From: Xu Yilun <yilun.xu@linux.intel.com>
To: Dan Williams <dan.j.williams@intel.com>
Cc: linux-coco@lists.linux.dev, linux-pci@vger.kernel.org,
linux-kernel@vger.kernel.org, bhelgaas@google.com, aik@amd.com,
lukas@wunner.de, Samuel Ortiz <sameo@rivosinc.com>
Subject: Re: [PATCH v4 04/10] PCI/TSM: Authenticate devices via platform TSM
Date: Tue, 5 Aug 2025 23:53:06 +0800 [thread overview]
Message-ID: <aJIo4riWyW7fRtal@yilunxu-OptiPlex-7050> (raw)
In-Reply-To: <20250717183358.1332417-5-dan.j.williams@intel.com>
> +static int pci_tsm_connect(struct pci_dev *pdev, struct tsm_dev *tsm_dev)
> +{
> + int rc;
> + struct pci_tsm_pf0 *tsm_pf0;
> + const struct pci_tsm_ops *ops = tsm_pci_ops(tsm_dev);
> + struct pci_tsm *pci_tsm __free(tsm_remove) = ops->probe(pdev);
> +
> + if (!pci_tsm)
> + return -ENXIO;
> +
> + pdev->tsm = pci_tsm;
> + tsm_pf0 = to_pci_tsm_pf0(pdev->tsm);
> +
> + ACQUIRE(mutex_intr, lock)(&tsm_pf0->lock);
> + if ((rc = ACQUIRE_ERR(mutex_intr, &lock)))
> + return rc;
> +
> + rc = ops->connect(pdev);
> + if (rc)
> + return rc;
> +
> + pdev->tsm = no_free_ptr(pci_tsm);
> +
> + /*
> + * Now that the DSM is established, probe() all the potential
> + * dependent functions. Failure to probe a function is not fatal
> + * to connect(), it just disables subsequent security operations
> + * for that function.
> + */
> + pci_tsm_probe_fns(pdev);
> + return 0;
> +}
> +}
> +
[...]
> +static void pf0_sysfs_enable(struct pci_dev *pdev)
> +{
> + pci_dbg(pdev, "Device Security Manager detected (%s%s )\n",
> + pdev->ide_cap ? " ide" : "",
> + pdev->devcap & PCI_EXP_DEVCAP_TEE ? " tee" : "");
> +
> + sysfs_update_group(&pdev->dev.kobj, &pci_tsm_auth_attr_group);
> + sysfs_update_group(&pdev->dev.kobj, &pci_tsm_pf0_attr_group);
> +}
> +
> +int pci_tsm_register(struct tsm_dev *tsm_dev)
> +{
[...]
> + for_each_pci_dev(pdev)
> + if (is_pci_tsm_pf0(pdev))
> + pf0_sysfs_enable(pdev);
Now the tsm attributes are exposed to user before ops->probe(), from
user's POV, tsm link operation for this device is already ready ...
> + return 0;
> +}
> +EXPORT_SYMBOL_GPL(pci_tsm_register);
[...]
> +struct pci_tsm_ops {
> + /*
> + * struct pci_tsm_link_ops - Manage physical link and the TSM/DSM session
> + * @probe: probe device for tsm link operation readiness, setup
So I think the probe callback is losing the meaning of readiness check.
Users see the 'connect/disconnect', they write 'connect' and found
errors no matter ->probe() fails or ->connect() fails.
Maybe just remove the responsibility of readiness check from ->probe(),
I found it simplifies code when implementing tdx-tsm driver.
Thanks,
Yilun
> + * DSM context
> + * @remove: destroy DSM context
> + * @connect: establish / validate a secure connection (e.g. IDE)
> + * with the device
> + * @disconnect: teardown the secure link
> + *
> + * @probe and @remove run in pci_tsm_rwsem held for write context. All
> + * other ops run under the @pdev->tsm->lock mutex and pci_tsm_rwsem held
> + * for read.
> + */
> + struct_group_tagged(pci_tsm_link_ops, link_ops,
> + struct pci_tsm *(*probe)(struct pci_dev *pdev);
> + void (*remove)(struct pci_tsm *tsm);
> + int (*connect)(struct pci_dev *pdev);
> + void (*disconnect)(struct pci_dev *pdev);
> + );
next prev parent reply other threads:[~2025-08-05 16:02 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-17 18:33 [PATCH v4 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Dan Williams
2025-07-17 18:33 ` [PATCH v4 01/10] coco/tsm: Introduce a core device for TEE Security Managers Dan Williams
2025-07-29 11:28 ` Jonathan Cameron
2025-07-17 18:33 ` [PATCH v4 02/10] PCI/IDE: Enumerate Selective Stream IDE capabilities Dan Williams
2025-07-29 12:03 ` Jonathan Cameron
2025-08-05 20:59 ` dan.j.williams
2025-08-07 20:12 ` Bjorn Helgaas
2025-08-07 22:37 ` dan.j.williams
2025-08-07 22:53 ` Bjorn Helgaas
2025-08-08 2:17 ` dan.j.williams
2025-08-08 15:59 ` Bjorn Helgaas
2025-08-07 22:43 ` Bjorn Helgaas
2025-07-17 18:33 ` [PATCH v4 03/10] PCI: Introduce pci_walk_bus_reverse(), for_each_pci_dev_reverse() Dan Williams
2025-07-29 13:06 ` Jonathan Cameron
2025-08-05 23:52 ` dan.j.williams
2025-08-06 10:54 ` Jonathan Cameron
2025-08-07 20:24 ` Bjorn Helgaas
2025-08-07 23:17 ` dan.j.williams
2025-08-07 23:26 ` Bjorn Helgaas
2025-07-17 18:33 ` [PATCH v4 04/10] PCI/TSM: Authenticate devices via platform TSM Dan Williams
2025-07-29 14:56 ` Jonathan Cameron
2025-08-06 1:35 ` dan.j.williams
2025-08-06 11:10 ` Jonathan Cameron
2025-08-06 23:16 ` dan.j.williams
2025-08-07 10:42 ` Jonathan Cameron
2025-08-07 2:35 ` dan.j.williams
2025-08-05 15:53 ` Xu Yilun [this message]
2025-08-06 22:30 ` dan.j.williams
2025-08-07 21:27 ` Bjorn Helgaas
2025-08-08 22:51 ` dan.j.williams
2025-08-13 2:57 ` Alexey Kardashevskiy
2025-08-14 1:40 ` dan.j.williams
2025-08-14 14:52 ` Alexey Kardashevskiy
2025-08-18 21:08 ` dan.j.williams
2025-07-17 18:33 ` [PATCH v4 05/10] samples/devsec: Introduce a PCI device-security bus + endpoint sample Dan Williams
2025-07-29 15:16 ` Jonathan Cameron
2025-08-06 3:20 ` dan.j.williams
2025-08-06 11:16 ` Jonathan Cameron
2025-08-06 18:33 ` dan.j.williams
2025-08-11 13:18 ` Gerd Hoffmann
2025-08-11 20:47 ` dan.j.williams
2025-08-07 21:45 ` Bjorn Helgaas
2025-08-08 23:45 ` dan.j.williams
2025-07-17 18:33 ` [PATCH v4 06/10] PCI: Add PCIe Device 3 Extended Capability enumeration Dan Williams
2025-07-29 15:23 ` Jonathan Cameron
2025-08-06 21:00 ` dan.j.williams
2025-08-06 21:02 ` dan.j.williams
2025-08-07 22:06 ` Bjorn Helgaas
2025-08-09 0:05 ` dan.j.williams
2025-08-07 22:46 ` Bjorn Helgaas
2025-07-17 18:33 ` [PATCH v4 07/10] PCI/IDE: Add IDE establishment helpers Dan Williams
2025-07-29 15:45 ` Jonathan Cameron
2025-08-06 21:40 ` dan.j.williams
2025-08-07 22:38 ` Bjorn Helgaas
2025-08-09 1:52 ` dan.j.williams
2025-08-07 22:47 ` Bjorn Helgaas
2025-08-08 10:21 ` Arto Merilainen
2025-08-08 17:26 ` dan.j.williams
2025-08-11 8:02 ` Arto Merilainen
2025-08-28 8:19 ` Aneesh Kumar K.V
2025-09-11 4:15 ` Aneesh Kumar K.V
2025-09-11 19:25 ` dan.j.williams
2025-09-25 10:18 ` Xu Yilun
2025-09-25 11:30 ` Arto Merilainen
2025-07-17 18:33 ` [PATCH v4 08/10] PCI/IDE: Report available IDE streams Dan Williams
2025-07-29 15:47 ` Jonathan Cameron
2025-08-07 22:48 ` Bjorn Helgaas
2025-07-17 18:33 ` [PATCH v4 09/10] PCI/TSM: Report active " Dan Williams
2025-07-29 15:58 ` Jonathan Cameron
2025-08-06 21:55 ` dan.j.williams
2025-08-07 22:49 ` Bjorn Helgaas
2025-07-17 18:33 ` [PATCH v4 10/10] samples/devsec: Add sample IDE establishment Dan Williams
2025-07-29 16:06 ` Jonathan Cameron
2025-07-18 10:57 ` [PATCH v4 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aJIo4riWyW7fRtal@yilunxu-OptiPlex-7050 \
--to=yilun.xu@linux.intel.com \
--cc=aik@amd.com \
--cc=bhelgaas@google.com \
--cc=dan.j.williams@intel.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=sameo@rivosinc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox