Re: [RFC v3 00/27] lib: Rust implementation of SPDM

Next message: Linus Walleij: "Re: [PATCH v3 01/11] gpio: Access `gpio_bus_type` in gpiochip_setup_dev()"
Previous message: Miquel Sabat&#xE9; Sol&#xE0;: "[PATCH] riscv: enable HAVE_CMPXCHG_{DOUBLE,LOCAL}"
In reply to: Greg KH: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Next in thread: Greg KH: "Re: [RFC v3 00/27] lib: Rust implementation of SPDM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Lukas Wunner

Date: Fri Feb 20 2026 - 02:47:09 EST

On Thu, Feb 19, 2026 at 03:40:25PM +0100, Greg KH wrote:
> On Thu, Feb 19, 2026 at 03:15:34PM +0100, Lukas Wunner wrote:
> > # What's the certificate chain in slot0?
> > openssl storeutl -text /sys/bus/pci/devices/0000:03:00.0/certificates/slot0
> >
> > # Fingerprint of root cert in slot0, does it match what vendor claims?
> > openssl x509 -fingerprint -in /sys/bus/pci/devices/0000:03:00.0/certificates/slot0
> >
> > # Looks good, let's trust it:
> > keyctl padd asymmetric "" %:.cma < /sys/bus/pci/devices/0000:03:00.0/certificates/slot0
>
> As much fun as it is to abuse sysfs, please, let's not do this there.
> You just did something that could have changed the device between
> storing, checking and then trusting it as the device is never guaranteed
> to remain the same across multiple calls to sysfs (i.e. yanked out and
> another added.)

No, the kernel caches the certificate chains read from the SPDM slots
and what is exposed in sysfs is that cached copy. So all three commands
above pertain to the same certificate chain.

> So let's not design in a security issue from the start please :)

The alleged security issue does not exist.

Thanks,

Lukas