On Thu, Oct 17, 2024 at 2:35 AM htafr <htafr...@gmail.com> wrote: > > (I) Summary > =========================================================================== > > This patch is the beginning of the support of the Security Protocol and > Data Model (SPDM). There are some known issues (see II), but it's > usable and not many users are going to use this functionality for now, > but for those who will it may facilitate the development. > > There are some people working with LibSPDM to implement the SPDM on > emulated devices, however current works that use QEMU compile LibSPDM > out-of-tree [1][2][3]. This patch enables the compilation of LibSPDM when > user pass the parameter '--enable-libspdm' to configure file, this option > is disabled by default. The following parameters were also added: > > --libspdm-crypto=CHOICE set LibSPDM crypto algorithm [mbedtls] (choices: > mbedtls/openssl) > --libspdm-toolchain=VALUE > toolchain to use for LibSPDM compilation [GCC] > > In order to facilitate future code development using LibSPDM API, this > patch also provides the definition of the macro 'CONFIG_LIBSPDM'.
We have talked about this before, see https://patchew.org/QEMU/cover.1691509717.git.alistair.fran...@wdc.com/ The general agreement seemed to be that it will be hard to do SPDM configuration inside QEMU, hence the external library (like the QEMU TPM support). > > > (II) Known Limitations > =========================================================================== > > 1. This patch enables LibSPDM in-tree compilation for Linux systems only. > 2. LibSPDM compilation uses CMake, so meson build system is making use > of the CMake module [4]. > 3. Some problems may occur when compiling LibSPDM with MbedTls such as: > error: "_GNU_SOURCE" redefined [-Werror] > 10 | #define _GNU_SOURCE > > It's possible to compile using --disable-werror. > > (III) Sample configuration > =========================================================================== > > ../configure \ > --disable-werror \ > --enable-libspdm \ > --libspdm-crypto=mbedtls \ > --enable-gcov > > References: > [1] riscv-spdm > Link: https://github.com/htafr/riscv-spdm > [2] spdm-benchmark > Link: https://github.com/rcaalves/spdm-benchmark > [3] qemu-spdm-emulation-guide > Link: https://github.com/twilfredo/qemu-spdm-emulation-guide This one has been merged upstream and mainline QEMU supports it now: https://www.qemu.org/docs/master/specs/spdm.html Alistair
