Re: [PATCH v2 10/18] PCI/CMA: Reauthenticate devices on reset and resume
From: Dan Williams <hidden>
Date: 2024-07-10 23:23:16
Also in:
keyrings, linux-crypto, linux-cxl, linux-pci
From: Dan Williams <hidden>
Date: 2024-07-10 23:23:16
Also in:
keyrings, linux-crypto, linux-cxl, linux-pci
Lukas Wunner wrote:
CMA-SPDM state is lost when a device undergoes a Conventional Reset. (But not a Function Level Reset, PCIe r6.2 sec 6.6.2.) A D3cold to D0 transition implies a Conventional Reset (PCIe r6.2 sec 5.8). Thus, reauthenticate devices on resume from D3cold and on recovery from a Secondary Bus Reset or DPC-induced Hot Reset. The requirement to reauthenticate devices on resume from system sleep (and in the future reestablish IDE encryption) is the reason why SPDM
TSM "connect" state also needs to be managed over reset, so stay tuned for some collaboration here.
needs to be in-kernel: During ->resume_noirq, which is the first phase after system sleep, the PCI core walks down the hierarchy, puts each device in D0, restores its config space and invokes the driver's ->resume_noirq callback. The driver is afforded the right to access the device already during this phase.
I agree that CMA should be in kernel, it's not clear that authentication needs to be automatic, and certainly not in a way that a driver can not opt-out of. What if a use case cares about resume time latency? What if a driver knows that authentication is only needed later in the resume flow? Seems presumptious for the core to assume it knows best when authentication needs to happen. At a minimum I think pci_cma_reauthenticate() should do something like: /* not previously authenticated skip authentication */ if (!spdm_state->authenticated) return; ...so that spdm capable devices can opt-out of automatic reauthentication.