[PATCH 0/3] arm64/virt: Add Arm CCA measurement register support

public inbox for linux-arm-kernel@lists.infradead.org
 help / color / mirror / Atom feed

From: Sami Mujawar <sami.mujawar@arm.com>
To: <linux-arm-kernel@lists.infradead.org>, <linux-kernel@vger.kernel.org>
Cc: <catalin.marinas@arm.com>, <will@kernel.org>, <jgg@ziepe.ca>,
	<thuth@redhat.com>, <Suzuki.Poulose@arm.com>,
	<steven.price@arm.com>, <gshan@redhat.com>, <YeoReum.Yun@arm.com>,
	Sami Mujawar <sami.mujawar@arm.com>
Subject: [PATCH 0/3] arm64/virt: Add Arm CCA measurement register support
Date: Mon, 13 Apr 2026 09:49:54 +0100	[thread overview]
Message-ID: <20260413084957.327661-1-sami.mujawar@arm.com> (raw)

This series adds support for Arm Confidential Compute Architecture (CCA)
measurement registers in the Linux kernel, enabling guest Realms to
access, extend, and expose measurement values for attestation and runtime
integrity tracking.

The Realm Management Monitor (RMM) defines a set of measurement registers
consisting of a Realm Initial Measurement (RIM) and a number of Realm
Extensible Measurements (REMs). This series introduces the necessary
infrastructure to interact with these registers via the RSI interface
and exposes them to userspace through the TSM measurement framework.

At a high level, the series includes:
 - Helper interfaces for reading and extending measurement
   registers via RSI
 - Definitions for Realm hash algorithms as defined by the 
   RMM specification
 - Integration with the TSM measurement subsystem and sysfs
   exposure for userspace visibility and interaction

After applying this series, measurement registers are exposed under:
    /sys/devices/virtual/misc/arm_cca_guest/measurements/

  Where:
   - rim is read-only (initial measurement)
   - rem[0-3] are read/write (extensible measurements)
   - The hash algorithm reflects the Realm configuration

Patch summary:
 1. arm64: rsi: Add helpers for Arm CCA measurement registers
   - Introduces RSI helper APIs to read and extend RIM/REM registers

 2. arm64: rsi: Add realm hash algorithm defines
   - Adds definitions for SHA-256 and SHA-512 identifiers returned
     by the RMM

 3. virt: arm-cca-guest: Add support for measurement registers
   - Integrates with TSM measurement framework
   - Implements measurement register refresh and extend operations
   - Exposes registers via sysfs using a misc device
   - Dynamically configures hash algorithm and digest size per Realm

This enables a consistent mechanism for attestation-related measurements
in Arm CCA guests and aligns with the kernel TSM measurement abstraction.

Feedback is very welcome.

Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>

Sami Mujawar (3):
  arm64: rsi: Add helpers for Arm CCA measurement register operations
  arm64: rsi: Add realm hash algorithm defines
  virt: arm-cca-guest: Add support for measurement registers

 .../sysfs-devices-virtual-misc-arm_cca_guest  |  38 +++
 arch/arm64/include/asm/rsi_cmds.h             | 105 ++++++-
 arch/arm64/include/asm/rsi_smc.h              |   7 +
 drivers/virt/coco/arm-cca-guest/Kconfig       |   1 +
 .../virt/coco/arm-cca-guest/arm-cca-guest.c   | 296 +++++++++++++++++-
 5 files changed, 442 insertions(+), 5 deletions(-)
 create mode 100644 Documentation/ABI/testing/sysfs-devices-virtual-misc-arm_cca_guest

-- 
SAMI:{C3F47F37-75D8-414A-A8BA-3980EC8A46D7}

next             reply	other threads:[~2026-04-13  8:52 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-13  8:49 Sami Mujawar [this message]
2026-04-13  8:49 ` [PATCH 1/3] arm64: rsi: Add helpers for Arm CCA measurement register operations Sami Mujawar
2026-04-13  8:49 ` [PATCH 2/3] arm64: rsi: Add realm hash algorithm defines Sami Mujawar
2026-04-13  8:49 ` [PATCH 3/3] virt: arm-cca-guest: Add support for measurement registers Sami Mujawar
2026-04-13 12:59 ` [PATCH 0/3] arm64/virt: Add Arm CCA measurement register support Jason Gunthorpe
2026-04-14 10:10   ` Suzuki K Poulose
2026-04-14 12:29     ` Jason Gunthorpe
2026-04-14 13:26       ` Suzuki K Poulose
2026-04-14 13:35         ` Jason Gunthorpe

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260413084957.327661-1-sami.mujawar@arm.com \
    --to=sami.mujawar@arm.com \
    --cc=Suzuki.Poulose@arm.com \
    --cc=YeoReum.Yun@arm.com \
    --cc=catalin.marinas@arm.com \
    --cc=gshan@redhat.com \
    --cc=jgg@ziepe.ca \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=steven.price@arm.com \
    --cc=thuth@redhat.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox