Re: [RFC PATCH v2 5/6] PCI/TSM: Authenticate devices via platform TSM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Xu Yilun wrote:
> > > If (!ide_cap && tee_cap), we get here but doing the below does not make 
> > > sense for TEE (which are likely to be VFs).
> > 
> > The "!ide_cap && tee_cap" case may also be the "TSM wants to setup IDE
> > without TDISP flow".
> IIUC, should be "TSM wants to setup TDISP without IDE flow"?

Both are possible. The TSM may need to be involved in IDE key
establishment even if the PF or its VFs are ever assigned as TDIs. Also,
as you say, it is possible for a TSM to trust that a device does not
need IDE established because it is has knowledge that the device is
integrated into the SOC without physical exposure of its links.

> But I think aik is talking about VFs (which fit "!ide_cap && tee_cap"),
> VFs should not be rejected by the following:
>       pci_tsm->doe_mb = pci_find_doe_mailbox(pdev, PCI_VENDOR_ID_PCI_SIG,
>                                              PCI_DOE_PROTO_CMA);
>       if (!pci_tsm->doe_mb)
>               return;
> VF should check its PF's doe/ide/tee cap and then be added to
> pci_tsm_devs, is it?

This path should probably skip VFs because the 'connect' operation is a
PF-only semantic. I will fix that up.

I still think the PF needs to go through an ->add() callback because I
do not think we have a cross-vendor unified concept of when IDE without
TDISP, or TDISP without IDE is supported.

[Index of Archives]     [DMA Engine]     [Linux Coverity]     [Linux USB]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Greybus]

  Powered by Linux