From: Dan Williams <dan.j.williams@intel.com>
To: linux-coco@lists.linux.dev
Cc: Wu Hao <hao.wu@intel.com>, Yilun Xu <yilun.xu@intel.com>,
Lukas Wunner <lukas@wunner.de>, Samuel Ortiz <sameo@rivosinc.com>,
Alexey Kardashevskiy <aik@amd.com>,
Bjorn Helgaas <bhelgaas@google.com>,
linux-pci@vger.kernel.org, gregkh@linuxfoundation.org
Subject: [RFC PATCH 1/5] PCI/CMA: Prepare to interoperate with TSM authentication
Date: Tue, 30 Jan 2024 01:23:51 -0800 [thread overview]
Message-ID: <170660663177.224441.2104783746551322918.stgit@dwillia2-xfh.jf.intel.com> (raw)
In-Reply-To: <170660662589.224441.11503798303914595072.stgit@dwillia2-xfh.jf.intel.com>
A TSM (TEE Security Manager) is a platform agent that facilitates TEE
I/O (device assignment for confidential VMs). It uses PCI CMA, IDE, and
TDISP to authenticate, encrypt/integrity-protect the link, and bind
device-virtual-functions capable of accessing private memory to
confidential VMs (TVMs).
Unlike native PCI CMA many of the details of establishing a connection
between a device (DSM) and the TSM are abstracted through platform APIs.
I.e. in the native case Linux picks the keys and validates the
certificates, in the TSM case Linux just sees a "success" from invoking
a "connect" API with the TSM.
SPDM only allows for one session-owner per transport (DOE), so the
expectation is that authentication will only ever be in the "native"
established case, or the "tsm" established case.
Convert the "authenticated" attribute to reflect {"none", "native"}
rather than {"0", "1"} in preparation for a follow-on {"none", "native",
"tsm"} possibility.
Note: Expect this patch gets folded into "PCI/CMA: Expose in sysfs
whether devices are authenticated" and assume Linux never ships
the binary authenticated ABI.
Cc: Wu Hao <hao.wu@intel.com>
Cc: Yilun Xu <yilun.xu@intel.com>
Cc: Lukas Wunner <lukas@wunner.de>
Cc: Samuel Ortiz <sameo@rivosinc.com>
Cc: Alexey Kardashevskiy <aik@amd.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
Documentation/ABI/testing/sysfs-bus-pci | 14 ++++++++------
drivers/pci/cma.c | 7 ++++++-
2 files changed, 14 insertions(+), 7 deletions(-)
diff --git a/Documentation/ABI/testing/sysfs-bus-pci b/Documentation/ABI/testing/sysfs-bus-pci
index bec7c197451e..35b0e11fd0e6 100644
--- a/Documentation/ABI/testing/sysfs-bus-pci
+++ b/Documentation/ABI/testing/sysfs-bus-pci
@@ -505,12 +505,14 @@ What: /sys/bus/pci/devices/.../authenticated
Date: November 2023
Contact: Lukas Wunner <lukas@wunner.de>
Description:
- This file contains 1 if the device authenticated successfully
- with CMA-SPDM (PCIe r6.1 sec 6.31). It contains 0 if the
- device failed authentication (and may thus be malicious).
-
- Writing anything to this file causes reauthentication.
- That may be opportune after updating the .cma keyring.
+ This file contains "native" if the device authenticated
+ successfully with CMA-SPDM (PCIe r6.1 sec 6.31). It contains
+ "none" if the device failed authentication (and may thus be
+ malicious).
+
+ Writing "native" to this file causes reauthentication with
+ kernel-selected keys and the kernel's certificate chain. That
+ may be opportune after updating the .cma keyring.
The file is not visible if authentication is unsupported
by the device.
diff --git a/drivers/pci/cma.c b/drivers/pci/cma.c
index fb9bb5a637a5..be7d2bb21b4c 100644
--- a/drivers/pci/cma.c
+++ b/drivers/pci/cma.c
@@ -36,6 +36,9 @@ static ssize_t authenticated_store(struct device *dev,
(pdev->cma_init_failed || pdev->doe_init_failed))
return -ENOTTY;
+ if (!sysfs_streq(buf, "native"))
+ return -EINVAL;
+
rc = pci_cma_reauthenticate(pdev);
if (rc)
return rc;
@@ -52,7 +55,9 @@ static ssize_t authenticated_show(struct device *dev,
(pdev->cma_init_failed || pdev->doe_init_failed))
return -ENOTTY;
- return sysfs_emit(buf, "%u\n", spdm_authenticated(pdev->spdm_state));
+ if (spdm_authenticated(pdev->spdm_state))
+ return sysfs_emit(buf, "native\n");
+ return sysfs_emit(buf, "none\n");
}
static DEVICE_ATTR_RW(authenticated);
next prev parent reply other threads:[~2024-01-30 9:23 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-30 9:23 [RFC PATCH 0/5] Towards a shared TSM sysfs-ABI for Confidential Computing Dan Williams
2024-01-30 9:23 ` Dan Williams [this message]
2024-02-08 22:09 ` [RFC PATCH 1/5] PCI/CMA: Prepare to interoperate with TSM authentication Bjorn Helgaas
2024-01-30 9:23 ` [RFC PATCH 2/5] coco/tsm: Establish a new coco/tsm subdirectory Dan Williams
2024-02-09 2:24 ` Kuppuswamy Sathyanarayanan
2024-02-27 1:39 ` Dan Williams
2024-01-30 9:24 ` [RFC PATCH 3/5] coco/tsm: Introduce a shared class device for TSMs Dan Williams
2024-02-16 11:29 ` Alexey Kardashevskiy
2024-02-27 1:47 ` Dan Williams
2024-03-07 16:41 ` Jonathan Cameron
2024-03-07 19:33 ` Dan Williams
2024-01-30 9:24 ` [RFC PATCH 4/5] sysfs: Introduce a mechanism to hide static attribute_groups Dan Williams
2024-01-30 16:44 ` Greg KH
2024-01-30 16:48 ` Dan Williams
2024-01-30 17:31 ` Greg KH
2024-02-19 8:57 ` Greg KH
2024-02-22 13:22 ` Greg KH
2024-01-30 9:24 ` [RFC PATCH 5/5] PCI/TSM: Authenticate devices via platform TSM Dan Williams
2024-02-08 22:13 ` Bjorn Helgaas
2024-02-09 5:51 ` Dan Williams
2024-02-16 11:29 ` Alexey Kardashevskiy
2024-02-27 5:52 ` Dan Williams
2024-02-16 21:38 ` Alexey Kardashevskiy
2024-02-27 5:59 ` Dan Williams
2024-02-26 11:37 ` Zhi Wang
2024-02-27 6:34 ` Dan Williams
2024-02-27 19:53 ` Zhi Wang
2024-03-01 0:32 ` Dan Williams
2024-03-07 17:18 ` Jonathan Cameron
2024-03-07 19:51 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=170660663177.224441.2104783746551322918.stgit@dwillia2-xfh.jf.intel.com \
--to=dan.j.williams@intel.com \
--cc=aik@amd.com \
--cc=bhelgaas@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=hao.wu@intel.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=sameo@rivosinc.com \
--cc=yilun.xu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.