Received: by 2002:a05:7412:da14:b0:e2:908c:2ebd with SMTP id fe20csp1915225rdb; Mon, 9 Oct 2023 07:03:02 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFtYvGVLmAYeqp7gaFpsWifvhXJ4qBbb/s/FbBVk3NeXCr9BVx2+RiFAIqnL0olSKI9wu/B X-Received: by 2002:a17:90b:283:b0:276:696b:1dd9 with SMTP id az3-20020a17090b028300b00276696b1dd9mr17154150pjb.15.1696860182669; Mon, 09 Oct 2023 07:03:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696860182; cv=none; d=google.com; s=arc-20160816; b=ZO7DMLter+/tHpqL8TnQEWZpkDB0xqv4GaBERBbQmxHAM9v6dPOn4ktQNP+vgEY7Xd 0cPdjElDk3GYMge4UQRAgYNVjAWTbjWLBZ6p2XybcQI/w0/dNjUE1Sw/Ka2EaTlAUxtB iRK9zLeK4mkxVqqWojB3YhKnvg3jX3Qt7pcZ6XWORgU6sYrPVv1EItW01QuDH4pea3kp 78MlANmjuYJg1xUAkaFoVXem+P/fT9J2I43aCUWAcJXjxT+dln2TaSWh16VkTWZXd1Th WaNr5wvr182PV5wHi3EP+2V5tVEhZCFCVqoeX7HXCJ5DPby3C+g3BBlcXi0YyxlqMB8Y a/qQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=WS8I3YEBcons/jw0tcey04a8RHPdjjSUq6ACbf3elaw=; fh=M9mOwy1lgm7n3mq/xA3HKCOWTKYt1NS02uMQ+Ezw0Xg=; b=Qm8mZPsmeV9GzxdodlKev/qXaVjzxo8Hc2vHu9IixrhCm2v32ZO8VHbTr+RGj2NzDf TuSGWFuX0FeiekiNHrBq238kazKFZe1m5mop4VkDtfkJUUkGz5IVq6bO+Q6Eeup6ZeBF xbsMr/E47zRniCycYkXkPE7m7pnFv3SLI1BSPjoISlXp/8VrEmWhnSm7U99kPKkCCtVi Owxdo3ienhpTW4nmmjp6Jjlc6roReJYvlh69Yo9PUz2zj7SdKnHmQw0DkGgk63O+UPtY CtTpg1UKlMeJ0L7za6k69zXBr3UP1GVi8T3Wha8rX4sLLWhXPEO6ZT/pRYnO/NoIVWqZ hZaA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id c19-20020a17090a8d1300b00273fa934cc1si11481672pjo.167.2023.10.09.07.02.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Oct 2023 07:03:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 554FF801CF22; Mon, 9 Oct 2023 07:02:44 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377569AbjJIOCk (ORCPT + 99 others); Mon, 9 Oct 2023 10:02:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39818 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376693AbjJIOCj (ORCPT ); Mon, 9 Oct 2023 10:02:39 -0400 Received: from bmailout3.hostsharing.net (bmailout3.hostsharing.net [IPv6:2a01:4f8:150:2161:1:b009:f23e:0]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A53369D; Mon, 9 Oct 2023 07:02:37 -0700 (PDT) Received: from h08.hostsharing.net (h08.hostsharing.net [IPv6:2a01:37:1000::53df:5f1c:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by bmailout3.hostsharing.net (Postfix) with ESMTPS id E4D27100D943F; Mon, 9 Oct 2023 16:02:33 +0200 (CEST) Received: by h08.hostsharing.net (Postfix, from userid 100393) id B2D8A30D471; Mon, 9 Oct 2023 16:02:33 +0200 (CEST) Date: Mon, 9 Oct 2023 16:02:33 +0200 From: Lukas Wunner To: Alexey Kardashevskiy Cc: Bjorn Helgaas , David Howells , David Woodhouse , Herbert Xu , "David S. Miller" , Alex Williamson , linux-pci@vger.kernel.org, linux-cxl@vger.kernel.org, linux-coco@lists.linux.dev, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, kvm@vger.kernel.org, Jonathan Cameron , linuxarm@huawei.com, David Box , Dan Williams , Dave Jiang , "Li, Ming" , Zhi Wang , Alistair Francis , Wilfred Mallawa , Tom Lendacky , Sean Christopherson , Alexander Graf Subject: Re: [PATCH 12/12] PCI/CMA: Grant guests exclusive control of authentication Message-ID: <20231009140233.GB7097@wunner.de> References: <467bff0c4bab93067b1e353e5b8a92f1de353a3f.1695921657.git.lukas@wunner.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=2.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Mon, 09 Oct 2023 07:02:44 -0700 (PDT) X-Spam-Level: ** On Mon, Oct 09, 2023 at 09:52:00PM +1100, Alexey Kardashevskiy wrote: > On 29/9/23 03:32, Lukas Wunner wrote: > > At any given time, only a single entity in a physical system may have > > an SPDM connection to a device. That's because the GET_VERSION request > > (which begins an authentication sequence) resets "the connection and all > > context associated with that connection" (SPDM 1.3.0 margin no 158). > > > > Thus, when a device is passed through to a guest and the guest has > > authenticated it, a subsequent authentication by the host would reset > > the device's CMA-SPDM session behind the guest's back. > > > > Prevent by letting the guest claim exclusive CMA ownership of the device > > during passthrough. Refuse CMA reauthentication on the host as long. > > After passthrough has concluded, reauthenticate the device on the host. [...] > > --- a/drivers/pci/pci.h > > +++ b/drivers/pci/pci.h > > @@ -388,6 +388,7 @@ static inline bool pci_dev_is_disconnected(const struct pci_dev *dev) > > #define PCI_DEV_ADDED 0 > > #define PCI_DPC_RECOVERED 1 > > #define PCI_DPC_RECOVERING 2 > > +#define PCI_CMA_OWNED_BY_GUEST 3 > > In AMD SEV TIO, the PSP firmware creates an SPDM connection. What is the > expected way of managing such ownership, a new priv_flags bit + api for it? Right, I understand. See this ongoing discussion in reply to the cover letter: https://lore.kernel.org/all/652030759e42d_ae7e72946@dwillia2-xfh.jf.intel.com.notmuch/ In short, we need a spec amendment to negotiate between platform and OS which of the two controls the DOE instance supporting CMA-SPDM. I think the OS is free to access any Extended Capabilities in Config Space unless the platform doesn't grant it control over them through _OSC. Because the _OSC definition in the PCI Firmware Spec was not amended for CMA-SPDM, it is legal for the OS to assume control of CMA-SPDM, which is what this patch does. Thanks, Lukas