[RFC,2/4] spdm: add spdm storage transport virtual header

Message ID	20250107052906.249973-5-wilfred.mallawa@wdc.com (mailing list archive)
State	New
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> IronPort-SDR: 677cc2e3_exhgayasJ6nIAHIASOx6EMl3hBNULGgWIpewD+SgWZT9REJ FRkTAuqYpg6LS/XtbV9mC1ZVHCSq3g6FxkZFHtA== WDCIronportException: Internal To: qemu-devel@nongnu.org, qemu-block@nongnu.org Cc: alistair.francis@wdc.com, kbusch@kernel.org, its@irrelevant.dk, foss@defmacro.it, stefanha@redhat.com, fam@euphon.net, philmd@linaro.org, kwolf@redhat.com, hreitz@redhat.com, mst@redhat.com, marcel.apfelbaum@gmail.com, Wilfred Mallawa <wilfred.mallawa@wdc.com> Subject: [RFC 2/4] spdm: add spdm storage transport virtual header Date: Tue, 7 Jan 2025 15:29:06 +1000 Message-ID: <20250107052906.249973-5-wilfred.mallawa@wdc.com> In-Reply-To: <20250107052906.249973-2-wilfred.mallawa@wdc.com> References: <20250107052906.249973-2-wilfred.mallawa@wdc.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=216.71.153.141; envelope-from=prvs=095394c9e=wilfred.mallawa@wdc.com; helo=esa3.hgst.iphmx.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Reply-to: Wilfred Mallawa <wilfred.mallawa@wdc.com> From: Wilfred Mallawa via <qemu-devel@nongnu.org> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Series	Add SPDM over Storage transport support for NVMe \| expand [RFC,0/4] Add SPDM over Storage transport support for NVMe [RFC,1/4] spdm-socket: add seperate send/recv functions [RFC,2/4] spdm: add spdm storage transport virtual header [RFC,3/4] hw/nvme: add NVMe Admin Security SPDM support [RFC,4/4] hw/nvme: connect SPDM over NVMe Security Send/Recv

Message ID

20250107052906.249973-5-wilfred.mallawa@wdc.com (mailing list archive)

State

New

Headers

IronPort-SDR: 677cc2e3_exhgayasJ6nIAHIASOx6EMl3hBNULGgWIpewD+SgWZT9REJ
 FRkTAuqYpg6LS/XtbV9mC1ZVHCSq3g6FxkZFHtA==
WDCIronportException: Internal
To: qemu-devel@nongnu.org,
	qemu-block@nongnu.org
Cc: alistair.francis@wdc.com, kbusch@kernel.org, its@irrelevant.dk,
 foss@defmacro.it, stefanha@redhat.com, fam@euphon.net, philmd@linaro.org,
 kwolf@redhat.com, hreitz@redhat.com, mst@redhat.com,
 marcel.apfelbaum@gmail.com, Wilfred Mallawa <wilfred.mallawa@wdc.com>
Subject: [RFC 2/4] spdm: add spdm storage transport virtual header
Date: Tue,  7 Jan 2025 15:29:06 +1000
Message-ID: <20250107052906.249973-5-wilfred.mallawa@wdc.com>
In-Reply-To: <20250107052906.249973-2-wilfred.mallawa@wdc.com>
References: <20250107052906.249973-2-wilfred.mallawa@wdc.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=216.71.153.141;
 envelope-from=prvs=095394c9e=wilfred.mallawa@wdc.com;
 helo=esa3.hgst.iphmx.com
X-Spam_score_int: -43
X-Spam_score: -4.4
X-Spam_bar: ----
X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Mailman-Approved-At: Tue, 07 Jan 2025 09:03:36 -0500
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Reply-to: Wilfred Mallawa <wilfred.mallawa@wdc.com>
From: Wilfred Mallawa via <qemu-devel@nongnu.org>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org

Series

Add SPDM over Storage transport support for NVMe | expand

Commit Message

Wilfred Mallawa Jan. 7, 2025, 5:29 a.m. UTC

This header contains the transport encoding for an SPDM message that
uses the SPDM over Storage transport as defined by the DMTF DSP0286.

Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
---
 include/system/spdm-socket.h | 12 ++++++++++++
 1 file changed, 12 insertions(+)

Comments

Klaus Jensen Jan. 10, 2025, 9:04 a.m. UTC | #1

On Jan  7 15:29, Wilfred Mallawa via wrote:
> This header contains the transport encoding for an SPDM message that
> uses the SPDM over Storage transport as defined by the DMTF DSP0286.
> 
> Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> ---
>  include/system/spdm-socket.h | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h
> index 2b7d03f82d..fc007e5b48 100644
> --- a/include/system/spdm-socket.h
> +++ b/include/system/spdm-socket.h
> @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket, uint32_t socket_cmd,
>   */
>  void spdm_socket_close(const int socket, uint32_t transport_type);
>  
> +/*
> + * Defines the transport encoding for SPDM, this information shall be passed
> + * down to the SPDM server, when conforming to the SPDM over Storage standard
> + * as defined by DSP0286.
> + */
> +typedef struct QEMU_PACKED {
> +    uint8_t security_protocol;
> +    uint16_t security_protocol_specific;
> +    bool inc_512;
> +    uint32_t length;
> +} StorageSpdmTransportHeader;

Does it make sense to pack a bool? Is this defined by the SPDM server in
use? I can't find the definition of this header anywhere.

> +
>  #define SPDM_SOCKET_COMMAND_NORMAL                0x0001
>  #define SPDM_SOCKET_STORAGE_CMD_IF_SEND           0x0002
>  #define SPDM_SOCKET_STORAGE_CMD_IF_RECV           0x0003
> -- 
> 2.47.1
> 
>

Wilfred Mallawa Jan. 15, 2025, 2:16 a.m. UTC | #2

On Fri, 2025-01-10 at 10:04 +0100, Klaus Jensen wrote:
> On Jan  7 15:29, Wilfred Mallawa via wrote:
> > This header contains the transport encoding for an SPDM message
> > that
> > uses the SPDM over Storage transport as defined by the DMTF
> > DSP0286.
> > 
> > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> > ---
> >  include/system/spdm-socket.h | 12 ++++++++++++
> >  1 file changed, 12 insertions(+)
> > 
> > diff --git a/include/system/spdm-socket.h b/include/system/spdm-
> > socket.h
> > index 2b7d03f82d..fc007e5b48 100644
> > --- a/include/system/spdm-socket.h
> > +++ b/include/system/spdm-socket.h
> > @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket, uint32_t
> > socket_cmd,
> >   */
> >  void spdm_socket_close(const int socket, uint32_t transport_type);
> >  
> > +/*
> > + * Defines the transport encoding for SPDM, this information shall
> > be passed
> > + * down to the SPDM server, when conforming to the SPDM over
> > Storage standard
> > + * as defined by DSP0286.
> > + */
> > +typedef struct QEMU_PACKED {
> > +    uint8_t security_protocol;
> > +    uint16_t security_protocol_specific;
> > +    bool inc_512;
> > +    uint32_t length;
> > +} StorageSpdmTransportHeader;
> 
> Does it make sense to pack a bool? Is this defined by the SPDM server
> in
> use? I can't find the definition of this header anywhere.
> 
This is essentially a virtual header containing essential storage
transport data as per DSP0286. For example, this is defined in the
upstream effort for 
`libspmd` to add storage binding support [1] and in DSP0286 [2], this
is defined in section 5.1.1.

Current implementation of the SPDM server (i.e in `spdm-utils` only one
to have support for storage), will just pass this header to `libspdm`
to be decoded. Once decoded by `libspdm`, `spdm-utils`/server will
contextually check for validity of the message.

As for inc_512, it just need to be yes or no, is there a better way to
represent that here?

[1]
https://github.com/DMTF/libspdm/pull/2827/files#diff-30c523edca23983e0f16e067772ec18e711a40f53ac49c8dda24301450b724d0R44
[2]
https://www.dmtf.org/sites/default/files/standards/documents/DSP0286_1.0.0WIP90.pdf
> > +
> >  #define SPDM_SOCKET_COMMAND_NORMAL                0x0001
> >  #define SPDM_SOCKET_STORAGE_CMD_IF_SEND           0x0002
> >  #define SPDM_SOCKET_STORAGE_CMD_IF_RECV           0x0003
> > -- 
> > 2.47.1
> > 
> >

Klaus Jensen Jan. 28, 2025, 8:03 a.m. UTC | #3

On Jan 15 02:16, Wilfred Mallawa wrote:
> On Fri, 2025-01-10 at 10:04 +0100, Klaus Jensen wrote:
> > On Jan  7 15:29, Wilfred Mallawa via wrote:
> > > This header contains the transport encoding for an SPDM message
> > > that
> > > uses the SPDM over Storage transport as defined by the DMTF
> > > DSP0286.
> > > 
> > > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> > > ---
> > >  include/system/spdm-socket.h | 12 ++++++++++++
> > >  1 file changed, 12 insertions(+)
> > > 
> > > diff --git a/include/system/spdm-socket.h b/include/system/spdm-
> > > socket.h
> > > index 2b7d03f82d..fc007e5b48 100644
> > > --- a/include/system/spdm-socket.h
> > > +++ b/include/system/spdm-socket.h
> > > @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket, uint32_t
> > > socket_cmd,
> > >   */
> > >  void spdm_socket_close(const int socket, uint32_t transport_type);
> > >  
> > > +/*
> > > + * Defines the transport encoding for SPDM, this information shall
> > > be passed
> > > + * down to the SPDM server, when conforming to the SPDM over
> > > Storage standard
> > > + * as defined by DSP0286.
> > > + */
> > > +typedef struct QEMU_PACKED {
> > > +    uint8_t security_protocol;
> > > +    uint16_t security_protocol_specific;
> > > +    bool inc_512;
> > > +    uint32_t length;
> > > +} StorageSpdmTransportHeader;
> > 
> > Does it make sense to pack a bool? Is this defined by the SPDM server
> > in
> > use? I can't find the definition of this header anywhere.
> > 
> This is essentially a virtual header containing essential storage
> transport data as per DSP0286. For example, this is defined in the
> upstream effort for 
> `libspmd` to add storage binding support [1] and in DSP0286 [2], this
> is defined in section 5.1.1.
> 
> Current implementation of the SPDM server (i.e in `spdm-utils` only one
> to have support for storage), will just pass this header to `libspdm`
> to be decoded. Once decoded by `libspdm`, `spdm-utils`/server will
> contextually check for validity of the message.
> 

OK, understood.

> As for inc_512, it just need to be yes or no, is there a better way to
> represent that here?

It's a byte, right? Then I think using uint8_t is more clear here.

Wilfred Mallawa Feb. 2, 2025, 10:23 p.m. UTC | #4

On Tue, 2025-01-28 at 09:03 +0100, Klaus Jensen wrote:
> On Jan 15 02:16, Wilfred Mallawa wrote:
> > On Fri, 2025-01-10 at 10:04 +0100, Klaus Jensen wrote:
> > > On Jan  7 15:29, Wilfred Mallawa via wrote:
> > > > This header contains the transport encoding for an SPDM message
> > > > that
> > > > uses the SPDM over Storage transport as defined by the DMTF
> > > > DSP0286.
> > > > 
> > > > Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
> > > > ---
> > > >  include/system/spdm-socket.h | 12 ++++++++++++
> > > >  1 file changed, 12 insertions(+)
> > > > 
> > > > diff --git a/include/system/spdm-socket.h
> > > > b/include/system/spdm-
> > > > socket.h
> > > > index 2b7d03f82d..fc007e5b48 100644
> > > > --- a/include/system/spdm-socket.h
> > > > +++ b/include/system/spdm-socket.h
> > > > @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket,
> > > > uint32_t
> > > > socket_cmd,
> > > >   */
> > > >  void spdm_socket_close(const int socket, uint32_t
> > > > transport_type);
> > > >  
> > > > +/*
> > > > + * Defines the transport encoding for SPDM, this information
> > > > shall
> > > > be passed
> > > > + * down to the SPDM server, when conforming to the SPDM over
> > > > Storage standard
> > > > + * as defined by DSP0286.
> > > > + */
> > > > +typedef struct QEMU_PACKED {
> > > > +    uint8_t security_protocol;
> > > > +    uint16_t security_protocol_specific;
> > > > +    bool inc_512;
> > > > +    uint32_t length;
> > > > +} StorageSpdmTransportHeader;
> > > 
> > > Does it make sense to pack a bool? Is this defined by the SPDM
> > > server
> > > in
> > > use? I can't find the definition of this header anywhere.
> > > 
> > This is essentially a virtual header containing essential storage
> > transport data as per DSP0286. For example, this is defined in the
> > upstream effort for 
> > `libspmd` to add storage binding support [1] and in DSP0286 [2],
> > this
> > is defined in section 5.1.1.
> > 
> > Current implementation of the SPDM server (i.e in `spdm-utils` only
> > one
> > to have support for storage), will just pass this header to
> > `libspdm`
> > to be decoded. Once decoded by `libspdm`, `spdm-utils`/server will
> > contextually check for validity of the message.
> > 
> 
> OK, understood.
> 
> > As for inc_512, it just need to be yes or no, is there a better way
> > to
> > represent that here?
> 
> It's a byte, right? Then I think using uint8_t is more clear here.
As per,  SCSI Primary Commands - 6 (SPC-6) it's a single bit to
indicate weather it's set or not, hence why I thought a boolean might
make more sense here.

diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h
index 2b7d03f82d..fc007e5b48 100644
--- a/include/system/spdm-socket.h
+++ b/include/system/spdm-socket.h
@@ -88,6 +88,18 @@  bool spdm_socket_send(const int socket, uint32_t socket_cmd,
  */
 void spdm_socket_close(const int socket, uint32_t transport_type);
 
+/*
+ * Defines the transport encoding for SPDM, this information shall be passed
+ * down to the SPDM server, when conforming to the SPDM over Storage standard
+ * as defined by DSP0286.
+ */
+typedef struct QEMU_PACKED {
+    uint8_t security_protocol;
+    uint16_t security_protocol_specific;
+    bool inc_512;
+    uint32_t length;
+} StorageSpdmTransportHeader;
+
 #define SPDM_SOCKET_COMMAND_NORMAL                0x0001
 #define SPDM_SOCKET_STORAGE_CMD_IF_SEND           0x0002
 #define SPDM_SOCKET_STORAGE_CMD_IF_RECV           0x0003

[RFC,2/4] spdm: add spdm storage transport virtual header

Commit Message

Comments

Patch