| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241115175831.GA2046032@bhelgaas> Date: Fri, 15 Nov 2024 11:58:31 -0600 From: Bjorn Helgaas <helgaas@...nel.org> To: Alistair Francis <alistair@...stair23.me> Cc: lukas@...ner.de, Jonathan.Cameron@...wei.com, linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org, akpm@...ux-foundation.org, bhelgaas@...gle.com, linux-pci@...r.kernel.org, linux-cxl@...r.kernel.org, bjorn3_gh@...tonmail.com, ojeda@...nel.org, tmgross@...ch.edu, boqun.feng@...il.com, benno.lossin@...ton.me, a.hindborg@...nel.org, wilfred.mallawa@....com, alistair23@...il.com, alex.gaynor@...il.com, gary@...yguo.net, aliceryhl@...gle.com Subject: Re: [RFC 2/6] drivers: pci: Change CONFIG_SPDM to a dependency On Fri, Nov 15, 2024 at 03:46:12PM +1000, Alistair Francis wrote: > In preparation for adding a Rust SPDM library change SPDM to a > dependency so that the user can select which SPDM library to use at > build time. Run "git log --oneline drivers/pci" and follow the existing subject line convention. > Signed-off-by: Alistair Francis <alistair@...stair23.me> > --- > drivers/pci/Kconfig | 2 +- > lib/Kconfig | 30 +++++++++++++++--------------- > 2 files changed, 16 insertions(+), 16 deletions(-) > > diff --git a/drivers/pci/Kconfig b/drivers/pci/Kconfig > index f1c39a6477a5..690a2a38cb52 100644 > --- a/drivers/pci/Kconfig > +++ b/drivers/pci/Kconfig > @@ -128,7 +128,7 @@ config PCI_CMA > select CRYPTO_SHA256 > select CRYPTO_SHA512 > select PCI_DOE > - select SPDM > + depends on SPDM > help > Authenticate devices on enumeration per PCIe r6.2 sec 6.31. > A PCI DOE mailbox is used as transport for DMTF SPDM based > diff --git a/lib/Kconfig b/lib/Kconfig > index 68f46e4a72a6..4db9bc8e29f8 100644 > --- a/lib/Kconfig > +++ b/lib/Kconfig > @@ -739,6 +739,21 @@ config LWQ_TEST > help > Run boot-time test of light-weight queuing. > > +config SPDM > + bool "SPDM" If this appears in a menuconfig or similar menu, I think expanding "SPDM" would be helpful to users. > + select CRYPTO > + select KEYS > + select ASYMMETRIC_KEY_TYPE > + select ASYMMETRIC_PUBLIC_KEY_SUBTYPE > + select X509_CERTIFICATE_PARSER > + help > + The Security Protocol and Data Model (SPDM) allows for device > + authentication, measurement, key exchange and encrypted sessions. > + > + Crypto algorithms negotiated with SPDM are limited to those enabled > + in .config. Drivers selecting SPDM therefore need to also select > + any algorithms they deem mandatory. > + > endmenu > > config GENERIC_IOREMAP > @@ -777,18 +792,3 @@ config POLYNOMIAL > > config FIRMWARE_TABLE > bool > - > -config SPDM > - tristate > - select CRYPTO > - select KEYS > - select ASYMMETRIC_KEY_TYPE > - select ASYMMETRIC_PUBLIC_KEY_SUBTYPE > - select X509_CERTIFICATE_PARSER > - help > - The Security Protocol and Data Model (SPDM) allows for device > - authentication, measurement, key exchange and encrypted sessions. > - > - Crypto algorithms negotiated with SPDM are limited to those enabled > - in .config. Drivers selecting SPDM therefore need to also select > - any algorithms they deem mandatory. > -- > 2.47.0 >
Powered by blists - more mailing lists