Re: [PATCH v2 08/18] PCI/CMA: Authenticate devices on enumeration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Lukas Wunner wrote:
> From: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>
> 
> Component Measurement and Authentication (CMA, PCIe r6.2 sec 6.31)
> allows for measurement and authentication of PCIe devices.  It is
> based on the Security Protocol and Data Model specification (SPDM,
> https://www.dmtf.org/dsp/DSP0274).
> 
> CMA-SPDM in turn forms the basis for Integrity and Data Encryption
> (IDE, PCIe r6.2 sec 6.33) because the key material used by IDE is
> transmitted over a CMA-SPDM session.
> 
> As a first step, authenticate CMA-capable devices on enumeration.
> A subsequent commit will expose the result in sysfs.
> 
> When allocating SPDM session state with spdm_create(), the maximum SPDM
> message length needs to be passed.  Make the PCI_DOE_MAX_LENGTH macro
> public and calculate the maximum payload length from it.
> 
> Credits:  Jonathan wrote a proof-of-concept of this CMA implementation.
> Lukas reworked it for upstream.  Wilfred contributed fixes for issues
> discovered during testing.
> 
> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@xxxxxxxxxx>
> Co-developed-by: Wilfred Mallawa <wilfred.mallawa@xxxxxxx>
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@xxxxxxx>
> Co-developed-by: Lukas Wunner <lukas@xxxxxxxxx>
> Signed-off-by: Lukas Wunner <lukas@xxxxxxxxx>
> ---
>  MAINTAINERS             |   1 +
>  drivers/pci/Kconfig     |  13 ++++++
>  drivers/pci/Makefile    |   2 +
>  drivers/pci/cma.c       | 100 ++++++++++++++++++++++++++++++++++++++++
>  drivers/pci/doe.c       |   3 --
>  drivers/pci/pci.h       |   8 ++++
>  drivers/pci/probe.c     |   1 +
>  drivers/pci/remove.c    |   1 +
>  include/linux/pci-doe.h |   4 ++
>  include/linux/pci.h     |   4 ++
>  10 files changed, 134 insertions(+), 3 deletions(-)
>  create mode 100644 drivers/pci/cma.c
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index dbe16eea8818..9aad3350da16 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -20153,6 +20153,7 @@ L:	linux-cxl@xxxxxxxxxxxxxxx
>  L:	linux-pci@xxxxxxxxxxxxxxx
>  S:	Maintained
>  T:	git git://git.kernel.org/pub/scm/linux/kernel/git/devsec/spdm.git
> +F:	drivers/pci/cma*
>  F:	include/linux/spdm.h
>  F:	lib/spdm/
>  
> diff --git a/drivers/pci/Kconfig b/drivers/pci/Kconfig
> index d35001589d88..f656211d707a 100644
> --- a/drivers/pci/Kconfig
> +++ b/drivers/pci/Kconfig
> @@ -121,6 +121,19 @@ config XEN_PCIDEV_FRONTEND
>  config PCI_ATS
>  	bool
>  
> +config PCI_CMA
> +	bool "Component Measurement and Authentication (CMA-SPDM)"

What is driving the requirement for CMA to be built-in?

All of the use cases I know about to date are built around userspace
policy auditing devices after the fact. Certainly a deployment could
choose to build it in, but it is a significant amount of infrastructure
that could tolerate late loading.

PCI TSM will be late loaded, so it is already the case that depending on
the authentication mechanism chosen (native, or TSM) the system needs to
be prepared for late / dynamic authentication.




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux