From: "Dan Williams (nvidia)" <djbw@kernel.org>
To: Alistair Francis <alistair23@gmail.com>,
alistair@alistair23.me, linux-kernel@vger.kernel.org,
lukas@wunner.de, bhelgaas@google.com,
rust-for-linux@vger.kernel.org, akpm@linux-foundation.org,
linux-cxl@vger.kernel.org, djbw@kernel.org,
linux-pci@vger.kernel.org, jic23@kernel.org
Cc: alex.gaynor@gmail.com, wilfred.mallawa@wdc.com,
gary@garyguo.net, bjorn3_gh@protonmail.com,
benno.lossin@proton.me, aliceryhl@google.com,
boqun.feng@gmail.com, a.hindborg@kernel.org,
tmgross@umich.edu, ojeda@kernel.org,
Alistair Francis <alistair.francis@wdc.com>
Subject: Re: [PATCH 08/18] PCI/TSM: Support connecting to PCIe CMA devices
Date: Thu, 18 Jun 2026 15:51:18 -0700 [thread overview]
Message-ID: <6a34766613a27_299c3a1001b@djbw-dev.notmuch> (raw)
In-Reply-To: <CAKmqyKPc4hMYg5ARw3RH8KJwWfk-1CMT5zqnVrbhtdT1X3Z0aA@mail.gmail.com>
Alistair Francis wrote:
> On Wed, May 20, 2026 at 3:56 PM Alistair Francis <alistair23@gmail.com> wrote:
> >
> > On Fri, May 8, 2026 at 1:18 PM <alistair23@gmail.com> wrote:
> > >
> > > From: Alistair Francis <alistair.francis@wdc.com>
> > >
> > > In the next patch we are going to add a PCIe CMA TSM driver, as such we
> > > need to ensure that is_pci_tsm_pf0() will allow us to connect to CMA
> > > capable devices. These devices don't necessarily has DEVCAP_TEE or IDE
> > > support.
> > >
> > > As such for Root Complex Integrated Endpoint (PCI_EXP_TYPE_RC_END) we
> > > also check for the CMA DOE feature.
> >
> > @Dan Williams this is the patch I really need your thoughts on.
> >
> > The current upstream pci_tsm code only works if IDE or TDISP is
> > supported, which isn't true for CMA support.
> >
> > This patch works around that, but the more I think about it the
> > hackier it is. I have a local change that reverts this and
> > updates`tsm.c` to work with a DSM (`->dsm_dev` is NULL), but that
> > doesn't feel right either. Do you have a better idea or how to enable
> > a CMA TSM driver?
>
> Gentle ping on this. Any thoughts here?
Apologies for not replying to this sooner.
A Device Security Manager (DSM) at a minimum provides device evidence
validation and retrieval (CMA).
So my only comments on this 08/18 patch would be why is:
pci_find_doe_mailbox(pdev, PCI_VENDOR_ID_PCI_SIG, PCI_DOE_FEATURE_CMA);
...limited to root complex integrated endpoints? That capability could
appear anywhere.
No need for ->dsm_dev to be NULL, it reflects the truth that the device
being connected also hosts the DOE mailbox.
Perhaps the discomfort arises from the fact that CMA can appear on any
function while IDE and TDISP are limited to physical function0? I agree
that needs some fixups to convert the "pf0" naming to "host". Where a
pci_tsm_host is any device that knows how to speak any of CMA, IDE, or
TDISP.
In the case where a device has CMA on multiple functions, ->connect()
hould be allowed. It only comes into conflict if function0 supports
TDISP and has claimed all the sub-functions before ->connect() is
attempted on a sub-function. That seems a rare corner case.
next prev parent reply other threads:[~2026-06-18 22:51 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-08 3:16 [PATCH 00/18] lib: Rust implementation of SPDM alistair23
2026-05-08 3:16 ` [PATCH 01/18] rust: add untrusted data abstraction alistair23
2026-05-08 3:52 ` sashiko-bot
2026-05-08 5:17 ` Dirk Behme
2026-05-15 5:49 ` Alistair Francis
2026-05-08 3:16 ` [PATCH 02/18] X.509: Make certificate parser public alistair23
2026-05-08 3:45 ` sashiko-bot
2026-05-14 7:22 ` Lukas Wunner
2026-05-08 3:16 ` [PATCH 03/18] X.509: Parse Subject Alternative Name in certificates alistair23
2026-05-08 3:16 ` [PATCH 04/18] X.509: Move certificate length retrieval into new helper alistair23
2026-05-08 3:39 ` sashiko-bot
2026-05-14 6:59 ` Lukas Wunner
2026-05-08 3:16 ` [PATCH 05/18] rust: add bindings for hash.h alistair23
2026-05-08 3:43 ` sashiko-bot
2026-05-08 3:16 ` [PATCH 06/18] rust: error: impl From<FromBytesWithNulError> for Kernel Error alistair23
2026-05-08 3:51 ` sashiko-bot
2026-05-08 3:16 ` [PATCH 07/18] lib: rspdm: Initial commit of Rust SPDM alistair23
2026-05-08 3:41 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 08/18] PCI/TSM: Support connecting to PCIe CMA devices alistair23
2026-05-20 5:56 ` Alistair Francis
2026-06-18 2:04 ` Alistair Francis
2026-06-18 22:51 ` Dan Williams (nvidia) [this message]
2026-05-08 3:17 ` [PATCH 09/18] PCI/CMA: Add a PCI TSM CMA driver using SPDM alistair23
2026-05-08 5:02 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 10/18] PCI/CMA: Validate Subject Alternative Name in certificates alistair23
2026-05-08 3:58 ` sashiko-bot
2026-05-14 2:45 ` Alistair Francis
2026-05-14 13:14 ` Lukas Wunner
2026-05-08 3:17 ` [PATCH 11/18] lib: rspdm: Support SPDM get_version alistair23
2026-05-08 3:50 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 12/18] lib: rspdm: Support SPDM get_capabilities alistair23
2026-05-08 4:05 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 13/18] lib: rspdm: Support SPDM negotiate_algorithms alistair23
2026-05-08 4:05 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 14/18] lib: rspdm: Support SPDM get_digests alistair23
2026-05-08 4:06 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 15/18] lib: rspdm: Support SPDM get_certificate alistair23
2026-05-08 4:23 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 16/18] lib: rspdm: Support SPDM certificate validation alistair23
2026-05-08 4:25 ` sashiko-bot
2026-05-08 3:17 ` [PATCH 17/18] rust: allow extracting the buffer from a CString alistair23
2026-05-08 3:17 ` [PATCH 18/18] lib: rspdm: Support SPDM challenge alistair23
2026-05-08 4:19 ` sashiko-bot
2026-05-17 8:09 ` Dirk Behme
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6a34766613a27_299c3a1001b@djbw-dev.notmuch \
--to=djbw@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=alistair.francis@wdc.com \
--cc=alistair23@gmail.com \
--cc=alistair@alistair23.me \
--cc=benno.lossin@proton.me \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=gary@garyguo.net \
--cc=jic23@kernel.org \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
--cc=wilfred.mallawa@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox