Authenticate PCI devices with CMA-SPDM (PCIe r6.1 sec 6.31) and expose the result in sysfs. This enables user-defined policies such as forbidding driver binding to devices which failed authentication. CMA-SPDM forms the basis for PCI encryption (PCIe r6.1 sec 6.33), which will be submitted later. The meat of the series is in patches [07/12] and [08/12], which contain the SPDM library and the CMA glue code (the PCI-adaption of SPDM). The reason why SPDM is done in-kernel is provided in patch [10/12]: Briefly, when devices are reauthenticated on resume from system sleep, user space is not yet available. Same when reauthenticating after recovery from reset. One use case for CMA-SPDM and PCI encryption is confidential access to passed-through devices: Neither the host nor other guests are able to eavesdrop on device accesses, in particular if guest memory is encrypted as well. Further use cases for the SPDM library are appearing on the horizon: Alistair Francis and Wilfred Mallawa from WDC are interested in using it for SCSI/SATA. David Box from Intel has implemented measurement retrieval over SPDM. The root of trust is initially an in-kernel key ring of certificates. We can discuss linking the system key ring into it, thereby allowing EFI to pass trusted certificates to the kernel for CMA. Alternatively, a bundle of trusted certificates could be loaded from the initrd. I envision that we'll add TPMs or remote attestation services such as https://keylime.dev/ to create an ecosystem of various trust sources. If you wish to play with PCI device authentication but lack capable hardware, Wilfred has written a guide how to test with qemu: https://github.com/twilfredo/spdm-emulation-guide-b Jonathan Cameron (2): spdm: Introduce library to authenticate devices PCI/CMA: Authenticate devices on enumeration Lukas Wunner (10): X.509: Make certificate parser public X.509: Parse Subject Alternative Name in certificates X.509: Move certificate length retrieval into new helper certs: Create blacklist keyring earlier crypto: akcipher - Support more than one signature encoding crypto: ecdsa - Support P1363 signature encoding PCI/CMA: Validate Subject Alternative Name in certificates PCI/CMA: Reauthenticate devices on reset and resume PCI/CMA: Expose in sysfs whether devices are authenticated PCI/CMA: Grant guests exclusive control of authentication Documentation/ABI/testing/sysfs-bus-pci | 27 + MAINTAINERS | 10 + certs/blacklist.c | 4 +- crypto/akcipher.c | 2 +- crypto/asymmetric_keys/public_key.c | 12 +- crypto/asymmetric_keys/x509_cert_parser.c | 15 + crypto/asymmetric_keys/x509_loader.c | 38 +- crypto/asymmetric_keys/x509_parser.h | 37 +- crypto/ecdsa.c | 16 +- crypto/internal.h | 1 + crypto/rsa-pkcs1pad.c | 11 +- crypto/sig.c | 6 +- crypto/testmgr.c | 8 +- crypto/testmgr.h | 16 + drivers/pci/Kconfig | 16 + drivers/pci/Makefile | 5 + drivers/pci/cma-sysfs.c | 73 + drivers/pci/cma-x509.c | 119 ++ drivers/pci/cma.asn1 | 36 + drivers/pci/cma.c | 151 +++ drivers/pci/doe.c | 5 +- drivers/pci/pci-driver.c | 1 + drivers/pci/pci-sysfs.c | 3 + drivers/pci/pci.c | 12 +- drivers/pci/pci.h | 17 + drivers/pci/pcie/err.c | 3 + drivers/pci/probe.c | 1 + drivers/pci/remove.c | 1 + drivers/vfio/pci/vfio_pci_core.c | 9 +- include/crypto/akcipher.h | 10 +- include/crypto/sig.h | 6 +- include/keys/asymmetric-type.h | 2 + include/keys/x509-parser.h | 46 + include/linux/oid_registry.h | 3 + include/linux/pci-doe.h | 4 + include/linux/pci.h | 15 + include/linux/spdm.h | 41 + lib/Kconfig | 15 + lib/Makefile | 2 + lib/spdm_requester.c | 1510 +++++++++++++++++++++ 40 files changed, 2232 insertions(+), 77 deletions(-) create mode 100644 drivers/pci/cma-sysfs.c create mode 100644 drivers/pci/cma-x509.c create mode 100644 drivers/pci/cma.asn1 create mode 100644 drivers/pci/cma.c create mode 100644 include/keys/x509-parser.h create mode 100644 include/linux/spdm.h create mode 100644 lib/spdm_requester.c -- 2.40.1
