[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH 04/16] hw/arm/virt: Add support for Arm RME
From: |
Richard Henderson |
Subject: |
Re: [RFC PATCH 04/16] hw/arm/virt: Add support for Arm RME |
Date: |
Fri, 27 Jan 2023 11:07:35 -1000 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 |
On 1/27/23 05:07, Jean-Philippe Brucker wrote:
When confidential-guest-support is enabled for the virt machine, call
the RME init function, and add the RME flag to the VM type.
* The Realm differentiates non-secure from realm memory using the upper
GPA bit. Reserve that bit when creating the memory map, to make sure
that device MMIO located in high memory can still fit.
* pvtime is disabled for the moment. Since the hypervisor has to write
into the shared pvtime page before scheduling a vcpu, it seems
incompatible with confidential guests.
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
This should be 3 patches:
(1) Including the rme type into the kvm type.
(2) Adjusting the pa size,
(3) Checking the steal-time and randomness flags.
+ /*
+ * Since the devicetree is included in the initial measurement, it must
+ * not contain random data.
+ */
+ if (virt_machine_is_confidential(vms)) {
+ vms->dtb_randomness = false;
+ }
This property is default off, and the only way it can be on is user argument. This should
be an error, not a silent disable.
+ if (virt_machine_is_confidential(vms)) {
+ /*
+ * The host cannot write into a confidential guest's memory until the
+ * guest shares it. Since the host writes the pvtime region before the
+ * guest gets a chance to set it up, disable pvtime.
+ */
+ steal_time = false;
+ }
This property is default on since 5.2, so falls into a different category. Since 5.2 it
is auto-on for 64-bit guests. Since it's auto-off for 32-bit guests, I don't see a
problem with it being auto-off for RME guests.
I do wonder if we should change it to an OnOffAuto property, just to catch
silly usage.
r~
- Re: [RFC PATCH 02/16] target/arm: Add confidential guest support, (continued)
- [RFC PATCH 01/16] NOMERGE: Add KVM Arm RME definitions to Linux headers, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 07/16] target/arm/kvm: Select RME VM type for the scratch VM, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 05/16] target/arm/kvm: Split kvm_arch_get/put_registers, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 03/16] target/arm/kvm-rme: Initialize realm, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 04/16] hw/arm/virt: Add support for Arm RME, Jean-Philippe Brucker, 2023/01/27
- Re: [RFC PATCH 04/16] hw/arm/virt: Add support for Arm RME,
Richard Henderson <=
- [RFC PATCH 06/16] target/arm/kvm-rme: Initialize vCPU, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 10/16] target/arm/kvm-rme: Add measurement algorithm property, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 09/16] hw/arm/boot: Populate realm memory with boot images, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 08/16] target/arm/kvm-rme: Populate the realm with boot images, Jean-Philippe Brucker, 2023/01/27
- [RFC PATCH 14/16] target/arm/kvm-rme: Add PMU num counters parameters, Jean-Philippe Brucker, 2023/01/27