From nobody Sun Sep 28 15:29:10 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1756698640; cv=none; d=zohomail.com; s=zohoarc; b=Yus+Lb2Y8TsbTmlCkCdFIibyCve2FGF//Tz1oghVMOoIBtjyKnuEn+48UtTCkaD9oXPxSDMAKqetMvh32yUjNFBMD9Ixuo1mVeAYB+kcRg+CNHGzZYXEh9ilO09fG9+Dv6h2pOzScnOI9QD/1soyRKezA+2jf2MdmlHWKDLYy04= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1756698640; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=RjacYaLKOhLtcN2plgF+C3NWVsLcWnhBIR1v/WVcDRc=; b=a64hSK/3PNu8qzSymXj71gj0fvMHzl/iCI8UrJdphytT9eZb9X3NNjYuqFWranIcId3Ad+LMxxMNOdJ2uK0xky419ro9Or1ty2TvVjU9gbBChwBSY5xvec5y3WX+SVqvuytZq+J3j8uIhya8N2drKwnJedhCXIjezrYMy7b9oMw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17566986408540.6845663957060424; Sun, 31 Aug 2025 20:50:40 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1usvXv-0002Sa-Ip; Sun, 31 Aug 2025 23:49:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1usvXr-0002Qt-DV; Sun, 31 Aug 2025 23:49:27 -0400 Received: from mail-pl1-x62f.google.com ([2607:f8b0:4864:20::62f]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1usvXp-0005ff-Hs; Sun, 31 Aug 2025 23:49:27 -0400 Received: by mail-pl1-x62f.google.com with SMTP id d9443c01a7336-249406d5878so12836555ad.0; Sun, 31 Aug 2025 20:49:24 -0700 (PDT) Received: from fedora ([159.196.5.243]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24905da26b9sm89802815ad.93.2025.08.31.20.49.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Aug 2025 20:49:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756698562; x=1757303362; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=RjacYaLKOhLtcN2plgF+C3NWVsLcWnhBIR1v/WVcDRc=; b=MwG+Ob2rTqSDXUppg4RVznGnW+A2sMiW5pKG3XaRva4AFRS3JkFvfk/mTlGTDzXVTZ LpI2G/wh8OIBrF0g7HZsFF5CGxaNPr7Se1etH68rWcK1dXlsrcX0SkhuQfzD/bDL13BT //Zc9XRCOL5iuD7VtIWYAr5NzUPVfPBMGkZZp4W6CxnyZ6x1b1T58Ju3SiYGLoqXg124 cr1PqKuOUFBFdZmkdlsF15ZvtC9tn2K+rv9sdiky41c4+tDNlrYl5xAVfqx4qSumoqDV U7IKyoVG5MWp9+3PiguBSDpBkmfODL+3ioYY8ukGXHsjllABn+d8pT05+JjO1gyZLDwY BC7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756698562; x=1757303362; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RjacYaLKOhLtcN2plgF+C3NWVsLcWnhBIR1v/WVcDRc=; b=eQ+HiqExkWfo0VpXSN9a7nz0RYTxgn/60Fl2yZHsjl70FUpQjAOOBk5e8yc/Ww2y9p 0v8JKRLNRHR4VCm5UTKOiDq7Lrab/HCFOYY248+cRkcBcoj30r7VgVm9jFUdZjYnloA1 3iAJ5Hu5XvOB2hFbxcz2gXDcuxP1P7fsCdqcGG4KQ0b4vx6DdUzKsOHcEuRPeDxhiRMv /VjSKXQq9AFVXHskSABcGf8DMn0M6Ogr1jnsGIl5lBv0H9O4Qp/UbUWDsTPgu6tWvlIt o4SXv1ZWuQY28c/njVLb/3ZU4ZQ7WlprrnYuyoO5zUzuVRtbGXbdzBh12EuIxJcSly+a OY4w== X-Forwarded-Encrypted: i=1; AJvYcCUvYqgLMh1xTTNcvdCiZojMb0E5jDtb3JX9PaT2DMnWyKhObPZZ7G4nBpiBryt3JDy+ajJfu2PX+QDL@nongnu.org, AJvYcCV4O0ZvUzMeuJDyDp+tWGS5obvqLUT9aKtCdAM4ednSvK/ciuLp1gP/n5a+uFRdc3VBJJ8o8x3QyKR9Xg==@nongnu.org X-Gm-Message-State: AOJu0YycQL3JVTvvYUhwqeESleO8JSXWehrU31nVTnFTpwYg6yD0uveG Wr0/U0XQF8vbcVvutGd5JfvTPKn5wV5o0tnmiVE0+cYK+XW+Idg2TWI5 X-Gm-Gg: ASbGncvjNagyRNN37bdmMMnDb/ggppo5u1asjjH5bZ/BUZm81r3uHTBXiDPYfbKh7X/ XJnCYy5LVXSPx5FW/Yj3s3yqqY0utxNFG8upHKAbInPTO5Ix2+CBxRWAiiLVi1OE+8nbU5mrgpW nDjZ5axJUZWeetDbWbG8bvJTVarvjYkW4ffgJxni6AaSfDtc/fCSoNzA5spN9WXxuvXMmYrIsps 2nuLd3reHAUhZnS4a3OcaopOwt19LMu1Yyf3t1bN2Tx57Uu4B+DttIEqMSFls4aStLB7sBLiuco zNFwSwNULJuaTFSdZ9yabkVYFk9BfAZpM15EMuJBf2qjz+2Iv/AY2q7K20mxCgB6huqAnL80FBh KCYJPLq4S5nyLEM0QIAVB7obIi4nKSEKOgVR5 X-Google-Smtp-Source: AGHT+IGuz0kVu9sKmb8wZxrpAQckq5F0pWTtVRV7KjQb/4qmOq2Zmw6Zdgya5GGleFVXpYS9WOg0sg== X-Received: by 2002:a17:903:41c9:b0:249:147:95bb with SMTP id d9443c01a7336-249448de13fmr71926095ad.13.1756698562433; Sun, 31 Aug 2025 20:49:22 -0700 (PDT) From: Wilfred Mallawa To: Alistair Francis Cc: Keith Busch , Klaus Jensen , Jesper Devantier , Stefan Hajnoczi , Fam Zheng , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , "Michael S . Tsirkin" , Marcel Apfelbaum , qemu-devel@nongnu.org, qemu-block@nongnu.org, Jonathan Cameron , Wilfred Mallawa Subject: [PATCH v3 1/5] spdm-socket: add seperate send/recv functions Date: Mon, 1 Sep 2025 13:47:56 +1000 Message-ID: <20250901034759.85042-3-wilfred.opensource@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250901034759.85042-2-wilfred.opensource@gmail.com> References: <20250901034759.85042-2-wilfred.opensource@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::62f; envelope-from=wilfred.opensource@gmail.com; helo=mail-pl1-x62f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1756698643449116600 Content-Type: text/plain; charset="utf-8" From: Wilfred Mallawa This is to support uni-directional transports such as SPDM over Storage. As specified by the DMTF DSP0286. Also update spdm_socket_rsp() to use the new send()/receive() functions. For the case of spdm_socket_receive(), this allows us to do error checking in one place with the addition of spdm_socket_command_valid(). Signed-off-by: Wilfred Mallawa --- backends/spdm-socket.c | 56 +++++++++++++++++++++++++++++------- include/system/spdm-socket.h | 35 ++++++++++++++++++++++ 2 files changed, 80 insertions(+), 11 deletions(-) diff --git a/backends/spdm-socket.c b/backends/spdm-socket.c index 2c709c68c8..3d264814df 100644 --- a/backends/spdm-socket.c +++ b/backends/spdm-socket.c @@ -184,28 +184,62 @@ int spdm_socket_connect(uint16_t port, Error **errp) return client_socket; } =20 -uint32_t spdm_socket_rsp(const int socket, uint32_t transport_type, - void *req, uint32_t req_len, - void *rsp, uint32_t rsp_len) +static bool spdm_socket_command_valid(uint32_t command) +{ + switch (command) { + case SPDM_SOCKET_COMMAND_NORMAL: + case SPDM_SOCKET_STORAGE_CMD_IF_SEND: + case SPDM_SOCKET_STORAGE_CMD_IF_RECV: + case SOCKET_SPDM_STORAGE_ACK_STATUS: + case SPDM_SOCKET_COMMAND_OOB_ENCAP_KEY_UPDATE: + case SPDM_SOCKET_COMMAND_CONTINUE: + case SPDM_SOCKET_COMMAND_SHUTDOWN: + case SPDM_SOCKET_COMMAND_UNKOWN: + case SPDM_SOCKET_COMMAND_TEST: + return true; + default: + return false; + } +} + +uint32_t spdm_socket_receive(const int socket, uint32_t transport_type, + void *rsp, uint32_t rsp_len) { uint32_t command; bool result; =20 - result =3D send_platform_data(socket, transport_type, - SPDM_SOCKET_COMMAND_NORMAL, - req, req_len); - if (!result) { + result =3D receive_platform_data(socket, transport_type, &command, + (uint8_t *)rsp, &rsp_len); + + /* we may have received some data, but check if the command is valid */ + if (!result || !spdm_socket_command_valid(command)) { return 0; } =20 - result =3D receive_platform_data(socket, transport_type, &command, - (uint8_t *)rsp, &rsp_len); + return rsp_len; +} + +bool spdm_socket_send(const int socket, uint32_t socket_cmd, + uint32_t transport_type, void *req, uint32_t req_len) +{ + return send_platform_data(socket, transport_type, + socket_cmd, req, req_len); +} + +uint32_t spdm_socket_rsp(const int socket, uint32_t transport_type, + void *req, uint32_t req_len, + void *rsp, uint32_t rsp_len) +{ + bool result; + + result =3D spdm_socket_send(socket, SPDM_SOCKET_COMMAND_NORMAL, + transport_type, req, req_len); if (!result) { return 0; } =20 - assert(command !=3D 0); - + rsp_len =3D spdm_socket_receive(socket, transport_type, (uint8_t *)rsp, + rsp_len); return rsp_len; } =20 diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h index 5d8bd9aa4e..2b7d03f82d 100644 --- a/include/system/spdm-socket.h +++ b/include/system/spdm-socket.h @@ -50,6 +50,35 @@ uint32_t spdm_socket_rsp(const int socket, uint32_t tran= sport_type, void *req, uint32_t req_len, void *rsp, uint32_t rsp_len); =20 +/** + * spdm_socket_rsp: Receive a message from an SPDM server + * @socket: socket returned from spdm_socket_connect() + * @transport_type: SPDM_SOCKET_TRANSPORT_TYPE_* macro + * @rsp: response buffer + * @rsp_len: response buffer length + * + * Receives a message from the SPDM server and returns the number of bytes + * received or 0 on failure. This can be used to receive a message from th= e SPDM + * server without sending anything first. + */ +uint32_t spdm_socket_receive(const int socket, uint32_t transport_type, + void *rsp, uint32_t rsp_len); + +/** + * spdm_socket_rsp: Sends a message to an SPDM server + * @socket: socket returned from spdm_socket_connect() + * @socket_cmd: socket command type (normal/if_recv/if_send etc...) + * @transport_type: SPDM_SOCKET_TRANSPORT_TYPE_* macro + * @req: request buffer + * @req_len: request buffer length + * + * Sends platform data to a SPDM server on socket, returns true on success. + * The response from the server must then be fetched by using + * spdm_socket_receive(). + */ +bool spdm_socket_send(const int socket, uint32_t socket_cmd, + uint32_t transport_type, void *req, uint32_t req_len= ); + /** * spdm_socket_close: send a shutdown command to the server * @socket: socket returned from spdm_socket_connect() @@ -60,6 +89,9 @@ uint32_t spdm_socket_rsp(const int socket, uint32_t trans= port_type, void spdm_socket_close(const int socket, uint32_t transport_type); =20 #define SPDM_SOCKET_COMMAND_NORMAL 0x0001 +#define SPDM_SOCKET_STORAGE_CMD_IF_SEND 0x0002 +#define SPDM_SOCKET_STORAGE_CMD_IF_RECV 0x0003 +#define SOCKET_SPDM_STORAGE_ACK_STATUS 0x0004 #define SPDM_SOCKET_COMMAND_OOB_ENCAP_KEY_UPDATE 0x8001 #define SPDM_SOCKET_COMMAND_CONTINUE 0xFFFD #define SPDM_SOCKET_COMMAND_SHUTDOWN 0xFFFE @@ -68,7 +100,10 @@ void spdm_socket_close(const int socket, uint32_t trans= port_type); =20 #define SPDM_SOCKET_TRANSPORT_TYPE_MCTP 0x01 #define SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE 0x02 +#define SPDM_SOCKET_TRANSPORT_TYPE_SCSI 0x03 +#define SPDM_SOCKET_TRANSPORT_TYPE_NVME 0x04 =20 #define SPDM_SOCKET_MAX_MESSAGE_BUFFER_SIZE 0x1200 +#define SPDM_SOCKET_MAX_MSG_STATUS_LEN 0x02 =20 #endif --=20 2.51.0 From nobody Sun Sep 28 15:29:10 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1756698641; cv=none; d=zohomail.com; s=zohoarc; b=X59XfCaxm0UyDUsDOPvMLGFrLEejyd1tSwuOQJaYnWcSl7ZudOorLftk6mZuBcFJH1ysTSTIjOXxNksII17c7EDvxLU1fKDADALy/cMWa39Jq5N7IdHbkbtIoFriU/5aS007bRU84lmvacPQQlOIZfbzg+Z+onJwUxDGlPWqkj4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1756698641; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=jNY4ncpuDcOsXQxB2Rg/MklRq+L9/xqLJrUQZb5aHUA=; b=MrL10/Tmg9ham9nxv+aQUlj21qFfY1uJ68bLaWFVgoPT/nKKW/Br7qO9RTnQaX52400rwH9LwjKiaN40JzfbHXoCmiCJVsRR3q+RY4N7hS8xIs8zCTIFG23K0OnkmgzrrXv6f6WkykGKkYMsVriLAt7dn/FXBZj27QgEiWHCgEs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1756698641213263.70294055308443; Sun, 31 Aug 2025 20:50:41 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1usvXz-0002Tm-1E; Sun, 31 Aug 2025 23:49:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1usvXw-0002So-4A; Sun, 31 Aug 2025 23:49:32 -0400 Received: from mail-pg1-x530.google.com ([2607:f8b0:4864:20::530]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1usvXu-0005gM-B4; Sun, 31 Aug 2025 23:49:31 -0400 Received: by mail-pg1-x530.google.com with SMTP id 41be03b00d2f7-b4df220483fso1316539a12.2; Sun, 31 Aug 2025 20:49:29 -0700 (PDT) Received: from fedora ([159.196.5.243]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24905da26b9sm89802815ad.93.2025.08.31.20.49.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Aug 2025 20:49:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756698568; x=1757303368; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jNY4ncpuDcOsXQxB2Rg/MklRq+L9/xqLJrUQZb5aHUA=; b=lcjPcMmXuD7JP+zEQfpmea8LnDmHxF3Y4y64nm/44M7hISKSkAHJacNCnAo8KYPA2a x9W3Ihu5Sl8LmAdh29xtK/ihMId5fjWeA9NUuoYMKZhlhJjyu0JVg33lGq2Q73s4P2m4 d+xd0ukZO/x02tbW1ZevMpOrOOTmhlDWXr0O6JiyjRKyaADfJZnmX4TBf1VhPm8gcSqG Qr9lNWTtt7cFSR2bphRowq4B2k5QjfjStF3K4aI0pDYGvXWrlWNvM7Dm8SqggkEUSZ9O mhxcf64LdYrJZ+Pwe2psvYlE+dIyfKaGoWG/zZTo48nH+lyHNkAnj9GqmVHJxbrjWdk5 OUmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756698568; x=1757303368; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jNY4ncpuDcOsXQxB2Rg/MklRq+L9/xqLJrUQZb5aHUA=; b=xCI+mRCI9eJnNuTZTt3+Yv1Zm90j+Mv0wWFfh3vrwmscW2VWp0kC4lhXLI9Q95hmbl a2wSB3Hd9uSriNAro0q01pneM7OCWUSwlsJd77IRmUQA/ic6jc9YYRYQNChMY7LlAsVB p04ikC54e4vBNNhyo2Jm8z6igEHTXoad9DFQzvBax7MwoG/W+3xu479ot3brNAeu1biU PxR6nRiXymR20Pd0TBb05M5NBjGrrIrbdOlEBx3SZopaHltRpKJ5iUgiSzLgGakJykny SP7R/6FB3TGfuzN7ohnUuxZyNF6uFon1Qk7/noz6t0ar7etpGT8ltX+A3lGjJaLJx+Lh Wd7w== X-Forwarded-Encrypted: i=1; AJvYcCUO8aD6ZFy19ER2wqqOo9M0TaaU6S/O/tAO9cmHxtwGKq11T9kIcwiDf4yPMGnlwnOvxakUdJpZf6MG4Q==@nongnu.org, AJvYcCXRqSXERZPOEfeDI0Ve6xoiJq3nME1jNvHwtVvA+Q7DI8jShXg7ZliJ2a7PgpegJ502YR2EL2k3pnXY@nongnu.org X-Gm-Message-State: AOJu0Yxx6lf3VApqRCQ6F1ce5MJSbpikqXJFd85Fyy4K2I+ekS1y4DOM igbeFjxJ2LafbfJta5aIO+MLV04fVcXRP8Ob/9YXuy6+qDn0krawqiP/ X-Gm-Gg: ASbGncuDlV49FC8DE/yPEbEp0YFjfblSpOW6TRM43R6/Mmyh+ooU09CrVsyQEnt3Cil /dUf7ZYZHBuF9vvEVBtSL1HvtTm8avL7g1jBNvimHppDHQszEXBOKF5P7Y7J3MHmorhWxaD0Rco tbf72u/yIMX9cKvziOt3Ul4sGUPMWLLhx+lNtIEXgzqg1T+IbIXoo8T+f/w7+b4AodrcW9cTjvK ADESv731SGAlMFgnfovROyXsuxuXzZUKvUXQpaOC1GXZPXUygcY/A7Jb7x0q+L/oqyTxes45LHP KTIyqfullco9sZCk0g4HsA5h1Ecbcj9rBV7JBSgg9HO32sNBqS2CdoR9xIJlg4WEjGUamMUfOPb F24AUvotSlSbKQ5kKr3wn81ykvvGdb1g/bEEHuveq6lZ0nUg= X-Google-Smtp-Source: AGHT+IFdJ5o0e4vpogbIibYDZzS1T+vxIUUqJG5aB1sZ09iJ0ZPWAeVQ+28343dyKevGZ/FgNWMwNQ== X-Received: by 2002:a17:902:e54b:b0:248:b716:c49c with SMTP id d9443c01a7336-2494485bb85mr77442085ad.9.1756698568148; Sun, 31 Aug 2025 20:49:28 -0700 (PDT) From: Wilfred Mallawa To: Alistair Francis Cc: Keith Busch , Klaus Jensen , Jesper Devantier , Stefan Hajnoczi , Fam Zheng , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , "Michael S . Tsirkin" , Marcel Apfelbaum , qemu-devel@nongnu.org, qemu-block@nongnu.org, Jonathan Cameron , Wilfred Mallawa Subject: [PATCH v3 2/5] spdm: add spdm storage transport virtual header Date: Mon, 1 Sep 2025 13:47:57 +1000 Message-ID: <20250901034759.85042-4-wilfred.opensource@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250901034759.85042-2-wilfred.opensource@gmail.com> References: <20250901034759.85042-2-wilfred.opensource@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::530; envelope-from=wilfred.opensource@gmail.com; helo=mail-pg1-x530.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1756698643311116600 Content-Type: text/plain; charset="utf-8" From: Wilfred Mallawa This header contains the transport encoding for an SPDM message that uses the SPDM over Storage transport as defined by the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- include/system/spdm-socket.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h index 2b7d03f82d..6c2cb7b926 100644 --- a/include/system/spdm-socket.h +++ b/include/system/spdm-socket.h @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket, uint32_t socket_= cmd, */ void spdm_socket_close(const int socket, uint32_t transport_type); =20 +/** + * Defines the transport encoding for SPDM, this information shall be pass= ed + * down to the SPDM server, when conforming to the SPDM over Storage stand= ard + * as defined by DSP0286. + */ +typedef struct { + uint8_t security_protocol; /* Must be 0xE8 for SPDM Comma= nds */ + uint16_t security_protocol_specific; /* Bit[7:2] SPDM Operation + Bit[0:1] Connection ID */ + uint32_t length; /* Length of the SPDM Message*/ +} QEMU_PACKED StorageSpdmTransportHeader; + #define SPDM_SOCKET_COMMAND_NORMAL 0x0001 #define SPDM_SOCKET_STORAGE_CMD_IF_SEND 0x0002 #define SPDM_SOCKET_STORAGE_CMD_IF_RECV 0x0003 --=20 2.51.0 From nobody Sun Sep 28 15:29:10 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1756698672; cv=none; d=zohomail.com; s=zohoarc; b=K6TXmTYICofdWoa+nx5z6gI5lsWz6A3AmbfZIAaoZVftgRFmPseJ+y8hpq3VaTZVniczmOXcKhvsdCjqr7IHCLsM+uNIkgo/qLZ2jlnMTOq+SGuCp8mY/Mzi1iL6fWcazHbfviBHU/3++v0Ip+xxTl/GgSkubzqGoJlXjomwtcE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1756698672; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Bv9ktMFP/b/o72KPJB4LY0M1enTVib9W5oP97oH6Wcg=; b=TRRMOtgtkb0cgXmyTxIHON/MJ99/d04CHkjM4P6Ym3xM4Do2CAWrURj/uFb98YeYGpSTyr+6UIggeEpMa0ZvpogWmCpt1igGvVbxmndP4nNPYlRxZa6Mvql2inN0JcHIiqEVNkp9RAvc7K1x/otbBuzvDQ+QNrSUQgClWMCN9U4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1756698672518438.6509127135703; Sun, 31 Aug 2025 20:51:12 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1usvY4-0002UI-BR; Sun, 31 Aug 2025 23:49:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1usvY2-0002Tu-6B; Sun, 31 Aug 2025 23:49:38 -0400 Received: from mail-pl1-x635.google.com ([2607:f8b0:4864:20::635]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1usvY0-0005gx-09; Sun, 31 Aug 2025 23:49:37 -0400 Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-24457f581aeso34943295ad.0; Sun, 31 Aug 2025 20:49:35 -0700 (PDT) Received: from fedora ([159.196.5.243]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24905da26b9sm89802815ad.93.2025.08.31.20.49.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Aug 2025 20:49:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756698574; x=1757303374; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Bv9ktMFP/b/o72KPJB4LY0M1enTVib9W5oP97oH6Wcg=; b=SWiZ9dj2/tkj3eHbFwFYpDshu48Uw1AI9DLybtZ4GIBE0u4OS1ey6i7bfXwarOrsjT tNKDr+wL9g2QBZ/AXGLXh9Vi9E+wPYDmR9IEY2P63TdN/rEsbuMDkTTjxh8+Z9me5w41 vsR0ColnWQ5NgZlu1jaQp4oSFwpuO4HgAVtjHj42mkRrZQPT+pAKjgV+uQdm5wanIXsJ O298JOcXcNFqlqLPmq1u7x+9Zw/BpdHAI6TH/CF/wfdhWYYh4aVwpqA7bz2mOwaWmP04 tKn57Af6teq2rSc+3ANQBlx1oXy6cNwrpBdqI8LlDKdFS5vaXja9wQzpAPD/GHMunjXw dQHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756698574; x=1757303374; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Bv9ktMFP/b/o72KPJB4LY0M1enTVib9W5oP97oH6Wcg=; b=h/ftfb72gmrC2AbNKfhI7VPYGKsba640FrHGenizWSizHgHMB24YE5fjnmBnbATSRE tYi5rr+fuNofaOPYjvIMPK1ZPW34T9+IceVf+sYmJxUd6wndrZmTfHeGotS/VSyVL8/x 8OoaU9K3xoXzzoYzyWlzZQd7+8ANlklW91tHw7AvvDUcOGgUYIdmvJj8Y+gnTw+jCKOc IAovhXQNde7+gh2AjBJvB/n1Kf+y/jI/V1UHUWl7UBCx//UdFbbcW6echj5aj03QOdan Fr4nI8lVD6Y9gKFQ1a5k//3PK/RmHecSQf+wX/0nVOfWXn3VdlcdJ3mE5gxCQ4PbsVjM KqrA== X-Forwarded-Encrypted: i=1; AJvYcCUi6lemyLRAtVEfVjJsbUs5nZf6pphkh1QfwcUDWr8c3emB+9IsLXxO6MZ7+UH/3HTzEcBDOaTQMq3ykg==@nongnu.org, AJvYcCXtTnv2dloZvwhwei6C/DF2yXUuA2Ku5VdXUMTRqIxA6oTMoTI1xgiFduVrGUuZfBdRxYo5TdDzfOVk@nongnu.org X-Gm-Message-State: AOJu0YxcnS0DauOCLSqGr0yVt82tsDwiIBc4hgl8mNixilZr1OOZ01Mb CZ9ODFFLEiJZ/8vat0axCazB8qgmXr2ASPJUTwAvmZAkEcFyaWEWYPt7 X-Gm-Gg: ASbGncuqnH7v+0JeXATGUpuhnmkUqw/57YsUg6P+d09oiW3VoLXO+BfOQCxC5Qb2k5w 6I6yfFIxwM1JUB004CiKrbkJyx/QPYzbl+U5Ah996LU95eWCTrzO30VtPB7FVVoAG4NYKn2RjE6 mCNOCWRc6gbayj3ALZoDtUMBvLldUW/rCHwUChcB8cv6dOfR2NC+Wlo4XhwC5v4joElJ/QHstgK HEW3ibt1cRAJ8YR48GATYAFA6hZSNnev/bf07MX2F/3JGHjUUV8ajOTEaeqTVmtlTT0qvVGTY3S tJHnrwAUk/IcKvEScZEVDVzVL1UPC6EXNGbdbq8kjMCDTHfQBKC4RmU6zcvNclAxIgmSVnPdjRI lPdiXfVUjXlEjXEO0QSFNACwMdQ== X-Google-Smtp-Source: AGHT+IEYeGa9DHNdXR3Lh0wf3HlxJj6ew+zOdo/dw5lZUHMMqCCy5XImckn0fE/XS+JgLAusrn5p7g== X-Received: by 2002:a17:902:c405:b0:246:d98e:630 with SMTP id d9443c01a7336-24944b3dff8mr75992175ad.44.1756698573935; Sun, 31 Aug 2025 20:49:33 -0700 (PDT) From: Wilfred Mallawa To: Alistair Francis Cc: Keith Busch , Klaus Jensen , Jesper Devantier , Stefan Hajnoczi , Fam Zheng , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , "Michael S . Tsirkin" , Marcel Apfelbaum , qemu-devel@nongnu.org, qemu-block@nongnu.org, Jonathan Cameron , Wilfred Mallawa Subject: [PATCH v3 3/5] hw/nvme: add NVMe Admin Security SPDM support Date: Mon, 1 Sep 2025 13:47:58 +1000 Message-ID: <20250901034759.85042-5-wilfred.opensource@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250901034759.85042-2-wilfred.opensource@gmail.com> References: <20250901034759.85042-2-wilfred.opensource@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::635; envelope-from=wilfred.opensource@gmail.com; helo=mail-pl1-x635.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1756698673777116600 Content-Type: text/plain; charset="utf-8" From: Wilfred Mallawa Adds the NVMe Admin Security Send/Receive command support with support for DMTFs SPDM. The transport binding for SPDM is defined in the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- hw/nvme/ctrl.c | 188 ++++++++++++++++++++++++++++++++++++++++++- hw/nvme/nvme.h | 5 ++ include/block/nvme.h | 15 ++++ 3 files changed, 207 insertions(+), 1 deletion(-) diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index f5ee6bf260..557f634016 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -282,6 +282,8 @@ static const uint32_t nvme_cse_acs_default[256] =3D { [NVME_ADM_CMD_FORMAT_NVM] =3D NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_= LBCC, [NVME_ADM_CMD_DIRECTIVE_RECV] =3D NVME_CMD_EFF_CSUPP, [NVME_ADM_CMD_DIRECTIVE_SEND] =3D NVME_CMD_EFF_CSUPP, + [NVME_ADM_CMD_SECURITY_SEND] =3D NVME_CMD_EFF_CSUPP, + [NVME_ADM_CMD_SECURITY_RECV] =3D NVME_CMD_EFF_CSUPP, }; =20 static const uint32_t nvme_cse_iocs_nvm_default[256] =3D { @@ -7282,6 +7284,185 @@ static uint16_t nvme_dbbuf_config(NvmeCtrl *n, cons= t NvmeRequest *req) return NVME_SUCCESS; } =20 +static uint16_t nvme_sec_prot_spdm_send(NvmeCtrl *n, NvmeRequest *req) +{ + StorageSpdmTransportHeader hdr =3D {0}; + g_autofree uint8_t *sec_buf =3D NULL; + uint32_t transfer_len =3D le32_to_cpu(req->cmd.cdw11); + uint32_t transport_transfer_len =3D transfer_len; + uint32_t dw10 =3D le32_to_cpu(req->cmd.cdw10); + uint32_t recvd; + uint16_t nvme_cmd_status, ret; + uint8_t secp =3D extract32(dw10, 24, 8); + uint8_t spsp1 =3D extract32(dw10, 16, 8); + uint8_t spsp0 =3D extract32(dw10, 8, 8); + bool spdm_res; + + transport_transfer_len +=3D sizeof(hdr); + if (transport_transfer_len > SPDM_SOCKET_MAX_MESSAGE_BUFFER_SIZE) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + /* Generate the NVMe transport header */ + hdr.security_protocol =3D secp; + hdr.security_protocol_specific =3D cpu_to_le16((spsp1 << 8) | spsp0); + hdr.length =3D cpu_to_le32(transfer_len); + + sec_buf =3D g_malloc0(transport_transfer_len); + + /* Attach the transport header */ + memcpy(sec_buf, &hdr, sizeof(hdr)); + ret =3D nvme_h2c(n, sec_buf + sizeof(hdr), transfer_len, req); + if (ret) { + return ret; + } + + spdm_res =3D spdm_socket_send(n->spdm_socket, SPDM_SOCKET_STORAGE_CMD_= IF_SEND, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, sec_buf, + transport_transfer_len); + if (!spdm_res) { + return NVME_DATA_TRAS_ERROR | NVME_DNR; + } + + /* The responder shall ack with message status */ + recvd =3D spdm_socket_receive(n->spdm_socket, SPDM_SOCKET_TRANSPORT_TY= PE_NVME, + (uint8_t *)&nvme_cmd_status, + SPDM_SOCKET_MAX_MSG_STATUS_LEN); + + nvme_cmd_status =3D cpu_to_be16(nvme_cmd_status); + + if (recvd < SPDM_SOCKET_MAX_MSG_STATUS_LEN) { + return NVME_DATA_TRAS_ERROR | NVME_DNR; + } + + return nvme_cmd_status; +} + +/* From host to controller */ +static uint16_t nvme_security_send(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t dw10 =3D le32_to_cpu(req->cmd.cdw10); + uint8_t secp =3D (dw10 >> 24) & 0xff; + + switch (secp) { + case NVME_SEC_PROT_DMTF_SPDM: + return nvme_sec_prot_spdm_send(n, req); + default: + /* Unsupported Security Protocol Type */ + return NVME_INVALID_FIELD | NVME_DNR; + } + + return NVME_INVALID_FIELD | NVME_DNR; +} + +static uint16_t nvme_sec_prot_spdm_receive(NvmeCtrl *n, NvmeRequest *req) +{ + StorageSpdmTransportHeader hdr; + g_autofree uint8_t *rsp_spdm_buf =3D NULL; + uint32_t dw10 =3D le32_to_cpu(req->cmd.cdw10); + uint32_t alloc_len =3D le32_to_cpu(req->cmd.cdw11); + uint32_t recvd, spdm_res; + uint16_t nvme_cmd_status, ret; + uint8_t secp =3D extract32(dw10, 24, 8); + uint8_t spsp1 =3D extract32(dw10, 16, 8); + uint8_t spsp0 =3D extract32(dw10, 8, 8); + + if (!alloc_len) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + /* Generate the NVMe transport header */ + hdr =3D (StorageSpdmTransportHeader) { + .security_protocol =3D secp, + .security_protocol_specific =3D cpu_to_le16((spsp1 << 8) | spsp0), + .length =3D cpu_to_le32(alloc_len), + }; + + /* Forward if_recv to the SPDM Server with SPSP0 */ + spdm_res =3D spdm_socket_send(n->spdm_socket, SPDM_SOCKET_STORAGE_CMD_= IF_RECV, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, + (uint8_t *)&hdr, sizeof(hdr)); + if (!spdm_res) { + return NVME_DATA_TRAS_ERROR | NVME_DNR; + } + + /* The responder shall ack with message status */ + recvd =3D spdm_socket_receive(n->spdm_socket, SPDM_SOCKET_TRANSPORT_TY= PE_NVME, + (uint8_t *)&nvme_cmd_status, + SPDM_SOCKET_MAX_MSG_STATUS_LEN); + if (recvd < SPDM_SOCKET_MAX_MSG_STATUS_LEN) { + return NVME_DATA_TRAS_ERROR | NVME_DNR; + } + + nvme_cmd_status =3D cpu_to_be16(nvme_cmd_status); + /* An error here implies the prior if_recv from requester was spurious= */ + if (nvme_cmd_status !=3D NVME_SUCCESS) { + return nvme_cmd_status; + } + + /* Clear to start receiving data from the server */ + rsp_spdm_buf =3D g_malloc0(alloc_len); + + recvd =3D spdm_socket_receive(n->spdm_socket, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, + rsp_spdm_buf, alloc_len); + if (!recvd) { + return NVME_DATA_TRAS_ERROR | NVME_DNR; + } + + ret =3D nvme_c2h(n, rsp_spdm_buf, MIN(recvd, alloc_len), req); + if (ret) { + return ret; + } + + return NVME_SUCCESS; +} + +static uint16_t nvme_get_sec_prot_info(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t alloc_len =3D le32_to_cpu(req->cmd.cdw11); + uint8_t resp[10] =3D { + /* Support Security Protol List Length */ + [6] =3D 0, /* MSB */ + [7] =3D 2, /* LSB */ + /* Support Security Protocol List */ + [8] =3D SFSC_SECURITY_PROT_INFO, + [9] =3D NVME_SEC_PROT_DMTF_SPDM, + }; + + if (alloc_len < 10) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + return nvme_c2h(n, resp, sizeof(resp), req); +} + +/* From controller to host */ +static uint16_t nvme_security_receive(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t dw10 =3D le32_to_cpu(req->cmd.cdw10); + uint16_t spsp =3D extract32(dw10, 8, 16); + uint8_t secp =3D extract32(dw10, 24, 8); + + switch (secp) { + case SFSC_SECURITY_PROT_INFO: + switch (spsp) { + case 0: + /* Supported security protocol list */ + return nvme_get_sec_prot_info(n, req); + case 1: + /* Certificate data */ + /* fallthrough */ + default: + return NVME_INVALID_FIELD | NVME_DNR; + } + case NVME_SEC_PROT_DMTF_SPDM: + return nvme_sec_prot_spdm_receive(n, req); + default: + return NVME_INVALID_FIELD | NVME_DNR; + } +} + static uint16_t nvme_directive_send(NvmeCtrl *n, NvmeRequest *req) { return NVME_INVALID_FIELD | NVME_DNR; @@ -7389,6 +7570,10 @@ static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequ= est *req) return nvme_directive_send(n, req); case NVME_ADM_CMD_DIRECTIVE_RECV: return nvme_directive_receive(n, req); + case NVME_ADM_CMD_SECURITY_SEND: + return nvme_security_send(n, req); + case NVME_ADM_CMD_SECURITY_RECV: + return nvme_security_receive(n, req); default: g_assert_not_reached(); } @@ -8824,7 +9009,8 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pc= i_dev) id->mdts =3D n->params.mdts; id->ver =3D cpu_to_le32(NVME_SPEC_VER); =20 - oacs =3D NVME_OACS_NMS | NVME_OACS_FORMAT | NVME_OACS_DIRECTIVES; + oacs =3D NVME_OACS_NMS | NVME_OACS_FORMAT | NVME_OACS_DIRECTIVES | + NVME_OACS_SECURITY; =20 if (n->params.dbcs) { oacs |=3D NVME_OACS_DBCS; diff --git a/hw/nvme/nvme.h b/hw/nvme/nvme.h index b5c9378ea4..67ed562e00 100644 --- a/hw/nvme/nvme.h +++ b/hw/nvme/nvme.h @@ -461,6 +461,8 @@ static inline const char *nvme_adm_opc_str(uint8_t opc) case NVME_ADM_CMD_DIRECTIVE_RECV: return "NVME_ADM_CMD_DIRECTIVE_REC= V"; case NVME_ADM_CMD_DBBUF_CONFIG: return "NVME_ADM_CMD_DBBUF_CONFIG"; case NVME_ADM_CMD_FORMAT_NVM: return "NVME_ADM_CMD_FORMAT_NVM"; + case NVME_ADM_CMD_SECURITY_SEND: return "NVME_ADM_CMD_SECURITY_SEND= "; + case NVME_ADM_CMD_SECURITY_RECV: return "NVME_ADM_CMD_SECURITY_RECV= "; default: return "NVME_ADM_CMD_UNKNOWN"; } } @@ -648,6 +650,9 @@ typedef struct NvmeCtrl { } next_pri_ctrl_cap; /* These override pri_ctrl_cap after reset */ uint32_t dn; /* Disable Normal */ NvmeAtomic atomic; + + /* Socket mapping to SPDM over NVMe Security In/Out commands */ + int spdm_socket; } NvmeCtrl; =20 typedef enum NvmeResetType { diff --git a/include/block/nvme.h b/include/block/nvme.h index 358e516e38..9fa2ecaf28 100644 --- a/include/block/nvme.h +++ b/include/block/nvme.h @@ -1779,6 +1779,21 @@ enum NvmeDirectiveOperations { NVME_DIRECTIVE_RETURN_PARAMS =3D 0x1, }; =20 +typedef enum SfscSecurityProtocol { + SFSC_SECURITY_PROT_INFO =3D 0x00, +} SfscSecurityProtocol; + +typedef enum NvmeSecurityProtocols { + NVME_SEC_PROT_DMTF_SPDM =3D 0xE8, +} NvmeSecurityProtocols; + +typedef enum SpdmOperationCodes { + SPDM_STORAGE_DISCOVERY =3D 0x1, /* Mandatory */ + SPDM_STORAGE_PENDING_INFO =3D 0x2, /* Optional */ + SPDM_STORAGE_MSG =3D 0x5, /* Mandatory */ + SPDM_STORAGE_SEC_MSG =3D 0x6, /* Optional */ +} SpdmOperationCodes; + typedef struct QEMU_PACKED NvmeFdpConfsHdr { uint16_t num_confs; uint8_t version; --=20 2.51.0 From nobody Sun Sep 28 15:29:10 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1756698659; cv=none; d=zohomail.com; s=zohoarc; b=jJqg1WOpOhjEj8tQQKOaobb0nmZ+y9vtSNwttqXS713PuxP9gLBfgHxKkENwcb7XZKwDaNNwU//TGLWsjs2FM2qEfXl7pC8EnWhgi5B1EOM87C/fRR2fySnxvi5Ofm4HhtlgHKVo12VcX0WUDPIi+343RsvsBHpoK3jG5j2xfY4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1756698659; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=u/kmaiKLLPI0PyePeUcLux7CKbpjWHsslnSzk4jw9sA=; b=YZcnwAc3dN05XN7YKs5iG7STpv+hlmNZTbparftcaa1NhPdAY16DuKNqySL46IPIQq2EKaB2bLohX+cNwiQpXNQhHb9RHeoAqBAeTZbxAPbhZBaYFg6HMFUaqipFzjGA5so+koEt/kIK+hLkrRrFn1x9wbaDNnBT68C5SJSE2/I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1756698659861657.771263755115; Sun, 31 Aug 2025 20:50:59 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1usvY9-0002Wd-BZ; Sun, 31 Aug 2025 23:49:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1usvY7-0002Vk-Hs; Sun, 31 Aug 2025 23:49:43 -0400 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1usvY5-0005hV-OX; Sun, 31 Aug 2025 23:49:43 -0400 Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-248ff5cabe0so18377665ad.0; Sun, 31 Aug 2025 20:49:41 -0700 (PDT) Received: from fedora ([159.196.5.243]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24905da26b9sm89802815ad.93.2025.08.31.20.49.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Aug 2025 20:49:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756698580; x=1757303380; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=u/kmaiKLLPI0PyePeUcLux7CKbpjWHsslnSzk4jw9sA=; b=iaV9b9zc3S3RXPcMkG6awgggFjmf9KI8fu4xtgKIZW1+U7I0ctWxJbc5r8TTad/YKD EgeIL8vl8bUGXua6j79IIr2CCTp3RbL5ZLWLbCls1NKfy2HxCxJ2L62DvsbuKUrQh62X 9nK5ToVMpeYB8dHu1RBIP7go3XBQWU2l2mY7rNu3TAfzwJMF1sqIaNGhPflM93vojv0D capU+hJ7jIa8/a0/P11+Qgsbw0cePNf4s4Bwkjl6XrkjG3ivwlMGzEyxfffLc++g1w1y q99N4zz4hQWoREsksv0+Av4sHFKXVE8/L4MBZ+rnBqqWWl9Bfl3VzNk3Wt6sSVV6ThOB 6VHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756698580; x=1757303380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=u/kmaiKLLPI0PyePeUcLux7CKbpjWHsslnSzk4jw9sA=; b=oL7NUdMIsqwYDPHNnzo8dwdkYtmHjl2yWDJabbLOgUTqWl2GLJQ4HX3KM2nmtdBDs5 lKQXYhG21sDX6sEYTbsI/VEq0oYYGt0TlxM2djL6BjyV5I8wuhx4c9okRdXm3I+Ay7MC jNdxMitqkT3hvmpljes6fWkHr/NH2JTnxSwbCsAmFSFRJOoONSG1RHFqGrWPOgoMyVmu GBbldp3q4IwPO45OG8PWxzTPIaq6PC0Xi3DsvTcKess3Qrre6q+NeMoid9os5GS2XM1Q Ij2BSnC424mqVV/i0bGZvXwqHTDMmt3DQI5xRsqV8ckReGuwr8PbbcHnZ+wMVftwexd4 jkMA== X-Forwarded-Encrypted: i=1; AJvYcCURvUpQAWJ9uGSQB4Eg2HtccFTb9Eiv82C2+n9T5JQ1XaRzpmgIEO0D2aFPqtWPpIr1E4iv3LTjqkaMcQ==@nongnu.org, AJvYcCUbPeXxbt0DMGivLWhp9HyCZKkCTPoJ2cxOP0V57Uf1/3vtmmTzmPV1BpSqMl7ec5fb9SdFQc+YGGaz@nongnu.org X-Gm-Message-State: AOJu0Yy4NySUJZKScgpxzB7k+7nSoeTNzuiZEqiOrqSWtCxqWzcjbYu7 MDiH9b/rZm+U8JovYNAeFnic2BxvFEnxfLgRA8Jml/qn2nsqLQPEy2is X-Gm-Gg: ASbGnctaoTXt1HLicrQ4m2/WPSBYlw8mt455TV0xPEr1WW7t6XJEnsI+P2b6lCUpEwU eyZsARAbg4+FrE1b/PajFL2DttE2Gvjsf0C/pGEL/MLQsVs7BIuiEylYAKjQOZTe3XL7lK8vPjq 3uwSKMJ29/2NhFJyK2ljgfl5sjHEnxabOstKJugV+FfUq48+FOBsY2BK9DTNOOic56OFR0cS4Yh 2AOQjrlNP0iCLZsx1eziP+t/J2Na5bJ1nwajBcB9F0A6BZXEIOzrEVzH8pGoKlv/hvsxWybkpX8 Qgi3a1A/Iy4eZQiFy064q99SvioWck+Q5PPZ4rwB82gtV2bA9lKBW0ra8v/4gdKRxPc//A+8cO3 AQuHXRQmUMBLQ5MLTLB5Ibtc3pg== X-Google-Smtp-Source: AGHT+IH9pvnNr92ZMW+Q/drxjlaM9jEgtFVvTMffzS3hSgSpsZIWpsjQod3o/nT5GWp5/AZhFCrnZA== X-Received: by 2002:a17:903:1aa5:b0:249:17d1:f1d5 with SMTP id d9443c01a7336-24944b29de0mr86359355ad.60.1756698579630; Sun, 31 Aug 2025 20:49:39 -0700 (PDT) From: Wilfred Mallawa To: Alistair Francis Cc: Keith Busch , Klaus Jensen , Jesper Devantier , Stefan Hajnoczi , Fam Zheng , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , "Michael S . Tsirkin" , Marcel Apfelbaum , qemu-devel@nongnu.org, qemu-block@nongnu.org, Jonathan Cameron , Wilfred Mallawa Subject: [PATCH v3 4/5] spdm: define SPDM transport enum types Date: Mon, 1 Sep 2025 13:47:59 +1000 Message-ID: <20250901034759.85042-6-wilfred.opensource@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250901034759.85042-2-wilfred.opensource@gmail.com> References: <20250901034759.85042-2-wilfred.opensource@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::62b; envelope-from=wilfred.opensource@gmail.com; helo=mail-pl1-x62b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1756698661527116600 Content-Type: text/plain; charset="utf-8" From: Wilfred Mallawa SPDM maybe used over different transports, such as PCIe Data Object Exchange (DoE) or Storage amongst others. This patch specifies such types as an enum with a qdev property definition such that a user input transport type (string) can be mapped directly into the respective SPDM transport enum for internal use. Signed-off-by: Wilfred Mallawa --- backends/spdm-socket.c | 23 +++++++++++++++++++++++ include/system/spdm-socket.h | 23 ++++++++++++++++++----- 2 files changed, 41 insertions(+), 5 deletions(-) diff --git a/backends/spdm-socket.c b/backends/spdm-socket.c index 3d264814df..6943246372 100644 --- a/backends/spdm-socket.c +++ b/backends/spdm-socket.c @@ -13,6 +13,9 @@ #include "qemu/osdep.h" #include "system/spdm-socket.h" #include "qapi/error.h" +#include "hw/qdev-properties.h" +#include "hw/qdev-properties-system.h" +#include "hw/core/qdev-prop-internal.h" =20 static bool read_bytes(const int socket, uint8_t *buffer, size_t number_of_bytes) @@ -248,3 +251,23 @@ void spdm_socket_close(const int socket, uint32_t tran= sport_type) send_platform_data(socket, transport_type, SPDM_SOCKET_COMMAND_SHUTDOWN, NULL, 0); } + +const QEnumLookup SpdmTransport_lookup =3D { + .array =3D (const char *const[]) { + [SPDM_SOCKET_TRANSPORT_TYPE_UNSPEC] =3D "unspecified", + [SPDM_SOCKET_TRANSPORT_TYPE_MCTP] =3D "mctp", + [SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE] =3D "doe", + [SPDM_SOCKET_TRANSPORT_TYPE_SCSI] =3D "scsi", + [SPDM_SOCKET_TRANSPORT_TYPE_NVME] =3D "nvme", + }, + .size =3D SPDM_SOCKET_TRANSPORT_TYPE_MAX +}; + +const PropertyInfo qdev_prop_spdm_trans =3D { + .type =3D "SpdmTransportType", + .description =3D "Spdm Transport, doe/nvme/mctp/scsi/unspecified", + .enum_table =3D &SpdmTransport_lookup, + .get =3D qdev_propinfo_get_enum, + .set =3D qdev_propinfo_set_enum, + .set_default_value =3D qdev_propinfo_set_default_value_enum, +}; diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h index 6c2cb7b926..8fb5f7cf40 100644 --- a/include/system/spdm-socket.h +++ b/include/system/spdm-socket.h @@ -110,12 +110,25 @@ typedef struct { #define SPDM_SOCKET_COMMAND_UNKOWN 0xFFFF #define SPDM_SOCKET_COMMAND_TEST 0xDEAD =20 -#define SPDM_SOCKET_TRANSPORT_TYPE_MCTP 0x01 -#define SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE 0x02 -#define SPDM_SOCKET_TRANSPORT_TYPE_SCSI 0x03 -#define SPDM_SOCKET_TRANSPORT_TYPE_NVME 0x04 - #define SPDM_SOCKET_MAX_MESSAGE_BUFFER_SIZE 0x1200 #define SPDM_SOCKET_MAX_MSG_STATUS_LEN 0x02 =20 +typedef enum SpdmTransportType { + SPDM_SOCKET_TRANSPORT_TYPE_UNSPEC =3D 0, + SPDM_SOCKET_TRANSPORT_TYPE_MCTP, + SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE, + SPDM_SOCKET_TRANSPORT_TYPE_SCSI, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, + SPDM_SOCKET_TRANSPORT_TYPE_MAX, +} SpdmTransportType; + +extern const PropertyInfo qdev_prop_spdm_trans; + +#define DEFINE_PROP_SPDM_TRANS(_name, _state, _field, _default) \ + DEFINE_PROP_UNSIGNED(_name, _state, _field, _default, \ + qdev_prop_spdm_trans, SpdmTransportType) +#define DEFINE_PROP_SPDM_TRANS_NODEFAULT(_name, _state, _field) \ + DEFINE_PROP_SPDM_TRANS(_name, _state, _field, \ + SPDM_SOCKET_TRANSPORT_TYPE_UNSPEC) + #endif --=20 2.51.0 From nobody Sun Sep 28 15:29:10 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1756698641; cv=none; d=zohomail.com; s=zohoarc; b=LiOMehGkeFZEtJehoW5MQLPopzyG7rj+WYDD9X0k6x8RWOHu+6DCT3NvRXakTzJj+A0S1L+jppJ/ROXK80w5ssq7fokYVO4xRwh8FoGyWORRNF+Mb3I9OR+PS2fSisfSNGb3pU/PCj0QMHev5CHsFWILsbf8enkg+vV2I2ReXcE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1756698641; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=BaNp85xhBro5vjsl2MiptN5C04jXQ9rmCRsrEDehNZ8=; b=fTxFMD6WLuxKuXfpXFITvze8TQDpBWPI/Z1dVMECHz2I6uFGXJaWAldFGlpE5BHI3H2ysBWAWO6o/jYd/ZSMch34nhssQyqnQXGdvZU5gAms2OprasPut87VRVmWvyt3XQYsgRpExSm2myfObGVhnh9rN3Q9FxpElXhMkN445H4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1756698641896516.9881499117984; Sun, 31 Aug 2025 20:50:41 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1usvYG-0002Z1-IX; Sun, 31 Aug 2025 23:49:52 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1usvYD-0002Xz-JY; Sun, 31 Aug 2025 23:49:50 -0400 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1usvYB-0005iP-Eq; Sun, 31 Aug 2025 23:49:49 -0400 Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-2445824dc27so34707335ad.3; Sun, 31 Aug 2025 20:49:46 -0700 (PDT) Received: from fedora ([159.196.5.243]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-24905da26b9sm89802815ad.93.2025.08.31.20.49.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 31 Aug 2025 20:49:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756698585; x=1757303385; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BaNp85xhBro5vjsl2MiptN5C04jXQ9rmCRsrEDehNZ8=; b=Y9RlGgYOPNTFXzYsEWbgmoD/9n+Q19jauTq737tm6dif7EekRGFIxAmIGk8YRz1rAI zACGn0hlfa1a9I7ci/uv2aEO8xCkSabyFJaxulj9u0JbTd3EKgbJ73ppZfp7VCSrw2Kl Y2hdUsKtAuJJCMJW8Lc6gy66rYbCzzaY3UzkDSGlxaImUAy3yZHBO52njRhZzEs92+yi bjCC3K9jk/OnQJr2zmKC+/CRbmBmTCShvIkaTBZoy9erUMBI+03BsORn3dtuIoUj2Q+v X5vM/UW6SNtmxLQSyXpe5Sg5s0nJTfFW0qhgJ4jXK8BM4/i2DqcOobQL9BCig79KXf5e S5rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756698585; x=1757303385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BaNp85xhBro5vjsl2MiptN5C04jXQ9rmCRsrEDehNZ8=; b=UjkXQwb4PGq6sVBCmT7RfHuEcMaxuAZZn4F6yox+bXAPm70k3Z80nAj6QCPAuT3euX 1FkNvqbsOVvsGOSYiq8pzlzDktlJo56Fj65bF88xYxo9OZNk7JLJUNFsJZRtpLJLaitk WNthY+BDTm/svtHjfcDVzlf4Uaf8+7i8+f55KCmxzAhzKLIEwmK/3GtTrw6zMdwPxMyn imfpXC9uONcuE+af0KkITW4KxjHLGoBfVVnVDqwmngeCIaMSh6T/AyQCJ2wFiCuKNjzi ilQo4R1K0azi4j+4w9C6JILudaU4VIu0laXfI6trxfEl+fA4wbs68/2Liys0CoRbFuVq 0xQw== X-Forwarded-Encrypted: i=1; AJvYcCVaB3mTTh13TN1qs4AIs6jg2NpqdfbAfs2ZONPv+3nZNcK/aNVBcrGuzqLW+sCSjbLbbEhhyEfKFZGG@nongnu.org, AJvYcCWu6p9hOvDyRm5Xg5UZApGvGYSrX8KDNuPc9J9/oTLYIBubJuoyh3Rtj/11Qs92QDDncPUkPCvHNN20Uw==@nongnu.org X-Gm-Message-State: AOJu0YynplOPcG3s90bU9HtNQQPkh6nspXyK2tVlQpi9NuZy1pUM83bv ieEZnqNRNw7xH51jGtH32r4HcMtivW51L6y9qfMqSpJRAbQlK17SWp5C X-Gm-Gg: ASbGncsymxh7w23LjClE86WtzmqzxrRlpLNcqFubgmCE3lEYnHR9HHJ/iSuQtAnTYf2 yzjNXE1IJJX5yeLCCduICO9VxvbvHDi8uyZ6e3viGg3odKbNCB7yVMkppVhYo6JagtgWssO7AsN Hey4k62AMFDCOpExJWa7G0AziSeNWcYPe8hCfMf57CD+yi/3Hg7sj4GRbTT6TyEdOezP03D1zTm YW8RutKhyWYVlm4rLhdmPtM9C2uttT2FaqtLYW1wplBesGChOCnTcwkM7Xr3loHW7/QTeDtGRSr fmhKv5kTfFWjiD+jTcLTH3m62b3rF6hXdq+zVjJsbZeU+dY6SGzV7za7IBZSvZvDWYWakzlXrHR g8CwJTOA9I93UyUkILdBjGRuwd4PQ0qW0vpLa X-Google-Smtp-Source: AGHT+IGieSiM6D0me/v2iTpDKb8rbeuujO/S/dVswi0uy4O2xDoxHvRQKdCl+0w+5EX34ZM7yhp4JQ== X-Received: by 2002:a17:902:e751:b0:248:a054:e1c4 with SMTP id d9443c01a7336-249448f8ad8mr79955915ad.23.1756698585422; Sun, 31 Aug 2025 20:49:45 -0700 (PDT) From: Wilfred Mallawa To: Alistair Francis Cc: Keith Busch , Klaus Jensen , Jesper Devantier , Stefan Hajnoczi , Fam Zheng , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , "Michael S . Tsirkin" , Marcel Apfelbaum , qemu-devel@nongnu.org, qemu-block@nongnu.org, Jonathan Cameron , Wilfred Mallawa Subject: [PATCH v3 5/5] hw/nvme: connect SPDM over NVMe Security Send/Recv Date: Mon, 1 Sep 2025 13:48:00 +1000 Message-ID: <20250901034759.85042-7-wilfred.opensource@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20250901034759.85042-2-wilfred.opensource@gmail.com> References: <20250901034759.85042-2-wilfred.opensource@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::62b; envelope-from=wilfred.opensource@gmail.com; helo=mail-pl1-x62b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1756698644730124101 Content-Type: text/plain; charset="utf-8" From: Wilfred Mallawa This patch extends the existing support we have for NVMe with only DoE to also add support to SPDM over the NVMe Security Send/Recv commands. With the new definition of the `spdm-trans` argument, users can specify `spdm_trans=3Dnvme` or `spdm_trans=3Ddoe`. This allows us to select the SPDM transport respectively. SPDM over the NVMe Security Send/Recv commands are defined in the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- docs/specs/spdm.rst | 10 +++++++-- hw/nvme/ctrl.c | 45 ++++++++++++++++++++++++++++--------- include/hw/pci/pci_device.h | 2 ++ 3 files changed, 44 insertions(+), 13 deletions(-) diff --git a/docs/specs/spdm.rst b/docs/specs/spdm.rst index f7de080ff0..dd6cfbbd68 100644 --- a/docs/specs/spdm.rst +++ b/docs/specs/spdm.rst @@ -98,7 +98,7 @@ Then you can add this to your QEMU command line: .. code-block:: shell =20 -drive file=3Dblknvme,if=3Dnone,id=3Dmynvme,format=3Draw \ - -device nvme,drive=3Dmynvme,serial=3Ddeadbeef,spdm_port=3D2323 + -device nvme,drive=3Dmynvme,serial=3Ddeadbeef,spdm_port=3D2323,spd= m_trans=3Ddoe =20 At which point QEMU will try to connect to the SPDM server. =20 @@ -113,7 +113,13 @@ of the default. So the entire QEMU command might look = like this -append "root=3D/dev/vda console=3DttyS0" \ -net none -nographic \ -drive file=3Dblknvme,if=3Dnone,id=3Dmynvme,format=3Draw \ - -device nvme,drive=3Dmynvme,serial=3Ddeadbeef,spdm_port=3D2323 + -device nvme,drive=3Dmynvme,serial=3Ddeadbeef,spdm_port=3D2323,spd= m_trans=3Ddoe + +The `spdm_trans` argument defines the underlying transport type that is em= ulated +by QEMU. For an PCIe NVMe controller, both "doe" and "nvme" are supported.= Where, +"doe" does SPDM transport over the PCIe extended capability Data Object Ex= change +(DOE), and "nvme" uses the NVMe Admin Security Send/Receive commands to +implement the SPDM transport. =20 .. _DMTF: https://www.dmtf.org/standards/SPDM diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index 557f634016..9e69cd3433 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -8923,19 +8923,31 @@ static bool nvme_init_pci(NvmeCtrl *n, PCIDevice *p= ci_dev, Error **errp) =20 pcie_cap_deverr_init(pci_dev); =20 - /* DOE Initialisation */ + /* SPDM Initialisation */ if (pci_dev->spdm_port) { - uint16_t doe_offset =3D n->params.sriov_max_vfs ? - PCI_CONFIG_SPACE_SIZE + PCI_ARI_SIZEOF - : PCI_CONFIG_SPACE_SIZE; + switch (pci_dev->spdm_trans) { + case SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE: + uint16_t doe_offset =3D n->params.sriov_max_vfs ? + PCI_CONFIG_SPACE_SIZE + PCI_ARI_SIZEOF + : PCI_CONFIG_SPACE_SIZE; =20 - pcie_doe_init(pci_dev, &pci_dev->doe_spdm, doe_offset, - doe_spdm_prot, true, 0); + pcie_doe_init(pci_dev, &pci_dev->doe_spdm, doe_offset, + doe_spdm_prot, true, 0); =20 - pci_dev->doe_spdm.spdm_socket =3D spdm_socket_connect(pci_dev->spd= m_port, - errp); + pci_dev->doe_spdm.spdm_socket =3D + spdm_socket_connect(pci_dev->spdm_port, errp); =20 - if (pci_dev->doe_spdm.spdm_socket < 0) { + if (pci_dev->doe_spdm.spdm_socket < 0) { + return false; + } + break; + case SPDM_SOCKET_TRANSPORT_TYPE_NVME: + n->spdm_socket =3D spdm_socket_connect(pci_dev->spdm_port, err= p); + if (n->spdm_socket < 0) { + return false; + } + break; + default: return false; } } @@ -9226,11 +9238,17 @@ static void nvme_exit(PCIDevice *pci_dev) g_free(n->cmb.buf); } =20 + /* Only one of the `spdm_socket` below would have been setup */ if (pci_dev->doe_spdm.spdm_socket > 0) { spdm_socket_close(pci_dev->doe_spdm.spdm_socket, SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE); } =20 + if (n->spdm_socket > 0) { + spdm_socket_close(pci_dev->doe_spdm.spdm_socket, + SPDM_SOCKET_TRANSPORT_TYPE_NVME); + } + if (n->pmr.dev) { host_memory_backend_set_mapped(n->pmr.dev, false); } @@ -9283,6 +9301,7 @@ static const Property nvme_props[] =3D { false), DEFINE_PROP_UINT16("mqes", NvmeCtrl, params.mqes, 0x7ff), DEFINE_PROP_UINT16("spdm_port", PCIDevice, spdm_port, 0), + DEFINE_PROP_SPDM_TRANS_NODEFAULT("spdm_trans", PCIDevice, spdm_trans), DEFINE_PROP_BOOL("ctratt.mem", NvmeCtrl, params.ctratt.mem, false), DEFINE_PROP_BOOL("atomic.dn", NvmeCtrl, params.atomic_dn, 0), DEFINE_PROP_UINT16("atomic.awun", NvmeCtrl, params.atomic_awun, 0), @@ -9358,7 +9377,9 @@ static void nvme_pci_write_config(PCIDevice *dev, uin= t32_t address, { uint16_t old_num_vfs =3D pcie_sriov_num_vfs(dev); =20 - if (pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE)) { + /* DOE is only initialised if SPDM over DOE is used */ + if (pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE) && + dev->spdm_trans =3D=3D SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE) { pcie_doe_write_config(&dev->doe_spdm, address, val, len); } pci_default_write_config(dev, address, val, len); @@ -9369,7 +9390,9 @@ static void nvme_pci_write_config(PCIDevice *dev, uin= t32_t address, static uint32_t nvme_pci_read_config(PCIDevice *dev, uint32_t address, int= len) { uint32_t val; - if (dev->spdm_port && pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE)) { + + if (dev->spdm_port && pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE) && + (dev->spdm_trans =3D=3D SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE)) { if (pcie_doe_read_config(&dev->doe_spdm, address, len, &val)) { return val; } diff --git a/include/hw/pci/pci_device.h b/include/hw/pci/pci_device.h index eee0338568..88ccea5011 100644 --- a/include/hw/pci/pci_device.h +++ b/include/hw/pci/pci_device.h @@ -4,6 +4,7 @@ #include "hw/pci/pci.h" #include "hw/pci/pcie.h" #include "hw/pci/pcie_doe.h" +#include "system/spdm-socket.h" =20 #define TYPE_PCI_DEVICE "pci-device" typedef struct PCIDeviceClass PCIDeviceClass; @@ -166,6 +167,7 @@ struct PCIDevice { =20 /* SPDM */ uint16_t spdm_port; + SpdmTransportType spdm_trans; =20 /* DOE */ DOECap doe_spdm; --=20 2.51.0