Gentle ping :)
On Fri, 2025-09-12 at 12:11 +1000, Wilfred Mallawa wrote:
> From: Wilfred Mallawa <[email protected]>
>
> This series extends the existing SPDM support in QEMU to support the
> DSP0286
> SPDM Storage Transport [1] for NVMe. SPDM Storage Transport uses the
> NVMe
> Admin Security Send/Receive commands, as such, support for these
> commands have
> also been added.
>
> With the addition of a new `spdm-trans` CLI argument for NVMe
> controllers,
> users can specify `spdm_trans=nvme` or `spdm_trans=doe`. This allows
> for the
> selection of the SPDM transport. The `doe` option is the current
> default,
> `nvme` would select SPDM Storage Transport for the controller, where
> SPDM
> communication happens over the NVMe Admin Security Send/Receive
> commands.
>
> Support for DSP0286 already exists in `libspdm` [2] and support for
> the QEMU
> SPDM server is being upstreamed for `spdm-utils` [3]. This series was
> tested by
> using `spdm-utils` as the qemu SPDM server with SPDM Storage
> Transport support
> built with `libspdm` v3.8.0, and `spdm-utils` also as the SPDM
> requester.
>
> Changes V1 -> V2:
> - spdm_socket_rsp() now uses the new
> spdm_socket_send/receive()
> functions. spdm_socket_command_valid() is added to parse
> the
> command value incase some bytes were received (result =
> true) but
> with an invalid command.
>
> - Added inline comments to describe fields of
> StorageSpdmTransportHeader. Checkpatch generates warnings,
> but lots of
> existing code does this. The QEMU_PACKED attribute now
> follows the
> StorageSpdmTransportHeader struct definition.
>
> - Use extract32() instead of manual shifting/masking in
> nvme_sec_prot_spdm_send/recv().
>
> - Use g_autofree for send/recv buffer allocation
> in nvme_sec_prot_spdm_send/recv().
>
> - Added explicit fallthrough comment for checking `secp` in
> nvme_security_receive()
>
> - Added enum support for SPDM transport type, such that a
> user defined
> transport type string, can be mapped to the respective enum
> for
> internal use.
>
> Changes V2 -> V3:
> - Fixed up the incorrect use of `NVME_NO_COMPLETE` to more
> appropriate
> NVMe error codes in Patch [3/5]. Note that DSP0286 does not
> define
> error codes for transport level failures.
>
> - Removed NULL check for g_malloc0(). Should abort instead.
>
> Changes V3 -> V4:
> - Added integer overflow and MDTS checking for spdm_sends
> - Use g_try_malloc0() over g_malloc0()
> - Fixed up endian conversion for command status received from
> the server.
> - Added check to only accept SPDM send/receive if the socket
> has been setup.
> - Only show SPDM as a supported protocol if the socket
> has been setup.
>
> Changes V4 -> V5:
> - Init spdm_socket fd to -1 for NVMe. Allow 0 to be a valid file
> descriptor
> for the socket.
> - Move transport definitions to the patches they are used in.
> - Avoid splitting SPSP0/SPSP1. Use a uint16 instead.
> - Fixup up incorrect (uint8_t *) casting in calls to
> spdm_socket_receive/send().
> - Default to SPDM over DoE if transport is not specified.
> - Fixup alignment (style).
>
> Changes V5 -> V6:
> - Minor comment style fixup for the description of
> StorageSpdmTransportHeader
> - Change spdm_socket_rsp() to directly return
> spdm_socket_receive()
>
> Changes V6 -> V7:
> - Added an assert() to check that only one spdm socket was setup
> in
> nvme_exit().
> - Merged spdm_socket_close() calls into an else if for DoE/NVMe.
>
> Wilfred Mallawa (5):
> spdm-socket: add seperate send/recv functions
> spdm: add spdm storage transport virtual header
> hw/nvme: add NVMe Admin Security SPDM support
> spdm: define SPDM transport enum types
> hw/nvme: connect SPDM over NVMe Security Send/Recv
>
> backends/spdm-socket.c | 79 +++++++++--
> docs/specs/spdm.rst | 10 +-
> hw/nvme/ctrl.c | 257
> +++++++++++++++++++++++++++++++++--
> hw/nvme/nvme.h | 5 +
> include/block/nvme.h | 15 ++
> include/hw/pci/pci_device.h | 2 +
> include/system/spdm-socket.h | 63 ++++++++-
> 7 files changed, 402 insertions(+), 29 deletions(-)
