On Mon, Jul 28, 2025 at 07:21:46PM +0530, Aneesh Kumar K.V (Arm) wrote:
> Add TSM Guest request uAPI against iommufd_vdevice to forward various
> TSM attestation & acceptance requests from guest to TSM driver/secure
> firmware. This uAPI takes function only after TSM Bind.
>
> After a vPCI device is locked down by TSM Bind, CoCo VM should attest
> and accept the device in its TEE. These operations needs interaction
> with secure firmware and the device, but doesn't impact the device
> management from host's POV. It doesn't change the fact that host should
> not touch some part of the device (see TDISP spec) to keep the trusted
> assignment, and host could exit trusted assignment and roll back
> everything by TSM Unbind.
>
> So the TSM Guest request becomes a passthrough channel for CoCo VM to
> exchange request/response blobs with TSM driver/secure firmware. The
> definition of this IOCTL illustates this idea.
s/illustates/illustrates/
> +++ b/drivers/pci/tsm.c
> @@ -861,7 +861,7 @@ int pci_tsm_unbind(struct pci_dev *pdev)
> EXPORT_SYMBOL_GPL(pci_tsm_unbind);
>
> /**
> - * pci_tsm_guest_req - VFIO/IOMMUFD helper to handle guest requests
> + * pci_tsm_guest_req - IOMMUFD helper to handle guest requests
> * @pdev: @pdev representing a bound tdi
I dunno where this got added (not this patch), but "TDI" might be an
initialism that should be capitalized?
> * @info: envelope for the request
> *
> @@ -871,11 +871,12 @@ EXPORT_SYMBOL_GPL(pci_tsm_unbind);
> * posts to userspace (e.g. QEMU) that holds the host-to-guest RID
> * mapping.
> */
> -int pci_tsm_guest_req(struct pci_dev *pdev, struct pci_tsm_guest_req_info *info)
> +static int __pci_tsm_guest_req(struct pci_dev *pdev, struct tsm_guest_req_info *info)
> {
> struct pci_tdi *tdi;
> int rc;
>
> +
Spurious diff.
> lockdep_assert_held_read(&pci_tsm_rwsem);
>
> if (!pdev->tsm)
