On Thu, 23 Feb 2023 13:06:47 +0000 Brian van der Beek <bbeek@xxxxxxxxxxx> wrote: > Hi all, > Hi Bryan, > I posted the following question to the PCI-SIG protocol group: > > The Base Specification Revision 6.0.1 paragraph 6.31.3 'CMA/SPDM Rules' includes the following statement: > > The instance of DOE used for CMA/SPDM must support: > > · the DOE Discovery data object protocol, > > · if IDE is supported, the IDE_KM data object protocol using Secured CMA/SPDM (See § Section 6.31.4 ), > > · and no other data object protocol(s). > > Whereas the Compute Express Link (CXL) Revision 3.0 paragraph 8.1.11 'Table Access DOE' states: > > A device may interrupt the host when CDAT content changes using the MSI associated with this DOE Capability instance. A device may share the instance of this DOE mailbox with other Data Objects. > > For a CXL device that support both CMA/SPDM and CXL Table Access DOE (CDAT) data objects, is it mandatory to have a dedicate DOE instance for the CMA/SPMA protocol data objects? Or is it permitted for the CMA/SPDM and CXL protocols to share a single DOE instance? Whilst my reading of what is published would be that the CXL spec is saying about restrictions from the CDAT side of things (so if other protocols don't specify restrictions, they may share a DOE instance), ultimately to get an answer on that take it to the relevant folk in the CXL consortium. > > PCI-SIG replied that the requirement of a dedicated DOE instance for CMA/SPDM was an intentional choice based on the idea that the software attached to the DOE instances would be different. However, that thought model for how DOE would be used by software has evolved, and it may not be necessary for hardware to implement separate DOE instances. It's certainly possible, though from hardware side I'd be worried that some usecases might require that separation and you'd be building hardware where it wasn't possible to support it. > > I am reaching out to you, as I am hoping you could provide some insight on the Linux CMA/SPDM implementation and whether it allows for a DOE instance to be shared with CXL/CDAT data objects. One for Lukas, though I suspect Linux will at most warn on this happening unless there is an implementation subtlety or security risk that means we should error out if this happens. Jonathan > > Best Regards, > > Brian van der Beek > Senior Principal Engineer > [cid:image001.jpg@01D94783.E04A16A0]<http://www.marvell.com/> > Marvell Netherlands B.V., Laan van Diepenvoorde 4, 5582 LA, Waalre | The Netherlands > Mobile: +31-6-4775191 > > www.marvell.com<http://www.marvell.com/> > >
