Re: [RFC v3 00/27] lib: Rust implementation of SPDM

Next message: Joel Fernandes: "Re: [PATCH -next v9 1/3] rust: clist: Add support to interface with C linked lists"
Previous message: Dmitry Torokhov: "[PATCH net v2] net: phy: qcom: qca807x: normalize return value of gpio_get"
In reply to: dan.j.williams: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Next in thread: dan.j.williams: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jason Gunthorpe

Date: Wed Feb 18 2026 - 19:56:26 EST

On Wed, Feb 18, 2026 at 03:40:10PM -0800, dan.j.williams@xxxxxxxxx wrote:

> So one proposal to get the x509 pre-work upstream is to extend the TSM
> core (drivers/pci/tsm.c) to export the certificates in sysfs, and update
> the existing "authenticated" attribute to reflect the result of cert
> chain validation.

Why do we want the validate the cert chain in the kernel? That sounds
like something the verifier should do?

And not sure we should be dumping any certs in sysfs if the plan for
the other stuff is netlink, it should be consistent I think.

Though it is a good idea to do something with the TSM too..

Jason