[PATCH v2 0/5] NVMe: Add SPDM over the storage transport support

Thu, 28 Aug 2025 00:27:03 -0700 

From: Wilfred Mallawa <wilfred.mall...@wdc.com>

This series extends the existing SPDM support in QEMU to support the DSP0286
SPDM Storage Transport [1] for NVMe. SPDM Storage Transport uses the NVMe
Admin Security Send/Receive commands, as such, support for these commands have
also been added.

With the addition of a new `spdm-trans` CLI argument for NVMe controllers,
users can specify `spdm_trans=nvme` or `spdm_trans=doe`. This allows for the
selection of the SPDM transport. The `doe` option is the current default,
`nvme` would select SPDM Storage Transport for the controller, where SPDM
communication happens over the NVMe Admin Security Send/Receive commands.

Support for DSP0286 already exists in `libspdm` [2] and support for the QEMU
SPDM server is being upstreamed for `spdm-utils` [3]. This series was tested by
using `spdm-utils` as the qemu SPDM server with SPDM Storage Transport support
built with `libspdm` v3.8.0, and `spdm-utils` also as the SPDM requester.

Changes V1 -> V2:
        - spdm_socket_rsp() now uses the new spdm_socket_send/receive()
          functions. spdm_socket_command_valid() is added to parse the
          command value incase some bytes were received (result = true) but
          with an invalid command.

        - Added inline comments to describe fields of
          StorageSpdmTransportHeader. Checkpatch generates warnings, but lots of
          existing code does this. The QEMU_PACKED attribute now follows the
          StorageSpdmTransportHeader struct definition.

        - Use extract32() instead of manual shifting/masking in
          nvme_sec_prot_spdm_send/recv().

        - Use g_autofree for send/recv buffer allocation
          in nvme_sec_prot_spdm_send/recv().
        
        - Added explicit fallthrough comment for checking `secp` in
          nvme_security_receive()
        
        - Added enum support for SPDM transport type, such that a user defined
          transport type string, can be mapped to the respective enum for
          internal use.

Wilfred Mallawa (5):
  spdm-socket: add seperate send/recv functions
  spdm: add spdm storage transport virtual header
  hw/nvme: add NVMe Admin Security SPDM support
  spdm: define SPDM transport enum types
  hw/nvme: connect SPDM over NVMe Security Send/Recv

 backends/spdm-socket.c       |  79 ++++++++++--
 docs/specs/spdm.rst          |  10 +-
 hw/nvme/ctrl.c               | 242 +++++++++++++++++++++++++++++++++--
 hw/nvme/nvme.h               |   5 +
 include/block/nvme.h         |  15 +++
 include/hw/pci/pci_device.h  |   2 +
 include/system/spdm-socket.h |  66 +++++++++-
 7 files changed, 391 insertions(+), 28 deletions(-)

-- 
2.51.0

Reply via email to