[PATCH v2 19/21] lib: rspdm: Support SPDM certificate validation
From: alistair23
Date: Tue Jun 23 2026 - 01:03:43 EST
From: Alistair Francis <alistair@xxxxxxxxxxxxx>
Support validating the SPDM certificate chain. This only performs basic
sanity checks on the chain before we continue on. This does not ensure
that the root CA is trusted, we leave that for userspace to check and
enforce. Instead we just make sure that the chain is correct, uses
supported signatures and that it isn't blacklisted in the kernel.
We then store the first leaf certificate for use later.
Signed-off-by: Alistair Francis <alistair@xxxxxxxxxxxxx>
---
lib/rspdm/lib.rs | 12 +++
lib/rspdm/state.rs | 142 +++++++++++++++++++++++++++++++-
rust/bindings/bindings_helper.h | 2 +
rust/kernel/error.rs | 1 +
4 files changed, 156 insertions(+), 1 deletion(-)
diff --git a/lib/rspdm/lib.rs b/lib/rspdm/lib.rs
index 488203be821d..fa5513e8bd4e 100644
--- a/lib/rspdm/lib.rs
+++ b/lib/rspdm/lib.rs
@@ -129,6 +129,18 @@ pub extern "C" fn spdm_authenticate(state_ptr: *mut spdm_state) -> c_int {
provisioned_slots &= !(1 << slot);
}
+ let mut provisioned_slots = state.provisioned_slots;
+ while (provisioned_slots as usize) > 0 {
+ let slot = provisioned_slots.trailing_zeros() as u8;
+
+ if let Err(e) = state.validate_cert_chain(slot) {
+ pr_err!("Certificate in slot {slot} failed to verify: {e:?}\n");
+ return e.to_errno() as c_int;
+ }
+
+ provisioned_slots &= !(1 << slot);
+ }
+
-(EPROTONOSUPPORT as i32)
}
diff --git a/lib/rspdm/state.rs b/lib/rspdm/state.rs
index 9138df30e138..e381cf3f75f9 100644
--- a/lib/rspdm/state.rs
+++ b/lib/rspdm/state.rs
@@ -109,7 +109,8 @@
/// H in SPDM specification.
/// @certs: Certificate chain in each of the 8 slots. Empty KVec if a slot is
/// not populated. Prefixed by the 4 + H header per SPDM 1.0.0 table 15.
-#[expect(dead_code)]
+/// @leaf_key: Public key portion of leaf certificate against which to check
+/// responder's signatures.
pub(crate) struct SpdmState<'a> {
pub(crate) dev: *mut bindings::device,
pub(crate) transport: bindings::spdm_transport,
@@ -138,10 +139,20 @@ pub(crate) struct SpdmState<'a> {
// Certificates
pub(crate) certs: [KVec<u8>; SPDM_SLOTS],
+ pub(crate) leaf_key: Option<*mut bindings::public_key>,
}
impl Drop for SpdmState<'_> {
fn drop(&mut self) {
+ if let Some(leaf_key) = self.leaf_key.take() {
+ // SAFETY: `leaf_key` was extracted from a x509 certificate
+ // in `validate_cert_chain()` so it is valid to pass to
+ // `public_key_free()`.
+ unsafe {
+ bindings::public_key_free(leaf_key);
+ }
+ }
+
if let Some(desc) = self.desc.take() {
// SAFETY: `self.shash` is a valid handle
let desc_len = core::mem::size_of::<bindings::shash_desc>()
@@ -198,6 +209,7 @@ pub(crate) fn new(
desc: None,
hash_len: 0,
certs: [const { KVec::new() }; SPDM_SLOTS],
+ leaf_key: None,
}
}
@@ -831,4 +843,132 @@ pub(crate) fn get_certificate(&mut self, slot: u8) -> Result<(), Error> {
Ok(())
}
+
+ pub(crate) fn validate_cert_chain(&mut self, slot: u8) -> Result<(), Error> {
+ let cert_chain_buf = &self.certs[slot as usize];
+ let cert_chain_len = cert_chain_buf.len();
+ // We skip over the RootHash
+ let header_len = 4 + self.hash_len;
+
+ let mut offset = header_len;
+ let mut prev_cert: Option<*mut bindings::x509_certificate> = None;
+
+ while offset < cert_chain_len {
+ // SAFETY: `cert_chain_buf[offset..]` is a non-empty slice of
+ // bytes valid for at least `cert_chain_len` bytes.
+ let cert_len = unsafe {
+ bindings::x509_get_certificate_length(
+ &cert_chain_buf[offset..] as *const _ as *const u8,
+ cert_chain_len - offset,
+ )
+ };
+
+ if cert_len < 0 {
+ pr_err!("Invalid certificate length\n");
+
+ if let Some(prev) = prev_cert {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+ }
+
+ to_result(cert_len as i32)?;
+ }
+
+ // SAFETY: `cert_chain_buf[offset..]` is a non-empty slice of
+ // bytes valid for at least `cert_len` bytes.
+ let cert_ptr = unsafe {
+ match from_err_ptr(bindings::x509_cert_parse(
+ &cert_chain_buf[offset..] as *const _ as *const c_void,
+ cert_len as usize,
+ )) {
+ Err(e) => {
+ if let Some(prev) = prev_cert {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ bindings::x509_free_certificate(prev);
+ }
+ return Err(e);
+ }
+ Ok(c) => c,
+ }
+ };
+ // SAFETY: Cast the `struct x509_certificate` to a Rust binding
+ let cert = unsafe { *cert_ptr };
+
+ if cert.unsupported_sig || cert.blacklisted {
+ pr_err!("Certificate was rejected\n");
+
+ if let Some(prev) = prev_cert {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+ }
+ // SAFETY: `cert_ptr` was just returned by
+ // `x509_cert_parse()`.
+ unsafe { bindings::x509_free_certificate(cert_ptr) };
+
+ return Err(EKEYREJECTED);
+ }
+
+ if let Some(prev) = prev_cert {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ let rc = unsafe { bindings::public_key_verify_signature((*prev).pub_, cert.sig) };
+
+ if rc < 0 {
+ pr_err!("Signature validation error\n");
+
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+
+ // SAFETY: `cert_ptr` was just returned by
+ // `x509_cert_parse()`.
+ unsafe { bindings::x509_free_certificate(cert_ptr) };
+
+ to_result(rc)?;
+ }
+ }
+
+ if let Some(prev) = prev_cert {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+ }
+
+ prev_cert = Some(cert_ptr);
+ offset += cert_len as usize;
+ }
+
+ if let Some(prev) = prev_cert {
+ if let Some(validate) = self.validate {
+ // SAFETY: Call the `validate` function provided.
+ let rc = unsafe { validate(self.dev, slot, prev) };
+ if let Err(e) = to_result(rc) {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+ return Err(e);
+ }
+ }
+
+ // The leaf key is the same for all slots, so just store the first one.
+ if self.leaf_key.is_none() {
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ self.leaf_key = unsafe { Some((*prev).pub_) };
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration. We are setting
+ // the `pub` key to null so it isn't freed below
+ unsafe { (*prev).pub_ = core::ptr::null_mut() };
+ }
+
+ // SAFETY: `prev_cert` is the previously parsed
+ // certificate from a prior loop iteration.
+ unsafe { bindings::x509_free_certificate(prev) };
+ }
+
+ Ok(())
+ }
}
diff --git a/rust/bindings/bindings_helper.h b/rust/bindings/bindings_helper.h
index d63ad2b03362..e9736162c904 100644
--- a/rust/bindings/bindings_helper.h
+++ b/rust/bindings/bindings_helper.h
@@ -38,6 +38,8 @@
#include <drm/drm_gem_shmem_helper.h>
#include <drm/drm_gpuvm.h>
#include <drm/drm_ioctl.h>
+#include <keys/asymmetric-type.h>
+#include <keys/x509-parser.h>
#include <kunit/test.h>
#include <linux/auxiliary_bus.h>
#include <linux/bitmap.h>
diff --git a/rust/kernel/error.rs b/rust/kernel/error.rs
index 6413de18df80..10700a17eedc 100644
--- a/rust/kernel/error.rs
+++ b/rust/kernel/error.rs
@@ -95,6 +95,7 @@ macro_rules! declare_err {
declare_err!(EINPROGRESS, "Operation now in progress.");
declare_err!(EPROTO, "Protocol error");
declare_err!(EPROTONOSUPPORT, "Protocol not supported");
+ declare_err!(EKEYREJECTED, "Key was rejected by service");
}
/// Generic integer kernel error.
--
2.54.0