Re: [PATCH v7 1/9] coco/tsm: Introduce a core device for TEE Security Managers

linux-pci.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: <dan.j.williams@intel.com>
To: "Carlos López" <clopez@suse.de>,
	"Dan Williams" <dan.j.williams@intel.com>,
	linux-coco@lists.linux.dev, linux-pci@vger.kernel.org
Cc: <aik@amd.com>, <yilun.xu@linux.intel.com>,
	<aneesh.kumar@kernel.org>, <bhelgaas@google.com>,
	<gregkh@linuxfoundation.org>,
	Jonathan Cameron <jonathan.cameron@huawei.com>
Subject: Re: [PATCH v7 1/9] coco/tsm: Introduce a core device for TEE Security Managers
Date: Thu, 30 Oct 2025 16:16:15 -0700	[thread overview]
Message-ID: <6903f1bf4c4dc_58c191003f@dwillia2-mobl4.notmuch> (raw)
In-Reply-To: <74df9e1d-69f4-43e6-89fe-3290b94ab8dd@suse.de>

Carlos López wrote:
> Hi,
> 
> On 10/24/25 4:04 AM, Dan Williams wrote:
> > A "TSM" is a platform component that provides an API for securely
> > provisioning resources for a confidential guest (TVM) to consume. The
> > name originates from the PCI specification for platform agent that
> > carries out operations for PCIe TDISP (TEE Device Interface Security
> > Protocol).
> > 
> > Instances of this core device are parented by a device representing the
> > platform security function like CONFIG_CRYPTO_DEV_CCP or
> > CONFIG_INTEL_TDX_HOST.
> > 
> > This device interface is a frontend to the aspects of a TSM and TEE I/O
> > that are cross-architecture common. This includes mechanisms like
> > enumerating available platform TEE I/O capabilities and provisioning
> > connections between the platform TSM and device DSMs (Device Security
> > Manager (TDISP)).
> > 
> > For now this is just the scaffolding for registering a TSM device sysfs
> > interface.
> > 
> > Cc: Alexey Kardashevskiy <aik@amd.com>
> > Cc: Xu Yilun <yilun.xu@linux.intel.com>
> > Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com>
> > Co-developed-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@kernel.org>
> > Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@kernel.org>
> > Acked-by: Bjorn Helgaas <bhelgaas@google.com>
> > Signed-off-by: Dan Williams <dan.j.williams@intel.com>
[..]
> > diff --git a/drivers/virt/coco/tsm-core.c b/drivers/virt/coco/tsm-core.c
> > new file mode 100644
> > index 000000000000..a64b776642cf
> > --- /dev/null
> > +++ b/drivers/virt/coco/tsm-core.c
> > @@ -0,0 +1,109 @@
> > +// SPDX-License-Identifier: GPL-2.0-only
> > +/* Copyright(c) 2024 Intel Corporation. All rights reserved. */
> > +
> > +#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
> > +
> > +#include <linux/tsm.h>
> > +#include <linux/idr.h>
> > +#include <linux/rwsem.h>
> > +#include <linux/device.h>
> > +#include <linux/module.h>
> > +#include <linux/cleanup.h>
> > +
> > +static struct class *tsm_class;
> > +static DECLARE_RWSEM(tsm_rwsem);
> > +static DEFINE_IDR(tsm_idr);
> 
> The IDR documentation states it is deprecated and one should use XArray
> in its place. Is there any particular reason to use IDR instead in this
> patch series?

No, not really. I forgot that IDR is not just an xarray wrapper like
IDA. Will switch and would not say "no" to someone teaching checkpatch
to flag new IDR usage. Save others missing that note in
Documentation/core-api/idr.rst.

next prev parent reply	other threads:[~2025-10-30 23:16 UTC|newest]

Thread overview: 43+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-24  2:04 [PATCH v7 0/9] PCI/TSM: Core infrastructure for PCI device security (TDISP) Dan Williams
2025-10-24  2:04 ` [PATCH v7 1/9] coco/tsm: Introduce a core device for TEE Security Managers Dan Williams
2025-10-29 13:33   ` Jonathan Cameron
2025-10-29 23:47     ` dan.j.williams
2025-10-30  1:00   ` Alexey Kardashevskiy
2025-10-30  9:04   ` Carlos López
2025-10-30 23:16     ` dan.j.williams [this message]
2025-10-24  2:04 ` [PATCH v7 2/9] PCI/IDE: Enumerate Selective Stream IDE capabilities Dan Williams
2025-10-29 13:42   ` Jonathan Cameron
2025-10-29 23:55     ` dan.j.williams
2025-10-30  0:59   ` Alexey Kardashevskiy
2025-10-30 21:13     ` dan.j.williams
2025-10-30 21:37     ` Bjorn Helgaas
2025-10-30 23:56       ` Alexey Kardashevskiy
2025-10-31  0:34         ` dan.j.williams
2025-10-31  1:20         ` Bjorn Helgaas
2025-10-30  8:34   ` Aneesh Kumar K.V
2025-10-24  2:04 ` [PATCH v7 3/9] PCI: Introduce pci_walk_bus_reverse(), for_each_pci_dev_reverse() Dan Williams
2025-10-29 14:00   ` Jonathan Cameron
2025-10-29 16:05     ` dan.j.williams
2025-10-30 19:36     ` dan.j.williams
2025-10-24  2:04 ` [PATCH v7 4/9] PCI/TSM: Establish Secure Sessions and Link Encryption Dan Williams
2025-10-26  3:18   ` kernel test robot
2025-10-29 15:53   ` Jonathan Cameron
2025-10-30 19:56     ` dan.j.williams
2025-10-30  1:13   ` Alexey Kardashevskiy
2025-10-30  8:35   ` Aneesh Kumar K.V
2025-10-24  2:04 ` [PATCH v7 5/9] PCI: Add PCIe Device 3 Extended Capability enumeration Dan Williams
2025-10-24  2:04 ` [PATCH v7 6/9] PCI: Establish document for PCI host bridge sysfs attributes Dan Williams
2025-10-29 16:04   ` Jonathan Cameron
2025-10-24  2:04 ` [PATCH v7 7/9] PCI/IDE: Add IDE establishment helpers Dan Williams
2025-10-25 16:53   ` Aneesh Kumar K.V
2025-10-29 18:57     ` dan.j.williams
2025-10-29 16:25   ` Jonathan Cameron
2025-10-24  2:04 ` [PATCH v7 8/9] PCI/IDE: Report available IDE streams Dan Williams
2025-10-29 16:31   ` Jonathan Cameron
2025-10-30 20:48     ` dan.j.williams
2025-10-24  2:04 ` [PATCH v7 9/9] PCI/TSM: Report active " Dan Williams
2025-10-29 16:34   ` Jonathan Cameron
2025-10-30 21:03     ` dan.j.williams
2025-10-30  2:05   ` Alexey Kardashevskiy
2025-10-27 10:01 ` [PATCH v7 0/9] PCI/TSM: Core infrastructure for PCI device security (TDISP) Aneesh Kumar K.V
2025-10-29  5:20   ` Alexey Kardashevskiy

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6903f1bf4c4dc_58c191003f@dwillia2-mobl4.notmuch \
    --to=dan.j.williams@intel.com \
    --cc=aik@amd.com \
    --cc=aneesh.kumar@kernel.org \
    --cc=bhelgaas@google.com \
    --cc=clopez@suse.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=jonathan.cameron@huawei.com \
    --cc=linux-coco@lists.linux.dev \
    --cc=linux-pci@vger.kernel.org \
    --cc=yilun.xu@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).