| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251117140007.122062-1-aneesh.kumar@kernel.org>
Date: Mon, 17 Nov 2025 19:29:56 +0530
From: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@...nel.org>
To: linux-coco@...ts.linux.dev,
kvmarm@...ts.linux.dev
Cc: linux-pci@...r.kernel.org,
linux-kernel@...r.kernel.org,
dan.j.williams@...el.com,
aik@....com,
lukas@...ner.de,
Samuel Ortiz <sameo@...osinc.com>,
Xu Yilun <yilun.xu@...ux.intel.com>,
Jason Gunthorpe <jgg@...pe.ca>,
Suzuki K Poulose <Suzuki.Poulose@....com>,
Steven Price <steven.price@....com>,
Bjorn Helgaas <helgaas@...nel.org>,
Jonathan Cameron <Jonathan.Cameron@...wei.com>,
Catalin Marinas <catalin.marinas@....com>,
Marc Zyngier <maz@...nel.org>,
Will Deacon <will@...nel.org>,
Oliver Upton <oliver.upton@...ux.dev>,
"Aneesh Kumar K.V (Arm)" <aneesh.kumar@...nel.org>
Subject: [PATCH v2 00/11] TSM: Implement ->lock()/->accept() callbacks for ARM CCA TDISP setup
This patch series implements the TSM ->lock(), ->unlock and ->accept() callbacks
required for the TDISP setup with ARM CCA described in the RMM ALP17 specification [1].
The series builds upon the TSM framework patches posted at [2] . A git repository
containing all the related changes is available at [3].
Testing / Usage
echo ${DEVICE} > /sys/bus/pci/devices/${DEVICE}/driver/unbind
To Transition the device to TDISP LOCK state:
echo tsm0 > /sys/bus/pci/devices/${DEVICE}/tsm/lock
To Transition the device to TDISP RUN state:
echo 1 > /sys/bus/pci/devices/${DEVICE}/tsm/accept
echo ${DEVICE} > /sys/bus/pci/drivers_probe
[1] https://developer.arm.com/-/cdn-downloads/permalink/Architectures/Armv9/DEN0137_1.1-alp17.zip
[2] https://lore.kernel.org/all/20251024020418.1366664-1-dan.j.williams@intel.com/
[3] https://git.gitlab.arm.com/linux-arm/linux-cca.git cca/topics/cca-guest-setup-upstream-v2
Aneesh Kumar K.V (Arm) (11):
coco: guest: arm64: Guest TSM callback and realm device lock support
coco: guest: arm64: Add Realm Host Interface and guest DA helper
coco: guest: arm64: Add support for guest initiated TDI bind/unbind
coco: guest: arm64: Add support for updating interface reports from
device
coco: guest: arm64: Add support for updating measurements from device
coco: guest: arm64: Add support for reading cached objects from host
coco: guest: arm64: Validate Realm MMIO mappings from TDISP report
coco: guest: arm64: Add support for fetching and verifying device info
coco: guest: arm64: Wire Realm TDISP RUN/STOP transitions into guest
driver
coco: arm64: dma: Update force_dma_unencrypted for accepted devices
coco: guest: arm64: Enable vdev DMA after attestation
arch/arm64/include/asm/mem_encrypt.h | 6 +-
arch/arm64/include/asm/rhi.h | 77 +++++
arch/arm64/include/asm/rsi.h | 3 +
arch/arm64/include/asm/rsi_cmds.h | 81 +++++
arch/arm64/include/asm/rsi_smc.h | 58 ++++
arch/arm64/kernel/rsi.c | 11 +
arch/arm64/mm/mem_encrypt.c | 10 +
drivers/virt/coco/Makefile | 2 +-
drivers/virt/coco/arm-cca-guest/Kconfig | 10 +-
drivers/virt/coco/arm-cca-guest/Makefile | 3 +-
drivers/virt/coco/arm-cca-guest/arm-cca.c | 95 +++++-
drivers/virt/coco/arm-cca-guest/rhi-da.c | 330 ++++++++++++++++++++
drivers/virt/coco/arm-cca-guest/rhi-da.h | 18 ++
drivers/virt/coco/arm-cca-guest/rsi-da.c | 354 ++++++++++++++++++++++
drivers/virt/coco/arm-cca-guest/rsi-da.h | 83 +++++
include/linux/swiotlb.h | 5 +
16 files changed, 1137 insertions(+), 9 deletions(-)
create mode 100644 arch/arm64/include/asm/rhi.h
create mode 100644 drivers/virt/coco/arm-cca-guest/rhi-da.c
create mode 100644 drivers/virt/coco/arm-cca-guest/rhi-da.h
create mode 100644 drivers/virt/coco/arm-cca-guest/rsi-da.c
create mode 100644 drivers/virt/coco/arm-cca-guest/rsi-da.h
--
2.43.0
Powered by blists - more mailing lists