From: Dan Williams <dan.j.williams@intel.com>
To: linux-coco@lists.linux.dev, linux-pci@vger.kernel.org
Cc: gregkh@linuxfoundation.org, aik@amd.com, aneesh.kumar@kernel.org,
yilun.xu@linux.intel.com, bhelgaas@google.com,
alistair23@gmail.com, lukas@wunner.de, jgg@nvidia.com
Subject: [PATCH v2 18/19] samples/devsec: Add evidence support
Date: Mon, 2 Mar 2026 16:02:06 -0800 [thread overview]
Message-ID: <20260303000207.1836586-19-dan.j.williams@intel.com> (raw)
In-Reply-To: <20260303000207.1836586-1-dan.j.williams@intel.com>
For testing purposes add "certs" and "transcript" attributes to the devsec
faux devices. Both the link_tsm and devsec_tsm reference the same shared
data. The flow is:
- generate cert chain
- sign simulated evidence
- write blobs to "certs" and "transcript"
- trigger tsm/connect or tsm/lock to consume that evidence
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
---
samples/devsec/devsec.h | 5 ++
samples/devsec/common.c | 134 +++++++++++++++++++++++++++++++++++++-
samples/devsec/link_tsm.c | 21 +++++-
samples/devsec/tsm.c | 9 ++-
4 files changed, 166 insertions(+), 3 deletions(-)
diff --git a/samples/devsec/devsec.h b/samples/devsec/devsec.h
index e0ea9c6bb5e9..a89ce587cb3b 100644
--- a/samples/devsec/devsec.h
+++ b/samples/devsec/devsec.h
@@ -40,4 +40,9 @@ static inline int devsec_get_domain_nr(struct devsec_sysdata *sd)
}
#endif
extern struct devsec_sysdata *devsec_sysdata[NR_DEVSEC_HOST_BRIDGES];
+extern const struct attribute_group devsec_evidence_group;
+void devsec_evidence_busy(void);
+void devsec_evidence_idle(void);
+struct pci_tsm_evidence;
+void devsec_init_evidence(struct pci_tsm_evidence *evidence);
#endif /* __DEVSEC_H__ */
diff --git a/samples/devsec/common.c b/samples/devsec/common.c
index d0e8648dfe98..5dc4152e8b99 100644
--- a/samples/devsec/common.c
+++ b/samples/devsec/common.c
@@ -1,8 +1,11 @@
// SPDX-License-Identifier: GPL-2.0-only
/* Copyright (C) 2024 - 2026 Intel Corporation */
-#include <linux/pci.h>
#include <linux/export.h>
+#include <linux/pci.h>
+#include <linux/pci-tsm.h>
+#include <linux/vmalloc.h>
+#include <uapi/linux/pci-tsm-netlink.h>
#include "devsec.h"
@@ -13,14 +16,143 @@
struct devsec_sysdata *devsec_sysdata[NR_DEVSEC_HOST_BRIDGES];
EXPORT_SYMBOL_FOR_MODULES(devsec_sysdata, "devsec*");
+static struct {
+ void *certs;
+ size_t certs_size;
+ void *transcript;
+ size_t transcript_size;
+ int busy;
+ struct mutex lock;
+} devsec_evidence;
+
+void devsec_init_evidence(struct pci_tsm_evidence *evidence)
+{
+ struct pci_tsm_evidence_object *obj;
+
+ obj = &evidence->obj[PCI_TSM_EVIDENCE_TYPE_CERT0];
+ obj->data = devsec_evidence.certs;
+ obj->len = devsec_evidence.certs_size;
+
+ obj = &evidence->obj[PCI_TSM_EVIDENCE_TYPE_MEASUREMENTS];
+ obj->data = devsec_evidence.transcript;
+ obj->len = devsec_evidence.transcript_size;
+}
+EXPORT_SYMBOL_FOR_MODULES(devsec_init_evidence, "devsec*");
+
+static ssize_t certs_read(struct file *file, struct kobject *kobj,
+ const struct bin_attribute *bin_attr, char *buf,
+ loff_t off, size_t count)
+{
+ guard(mutex)(&devsec_evidence.lock);
+ return memory_read_from_buffer(buf, count, &off, devsec_evidence.certs,
+ devsec_evidence.certs_size);
+}
+
+#define EVIDENCE_MAX_SIZE SZ_16M
+
+static ssize_t evidence_write(char *buf, loff_t off, size_t count, void **data,
+ size_t *data_size)
+{
+ loff_t in_off = 0;
+
+ if (off + count > EVIDENCE_MAX_SIZE)
+ return -EFBIG;
+
+ guard(mutex)(&devsec_evidence.lock);
+ if (devsec_evidence.busy)
+ return -EBUSY;
+ if (off + count > *data_size) {
+ void *new_data = kvrealloc(*data, off + count, GFP_KERNEL);
+
+ if (!new_data)
+ return -ENOMEM;
+ *data = new_data;
+ *data_size = off + count;
+ }
+
+ /* reset the buffer on a single byte write */
+ if (off + count == 1) {
+ kvfree(*data);
+ *data = NULL;
+ *data_size = 0;
+ return 1;
+ }
+
+ return memory_read_from_buffer(*data + off, count, &in_off, buf, count);
+}
+
+static ssize_t certs_write(struct file *file, struct kobject *kobj,
+ const struct bin_attribute *bin_attr, char *buf,
+ loff_t off, size_t count)
+{
+ return evidence_write(buf, off, count, &devsec_evidence.certs,
+ &devsec_evidence.certs_size);
+}
+
+static ssize_t transcript_read(struct file *file, struct kobject *kobj,
+ const struct bin_attribute *bin_attr, char *buf,
+ loff_t off, size_t count)
+{
+ guard(mutex)(&devsec_evidence.lock);
+ return memory_read_from_buffer(buf, count, &off,
+ devsec_evidence.transcript,
+ devsec_evidence.transcript_size);
+}
+
+static ssize_t transcript_write(struct file *file, struct kobject *kobj,
+ const struct bin_attribute *bin_attr, char *buf,
+ loff_t off, size_t count)
+{
+ return evidence_write(buf, off, count, &devsec_evidence.transcript,
+ &devsec_evidence.transcript_size);
+}
+
+static const BIN_ATTR_RW(certs, 0);
+static const BIN_ATTR_RW(transcript, 0);
+
+static const struct bin_attribute *devsec_evidence_attrs[] = {
+ &bin_attr_certs,
+ &bin_attr_transcript,
+ NULL,
+};
+
+/*
+ * Prevent evidence from changing while any sample device is connected or locked
+ */
+void devsec_evidence_busy(void)
+{
+ guard(mutex)(&devsec_evidence.lock);
+ devsec_evidence.busy++;
+}
+EXPORT_SYMBOL_FOR_MODULES(devsec_evidence_busy, "devsec*");
+
+void devsec_evidence_idle(void)
+{
+ guard(mutex)(&devsec_evidence.lock);
+ if (devsec_evidence.busy-- <= 0) {
+ WARN_ON_ONCE(1);
+ devsec_evidence.busy = 0;
+ }
+}
+EXPORT_SYMBOL_FOR_MODULES(devsec_evidence_idle, "devsec*");
+
+const struct attribute_group devsec_evidence_group = {
+ .bin_attrs = devsec_evidence_attrs,
+};
+EXPORT_SYMBOL_FOR_MODULES(devsec_evidence_group, "devsec*");
+
static int __init common_init(void)
{
+ mutex_init(&devsec_evidence.lock);
return 0;
}
module_init(common_init);
static void __exit common_exit(void)
{
+ kvfree(devsec_evidence.certs);
+ kvfree(devsec_evidence.transcript);
+ mutex_destroy(&devsec_evidence.lock);
}
module_exit(common_exit);
diff --git a/samples/devsec/link_tsm.c b/samples/devsec/link_tsm.c
index 2e4c1234bdee..21b6c3c7ea52 100644
--- a/samples/devsec/link_tsm.c
+++ b/samples/devsec/link_tsm.c
@@ -3,6 +3,7 @@
#define dev_fmt(fmt) "devsec: " fmt
#include <linux/device/faux.h>
+#include <crypto/hash_info.h>
#include <linux/pci-tsm.h>
#include <linux/pci-ide.h>
#include <linux/module.h>
@@ -51,6 +52,8 @@ static struct device *pci_tsm_host(struct pci_dev *pdev)
static struct pci_tsm *devsec_tsm_pf0_probe(struct tsm_dev *tsm_dev,
struct pci_dev *pdev)
{
+ struct pci_tsm_evidence *evidence;
+ struct pci_tsm *tsm;
int rc;
dev_dbg(tsm_dev->dev.parent, "%s\n", pci_name(pdev));
@@ -60,10 +63,16 @@ static struct pci_tsm *devsec_tsm_pf0_probe(struct tsm_dev *tsm_dev,
if (!devsec_tsm)
return NULL;
+ tsm = &devsec_tsm->pci.base_tsm;
rc = pci_tsm_pf0_constructor(pdev, &devsec_tsm->pci, tsm_dev);
if (rc)
return NULL;
+ devsec_evidence_busy();
+ evidence = &tsm->evidence;
+ pci_tsm_init_evidence(evidence, 0, HASH_ALGO_SHA384);
+ devsec_init_evidence(evidence);
+
pci_dbg(pdev, "TSM enabled\n");
return &no_free_ptr(devsec_tsm)->pci.base_tsm;
}
@@ -113,6 +122,7 @@ static void devsec_link_tsm_pci_remove(struct pci_tsm *tsm)
if (is_pci_tsm_pf0(pdev)) {
struct devsec_tsm_pf0 *devsec_tsm = to_devsec_tsm_pf0(tsm);
+ devsec_evidence_idle();
pci_tsm_pf0_destructor(&devsec_tsm->pci);
kfree(devsec_tsm);
} else {
@@ -390,7 +400,16 @@ static struct attribute *devsec_link_attrs[] = {
&dev_attr_tsm_request.attr,
NULL,
};
-ATTRIBUTE_GROUPS(devsec_link);
+
+static const struct attribute_group devsec_link_group = {
+ .attrs = devsec_link_attrs,
+};
+
+static const struct attribute_group *devsec_link_groups[] = {
+ &devsec_link_group,
+ &devsec_evidence_group,
+ NULL,
+};
static int __init devsec_link_tsm_init(void)
{
diff --git a/samples/devsec/tsm.c b/samples/devsec/tsm.c
index 46dbe668945a..4a62e05ecf35 100644
--- a/samples/devsec/tsm.c
+++ b/samples/devsec/tsm.c
@@ -6,6 +6,7 @@
#include <linux/pci-tsm.h>
#include <linux/module.h>
#include <linux/pci.h>
+#include <linux/sysfs.h>
#include <linux/tsm.h>
#include "devsec.h"
@@ -105,9 +106,15 @@ static const struct faux_device_ops devsec_device_ops = {
.probe = devsec_tsm_probe,
};
+static const struct attribute_group *devsec_evidence_groups[] = {
+ &devsec_evidence_group,
+ NULL,
+};
+
static int __init devsec_tsm_init(void)
{
- devsec_tsm = faux_device_create("devsec_tsm", NULL, &devsec_device_ops);
+ devsec_tsm = faux_device_create_with_groups(
+ "devsec_tsm", NULL, &devsec_device_ops, devsec_evidence_groups);
if (!devsec_tsm)
return -ENOMEM;
return 0;
--
2.52.0
next prev parent reply other threads:[~2026-03-03 0:01 UTC|newest]
Thread overview: 83+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-03 0:01 [PATCH v2 00/19] PCI/TSM: TEE I/O infrastructure Dan Williams
2026-03-03 0:01 ` [PATCH v2 01/19] PCI/TSM: Report active IDE streams per host bridge Dan Williams
2026-03-09 16:36 ` Jonathan Cameron
2026-03-03 0:01 ` [PATCH v2 02/19] device core: Fix kernel-doc warnings in base.h Dan Williams
2026-03-09 16:39 ` Jonathan Cameron
2026-03-12 14:45 ` Greg KH
2026-03-03 0:01 ` [PATCH v2 03/19] device core: Introduce confidential device acceptance Dan Williams
2026-03-09 16:42 ` Jonathan Cameron
2026-03-12 14:44 ` Greg KH
2026-03-13 4:11 ` Dan Williams
2026-03-13 12:18 ` Greg KH
2026-03-13 18:53 ` Dan Williams
2026-03-13 19:07 ` Jason Gunthorpe
2026-03-13 13:32 ` Jason Gunthorpe
2026-03-13 19:56 ` Dan Williams
2026-03-13 20:24 ` Jason Gunthorpe
2026-03-14 1:32 ` Dan Williams
2026-03-23 18:14 ` Jason Gunthorpe
2026-03-24 2:18 ` Dan Williams
2026-03-24 12:36 ` Jason Gunthorpe
2026-03-25 4:13 ` Dan Williams
2026-03-25 11:56 ` Jason Gunthorpe
2026-03-26 1:27 ` Dan Williams
2026-03-26 12:00 ` Jason Gunthorpe
2026-03-26 15:00 ` Greg KH
2026-03-26 18:31 ` Dan Williams
2026-03-26 19:28 ` Jason Gunthorpe
2026-03-03 0:01 ` [PATCH v2 04/19] modules: Document the global async_probe parameter Dan Williams
2026-03-03 0:01 ` [PATCH v2 05/19] device core: Autoprobe considered harmful? Dan Williams
2026-03-09 16:58 ` Jonathan Cameron
2026-03-03 0:01 ` [PATCH v2 06/19] PCI/TSM: Add Device Security (TVM Guest) LOCK operation support Dan Williams
2026-03-03 0:01 ` [PATCH v2 07/19] PCI/TSM: Add Device Security (TVM Guest) ACCEPT " Dan Williams
2026-03-03 7:15 ` Baolu Lu
2026-03-03 0:01 ` [PATCH v2 08/19] PCI/TSM: Add "evidence" support Dan Williams
2026-03-03 3:14 ` kernel test robot
2026-03-03 10:16 ` Aneesh Kumar K.V
2026-03-03 16:38 ` Aneesh Kumar K.V
2026-03-13 10:07 ` Xu Yilun
2026-03-13 18:06 ` Dan Williams
2026-03-14 18:12 ` Jakub Kicinski
2026-03-17 1:45 ` Dan Williams
2026-03-19 0:00 ` Jakub Kicinski
2026-03-20 2:50 ` Dan Williams
2026-03-17 18:14 ` Lukas Wunner
2026-03-18 7:56 ` Dan Williams
2026-03-23 18:18 ` Jason Gunthorpe
2026-03-14 18:37 ` Lukas Wunner
2026-03-16 20:13 ` Dan Williams
2026-03-16 23:02 ` Dan Williams
2026-03-17 14:13 ` Lukas Wunner
2026-03-18 7:22 ` Dan Williams
2026-03-17 18:24 ` Lukas Wunner
2026-03-18 7:41 ` Dan Williams
2026-03-03 0:01 ` [PATCH v2 09/19] PCI/TSM: Support creating encrypted MMIO descriptors via TDISP Report Dan Williams
2026-03-04 17:14 ` dan.j.williams
2026-03-13 9:57 ` Xu Yilun
2026-03-05 4:46 ` Aneesh Kumar K.V
2026-03-13 10:23 ` Xu Yilun
2026-03-13 13:36 ` Jason Gunthorpe
2026-03-17 5:13 ` Xu Yilun
2026-03-24 3:26 ` Dan Williams
2026-03-24 12:38 ` Jason Gunthorpe
2026-03-16 5:19 ` Alexey Kardashevskiy
2026-03-23 18:20 ` Jason Gunthorpe
2026-03-26 23:38 ` Alexey Kardashevskiy
2026-03-27 11:49 ` Jason Gunthorpe
2026-03-03 0:01 ` [PATCH v2 10/19] x86, swiotlb: Teach swiotlb to skip "accepted" devices Dan Williams
2026-03-03 9:07 ` Aneesh Kumar K.V
2026-03-13 10:26 ` Xu Yilun
2026-03-03 0:01 ` [PATCH v2 11/19] x86, dma: Allow accepted devices to map private memory Dan Williams
2026-03-03 7:36 ` Alexey Kardashevskiy
2026-03-03 0:02 ` [PATCH v2 12/19] x86, ioremap, resource: Support IORES_DESC_ENCRYPTED for encrypted PCI MMIO Dan Williams
2026-03-19 15:34 ` Borislav Petkov
2026-03-03 0:02 ` [PATCH v2 13/19] samples/devsec: Introduce a PCI device-security bus + endpoint sample Dan Williams
2026-03-03 0:02 ` [PATCH v2 14/19] samples/devsec: Add sample IDE establishment Dan Williams
2026-03-03 0:02 ` [PATCH v2 15/19] samples/devsec: Add sample TSM bind and guest_request flows Dan Williams
2026-03-03 0:02 ` [PATCH v2 16/19] samples/devsec: Introduce a "Device Security TSM" sample driver Dan Williams
2026-03-27 8:44 ` Lai, Yi
2026-03-03 0:02 ` [PATCH v2 17/19] tools/testing/devsec: Add a script to exercise samples/devsec/ Dan Williams
2026-03-03 0:02 ` Dan Williams [this message]
2026-03-03 0:02 ` [PATCH v2 19/19] tools/testing/devsec: Add basic evidence retrieval validation Dan Williams
2026-03-03 9:23 ` [PATCH v2 00/19] PCI/TSM: TEE I/O infrastructure Aneesh Kumar K.V
2026-03-03 22:01 ` dan.j.williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260303000207.1836586-19-dan.j.williams@intel.com \
--to=dan.j.williams@intel.com \
--cc=aik@amd.com \
--cc=alistair23@gmail.com \
--cc=aneesh.kumar@kernel.org \
--cc=bhelgaas@google.com \
--cc=gregkh@linuxfoundation.org \
--cc=jgg@nvidia.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox