[PATCH V2 0/4] Add SPDM device security

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: devel@edk2.groups.io
Subject: [PATCH V2 0/4] Add SPDM device security
Date: Thu, 31 Oct 2019 20:30:08 +0800	[thread overview]
Message-ID: <20191031123012.16020-1-jiewen.yao@intel.com> (raw)

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2303

This patch series add support for device security based
upon the DMTF SPDM specification.
https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_0.95a.zip

We did design review at 18 Oct, 2019.
https://edk2.groups.io/g/devel/files/Designs/2019/1018
And the feedback from the meeting is addressed.
https://edk2.groups.io/g/devel/files/Designs/2019/1018/EDKII-Device%20Firmware%20Security%20v2.pdf

We add the Device security protocol in EDKII repo.
PCI bus driver consumes the interface.
If there is no producer, the PCI bus driver keeps current behavior.

So far, we only provide the producer what follows Intel
PCI security spec.
https://www.intel.com/content/www/us/en/io/pci-express/pcie-device-security-enhancements-spec.html
The implementation is put to EDKII platform repo.

The EDKII repo update is at https://github.com/jyao1/edk2/tree/DeviceSecurityMasterV2
The EDKII platform repo update is at https://github.com/jyao1/edk2-platforms/tree/DeviceSecurityMasterV2

The validation has been done on a Intel internal platform.
The device measurement can be shown in TCG event log.

signed-off-by: Jiewen Yao <jiewen.yao@intel.com>

Jiewen Yao (4):
  MdePkg/Include: Add DMTF SPDM definition.
  MdeModulePkg/Include: Add DeviceSecurity.h
  MdeModulePkg/dec: Add EdkiiDeviceSecurityProtocolGuid.
  MdeModulePkg/Pci: Add DeviceSecurity support.

 MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.c       |  12 +-
 MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.h       |   1 +
 MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf  |   4 +-
 .../Bus/Pci/PciBusDxe/PciEnumeratorSupport.c  |  63 +++++-
 MdeModulePkg/Bus/Pci/PciBusDxe/PciLib.c       |   4 +-
 .../Include/Protocol/DeviceSecurity.h         | 162 ++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                 |   5 +
 MdePkg/Include/IndustryStandard/Spdm.h        | 203 ++++++++++++++++++
 8 files changed, 447 insertions(+), 7 deletions(-)
 create mode 100644 MdeModulePkg/Include/Protocol/DeviceSecurity.h
 create mode 100644 MdePkg/Include/IndustryStandard/Spdm.h

-- 
2.19.2.windows.1

next             reply	other threads:[~2019-10-31 12:30 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-31 12:30 Yao, Jiewen [this message]
2019-10-31 12:30 ` [PATCH V2 1/4] MdePkg/Include: Add DMTF SPDM definition Yao, Jiewen
2019-11-06 14:38   ` Liming Gao
2019-11-07  0:25     ` Yao, Jiewen
     [not found]     ` <15D4B9B24059B4F1.19610@groups.io>
2019-11-07  0:57       ` [edk2-devel] " Yao, Jiewen
2019-10-31 12:30 ` [PATCH V2 2/4] MdeModulePkg/Include: Add DeviceSecurity.h Yao, Jiewen
2019-11-06  7:55   ` [edk2-devel] " Ni, Ray
2019-11-06  8:25     ` Yao, Jiewen
2019-11-07  1:58       ` Ni, Ray
     [not found]       ` <15D4BEC95EBB70CB.18056@groups.io>
2019-11-07  4:31         ` Ni, Ray
2019-11-07  7:13           ` Yao, Jiewen
2019-11-07  7:16             ` Ni, Ray
2019-10-31 12:30 ` [PATCH V2 3/4] MdeModulePkg/dec: Add EdkiiDeviceSecurityProtocolGuid Yao, Jiewen
2019-10-31 12:30 ` [PATCH V2 4/4] MdeModulePkg/Pci: Add DeviceSecurity support Yao, Jiewen
2019-11-07  4:42   ` Ni, Ray
2019-11-07  7:05     ` Yao, Jiewen
     [not found] ` <15D2BB2D773DBDBA.23805@groups.io>
2019-11-06  6:47   ` [edk2-devel] [PATCH V2 1/4] MdePkg/Include: Add DMTF SPDM definition Yao, Jiewen
     [not found] ` <15D2BB2E5CC7FD95.31603@groups.io>
2019-11-06  6:47   ` [edk2-devel] [PATCH V2 4/4] MdeModulePkg/Pci: Add DeviceSecurity support Yao, Jiewen
     [not found] ` <15D2BB2DC41C838D.31603@groups.io>
2019-11-06  6:47   ` [edk2-devel] [PATCH V2 2/4] MdeModulePkg/Include: Add DeviceSecurity.h Yao, Jiewen
     [not found] ` <15D2BB2E0995721D.31603@groups.io>
2019-11-06  6:47   ` [edk2-devel] [PATCH V2 3/4] MdeModulePkg/dec: Add EdkiiDeviceSecurityProtocolGuid Yao, Jiewen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191031123012.16020-1-jiewen.yao@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox