From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f52.google.com (mail-wm1-f52.google.com [209.85.128.52]) by mx.groups.io with SMTP id smtpd.web10.52940.1683213188923459613 for ; Thu, 04 May 2023 08:13:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="signature has expired" header.i=@linaro.org header.s=google header.b=sqfez5Tm; spf=pass (domain: linaro.org, ip: 209.85.128.52, mailfrom: jean-philippe@linaro.org) Received: by mail-wm1-f52.google.com with SMTP id 5b1f17b1804b1-3f19a7f9424so6559915e9.2 for ; Thu, 04 May 2023 08:13:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1683213187; x=1685805187; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=GIm0XE82reQ40EHcGRA6WEVwPU5FiKPHDHCGSUabfi8=; b=sqfez5TmkXJN9ui8W+hs25AhR2hmtWgxACZbQTR4GuA1rvyG/OR2Zdu42C8t57VCqD /9ZEjQ5DOgJ+hbxwrI5PvRhLWr8K1FNiGPogD2S/xwognLIWuCcpEto6FsSEcgjJ8S1y 4NY5/RUmjMRnvkGfxCa0gMqbza1dekmsaEzsXbQun21+NsqnqEROVlLZ39lhR5Y1cZYV J6KK4f+mcyScUl6nmOWi4/+F46obnmpj2hyWbo56iXEYMsx3EKQL5JoyvHBe6mJnoFPM 9jOuZXqB638MT0cJIcGBCLPZ0ZcrhALZQsk3LNHLTNvBHdc88TDbvhpbm+yFFon5olLf LxQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683213187; x=1685805187; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=GIm0XE82reQ40EHcGRA6WEVwPU5FiKPHDHCGSUabfi8=; b=BoeALZvtVaq3PgZeb0sxqVaroMjgWpBgQs192CVS6AeBy9tXmhjXvVipLXHBNyRzDk PhvlFkg1EuX1Ll1ck1u5k9c21oC16aNCmiPFBwmOcE3JTszTx+Shqyux5Kmwt4uwVKey 2D2TBudOifA8VdyaYOk6pTJPZzG1RwbS45mxZIjqd9WebbxoSqL0FV6GWutFqNAHiUnD XI5NmnnSNoyEyYRIOLbL/FeUb8N0X8BPz2Q3Jv9rTWs7C9+OEpnSlXbyppUyseC6Oq0z DXMH5vegb/XNPBBK/iuCtPLH/GijrTdkztE77WWgk79LcYDqWN1wncT+ra0dZhFAL3Jp jN6g== X-Gm-Message-State: AC+VfDwPx9FBUjHY3wp4hlDyhAEySn2lo8p8FlChEcV7wdECysD7xNE6 xPET3+d/rRldptmqd84OoWfHEg== X-Google-Smtp-Source: ACHHUZ5jVNezxqKFWFv8x/FXqQAIwKM6Oj0yC6f+gW4fdAKxiUWE9FTuv1E69wjixqJV6jfg8sqoQA== X-Received: by 2002:a5d:6041:0:b0:2ff:2c39:d06b with SMTP id j1-20020a5d6041000000b002ff2c39d06bmr2767723wrt.46.1683213187345; Thu, 04 May 2023 08:13:07 -0700 (PDT) Return-Path: Received: from myrica (054592b0.skybroadband.com. [5.69.146.176]) by smtp.gmail.com with ESMTPSA id h7-20020a5d6e07000000b003048084a57asm27674849wrz.79.2023.05.04.08.13.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 May 2023 08:13:06 -0700 (PDT) Date: Thu, 4 May 2023 16:13:01 +0100 From: "Jean-Philippe Brucker" To: Sami Mujawar Cc: devel@edk2.groups.io, ardb+tianocore@kernel.org, quic_llindhol@quicinc.com, kraxel@redhat.com, julien@xen.org, michael.d.kinney@intel.com, gaoliming@byosoft.com.cn, zhiguang.liu@intel.com, Pierre.Gondois@arm.com, Suzuki.Poulose@arm.com, Ryan.Roberts@arm.com, Matteo.Carlini@arm.com, Akanksha.Jain2@arm.com, Ben.Adderson@arm.com, nd@arm.com Subject: Re: [RFC PATCH v1 00/30] Support for Arm CCA guest firmware Message-ID: <20230504151301.GA2861881@myrica> References: <20230425160428.27980-1-sami.mujawar@arm.com> MIME-Version: 1.0 In-Reply-To: <20230425160428.27980-1-sami.mujawar@arm.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, On Tue, Apr 25, 2023 at 05:03:58PM +0100, Sami Mujawar wrote: > We are happy to announce an early RFC version of the Arm Confidential > Compute Architecture (CCA) support for the Kvmtool guest firmware. > The intention is to seek early feedback in the following areas: > * Integration of the Arm CCA in ArmVirtPkg > * Generalise the operations wherever possible with other Confidential > Compute solutions and Virtual Machine Managers (VMMs) Experimental support for ArmVirtQemu is available at [1]. Most of it simply includes Sami's libraries into ArmVirtQemu, but there are a few things specific to QEMU, one of which I still haven't figured out. The early debug support in PEI is problematic. A realm must access the emulated serial port through unprotected Intermediate Physical Address (IPA aka GPA) which is the upper half of the IPA space. The IPA address must have the most significant bit set. Once the MMU is enabled and ArmCcaConfigureMmio() runs, the page tables point to the right IPA so there is no problem. Before that however, EarlyFdtPL011SerialPortLib would need to access the device using the unprotected IPA address. So far I haven't managed to implement this, so the early serial debug is just disabled. Another QEMU-specific: in direct kernel boot (-kernel on the command-line), the FwCfg device provides kernel, initrd and other blobs to the guest firmware. Since these are not in guest RAM before VM boot, they are not part of the Realm Initial Measurement, which provides image attestation. In order for the Realm owner to authenticate these images, I added a BlobVerifier that adds the hash of these blobs to the Realm Extended Measurement. I haven't looked at supporting ArmVirtQemuKernel yet. The latest QEMU VMM support for Arm CCA is at [2], and a typical invocation would be: qemu-system-aarch64 -M confidential-guest-support=rme0 -object rme-guest,id=rme0 -M virt -enable-kvm -M gic-version=3 -cpu host,sve=off -smp 2 -m 256M -bios QEMU_EFI.fd -kernel Image -initrd rootfs.cpio -overcommit mem-lock=on -no-acpi -nographic -append 'earlycon console=ttyAMA0' Thanks, Jean [1] https://jpbrucker.net/git/edk2/ branch cca/qemu [2] https://jpbrucker.net/git/qemu/ branch cca/rfc-v2