From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR05-AM6-obe.outbound.protection.outlook.com (EUR05-AM6-obe.outbound.protection.outlook.com [40.107.22.69]) by mx.groups.io with SMTP id smtpd.web11.83536.1682438850686936875 for ; Tue, 25 Apr 2023 09:07:31 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=Cdz37K86; spf=pass (domain: arm.com, ip: 40.107.22.69, mailfrom: sami.mujawar@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O0mOgR1upBVtdMh9ZVcJxEDV1M4XGz+FAq32m384BfU=; b=Cdz37K86t+FLcgkjbmR7JTD8KyunuDYblhrxwroA6N/jZhq4gnfPK/jOMrMCSWIj7eX8FZ7aUzSXgrzB1nEnLb1b8sG3PASDZQgdHk+nHASZ2Ic8RNkr0kB8lesimZw8DbEf/Y2BOruFohJEbXE2NZWJ7YTMXNmEN8DCkP0JZzQ= Received: from AM0PR08CA0033.eurprd08.prod.outlook.com (2603:10a6:208:d2::46) by DBBPR08MB5963.eurprd08.prod.outlook.com (2603:10a6:10:205::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34; Tue, 25 Apr 2023 16:07:14 +0000 Received: from AM7EUR03FT055.eop-EUR03.prod.protection.outlook.com (2603:10a6:208:d2:cafe::6a) by AM0PR08CA0033.outlook.office365.com (2603:10a6:208:d2::46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 16:07:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT055.mail.protection.outlook.com (100.127.141.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 16:07:14 +0000 Received: ("Tessian outbound 99a3040377ca:v136"); Tue, 25 Apr 2023 16:07:14 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: e3cc209b9fd51d03 X-CR-MTA-TID: 64aa7808 Received: from 9b86ec3f5596.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id BCABC08D-5FA2-4117-A983-79823A931D83.1; Tue, 25 Apr 2023 16:04:37 +0000 Received: from EUR05-DB8-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 9b86ec3f5596.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 25 Apr 2023 16:04:37 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LY8TNmnhknnU7CIFTAvnSpPxJky3yyiyR44VZ1AA4bbBTLME2C9ZVt07aByKIssroNKchdSlBJfVV3n2PvyjbZlWXYCCWggj1gHWDbny/PhB7hApxSdl22vuTjGsQReMMVeJxQ7x4rAms7WdkH+4ZFWAcMcQwYsoV4SF7U/1Y9lfqt2wODJaXva6LOo4O00PBjrmHpJ8NjsaRvx01UqgDmHxMFAsHbGJYkn39SMCT6yu3P3OtREpqB66Mt5AoVN+uif3xfRBqwNUlON/kKxWD2qLo9RU3CPM8iuTbnaXFeMKF1xoPyRAaZS8nxFc/1tQU2p3AdoVGzqsGlx1o+S0Vw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O0mOgR1upBVtdMh9ZVcJxEDV1M4XGz+FAq32m384BfU=; b=LoaNXfioKswTk2CX2xdfV4OvwGgu/QANKsMBnRo9oXqlUCx1L4x+ZB1bRD/p8h00JuUE5yGi1kmRv0wfhqdPNYTn/rsyxmKzvrtMK3O+hpE/MhoO/f4B6KbT5xHJtdwGOYkfWlXKoD5gY/Zj5CoR1amrYwtL7bCsWf7lhthmk2SSf6DiFlR7rAFaf4dpBDsQ3zJZSY0Xm6isBSjVxo6abYhwi9v93lvyVYkvmtWrKQpm0rb5oYexQMspT/qJ7R3Z/U4oaXIkl5SqoHS/KTDpKDmAP4s32IbyHq9G5GaBqDC6tuwbv1EgMTYqDN/H8GsQ6aQ+g3BRgj/2a+A8ec6MRA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O0mOgR1upBVtdMh9ZVcJxEDV1M4XGz+FAq32m384BfU=; b=Cdz37K86t+FLcgkjbmR7JTD8KyunuDYblhrxwroA6N/jZhq4gnfPK/jOMrMCSWIj7eX8FZ7aUzSXgrzB1nEnLb1b8sG3PASDZQgdHk+nHASZ2Ic8RNkr0kB8lesimZw8DbEf/Y2BOruFohJEbXE2NZWJ7YTMXNmEN8DCkP0JZzQ= Received: from DB6PR0601CA0034.eurprd06.prod.outlook.com (2603:10a6:4:17::20) by PA4PR08MB6255.eurprd08.prod.outlook.com (2603:10a6:102:f1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 16:04:32 +0000 Received: from DBAEUR03FT052.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:17:cafe::5d) by DB6PR0601CA0034.outlook.office365.com (2603:10a6:4:17::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33 via Frontend Transport; Tue, 25 Apr 2023 16:04:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by DBAEUR03FT052.mail.protection.outlook.com (100.127.142.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 16:04:31 +0000 Received: from AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 25 Apr 2023 16:04:31 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX02.Emea.Arm.com (10.251.26.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 25 Apr 2023 16:04:29 +0000 Received: from E114225.Arm.com (10.1.196.36) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.2507.23 via Frontend Transport; Tue, 25 Apr 2023 16:04:28 +0000 From: "Sami Mujawar" To: CC: Sami Mujawar , , , , , , , , , , , , , , , Subject: [RFC PATCH v1 00/30] Support for Arm CCA guest firmware Date: Tue, 25 Apr 2023 17:03:58 +0100 Message-ID: <20230425160428.27980-1-sami.mujawar@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DBAEUR03FT052:EE_|PA4PR08MB6255:EE_|AM7EUR03FT055:EE_|DBBPR08MB5963:EE_ X-MS-Office365-Filtering-Correlation-Id: e5c63dd2-3051-433f-577b-08db45a7227a x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: DXKJ6PiLQR8HFPdgXJa+1GzIHQOnuTPL8XiGzb2x9eUWo3NyLm0AbI1KIER5l17xwnsK2Ib+DNtEcKHAaoEwmz8DtjvwLm1z77LCRBYrva31IBulhkfQgTonwBcb07a80MdjUVYavG74HFo5gbAWlcB5AcO8Ll+S9nCFKfA7xTexVhpiTQTsT3aRTbjrEkaX+LcBHOpeFQA8uPM1zWRDvzwNX0fSTxSLECk901DdmddqF7wsEaFJvxB2K9gvGgbg+5qeeYQ83t7b8BTylDElsM/BZi68Mey9kX/04APXm6b+nMlBApRYLEDjgN1S/ICv4JfbSg0PQaO/45NcxcCuQYdmG7lz5E+Ts3WPh+G0fK3AJOLT17/gBDa1X/N7Na3uwGQsELk28Zn6AZ7ERfEsMJEwClM6Zk+c5EN64B3sHNV/QOEnw6jRR4kA2iTtcZQ+UVOTKRR6CvtTodtAvW2zbuHuw/H3gubfdYln2D6sqSSi8DzwY/Sv7MGjdoBGpZQbYdZfpEZY0+FA2F3USr89vfEHGn1PXGFELRumDxEW5pFaffcC/g2ji24T5qQjZoxXuSmdaSS16AwP+xNY6OGS/wtyl7XvtTQeqLeY1kLVJi46mjGBniHFcxZ5I/YaGnXbWqR6xml3fdTXg7wmIoCw/g6frKezHEMbuvX+mBx4ecPKSLkjd3ZnH+NkswYaVlWyMtlrWOLmWvxJdBD0UHmTpm02swMapA0BvETLgkG2gEfNs+xUTlCMWSW7zvxpxktuA29NVI7TlfUGJDRTqEFSaQ== X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230028)(4636009)(396003)(346002)(136003)(39860400002)(376002)(451199021)(46966006)(36840700001)(30864003)(966005)(7696005)(2906002)(2616005)(6666004)(186003)(40480700001)(1076003)(70206006)(70586007)(8936002)(8676002)(41300700001)(6916009)(4326008)(316002)(26005)(478600001)(44832011)(5660300002)(54906003)(19627235002)(82740400003)(356005)(81166007)(82310400005)(36756003)(86362001)(36860700001)(47076005)(336012)(426003)(83380400001)(34070700002)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR08MB6255 Return-Path: Sami.Mujawar@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT055.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: d6c29f20-9727-4ead-d397-08db45a6c14b X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: pVh3gJrP277OZVmdEYYSNqW8M5oklTTDoojZEcJjYPd011pHFSm2YldoTuB0xlrabHBQwsUrCF8ve/QrikPCXYPpTXS1Zq3Kjj/bpJWj24ShgTGzhYugLO125yVk7v++kzf+EpJHMEhXvOTpmU/FnLceSd2ifjgGaEhatyNEjM0dE4lyNYb5LStrpC+XhG6/so169WRGiyYTpIFesh3M+yb7GMtoChFIrdT5qumm76c1fwQpd0tWVIuFA4wFIKEnMaViDJFUAUEoDpIAIW3WRhKRpqEM0jTZts1Q/oXIHpK6AaR2+CCGEXF7vCfsYZdNgYPVoAo8sVW1NrdzNO8TL0a7pTHVS+ADelWCZYhnXhK8ov7mZbxH31tAD7JEa7YN+wRqTgRiYqjNNjXJ6EjzixtQMSjnrlBQxYi6ii9s2DsfndhoexHdMI8RGJi9kMVflDfj15lB68ukcxdCBk90krKVJ6pIr2fBqFrlSU/ZEnTOm7CJwj7clcv81+uR5sAYx8NyIO4Nt6P/6JrR7VfSn6w0HcJNq5PLkMYzI6RCSIqCmnf3HdZk0xAkov/b1Rocknr28Btpu1Q/QDxnJFLlQjDcErrWWNZpM7EQM8tS4ksRHKyR3ULjhUZIC8qrcLYz5G6cU+/8Z3Ot1Bv5vlgIP5wiDkL4Y8IH42LTYEiKQ7jfPn91EP2XWZXW5Whg3OLE/XrqnSOAw2nzKEhmV0bYBLHIoKHJRmvob5Y69aruaali1UpshBDHkJMUfesgDDBr5JY8fe/Xx0MNdVRe5UaGQA== X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(396003)(376002)(39860400002)(346002)(451199021)(40470700004)(46966006)(36840700001)(19627235002)(40460700003)(36756003)(54906003)(34070700002)(82310400005)(86362001)(478600001)(41300700001)(81166007)(8936002)(8676002)(44832011)(30864003)(2906002)(6916009)(40480700001)(4326008)(316002)(82740400003)(70586007)(70206006)(5660300002)(186003)(1076003)(26005)(966005)(336012)(426003)(83380400001)(47076005)(2616005)(36860700001)(7696005)(6666004);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 16:07:14.2574 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e5c63dd2-3051-433f-577b-08db45a7227a X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT055.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB5963 Content-Type: text/plain We are happy to announce an early RFC version of the Arm Confidential Compute Architecture (CCA) support for the Kvmtool guest firmware. The intention is to seek early feedback in the following areas: * Integration of the Arm CCA in ArmVirtPkg * Generalise the operations wherever possible with other Confidential Compute solutions and Virtual Machine Managers (VMMs) * Guest firmware support for Realms. Introduction ============ Arm Confidential Compute Architecture (CCA) ------------------------------------------- Arm CCA is a reference software architecture and implementation that builds on the Realm Management Extension (RME), enabling the execution of Virtual machines (VMs), while preventing access by more privileged software, such as hypervisor. Arm CCA allows the hypervisor to control the VM, but removes the right for access to the code, register state or data used by VM. More information on the architecture is available here [0]. Realm World || Normal World || Secure World || || | || || EL0 x---------x || x----x | x------x || || | Realm | || | | | | | || || | VM* | || | VM | | | | || || |x-------x| || | | | | | || || || || || | | | | H | || || || Guest || || | | | | | || || ----|| OS ||--------||-| |---| o |-||----------------|| || || || | | | | | || || |x-------x| || | | | | s | || || | ^ | || | | | | | || || | | | || | | | | t | || || |+-------+| || | | | | | || || || REALM || || | | | | | || || || GUEST || || | | | | O | || || || UEFI || || | | | | | || || |+-------+| || | | | | S | || || EL1 x---------x || x----x | | | || || ^ || | | | || || | || | | | || || -------- R*------------||----------| |-||----------------|| S || | | || || I || x-->| | || || | || | | | || || | || | x------x || || | || | ^ || || v || SMC | || || x-------x || | x------x || || | RMM* | || | | HOST | || || x-------x || | | UEFI | || || ^ || | x------x || || EL2 | || | || || | || | || || =========|=====================|================================ | | x------- *RMI* -------x EL3 Root World EL3 Firmware =============================================================== Where: RMM - Realm Management Monitor RMI - Realm Management Interface RSI - Realm Service Interface SMC - Secure Monitor Call RME introduces two added additional worlds, "Realm world" and "Root World" in addition to the traditional Secure world and Normal world. The Arm CCA defines a new component, Realm Management Monitor (RMM) that runs at R-EL2. This is a standard piece of firmware, verified, installed and loaded by the EL3 firmware (e.g., TF-A), at system boot. The RMM provides a standard interface Realm Management Interface (RMI) to the Normal world hypervisor to manage the VMs running in the Realm world (also called Realms). These are exposed via SMC and are routed through the EL3 firmware. The RMM also provides certain services to the Realms via SMC, called the Realm Service Interface (RSI). These include: - Realm Guest Configuration - Attestation & Measurement services - Managing the state of an Intermediate Physical Address (IPA aka GPA) page - Host Call service (Communication with the Normal world Hypervisor). The specification for the RMM software is currently at *v1.0-eac0* and the latest version is available here [1]. The Trusted Firmware foundation has an implementation of the RMM - TF-RMM - available here [3]. Implementation ============== This version of the Realm Guest UEFI firmware is intended to be used with the Linux Kernel RFC stack[6][11] and is based on the RMM specification v1.0-BET0[2]. We plan to update the Guest UEFI Firmware to support the latest version of the RMMv1.0 spec in the coming revisions. This release includes the following: a) Boot a Linux Kernel in a Realm VM using the Realm Guest UEFI firmware b) Hardware description is provided using ACPI tables. c) Support for Virtio v1.0 d) All I/O are treated as non-secure/shared e) Load the Linux Kernel and RootFS from a Virtio attached disk using the Virtio-1.0 PCIe transport f) Provide UEFI runtime variable support using Emulated Variable support. Overview of updates for enabling Arm CCA ---------------------------------------- The Arm CCA implementation is spread across a number of libraries that provide required functionality during various phases of the firmware boot. The following libraries have been provided: i. ArmCcaInitPeiLib - A library that implements the hook functions in the PEI phase ii. ArmCcaLib - A library that implements common functions like checking if RME extension is implemented and to configure the Protection attribute for the memory regions iii. ArmCcaRsiLib - A library that implements the Realm Service Interface functions. A NULL implementation of the ArmCcaInitPeiLib and ArmCcaLib is also provided for platforms that do not implement the RME extensions. Additionally, the following DXE modules have been provided to implement the required functionality in the DXE phase. i. ArmCcaDxe - An APRIORI DXE that is responsible for configuring the Monitor Conduit to SMC for a Realm ii. RealmApertureManagementProtocolDxe - A DXE that implements the Realm Aperture Management Protocol, used to manage the sharing of buffers in a Realm with the Host iii. ArmCcaIoMmuDxe - A driver which implements the EDKII_IOMMU_PROTOCOL that provides the necessary hooks so that DMA operations can be performed by bouncing buffers using pages shared with the Host. Arm CCA updates in PEI phase ---------------------------- For supporting Arm CCA two hooks have been added in the PrePi module: i. An early hook to configure the System Memory as Protected RAM ii. A second hook after the MMU is initialised to perform the remaining CCA initialisations like reading the Realm Config to determine the IPA width of the realm, configuring the Protection attribute for the MMIO regions, etc. These hook functions are implemented in ArmCcaInitPeiLib. A NULL version of the library has also been provided for implementations that do not have the RME extensions. Additionally, the ArmVirtMemInfoLib has been updated to implement a platform specific hook function ArmCcaConfigureMmio() that can configure the protection attribute for the MMIO regions for the platform. +=====+ |PrePi| +=====+ | _ModuleEntryPoint() =================== | DiscoverDramFromDt() | +--> ArmCcaInitPeiLib|ArmCcaConfigureSystemMemory() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | // configure System Memory ---------------- // as Protected RAM. | ... | -------- | CEntryPoint() | PrePiMain() =========== | ... | ProcessLibraryConstructorList() | MemoryPeim() | ArmCcaInitPeiLib|ArmCcaInitialize() // Perform Arm CCA ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ // initialisations, | // like reading the | // Realm Config, etc. | ArmVirtMemInfoLib|ArmCcaConfigureMmio() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | // Configure Protection attribute -------- // for the MMIO region. | ---------- | ... | +===+ |DXE| +===+ Building the UEFI firmware ============================ a. Set up the development environment Follow the steps as described in https://developer.arm.com/documentation/102571/0100 Note: The EDK2 build system requires Python 3.7 or later. b. The source code for the Host and Realm Guest firmware can be downloaded from [12]. c. Building the Host UEFI firmware for FVP Base RevC AEM Model Follow the instructions in https://developer.arm.com/documentation/102571/0100 to "Build the firmware for Arm FVP Base AEMv8A-AEMv8A model platform" based on your development environment configuration. Note: The same firmware binary can be used for both the Arm FVP Base AEMv8A-AEMv8A and the FVP Base RevC AEM Model. d. Building the Realm Guest UEFI firmware for kvmtool: To build the kvmtool guest firmware, run the following commands: $build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtKvmTool.dsc -b DEBUG $build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtKvmTool.dsc -b RELEASE The Kvmtool guest firmware binaries are at the following location: $WORKSPACE/Build/ArmVirtKvmTool-AARCH64/_GCC5/ FV/KVMTOOL_EFI.fd Running the stack ==================== To run/test the stack, you would need the following components: i. FVP Base AEM RevC model with FEAT_RME support [4] ii. TF-A firmware for EL3 [5] iii. TF-A RMM for R-EL2 [3] iv. Linux Kernel [6] v. kvmtool [7] vi. UEFI Firmware for Arm CCA [12]. Instructions for building the remaining firmware components and running the model are available here [9]. Once, the host kernel has finished booting, a Realm can be launched by invoking the `lkvm` command as follows: $ lkvm run --realm \ --measurement-algo=["sha256", "sha512"] \ --disable-sve \ --firmware KVMTOOL_EFI.fd \ -m 512 \ --irqchip=gicv3-its \ --force-pci \ --disk Where: * --measurement-algo (Optional) specifies the algorithm selected for creating the initial measurements by the RMM for this Realm (defaults to sha256) * GICv3 is mandatory for the Realms * SVE is not yet supported in the TF-RMM, and thus must be disabled using --disable-sve * --force-pci is required as only Virtio-v1.0 PCIe transport is supported. An alternative is to use the Shrinkwrap tool [13] which provides a complete solution to build and run the Arm CCA software stack. Links ============ [0] Arm CCA Landing page (See Key Resources section for various documentations) https://www.arm.com/armcca [1] RMM Specification Latest https://developer.arm.com/documentation/den0137/latest [2] RMM v1.0-BET0 specification https://developer.arm.com/documentation/den0137/1-0bet0/ [3] Trusted Firmware RMM - TF-RMM https://www.trustedfirmware.org/projects/tf-rmm/ GIT: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git [4] FVP Base RevC AEM Model (available on x86_64 / Arm64 Linux) https://developer.arm.com/Tools%20and%20Software/Fixed%20Virtual%20Platforms [5] Trusted Firmware for A class https://www.trustedfirmware.org/projects/tf-a/ [6] Linux kernel support for Arm-CCA https://gitlab.arm.com/linux-arm/linux-cca Host Support branch: cca-host/rfc-v1 Guest Support branch: cca-guest/rfc-v1 [7] kvmtool support for Arm CCA https://gitlab.arm.com/linux-arm/kvmtool-cca cca/rfc-v1 [8] kvm-unit-tests support for Arm CCA https://gitlab.arm.com/linux-arm/kvm-unit-tests-cca cca/rfc-v1 [9] Instructions for Building Firmware components and running the model, see section 4.19.2 "Building and running TF-A with RME" https://trustedfirmware-a.readthedocs.io/en/latest/components/realm-management-extension.html#building-and-running-tf-a-with-rme [10] fd based Guest Private memory for KVM https://lkml.kernel.org/r/20221202061347.1070246-1-chao.p.peng@linux.intel.com [11] [RFC] Support for Arm CCA VMs on Linux https://lore.kernel.org/linux-arm-kernel/20230127112248.136810-1-suzuki.poulose@arm.com/ [12] UEFI Firmware support for Arm CCA Host Support: - Repo: https://github.com/tianocore/edk2-platforms - Branch: master Guest Support: - Repo: https://gitlab.arm.com/linux-arm/edk2-cca - Branch: 2595_arm_cca_0abet0_rfc_v1 - URL: https://gitlab.arm.com/linux-arm/edk2-cca/-/tree/2595_arm_cca_0abet0_rfc_v1 [13] Building Arm CCA software stack using Shrinkwrap https://shrinkwrap.docs.arm.com/en/latest/userguide/configstore/cca-3world.html Sami Mujawar (30): ArmVirtPkg: kvmtool: Add Emulated Runtime variable support ArmPkg: Add helper function to detect RME ArmPkg: Export SetMemoryRegionAttribute in ArmMmuLib ArmPkg: Extend number of parameter registers in SMC call ArmPkg & ArmVirtPkg: Make PcdMonitorConduitHvc a dynamic PCD ArmVirtPkg: Add Arm CCA Realm Service Interface Library ArmVirtPkg: ArmCcaRsiLib: Add interfaces to manage the Realm IPA state ArmVirtPkg: ArmCcaRsiLib: Add an interface to get an attestation token ArmVirtPkg: ArmCcaRsiLib: Add interfaces to get/extend REMs ArmVirtPkg: ArmCcaRsiLib: Add an interface to make a RSI Host Call ArmVirtPkg: Define a GUID HOB for IPA width of a Realm ArmVirtPkg: Add library for Arm CCA initialisation in PEI ArmVirtPkg: Add NULL instance of ArmCcaInitPeiLib ArmVirtPkg: Add library for Arm CCA helper functions ArmVirtPkg: Add Null instance of ArmCcaLib ArmVirtPkg: Define an interface to configure MMIO regions for Arm CCA ArmVirtPkg: CloudHv: Add a NULL implementation of ArmCcaConfigureMmio ArmVirtPkg: Qemu: Add a NULL implementation of ArmCcaConfigureMmio ArmVirtPkg: Xen: Add a NULL implementation of ArmCcaConfigureMmio ArmVirtPkg: Configure the MMIO regions for Arm CCA ArmVirtPkg: Kvmtool: Use Null version of DebugLib in PrePi ArmVirtPkg: Add Arm CCA libraries for Kvmtool guest firmware ArmVirtPkg: Arm CCA configure system memory in early Pei ArmVirtPkg: Perform Arm CCA initialisation in the Pei phase ArmVirtPkg: Add ArmCcaDxe for early DXE phase initialisation ArmVirtPkg: Introduce Realm Aperture Management Protocol ArmVirtPkg: IoMMU driver to DMA from Realms ArmVirtPkg: Enable Virtio communication for Arm CCA MdePkg: Warn if AArch64 RNDR instruction is not supported ArmVirtPkg: Kvmtool: Switch to use BaseRng for AArch64 ArmPkg/ArmPkg.dec | 10 +- ArmPkg/Include/Chipset/AArch64.h | 3 +- ArmPkg/Include/Library/ArmLib.h | 15 +- ArmPkg/Include/Library/ArmMmuLib.h | 22 + ArmPkg/Include/Library/ArmSmcLib.h | 50 +- ArmPkg/Library/ArmLib/AArch64/AArch64Lib.c | 16 +- ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 16 +- ArmPkg/Library/ArmMonitorLib/ArmMonitorLib.c | 4 +- ArmPkg/Library/ArmSmcLib/AArch64/ArmSmc.S | 22 +- ArmVirtPkg/ArmCcaDxe/ArmCcaDxe.c | 50 ++ ArmVirtPkg/ArmCcaDxe/ArmCcaDxe.inf | 39 + ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c | 813 ++++++++++++++++++++ ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.h | 66 ++ ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.c | 59 ++ ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf | 45 ++ ArmVirtPkg/ArmVirt.dsc.inc | 6 +- ArmVirtPkg/ArmVirtKvmTool.dsc | 54 +- ArmVirtPkg/ArmVirtKvmTool.fdf | 24 +- ArmVirtPkg/ArmVirtPkg.dec | 7 + ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h | 49 ++ ArmVirtPkg/Include/Library/ArmCcaLib.h | 114 +++ ArmVirtPkg/Include/Library/ArmCcaRsiLib.h | 253 ++++++ ArmVirtPkg/Include/Library/ArmVirtMemInfoLib.h | 19 +- ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h | 103 +++ ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c | 116 +++ ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf | 39 + ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c | 59 ++ ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf | 27 + ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c | 190 +++++ ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf | 34 + ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c | 117 +++ ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf | 28 + ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h | 48 ++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c | 561 ++++++++++++++ ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf | 29 + ArmVirtPkg/Library/CloudHvVirtMemInfoLib/CloudHvVirtMemInfoLib.c | 22 +- ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.c | 39 +- ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf | 3 +- ArmVirtPkg/Library/QemuVirtMemInfoLib/QemuVirtMemInfoLib.c | 21 + ArmVirtPkg/Library/XenVirtMemInfoLib/XenVirtMemInfoLib.c | 21 + ArmVirtPkg/PrePi/AArch64/ModuleEntryPoint.S | 6 +- ArmVirtPkg/PrePi/ArmVirtPrePiUniCoreRelocatable.inf | 3 +- ArmVirtPkg/PrePi/PrePi.c | 10 +- ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c | 656 ++++++++++++++++ ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf | 48 ++ MdePkg/Library/BaseRngLib/AArch64/Rndr.c | 8 +- 46 files changed, 3906 insertions(+), 38 deletions(-) create mode 100644 ArmVirtPkg/ArmCcaDxe/ArmCcaDxe.c create mode 100644 ArmVirtPkg/ArmCcaDxe/ArmCcaDxe.inf create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.c create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmu.h create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.c create mode 100644 ArmVirtPkg/ArmCcaIoMmuDxe/ArmCcaIoMmuDxe.inf create mode 100644 ArmVirtPkg/Include/Library/ArmCcaInitPeiLib.h create mode 100644 ArmVirtPkg/Include/Library/ArmCcaLib.h create mode 100644 ArmVirtPkg/Include/Library/ArmCcaRsiLib.h create mode 100644 ArmVirtPkg/Include/Protocol/RealmApertureManagementProtocol.h create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.c create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLib/ArmCcaInitPeiLib.inf create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.c create mode 100644 ArmVirtPkg/Library/ArmCcaInitPeiLibNull/ArmCcaInitPeiLibNull.inf create mode 100644 ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.c create mode 100644 ArmVirtPkg/Library/ArmCcaLib/ArmCcaLib.inf create mode 100644 ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.c create mode 100644 ArmVirtPkg/Library/ArmCcaLibNull/ArmCcaLibNull.inf create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsi.h create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.c create mode 100644 ArmVirtPkg/Library/ArmCcaRsiLib/ArmCcaRsiLib.inf create mode 100644 ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.c create mode 100644 ArmVirtPkg/RealmApertureManagementProtocolDxe/RealmApertureManagementProtocolDxe.inf -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'