@@ -17,6 +17,7 @@ config CXL_MEM
tristate "CXL.mem: Memory Devices"
default CXL_BUS
select PCI_DOE_DRIVER
+ select PCI_CMA
help
The CXL.mem protocol allows a device to act as a provider of
"System RAM" and/or "Persistent Memory" that is fully coherent
@@ -100,6 +100,7 @@ struct cxl_mbox_cmd {
*
* @dev: The device associated with this CXL state
* @cdat_doe: Auxiliary DOE device capabile of reading CDAT
+ * @cma_doe: Component measurement and authentication mailbox
* @regs: Parsed register blocks
* @payload_size: Size of space for payload
* (CXL 2.0 8.2.8.4.3 Mailbox Capabilities Register)
@@ -132,6 +133,7 @@ struct cxl_dev_state {
struct device *dev;
struct pci_doe_dev *cdat_doe;
+ struct pci_doe_dev *cma_doe;
struct cxl_regs regs;
size_t payload_size;
@@ -1,9 +1,14 @@
// SPDX-License-Identifier: GPL-2.0-only
/* Copyright(c) 2020 Intel Corporation. All rights reserved. */
#include <linux/io-64-nonatomic-lo-hi.h>
+//#include <uapi/linux/cxl_mem.h>
+#include <linux/security.h>
+#include <linux/pci-cma.h>
+//#include <linux/debugfs.h>
#include <linux/module.h>
#include <linux/sizes.h>
#include <linux/mutex.h>
+#include <linux/spdm.h>
#include <linux/list.h>
#include <linux/pci.h>
#include <linux/pci-doe.h>
@@ -494,6 +499,26 @@ static int cxl_match_cdat_doe_device(struct device *dev, const void *data)
return 0;
}
+static int cxl_match_cma_doe_device(struct device *dev, const void *data)
+{
+ const struct cxl_dev_state *cxlds = data;
+ struct auxiliary_device *adev;
+ struct pci_doe_dev *doe_dev;
+
+ /* First determine if this auxiliary device belongs to the cxlds */
+ if (cxlds->dev != dev->parent)
+ return 0;
+
+ adev = to_auxiliary_dev(dev);
+ doe_dev = container_of(adev, struct pci_doe_dev, adev);
+
+ /* If it is one of ours check for the CMA protocol */
+ if (pci_doe_supports_prot(doe_dev, PCI_VENDOR_ID_PCI_SIG, 1)) //hack
+ return 1;
+
+ return 0;
+}
+
static int cxl_setup_doe_devices(struct cxl_dev_state *cxlds)
{
struct device *dev = cxlds->dev;
@@ -519,6 +544,10 @@ static int cxl_setup_doe_devices(struct cxl_dev_state *cxlds)
cxlds->cdat_doe = doe_dev;
}
+ adev = auxiliary_find_device(NULL, cxlds, &cxl_match_cma_doe_device);
+ if (adev)
+ cxlds->cma_doe = container_of(adev, struct pci_doe_dev, adev);
+
return 0;
}
@@ -643,6 +672,7 @@ static int cxl_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
struct cxl_register_map map;
struct cxl_memdev *cxlmd;
struct cxl_dev_state *cxlds;
+ struct spdm_state spdm_state;
int rc;
/*
@@ -670,6 +700,14 @@ static int cxl_pci_probe(struct pci_dev *pdev, const struct pci_device_id *id)
cxl_initialize_cdat_callbacks(cxlds);
+ /* CMA is optional - policy control will be needed */
+ if (cxlds->cma_doe) {
+ pci_cma_init(cxlds->cma_doe, &spdm_state);
+ rc = pci_cma_authenticate(&spdm_state);
+ if (rc)
+ return rc;
+ }
+
rc = cxl_map_regs(cxlds, &map);
if (rc)
return rc;
@@ -712,7 +750,7 @@ static struct pci_driver cxl_pci_driver = {
.id_table = cxl_mem_pci_tbl,
.probe = cxl_pci_probe,
.driver = {
- .probe_type = PROBE_PREFER_ASYNCHRONOUS,
+ .probe_type = PROBE_FORCE_SYNCHRONOUS,
},
};
@@ -921,7 +921,7 @@ static int spdm_get_certificate(struct spdm_state *spdm_state)
key_ref_to_ptr(key2)->payload.data[asym_auth];
key = find_asymmetric_key(spdm_state->root_keyring, sig->auth_ids[0],
- sig->auth_ids[1], false);
+ sig->auth_ids[1], NULL, false);
if (IS_ERR(key)) {
dev_err(spdm_state->dev,
"Unable to retrieve signing certificate from _cma keyring\n");
This is just for purposes of poking the CMA / SPDM code. What exactly the model in the driver looks like is still to be worked out. Note the PROBE_FORCE_SYNCHRONOUS is a workaround to avoid warnings about trying to load an additional crypto module whilst doing an asychronous probe. Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com> --- drivers/cxl/Kconfig | 1 + drivers/cxl/cxlmem.h | 2 ++ drivers/cxl/pci.c | 40 +++++++++++++++++++++++++++++++++++++++- lib/spdm.c | 2 +- 4 files changed, 43 insertions(+), 2 deletions(-)