13–15 Nov 2023
America/New_York timezone

PCI device authentication & encryption

15 Nov 2023, 15:15
45m
"Potomac G" (Omni Richmond Hotel)

"Potomac G"

Omni Richmond Hotel

80
Birds of a Feather (BoF) Birds of a Feather (BoF)

Speakers

Jonathan Cameron (Huawei Technologies R&D (UK)) Lukas Wunner

Description

At LPC 2022 we had a fruitful BoF session to align on an architecture for PCI device authentication (CMA-SPDM, PCIe r6.1 sec 6.31).

The BoF allowed community members' concerns to be addressed. Rough consensus on a path forwards was established, with device authentication to be performed by the PCI core before a driver is probed.

At the time, a proof-of-concept implementation of in-kernel CMA-SPDM had been submitted as an RFC.

That implementation has since been refined and extended based on what we discussed at LPC 2022, and it was submitted as a non-RFC patch set before LPC 2023.

We would like to reconvene for a face-to-face discussion on these authentication patches and the next steps to bring up measurement retrieval, certificate provisioning and encryption on top of them (IDE, PCIe r6.1 sec 6.33).

Another topic worth discussing is how this in-kernel implementation can be made to work with vendor-defined firmware implementations (such as Intel TDX Connect, AMD SEV-TIO, ARM CCA).

The audience of this BoF includes PCI, CXL and virtualization developers interested in device security.

Primary authors

Jonathan Cameron (Huawei Technologies R&D (UK)) Lukas Wunner

Presentation materials

Diamond Sponsors
Platinum Sponsor
Gold Sponsors
Silver Sponsors
Catchbox Sponsor
Livestream Sponsors
T-Shirt Sponsor
Conference Services Provided by