Cover Letter Detail
Show a cover letter.
GET /api/1.2/covers/2234735/?format=api
{ "id": 2234735, "url": "http://patchwork.ozlabs.org/api/1.2/covers/2234735/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-pci/cover/20260508031710.514574-1-alistair.francis@wdc.com/", "project": { "id": 28, "url": "http://patchwork.ozlabs.org/api/1.2/projects/28/?format=api", "name": "Linux PCI development", "link_name": "linux-pci", "list_id": "linux-pci.vger.kernel.org", "list_email": "linux-pci@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260508031710.514574-1-alistair.francis@wdc.com>", "list_archive_url": null, "date": "2026-05-08T03:16:52", "name": "[00/18] lib: Rust implementation of SPDM", "submitter": { "id": 64571, "url": "http://patchwork.ozlabs.org/api/1.2/people/64571/?format=api", "name": "Alistair Francis", "email": "alistair23@gmail.com" }, "mbox": "http://patchwork.ozlabs.org/project/linux-pci/cover/20260508031710.514574-1-alistair.francis@wdc.com/mbox/", "series": [ { "id": 503312, "url": "http://patchwork.ozlabs.org/api/1.2/series/503312/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-pci/list/?series=503312", "date": "2026-05-08T03:16:52", "name": "lib: Rust implementation of SPDM", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/503312/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/covers/2234735/comments/", "headers": { "Return-Path": "\n <linux-pci+bounces-54155-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "linux-pci@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20251104 header.b=IiSk8ZWy;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.105.105.114; helo=tor.lore.kernel.org;\n envelope-from=linux-pci+bounces-54155-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=\"IiSk8ZWy\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=209.85.215.169", "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=gmail.com" ], "Received": [ "from tor.lore.kernel.org (tor.lore.kernel.org [172.105.105.114])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4gBZ794jH4z1yCg\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 08 May 2026 13:17:41 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id 2BCDA30436B7\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 8 May 2026 03:17:31 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id E972E1F3B85;\n\tFri, 8 May 2026 03:17:25 +0000 (UTC)", "from mail-pg1-f169.google.com (mail-pg1-f169.google.com\n [209.85.215.169])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 3797623AE62\n\tfor <linux-pci@vger.kernel.org>; Fri, 8 May 2026 03:17:23 +0000 (UTC)", "by mail-pg1-f169.google.com with SMTP id\n 41be03b00d2f7-c7980c060cfso660692a12.2\n for <linux-pci@vger.kernel.org>; Thu, 07 May 2026 20:17:23 -0700 (PDT)", "from toolbx.alistair23.me ([2403:581e:fdf9:0:6209:4521:6813:45b7])\n by smtp.gmail.com with ESMTPSA id\n d9443c01a7336-2baf1eafa62sm3220685ad.74.2026.05.07.20.17.14\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 07 May 2026 20:17:21 -0700 (PDT)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1778210245; cv=none;\n b=DFh5BEAH/rguqoKB7EHbWYWN8SQ+6j6dJScJAFERld5XoGPzQqovHDjnllnp2f4A+lY+hYtbh/ZIbAQH+0QJVgotx700vRCDOte5VfhX5naQXSwi+BO2aGC+LocsRteFfjo5SzYPfsTm9u3PJCoBbENCHGR88lNAFIFQ4t5Zi00=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1778210245; c=relaxed/simple;\n\tbh=olWEdOC0npplVm/+buubaUjCS1b7j/tqkVFbPLXQiHM=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type;\n b=TU5hRnR8ulP+3MTQNiEacg9kMd1fgtaYXI3NSz6yU2aG8M7I5UUil6wtDmN2q3pSy8RVVn6sbCxEN4KBiAHGT56EozxwK/s87P53HWLCM+ZMo280jWP2GUK4Fp4AtHT0fBZlmnnKOnvG5ELDmDRYXQg//AftJBgQqGzcl7z+Ewo=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com;\n spf=pass smtp.mailfrom=gmail.com;\n dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=IiSk8ZWy; arc=none smtp.client-ip=209.85.215.169", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=gmail.com; s=20251104; t=1778210242; x=1778815042;\n darn=vger.kernel.org;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:from:to:cc:subject:date:message-id:reply-to;\n bh=Bis4g28b9JZNcXJXn6/4Wkgj50FVt3cnNrHRU3VMTEw=;\n b=IiSk8ZWymzWQazaVn/OelvOm0vt83ny7x4TNvh2Usgwwz+SR809iwWZNAknwc33WP8\n mOdQ1QEAUvZ8+BZvIyL74MVEkmHQ1ELC7q0G/h+wF6sbsDXqDV+Cvp6ecPMBgIwp+4kJ\n 6PTHbpc28u875YFUnyE0KSNe5xWViCj2SZ5V5E3twsXqOjWvc25tdXjpOuBQRZjN+w2Q\n YZ8auPcQ4uq7hNxZ8G0eGLIT7Xu0+iIz1MHZJPkQ8XRsAOhE+9hQcnmMxqmqnpZ+PneZ\n wdJ9tL5P48GZfXY5PCJhKROf+sFdI22UXt/u0iK+gr/5CTcdQzI4n8U93FlGtQtR8haS\n PjtQ==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1778210242; x=1778815042;\n h=content-transfer-encoding:mime-version:message-id:date:subject:cc\n :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=Bis4g28b9JZNcXJXn6/4Wkgj50FVt3cnNrHRU3VMTEw=;\n b=ePH03d8tPzzjSgzZlIgbSqyF/97HmGA2Fibbu+iRXuz1fSn3iOmj2MzruT8VG/GQ3G\n l1mDUaug3PxwXc2CLSrHrwKmJOgT7xhumaNluavXu68jzWeda1F7yzgB/vtN0pwwNdGx\n XvGdtKpzuaq4Mbnhz9ntFCkJGxuEJrAriIifMAEX1nbUJhBHdZp2RIacYEOEtH28t8vW\n U8NQB5jddetprDJI5aH972AiLD1qnP2GSVtjgPWvj6P/fTwjuEUGk5dYN1l7MhbSrT08\n akfRARBTyqYga6ycripJAfutv9HkqOAQ0nDGX9QZxGCY3bCefRf3zix84SIRubu6WqVe\n pm7Q==", "X-Forwarded-Encrypted": "i=1;\n AFNElJ8vI+/DH0O0Fsf+ESZ8n3qpBDGxqc7RS2Lk/eMVyIjpv2F2XL1teWBazEQy/SlAhIsqIAGB/2vFkaY=@vger.kernel.org", "X-Gm-Message-State": "AOJu0YztINMahrdtOsuQKwatdDeXwDVNom2gMRrXC1zlovw8ANLEDaZ1\n\tLQnM2pubY9mzdOeTVvJf5a/rWEEIZfbeQJNbLFgt548cgj/RE0jdjS6J", "X-Gm-Gg": "Acq92OG+TZOm4EP1I3/Ob0wN/h3pbX4dnjPW30uB6SPMSBoASQeewKTgz2u4WdV1H9x\n\t9nMpvvo9JMOsMI6aV34Trscfk3xiIH6HVTyq5C2vB6JibJOwk2Q2lkpRrRycRLBKr067++2b4lp\n\trQYghynHD0PPHzdYwFxAWrSYOIVI057nIpLPNKyPXygydFAT77VnReCdk0zy4zpClKaMIxGG+Ro\n\t0lKlOeY4R5W0HzH5r2mbTdFo9ABW/vrgCNK1pkthDDGuqEDfxlf3g4rDhLfDlO5D9z0gW9cJpPa\n\tKS2Ys3U+f/tNAi1nTBmSzD6G2GOSb2MQo0sG8GwQMhG1w7TRV9dEq6lrKxLXSSWSVswrFXfjDNU\n\tgqlJPGo5YF5StjNbuEZQ5JUFiiDlTsQF2IVhExOk6P8HMzwZ/4Uws4PorR5OtNFM8dUn7MjLeai\n\tK0LeRY71Q1sPY6IcuCB/xWkIJKNDJmWIzuSkp+vgtx45xe84N9usB+KNC4HJbI3w==", "X-Received": "by 2002:a17:903:186:b0:2b7:975c:dacc with SMTP id\n d9443c01a7336-2baf0cf4251mr10476125ad.1.1778210242377;\n Thu, 07 May 2026 20:17:22 -0700 (PDT)", "From": "alistair23@gmail.com", "X-Google-Original-From": "alistair.francis@wdc.com", "To": "alistair@alistair23.me,\n\tlinux-kernel@vger.kernel.org,\n\tlukas@wunner.de,\n\tJonathan.Cameron@huawei.com,\n\tbhelgaas@google.com,\n\trust-for-linux@vger.kernel.org,\n\takpm@linux-foundation.org,\n\tlinux-cxl@vger.kernel.org,\n\tdjbw@kernel.org,\n\tlinux-pci@vger.kernel.org", "Cc": "alex.gaynor@gmail.com,\n\twilfred.mallawa@wdc.com,\n\tgary@garyguo.net,\n\tbjorn3_gh@protonmail.com,\n\tbenno.lossin@proton.me,\n\taliceryhl@google.com,\n\tboqun.feng@gmail.com,\n\ta.hindborg@kernel.org,\n\ttmgross@umich.edu,\n\tojeda@kernel.org,\n\talistair23@gmail.com,\n\tAlistair Francis <alistair.francis@wdc.com>", "Subject": "[PATCH 00/18] lib: Rust implementation of SPDM", "Date": "Fri, 8 May 2026 13:16:52 +1000", "Message-ID": "<20260508031710.514574-1-alistair.francis@wdc.com>", "X-Mailer": "git-send-email 2.52.0", "Precedence": "bulk", "X-Mailing-List": "linux-pci@vger.kernel.org", "List-Id": "<linux-pci.vger.kernel.org>", "List-Subscribe": "<mailto:linux-pci+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:linux-pci+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"utf-8\"", "Content-Transfer-Encoding": "8bit" }, "content": "From: Alistair Francis <alistair.francis@wdc.com>\n\nSecurity Protocols and Data Models (SPDM) [1] is used for authentication,\nattestation and key exchange. SPDM is generally used over a range of\ntransports, such as PCIe, MCTP/SMBus/I3C, ATA, SCSI, NVMe or TCP.\n\nFrom the kernels perspective SPDM is used to authenticate and attest devices.\nIn this threat model a device is considered untrusted until it can be verified\nby the kernel and userspace using SPDM. As such SPDM data is untrusted data\nthat can be mallicious.\n\nThe SPDM specification is also complex, with the 1.2.1 spec being almost 200\npages and the 1.3.0 spec being almost 250 pages long.\n\nAs such we have the kernel parsing untrusted responses from a complex\nspecification, which sounds like a possible exploit vector. This is the type\nof place where Rust excels!\n\nThis series implements a SPDM requester in Rust.\n\nThis is based on Lukas' C implementation [2], but has been refacted during the\nfirst few RFCs. I have included some of the relevent patchesfrom Lukas' C\nSPDM implementation in this series where they are required.\n\nThis is a standalone series and doesn't depend on Lukas' implementation.\n\nThe goal of this series is to get the smallest possible SPDM implementation\nupstream. That will provide building blocks for us to continue working on.\n\nAs such we don't yet provide evidence or certificates to userspace, allow\nuserspace to provide a nonce, support PQC or more advanced SPDM features.\nThis is enough to communicate with a device and return \"authenticated\" to\nuserspace.\n\nNote that RFC v3 did provide evidence and certificates to userspace and\nallowed a custom nonce. Showing that it's possible. I also have patches\nthat build apon [4] to do this via a TSM driver, again showing it's\npossible with the current approach.\nWe just don't support it yet and for TSM I need [4] upstream first.\n\nThis series is different to Lukas' original approach and the approach taken\nin the previous RFCs and instead adds the PCI-CMA support as a TSM driver.\nThis was described by Dan in [3] and [5]. The advantage here is that for PCIe\nwe can leverage the TSM work for a lot of the features and provide userspace\na consistient interface between PCI TSM and CMA.\n\nThis series also doesn't check the certificate chain against the kernel\nkeyring and will instead leave that to userspace once [4] is merged.\n\nOther transport mode (such as ATA, SCSI, NVMe and MCTP) will\ntherefore need slightly different approaches, as TSM doesn't apply.\nThe library can support this though, it will just need some netlink\nand sysfs wrappers added as applicable. This way each transport can support\nSPDM in the way it sees fit.\n\nThe entire tree can be seen here:\nhttps://github.com/alistair23/linux/tree/alistair/spdm-rust-tsm\n\nI'm testing this by running the following\n\n```shell\ncargo run -- --qemu-server response\n\nqemu-system-x86_64 \\\n -nic none \\\n -object rng-random,filename=/dev/urandom,id=rng0 \\\n -device virtio-rng-pci,rng=rng0 \\\n -drive file=deploy/images/qemux86-64/core-image-pcie-qemux86-64.rootfs.ext4,if=virtio,format=raw \\\n -usb -device usb-tablet -usb -device usb-kbd \\\n -cpu Skylake-Client \\\n -machine q35,i8042=off \\\n -smp 4 -m 2G \\\n -drive file=blknvme,if=none,id=mynvme,format=raw \\\n -device nvme,drive=mynvme,serial=deadbeef,spdm_port=2323,spdm_trans=doe \\\n -snapshot \\\n -serial mon:stdio -serial null -nographic \\\n -kernel deploy/images/qemux86-64/bzImage \\\n -append 'root=/dev/vda rw console=ttyS0 console=ttyS1 oprofile.timer=1 tsc=reliable no_timer_check rcupdate.rcu_expedited=1 swiotlb=0 '\n\nls /sys/devices/pci0000:00/0000:00:03.0/\nls /sys/devices/pci0000:00/0000:00:03.0/tsm/\ncat /sys/devices/pci0000:00/0000:00:03.0/authenticated\necho tsm0 > /sys/devices/pci0000:00/0000:00:03.0/tsm/connect\ncat /sys/devices/pci0000:00/0000:00:03.0/authenticated\n```\n\n1: https://www.dmtf.org/standards/spdm\n2: https://lore.kernel.org/all/cover.1719771133.git.lukas@wunner.de/\n3: http://lore.kernel.org/69976d7d39c60_2f4a1009@dwillia2-mobl4.notmuch\n4: https://lore.kernel.org/all/69976d7d39c60_2f4a1009@dwillia2-mobl4.notmuch/\n5: https://lore.kernel.org/lkml/69e19c80b892b_fe0831000@djbw-dev.notmuch/\n\nv1:\n - Add CMA as a TSM driver\n - Initial support for SPDM 1.4\n - Cleanup a range of comments and concerns from RFC\n - Remove kernel keyring checks\nRFC v3:\n - Use netlink to send information to userspace\n - Don't autogenerate Rust helpers\nRFC v2:\n - Drop support for Rust and C implementations\n - Include patches from Lukas to reduce series deps\n - Large code cleanups based on more testing\n - Support for authentication\n\nAlistair Francis (13):\n rust: add bindings for hash.h\n rust: error: impl From<FromBytesWithNulError> for Kernel Error\n lib: rspdm: Initial commit of Rust SPDM\n PCI/TSM: Support connecting to PCIe CMA devices\n PCI/CMA: Add a PCI TSM CMA driver using SPDM\n lib: rspdm: Support SPDM get_version\n lib: rspdm: Support SPDM get_capabilities\n lib: rspdm: Support SPDM negotiate_algorithms\n lib: rspdm: Support SPDM get_digests\n lib: rspdm: Support SPDM get_certificate\n lib: rspdm: Support SPDM certificate validation\n rust: allow extracting the buffer from a CString\n lib: rspdm: Support SPDM challenge\n\nBenno Lossin (1):\n rust: add untrusted data abstraction\n\nLukas Wunner (4):\n X.509: Make certificate parser public\n X.509: Parse Subject Alternative Name in certificates\n X.509: Move certificate length retrieval into new helper\n PCI/CMA: Validate Subject Alternative Name in certificates\n\n MAINTAINERS | 13 +\n crypto/asymmetric_keys/x509_cert_parser.c | 9 +\n crypto/asymmetric_keys/x509_loader.c | 38 +-\n crypto/asymmetric_keys/x509_parser.h | 42 +-\n drivers/pci/Kconfig | 14 +\n drivers/pci/Makefile | 4 +\n drivers/pci/cma.asn1 | 41 +\n drivers/pci/cma.c | 262 +++++\n drivers/pci/doe.c | 3 -\n include/keys/asymmetric-type.h | 2 +\n include/keys/x509-parser.h | 57 ++\n include/linux/oid_registry.h | 3 +\n include/linux/pci-doe.h | 4 +\n include/linux/pci-tsm.h | 11 +-\n include/linux/spdm.h | 39 +\n lib/Kconfig | 17 +\n lib/Makefile | 2 +\n lib/rspdm/Makefile | 10 +\n lib/rspdm/consts.rs | 155 +++\n lib/rspdm/lib.rs | 180 ++++\n lib/rspdm/state.rs | 1070 +++++++++++++++++++++\n lib/rspdm/validator.rs | 524 ++++++++++\n rust/bindings/bindings_helper.h | 7 +\n rust/helpers/hash.c | 18 +\n rust/helpers/helpers.c | 1 +\n rust/kernel/error.rs | 10 +\n rust/kernel/lib.rs | 1 +\n rust/kernel/str.rs | 13 +-\n rust/kernel/validate.rs | 605 ++++++++++++\n 29 files changed, 3091 insertions(+), 64 deletions(-)\n create mode 100644 drivers/pci/cma.asn1\n create mode 100644 drivers/pci/cma.c\n create mode 100644 include/keys/x509-parser.h\n create mode 100644 include/linux/spdm.h\n create mode 100644 lib/rspdm/Makefile\n create mode 100644 lib/rspdm/consts.rs\n create mode 100644 lib/rspdm/lib.rs\n create mode 100644 lib/rspdm/state.rs\n create mode 100644 lib/rspdm/validator.rs\n create mode 100644 rust/helpers/hash.c\n create mode 100644 rust/kernel/validate.rs" }