From: Alexey Kardashevskiy <aik@amd.com>
To: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>,
Dan Williams <dan.j.williams@intel.com>,
linux-pci@vger.kernel.org, linux-coco@lists.linux.dev
Cc: gregkh@linuxfoundation.org, bhelgaas@google.com, lukas@wunner.de,
"Andy Lutomirski" <luto@kernel.org>,
"Borislav Petkov" <bp@alien8.de>,
"Christoph Hellwig" <hch@lst.de>,
"Danilo Krummrich" <dakr@kernel.org>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Ilpo Järvinen" <ilpo.jarvinen@linux.intel.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Jonathan Cameron" <jonathan.cameron@huawei.com>,
"Marek Szyprowski" <m.szyprowski@samsung.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
"Robin Murphy" <robin.murphy@arm.com>,
"Roman Kisel" <romank@linux.microsoft.com>,
"Samuel Ortiz" <sameo@rivosinc.com>,
"Suzuki K Poulose" <suzuki.poulose@arm.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Xu Yilun" <yilun.xu@linux.intel.com>
Subject: Re: [PATCH resend v6 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP)
Date: Fri, 19 Sep 2025 14:17:23 +1000 [thread overview]
Message-ID: <6e8a11ac-21ac-4260-b8ec-54bdb058fbe4@amd.com> (raw)
In-Reply-To: <yq5azfau7fpq.fsf@kernel.org>
On 16/9/25 22:18, Aneesh Kumar K.V wrote:
> Dan Williams <dan.j.williams@intel.com> writes:
>
>> [apologies for the duplicates, I flubbed my mailing list aliases]
>>
>> Changes since v5 [1]:
>> - Add @tsm_dev parameter to 'struct pci_tsm_link_ops::probe()' (Alexey)
>> - Fix to_pci_tsm_pf0() to walk to the DSM device (Alexey)
>> - Fix IDE establishment "default stream" setting regression (Alexey)
>> - Fix pci_ide_stream_enable() in the presence of devices that delay the
>> "secure" transition to K_SET_GO (Alexey)
>> - Make sure pci_ide_stream_enable() has a unique error code for the
>> "failed to go to secure state" case. (Alexey)
>> - Clarify that pci_tsm_connect() unconditionally probes all potential
>> TDIs (Alexey)
>> - Rename 'struct pci_tsm_security_ops' to 'struct pci_tsm_devsec_ops'
>> (Alexey)
>> - Add @tsm_dev parameter to 'struct pci_tsm_devsec_ops::lock()' (Alexey)
>> - Pass 'struct pci_tsm *' to 'struct pci_tsm_devsec_ops::unlock()' (Alexey)
>> - Rename 'struct pci_tsm::dsm' 'struct pci_tsm::dsm_dev' (Aneesh)
>> - Rename 'struct pci_tsm_pf0::base' to 'struct pci_tsm_pf0::base_tsm'
>> (Aneesh)
>> - Make definition of 'struct tsm_dev' public, drop tsm_name() and
>> tsm_pci_ops() helpers.
>> - Drop __devsec_pci_ops (delayed cleanup now possible with 'struct
>> tsm_dev' public) (Jonathan)
>> - Revive pci_tsm_doe_transfer() (Aneesh)
>> - Fix tsm_unregister() to not assume that all TSMs implement PCI
>> operations
>>
>> [1]: http://lore.kernel.org/20250827035126.1356683-1-dan.j.williams@intel.com
>>
>> This set is available at
>> https://git.kernel.org/pub/scm/linux/kernel/git/devsec/tsm.git/log/?h=staging
>> (rebasing branch) or devsec-20250911 (immutable tag). It passes a basic
>> smoke test that exercises load/unload of the samples/devsec/ modules and
>> connect/disconnect of the emulated device. Note that tag also has a
>> preview of changes that will be included in v2 of "[PATCH 0/7] PCI/TSM:
>> TEE I/O infrastructure" [2].
>>
>> [2]: http://lore.kernel.org/20250827035259.1356758-1-dan.j.williams@intel.com
>>
>> Status: ->connect() flow is nearly settled
>> ------------------------------------------
>> The review feedback continues to slow. Various folks have had their
>> naming and organization preferences adopted so I feel comfortable
>> calling this a consensus branch. Let us leave any further requests for
>> naming changes to Bjorn.
>>
>> This version seems suitable for proceeding to linux-next inclusion. That
>> inclusion depends on the guest side TEE I/O infrastructure also
>> settling. That guest set definitely needs at least a v2 [2]. In short,
>> PCI core infrastructure for TEE I/O (both host and guest) targeting
>> linux-next inclusion post v6.18-rc1.
>>
>> Next steps:
>> -----------
>> - Stage at least one vendor ->connect() implementation on top of a
>> tsm.git#staging snapshot.
>>
>> - Find an arrangement to supplement samples/devsec/ regression testing
>> with IDE establishment / "connect()" flow regression testing.
>>
>> Original Cover letter:
>> ----------------------
>>
>> Trusted execution environment (TEE) Device Interface Security Protocol
>> (TDISP) is a chapter name in the PCI specification. It describes an
>> alphabet soup of mechanisms, SPDM, CMA, IDE, TSM/DSM, that system
>> software uses to establish trust in a device and assign it to a
>> confidential virtual machine (CVM). It is protocol for dynamically
>> extending the trusted computing boundary (TCB) of a CVM with a PCI
>> device interface that can issue DMA to CVM private memory.
>>
>> The acronym soup problem is enhanced by every major platform vendor
>> having distinct TEE Security Manager (TSM) API implementations /
>> capabilities, and to a lesser extent, every potential endpoint Device
>> Security Manager (DSM) having its own idiosyncratic behaviors around
>> TDISP state transitions.
>>
>> Despite all that opportunity for differentiation, there is a significant
>> portion of the implementation that is cross-vendor common. However, it
>> is difficult to develop, debate, test and settle all those pieces absent
>> a low level TSM driver implementation to pull it all together.
>>
>> The proposal, of which this set is the first phase, is incrementally
>> develop the shared infrastructure on top of a sample TSM driver
>> implementation to enable clean vendor agnostic discussions about the
>> commons. "samples/devsec/" is meant to be: just enough emulation to
>> exercise all the core infrastructure, a reference implementation, and a
>> simple unit test. The sample also enables coordination with the native
>> PCI device security effort [3].
>>
>> [3]: http://lore.kernel.org/cover.1719771133.git.lukas@wunner.de
>>
>> Dan Williams (10):
>> coco/tsm: Introduce a core device for TEE Security Managers
>> PCI/IDE: Enumerate Selective Stream IDE capabilities
>> PCI: Introduce pci_walk_bus_reverse(), for_each_pci_dev_reverse()
>> PCI/TSM: Authenticate devices via platform TSM
>> samples/devsec: Introduce a PCI device-security bus + endpoint sample
>> PCI: Add PCIe Device 3 Extended Capability enumeration
>> PCI/IDE: Add IDE establishment helpers
>> PCI/IDE: Report available IDE streams
>> PCI/TSM: Report active IDE streams
>> samples/devsec: Add sample IDE establishment
>>
>> Documentation/ABI/testing/sysfs-bus-pci | 51 ++
>> Documentation/ABI/testing/sysfs-class-tsm | 19 +
>> .../ABI/testing/sysfs-devices-pci-host-bridge | 26 +
>> Documentation/driver-api/pci/index.rst | 1 +
>> Documentation/driver-api/pci/tsm.rst | 12 +
>> MAINTAINERS | 7 +-
>> drivers/base/bus.c | 38 +
>> drivers/pci/Kconfig | 29 +
>> drivers/pci/Makefile | 2 +
>> drivers/pci/bus.c | 38 +
>> drivers/pci/doe.c | 2 -
>> drivers/pci/ide.c | 584 ++++++++++++++
>> drivers/pci/pci-sysfs.c | 4 +
>> drivers/pci/pci.h | 19 +
>> drivers/pci/probe.c | 28 +-
>> drivers/pci/remove.c | 6 +
>> drivers/pci/search.c | 62 +-
>> drivers/pci/tsm.c | 627 +++++++++++++++
>> drivers/virt/coco/Kconfig | 3 +
>> drivers/virt/coco/Makefile | 1 +
>> drivers/virt/coco/tsm-core.c | 166 ++++
>> include/linux/device/bus.h | 3 +
>> include/linux/pci-doe.h | 4 +
>> include/linux/pci-ide.h | 75 ++
>> include/linux/pci-tsm.h | 159 ++++
>> include/linux/pci.h | 36 +
>> include/linux/tsm.h | 14 +
>> include/uapi/linux/pci_regs.h | 89 +++
>> samples/Kconfig | 19 +
>> samples/Makefile | 1 +
>> samples/devsec/Makefile | 10 +
>> samples/devsec/bus.c | 737 ++++++++++++++++++
>> samples/devsec/common.c | 26 +
>> samples/devsec/devsec.h | 40 +
>> samples/devsec/link_tsm.c | 242 ++++++
>> 35 files changed, 3167 insertions(+), 13 deletions(-)
>> create mode 100644 Documentation/ABI/testing/sysfs-class-tsm
>> create mode 100644 Documentation/driver-api/pci/tsm.rst
>> create mode 100644 drivers/pci/ide.c
>> create mode 100644 drivers/pci/tsm.c
>> create mode 100644 drivers/virt/coco/tsm-core.c
>> create mode 100644 include/linux/pci-ide.h
>> create mode 100644 include/linux/pci-tsm.h
>> create mode 100644 samples/devsec/Makefile
>> create mode 100644 samples/devsec/bus.c
>> create mode 100644 samples/devsec/common.c
>> create mode 100644 samples/devsec/devsec.h
>> create mode 100644 samples/devsec/link_tsm.c
>>
>>
>> base-commit: 650d64cdd69122cc60d309f2f5fd72bbc080dbd7
>> --
>> 2.51.0
>>
>
> The corresponding Arm CCA changes based on this version of the TSM core
> infrastructure can be found at:
>
> https://git.gitlab.arm.com/linux-arm/linux-cca.git cca/tdisp-upstream-post-v1.2
> https://git.gitlab.arm.com/linux-arm/kvmtool-cca.git cca/tdisp-upstream-post-v1.2
>
> These changes are still based on the ALP12 specification. I am not
> reposting the series yet, as I plan to rebase the v2 patchset against
> the ALP16 version of the spec. Those changes are not ready at this point.
>
> -aneesh
Here are my trees:
https://github.com/AMDESE/linux-kvm/tree/tsm
https://github.com/AMDESE/qemu/tree/tsm
I'll repost after I adopt "x86/ioremap, resource: Introduce IORES_DESC_ENCRYPTED for encrypted PCI MMIO" (hopefully soon).
Thanks,
--
Alexey
next prev parent reply other threads:[~2025-09-19 4:17 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-11 23:56 [PATCH resend v6 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 01/10] coco/tsm: Introduce a core device for TEE Security Managers Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 02/10] PCI/IDE: Enumerate Selective Stream IDE capabilities Dan Williams
2025-09-15 16:32 ` Jonathan Cameron
2025-09-11 23:56 ` [PATCH resend v6 03/10] PCI: Introduce pci_walk_bus_reverse(), for_each_pci_dev_reverse() Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 04/10] PCI/TSM: Authenticate devices via platform TSM Dan Williams
2025-09-15 11:27 ` Alexey Kardashevskiy
2025-09-19 20:15 ` dan.j.williams
2025-09-22 12:26 ` Alexey Kardashevskiy
2025-09-25 23:00 ` dan.j.williams
2025-09-26 1:14 ` Alexey Kardashevskiy
2025-09-15 11:37 ` Alexey Kardashevskiy
2025-09-19 20:29 ` dan.j.williams
2025-09-11 23:56 ` [PATCH resend v6 05/10] samples/devsec: Introduce a PCI device-security bus + endpoint sample Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 06/10] PCI: Add PCIe Device 3 Extended Capability enumeration Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 07/10] PCI/IDE: Add IDE establishment helpers Dan Williams
2025-09-16 0:14 ` Alexey Kardashevskiy
2025-09-25 19:54 ` dan.j.williams
2025-09-11 23:56 ` [PATCH resend v6 08/10] PCI/IDE: Report available IDE streams Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 09/10] PCI/TSM: Report active " Dan Williams
2025-09-11 23:56 ` [PATCH resend v6 10/10] samples/devsec: Add sample IDE establishment Dan Williams
2025-09-16 12:18 ` [PATCH resend v6 00/10] PCI/TSM: Core infrastructure for PCI device security (TDISP) Aneesh Kumar K.V
2025-09-19 4:17 ` Alexey Kardashevskiy [this message]
2025-09-19 12:17 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6e8a11ac-21ac-4260-b8ec-54bdb058fbe4@amd.com \
--to=aik@amd.com \
--cc=aneesh.kumar@kernel.org \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=dakr@kernel.org \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@lst.de \
--cc=hpa@zytor.com \
--cc=ilpo.jarvinen@linux.intel.com \
--cc=jgg@ziepe.ca \
--cc=jonathan.cameron@huawei.com \
--cc=linux-coco@lists.linux.dev \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael@kernel.org \
--cc=robin.murphy@arm.com \
--cc=romank@linux.microsoft.com \
--cc=sameo@rivosinc.com \
--cc=suzuki.poulose@arm.com \
--cc=tglx@linutronix.de \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox