From: Jonathan Cameron <jonathan.cameron@huawei.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: <linux-pci@vger.kernel.org>, <linux-coco@lists.linux.dev>,
<gregkh@linuxfoundation.org>, <bhelgaas@google.com>,
<lukas@wunner.de>, "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>,
Alexey Kardashevskiy <aik@amd.com>,
Xu Yilun <yilun.xu@linux.intel.com>
Subject: Re: [PATCH resend v6 02/10] PCI/IDE: Enumerate Selective Stream IDE capabilities
Date: Mon, 15 Sep 2025 17:32:22 +0100 [thread overview]
Message-ID: <20250915173222.000028f4@huawei.com> (raw)
In-Reply-To: <20250911235647.3248419-3-dan.j.williams@intel.com>
On Thu, 11 Sep 2025 16:56:39 -0700
Dan Williams <dan.j.williams@intel.com> wrote:
> Link encryption is a new PCIe feature enumerated by "PCIe r7.0 section
> 7.9.26 IDE Extended Capability".
>
> It is both a standalone port + endpoint capability, and a building block
> for the security protocol defined by "PCIe r7.0 section 11 TEE Device
> Interface Security Protocol (TDISP)". That protocol coordinates device
> security setup between a platform TSM (TEE Security Manager) and a
> device DSM (Device Security Manager). While the platform TSM can
> allocate resources like Stream ID and manage keys, it still requires
> system software to manage the IDE capability register block.
>
> Add register definitions and basic enumeration in preparation for
> Selective IDE Stream establishment. A follow on change selects the new
> CONFIG_PCI_IDE symbol. Note that while the IDE specification defines
> both a point-to-point "Link Stream" and a Root Port to endpoint
> "Selective Stream", only "Selective Stream" is considered for Linux as
> that is the predominant mode expected by Trusted Execution Environment
> Security Managers (TSMs), and it is the security model that limits the
> number of PCI components within the TCB in a PCIe topology with
> switches.
>
> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
> Cc: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
> Co-developed-by: Alexey Kardashevskiy <aik@amd.com>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
> Co-developed-by: Xu Yilun <yilun.xu@linux.intel.com>
> Signed-off-by: Xu Yilun <yilun.xu@linux.intel.com>
> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Oops. I missed v6 and replied to 5. Anyhow, comments stand so
please take a look back at that. As does
Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com>
next prev parent reply other threads:[~2025-09-15 16:32 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-11 23:56 [PATCH resend v6 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 01/10] coco/tsm: Introduce a core device for TEE Security Managers Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 02/10] PCI/IDE: Enumerate Selective Stream IDE capabilities Dan Williams
2025-09-15 16:32 ` Jonathan Cameron [this message]
2025-09-11 23:56 ` [PATCH resend v6 03/10] PCI: Introduce pci_walk_bus_reverse(), for_each_pci_dev_reverse() Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 04/10] PCI/TSM: Authenticate devices via platform TSM Dan Williams
2025-09-15 11:27 ` Alexey Kardashevskiy
2025-09-19 20:15 ` dan.j.williams
2025-09-22 12:26 ` Alexey Kardashevskiy
2025-09-25 23:00 ` dan.j.williams
2025-09-26 1:14 ` Alexey Kardashevskiy
2025-09-15 11:37 ` Alexey Kardashevskiy
2025-09-19 20:29 ` dan.j.williams
2025-09-11 23:56 ` [PATCH resend v6 05/10] samples/devsec: Introduce a PCI device-security bus + endpoint sample Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 06/10] PCI: Add PCIe Device 3 Extended Capability enumeration Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 07/10] PCI/IDE: Add IDE establishment helpers Dan Williams
2025-09-16 0:14 ` Alexey Kardashevskiy
2025-09-25 19:54 ` dan.j.williams
2025-09-11 23:56 ` [PATCH resend v6 08/10] PCI/IDE: Report available IDE streams Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 09/10] PCI/TSM: Report active " Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 10/10] samples/devsec: Add sample IDE establishment Dan Williams
2025-09-16 12:18 ` [PATCH resend v6 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Aneesh Kumar K.V
2025-09-19 4:17 ` Alexey Kardashevskiy
2025-09-19 12:17 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250915173222.000028f4@huawei.com \
--to=jonathan.cameron@huawei.com \
--cc=aik@amd.com \
--cc=aneesh.kumar@kernel.org \
--cc=bhelgaas@google.com \
--cc=dan.j.williams@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.