Re: [RFC v3 00/27] lib: Rust implementation of SPDM

Next message: tomasz . unger: "[PATCH] nfc: trf7970a: Fix spelling mistakes in comments"
Previous message: Danilo Krummrich: "Re: [PATCH v10 5/8] rust: clist: Add support to interface with C linked lists"
In reply to: dan.j.williams: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Next in thread: Alistair Francis: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jonathan Cameron

Date: Thu Feb 19 2026 - 06:24:46 EST

On Tue, 17 Feb 2026 19:56:04 -0400
Jason Gunthorpe <jgg@xxxxxxxxxx> wrote:

> On Wed, Feb 11, 2026 at 01:29:07PM +1000, alistair23@xxxxxxxxx wrote:
> > From: Alistair Francis <alistair.francis@xxxxxxx>
> >
> > Security Protocols and Data Models (SPDM) [1] is used for authentication,
> > attestation and key exchange. SPDM is generally used over a range of
> > transports, such as PCIe, MCTP/SMBus/I3C, ATA, SCSI, NVMe or TCP.
> >
> > >From the kernels perspective SPDM is used to authenticate and attest devices.
> > In this threat model a device is considered untrusted until it can be verified
> > by the kernel and userspace using SPDM. As such SPDM data is untrusted data
> > that can be mallicious.
> >
> > The SPDM specification is also complex, with the 1.2.1 spec being almost 200
> > pages and the 1.3.0 spec being almost 250 pages long.
> >
> > As such we have the kernel parsing untrusted responses from a complex
> > specification, which sounds like a possible exploit vector. This is the type
> > of place where Rust excels!
>
> I was arguing for exactly this at a recent conference, so I'm glad to
> see it. It is a great meaningful usecase for rust in the kernel.

FWIW I'm fully on board with this as well. More than happy to see my C
code Lukas has been carrying go away in favor of the Rust :)
It'll also finally make me learn more than a trivial level of Rust.

Jonathan