Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.2/patches/2234743/?format=api
{ "id": 2234743, "url": "http://patchwork.ozlabs.org/api/1.2/patches/2234743/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-pci/patch/20260508031710.514574-8-alistair.francis@wdc.com/", "project": { "id": 28, "url": "http://patchwork.ozlabs.org/api/1.2/projects/28/?format=api", "name": "Linux PCI development", "link_name": "linux-pci", "list_id": "linux-pci.vger.kernel.org", "list_email": "linux-pci@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260508031710.514574-8-alistair.francis@wdc.com>", "list_archive_url": null, "date": "2026-05-08T03:16:59", "name": "[07/18] lib: rspdm: Initial commit of Rust SPDM", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "8d51dee00d423926acff55a19c5333f63597bdcd", "submitter": { "id": 64571, "url": "http://patchwork.ozlabs.org/api/1.2/people/64571/?format=api", "name": "Alistair Francis", "email": "alistair23@gmail.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linux-pci/patch/20260508031710.514574-8-alistair.francis@wdc.com/mbox/", "series": [ { "id": 503312, "url": "http://patchwork.ozlabs.org/api/1.2/series/503312/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-pci/list/?series=503312", "date": "2026-05-08T03:16:52", "name": "lib: Rust implementation of SPDM", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/503312/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2234743/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2234743/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <linux-pci+bounces-54162-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "linux-pci@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256\n header.s=20251104 header.b=cmDYUJHZ;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c04:e001:36c::12fc:5321; helo=tor.lore.kernel.org;\n envelope-from=linux-pci+bounces-54162-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=\"cmDYUJHZ\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=209.85.214.175", "smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=gmail.com" ], "Received": [ "from tor.lore.kernel.org (tor.lore.kernel.org\n [IPv6:2600:3c04:e001:36c::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4gBZBj3YNZz1yK7\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 08 May 2026 13:20:45 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id A403C305889B\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 8 May 2026 03:18:26 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id E1F712F3C37;\n\tFri, 8 May 2026 03:18:23 +0000 (UTC)", "from mail-pl1-f175.google.com (mail-pl1-f175.google.com\n [209.85.214.175])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 7CD0C2F39B4\n\tfor <linux-pci@vger.kernel.org>; Fri, 8 May 2026 03:18:18 +0000 (UTC)", "by mail-pl1-f175.google.com with SMTP id\n d9443c01a7336-2b7d3ecc10dso14673245ad.2\n for <linux-pci@vger.kernel.org>; Thu, 07 May 2026 20:18:18 -0700 (PDT)", "from toolbx.alistair23.me ([2403:581e:fdf9:0:6209:4521:6813:45b7])\n by smtp.gmail.com with ESMTPSA id\n d9443c01a7336-2baf1eafa62sm3220685ad.74.2026.05.07.20.18.09\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 07 May 2026 20:18:16 -0700 (PDT)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1778210303; cv=none;\n b=RKKfZ4eT0QcUocU+3cYX7mY/gFiH1iAER5R9DDyq+nkINkUMF06KFw9CKO6BwOO0UVGvkWP+uHyuIm8zeRL1e3d/MFYd/sRVqxseAwXgzAkxYCXlwy2SagRJGnueybo9C9g9kO/Ar42rvdmXxQlBHl24+H5K82i54eS7q8wVPcY=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1778210303; c=relaxed/simple;\n\tbh=qJWHDK+N4LoOGpeaEwJKkRsDeF4WOI9vEFrJsALVy7E=;\n\th=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version;\n b=teg4bNHEoEOnVKgh/6EmTDbts1D0vLxkU39h8a2Th7BUtZvooKp1xirjEyFmPJoEu3p1JfM0w89CzQGcelGNqIqO2xSVbdyoRcrbtP1rAUuTNE7n/A4+et2QJvln0PI3Gce5WPv5VVax5ynkbesUl5kJBpGnWbUWXfRq4k6U4qs=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=none dis=none) header.from=gmail.com;\n spf=pass smtp.mailfrom=gmail.com;\n dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com\n header.b=cmDYUJHZ; arc=none smtp.client-ip=209.85.214.175", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=gmail.com; s=20251104; t=1778210297; x=1778815097;\n darn=vger.kernel.org;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n :message-id:reply-to;\n bh=kJ731pPUpjKXMohpExLc/2RX1wlDvWGPLBQ6aRYUkzA=;\n b=cmDYUJHZv4Q0G0aAq5VxHaekaqC6hmwk1ID+EYKjQv3WXSJ78DJerBt8fABph21lo8\n H+pssP25hXRfRDyATNOOwYlsSisSIKV4xHIRPCLB7H1vkyouXCfIUQeSNU+fNSadlokC\n 2Vw768EcRQvibMKEtz7bxnv9n1/KMO3hsmTe6V1GFr+dM2t1PQ01Q+KrFlW8y/hFQpUl\n J4MXTli+8ScvVPqsYx1PrGuIbcQUGRHagPnHvaDYxsxI67cSwMpsFoe8zJPeM8q/NWt3\n IHquxXcOB5WmuGcC/+/awV7XkF2HpVjDS+/u62t6K0URb13u7E9g4DLy7/P9zfJkSBZl\n /i8Q==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1778210297; x=1778815097;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from\n :to:cc:subject:date:message-id:reply-to;\n bh=kJ731pPUpjKXMohpExLc/2RX1wlDvWGPLBQ6aRYUkzA=;\n b=D9sHqjCH/csE6d9CaTJ6S7woPy9SRIyjoPF69xqdV42HbhhxWvvYgRLANWX3vV1yZD\n xjHQ5o2n+KOvgLFE5dN9gh/2Oon2MicBZftSRX5kthqEtnTFBlNDb6+AHKMebUhbNLhH\n RV6UJp30XY3qdSReL47pb9U7Zoykyhqud38yHRbNqgI1pjAWksdM0zomXk98iRxi+ePt\n dQ8Z+V58OI39Y/9OwLUneHSRpRefJ2dCZLZTyJMcVeHc+WD2dudzBpG16EP213Hw/nmS\n yLtytKv6GAQ1dtG847lzyOCenwFRVKQPfkQ3kX3TZccMnNA9SAskHUjCSPpXm3i08k6K\n pWYg==", "X-Forwarded-Encrypted": "i=1;\n AFNElJ/AUx8OD2Sr/OQQwikBeyuoaANO8ywguIvXlPR78P986Ue9TbQ0vdZijNE4G3dqVvfflI7R1pU+LTg=@vger.kernel.org", "X-Gm-Message-State": "AOJu0Yylye9kyQOO5FJ09bWZet+cifWGsyNxov1mUArsDIDbCWP3hRmR\n\tDERNzST2MU6f1GkS6HPEO0rDSa/oDfiC8A9Y6b4+2RgoMxhY4nGFQoqG", "X-Gm-Gg": "Acq92OFWmlnR0Ks0U5prpwWspkpjJcCGogQxvpW2RF/eUPppE9PafXjamhtHYlRWe0N\n\tNts2WVh15sOTlqhfBgwmT+4kEIFuijBdH4CFfomicyy6pLzxVFDYNSBvB9qy6tT4jimSjye30Ek\n\t52QqIgrNS16kj8uOCdFU4q6wczmhoy432BimT0WYWy387L88PQTy9Pg+5f5FfneG6ZtIQnimXai\n\tbsRkS1aywyclYYdiAp1IL6tSb97lht0NjdXu2b47gVChyiBVdFCOxI47bTO0NskHJgUJn7JLKkA\n\tFmNzDSrCKdYUazwozf5S8PIb87U9lrKhwte5vJdG9AYRUUvIjlZb0WSQcaKpt8kE/x9I6zjir6O\n\tYOkX9Dt21/6QAyvIOpmsloVPzDJrA6Xd8TC0ceCZuYcu/+zJHzULFkRRqp8ZbO5flCzknnBxalf\n\t6u0Oi0u2Dy08rAsuQuEB8sqwD9NwjOjRAXrXR4bTndFZXKt48W9hc=", "X-Received": "by 2002:a17:903:3887:b0:2ba:83f8:7b7b with SMTP id\n d9443c01a7336-2ba83f87cfcmr97037775ad.33.1778210296937;\n Thu, 07 May 2026 20:18:16 -0700 (PDT)", "From": "alistair23@gmail.com", "X-Google-Original-From": "alistair.francis@wdc.com", "To": "alistair@alistair23.me,\n\tlinux-kernel@vger.kernel.org,\n\tlukas@wunner.de,\n\tJonathan.Cameron@huawei.com,\n\tbhelgaas@google.com,\n\trust-for-linux@vger.kernel.org,\n\takpm@linux-foundation.org,\n\tlinux-cxl@vger.kernel.org,\n\tdjbw@kernel.org,\n\tlinux-pci@vger.kernel.org", "Cc": "alex.gaynor@gmail.com,\n\twilfred.mallawa@wdc.com,\n\tgary@garyguo.net,\n\tbjorn3_gh@protonmail.com,\n\tbenno.lossin@proton.me,\n\taliceryhl@google.com,\n\tboqun.feng@gmail.com,\n\ta.hindborg@kernel.org,\n\ttmgross@umich.edu,\n\tojeda@kernel.org,\n\talistair23@gmail.com", "Subject": "[PATCH 07/18] lib: rspdm: Initial commit of Rust SPDM", "Date": "Fri, 8 May 2026 13:16:59 +1000", "Message-ID": "<20260508031710.514574-8-alistair.francis@wdc.com>", "X-Mailer": "git-send-email 2.52.0", "In-Reply-To": "<20260508031710.514574-1-alistair.francis@wdc.com>", "References": "<20260508031710.514574-1-alistair.francis@wdc.com>", "Precedence": "bulk", "X-Mailing-List": "linux-pci@vger.kernel.org", "List-Id": "<linux-pci.vger.kernel.org>", "List-Subscribe": "<mailto:linux-pci+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:linux-pci+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit" }, "content": "From: Alistair Francis <alistair@alistair23.me>\n\nThis is the initial commit of the Rust SPDM library. It is based on and\ncompatible with the C SPDM library in the kernel (lib/spdm).\n\nSigned-off-by: Alistair Francis <alistair@alistair23.me>\n---\n MAINTAINERS | 12 ++\n include/linux/spdm.h | 39 ++++++\n lib/Kconfig | 17 +++\n lib/Makefile | 2 +\n lib/rspdm/Makefile | 10 ++\n lib/rspdm/consts.rs | 56 ++++++++\n lib/rspdm/lib.rs | 116 ++++++++++++++++\n lib/rspdm/state.rs | 235 ++++++++++++++++++++++++++++++++\n lib/rspdm/validator.rs | 73 ++++++++++\n rust/bindings/bindings_helper.h | 2 +\n rust/kernel/error.rs | 2 +\n 11 files changed, 564 insertions(+)\n create mode 100644 include/linux/spdm.h\n create mode 100644 lib/rspdm/Makefile\n create mode 100644 lib/rspdm/consts.rs\n create mode 100644 lib/rspdm/lib.rs\n create mode 100644 lib/rspdm/state.rs\n create mode 100644 lib/rspdm/validator.rs", "diff": "diff --git a/MAINTAINERS b/MAINTAINERS\nindex 882214b0e7db..2e8ad57fec5d 100644\n--- a/MAINTAINERS\n+++ b/MAINTAINERS\n@@ -24164,6 +24164,18 @@ M:\tSecurity Officers <security@kernel.org>\n S:\tSupported\n F:\tDocumentation/process/security-bugs.rst\n \n+SECURITY PROTOCOL AND DATA MODEL (SPDM)\n+M:\tJonathan Cameron <jic23@kernel.org>\n+M:\tLukas Wunner <lukas@wunner.de>\n+M:\tAlistair Francis <alistair@alistair23.me>\n+L:\tlinux-coco@lists.linux.dev\n+L:\tlinux-cxl@vger.kernel.org\n+L:\tlinux-pci@vger.kernel.org\n+S:\tMaintained\n+T:\tgit git://git.kernel.org/pub/scm/linux/kernel/git/devsec/spdm.git\n+F:\tinclude/linux/spdm.h\n+F:\tlib/rspdm/\n+\n SECURITY SUBSYSTEM\n M:\tPaul Moore <paul@paul-moore.com>\n M:\tJames Morris <jmorris@namei.org>\ndiff --git a/include/linux/spdm.h b/include/linux/spdm.h\nnew file mode 100644\nindex 000000000000..e23e386ed97a\n--- /dev/null\n+++ b/include/linux/spdm.h\n@@ -0,0 +1,39 @@\n+/* SPDX-License-Identifier: GPL-2.0 */\n+/*\n+ * DMTF Security Protocol and Data Model (SPDM)\n+ * https://www.dmtf.org/dsp/DSP0274\n+ *\n+ * Copyright (C) 2021-22 Huawei\n+ * Jonathan Cameron <Jonathan.Cameron@huawei.com>\n+ *\n+ * Copyright (C) 2022-24 Intel Corporation\n+ */\n+\n+#ifndef _SPDM_H_\n+#define _SPDM_H_\n+\n+#include <linux/types.h>\n+\n+struct key;\n+struct device;\n+struct spdm_state;\n+struct x509_certificate;\n+\n+typedef ssize_t (spdm_transport)(void *priv, struct device *dev,\n+\t\t\t\t const void *request, size_t request_sz,\n+\t\t\t\t void *response, size_t response_sz);\n+\n+typedef int (spdm_validate)(struct device *dev, u8 slot,\n+\t\t\t struct x509_certificate *leaf_cert);\n+\n+struct spdm_state *spdm_create(struct device *dev, spdm_transport *transport,\n+\t\t\t void *transport_priv, u32 transport_sz,\n+\t\t\t spdm_validate *validate);\n+\n+int spdm_authenticate(struct spdm_state *spdm_state);\n+\n+void spdm_destroy(struct spdm_state *spdm_state);\n+\n+extern const struct attribute_group spdm_attr_group;\n+\n+#endif\ndiff --git a/lib/Kconfig b/lib/Kconfig\nindex 00a9509636c1..5a248709132e 100644\n--- a/lib/Kconfig\n+++ b/lib/Kconfig\n@@ -592,6 +592,23 @@ config LWQ_TEST\n \thelp\n Run boot-time test of light-weight queuing.\n \n+config RSPDM\n+\tbool \"Rust SPDM\"\n+\tselect RUST\n+\tselect CRYPTO\n+\tselect KEYS\n+\tselect ASYMMETRIC_KEY_TYPE\n+\tselect ASYMMETRIC_PUBLIC_KEY_SUBTYPE\n+\tselect X509_CERTIFICATE_PARSER\n+\thelp\n+\t The Rust implementation of the Security Protocol and Data Model (SPDM)\n+\t allows for device authentication, measurement, key exchange and\n+\t encrypted sessions.\n+\n+\t Crypto algorithms negotiated with SPDM are limited to those enabled\n+\t in .config. Users of SPDM therefore need to also select\n+\t any algorithms they deem mandatory.\n+\n endmenu\n \n config GENERIC_IOREMAP\ndiff --git a/lib/Makefile b/lib/Makefile\nindex f33a24bf1c19..ef2d33224d89 100644\n--- a/lib/Makefile\n+++ b/lib/Makefile\n@@ -282,6 +282,8 @@ obj-$(CONFIG_PERCPU_TEST) += percpu_test.o\n obj-$(CONFIG_ASN1) += asn1_decoder.o\n obj-$(CONFIG_ASN1_ENCODER) += asn1_encoder.o\n \n+obj-$(CONFIG_RSPDM) += rspdm/\n+\n obj-$(CONFIG_FONT_SUPPORT) += fonts/\n \n #\ndiff --git a/lib/rspdm/Makefile b/lib/rspdm/Makefile\nnew file mode 100644\nindex 000000000000..1f62ee2a882d\n--- /dev/null\n+++ b/lib/rspdm/Makefile\n@@ -0,0 +1,10 @@\n+# SPDX-License-Identifier: GPL-2.0\n+#\n+# Rust implementation of the DMTF Security Protocol and Data Model (SPDM)\n+# https://www.dmtf.org/dsp/DSP0274\n+#\n+# Copyright (C) 2024 Western Digital\n+\n+obj-$(CONFIG_RSPDM) += spdm.o\n+\n+spdm-y := lib.o\ndiff --git a/lib/rspdm/consts.rs b/lib/rspdm/consts.rs\nnew file mode 100644\nindex 000000000000..2feddde67885\n--- /dev/null\n+++ b/lib/rspdm/consts.rs\n@@ -0,0 +1,56 @@\n+// SPDX-License-Identifier: GPL-2.0\n+\n+// Copyright (C) 2024 Western Digital\n+\n+//! Constants used by the library\n+//!\n+//! Rust implementation of the DMTF Security Protocol and Data Model (SPDM)\n+//! <https://www.dmtf.org/dsp/DSP0274>\n+\n+/* SPDM versions supported by this implementation */\n+pub(crate) const SPDM_VER_10: u8 = 0x10;\n+\n+pub(crate) const SPDM_MIN_VER: u8 = SPDM_VER_10;\n+\n+pub(crate) const SPDM_REQ: u8 = 0x80;\n+pub(crate) const SPDM_ERROR: u8 = 0x7f;\n+\n+#[expect(dead_code)]\n+#[derive(Clone, Copy)]\n+pub(crate) enum SpdmErrorCode {\n+ InvalidRequest = 0x01,\n+ /// This was removed in version 1.2.0 and is now reserved\n+ InvalidSession = 0x02,\n+ Busy = 0x03,\n+ UnexpectedRequest = 0x04,\n+ Unspecified = 0x05,\n+ DecryptError = 0x06,\n+ UnsupportedRequest = 0x07,\n+ RequestInFlight = 0x08,\n+ InvalidResponseCode = 0x09,\n+ SessionLimitExceeded = 0x0a,\n+ SessionRequired = 0x0b,\n+ ResetRequired = 0x0c,\n+ ResponseTooLarge = 0x0d,\n+ RequestTooLarge = 0x0e,\n+ LargeResponse = 0x0f,\n+ MessageLost = 0x10,\n+ InvalidPolicy = 0x11,\n+ VersionMismatch = 0x41,\n+ ResponseNotReady = 0x42,\n+ RequestResynch = 0x43,\n+ OperationFailed = 0x44,\n+ NoPendingRequests = 0x45,\n+ RequestSessionTerminated = 0x46,\n+ InvalidState = 0x47,\n+ VendorDefinedError = 0xff,\n+}\n+\n+impl core::fmt::LowerHex for SpdmErrorCode {\n+ /// A debug print format for the SpdmSessionInfo struct\n+ fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {\n+ writeln!(f, \"{:#x}\", *self as u8)?;\n+\n+ Ok(())\n+ }\n+}\ndiff --git a/lib/rspdm/lib.rs b/lib/rspdm/lib.rs\nnew file mode 100644\nindex 000000000000..758d43fba5cb\n--- /dev/null\n+++ b/lib/rspdm/lib.rs\n@@ -0,0 +1,116 @@\n+// SPDX-License-Identifier: GPL-2.0\n+\n+// Copyright (C) 2024 Western Digital\n+\n+//! Top level library for SPDM\n+//!\n+//! Rust implementation of the DMTF Security Protocol and Data Model (SPDM)\n+//! <https://www.dmtf.org/dsp/DSP0274>\n+//!\n+//! Top level library, including C compatible public functions to be called\n+//! from other subsytems.\n+\n+use crate::bindings::spdm_state;\n+use core::ffi::{\n+ c_int,\n+ c_void, //\n+};\n+use core::ptr;\n+use core::slice::from_raw_parts_mut;\n+use kernel::prelude::*;\n+use kernel::{\n+ alloc::flags,\n+ bindings, //\n+};\n+\n+use crate::state::SpdmState;\n+\n+const __LOG_PREFIX: &[u8] = b\"spdm\\0\";\n+\n+mod consts;\n+mod state;\n+mod validator;\n+\n+/// spdm_create() - Allocate SPDM session\n+///\n+/// `dev`: Responder device\n+/// `transport`: Transport function to perform one message exchange\n+/// `transport_priv`: Transport private data\n+/// `transport_sz`: Maximum message size the transport is capable of (in bytes)\n+/// `keyring`: Trusted root certificates\n+/// `validate`: Function to validate additional leaf certificate requirements\n+/// (optional, may be %NULL)\n+///\n+/// Return a pointer to the allocated SPDM session state or NULL on error.\n+#[export]\n+pub unsafe extern \"C\" fn spdm_create(\n+ dev: *mut bindings::device,\n+ transport: bindings::spdm_transport,\n+ transport_priv: *mut c_void,\n+ transport_sz: u32,\n+ validate: bindings::spdm_validate,\n+) -> *mut spdm_state {\n+ match KBox::new(\n+ SpdmState::new(dev, transport, transport_priv, transport_sz, validate),\n+ flags::GFP_KERNEL,\n+ ) {\n+ Ok(ret) => KBox::into_raw(ret) as *mut spdm_state,\n+ Err(_) => ptr::null_mut(),\n+ }\n+}\n+\n+/// spdm_exchange() - Perform SPDM message exchange with device\n+///\n+/// @spdm_state: SPDM session state\n+/// @req: Request message\n+/// @req_sz: Size of @req\n+/// @rsp: Response message\n+/// @rsp_sz: Size of @rsp\n+///\n+/// Send the request @req to the device via the @transport in @spdm_state and\n+/// receive the response into @rsp, respecting the maximum buffer size @rsp_sz.\n+/// The request version is automatically populated.\n+///\n+/// Return response size on success or a negative errno. Response size may be\n+/// less than @rsp_sz and the caller is responsible for checking that. It may\n+/// also be more than expected (though never more than @rsp_sz), e.g. if the\n+/// transport receives only dword-sized chunks.\n+#[no_mangle]\n+pub unsafe extern \"C\" fn spdm_exchange(\n+ state: &'static mut SpdmState,\n+ req: *mut c_void,\n+ req_sz: usize,\n+ rsp: *mut c_void,\n+ rsp_sz: usize,\n+) -> isize {\n+ let request_buf: &mut [u8] = unsafe { from_raw_parts_mut(req as *mut u8, req_sz) };\n+ let response_buf: &mut [u8] = unsafe { from_raw_parts_mut(rsp as *mut u8, rsp_sz) };\n+\n+ match state.spdm_exchange(request_buf, response_buf) {\n+ Ok(ret) => ret as isize,\n+ Err(e) => e.to_errno() as isize,\n+ }\n+}\n+\n+/// spdm_authenticate() - Authenticate device\n+///\n+/// @spdm_state: SPDM session state\n+///\n+/// Authenticate a device through a sequence of GET_VERSION, GET_CAPABILITIES,\n+/// NEGOTIATE_ALGORITHMS, GET_DIGESTS, GET_CERTIFICATE and CHALLENGE exchanges.\n+///\n+/// Perform internal locking to serialize multiple concurrent invocations.\n+/// Can be called repeatedly for reauthentication.\n+///\n+/// Return 0 on success or a negative errno. In particular, -EPROTONOSUPPORT\n+/// indicates authentication is not supported by the device.\n+#[export]\n+pub unsafe extern \"C\" fn spdm_authenticate(_state_ptr: *mut spdm_state) -> c_int {\n+ 0\n+}\n+\n+/// spdm_destroy() - Destroy SPDM session\n+///\n+/// @spdm_state: SPDM session state\n+#[export]\n+pub unsafe extern \"C\" fn spdm_destroy(_state_ptr: *mut spdm_state) {}\ndiff --git a/lib/rspdm/state.rs b/lib/rspdm/state.rs\nnew file mode 100644\nindex 000000000000..18e81f24c724\n--- /dev/null\n+++ b/lib/rspdm/state.rs\n@@ -0,0 +1,235 @@\n+// SPDX-License-Identifier: GPL-2.0\n+\n+// Copyright (C) 2024 Western Digital\n+\n+//! The `SpdmState` struct and implementation.\n+//!\n+//! Rust implementation of the DMTF Security Protocol and Data Model (SPDM)\n+//! <https://www.dmtf.org/dsp/DSP0274>\n+\n+use core::ffi::c_void;\n+use kernel::prelude::*;\n+use kernel::{\n+ bindings,\n+ error::{\n+ code::EINVAL,\n+ to_result,\n+ Error, //\n+ },\n+ validate::Untrusted,\n+};\n+\n+use crate::consts::{\n+ SpdmErrorCode,\n+ SPDM_ERROR,\n+ SPDM_MIN_VER,\n+ SPDM_REQ, //\n+};\n+use crate::validator::{\n+ SpdmErrorRsp,\n+ SpdmHeader, //\n+};\n+\n+/// The current SPDM session state for a device. Based on the\n+/// C `struct spdm_state`.\n+///\n+/// `dev`: Responder device. Used for error reporting and passed to @transport.\n+/// `transport`: Transport function to perform one message exchange.\n+/// `transport_priv`: Transport private data.\n+/// `transport_sz`: Maximum message size the transport is capable of (in bytes).\n+/// Used as DataTransferSize in GET_CAPABILITIES exchange.\n+/// `validate`: Function to validate additional leaf certificate requirements.\n+///\n+/// `version`: Maximum common supported version of requester and responder.\n+/// Negotiated during GET_VERSION exchange.\n+#[expect(dead_code)]\n+pub struct SpdmState {\n+ pub(crate) dev: *mut bindings::device,\n+ pub(crate) transport: bindings::spdm_transport,\n+ pub(crate) transport_priv: *mut c_void,\n+ pub(crate) transport_sz: u32,\n+ pub(crate) validate: bindings::spdm_validate,\n+\n+ // Negotiated state\n+ pub(crate) version: u8,\n+}\n+\n+impl SpdmState {\n+ pub(crate) fn new(\n+ dev: *mut bindings::device,\n+ transport: bindings::spdm_transport,\n+ transport_priv: *mut c_void,\n+ transport_sz: u32,\n+ validate: bindings::spdm_validate,\n+ ) -> Self {\n+ SpdmState {\n+ dev,\n+ transport,\n+ transport_priv,\n+ transport_sz,\n+ validate,\n+ version: SPDM_MIN_VER,\n+ }\n+ }\n+\n+ fn spdm_err(&self, rsp: &SpdmErrorRsp) -> Result<(), Error> {\n+ match rsp.error_code {\n+ SpdmErrorCode::InvalidRequest => {\n+ pr_err!(\"Invalid request\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::InvalidSession => {\n+ if rsp.version == 0x11 {\n+ pr_err!(\"Invalid session {:#x}\\n\", rsp.error_data);\n+ Err(EINVAL)\n+ } else {\n+ pr_err!(\"Undefined error {:#x}\\n\", rsp.error_code);\n+ Err(EINVAL)\n+ }\n+ }\n+ SpdmErrorCode::Busy => {\n+ pr_err!(\"Busy\\n\");\n+ Err(EBUSY)\n+ }\n+ SpdmErrorCode::UnexpectedRequest => {\n+ pr_err!(\"Unexpected request\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::Unspecified => {\n+ pr_err!(\"Unspecified error\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::DecryptError => {\n+ pr_err!(\"Decrypt error\\n\");\n+ Err(EIO)\n+ }\n+ SpdmErrorCode::UnsupportedRequest => {\n+ pr_err!(\"Unsupported request {:#x}\\n\", rsp.error_data);\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::RequestInFlight => {\n+ pr_err!(\"Request in flight\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::InvalidResponseCode => {\n+ pr_err!(\"Invalid response code\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::SessionLimitExceeded => {\n+ pr_err!(\"Session limit exceeded\\n\");\n+ Err(EBUSY)\n+ }\n+ SpdmErrorCode::SessionRequired => {\n+ pr_err!(\"Session required\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::ResetRequired => {\n+ pr_err!(\"Reset required\\n\");\n+ Err(ECONNRESET)\n+ }\n+ SpdmErrorCode::ResponseTooLarge => {\n+ pr_err!(\"Response too large\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::RequestTooLarge => {\n+ pr_err!(\"Request too large\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::LargeResponse => {\n+ pr_err!(\"Large response\\n\");\n+ Err(EMSGSIZE)\n+ }\n+ SpdmErrorCode::MessageLost => {\n+ pr_err!(\"Message lost\\n\");\n+ Err(EIO)\n+ }\n+ SpdmErrorCode::InvalidPolicy => {\n+ pr_err!(\"Invalid policy\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::VersionMismatch => {\n+ pr_err!(\"Version mismatch\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::ResponseNotReady => {\n+ pr_err!(\"Response not ready\\n\");\n+ Err(EINPROGRESS)\n+ }\n+ SpdmErrorCode::RequestResynch => {\n+ pr_err!(\"Request resynchronization\\n\");\n+ Err(ECONNRESET)\n+ }\n+ SpdmErrorCode::OperationFailed => {\n+ pr_err!(\"Operation failed\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::NoPendingRequests => Err(ENOENT),\n+ SpdmErrorCode::VendorDefinedError => {\n+ pr_err!(\"Vendor defined error\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::RequestSessionTerminated => {\n+ pr_err!(\"Request session terminated\\n\");\n+ Err(EINVAL)\n+ }\n+ SpdmErrorCode::InvalidState => {\n+ pr_err!(\"Invalid State\\n\");\n+ Err(EINVAL)\n+ }\n+ }\n+ }\n+\n+ /// Start a SPDM exchange\n+ ///\n+ /// The data in `request_buf` is sent to the device and the response is\n+ /// stored in `response_buf`.\n+ pub(crate) fn spdm_exchange(\n+ &self,\n+ request_buf: &mut [u8],\n+ response_buf: &mut [u8],\n+ ) -> Result<i32, Error> {\n+ let header_size = core::mem::size_of::<SpdmHeader>();\n+ let request: &mut SpdmHeader = Untrusted::new_mut(request_buf).validate_mut()?;\n+ let response: &SpdmHeader = Untrusted::new_ref(response_buf).validate()?;\n+\n+ let transport_function = self.transport.ok_or(EINVAL)?;\n+ // SAFETY: `transport_function` is provided by the new(), we are\n+ // calling the function.\n+ let length = unsafe {\n+ transport_function(\n+ self.transport_priv,\n+ self.dev,\n+ request_buf.as_ptr() as *const c_void,\n+ request_buf.len(),\n+ response_buf.as_mut_ptr() as *mut c_void,\n+ response_buf.len(),\n+ ) as i32\n+ };\n+ to_result(length)?;\n+\n+ if (length as usize) < header_size {\n+ return Ok(length); // Truncated response is handled by callers\n+ }\n+ if response.code == SPDM_ERROR {\n+ if length as usize >= core::mem::size_of::<SpdmErrorRsp>() {\n+ // SAFETY: The response buffer will be at least as large as\n+ // `SpdmErrorRsp` so we can cast the buffer to `SpdmErrorRsp` which\n+ // is a packed struct.\n+ self.spdm_err(unsafe { &*(response_buf.as_ptr() as *const SpdmErrorRsp) })?;\n+ } else {\n+ return Err(EINVAL);\n+ }\n+ }\n+\n+ if response.code != request.code & !SPDM_REQ {\n+ pr_err!(\n+ \"Response code {:#x} does not match request code {:#x}\\n\",\n+ response.code,\n+ request.code\n+ );\n+ to_result(-(bindings::EPROTO as i32))?;\n+ }\n+\n+ Ok(length)\n+ }\n+}\ndiff --git a/lib/rspdm/validator.rs b/lib/rspdm/validator.rs\nnew file mode 100644\nindex 000000000000..58039f532b7d\n--- /dev/null\n+++ b/lib/rspdm/validator.rs\n@@ -0,0 +1,73 @@\n+// SPDX-License-Identifier: GPL-2.0\n+\n+// Copyright (C) 2024 Western Digital\n+\n+//! Related structs and their Validate implementations.\n+//!\n+//! Rust implementation of the DMTF Security Protocol and Data Model (SPDM)\n+//! <https://www.dmtf.org/dsp/DSP0274>\n+\n+use crate::consts::SpdmErrorCode;\n+use core::mem;\n+use kernel::prelude::*;\n+use kernel::{\n+ error::{\n+ code::EINVAL,\n+ Error, //\n+ },\n+ validate::{\n+ Unvalidated,\n+ Validate, //\n+ },\n+};\n+\n+#[repr(C, packed)]\n+pub(crate) struct SpdmHeader {\n+ pub(crate) version: u8,\n+ pub(crate) code: u8, /* RequestResponseCode */\n+ pub(crate) param1: u8,\n+ pub(crate) param2: u8,\n+}\n+\n+impl Validate<&Unvalidated<[u8]>> for &SpdmHeader {\n+ type Err = Error;\n+\n+ fn validate(unvalidated: &Unvalidated<[u8]>) -> Result<Self, Self::Err> {\n+ let raw = unvalidated.raw();\n+ if raw.len() < mem::size_of::<SpdmHeader>() {\n+ return Err(EINVAL);\n+ }\n+\n+ let ptr = raw.as_ptr();\n+ // CAST: `SpdmHeader` only contains integers and has `repr(C)`.\n+ let ptr = ptr.cast::<SpdmHeader>();\n+ // SAFETY: `ptr` came from a reference and the cast above is valid.\n+ Ok(unsafe { &*ptr })\n+ }\n+}\n+\n+impl Validate<&mut Unvalidated<[u8]>> for &mut SpdmHeader {\n+ type Err = Error;\n+\n+ fn validate(unvalidated: &mut Unvalidated<[u8]>) -> Result<Self, Self::Err> {\n+ let raw = unvalidated.raw_mut();\n+ if raw.len() < mem::size_of::<SpdmHeader>() {\n+ return Err(EINVAL);\n+ }\n+\n+ let ptr = raw.as_mut_ptr();\n+ // CAST: `SpdmHeader` only contains integers and has `repr(C)`.\n+ let ptr = ptr.cast::<SpdmHeader>();\n+ // SAFETY: `ptr` came from a reference and the cast above is valid.\n+ Ok(unsafe { &mut *ptr })\n+ }\n+}\n+\n+#[repr(C, packed)]\n+pub(crate) struct SpdmErrorRsp {\n+ pub(crate) version: u8,\n+ /// This will always be SPDM_ERROR (0x7F)\n+ pub(crate) code: u8,\n+ pub(crate) error_code: SpdmErrorCode,\n+ pub(crate) error_data: u8,\n+}\ndiff --git a/rust/bindings/bindings_helper.h b/rust/bindings/bindings_helper.h\nindex d73142078240..0231e4f87f20 100644\n--- a/rust/bindings/bindings_helper.h\n+++ b/rust/bindings/bindings_helper.h\n@@ -87,10 +87,12 @@\n #include <linux/sched.h>\n #include <linux/security.h>\n #include <linux/slab.h>\n+#include <linux/spdm.h>\n #include <linux/sys_soc.h>\n #include <linux/task_work.h>\n #include <linux/tracepoint.h>\n #include <linux/usb.h>\n+#include <linux/uaccess.h>\n #include <linux/wait.h>\n #include <linux/workqueue.h>\n #include <linux/xarray.h>\ndiff --git a/rust/kernel/error.rs b/rust/kernel/error.rs\nindex 5463addbfd95..386110a1e19f 100644\n--- a/rust/kernel/error.rs\n+++ b/rust/kernel/error.rs\n@@ -89,6 +89,8 @@ macro_rules! declare_err {\n declare_err!(EIOCBQUEUED, \"iocb queued, will get completion event.\");\n declare_err!(ERECALLCONFLICT, \"Conflict with recalled state.\");\n declare_err!(ENOGRACE, \"NFS file lock reclaim refused.\");\n+ declare_err!(ECONNRESET, \"Connection reset by peer.\");\n+ declare_err!(EINPROGRESS, \"Operation now in progress.\");\n }\n \n /// Generic integer kernel error.\n", "prefixes": [ "07/18" ] }