On 8/7/24 23:35, Lukas Wunner wrote:
On Mon, Jul 08, 2024 at 07:47:51PM +1000, Alexey Kardashevskiy wrote:
On 1/7/24 05:35, Lukas Wunner wrote:
PCI device authentication v2
Authenticate PCI devices with CMA-SPDM (PCIe r6.2 sec 6.31) and
expose the result in sysfs.
What is it based on?
This series is based on v6.10-rc1.
I also successfully cherry-picked the patches onto v6.10-rc6 and
linux-next 20240628 (no merge conflicts and no issues reported by 0-day).
Older kernels than v6.10-rc1 won't work because they're missing
ecdsa-nist-p521 support as well as a few preparatory sysfs patches
of mine that went into v6.10-rc1.
I am using https://github.com/l1k/linux.git branch cma_v2 for now but wonder
if that's the right one.
Yes that's fine.
There's now also a kernel.org repository with a testing branch:
https://git.kernel.org/pub/scm/linux/kernel/git/devsec/spdm.git/
Future maintenance of the SPDM library is intended to be happening
in that repo. I assumed that Bjorn may not be keen on having to
deal with SPDM patches forever, so creating a dedicated repo seemed
to make sense.
Has any further development happened since then? I am asking as I have
the CMA-v2 in my TSM exercise tree (to catch conflicts, etc) but I do
not see any change in your github or kernel.org/devsec since v2 and that
v2 does not merge nicely with the current upstream. Thanks,
Most patches in this series with a "PCI/CMA: " subject actually
only change very few lines in the PCI core. The bulk of the changes
is in the SPDM library instead. I used that subject merely to
highlight that at least an ack from Bjorn is required. The only
patches containing PCI core changes to speak of are patches 8, 9, 10.
The devsec group (short for Device Security Alphabet Soup) currently
only contains the spdm.git repo. Going forward, further repos may be
added below the devsec umbrella, such as tsm.git to deal with a
vendor-neutral interface between kernel and Trusted Security Module.
Thanks,
Lukas
--
Alexey
