On Sun, 30 Jun 2024 21:47:00 +0200 Lukas Wunner <lukas@xxxxxxxxx> wrote: > The kernel already caches certificate chains retrieved from a device > upon authentication. Expose them in "slot[0-7]" files in sysfs for > examination by user space. > > As noted in the ABI documentation, the "slot[0-7]" files always have a > file size of 65535 bytes (the maximum size of a certificate chain per > SPDM 1.0.0 table 18), even if the certificate chain in the slot is > actually smaller. Although it would be possible to use the certifiate > chain's actual size as the file size, doing so would require a separate > struct attribute_group for each device, which would occupy additional > memory. > > Slots are visible in sysfs even if they're currently unprovisioned > because a future commit will add support for certificate provisioning > by writing to the "slot[0-7]" files. > > Signed-off-by: Lukas Wunner <lukas@xxxxxxxxx> One trivial thing in addition to discussion in Dan's review thread. Jonathan > diff --git a/lib/spdm/req-authenticate.c b/lib/spdm/req-authenticate.c > index 90f7a7f2629c..1f701d07ad46 100644 > --- a/lib/spdm/req-authenticate.c > +++ b/lib/spdm/req-authenticate.c > @@ -14,6 +14,7 @@ > #include "spdm.h" > > #include <linux/dev_printk.h> > +#include <linux/device.h> > #include <linux/key.h> > #include <linux/random.h> > > @@ -288,9 +289,9 @@ static int spdm_get_digests(struct spdm_state *spdm_state) > struct spdm_get_digests_req *req = spdm_state->transcript_end; > struct spdm_get_digests_rsp *rsp; > unsigned long deprovisioned_slots; > + u8 slot, supported_slots; > int rc, length; > size_t rsp_sz; > - u8 slot; Move that to earlier patch.
