Google Git
Sign in
kernel / pub / scm / linux / kernel / git / devsec / spdm / e42905e3e5f1d5be39355e833fefc349acb0b03c
commite42905e3e5f1d5be39355e833fefc349acb0b03c[log] [tgz]
authorLukas Wunner <lukas@wunner.de>Sat Jun 08 21:28:54 2024 +0200
committerLukas Wunner <lukas@wunner.de>Sun Jun 30 17:36:48 2024 +0200
tree8f7c5085e656fcf3810437173c300ed6b65930df
parent8851c4d4c829dd6608f15244954e3fbe9995908b [diff]
PCI/CMA: Expose certificates in sysfs

The kernel already caches certificate chains retrieved from a device
upon authentication.  Expose them in "slot[0-7]" files in sysfs for
examination by user space.

As noted in the ABI documentation, the "slot[0-7]" files always have a
file size of 65535 bytes (the maximum size of a certificate chain per
SPDM 1.0.0 table 18), even if the certificate chain in the slot is
actually smaller.  Although it would be possible to use the certifiate
chain's actual size as the file size, doing so would require a separate
struct attribute_group for each device, which would occupy additional
memory.

Slots are visible in sysfs even if they're currently unprovisioned
because a future commit will add support for certificate provisioning
by writing to the "slot[0-7]" files.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
6 files changed
tree: 8f7c5085e656fcf3810437173c300ed6b65930df
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .editorconfig
  28. .get_maintainer.ignore
  29. .gitattributes
  30. .gitignore
  31. .mailmap
  32. .rustfmt.toml
  33. COPYING
  34. CREDITS
  35. Kbuild
  36. Kconfig
  37. MAINTAINERS
  38. Makefile
  39. README