From 8a46384ea36a91694bb0bcf1a98cbe0c664f1dc5 Mon Sep 17 00:00:00 2001 From: Jiewen Yao Date: Tue, 15 Oct 2024 13:02:34 +0800 Subject: [PATCH] TSP Add 2nd session support. Signed-off-by: Jiewen Yao --- include/library/cxl_tsp_device_lib.h | 12 + .../cxl_tsp_device_context.c | 71 +++++ .../cxl_tsp_device_get_version.c | 3 + .../cxl_tsp_device_set_configuration.c | 12 + .../cxl_tsp_rsp_get_capabilities.c | 4 + .../cxl_tsp_rsp_get_configuration.c | 7 + .../cxl_tsp_rsp_get_configuration_report.c | 7 + .../cxl_tsp_rsp_get_version.c | 4 + .../cxl_tsp_rsp_lock_configuration.c | 7 + .../cxl_tsp_rsp_set_configuration.c | 7 + .../spdm_requester_pci_doe.c | 286 +++++++++++++----- 11 files changed, 339 insertions(+), 81 deletions(-) diff --git a/include/library/cxl_tsp_device_lib.h b/include/library/cxl_tsp_device_lib.h index 0eb69b6..447840e 100644 --- a/include/library/cxl_tsp_device_lib.h +++ b/include/library/cxl_tsp_device_lib.h @@ -10,6 +10,10 @@ #include "library/cxl_tsp_responder_lib.h" typedef struct { + bool session_id_primary_valid; + uint32_t session_id_primary; + bool session_id_secondary_valid[4]; + uint32_t session_id_secondary[4]; uint8_t supported_tsp_versions[1]; uint8_t supported_tsp_versions_count; /* provision info from device */ @@ -33,6 +37,14 @@ libcxltsp_device_context *libcxltsp_get_device_context ( const void *pci_doe_context ); +void libcxltsp_initialize_session_id ( + void *spdm_context, + uint32_t session_id + ); + +bool libcxltsp_is_session_primary (uint32_t session_id); +bool libcxltsp_is_session_secondary (uint32_t session_id); + typedef uint32_t libcxltsp_error_code_t; #define CXL_TSP_ERROR_CODE_SUCCESS 0 diff --git a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_context.c b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_context.c index 68a6ee3..c8b7113 100644 --- a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_context.c +++ b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_context.c @@ -6,16 +6,87 @@ #include "hal/base.h" #include "hal/library/memlib.h" +#include "hal/library/debuglib.h" #include "library/spdm_requester_lib.h" #include "library/spdm_transport_pcidoe_lib.h" #include "library/cxl_tsp_device_lib.h" libcxltsp_device_context g_cxltsp_device_context; +extern uint8_t m_cxl_tsp_current_psk_session_index; + +bool libcxltsp_is_session_primary (uint32_t session_id) +{ + if (g_cxltsp_device_context.session_id_primary_valid && + (g_cxltsp_device_context.session_id_primary == session_id)) { + return true; + } + return false; +} + +bool libcxltsp_is_session_secondary (uint32_t session_id) +{ + size_t index; + + for (index = 0; index < 4; index++) { + if (g_cxltsp_device_context.session_id_secondary_valid[index] && + (g_cxltsp_device_context.session_id_secondary[index] == session_id)) { + return true; + } + } + return false; +} + +void libcxltsp_set_session_id (uint32_t session_id, bool is_secondary, size_t session_index) +{ + if (!is_secondary) { + g_cxltsp_device_context.session_id_primary_valid = true; + g_cxltsp_device_context.session_id_primary = session_id; + } else { + LIBSPDM_ASSERT (session_index < 4); + g_cxltsp_device_context.session_id_secondary_valid[session_index] = true; + g_cxltsp_device_context.session_id_secondary[session_index] = session_id; + } +} + +void libcxltsp_initialize_session_id ( + void *spdm_context, + uint32_t session_id + ) +{ + libspdm_data_parameter_t parameter; + bool is_psk; + size_t data_size; + + if (!g_cxltsp_device_context.session_id_primary_valid) { + libcxltsp_set_session_id (session_id, false, 0); + return ; + } + + is_psk = false; + data_size = sizeof(is_psk); + libspdm_zero_mem(¶meter, sizeof(parameter)); + parameter.location = LIBSPDM_DATA_LOCATION_SESSION; + *(uint32_t *)parameter.additional_data = session_id; + libspdm_get_data (spdm_context, LIBSPDM_DATA_SESSION_USE_PSK, ¶meter, &is_psk, &data_size); + if (!is_psk) { + return ; + } + if (m_cxl_tsp_current_psk_session_index >= 4) { + return ; + } + libcxltsp_set_session_id (session_id, true, m_cxl_tsp_current_psk_session_index); + return ; +} + libcxltsp_device_context *libcxltsp_initialize_device_context ( const void *pci_doe_context ) { + if (g_cxltsp_device_context.session_id_primary_valid) { + return &g_cxltsp_device_context; + } + libspdm_zero_mem ( &g_cxltsp_device_context, sizeof(g_cxltsp_device_context) diff --git a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_get_version.c b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_get_version.c index f5019e2..1c83234 100644 --- a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_get_version.c +++ b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_get_version.c @@ -33,6 +33,9 @@ libcxltsp_error_code_t cxl_tsp_device_get_version ( if (device_context == NULL) { return CXL_TSP_ERROR_CODE_UNSPECIFIED; } + + libcxltsp_initialize_session_id ((void *)spdm_context, *session_id); + libspdm_copy_mem (version_number_entry, sizeof(cxl_tsp_version_number_t) * (*version_number_entry_count), device_context->supported_tsp_versions, diff --git a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_set_configuration.c b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_set_configuration.c index 19beb4b..58b430f 100644 --- a/library/cxl_tsp_device_lib_sample/cxl_tsp_device_set_configuration.c +++ b/library/cxl_tsp_device_lib_sample/cxl_tsp_device_set_configuration.c @@ -10,6 +10,8 @@ #include "library/spdm_transport_pcidoe_lib.h" #include "library/cxl_tsp_device_lib.h" +extern uint8_t m_cxl_tsp_2nd_session_psk[4][0x20]; + /** * Process the TSP request and return the response. * @@ -28,6 +30,7 @@ libcxltsp_error_code_t cxl_tsp_device_set_configuration ( const libcxltsp_device_2nd_session_info_t *device_2nd_session_info) { libcxltsp_device_context *device_context; + size_t index; device_context = libcxltsp_get_device_context (pci_doe_context); if (device_context == NULL) { @@ -42,5 +45,14 @@ libcxltsp_error_code_t cxl_tsp_device_set_configuration ( device_2nd_session_info, sizeof(libcxltsp_device_2nd_session_info_t)); + for (index = 0; index < 4; index++) { + if ((device_context->device_2nd_session_info.configuration_validity_flags & (0x1 << index)) != 0) { + libspdm_copy_mem( + m_cxl_tsp_2nd_session_psk[index], + sizeof(m_cxl_tsp_2nd_session_psk[index]), + &device_context->device_2nd_session_info.secondary_session_psk_key_material[index], + sizeof(device_context->device_2nd_session_info.secondary_session_psk_key_material[index])); + } + } return CXL_TSP_ERROR_CODE_SUCCESS; } diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_capabilities.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_capabilities.c index 785fe39..d4761df 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_capabilities.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_capabilities.c @@ -33,6 +33,10 @@ libspdm_return_t cxl_tsp_get_response_get_capabilities ( libcxltsp_error_code_t error_code; libcxltsp_device_capabilities_t device_capabilities; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_get_target_capabilities_req_t)) { diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration.c index 3996cf1..4163f8f 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration.c @@ -34,6 +34,13 @@ libspdm_return_t cxl_tsp_get_response_get_configuration ( libcxltsp_device_configuration_t device_configuration; uint8_t current_tsp_state; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + if ((!libcxltsp_is_session_primary(*session_id)) && (!libcxltsp_is_session_secondary(*session_id))) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_get_target_configuration_req_t)) { diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration_report.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration_report.c index dc7fc1f..b3fbf40 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration_report.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_configuration_report.c @@ -37,6 +37,13 @@ libspdm_return_t cxl_tsp_get_response_get_configuration_report ( uint16_t offset; uint8_t current_tsp_state; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + if ((!libcxltsp_is_session_primary(*session_id)) && (!libcxltsp_is_session_secondary(*session_id))) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_get_target_configuration_report_req_t)) { diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_version.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_version.c index f31b66d..853dd4b 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_version.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_get_version.c @@ -41,6 +41,10 @@ libspdm_return_t cxl_tsp_get_response_get_version ( cxl_tsp_get_target_tsp_version_rsp_mine_t *tsp_response; libcxltsp_error_code_t error_code; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_get_target_tsp_version_req_t)) { diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_lock_configuration.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_lock_configuration.c index bd65b24..1f61120 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_lock_configuration.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_lock_configuration.c @@ -33,6 +33,13 @@ libspdm_return_t cxl_tsp_get_response_lock_configuration ( libcxltsp_error_code_t error_code; uint8_t current_tsp_state; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + if (!libcxltsp_is_session_primary(*session_id)) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_lock_target_configuration_req_t)) { diff --git a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_set_configuration.c b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_set_configuration.c index 10f7553..daec3be 100644 --- a/library/cxl_tsp_responder_lib/cxl_tsp_rsp_set_configuration.c +++ b/library/cxl_tsp_responder_lib/cxl_tsp_rsp_set_configuration.c @@ -238,6 +238,13 @@ libspdm_return_t cxl_tsp_get_response_set_configuration ( libcxltsp_device_capabilities_t device_capabilities; uint8_t current_tsp_state; + if (session_id == NULL) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + if (!libcxltsp_is_session_primary(*session_id)) { + return CXL_TSP_ERROR_CODE_NO_PRIVILEGE; + } + tsp_request = request; tsp_response = response; if (request_size != sizeof(cxl_tsp_set_target_configuration_req_t)) { diff --git a/spdm_emu/spdm_requester_emu/spdm_requester_pci_doe.c b/spdm_emu/spdm_requester_emu/spdm_requester_pci_doe.c index 88f01f7..7f05123 100644 --- a/spdm_emu/spdm_requester_emu/spdm_requester_pci_doe.c +++ b/spdm_emu/spdm_requester_emu/spdm_requester_pci_doe.c @@ -9,6 +9,10 @@ void *m_pci_doe_context; #define DOE_DISCOVERY_VERSION 0 +extern uint8_t m_cxl_tsp_2nd_session_psk[4][0x20]; + +libspdm_return_t do_cxl_tsp_2nd_session_via_spdm(void *spdm_context, size_t index); + libspdm_return_t pci_doe_init_requester() { pci_doe_data_object_protocol_t data_object_protocol[6]; @@ -379,7 +383,7 @@ libspdm_return_t cxl_ide_km_process_session_message(void *spdm_context, uint32_t return LIBSPDM_STATUS_SUCCESS; } -libspdm_return_t cxl_tsp_process_session_message(void *spdm_context, uint32_t session_id) +libspdm_return_t cxl_tsp_process_session_message(void *spdm_context, uint32_t session_id, bool is_primary, bool is_secondary) { libspdm_return_t status; libcxltsp_device_capabilities_t device_capabilities; @@ -391,12 +395,13 @@ libspdm_return_t cxl_tsp_process_session_message(void *spdm_context, uint32_t se uint8_t configuration_report_buffer[LIBCXLTSP_CONFIGURATION_REPORT_MAX_SIZE]; uint32_t configuration_report_size; cxl_tsp_target_configuration_report_t *configuration_report; + bool result; status = cxl_tsp_get_version (m_pci_doe_context, spdm_context, &session_id); if (LIBSPDM_STATUS_IS_ERROR(status)) { return status; } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_get_version done\n")); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_get_version(%d) done\n", is_secondary)); libspdm_zero_mem (&device_capabilities, sizeof(device_capabilities)); status = cxl_tsp_get_capabilities (m_pci_doe_context, spdm_context, &session_id, @@ -404,7 +409,7 @@ libspdm_return_t cxl_tsp_process_session_message(void *spdm_context, uint32_t se if (LIBSPDM_STATUS_IS_ERROR(status)) { return status; } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "device_capabilities:\n")); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "device_capabilities(%d):\n", is_secondary)); LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_features_supported - 0x%04x\n", device_capabilities.memory_encryption_features_supported)); LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_algorithms_supported - 0x%08x\n", @@ -424,105 +429,223 @@ libspdm_return_t cxl_tsp_process_session_message(void *spdm_context, uint32_t se LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " number_of_secondary_sessions - 0x%02x\n", device_capabilities.number_of_secondary_sessions)); - libspdm_zero_mem (&device_configuration, sizeof(device_configuration)); - device_configuration.memory_encryption_features_enable = - CXL_TSP_MEMORY_ENCRYPTION_FEATURES_ENABLE_ENCRYPTION; - device_configuration.memory_encryption_algorithm_select = - CXL_TSP_MEMORY_ENCRYPTION_ALGORITHMS_AES_XTS_256; - device_configuration.te_state_change_and_access_control_features_enable = - CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_READ_ACCESS_CONTROL | - CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_IMPLICIT_TE_STATE_CHANGE | - CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_EXPLICIT_IB_TE_STATE_CHANGE; - device_configuration.explicit_oob_te_state_granularity = 0; - device_configuration.configuration_features_enable = - CXL_TSP_CONFIGURATION_FEATURES_ENABLE_LOCKED_TARGET_FW_UPDATE; - device_configuration.ckid_base = 0; - device_configuration.number_of_ckids = 0; - device_configuration.explicit_ib_te_state_granularity_entry[0].te_state_granularity = 0; - device_configuration.explicit_ib_te_state_granularity_entry[0].length_index = 0; - device_configuration.explicit_ib_te_state_granularity_entry[1].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[2].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[3].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[4].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[5].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[6].length_index = 0xFF; - device_configuration.explicit_ib_te_state_granularity_entry[7].length_index = 0xFF; - libspdm_zero_mem (&device_2nd_session_info, sizeof(device_2nd_session_info)); - device_2nd_session_info.configuration_validity_flags = 0x0; - status = cxl_tsp_set_configuration (m_pci_doe_context, spdm_context, &session_id, - &device_configuration, &device_2nd_session_info); - if (LIBSPDM_STATUS_IS_ERROR(status)) { - return status; - } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_set_configuration done\n")); - - libspdm_zero_mem (¤t_device_configuration, sizeof(current_device_configuration)); - current_tsp_state = CXL_TSP_STATE_CONFIG_UNLOCKED; - status = cxl_tsp_get_configuration (m_pci_doe_context, spdm_context, &session_id, - ¤t_device_configuration, ¤t_tsp_state); - if (LIBSPDM_STATUS_IS_ERROR(status)) { - return status; - } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_device_configuration:\n")); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_features_enable - 0x%04x\n", - current_device_configuration.memory_encryption_features_enable)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_algorithm_select - 0x%08x\n", - current_device_configuration.memory_encryption_algorithm_select)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_change_and_access_control_features_enable - 0x%04x\n", - current_device_configuration.te_state_change_and_access_control_features_enable)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " explicit_oob_te_state_granularity - 0x%08x\n", - current_device_configuration.explicit_oob_te_state_granularity)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " configuration_features_enable - 0x%04x\n", - current_device_configuration.configuration_features_enable)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " ckid_base - 0x%08x\n", - current_device_configuration.ckid_base)); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " number_of_ckids - 0x%08x\n", - current_device_configuration.number_of_ckids)); - for (index = 0; index < LIBSPDM_ARRAY_SIZE(current_device_configuration.explicit_ib_te_state_granularity_entry); index++) { - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " explicit_ib_te_state_granularity_entry[%d]:\n", index)); + if (is_primary) { + libspdm_zero_mem (&device_configuration, sizeof(device_configuration)); + device_configuration.memory_encryption_features_enable = + CXL_TSP_MEMORY_ENCRYPTION_FEATURES_ENABLE_ENCRYPTION; + device_configuration.memory_encryption_algorithm_select = + CXL_TSP_MEMORY_ENCRYPTION_ALGORITHMS_AES_XTS_256; + device_configuration.te_state_change_and_access_control_features_enable = + CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_READ_ACCESS_CONTROL | + CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_IMPLICIT_TE_STATE_CHANGE | + CXL_TSP_TE_STATE_CHANGE_AND_ACCESS_CONTROL_FEATURES_EXPLICIT_IB_TE_STATE_CHANGE; + device_configuration.explicit_oob_te_state_granularity = 0; + device_configuration.configuration_features_enable = + CXL_TSP_CONFIGURATION_FEATURES_ENABLE_LOCKED_TARGET_FW_UPDATE; + device_configuration.ckid_base = 0; + device_configuration.number_of_ckids = 0; + device_configuration.explicit_ib_te_state_granularity_entry[0].te_state_granularity = 0; + device_configuration.explicit_ib_te_state_granularity_entry[0].length_index = 0; + device_configuration.explicit_ib_te_state_granularity_entry[1].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[2].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[3].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[4].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[5].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[6].length_index = 0xFF; + device_configuration.explicit_ib_te_state_granularity_entry[7].length_index = 0xFF; + libspdm_zero_mem (&device_2nd_session_info, sizeof(device_2nd_session_info)); + if ((device_capabilities.configuration_features_supported & + CXL_TSP_CONFIGURATION_FEATURES_SUPPORT_TARGET_SUPPORT_ADDITIONAL_SPDM_SESSIONS) != 0) { + switch (device_capabilities.number_of_secondary_sessions) { + case 1: + device_2nd_session_info.configuration_validity_flags = 0x1; + break; + case 2: + device_2nd_session_info.configuration_validity_flags = 0x3; + break; + case 3: + device_2nd_session_info.configuration_validity_flags = 0x7; + break; + case 4: + device_2nd_session_info.configuration_validity_flags = 0xf; + break; + default: + return LIBSPDM_STATUS_INVALID_MSG_FIELD; + } + for (index = 0; index < 4; index++) { + if ((device_2nd_session_info.configuration_validity_flags & (0x1 << index)) != 0) { + result = libspdm_get_random_number( + sizeof(device_2nd_session_info.secondary_session_psk_key_material[index]), + &device_2nd_session_info.secondary_session_psk_key_material[index]); + if (!result) { + return LIBSPDM_STATUS_LOW_ENTROPY; + } + libspdm_copy_mem( + m_cxl_tsp_2nd_session_psk[index], + sizeof(m_cxl_tsp_2nd_session_psk[index]), + &device_2nd_session_info.secondary_session_psk_key_material[index], + sizeof(device_2nd_session_info.secondary_session_psk_key_material[index])); + } + } + } + status = cxl_tsp_set_configuration (m_pci_doe_context, spdm_context, &session_id, + &device_configuration, &device_2nd_session_info); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_set_configuration(%d) done\n", is_secondary)); + } + + if (is_primary || is_secondary) { + libspdm_zero_mem (¤t_device_configuration, sizeof(current_device_configuration)); + current_tsp_state = CXL_TSP_STATE_CONFIG_UNLOCKED; + status = cxl_tsp_get_configuration (m_pci_doe_context, spdm_context, &session_id, + ¤t_device_configuration, ¤t_tsp_state); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_device_configuration(%d):\n", is_secondary)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_features_enable - 0x%04x\n", + current_device_configuration.memory_encryption_features_enable)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " memory_encryption_algorithm_select - 0x%08x\n", + current_device_configuration.memory_encryption_algorithm_select)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_change_and_access_control_features_enable - 0x%04x\n", + current_device_configuration.te_state_change_and_access_control_features_enable)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " explicit_oob_te_state_granularity - 0x%08x\n", + current_device_configuration.explicit_oob_te_state_granularity)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " configuration_features_enable - 0x%04x\n", + current_device_configuration.configuration_features_enable)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " ckid_base - 0x%08x\n", + current_device_configuration.ckid_base)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " number_of_ckids - 0x%08x\n", + current_device_configuration.number_of_ckids)); + for (index = 0; index < LIBSPDM_ARRAY_SIZE(current_device_configuration.explicit_ib_te_state_granularity_entry); index++) { + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " explicit_ib_te_state_granularity_entry[%d]:\n", index)); #ifdef _MSC_VER - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_granularity - 0x%016I64x\n", - current_device_configuration.explicit_ib_te_state_granularity_entry[index].te_state_granularity)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_granularity - 0x%016I64x\n", + current_device_configuration.explicit_ib_te_state_granularity_entry[index].te_state_granularity)); #else - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_granularity - 0x%016llx\n", - current_device_configuration.explicit_ib_te_state_granularity_entry[index].te_state_granularity)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " te_state_granularity - 0x%016llx\n", + current_device_configuration.explicit_ib_te_state_granularity_entry[index].te_state_granularity)); #endif - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " number_of_ckids - 0x%02x\n", - current_device_configuration.explicit_ib_te_state_granularity_entry[index].length_index)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " number_of_ckids - 0x%02x\n", + current_device_configuration.explicit_ib_te_state_granularity_entry[index].length_index)); + } + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_tsp_state(%d) - 0x%02x\n", is_secondary, current_tsp_state)); + } + + if (is_primary || is_secondary) { + configuration_report_size = sizeof(configuration_report_buffer); + status = cxl_tsp_get_configuration_report ( + m_pci_doe_context, spdm_context, &session_id, + configuration_report_buffer, &configuration_report_size); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + configuration_report = (cxl_tsp_target_configuration_report_t *)configuration_report_buffer; + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "configuration_report(%d):\n", is_secondary)); + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " valid_tsp_report_fields - 0x%02x\n", configuration_report->valid_tsp_report_fields)); + } + + if (is_primary) { + status = cxl_tsp_lock_configuration (m_pci_doe_context, spdm_context, &session_id); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_lock_configuration(%d) done\n", is_secondary)); + } + + if (is_primary || is_secondary) { + current_tsp_state = CXL_TSP_STATE_CONFIG_UNLOCKED; + status = cxl_tsp_get_configuration (m_pci_doe_context, spdm_context, &session_id, + NULL, ¤t_tsp_state); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_tsp_state(%d) - 0x%02x\n", is_secondary, current_tsp_state)); + } + + if (is_primary) { + /* test CXL_TSP 2nd session */ + if ((device_capabilities.configuration_features_supported & + CXL_TSP_CONFIGURATION_FEATURES_SUPPORT_TARGET_SUPPORT_ADDITIONAL_SPDM_SESSIONS) != 0) { + for (index = 0; index < 4; index++) { + if ((device_2nd_session_info.configuration_validity_flags & (0x1 << index)) != 0) { + status = do_cxl_tsp_2nd_session_via_spdm (spdm_context, index); + if (LIBSPDM_STATUS_IS_ERROR(status)) { + return status; + } + } + } + } } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_tsp_state - 0x%02x\n", current_tsp_state)); - configuration_report_size = sizeof(configuration_report_buffer); - status = cxl_tsp_get_configuration_report ( - m_pci_doe_context, spdm_context, &session_id, - configuration_report_buffer, &configuration_report_size); + return LIBSPDM_STATUS_SUCCESS; +} + +libspdm_return_t do_cxl_tsp_2nd_session_via_spdm(void *spdm_context, size_t index) +{ + libspdm_return_t status; + uint32_t session_id; + uint8_t heartbeat_period; + uint8_t measurement_hash[LIBSPDM_MAX_HASH_SIZE]; + void *psk_hint; + uint16_t psk_hint_size; + + switch(index) { + case 0: + psk_hint = CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING; + psk_hint_size = sizeof(CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING); + break; + case 1: + psk_hint = CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING; + psk_hint_size = sizeof(CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING); + break; + case 2: + psk_hint = CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING; + psk_hint_size = sizeof(CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING); + break; + case 3: + psk_hint = CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING; + psk_hint_size = sizeof(CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING); + break; + default: + return LIBSPDM_STATUS_INVALID_PARAMETER; + } + + heartbeat_period = 0; + libspdm_zero_mem(measurement_hash, sizeof(measurement_hash)); + status = libspdm_start_session(spdm_context, true, + psk_hint, + psk_hint_size, + m_use_measurement_summary_hash_type, + m_use_slot_id, m_session_policy, &session_id, + &heartbeat_period, measurement_hash); if (LIBSPDM_STATUS_IS_ERROR(status)) { + printf("libspdm_start_session(2nd) - %x\n", (uint32_t)status); return status; } - configuration_report = (cxl_tsp_target_configuration_report_t *)configuration_report_buffer; - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "configuration_report:\n")); - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, " valid_tsp_report_fields - 0x%02x\n", configuration_report->valid_tsp_report_fields)); - status = cxl_tsp_lock_configuration (m_pci_doe_context, spdm_context, &session_id); + status = cxl_tsp_process_session_message (spdm_context, session_id, false, true); if (LIBSPDM_STATUS_IS_ERROR(status)) { + printf("do_app_session_via_spdm(2nd) - %x\n", (uint32_t)status); return status; } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "cxl_tsp_lock_configuration done\n")); - current_tsp_state = CXL_TSP_STATE_CONFIG_UNLOCKED; - status = cxl_tsp_get_configuration (m_pci_doe_context, spdm_context, &session_id, - NULL, ¤t_tsp_state); + status = libspdm_stop_session(spdm_context, session_id, + m_end_session_attributes); if (LIBSPDM_STATUS_IS_ERROR(status)) { + printf("libspdm_stop_session(2nd) - %x\n", (uint32_t)status); return status; } - LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO, "current_tsp_state - 0x%02x\n", current_tsp_state)); - return LIBSPDM_STATUS_SUCCESS; + return status; } libspdm_return_t pci_doe_process_session_message(void *spdm_context, uint32_t session_id) { libspdm_return_t status; + static bool is_first = true; status = pci_ide_km_process_session_message (spdm_context, session_id); if (LIBSPDM_STATUS_IS_ERROR(status)) { @@ -539,10 +662,11 @@ libspdm_return_t pci_doe_process_session_message(void *spdm_context, uint32_t se return status; } - status = cxl_tsp_process_session_message (spdm_context, session_id); + status = cxl_tsp_process_session_message (spdm_context, session_id, is_first, false); if (LIBSPDM_STATUS_IS_ERROR(status)) { return status; } + is_first = false; return LIBSPDM_STATUS_SUCCESS; }