On Fri, 7 Jun 2024, David E. Box wrote: > Intel On Demand adds attestation and firmware measurement retrieval > services through use of the protocols defined the Security Protocols and > Data Measurement (SPDM) specification. SPDM messages exchanges are used to > authenticate On Demand hardware and to retrieve signed measurements of the > NVRAM state used to track feature provisioning and the NVRAM state used for > metering services. These allow software to verify the authenticity of the > On Demand hardware as well as the integrity of the reported silicon > configuration. > > Add an ioctl interface for sending SPDM messages through the On Demand > mailbox. Provides commands to get a list of SPDM enabled devices, get the > message size limits for SPDM Requesters and Responders, and perform an SPDM > message exchange. > > Signed-off-by: David E. Box <david.e.box@xxxxxxxxxxxxxxx> > Link: https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.0.1.pdf [1] > --- > V4 > - In sdsi_spdm_do_command(), change rsp_size from u32 to int to > catch error from sdsi_spdm_exchange(). Reported by lkp. > - Use SPDM_HEADER_SIZE in sdsi_spdm_do_command() > V3 > - Use %zu format for size_t > - Simplify return in sdsi_spdm_ioctl() > > V2 > - Move size < 4 check into sdsi_spdm_exchange() and add comment > clarifying return values of that function. > - Use SZ_4K and add helpers > - Use devm_kasprintf() > - Remove unnecessary parens > - Use --attest for long option > > .../userspace-api/ioctl/ioctl-number.rst | 1 + > MAINTAINERS | 1 + > drivers/platform/x86/intel/sdsi.c | 209 +++++++++++++++++- > include/uapi/linux/intel_sdsi.h | 81 +++++++ > 4 files changed, 291 insertions(+), 1 deletion(-) > create mode 100644 include/uapi/linux/intel_sdsi.h > diff --git a/include/uapi/linux/intel_sdsi.h b/include/uapi/linux/intel_sdsi.h > new file mode 100644 > index 000000000000..8e28764f4a98 > --- /dev/null > +++ b/include/uapi/linux/intel_sdsi.h > +/** > + * struct sdsi_spdm_message - The SPDM message sent and received from the device > + * @spdm_version: Supported SPDM version > + * @request_response_code: The SPDM message code for requests and responses > + * @param1: Parameter 1 > + * @param2: Parameter 2 > + * @buffer: SDPM message specific buffer > + * Extra newline here. > + */ > +struct sdsi_spdm_message { > + SPDM_HEADER; > + __u8 buffer[SZ_4K - SPDM_HEADER_SIZE]; > +}; -- i.
