Received: by 2002:a05:7412:da14:b0:e2:908c:2ebd with SMTP id fe20csp2362050rdb; Tue, 10 Oct 2023 01:19:20 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFOhBxiX/+JD3e+iPc91fB41qVvqXpVc1uF1HF6IeB91BjfT4jsdYhlnCyXuWWDMpWgZlvW X-Received: by 2002:a17:90a:bc08:b0:279:9f8:790c with SMTP id w8-20020a17090abc0800b0027909f8790cmr15211980pjr.37.1696925960221; Tue, 10 Oct 2023 01:19:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696925960; cv=none; d=google.com; s=arc-20160816; b=tsEDqpAusba2kzrrxYd1SoaggWmFIT7J+w1pWAqy3I+NNdJdEiOfR5en61n2Bbkq5K ag1p8I8z5kb1aS1WD+iHuKSKwafNI/c2zh1bPGcpd36/TVrlBxpPZSKUxKqvKk2KRhg4 /lwpfs6HNDLL+iZ3i67FQMtC0kQkoFIsuRNAxnGCfJQY3uKBmdwzbdS5uZoGSanKyPrt qPZhw9FdUYObET2Mrw8tSWPckEdPPI179SOh0Lzl+yv3ty9ttZ4ezMZhRfBtbK/5+Zb5 oFSGp88+EsJa53v7G+gO24qWk9B3y2ceu/TCjjsLXuDZrgkMHJC00sfNx6lm1qKk/CLL T8ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=/2EaTzY/mmTKQ5yWnNQLtrrs+fD7rx3qk4EMRYNrHaY=; fh=/dG2QFM9P20+AvK64iv1OYERiFtog1YGmUR4V/xQDj4=; b=R+b+pvGX+qf/zlaJ7f7TG7w2xaurr8oOyvOWWWq01yEa7FabvIpHXFFS+5yKWuDTBi opzowIwM+C1iTK8QwLvJDgLowRScbZdtjAC4dVKK1GDufoiRR5R3ydsQqEJbtPtstICS ntrZnA80CSD3ZAy3kFMiOMozg7dijHirR6QMUZ6tVd3n/jVq13KyYY8+51tangfKlTK4 acSNWJaR8SHsc5QWiBXJfBJx+9l+8uIaPVzDhAJBx9L20LeHgXPHDco9M4t79NTpO2i6 M8MnHXiefYqXj0Xzk1vNGIept4OCR99OmZtagKQHbiJ/eOgT7lYZ16CGHYRzXfjNlmsX p7wA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id lk12-20020a17090b33cc00b00262e5a82047si9071295pjb.44.2023.10.10.01.19.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Oct 2023 01:19:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 923E4812AD3F; Tue, 10 Oct 2023 01:19:18 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1442640AbjJJITR (ORCPT + 99 others); Tue, 10 Oct 2023 04:19:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1379439AbjJJITQ (ORCPT ); Tue, 10 Oct 2023 04:19:16 -0400 Received: from bmailout2.hostsharing.net (bmailout2.hostsharing.net [83.223.78.240]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 00A0C97; Tue, 10 Oct 2023 01:19:14 -0700 (PDT) Received: from h08.hostsharing.net (h08.hostsharing.net [IPv6:2a01:37:1000::53df:5f1c:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by bmailout2.hostsharing.net (Postfix) with ESMTPS id 3F1AE2800A273; Tue, 10 Oct 2023 10:19:13 +0200 (CEST) Received: by h08.hostsharing.net (Postfix, from userid 100393) id 3176D58BE4D; Tue, 10 Oct 2023 10:19:13 +0200 (CEST) Date: Tue, 10 Oct 2023 10:19:13 +0200 From: Lukas Wunner To: Alexey Kardashevskiy Cc: Jonathan Cameron , Dan Williams , Bjorn Helgaas , David Howells , David Woodhouse , Herbert Xu , "David S. Miller" , Alex Williamson , linux-pci@vger.kernel.org, linux-cxl@vger.kernel.org, linux-coco@lists.linux.dev, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, kvm@vger.kernel.org, linuxarm@huawei.com, David Box , Dave Jiang , "Li, Ming" , Zhi Wang , Alistair Francis , Wilfred Mallawa , Tom Lendacky , Sean Christopherson , Alexander Graf Subject: Re: [PATCH 00/12] PCI device authentication Message-ID: <20231010081913.GA24050@wunner.de> References: <652030759e42d_ae7e72946@dwillia2-xfh.jf.intel.com.notmuch> <20231007100433.GA7596@wunner.de> <20231009123335.00006d3d@Huawei.com> <20231009134950.GA7097@wunner.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 10 Oct 2023 01:19:18 -0700 (PDT) On Tue, Oct 10, 2023 at 03:07:41PM +1100, Alexey Kardashevskiy wrote: > On 10/10/23 00:49, Lukas Wunner wrote: > > PCI Firmware Spec would seem to be appropriate. However this can't > > be solved by the kernel community. > > How so? It is up to the user to decide whether it is SPDM/CMA in the kernel > or the firmware + coco, both are quite possible (it is IDE which is not > possible without the firmware on AMD but we are not there yet). The user can control ownership of CMA-SPDM e.g. through a BIOS knob. And that BIOS knob then influences the outcome of the _OSC negotiation between platform and OS. > But the way SPDM is done now is that if the user (as myself) wants to let > the firmware run SPDM - the only choice is disabling CONFIG_CMA completely > as CMA is not a (un)loadable module or built-in (with some "blacklist" > parameters), and does not provide a sysfs knob to control its tentacles. The problem is every single vendor thinks they can come up with their own idea of who owns the SPDM session: I've looked at the Nvidia driver and they've hacked libspdm into it, so their idea is that the device driver owns the SPDM session. AMD wants the host to proxy DOE but not own the SPDM session. We have *standards* for a reason. So that products are interoperable. If the kernel tries to accommodate to every vendor's idea of SPDM ownership we'll end up with an unmaintainable mess of quirks, plus sysfs knobs which were once intended as a stopgap but can never be removed because they're userspace ABI. This needs to be solved in the *specification*. And the existing solution for who owns a particular PCI feature is _OSC. Hence this needs to be taken up with the Firmware Working Group at the PCISIG. > Note, this PSP firmware is not BIOS (which runs on the same core and has > same access to PCI as the host OS), it is a separate platform processor > which only programs IDE keys to the PCI RC (via some some internal bus > mechanism) but does not do anything on the bus itself and relies on the host > OS proxying DOE, and there is no APCI between the core and the psp. Somewhat tangentially, would it be possible in your architecture that the host or guest asks PSP to program IDE keys into the Root Port? Or alternatively, access the key registers directly without PSP involvement? Thanks, Lukas