Re: [RFC v3 00/27] lib: Rust implementation of SPDM

[dan.j.williams]

Jason Gunthorpe wrote:
> On Wed, Feb 18, 2026 at 03:40:10PM -0800, dan.j.williams@xxxxxxxxx wrote:
> 
> > So one proposal to get the x509 pre-work upstream is to extend the TSM
> > core (drivers/pci/tsm.c) to export the certificates in sysfs, and update
> > the existing "authenticated" attribute to reflect the result of cert
> > chain validation.
> 
> Why do we want the validate the cert chain in the kernel? That sounds
> like something the verifier should do?

This is more for the CMA case where Lukas was imagining automatic
revalidation of device certificates coming out of resume before
userspace is present. If someone wanted to use a TSM for device-auth +
link encryption outside of TDISP and Confidential VMs, then it could use
the same mechanism.

However, error handling / automatic reset recovery is out of scope for
the first phase of the TDISP enabling. Also all the early TDISP use
cases seem focused on datacenter where there is no need for the VMM to
authenticate the device. I am ok to defer the "authenticate while
userspace is unavailable" scheme to keep this simple.

> And not sure we should be dumping any certs in sysfs if the plan for
> the other stuff is netlink, it should be consistent I think.

Lukas was only putting the dynamic / transactional pieces in netlink.
Specifically device signature events (multicast) and device measurement
collection with a nonce.

The static cert chain blobs can certainly also be in netlink... but no
real driving need like there was for the other flows. I am also
encouraged by Lukas's work to handle large blobs over netlink [1], but
no real need to add that as a dependency to this simple mission of "just
enough of a real user to land the crypto prep patches".

[1]: https://github.com/l1k/linux/commit/af9b939fc30b