> > > What are you trying to protect yourself from, bogus bug reports by > > people doing bad things and then blaming you? That's easy to handle, > > just ignore them :) > > I asked Ira to push on this to protect the kernel from people like me, > :). So, there is this massively complicated specification for device > attestation and link integrity / encryption protection (SPDM and IDE) > that has applications to both PCIe and CXL. I do not see a path in the > near term to land that support in the kernel. > > DOE being user accessible though, lends itself to pure userspace > implementations of SPDM and IDE infrastructure. I want to develop that > infrastructure, but also have the kernel reserve the space / right to > obviate that implementation with kernel control of the DOE mailbox, SPDM > sessions, and IDE keys in the future. Can't resist... If anyone is at Plumbers (in person or virtually) the will be a BoF on SPDM etc. Not scheduled yet... https://lpc.events/event/16/contributions/1304/ Come join the Kernel vs Partly Kernel vs fully Userspace discussions. Thanks, Jonathan
