From: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org>
To: linux-coco@lists.linux.dev, kvmarm@lists.linux.dev,
linux-arm-kernel@lists.infradead.org
Cc: linux-kernel@vger.kernel.org,
"Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org>,
Marc Zyngier <maz@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Jason Gunthorpe <jgg@ziepe.ca>,
Dan Williams <dan.j.williams@intel.com>,
Alexey Kardashevskiy <aik@amd.com>,
Samuel Ortiz <sameo@rivosinc.com>,
Xu Yilun <yilun.xu@linux.intel.com>,
Suzuki K Poulose <Suzuki.Poulose@arm.com>,
Steven Price <steven.price@arm.com>,
Jonathan Cameron <jonathan.cameron@huawei.com>
Subject: [RFC PATCH v3 09/11] coco: guest: arm64: Hook TSM accept to Realm TDISP RUN transition
Date: Thu, 12 Mar 2026 13:34:40 +0530 [thread overview]
Message-ID: <20260312080442.3485633-10-aneesh.kumar@kernel.org> (raw)
In-Reply-To: <20260312080442.3485633-1-aneesh.kumar@kernel.org>
Add an accept callback in pci_tsm_ops and implement cca_device_accept() to:
- verify evidence generation (lock_nonce)
- allocate and register protected MMIO ranges
- transition TDI state to RUN
Cc: Marc Zyngier <maz@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Alexey Kardashevskiy <aik@amd.com>
Cc: Samuel Ortiz <sameo@rivosinc.com>
Cc: Xu Yilun <yilun.xu@linux.intel.com>
Cc: Suzuki K Poulose <Suzuki.Poulose@arm.com>
Cc: Steven Price <steven.price@arm.com>
Reviewed-by: Jonathan Cameron <jonathan.cameron@huawei.com>
Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@kernel.org>
---
drivers/virt/coco/arm-cca-guest/arm-cca.c | 20 +++++++++++
drivers/virt/coco/arm-cca-guest/rsi-da.c | 43 +++++++++++++++++++++++
drivers/virt/coco/arm-cca-guest/rsi-da.h | 1 +
3 files changed, 64 insertions(+)
diff --git a/drivers/virt/coco/arm-cca-guest/arm-cca.c b/drivers/virt/coco/arm-cca-guest/arm-cca.c
index 80ee20c8a7a6..84152f505b10 100644
--- a/drivers/virt/coco/arm-cca-guest/arm-cca.c
+++ b/drivers/virt/coco/arm-cca-guest/arm-cca.c
@@ -499,9 +499,29 @@ static void cca_tsm_unlock(struct pci_tsm *tsm)
kfree(cca_dsc);
}
+static int __cca_tsm_accept(struct pci_dev *pdev, unsigned long lock_nonce)
+{
+ int ret;
+
+ ret = cca_device_accept(pdev, lock_nonce);
+ if (ret) {
+ pci_err(pdev, "failed to transition the device to run state (%d)\n", ret);
+ return ret;
+ }
+ return 0;
+}
+
+static int cca_tsm_accept(struct pci_dev *pdev)
+{
+ struct cca_guest_dsc *dsc = to_cca_guest_dsc(pdev);
+
+ return __cca_tsm_accept(pdev, dsc->dev_info.lock_nonce);
+}
+
static struct pci_tsm_ops cca_devsec_pci_ops = {
.lock = cca_tsm_lock,
.unlock = cca_tsm_unlock,
+ .accept = cca_tsm_accept,
};
static void cca_devsec_tsm_remove(void *tsm_dev)
diff --git a/drivers/virt/coco/arm-cca-guest/rsi-da.c b/drivers/virt/coco/arm-cca-guest/rsi-da.c
index 6f40329ac2f9..4030fa213ff4 100644
--- a/drivers/virt/coco/arm-cca-guest/rsi-da.c
+++ b/drivers/virt/coco/arm-cca-guest/rsi-da.c
@@ -230,3 +230,46 @@ int cca_verify_digests(u64 hash_algo,
}
return 0;
}
+
+int cca_device_accept(struct pci_dev *pdev, unsigned long lock_nonce)
+{
+ int ret;
+ struct cca_guest_dsc *dsc = to_cca_guest_dsc(pdev);
+
+ if (lock_nonce != dsc->dev_info.lock_nonce) {
+ pci_err(pdev, "Device evidence generation mismatch\n");
+ return -EIO;
+ }
+
+ /* Allocation private mmio range based on interface report. */
+ struct pci_tsm_mmio *tsm_mmio __free(kfree) = pci_tsm_mmio_alloc(pdev);
+ if (!tsm_mmio) {
+ pci_err(pdev, "Protected mmio range allocation failure\n");
+ return -ENOMEM;
+ }
+
+ /*
+ * Present the private mmio range in the resource hierarchy.
+ * We don't use this for ioremap, ioremap check the RIPAS value.
+ */
+ ret = pci_tsm_mmio_setup(pdev, tsm_mmio);
+ if (ret) {
+ pci_err(pdev, "Protected mmio setup failure\n");
+ return ret;
+ }
+
+ ret = cca_map_evidence_report_range(pdev, tsm_mmio);
+ if (ret) {
+ pci_err(pdev, "failed to validate the interface report\n");
+ return ret;
+ }
+
+ ret = rhi_vdev_set_tdi_state(pdev, RHI_DA_TDI_CONFIG_RUN);
+ if (ret) {
+ pci_err(pdev, "failed to switch the device (%u) to RUN state\n", ret);
+ return ret;
+ }
+
+ dsc->pci.mmio = no_free_ptr(tsm_mmio);
+ return 0;
+}
diff --git a/drivers/virt/coco/arm-cca-guest/rsi-da.h b/drivers/virt/coco/arm-cca-guest/rsi-da.h
index 4903a770412e..c550926145a0 100644
--- a/drivers/virt/coco/arm-cca-guest/rsi-da.h
+++ b/drivers/virt/coco/arm-cca-guest/rsi-da.h
@@ -61,4 +61,5 @@ int cca_verify_digests(u64 hash_algo,
uint8_t *interface_report, size_t interface_report_size,
uint8_t *measurements, size_t measurements_size,
struct rsi_vdevice_info *dev_info);
+int cca_device_accept(struct pci_dev *pdev, unsigned long lock_nonce);
#endif
--
2.43.0
next prev parent reply other threads:[~2026-03-12 8:05 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-12 8:04 [RFC PATCH v3 00/11] coco/TSM: Arm CCA guest TDISP lock/accept flow with verification and DMA enable Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 01/11] coco: guest: arm64: Guest TSM callback and realm device lock support Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 02/11] coco: guest: arm64: Fix a typo in the ARM_CCA_GUEST Kconfig help string ("and" -> "an") Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 03/11] coco: guest: arm64: Add Realm Host Interface and guest DA helper Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 04/11] coco: guest: arm64: Support guest-initiated TDI lock/unlock transitions Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 05/11] coco: guest: arm64: Refresh interface-report cache during device lock Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 06/11] coco: guest: arm64: Add measurement refresh via RHI_DA_VDEV_GET_MEASUREMENTS Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 07/11] coco: guest: arm64: Add guest APIs to read host-cached DA objects Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 08/11] coco: guest: arm64: Verify DA evidence with RSI_VDEV_GET_INFO digests Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` Aneesh Kumar K.V (Arm) [this message]
2026-03-12 8:04 ` [RFC PATCH v3 10/11] coco: arm64: dma: Update force_dma_unencrypted for accepted devices Aneesh Kumar K.V (Arm)
2026-03-12 8:04 ` [RFC PATCH v3 11/11] coco: guest: arm64: Enable vdev DMA after attestation Aneesh Kumar K.V (Arm)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260312080442.3485633-10-aneesh.kumar@kernel.org \
--to=aneesh.kumar@kernel.org \
--cc=Jonathan.Cameron@huawei.com \
--cc=Suzuki.Poulose@arm.com \
--cc=aik@amd.com \
--cc=catalin.marinas@arm.com \
--cc=dan.j.williams@intel.com \
--cc=jgg@ziepe.ca \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=sameo@rivosinc.com \
--cc=steven.price@arm.com \
--cc=will@kernel.org \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.