sep 2023 10:42:01 -0700 (PDT) Authenticate PCI devices with CMA-SPDM (PCIe r6.1 sec 6.31) and expose the result in sysfs. This enables user-defined policies such as forbidding driver binding to devices which failed authentication. CMA-SPDM forms the basis for PCI encryption (PCIe r6.1 sec 6.33), which will be submitted later. The meat of the series is in patches [07/12] and [08/12], which contain the SPDM library and the CMA glue code (the PCI-adaption of SPDM). The reason why SPDM is done in-kernel is provided in patch [10/12]: Briefly, when devices are reauthenticated on resume from system sleep, user space is not yet available. Same when reauthenticating after recovery from reset. One use case for CMA-SPDM and PCI encryption is confidential access to passed-through devices: Neither the host nor other guests are able to eavesdrop on device accesses, in particular if guest memory is encrypted as well. Further use cases for the SPDM library are appearing on the horizon: Alistair Francis and Wilfred Mallawa from WDC are interested in using it for SCSI/SATA. David Box from Intel has implemented measurement retrieval over SPDM. The root of trust is initially an in-kernel key ring of certificates. We can discuss linking the system key ring into it, thereby allowing EFI to pass trusted certificates to the kernel for CMA. Alternatively, a bundle of trusted certificates could be loaded from the initrd. I envision that we'll add TPMs or remote attestation services such as https://keylime.dev/ to create an ecosystem of various trust sources. If you wish to play with PCI device authentication but lack capable hardware, Wilfred has written a guide how to test with qemu: https://github.com/twilfredo/spdm-emulation-guide-b Jonathan Cameron (2): spdm: Introduce library to authenticate devices PCI/CMA: Authenticate devices on enumeration Lukas Wunner (10): X.509: Make certificate parser public X.509: Parse Subject Alternative Name in certificates X.509: Move certificate length retrieval into new helper certs: Create blacklist keyring earlier crypto: akcipher - Support more than one signature encoding crypto: ecdsa - Support P1363 signature encoding PCI/CMA: Validate Subject Alternative Name in certificates PCI/CMA: Reauthenticate devices on reset and resume PCI/CMA: Expose in sysfs whether devices are authenticated PCI/CMA: Grant guests exclusive control of authentication Documentation/ABI/testing/sysfs-bus-pci | 27 + MAINTAINERS | 10 + certs/blacklist.c | 4 +- crypto/akcipher.c | 2 +- crypto/asymmetric_keys/public_key.c | 12 +- crypto/asymmetric_keys/x509_cert_parser.c | 15 + crypto/asymmetric_keys/x509_loader.c | 38 +- crypto/asymmetric_keys/x509_parser.h | 37 +- crypto/ecdsa.c | 16 +- crypto/internal.h | 1 + crypto/rsa-pkcs1pad.c | 11 +- crypto/sig.c | 6 +- crypto/testmgr.c | 8 +- crypto/testmgr.h | 16 + drivers/pci/Kconfig | 16 + drivers/pci/Makefile | 5 + drivers/pci/cma-sysfs.c | 73 + drivers/pci/cma-x509.c | 119 ++ drivers/pci/cma.asn1 | 36 + drivers/pci/cma.c | 151 +++ drivers/pci/doe.c | 5 +- drivers/pci/pci-driver.c | 1 + drivers/pci/pci-sysfs.c | 3 + drivers/pci/pci.c | 12 +- drivers/pci/pci.h | 17 + drivers/pci/pcie/err.c | 3 + drivers/pci/probe.c | 1 + drivers/pci/remove.c | 1 + drivers/vfio/pci/vfio_pci_core.c | 9 +- include/crypto/akcipher.h | 10 +- include/crypto/sig.h | 6 +- include/keys/asymmetric-type.h | 2 + include/keys/x509-parser.h | 46 + include/linux/oid_registry.h | 3 + include/linux/pci-doe.h | 4 + include/linux/pci.h | 15 + include/linux/spdm.h | 41 + lib/Kconfig | 15 + lib/Makefile | 2 + lib/spdm_requester.c | 1510 +++++++++++++++++++++ 40 files changed, 2232 insertions(+), 77 deletions(-) create mode 100644 drivers/pci/cma-sysfs.c create mode 100644 drivers/pci/cma-x509.c create mode 100644 drivers/pci/cma.asn1 create mode 100644 drivers/pci/cma.c create mode 100644 include/keys/x509-parser.h create mode 100644 include/linux/spdm.h create mode 100644 lib/spdm_requester.c -- 2.40.1