Re: [PATCH v2 10/18] PCI/CMA: Reauthenticate devices on reset and resume

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Lukas Wunner wrote:
> CMA-SPDM state is lost when a device undergoes a Conventional Reset.
> (But not a Function Level Reset, PCIe r6.2 sec 6.6.2.)  A D3cold to D0
> transition implies a Conventional Reset (PCIe r6.2 sec 5.8).
> 
> Thus, reauthenticate devices on resume from D3cold and on recovery from
> a Secondary Bus Reset or DPC-induced Hot Reset.
> 
> The requirement to reauthenticate devices on resume from system sleep
> (and in the future reestablish IDE encryption) is the reason why SPDM

TSM "connect" state also needs to be managed over reset, so stay tuned
for some collaboration here.

> needs to be in-kernel:  During ->resume_noirq, which is the first phase
> after system sleep, the PCI core walks down the hierarchy, puts each
> device in D0, restores its config space and invokes the driver's
> ->resume_noirq callback.  The driver is afforded the right to access the
> device already during this phase.

I agree that CMA should be in kernel, it's not clear that authentication
needs to be automatic, and certainly not in a way that a driver can not
opt-out of.

What if a use case cares about resume time latency?  What if a driver
knows that authentication is only needed later in the resume flow? Seems
presumptious for the core to assume it knows best when authentication
needs to happen.

At a minimum I think pci_cma_reauthenticate() should do something like:

/* not previously authenticated skip authentication */
if (!spdm_state->authenticated)
	return;

...so that spdm capable devices can opt-out of automatic reauthentication.




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux