[edk2-devel] mDeviceSecurityProtocol with SPDM

Tue, 11 Jun 2024 21:39:40 -0700 

Hello,

I'm trying to use SPDM over DOE as a EDKII_DEVICE_SECURITY_PROTOCOL
implementation.

I'm using the DeviceSecurity fork from staging, with my own DOE
implementation [5].

First I load `DeviceSecurityPolicyStub` [1], which consumes
`gEdkiiDeviceIdentifierTypePci
Guid` and produces
`gEdkiiDeviceSecurityPolicyProtocolGuid`.

Then I am loading `SpdmDeviceSecurityDxe` [2], which consumes
`gEdkiiDeviceSecurityPolicyProtocolGuid` and produces
`gEdkiiDeviceSecurityProtocolGuid`.

At which point I think the `gEdkiiDeviceSecurityProtocolGuid` should
work in PciBus [3]. Except the problem is that the PCIe bus is already
probed as `DeviceSecurityPolicyStub` consumes
`gEdkiiDeviceIdentifierTypePciGuid`. So I get stuck in a circular
loop.

Does anyone know how I can re-probe the `PciBusDxe` or somehow avoid
the circular dependency?

Or asking another way, is there a way to call the
`AuthenticatePciDevice()` [4] function after probing a PCIe device and
determining that the PCIe device supports DOE and SPDM? I don't see
any users of `gEfiDevicePathProtocolGuid` in upstream EDK2.

1: 
https://github.com/tianocore/edk2-staging/blob/DeviceSecurity/DeviceSecurityTestPkg/Test/DeviceSecurityPolicyStub/DeviceSecurityPolicyStub.inf#L36
2: 
https://github.com/tianocore/edk2-staging/blob/DeviceSecurity/DeviceSecurityTestPkg/SpdmDeviceSecurityDxe/SpdmDeviceSecurityDxe.inf#L56
3: 
https://github.com/tianocore/edk2-staging/blob/DeviceSecurity/MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.c#L299
4: 
https://github.com/tianocore/edk2-staging/blob/DeviceSecurity/MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumeratorSupport.c#L2085
5: https://github.com/tianocore/edk2/pull/5715

PS: This is the second mail, the first didn't make it to the list

Alistair


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#119556): https://edk2.groups.io/g/devel/message/119556
Mute This Topic: https://groups.io/mt/106627087/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to