lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230127112758.37891-1-steven.price@arm.com>
Date:   Fri, 27 Jan 2023 11:27:44 +0000
From:   Steven Price <steven.price@....com>
To:     kvmarm@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org
Cc:     Steven Price <steven.price@....com>,
        Catalin Marinas <catalin.marinas@....com>,
        Ard Biesheuvel <ardb@...nel.org>,
        Marc Zyngier <maz@...nel.org>, Will Deacon <will@...nel.org>,
        Suzuki K Poulose <suzuki.poulose@....com>,
        James Morse <james.morse@....com>,
        Oliver Upton <oliver.upton@...ux.dev>,
        Zenghui Yu <yuzenghui@...wei.com>,
        linux-kernel@...r.kernel.org, Joey Gouly <joey.gouly@....com>,
        Alexandru Elisei <alexandru.elisei@....com>,
        Christoffer Dall <christoffer.dall@....com>,
        Fuad Tabba <tabba@...gle.com>, linux-coco@...ts.linux.dev
Subject: [RFC PATCH 00/14] arm64: Support for running as a guest in Arm CCA

This series is an RFC adding support for running Linux in a protected
VM under the new Arm Confidential Compute Architecture (CCA). The
purpose of this series is to gather feedback on the proposed changes to
the architecture code for CCA.

The ABI to the RMM from a realm (the RSI) is based on the Beta 0
specification[2] and will be updated in the future when a final version
of the specification is published.

This series is based on v6.2-rc1. It is also available as a git
repository:

https://gitlab.arm.com/linux-arm/linux-cca cca-guest/rfc-v1

Introduction
============
A more general introduction to Arm CCA is available on the Arm
website[3], and links to the other components involved are available in
the overall cover letter[4].

Arm Confidential Compute Architecture adds two new 'worlds' to the
architecture: Root and Realm. A new software component known as the RMM
(Realm Management Monitor) runs in Realm EL2 and is trusted by both the
Normal World and VMs running within Realms. This enables mutual
distrust between the Realm VMs and the Normal World.

Virtual machines running within a Realm can decide on a (4k)
page-by-page granularity whether to share a page with the (Normal World)
host or to keep it private (protected). This protection is provided by
the hardware and attempts to access a page which isn't shared by the
Normal World will trigger a Granule Protection Fault.

Realm VMs can communicate with the RMM via another SMC interface known
as RSI (Realm Services Interface). This series adds wrappers for the
full set of RSI commands and uses them to manage the Realm IPA State
(RIPAS) and to discover the configuration of the realm.

The VM running within the Realm needs to ensure that memory that is
going to use is marked as 'RIPAS_RAM' (i.e. protected memory accessible
only to the guest). This could be provided by the VMM (and subject to
measurement to ensure it is setup correctly) or the VM can set it
itself.  This series includes a patch which will iterate over all
described RAM and set the RIPAS. An alternative would be to update
booting.rst and state this as a requirement, but this would reduce the
flexibility of the VMM to manage the available memory to the guest (as
the initial RIPAS state is part of the guest's measurement).

Within the Realm the most-significant active bit of the IPA is used to
select whether the access is to protected memory or to memory shared
with the host. This series treats this bit as if it is attribute bit in
the page tables and will modify it when sharing/unsharing memory with
the host.

This top bit usage also necessitates that the IPA width is made more
dynamic in the guest. The VMM will choose a width (and therefore which
bit controls the shared flag) and the guest must be able to identify
this bit to mask it out when necessary. PHYS_MASK_SHIFT/PHYS_MASK are
therefore made dynamic.

To allow virtio to communicate with the host the shared buffers must be
placed in memory which has this top IPA bit set. This is achieved by
implementating the set_memory_{encrypted,decrypted} APIs for arm64 and
forcing the use of bounce buffers. For now all device access is
considered to required the memory to be shared, at this stage there is
no support for real devices to be assigned to a realm guest - obviously
if device assignment is added this will have to change.

Finally the GIC is (largely) emulated by the (untrusted) host. The RMM
provides some management (including register save/restore) but the
ITS buffers must be placed into shared memory for the host to emulate.
There is likely to be future work to harden the GIC driver against a
malicious host (along with any other drivers used within a Realm guest).

[1] https://lore.kernel.org/r/20221202061347.1070246-1-chao.p.peng%40linux.intel.com
[2] https://developer.arm.com/documentation/den0137/1-0bet0/
[3] https://www.arm.com/architecture/security-features/arm-confidential-compute-architecture
[4] https://lore.kernel.org/r/20230127112248.136810-1-suzuki.poulose%40arm.com

Steven Price (9):
  arm64: remove redundant 'extern'
  arm64: Detect if in a realm and set RIPAS RAM
  arm64: realm: Query IPA size from the RMM
  arm64: Mark all I/O as non-secure shared
  arm64: Make the PHYS_MASK_SHIFT dynamic
  arm64: Enforce bounce buffers for realm DMA
  arm64: Enable memory encrypt for Realms
  arm64: realm: Support nonsecure ITS emulation shared
  HACK: Accept prototype RSI version

Suzuki K Poulose (5):
  arm64: rsi: Add RSI definitions
  fixmap: Allow architecture overriding set_fixmap_io
  arm64: Override set_fixmap_io
  arm64: Force device mappings to be non-secure shared
  efi: arm64: Map Device with Prot Shared

 arch/arm64/Kconfig                     |   3 +
 arch/arm64/include/asm/fixmap.h        |   4 +-
 arch/arm64/include/asm/io.h            |   6 +-
 arch/arm64/include/asm/kvm_arm.h       |   2 +-
 arch/arm64/include/asm/mem_encrypt.h   |  19 ++++
 arch/arm64/include/asm/pgtable-hwdef.h |   4 +-
 arch/arm64/include/asm/pgtable-prot.h  |   2 +
 arch/arm64/include/asm/pgtable.h       |   7 +-
 arch/arm64/include/asm/rsi.h           |  46 +++++++++
 arch/arm64/include/asm/rsi_cmds.h      |  71 +++++++++++++
 arch/arm64/include/asm/rsi_smc.h       | 132 +++++++++++++++++++++++++
 arch/arm64/kernel/Makefile             |   2 +-
 arch/arm64/kernel/efi.c                |   2 +-
 arch/arm64/kernel/head.S               |   2 +-
 arch/arm64/kernel/rsi.c                |  82 +++++++++++++++
 arch/arm64/kernel/setup.c              |   3 +
 arch/arm64/kvm/Kconfig                 |   8 ++
 arch/arm64/mm/init.c                   |  10 +-
 arch/arm64/mm/mmu.c                    |  13 +++
 arch/arm64/mm/pageattr.c               |  48 ++++++++-
 drivers/irqchip/irq-gic-v3-its.c       |  95 +++++++++++++-----
 include/asm-generic/fixmap.h           |   2 +
 22 files changed, 523 insertions(+), 40 deletions(-)
 create mode 100644 arch/arm64/include/asm/mem_encrypt.h
 create mode 100644 arch/arm64/include/asm/rsi.h
 create mode 100644 arch/arm64/include/asm/rsi_cmds.h
 create mode 100644 arch/arm64/include/asm/rsi_smc.h
 create mode 100644 arch/arm64/kernel/rsi.c

-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ