| Message ID | 20240201010747.471141-1-david.e.box@linux.intel.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Intel On Demand: Add netlink interface for SPDM attestation | expand |
On Wed, 31 Jan 2024 17:07:39 -0800 "David E. Box" <david.e.box@linux.intel.com> wrote: > This patch series primarily adds support for a new netlink ABI in the > Intel On Demand driver for performing attestation of the hardware state. Are there any tools (in iproute2) or tests to support this interface?
On 1/31/24 5:07 PM, David E. Box wrote: > This patch series primarily adds support for a new netlink ABI in the > Intel On Demand driver for performing attestation of the hardware state. Try to add some info about why you need new netlink ABI? > > Attestation patches > > Patch 1: The attestation mailbox command requires that the message size > register be set along with the package size. Adds that support. > > Patch 2: The attestation command will need to write the SPDM message and > read the response. The current mailbox flow handles reads and writes > separately. Combines the two flows. > > Patch 3: Patch 4 will create a separate c file for the netlink > interface. Add a separate header file now. No functional changes. This > mostly just makes it easier to see the changes in Patch 4. > > Patch 4: Adds attestation support to the driver and provides a netlink > interface to perform the service. > > Other changes > > Patch 5: Adds support to read the in-band BIOS lock. If set, On Demand > controls are not available in the driver. > > Patch 6: Adds a new attribute to allow reading the most current metering > state. > > Patch 7: Fixes for the intel_sdsi tool > > Patch 8: Adds support to the intel_sdsi tool to read the current meter > state. > > David E. Box (7): > platform/x86/intel/sdsi: Set message size during writes > platform/x86/intel/sdsi: Combine read and write mailbox flows > platform/x86/intel/sdsi: Add header file > platform/x86/intel/sdsi: Add netlink SPDM transport > platform/x86/intel/sdsi: Add attribute to read the current meter state > tools: Fix errors in meter_certificate display > tools: intel_sdsi: Add current meter support > > Kuppuswamy Sathyanarayanan (1): > platform/x86/intel/sdsi: Add in-band BIOS lock support > > Documentation/netlink/specs/intel_sdsi.yaml | 97 ++++++ > MAINTAINERS | 3 + > drivers/platform/x86/intel/Makefile | 2 +- > drivers/platform/x86/intel/sdsi.c | 317 ++++++++++++++++---- > drivers/platform/x86/intel/sdsi.h | 47 +++ > drivers/platform/x86/intel/sdsi_genl.c | 249 +++++++++++++++ > include/uapi/linux/intel-sdsi.h | 40 +++ > tools/arch/x86/intel_sdsi/intel_sdsi.c | 99 +++--- > 8 files changed, 754 insertions(+), 100 deletions(-) > create mode 100644 Documentation/netlink/specs/intel_sdsi.yaml > create mode 100644 drivers/platform/x86/intel/sdsi.h > create mode 100644 drivers/platform/x86/intel/sdsi_genl.c > create mode 100644 include/uapi/linux/intel-sdsi.h > > > base-commit: 6613476e225e090cc9aad49be7fa504e290dd33d
On Thu, 1 Feb 2024 08:53:37 -0800 Kuppuswamy Sathyanarayanan wrote: > On 1/31/24 5:07 PM, David E. Box wrote: > > This patch series primarily adds support for a new netlink ABI in the > > Intel On Demand driver for performing attestation of the hardware state. > > Try to add some info about why you need new netlink ABI? Since netdev is copied it'd also be useful to give us a high level intro into what pieces are involved. Assume we have heard about SPDM/attestation in context of NIC FW but have little understanding of x86 platform stuff. grep -i sdsi Documentation doesn't say much, the first Google result for Intel On Demand reads like marketing fluff :(