From: Srivatsa Vaddagiri <quic_svaddagi@quicinc.com>
To: "Daniel P. Berrang?" <berrange@redhat.com>
Cc: <peter.maydell@linaro.org>, <philmd@linaro.org>,
<alex.bennee@linaro.org>, <qemu-devel@nongnu.org>,
<qemu-arm@nongnu.org>, <quic_tsoni@quicinc.com>,
<quic_pheragu@quicinc.com>, <quic_eberman@quicinc.com>,
<quic_yvasi@quicinc.com>, <quic_cvanscha@quicinc.com>,
<quic_mnalajal@quicinc.com>
Subject: Re: [RFC/PATCH v2 03/12] hw/arm/virt: confidential guest support
Date: Fri, 17 May 2024 01:11:57 +0530 [thread overview]
Message-ID: <20240516194157.GA440762@quicinc.com> (raw)
In-Reply-To: <ZkYgeGSPxD_yt5oa@redhat.com>
* Daniel P. Berrang? <berrange@redhat.com> [2024-05-16 16:04:24]:
> On Thu, May 16, 2024 at 02:33:47PM +0000, Srivatsa Vaddagiri wrote:
> > This adds support to launch hypervisor-assisted confidential guests,
> > where guest's memory is protected from a potentially untrusted host.
> > Hypervisor can setup host's page-tables so that it loses access to guest
> > memory.
> >
> > Since some guest drivers may need to communicate data with their host
> > counterparts via shared memory, optionally allow setting aside some part
> > of the confidential guest's memory as "shared". The size of this shared
> > memory is specified via the optional "swiotlb-size" parameter.
> >
> > -machine virt,confidential-guest-support=prot0 \
> > -object arm-confidential-guest,id=prot0,swiotlb-size=16777216
> >
> > The size of this shared memory is indicated to the guest in size/reg
> > property of device-tree node "/reserved-memory/restricted_dma_reserved".
> > A memory-region property is added to device-tree node representing
> > virtio-pcie hub, so that all DMA allocations requested by guest's virtio-pcie
> > device drivers are satisfied from the shared swiotlb region.
>
> For reference, there is another series proposing confidential guest
> support for the 'virt' machine on AArch64 with KVM
>
> https://lists.nongnu.org/archive/html/qemu-devel/2024-04/msg02742.html
>
> I've no idea how closely your impl matches the KVM proposed impl. ie
> whether we need 2 distinct "ConfidentialGuest" subclasses for KVM vs
> Gunyah, or whether 1 can cope with both. If we do need 2 distinct
> subclasses for each hypervisor, then calling this Gunyah targetted
> object 'arm-confidential-guest' is too broad of an name.
Thanks for that pointer! Let me study the proposed KVM implementation and
see how we can consolidate support for KVM and Gunyah hypervisors.
- vatsa
next prev parent reply other threads:[~2024-05-16 19:42 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-16 14:33 [RFC/PATCH v2 00/12] Gunyah hypervisor support Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 01/12] gunyah: UAPI header (NOT FOR MERGE) Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 02/12] accel: Introduce check_capability() callback Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 03/12] hw/arm/virt: confidential guest support Srivatsa Vaddagiri
2024-05-16 15:04 ` Daniel P. Berrangé
2024-05-16 19:41 ` Srivatsa Vaddagiri [this message]
2024-05-16 14:33 ` [RFC/PATCH v2 04/12] gunyah: Basic support Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 05/12] gunyah: Support memory assignment Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 06/12] gunyah: Add IRQFD and IOEVENTFD functions Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 07/12] gunyah: Add gicv3 interrupt controller Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 08/12] gunyah: Specific device-tree location Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 09/12] gunyah: Customize device-tree Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 10/12] gunyah: CPU execution loop Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 11/12] gunyah: Workarounds (NOT FOR MERGE) Srivatsa Vaddagiri
2024-05-16 14:33 ` [RFC/PATCH v2 12/12] gunyah: Documentation Srivatsa Vaddagiri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240516194157.GA440762@quicinc.com \
--to=quic_svaddagi@quicinc.com \
--cc=alex.bennee@linaro.org \
--cc=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=quic_cvanscha@quicinc.com \
--cc=quic_eberman@quicinc.com \
--cc=quic_mnalajal@quicinc.com \
--cc=quic_pheragu@quicinc.com \
--cc=quic_tsoni@quicinc.com \
--cc=quic_yvasi@quicinc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.