From patchwork Thu Jan 16 01:08:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wilfred Mallawa X-Patchwork-Id: 13941110 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0791DC02185 for ; Thu, 16 Jan 2025 01:10:09 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tYENw-0003YG-Cg; Wed, 15 Jan 2025 20:09:24 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYENt-0003Xh-B9; Wed, 15 Jan 2025 20:09:22 -0500 Received: from esa3.hgst.iphmx.com ([216.71.153.141]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYENr-0004Dt-HY; Wed, 15 Jan 2025 20:09:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1736989759; x=1768525759; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=RIcE4V9Oau2BlIHui7UckYA4eT7nPs0+wP+wuZKNg6E=; b=reR8xH4bQeSvuyJsVsZn34pDDdzj4hfTaq1p4XNNWU64lNUSZdJuu2CA 6UVv3QIsCf4s5az+gGjqaMfrgVAI1JW9ynP2FnFy4dQK6yBmU++je4vnm a1JxMrkW3tfV2s5/iCmRZBJgake0i8FEdwaWneguSNVlXL+4C/WkCtQh7 Cp7PFc6y/aIzs+Sjfu9oXMCoTHUgURdmsWxO4AR++pBGWm6v+m9YQec7+ EJaqyjF96WHRxJ0nAkzPTcg79iNbg6qzlkYg54o2PFiSJ8HiA/yn40Ygr tczkBLqnaVk+7mPL97fykANlSSGj7ZpY14oPKBUNjjogiYGyy5ULfLe07 A==; X-CSE-ConnectionGUID: uKb/pkYGQiyaZWeS0+fVDg== X-CSE-MsgGUID: DpjyAkRNT26mSua+NIXS0A== X-IronPort-AV: E=Sophos;i="6.13,207,1732550400"; d="scan'208";a="36036489" Received: from uls-op-cesaip01.wdc.com (HELO uls-op-cesaep01.wdc.com) ([199.255.45.14]) by ob1.hgst.iphmx.com with ESMTP; 16 Jan 2025 09:09:16 +0800 IronPort-SDR: 67884eae_KlBupYu34GYman1vMH9LAReNkN9sDIo1IgH+MR+8cKrpFUm RKqpZ5WYgvzMipG/WlsJQwKkaWc071lDa9h56Yg== Received: from uls-op-cesaip02.wdc.com ([10.248.3.37]) by uls-op-cesaep01.wdc.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 15 Jan 2025 16:11:26 -0800 WDCIronportException: Internal Received: from unknown (HELO fedora.wdc.com) ([10.225.165.91]) by uls-op-cesaip02.wdc.com with ESMTP; 15 Jan 2025 17:09:11 -0800 To: qemu-devel@nongnu.org, qemu-block@nongnu.org Cc: alistair.francis@wdc.com, kbusch@kernel.org, its@irrelevant.dk, foss@defmacro.it, stefanha@redhat.com, fam@euphon.net, philmd@linaro.org, kwolf@redhat.com, hreitz@redhat.com, mst@redhat.com, marcel.apfelbaum@gmail.com, Wilfred Mallawa Subject: [RFC v2 1/3] spdm: add spdm storage transport virtual header Date: Thu, 16 Jan 2025 11:08:55 +1000 Message-ID: <20250116010856.95115-3-wilfred.mallawa@wdc.com> X-Mailer: git-send-email 2.48.0 In-Reply-To: <20250116010856.95115-2-wilfred.mallawa@wdc.com> References: <20250116010856.95115-2-wilfred.mallawa@wdc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=216.71.153.141; envelope-from=prvs=104bc4e84=wilfred.mallawa@wdc.com; helo=esa3.hgst.iphmx.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Wilfred Mallawa X-Patchwork-Original-From: Wilfred Mallawa via From: Wilfred Mallawa Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This header contains the transport encoding for an SPDM message that uses the SPDM over Storage transport as defined by the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- include/system/spdm-socket.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/system/spdm-socket.h b/include/system/spdm-socket.h index 2b7d03f82d..fc007e5b48 100644 --- a/include/system/spdm-socket.h +++ b/include/system/spdm-socket.h @@ -88,6 +88,18 @@ bool spdm_socket_send(const int socket, uint32_t socket_cmd, */ void spdm_socket_close(const int socket, uint32_t transport_type); +/* + * Defines the transport encoding for SPDM, this information shall be passed + * down to the SPDM server, when conforming to the SPDM over Storage standard + * as defined by DSP0286. + */ +typedef struct QEMU_PACKED { + uint8_t security_protocol; + uint16_t security_protocol_specific; + bool inc_512; + uint32_t length; +} StorageSpdmTransportHeader; + #define SPDM_SOCKET_COMMAND_NORMAL 0x0001 #define SPDM_SOCKET_STORAGE_CMD_IF_SEND 0x0002 #define SPDM_SOCKET_STORAGE_CMD_IF_RECV 0x0003 From patchwork Thu Jan 16 01:08:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wilfred Mallawa X-Patchwork-Id: 13941109 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C40AEC02180 for ; Thu, 16 Jan 2025 01:10:07 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tYEO4-0003Zi-9L; Wed, 15 Jan 2025 20:09:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYEO1-0003Z1-Mb; Wed, 15 Jan 2025 20:09:29 -0500 Received: from esa4.hgst.iphmx.com ([216.71.154.42]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYENy-0004F1-Ik; Wed, 15 Jan 2025 20:09:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1736989766; x=1768525766; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=CoMBfAmeszHtlhpkMdvItN/BoB71mvrxq7JT9oFIizE=; b=UjVTDUiVtv1xmoqRiLjPvQSX96RfGz5UyNJaHNoG+sLZRA8J4HeGvrSA NizWFQNibl2zVjL4duSiPja/SyTS25HA/6zCVa2AnBOueSv+Ja/3nDh+p Lkz0kShD1ZCsS7UAoKVsFLsWTNzhsyi8v3FAy2UWBy5zfENa4YY5e49/9 3TmEbv9DC4ZTE8y3De6XCd2qwE7g++ZNv+BHbjiTRfOfaeV6s7eWShDxM /a2qt1bTiT2wbE9btSpEjz+G5Ws9JD+HFfe68ZNwzepnDQd/CwyswWMlf yiZcVt5JcL/vWpAzl+mMRRsqIqkofezzKzEjYBKCFodJ242gneuFOolTh Q==; X-CSE-ConnectionGUID: d7oQgcLZSFKjzCHBdigIww== X-CSE-MsgGUID: 5WM4/tbRQ+e5pkrDq7BH6Q== X-IronPort-AV: E=Sophos;i="6.13,207,1732550400"; d="scan'208";a="35419695" Received: from h199-255-45-15.hgst.com (HELO uls-op-cesaep02.wdc.com) ([199.255.45.15]) by ob1.hgst.iphmx.com with ESMTP; 16 Jan 2025 09:09:25 +0800 IronPort-SDR: 67884d6b_GIL4X8CjDg4+z8sMxLTKM+ZNT5nPuHFCqX4hAVVJw5rhY/5 noxfJHzTq0lfQc+s2g4o9lbjkZPFmDshT8qyPHw== Received: from uls-op-cesaip02.wdc.com ([10.248.3.37]) by uls-op-cesaep02.wdc.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 15 Jan 2025 16:06:03 -0800 WDCIronportException: Internal Received: from unknown (HELO fedora.wdc.com) ([10.225.165.91]) by uls-op-cesaip02.wdc.com with ESMTP; 15 Jan 2025 17:09:19 -0800 To: qemu-devel@nongnu.org, qemu-block@nongnu.org Cc: alistair.francis@wdc.com, kbusch@kernel.org, its@irrelevant.dk, foss@defmacro.it, stefanha@redhat.com, fam@euphon.net, philmd@linaro.org, kwolf@redhat.com, hreitz@redhat.com, mst@redhat.com, marcel.apfelbaum@gmail.com, Wilfred Mallawa Subject: [RFC v2 2/3] hw/nvme: add NVMe Admin Security SPDM support Date: Thu, 16 Jan 2025 11:08:56 +1000 Message-ID: <20250116010856.95115-4-wilfred.mallawa@wdc.com> X-Mailer: git-send-email 2.48.0 In-Reply-To: <20250116010856.95115-2-wilfred.mallawa@wdc.com> References: <20250116010856.95115-2-wilfred.mallawa@wdc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=216.71.154.42; envelope-from=prvs=104bc4e84=wilfred.mallawa@wdc.com; helo=esa4.hgst.iphmx.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Wilfred Mallawa X-Patchwork-Original-From: Wilfred Mallawa via From: Wilfred Mallawa Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Adds the NVMe Admin Security Send/Receive command support with support for DMTFs SPDM. The transport binding for SPDM is defined in the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- hw/nvme/ctrl.c | 203 ++++++++++++++++++++++++++++++++++++++++++- hw/nvme/nvme.h | 5 ++ include/block/nvme.h | 15 ++++ 3 files changed, 222 insertions(+), 1 deletion(-) diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index 68903d1d70..cc0a0f8bfb 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -283,6 +283,8 @@ static const uint32_t nvme_cse_acs[256] = { [NVME_ADM_CMD_FORMAT_NVM] = NVME_CMD_EFF_CSUPP | NVME_CMD_EFF_LBCC, [NVME_ADM_CMD_DIRECTIVE_RECV] = NVME_CMD_EFF_CSUPP, [NVME_ADM_CMD_DIRECTIVE_SEND] = NVME_CMD_EFF_CSUPP, + [NVME_ADM_CMD_SECURITY_SEND] = NVME_CMD_EFF_CSUPP, + [NVME_ADM_CMD_SECURITY_RECV] = NVME_CMD_EFF_CSUPP, }; static const uint32_t nvme_cse_iocs_none[256]; @@ -7182,6 +7184,201 @@ static uint16_t nvme_dbbuf_config(NvmeCtrl *n, const NvmeRequest *req) return NVME_SUCCESS; } +static uint16_t nvme_sec_prot_spdm_send(NvmeCtrl *n, NvmeRequest *req) +{ + StorageSpdmTransportHeader hdr = {0}; + uint8_t *sec_buf; + uint32_t transfer_len = le32_to_cpu(req->cmd.cdw11); + uint32_t transport_transfer_len = transfer_len; + uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); + uint32_t recvd; + uint16_t nvme_cmd_status; + uint16_t ret; + uint8_t secp = (dw10 >> 24) & 0xFF; + uint8_t spsp1 = (dw10 >> 16) & 0xFF; + uint8_t spsp0 = (dw10 >> 8) & 0xFF; + bool spdm_res; + + transport_transfer_len += sizeof(hdr); + if (transport_transfer_len > SPDM_SOCKET_MAX_MESSAGE_BUFFER_SIZE) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + /* Generate the NVMe transport header */ + hdr.security_protocol = secp; + hdr.security_protocol_specific = cpu_to_le16((spsp1 << 8) | spsp0); + hdr.inc_512 = false; + hdr.length = cpu_to_le32(transport_transfer_len); + + sec_buf = g_malloc0(transport_transfer_len); + if (!sec_buf) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + /* Attach the transport header */ + memcpy(sec_buf, &hdr, sizeof(hdr)); + ret = nvme_h2c(n, sec_buf + sizeof(hdr), transfer_len, req); + if (ret) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + spdm_res = spdm_socket_send(n->spdm_socket, SPDM_SOCKET_STORAGE_CMD_IF_SEND, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, sec_buf, + transport_transfer_len); + if (!spdm_res) { + g_free(sec_buf); + return NVME_NO_COMPLETE | NVME_DNR; + } + + /* The responder shall ack with message status */ + recvd = spdm_socket_receive(n->spdm_socket, SPDM_SOCKET_TRANSPORT_TYPE_NVME, + (uint8_t *)&nvme_cmd_status, + SPDM_SOCKET_MAX_MSG_STATUS_LEN); + + nvme_cmd_status = cpu_to_be16(nvme_cmd_status); + + if (recvd < SPDM_SOCKET_MAX_MSG_STATUS_LEN) { + g_free(sec_buf); + return NVME_NO_COMPLETE | NVME_DNR; + } + + g_free(sec_buf); + return nvme_cmd_status; +} + +/* From host to controller */ +static uint16_t nvme_security_send(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); + uint8_t secp = (dw10 >> 24) & 0xff; + + switch (secp) { + case NVME_SEC_PROT_DMTF_SPDM: + return nvme_sec_prot_spdm_send(n, req); + default: + /* Unsupported Security Protocol Type */ + return NVME_INVALID_FIELD | NVME_DNR; + } + + return NVME_INVALID_FIELD | NVME_DNR; +} + +static uint16_t nvme_sec_prot_spdm_receive(NvmeCtrl *n, NvmeRequest *req) +{ + StorageSpdmTransportHeader hdr = {0}; + uint8_t *rsp_spdm_buf; + uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); + uint32_t alloc_len = le32_to_cpu(req->cmd.cdw11); + uint32_t recvd, spdm_res; + uint16_t nvme_cmd_status; + uint16_t ret; + uint8_t secp = (dw10 >> 24) & 0xFF; + uint8_t spsp1 = (dw10 >> 16) & 0xFF; + uint8_t spsp0 = (dw10 >> 8) & 0xFF; + + if (!alloc_len) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + /* Generate the NVMe transport header */ + hdr.security_protocol = secp; + hdr.security_protocol_specific = cpu_to_le16((spsp1 << 8) | spsp0); + hdr.inc_512 = false; + hdr.length = cpu_to_le32(alloc_len); + + /* Forward if_recv to the SPDM Server with SPSP0 */ + spdm_res = spdm_socket_send(n->spdm_socket, SPDM_SOCKET_STORAGE_CMD_IF_RECV, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, + (uint8_t *)&hdr, sizeof(hdr)); + if (!spdm_res) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + /* The responder shall ack with message status */ + recvd = spdm_socket_receive(n->spdm_socket, SPDM_SOCKET_TRANSPORT_TYPE_NVME, + (uint8_t *)&nvme_cmd_status, + SPDM_SOCKET_MAX_MSG_STATUS_LEN); + + nvme_cmd_status = cpu_to_be16(nvme_cmd_status); + + + if (recvd < SPDM_SOCKET_MAX_MSG_STATUS_LEN) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + /* An error here implies the prior if_recv from requester was spurious */ + if (nvme_cmd_status != NVME_SUCCESS) { + return nvme_cmd_status; + } + + /* Clear to start receiving data from the server */ + rsp_spdm_buf = g_malloc0(alloc_len); + if (!rsp_spdm_buf) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + recvd = spdm_socket_receive(n->spdm_socket, + SPDM_SOCKET_TRANSPORT_TYPE_NVME, + rsp_spdm_buf, alloc_len); + if (!recvd) { + g_free(rsp_spdm_buf); + return NVME_NO_COMPLETE | NVME_DNR; + } + + ret = nvme_c2h(n, rsp_spdm_buf, MIN(recvd, alloc_len), req); + g_free(rsp_spdm_buf); + + if (ret) { + return NVME_NO_COMPLETE | NVME_DNR; + } + + return NVME_SUCCESS; +} + +static uint16_t nvme_get_sec_prot_info(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t alloc_len = le32_to_cpu(req->cmd.cdw11); + uint8_t resp[10] = {0}; + + if (alloc_len < 10) { + return NVME_INVALID_FIELD | NVME_DNR; + } + + /* Support Security Protol List Length */ + resp[6] = 0; /* MSB */ + resp[7] = 2; /* LSB */ + /* Support Security Protocol List */ + resp[8] = SFSC_SECURITY_PROT_INFO; + resp[9] = NVME_SEC_PROT_DMTF_SPDM; + + return nvme_c2h(n, resp, sizeof(resp), req); +} + +/* From controller to host */ +static uint16_t nvme_security_receive(NvmeCtrl *n, NvmeRequest *req) +{ + uint32_t dw10 = le32_to_cpu(req->cmd.cdw10); + uint16_t spsp = (dw10 >> 8) & 0xFFFF; + uint8_t secp = (dw10 >> 24) & 0xFF; + + switch (secp) { + case SFSC_SECURITY_PROT_INFO: + switch (spsp) { + case 0: + /* Supported security protocol list */ + return nvme_get_sec_prot_info(n, req); + case 1: + /* Certificate data */ + default: + return NVME_INVALID_FIELD | NVME_DNR; + } + case NVME_SEC_PROT_DMTF_SPDM: + return nvme_sec_prot_spdm_receive(n, req); + default: + return NVME_INVALID_FIELD | NVME_DNR; + } +} + static uint16_t nvme_directive_send(NvmeCtrl *n, NvmeRequest *req) { return NVME_INVALID_FIELD | NVME_DNR; @@ -7289,6 +7486,10 @@ static uint16_t nvme_admin_cmd(NvmeCtrl *n, NvmeRequest *req) return nvme_directive_send(n, req); case NVME_ADM_CMD_DIRECTIVE_RECV: return nvme_directive_receive(n, req); + case NVME_ADM_CMD_SECURITY_SEND: + return nvme_security_send(n, req); + case NVME_ADM_CMD_SECURITY_RECV: + return nvme_security_receive(n, req); default: g_assert_not_reached(); } @@ -8708,7 +8909,7 @@ static void nvme_init_ctrl(NvmeCtrl *n, PCIDevice *pci_dev) id->ver = cpu_to_le32(NVME_SPEC_VER); id->oacs = cpu_to_le16(NVME_OACS_NS_MGMT | NVME_OACS_FORMAT | NVME_OACS_DBBUF | - NVME_OACS_DIRECTIVES); + NVME_OACS_DIRECTIVES | NVME_OACS_SECURITY); id->cntrltype = 0x1; /* diff --git a/hw/nvme/nvme.h b/hw/nvme/nvme.h index 7242206910..c8ad20ee34 100644 --- a/hw/nvme/nvme.h +++ b/hw/nvme/nvme.h @@ -459,6 +459,8 @@ static inline const char *nvme_adm_opc_str(uint8_t opc) case NVME_ADM_CMD_DIRECTIVE_RECV: return "NVME_ADM_CMD_DIRECTIVE_RECV"; case NVME_ADM_CMD_DBBUF_CONFIG: return "NVME_ADM_CMD_DBBUF_CONFIG"; case NVME_ADM_CMD_FORMAT_NVM: return "NVME_ADM_CMD_FORMAT_NVM"; + case NVME_ADM_CMD_SECURITY_SEND: return "NVME_ADM_CMD_SECURITY_SEND"; + case NVME_ADM_CMD_SECURITY_RECV: return "NVME_ADM_CMD_SECURITY_RECV"; default: return "NVME_ADM_CMD_UNKNOWN"; } } @@ -636,6 +638,9 @@ typedef struct NvmeCtrl { } next_pri_ctrl_cap; /* These override pri_ctrl_cap after reset */ uint32_t dn; /* Disable Normal */ NvmeAtomic atomic; + + /* Socket mapping to SPDM over NVMe Security In/Out commands */ + int spdm_socket; } NvmeCtrl; typedef enum NvmeResetType { diff --git a/include/block/nvme.h b/include/block/nvme.h index f4d108841b..e2352cfb1e 100644 --- a/include/block/nvme.h +++ b/include/block/nvme.h @@ -1733,6 +1733,21 @@ enum NvmeDirectiveOperations { NVME_DIRECTIVE_RETURN_PARAMS = 0x1, }; +typedef enum SfscSecurityProtocol { + SFSC_SECURITY_PROT_INFO = 0x00, +} SfscSecurityProtocol; + +typedef enum NvmeSecurityProtocols { + NVME_SEC_PROT_DMTF_SPDM = 0xE8, +} NvmeSecurityProtocols; + +typedef enum SpdmOperationCodes { + SPDM_STORAGE_DISCOVERY = 0x1, /* Mandatory */ + SPDM_STORAGE_PENDING_INFO = 0x2, /* Optional */ + SPDM_STORAGE_MSG = 0x5, /* Mandatory */ + SPDM_STORAGE_SEC_MSG = 0x6, /* Optional */ +} SpdmOperationCodes; + typedef struct QEMU_PACKED NvmeFdpConfsHdr { uint16_t num_confs; uint8_t version; From patchwork Thu Jan 16 01:08:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wilfred Mallawa X-Patchwork-Id: 13941111 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 48ED8C02183 for ; Thu, 16 Jan 2025 01:10:14 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1tYEOD-0003aY-U7; Wed, 15 Jan 2025 20:09:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYEOA-0003aC-C3; Wed, 15 Jan 2025 20:09:38 -0500 Received: from esa5.hgst.iphmx.com ([216.71.153.144]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1tYEO7-0004Fs-Nu; Wed, 15 Jan 2025 20:09:37 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1736989775; x=1768525775; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=J9ozxdGwSbRc+uSjkOcWz3zQbvf4VtjqTXtqt+oOQJc=; b=cXGadox85yLG53jFKeBB5is/q+z3h5tkJ5UK4O3UQGLS0Th2KlNSNxww h2V0CT4zc0r1P0reyv6ni5UWSJcGJGEuIwowNHTHtmdzeEqSV48qVB9x2 Xc+O/W+34QM3JkP0yOHehHkfCo6T4NNFsnV6uPi1xJKBicCyemb7FffJV d52JF5/b9I662NUaPg719EAa5EgA+gpHSEr0spGAtNzIv03aKErLfFOp9 2hYQRQsGiJ7NGc48dfgEr6qEXDGiYiQC/Khh2N8XKsAcZ0M/jrFkBLZ8w G+oXPsH0sWE7L3kWT1lasp46b58WNcAPL82S+aBI86oxDdHsgHuEFmoOW g==; X-CSE-ConnectionGUID: iYbHGgIkRmWNQ5YLAo3PbA== X-CSE-MsgGUID: j1xcfgf6QLy/rONg3ul6MA== X-IronPort-AV: E=Sophos;i="6.13,207,1732550400"; d="scan'208";a="37059667" Received: from uls-op-cesaip02.wdc.com (HELO uls-op-cesaep02.wdc.com) ([199.255.45.15]) by ob1.hgst.iphmx.com with ESMTP; 16 Jan 2025 09:09:32 +0800 IronPort-SDR: 67884d72_5tNmTEiehvwU790Bbbo0ZCrq384n9ENOkYAUP6NOOBMGNSc SE7L0jwxhg3mAhTzpxHYg9lMNZGlAMiQtwu0/Ow== Received: from uls-op-cesaip02.wdc.com ([10.248.3.37]) by uls-op-cesaep02.wdc.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 15 Jan 2025 16:06:10 -0800 WDCIronportException: Internal Received: from unknown (HELO fedora.wdc.com) ([10.225.165.91]) by uls-op-cesaip02.wdc.com with ESMTP; 15 Jan 2025 17:09:26 -0800 To: qemu-devel@nongnu.org, qemu-block@nongnu.org Cc: alistair.francis@wdc.com, kbusch@kernel.org, its@irrelevant.dk, foss@defmacro.it, stefanha@redhat.com, fam@euphon.net, philmd@linaro.org, kwolf@redhat.com, hreitz@redhat.com, mst@redhat.com, marcel.apfelbaum@gmail.com, Wilfred Mallawa Subject: [RFC v2 3/3] hw/nvme: connect SPDM over NVMe Security Send/Recv Date: Thu, 16 Jan 2025 11:08:57 +1000 Message-ID: <20250116010856.95115-5-wilfred.mallawa@wdc.com> X-Mailer: git-send-email 2.48.0 In-Reply-To: <20250116010856.95115-2-wilfred.mallawa@wdc.com> References: <20250116010856.95115-2-wilfred.mallawa@wdc.com> MIME-Version: 1.0 Received-SPF: pass client-ip=216.71.153.144; envelope-from=prvs=104bc4e84=wilfred.mallawa@wdc.com; helo=esa5.hgst.iphmx.com X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Wilfred Mallawa X-Patchwork-Original-From: Wilfred Mallawa via From: Wilfred Mallawa Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This patch extends the existing support we have for NVMe with only DoE to also add support to SPDM over the NVMe Security Send/Recv commands. With the new definition of the `spdm-trans` argument, users can specify `spdm_trans=nvme` or `spdm_trans=doe`. This allows us to select the SPDM transport respectively. SPDM over the NVMe Security Send/Recv commands are defined in the DMTF DSP0286. Signed-off-by: Wilfred Mallawa --- docs/specs/spdm.rst | 10 ++++-- hw/nvme/ctrl.c | 62 ++++++++++++++++++++++++++++++------- include/hw/pci/pci_device.h | 1 + 3 files changed, 60 insertions(+), 13 deletions(-) diff --git a/docs/specs/spdm.rst b/docs/specs/spdm.rst index f7de080ff0..dd6cfbbd68 100644 --- a/docs/specs/spdm.rst +++ b/docs/specs/spdm.rst @@ -98,7 +98,7 @@ Then you can add this to your QEMU command line: .. code-block:: shell -drive file=blknvme,if=none,id=mynvme,format=raw \ - -device nvme,drive=mynvme,serial=deadbeef,spdm_port=2323 + -device nvme,drive=mynvme,serial=deadbeef,spdm_port=2323,spdm_trans=doe At which point QEMU will try to connect to the SPDM server. @@ -113,7 +113,13 @@ of the default. So the entire QEMU command might look like this -append "root=/dev/vda console=ttyS0" \ -net none -nographic \ -drive file=blknvme,if=none,id=mynvme,format=raw \ - -device nvme,drive=mynvme,serial=deadbeef,spdm_port=2323 + -device nvme,drive=mynvme,serial=deadbeef,spdm_port=2323,spdm_trans=doe + +The `spdm_trans` argument defines the underlying transport type that is emulated +by QEMU. For an PCIe NVMe controller, both "doe" and "nvme" are supported. Where, +"doe" does SPDM transport over the PCIe extended capability Data Object Exchange +(DOE), and "nvme" uses the NVMe Admin Security Send/Receive commands to +implement the SPDM transport. .. _DMTF: https://www.dmtf.org/standards/SPDM diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c index cc0a0f8bfb..653f364d88 100644 --- a/hw/nvme/ctrl.c +++ b/hw/nvme/ctrl.c @@ -8742,6 +8742,23 @@ static DOEProtocol doe_spdm_prot[] = { { } }; +static inline uint32_t nvme_get_spdm_trans_type(PCIDevice *pci_dev) +{ + if (!pci_dev) { + return false; + } + + if (!strcmp(pci_dev->spdm_trans, "nvme")) { + return SPDM_SOCKET_TRANSPORT_TYPE_NVME; + } + + if (!strcmp(pci_dev->spdm_trans, "doe")) { + return SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE; + } + + return 0; +} + static bool nvme_init_pci(NvmeCtrl *n, PCIDevice *pci_dev, Error **errp) { ERRP_GUARD(); @@ -8825,19 +8842,31 @@ static bool nvme_init_pci(NvmeCtrl *n, PCIDevice *pci_dev, Error **errp) pcie_cap_deverr_init(pci_dev); - /* DOE Initialisation */ + /* SPDM Initialisation */ if (pci_dev->spdm_port) { - uint16_t doe_offset = n->params.sriov_max_vfs ? - PCI_CONFIG_SPACE_SIZE + PCI_ARI_SIZEOF - : PCI_CONFIG_SPACE_SIZE; + switch (nvme_get_spdm_trans_type(pci_dev)) { + case SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE: + uint16_t doe_offset = n->params.sriov_max_vfs ? + PCI_CONFIG_SPACE_SIZE + PCI_ARI_SIZEOF + : PCI_CONFIG_SPACE_SIZE; - pcie_doe_init(pci_dev, &pci_dev->doe_spdm, doe_offset, - doe_spdm_prot, true, 0); + pcie_doe_init(pci_dev, &pci_dev->doe_spdm, doe_offset, + doe_spdm_prot, true, 0); - pci_dev->doe_spdm.spdm_socket = spdm_socket_connect(pci_dev->spdm_port, - errp); + pci_dev->doe_spdm.spdm_socket = spdm_socket_connect( + pci_dev->spdm_port, errp); - if (pci_dev->doe_spdm.spdm_socket < 0) { + if (pci_dev->doe_spdm.spdm_socket < 0) { + return false; + } + break; + case SPDM_SOCKET_TRANSPORT_TYPE_NVME: + n->spdm_socket = spdm_socket_connect(pci_dev->spdm_port, errp); + if (n->spdm_socket < 0) { + return false; + } + break; + default: return false; } } @@ -9106,11 +9135,17 @@ static void nvme_exit(PCIDevice *pci_dev) g_free(n->cmb.buf); } + /* Only one of the `spdm_socket` below would have been setup */ if (pci_dev->doe_spdm.spdm_socket > 0) { spdm_socket_close(pci_dev->doe_spdm.spdm_socket, SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE); } + if (n->spdm_socket > 0) { + spdm_socket_close(pci_dev->doe_spdm.spdm_socket, + SPDM_SOCKET_TRANSPORT_TYPE_NVME); + } + if (n->pmr.dev) { host_memory_backend_set_mapped(n->pmr.dev, false); } @@ -9162,6 +9197,7 @@ static const Property nvme_props[] = { false), DEFINE_PROP_UINT16("mqes", NvmeCtrl, params.mqes, 0x7ff), DEFINE_PROP_UINT16("spdm_port", PCIDevice, spdm_port, 0), + DEFINE_PROP_STRING("spdm_trans", PCIDevice, spdm_trans), DEFINE_PROP_BOOL("ctratt.mem", NvmeCtrl, params.ctratt.mem, false), DEFINE_PROP_BOOL("atomic.dn", NvmeCtrl, params.atomic_dn, 0), DEFINE_PROP_UINT16("atomic.awun", NvmeCtrl, params.atomic_awun, 0), @@ -9236,7 +9272,9 @@ static void nvme_pci_write_config(PCIDevice *dev, uint32_t address, { uint16_t old_num_vfs = pcie_sriov_num_vfs(dev); - if (pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE)) { + /* DOE is only initialised if SPDM over DOE is used */ + if (pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE) && + nvme_get_spdm_trans_type(dev) == SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE) { pcie_doe_write_config(&dev->doe_spdm, address, val, len); } pci_default_write_config(dev, address, val, len); @@ -9247,7 +9285,9 @@ static void nvme_pci_write_config(PCIDevice *dev, uint32_t address, static uint32_t nvme_pci_read_config(PCIDevice *dev, uint32_t address, int len) { uint32_t val; - if (dev->spdm_port && pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE)) { + + if (dev->spdm_port && pcie_find_capability(dev, PCI_EXT_CAP_ID_DOE) && + (nvme_get_spdm_trans_type(dev) == SPDM_SOCKET_TRANSPORT_TYPE_PCI_DOE)) { if (pcie_doe_read_config(&dev->doe_spdm, address, len, &val)) { return val; } diff --git a/include/hw/pci/pci_device.h b/include/hw/pci/pci_device.h index add208edfa..9ec66809d3 100644 --- a/include/hw/pci/pci_device.h +++ b/include/hw/pci/pci_device.h @@ -160,6 +160,7 @@ struct PCIDevice { /* SPDM */ uint16_t spdm_port; + char *spdm_trans; /* DOE */ DOECap doe_spdm;