From: Lukas Wunner <lukas@wunner.de>
To: Bjorn Helgaas <helgaas@kernel.org>
Cc: Alistair Francis <alistair@alistair23.me>,
Jonathan.Cameron@huawei.com, linux-kernel@vger.kernel.org,
rust-for-linux@vger.kernel.org, akpm@linux-foundation.org,
bhelgaas@google.com, linux-pci@vger.kernel.org,
linux-cxl@vger.kernel.org, bjorn3_gh@protonmail.com,
ojeda@kernel.org, tmgross@umich.edu, boqun.feng@gmail.com,
benno.lossin@proton.me, a.hindborg@kernel.org,
wilfred.mallawa@wdc.com, alistair23@gmail.com,
alex.gaynor@gmail.com, gary@garyguo.net, aliceryhl@google.com
Subject: Re: [RFC 3/6] lib: rspdm: Initial commit of Rust SPDM
Date: Sat, 23 Nov 2024 17:14:05 +0100 [thread overview]
Message-ID: <Z0H_TYOPegVrkM9o@wunner.de> (raw)
In-Reply-To: <20241122173104.GA2432309@bhelgaas>
On Fri, Nov 22, 2024 at 11:31:04AM -0600, Bjorn Helgaas wrote:
> On Fri, Nov 15, 2024 at 03:46:13PM +1000, Alistair Francis wrote:
> > +++ b/lib/Kconfig
> > @@ -754,6 +754,23 @@ config SPDM
> > in .config. Drivers selecting SPDM therefore need to also select
> > any algorithms they deem mandatory.
> >
> > +config RSPDM
> > + bool "Rust SPDM"
> > + select CRYPTO
> > + select KEYS
> > + select ASYMMETRIC_KEY_TYPE
> > + select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> > + select X509_CERTIFICATE_PARSER
> > + depends on SPDM = "n"
> > + help
> > + The Rust implementation of the Security Protocol and Data Model (SPDM)
> > + allows for device authentication, measurement, key exchange and
> > + encrypted sessions.
> > +
> > + Crypto algorithms negotiated with SPDM are limited to those enabled
> > + in .config. Drivers selecting SPDM therefore need to also select
> > + any algorithms they deem mandatory.
>
> Maybe this (and config SPDM) should be tweaked to mention drivers that
> *depend* on SPDM or RSPDM, since they no longer use "select"?
>
> PCI_CMA, which currently depends on SPDM, doesn't really look like a
> "driver", so maybe it should say "users of SPDM" or "features
> depending on SPDM" or something?
I anticipate that the SPDM library will eventually be used by at least
two actual drivers: NVMe and an x86 platform driver for Intel SDSi
(Software Defined Silicon). SCSI and ATA may follow suit.
Thus, although the PCI core may be the first user, the majority of
users will likely be actual drivers, which is why I've used that
term in the help text.
Referring to "users" instead of "drivers" may be misunderstood as
users in the sense of people using the kernel. In particular because
the help text is seen by such users. The terms "subsystems" or "features"
don't seem to be as clear as "drivers" IMO.
Thanks,
Lukas
next prev parent reply other threads:[~2024-11-23 16:14 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-15 5:46 [RFC 0/6] lib: Rust implementation of SPDM Alistair Francis
2024-11-15 5:46 ` [RFC 1/6] rust: bindings: Support SPDM bindings Alistair Francis
2024-11-15 17:53 ` Bjorn Helgaas
2024-11-15 18:00 ` Miguel Ojeda
2024-11-15 5:46 ` [RFC 2/6] drivers: pci: Change CONFIG_SPDM to a dependency Alistair Francis
2024-11-15 17:58 ` Bjorn Helgaas
2024-11-22 15:30 ` Jonathan Cameron
2024-11-22 15:36 ` Miguel Ojeda
2024-11-22 17:23 ` Bjorn Helgaas
2024-11-22 18:22 ` Jonathan Cameron
2024-11-15 5:46 ` [RFC 3/6] lib: rspdm: Initial commit of Rust SPDM Alistair Francis
2024-11-15 17:15 ` Miguel Ojeda
2024-11-15 22:53 ` Dan Williams
2024-11-19 4:24 ` Alistair Francis
2024-11-22 17:31 ` Bjorn Helgaas
2024-11-23 16:14 ` Lukas Wunner [this message]
2024-11-15 5:46 ` [RFC 4/6] lib: rspdm: Support SPDM get_version Alistair Francis
2024-11-15 5:46 ` [RFC 5/6] lib: rspdm: Support SPDM get_capabilities Alistair Francis
2024-11-15 5:46 ` [RFC 6/6] lib: rspdm: Support SPDM negotiate_algorithms Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z0H_TYOPegVrkM9o@wunner.de \
--to=lukas@wunner.de \
--cc=Jonathan.Cameron@huawei.com \
--cc=a.hindborg@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=alistair23@gmail.com \
--cc=alistair@alistair23.me \
--cc=benno.lossin@proton.me \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=gary@garyguo.net \
--cc=helgaas@kernel.org \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
--cc=wilfred.mallawa@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).