kvmarm.lists.cs.columbia.edu archive mirror
 help / color / mirror / Atom feed
From: Jean-Philippe Brucker <jean-philippe@linaro.org>
To: Steven Price <steven.price@arm.com>
Cc: kvm@vger.kernel.org, kvmarm@lists.linux.dev,
	"Catalin Marinas" <catalin.marinas@arm.com>,
	"Marc Zyngier" <maz@kernel.org>, "Will Deacon" <will@kernel.org>,
	"James Morse" <james.morse@arm.com>,
	"Oliver Upton" <oliver.upton@linux.dev>,
	"Suzuki K Poulose" <suzuki.poulose@arm.com>,
	"Zenghui Yu" <yuzenghui@huawei.com>,
	linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org, "Joey Gouly" <joey.gouly@arm.com>,
	"Alexandru Elisei" <alexandru.elisei@arm.com>,
	"Christoffer Dall" <christoffer.dall@arm.com>,
	"Fuad Tabba" <tabba@google.com>,
	linux-coco@lists.linux.dev,
	"Ganapatrao Kulkarni" <gankulkarni@os.amperecomputing.com>,
	"Mathieu Poirier" <mathieu.poirier@linaro.org>,
	"Thomas Fossati" <thomas.fossati@linaro.org>,
	"Kevin Zhao" <kevin.zhao@linaro.org>,
	"Leonardo Augusto Guimarães Garcia" <leonardo.garcia@linaro.org>
Subject: Re: [v2] Support for Arm CCA VMs on Linux
Date: Fri, 12 Apr 2024 17:52:24 +0100	[thread overview]
Message-ID: <20240412165224.GA357251@myrica> (raw)
In-Reply-To: <20240412084056.1733704-1-steven.price@arm.com>

On Fri, Apr 12, 2024 at 09:40:56AM +0100, Steven Price wrote:
> We are happy to announce the second version of the Arm Confidential
> Compute Architecture (CCA) support for the Linux stack. The intention is
> to seek early feedback in the following areas:
>  * KVM integration of the Arm CCA;
>  * KVM UABI for managing the Realms, seeking to generalise the
>    operations where possible with other Confidential Compute solutions;
>  * Linux Guest support for Realms.
> 
> See the previous RFC[1] for a more detailed overview of Arm's CCA
> solution, or visible the Arm CCA Landing page[2].
> 
> This series is based on the final RMM v1.0 (EAC5) specification[3].

Instructions for building and running the CCA stack on QEMU, both as
system emulation and VMM, are available here:
https://linaro.atlassian.net/wiki/spaces/QEMU/pages/29051027459/Building+an+RME+stack+for+QEMU

I'll send out the QEMU VMM patches shortly:
https://git.codelinaro.org/linaro/dcap/qemu.git branch cca/v2

Thanks,
Jean

> [1] Previous RFC
>     https://lore.kernel.org/r/20230127112248.136810-1-suzuki.poulose%40arm.com
> [2] Arm CCA Landing page (See Key Resources section for various documentation)
>     https://www.arm.com/architecture/security-features/arm-confidential-compute-architecture
> [3] RMM v1.0-EAC5 specification
>     https://developer.arm.com/documentation/den0137/1-0eac5/
> [4] Shrinkwrap
>     https://git.gitlab.arm.com/tooling/shrinkwrap
> [5] Linux support for Arm CCA RMM v1.0-EAC5
>     https://lore.kernel.org/r/fb259449-026e-4083-a02b-f8a4ebea1f87%40arm.com


> 

      parent reply	other threads:[~2024-04-12 16:52 UTC|newest]

Thread overview: 132+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-12  8:40 [v2] Support for Arm CCA VMs on Linux Steven Price
2024-04-11 18:54 ` Itaru Kitayama
2024-04-15  8:14   ` Steven Price
2024-04-12  8:41 ` [PATCH v2 00/14] arm64: Support for running as a guest in Arm CCA Steven Price
2024-04-12  8:42   ` [PATCH v2 01/14] arm64: rsi: Add RSI definitions Steven Price
2024-04-12  8:42   ` [PATCH v2 02/14] arm64: Detect if in a realm and set RIPAS RAM Steven Price
2024-05-10 17:35     ` Catalin Marinas
2024-05-14 10:18       ` Suzuki K Poulose
2024-05-16 14:32         ` Catalin Marinas
2024-05-15 15:03       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 03/14] arm64: realm: Query IPA size from the RMM Steven Price
2024-05-13 14:03     ` Catalin Marinas
2024-05-16 15:13       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 04/14] arm64: Mark all I/O as non-secure shared Steven Price
2024-04-12  8:42   ` [PATCH v2 05/14] fixmap: Allow architecture overriding set_fixmap_io Steven Price
2024-04-12  8:42   ` [PATCH v2 06/14] arm64: Override set_fixmap_io Steven Price
2024-05-13 16:14     ` Catalin Marinas
2024-05-14 10:21       ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 07/14] arm64: Make the PHYS_MASK_SHIFT dynamic Steven Price
2024-05-13 16:38     ` Catalin Marinas
2024-05-16 15:34       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 08/14] arm64: Enforce bounce buffers for realm DMA Steven Price
2024-05-13 16:56     ` Catalin Marinas
2024-04-12  8:42   ` [PATCH v2 09/14] arm64: Enable memory encrypt for Realms Steven Price
2024-04-15  3:13     ` kernel test robot
2024-04-25 13:42       ` Suzuki K Poulose
2024-04-25 15:52         ` Steven Price
2024-04-25 16:29         ` Suzuki K Poulose
2024-04-25 18:16           ` Emanuele Rocca
2024-05-14 18:00     ` Catalin Marinas
2024-05-15 10:47       ` Suzuki K Poulose
2024-05-16  7:48         ` Catalin Marinas
2024-05-16  9:06           ` Suzuki K Poulose
2024-05-20 16:53         ` Catalin Marinas
2024-05-20 20:32           ` Michael Kelley
2024-05-21 10:14             ` Catalin Marinas
2024-05-21 15:58               ` Michael Kelley
2024-04-12  8:42   ` [PATCH v2 10/14] arm64: Force device mappings to be non-secure shared Steven Price
2024-05-15  9:01     ` Catalin Marinas
2024-05-15 11:00       ` Suzuki K Poulose
2024-05-17  9:34         ` Catalin Marinas
2024-04-12  8:42   ` [PATCH v2 11/14] efi: arm64: Map Device with Prot Shared Steven Price
2024-04-12  8:42   ` [PATCH v2 12/14] arm64: realm: Support nonsecure ITS emulation shared Steven Price
2024-05-15 11:01     ` Catalin Marinas
2024-05-22 15:52       ` Steven Price
2024-05-22 17:05         ` Catalin Marinas
2024-05-23  9:57           ` Steven Price
2024-04-12  8:42   ` [PATCH v2 13/14] arm64: rsi: Interfaces to query attestation token Steven Price
2024-05-15 11:10     ` Catalin Marinas
2024-05-22 15:52       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 14/14] virt: arm-cca-guest: TSM_REPORT support for realms Steven Price
2024-04-24 13:06     ` Thomas Fossati
2024-04-24 13:27       ` Suzuki K Poulose
2024-04-24 13:19     ` Suzuki K Poulose
2024-04-12  8:42 ` [PATCH v2 00/43] arm64: Support for Arm CCA in KVM Steven Price
2024-04-12  8:42   ` [PATCH v2 01/43] KVM: Prepare for handling only shared mappings in mmu_notifier events Steven Price
2024-04-25  9:48     ` Fuad Tabba
2024-04-25 15:58       ` Steven Price
2024-04-25 22:56         ` Sean Christopherson
2024-04-12  8:42   ` [PATCH v2 02/43] kvm: arm64: pgtable: Track the number of pages in the entry level Steven Price
2024-04-12  8:42   ` [PATCH v2 03/43] kvm: arm64: Include kvm_emulate.h in kvm/arm_psci.h Steven Price
2024-04-12  8:42   ` [PATCH v2 04/43] arm64: RME: Handle Granule Protection Faults (GPFs) Steven Price
2024-04-16 11:17     ` Suzuki K Poulose
2024-04-18 13:17       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 05/43] arm64: RME: Add SMC definitions for calling the RMM Steven Price
2024-04-16 12:38     ` Suzuki K Poulose
2024-04-18 13:17       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 06/43] arm64: RME: Add wrappers for RMI calls Steven Price
2024-04-16 13:14     ` Suzuki K Poulose
2024-04-19 11:18       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 07/43] arm64: RME: Check for RME support at KVM init Steven Price
2024-04-16 13:30     ` Suzuki K Poulose
2024-04-22 15:39       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 08/43] arm64: RME: Define the user ABI Steven Price
2024-04-12  8:42   ` [PATCH v2 09/43] arm64: RME: ioctls to create and configure realms Steven Price
2024-04-17  9:51     ` Suzuki K Poulose
2024-04-22 16:33       ` Steven Price
2024-04-18 16:04     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 10/43] kvm: arm64: Expose debug HW register numbers for Realm Steven Price
2024-04-12  8:42   ` [PATCH v2 11/43] arm64: kvm: Allow passing machine type in KVM creation Steven Price
2024-04-17 10:20     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 12/43] arm64: RME: Keep a spare page delegated to the RMM Steven Price
2024-04-17 10:19     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 13/43] arm64: RME: RTT handling Steven Price
2024-04-17 13:37     ` Suzuki K Poulose
2024-04-24 10:59       ` Steven Price
2024-04-12  8:42   ` [PATCH v2 14/43] arm64: RME: Allocate/free RECs to match vCPUs Steven Price
2024-04-18  9:23     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 15/43] arm64: RME: Support for the VGIC in realms Steven Price
2024-04-12  8:42   ` [PATCH v2 16/43] KVM: arm64: Support timers in realm RECs Steven Price
2024-04-18  9:30     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 17/43] arm64: RME: Allow VMM to set RIPAS Steven Price
2024-04-19  9:34     ` Suzuki K Poulose
2024-04-19 10:20       ` Suzuki K Poulose
2024-05-01 15:47       ` Steven Price
2024-05-02 10:16         ` Suzuki K Poulose
2024-04-25  9:53     ` Fuad Tabba
2024-05-01 14:27     ` Jean-Philippe Brucker
2024-05-01 14:56       ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 18/43] arm64: RME: Handle realm enter/exit Steven Price
2024-04-19 13:00     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 19/43] KVM: arm64: Handle realm MMIO emulation Steven Price
2024-04-12  8:42   ` [PATCH v2 20/43] arm64: RME: Allow populating initial contents Steven Price
2024-04-19 13:17     ` Suzuki K Poulose
2024-04-12  8:42   ` [PATCH v2 21/43] arm64: RME: Runtime faulting of memory Steven Price
2024-04-25 10:43     ` Fuad Tabba
2024-04-12  8:42   ` [PATCH v2 22/43] KVM: arm64: Handle realm VCPU load Steven Price
2024-04-12  8:42   ` [PATCH v2 23/43] KVM: arm64: Validate register access for a Realm VM Steven Price
2024-04-12  8:42   ` [PATCH v2 24/43] KVM: arm64: Handle Realm PSCI requests Steven Price
2024-04-12  8:42   ` [PATCH v2 25/43] KVM: arm64: WARN on injected undef exceptions Steven Price
2024-04-12  8:42   ` [PATCH v2 26/43] arm64: Don't expose stolen time for realm guests Steven Price
2024-04-12  8:42   ` [PATCH v2 27/43] arm64: rme: allow userspace to inject aborts Steven Price
2024-04-12  8:42   ` [PATCH v2 28/43] arm64: rme: support RSI_HOST_CALL Steven Price
2024-04-12  8:42   ` [PATCH v2 29/43] arm64: rme: Allow checking SVE on VM instance Steven Price
2024-04-12  8:42   ` [PATCH v2 30/43] arm64: RME: Always use 4k pages for realms Steven Price
2024-04-12  8:42   ` [PATCH v2 31/43] arm64: rme: Prevent Device mappings for Realms Steven Price
2024-04-12  8:42   ` [PATCH v2 32/43] arm_pmu: Provide a mechanism for disabling the physical IRQ Steven Price
2024-04-12  8:42   ` [PATCH v2 33/43] arm64: rme: Enable PMU support with a realm guest Steven Price
2024-04-13 23:44     ` kernel test robot
2024-04-18 16:06       ` Suzuki K Poulose
2024-04-12  8:43   ` [PATCH v2 34/43] kvm: rme: Hide KVM_CAP_READONLY_MEM for realm guests Steven Price
2024-04-12  8:43   ` [PATCH v2 35/43] arm64: RME: Propagate number of breakpoints and watchpoints to userspace Steven Price
2024-04-12  8:43   ` [PATCH v2 36/43] arm64: RME: Set breakpoint parameters through SET_ONE_REG Steven Price
2024-04-12  8:43   ` [PATCH v2 37/43] arm64: RME: Initialize PMCR.N with number counter supported by RMM Steven Price
2024-04-12  8:43   ` [PATCH v2 38/43] arm64: RME: Propagate max SVE vector length from RMM Steven Price
2024-04-12  8:43   ` [PATCH v2 39/43] arm64: RME: Configure max SVE vector length for a Realm Steven Price
2024-04-12  8:43   ` [PATCH v2 40/43] arm64: RME: Provide register list for unfinalized RME RECs Steven Price
2024-04-12  8:43   ` [PATCH v2 41/43] arm64: RME: Provide accurate register list Steven Price
2024-04-12  8:43   ` [PATCH v2 42/43] arm64: kvm: Expose support for private memory Steven Price
2024-04-25 14:44     ` Fuad Tabba
2024-04-12  8:43   ` [PATCH v2 43/43] KVM: arm64: Allow activating realms Steven Price
2024-04-12 16:52 ` Jean-Philippe Brucker [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240412165224.GA357251@myrica \
    --to=jean-philippe@linaro.org \
    --cc=alexandru.elisei@arm.com \
    --cc=catalin.marinas@arm.com \
    --cc=christoffer.dall@arm.com \
    --cc=gankulkarni@os.amperecomputing.com \
    --cc=james.morse@arm.com \
    --cc=joey.gouly@arm.com \
    --cc=kevin.zhao@linaro.org \
    --cc=kvm@vger.kernel.org \
    --cc=kvmarm@lists.linux.dev \
    --cc=leonardo.garcia@linaro.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-coco@lists.linux.dev \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mathieu.poirier@linaro.org \
    --cc=maz@kernel.org \
    --cc=oliver.upton@linux.dev \
    --cc=steven.price@arm.com \
    --cc=suzuki.poulose@arm.com \
    --cc=tabba@google.com \
    --cc=thomas.fossati@linaro.org \
    --cc=will@kernel.org \
    --cc=yuzenghui@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).