Dev news

Commit 249872f53d64 for kernel

commit 249872f53d64441690927853e9d3af36394802d5
Merge: fbff94967958 7dfbe9a67519
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Sat Dec 6 10:15:41 2025 -0800

    Merge tag 'tsm-for-6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/devsec/tsm

    Pull PCIe Link Encryption and Device Authentication from Dan Williams:
     "New PCI infrastructure and one architecture implementation for PCIe
      link encryption establishment via platform firmware services.

      This work is the result of multiple vendors coming to consensus on
      some core infrastructure (thanks Alexey, Yilun, and Aneesh!), and
      three vendor implementations, although only one is included in this
      pull. The PCI core changes have an ack from Bjorn, the crypto/ccp/
      changes have an ack from Tom, and the iommu/amd/ changes have an ack
      from Joerg.

      PCIe link encryption is made possible by the soup of acronyms
      mentioned in the shortlog below. Link Integrity and Data Encryption
      (IDE) is a protocol for installing keys in the transmitter and
      receiver at each end of a link. That protocol is transported over Data
      Object Exchange (DOE) mailboxes using PCI configuration requests.

      The aspect that makes this a "platform firmware service" is that the
      key provisioning and protocol is coordinated through a Trusted
      Execution Envrionment (TEE) Security Manager (TSM). That is either
      firmware running in a coprocessor (AMD SEV-TIO), or quasi-hypervisor
      software (Intel TDX Connect / ARM CCA) running in a protected CPU
      mode.

      Now, the only reason to ask a TSM to run this protocol and install the
      keys rather than have a Linux driver do the same is so that later, a
      confidential VM can ask the TSM directly "can you certify this
      device?".

      That precludes host Linux from provisioning its own keys, because host
      Linux is outside the trust domain for the VM. It also turns out that
      all architectures, save for one, do not publish a mechanism for an OS
      to establish keys in the root port. So "TSM-established link
      encryption" is the only cross-architecture path for this capability
      for the foreseeable future.

      This unblocks the other arch implementations to follow in v6.20/v7.0,
      once they clear some other dependencies, and it unblocks the next
      phase of work to implement the end-to-end flow of confidential device
      assignment. The PCIe specification calls this end-to-end flow Trusted
      Execution Environment (TEE) Device Interface Security Protocol
      (TDISP).

      In the meantime, Linux gets a link encryption facility which has
      practical benefits along the same lines as memory encryption. It
      authenticates devices via certificates and may protect against
      interposer attacks trying to capture clear-text PCIe traffic.

      Summary:

       - Introduce the PCI/TSM core for the coordination of device
         authentication, link encryption and establishment (IDE), and later
         management of the device security operational states (TDISP).
         Notify the new TSM core layer of PCI device arrival and departure

       - Add a low level TSM driver for the link encryption establishment
         capabilities of the AMD SEV-TIO architecture

       - Add a library of helpers TSM drivers to use for IDE establishment
         and the DOE transport

       - Add skeleton support for 'bind' and 'guest_request' operations in
         support of TDISP"

    * tag 'tsm-for-6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/devsec/tsm: (23 commits)
      crypto/ccp: Fix CONFIG_PCI=n build
      virt: Fix Kconfig warning when selecting TSM without VIRT_DRIVERS
      crypto/ccp: Implement SEV-TIO PCIe IDE (phase1)
      iommu/amd: Report SEV-TIO support
      psp-sev: Assign numbers to all status codes and add new
      ccp: Make snp_reclaim_pages and __sev_do_cmd_locked public
      PCI/TSM: Add 'dsm' and 'bound' attributes for dependent functions
      PCI/TSM: Add pci_tsm_guest_req() for managing TDIs
      PCI/TSM: Add pci_tsm_bind() helper for instantiating TDIs
      PCI/IDE: Initialize an ID for all IDE streams
      PCI/IDE: Add Address Association Register setup for downstream MMIO
      resource: Introduce resource_assigned() for discerning active resources
      PCI/TSM: Drop stub for pci_tsm_doe_transfer()
      drivers/virt: Drop VIRT_DRIVERS build dependency
      PCI/TSM: Report active IDE streams
      PCI/IDE: Report available IDE streams
      PCI/IDE: Add IDE establishment helpers
      PCI: Establish document for PCI host bridge sysfs attributes
      PCI: Add PCIe Device 3 Extended Capability enumeration
      PCI/TSM: Establish Secure Sessions and Link Encryption
      ...

diff --cc include/linux/psp-sev.h
index abcdee256c65,cce864dbf281..69ffa4b4d1fa
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@@ -882,11 -857,9 +890,15 @@@ struct snp_feature_info
  	u32 edx;
  } __packed;

++/* Feature bits in ECX */
 +#define SNP_RAPL_DISABLE_SUPPORTED		BIT(2)
  #define SNP_CIPHER_TEXT_HIDING_SUPPORTED	BIT(3)
 -#define SNP_SEV_TIO_SUPPORTED			BIT(1) /* EBX */
 +#define SNP_AES_256_XTS_POLICY_SUPPORTED	BIT(4)
 +#define SNP_CXL_ALLOW_POLICY_SUPPORTED		BIT(5)
 +
++/* Feature bits in EBX */
++#define SNP_SEV_TIO_SUPPORTED			BIT(1)
+
  #ifdef CONFIG_CRYPTO_DEV_SP_PSP

  /**