From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 42D9AC25B75 for ; Mon, 3 Jun 2024 12:52:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=t8LCEO4Or+1BAG/TJtGi1Q7JSrh3cqnPZo8nKdxzYk4=; b=DvvaqLjYe1rPg8 L7/o14y8au5thD0gEzyIH6T21hFz3FadcNhc27o95OylYKEqhYiKLQ1us1xe/rpiWKM4GeMzbqZx8 bMGZg/+MAHaAQ1Kv2goL0WQ0n5FV0MWzqTfXCszIgYjshazplXSLQZ10fVXQ3TKWvqbdcgvtZmk0Y fvoFg4Q95duCiMbPMxqLDGW2uAPD5qw256KJCVM9CBHEh1se5GsX28YocwmL02iAFR5G3WrExa8YK XcpL2oYqiFqY8oLQmL83bG3xT19rqaZNnnwoXNtElL9l2+n5Q1ISRLWkJaK4iMLwrjizZZBwjbKM2 FBRI2Gqj42xRmBkb6U3Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sE7AJ-0000000GkxJ-3K6P; Mon, 03 Jun 2024 12:51:55 +0000 Received: from us-smtp-delivery-124.mimecast.com ([170.10.129.124]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sE7AH-0000000Gkwc-398J for linux-arm-kernel@lists.infradead.org; Mon, 03 Jun 2024 12:51:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1717419111; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=vvVHIigXFPVUayvTKyguWiQDKu5Se4crNY0w/f8to1o=; b=SR4btOaaj+/0SHk8Ip0mWxEZKG/xm+lObq9BlCygWeBEBBQZnlm99uPQ92oqem00ffKrR3 Y3TJGEjVx/MlOzoO0gnXSZpoFIcTKaLpgaL2ullVf9rZz8VvGEb6/NqoeOe6zD596HjJQ6 vQ+y8vozATyfWM3nJyW5BsxhKzqW6lo= Received: from mail-lf1-f72.google.com (mail-lf1-f72.google.com [209.85.167.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-404-TZK9xVlTMWi2grkOUV9PGQ-1; Mon, 03 Jun 2024 08:50:11 -0400 X-MC-Unique: TZK9xVlTMWi2grkOUV9PGQ-1 Received: by mail-lf1-f72.google.com with SMTP id 2adb3069b0e04-52b83657cc3so3232538e87.0 for ; Mon, 03 Jun 2024 05:50:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717419009; x=1718023809; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=vvVHIigXFPVUayvTKyguWiQDKu5Se4crNY0w/f8to1o=; b=DPbUHIQJrU0YXBy8kDF9hVMrjBImqvrq2w8K4bD5ER2SkUCtiyHB+6VanWv7UmLP7z Ak8YN79Nj8y3D380VEGsG04fbnBLF+FnwncnznQRFm9UnYMZ/PkAlzdFShOqYcyuB3wl HiWoXi0GwXjq75VGNRcCwZsAHOLk+S0l2CdTnJpzTLAR+lymG77u/1yHK2jWSjU89Ed1 uirRej1ywey65W6vEJes+UBsuN+8XYJKuCpuqzrNN4NjEKeDqVt9ePaVlJo9DuQtVa37 RknWq0gaebbxlWsYwEyz79sv6MDlmICEDyH8OatmixkUuA/Bt6jubUK83fByFS1leRFS qUeQ== X-Forwarded-Encrypted: i=1; AJvYcCVBKgNtQkJHs11RbPLUNayscmjU4sx8RvEGBiwra+BP/bO/RnTlYFTAHjoy4WKiJMGcFvg0cGF5D4HKBTZfjqTGmTvX/GBPhxrwsQUy1YLiJafmz44= X-Gm-Message-State: AOJu0Yw4bwOWpAFGDYVRQMQVI8lzhuYZ2gT9x+vEPWI+4kibyKR60KB0 rlO0nPfL4IRUJz0ntak3qbz92/bxl0AL0n/8u+bmlAXU7Dp2wh3AG6mW75BjRBNpnLwCCk+2uYG jS3klofbu8ZKueED5DRM7OTl+qSOGOzLu8mk2kUrQ78ICr6mk3cmo8n1G9TQ0QcqhZBwMngyu X-Received: by 2002:ac2:4e04:0:b0:52b:9e2b:9e1 with SMTP id 2adb3069b0e04-52b9e2b0a7fmr1162467e87.23.1717419009552; Mon, 03 Jun 2024 05:50:09 -0700 (PDT) X-Google-Smtp-Source: AGHT+IF/4loIAmGneGuSGjjPByhWJ3wNrwgncuMeG06rKtBOo1enZwiQTfx1ktZLyUSK/6jo9r1N4A== X-Received: by 2002:ac2:4e04:0:b0:52b:9e2b:9e1 with SMTP id 2adb3069b0e04-52b9e2b0a7fmr1162441e87.23.1717419009014; Mon, 03 Jun 2024 05:50:09 -0700 (PDT) Received: from fedora (lmontsouris-659-1-55-176.w193-248.abo.wanadoo.fr. [193.248.58.176]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-42134ab5ebasm87037245e9.42.2024.06.03.05.50.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Jun 2024 05:50:08 -0700 (PDT) Date: Mon, 3 Jun 2024 14:50:06 +0200 From: Matias Ezequiel Vara Larsen To: Suzuki K Poulose Cc: kvmarm@lists.linux.dev, kvm@vger.kernel.org, linux-coco@lists.linux.dev, linux-arm-kernel@lists.infradead.org, maz@kernel.org, alexandru.elisei@arm.com, joey.gouly@arm.com, steven.price@arm.com, james.morse@arm.com, oliver.upton@linux.dev, yuzenghui@huawei.com, andrew.jones@linux.dev, eric.auger@redhat.com Subject: Re: [kvm-unit-tests PATCH 00/33] Support for Arm Confidential Compute Architecture Message-ID: References: <20240412103408.2706058-1-suzuki.poulose@arm.com> MIME-Version: 1.0 In-Reply-To: <20240412103408.2706058-1-suzuki.poulose@arm.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240603_055153_953763_74EEEA46 X-CRM114-Status: GOOD ( 46.21 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Hello, I tried this series by using kvmtool[1] and Linux/KVM with series "[v2] Support for Arm CCA VMs on Linux". To try it, I ran "run-realm-tests" in the FVP model. All tests seem to have passed successfully. Tested-by: Matias Ezequiel Vara Larsen [1] https://gitlab.arm.com/linux-arm/kvmtool-cca cca/v2 On Fri, Apr 12, 2024 at 11:33:35AM +0100, Suzuki K Poulose wrote: > This series adds support for running the kvm-unit-tests in the Arm CCA reference > software architecture. > > > The changes involve enlightening the boot/setup code with the Realm Service Interface > (RSI). The series also includes new test cases that exercise the RSI calls. > > Currently we only support "kvmtool" as the VMM for running Realms. There was > an attempt to add support for running the test scripts using with kvmtool here [1], > which hasn't progressed. It would be good to have that resolved, so that we can > run all the tests without manually specifying the commandlines for each run. > > For the purposes of running the Realm specific tests, we have added a "temporary" > script "run-realm-tests" until the kvmtool support is added. We do not expect > this to be merged. > > > Base Realm Support > ------------------- > > Realm IPA Space > --------------- > When running on in Realm world, the (Guest) Physical Address - aka Intermediate > Physical Address (IPA) in Arm terminology - space of the VM is split into two halves, > protected (lower half) and un-protected (upper half). A protected IPA will > always map pages in the "realm world" and the contents are not accessible to > the host. An unprotected IPA on the other hand can be mapped to page in the > "normal world" and thus shared with the host. All host emulated MMIO ranges must > be in unprotected IPA space. > > Realm can query the Realm Management Monitor for the configuration via RSI call > (RSI_REALM_CONFIG) and identify the "boundary" of the "IPA" split. > > As far as the hyp/VMM is concerned, there is only one "IPA space" (the lower > half) of memory map. The "upper half" is "unprotected alias" of the memory map. > > In the guest, this is achieved by "treating the MSB (1 << (IPA_WIDTH - 1))" as > a protection attribute (we call it - PTE_NS_SHARED), where the Realm applies this > to any address, it thinks is acccessed/managed by host (e.g., MMIO, shared pages). > Given that this is runtime variable (but fixed for a given Realm), uses a > variable to track the value. > > All I/O regions are marked as "shared". Care is taken to ensure I/O access (uart) > with MMU off uses the "Unprotected Physical address". > > > Realm IPA State > --------------- > Additionally, each page (4K) in the protected IPA space has a state associated > (Realm IPA State - RIPAS) with it. It is either of : > RIPAS_EMPTY > RIPAS_RAM > > Any IPA backed by RAM, must be marked as RIPAS_RAM before an access is made to > it. The hypervisor/VMM does this for the initial image loaded into the Realm > memory before the Realm starts execution. Given the kvm-unit-test flat files do > not contain a metadata header (e.g., like the arm64 Linux kernel Image), > indicating the "actual image size in memory", the VMM cannot transition the > area towards the end of the image (e.g., bss, stack) which are accessed very > early during boot. Thus the early boot assembly code will mark the area upto > the stack as RAM. > > Once we land in the C code, we mark target relocation area for FDT and > initrd as RIPAS_RAM. At this point, we can scan the FDT and mark all RAM memory > blocks as RIPAS_RAM. > > TODO: It would be good to add an image header to the flat files indicating the > size, which can take the burden off doing the early assembly boot code RSI calls. > > Shared Memory support > --------------------- > Given the "default" memory of a VM is not accessible to host, we add new page > alloc/free routines for "memory shared" with the host. e.g., GICv3-ITS must use > shared pages for ITS emulation. > > RSI Test suites > -------------- > There are new testcases added to exercise the RSI interfaces and the RMM flows. > > Attestation and measurement services related RSI tests require parsing tokens > and claims returned by the RMM. This is achieved with the help of QCBOR library > [2], which is added as a submodule to the project. We have also added a wrapper > library - libtokenverifier - around the QCBOR to parse the tokens according to > the RMM specifications. > > Running Arm CCA Stack > ------------------- > > See more details on Arm CCA and how to build/run the entire stack here[0] > The easiest way to run the Arm CCA stack is using shrinkwrap and the details > are available in [0]. > > > The patches are also available here : > > https://gitlab.arm.com/linux-arm/kvm-unit-tests-cca cca/v1 > > > Changes since rfc: > [ https://lkml.kernel.org/r/20230127114108.10025-1-joey.gouly@arm.com ] > - Add support for RMM-v1.0-EAC5, changes to RSI ABIs > - Some hardening checks (FDT overlapping the BSS sections) > - Selftest for memory stress > - Enable PMU/SVE tests for Realms > > [0] https://lkml.kernel.org/r/20240412084056.1733704-1-steven.price@arm.com > [1] https://lkml.kernel.org/r/20210702163122.96110-1-alexandru.elisei@arm.com > [2] https://github.com/laurencelundblade/QCBOR > > Alexandru Elisei (3): > arm64: Expand SMCCC arguments and return values > arm: selftest: realm: skip pabt test when running in a realm > NOT-FOR-MERGING: add run-realm-tests > > Djordje Kovacevic (1): > arm: realm: Add tests for in realm SEA > > Gareth Stockwell (1): > arm: realm: add hvc and RSI_HOST_CALL tests > > Jean-Philippe Brucker (1): > arm: Move io_init after vm initialization > > Joey Gouly (10): > arm: Make physical address mask dynamic > arm64: Introduce NS_SHARED PTE attribute > arm: realm: Add RSI interface header > arm: realm: Make uart available before MMU is enabled > arm: realm: Add RSI version test > arm64: add ESR_ELx EC.SVE > arm64: enable SVE at startup > arm64: selftest: add realm SVE VL test > lib/alloc_page: Add shared page allocation support > arm: Add memtest support > > Mate Toth-Pal (2): > arm: Add a library to verify tokens using the QCBOR library > arm: realm: Add Realm attestation tests > > Subhasish Ghosh (1): > arm: realm: Add test for FPU/SIMD context save/restore > > Suzuki K Poulose (14): > arm: Add necessary header files in asm/pgtable.h > arm: Detect FDT overlap with uninitialised data > arm: realm: Realm initialisation > arm: realm: Add support for changing the state of memory > arm: realm: Set RIPAS state for RAM > arm: realm: Early memory setup > arm: gic-v3-its: Use shared pages wherever needed > arm: realm: Enable memory encryption > qcbor: Add QCBOR as a submodule > arm: Add build steps for QCBOR library > arm: realm: add RSI interface for attestation measurements > arm: realm: Add helpers to decode RSI return codes > arm: realm: Add Realm attestation tests > arm: realm: Add a test for shared memory > > .gitmodules | 3 + > arm/Makefile.arm64 | 25 +- > arm/cstart.S | 49 +- > arm/cstart64.S | 154 +++- > arm/fpu.c | 424 +++++++++ > arm/realm-attest.c | 1251 +++++++++++++++++++++++++++ > arm/realm-ns-memory.c | 86 ++ > arm/realm-rsi.c | 159 ++++ > arm/realm-sea.c | 143 +++ > arm/run-realm-tests | 112 +++ > arm/selftest.c | 138 ++- > arm/unittests.cfg | 96 +- > lib/alloc_page.c | 20 +- > lib/alloc_page.h | 24 + > lib/arm/asm/arm-smccc.h | 44 + > lib/arm/asm/io.h | 6 + > lib/arm/asm/pgtable.h | 9 + > lib/arm/asm/psci.h | 13 +- > lib/arm/asm/rsi.h | 21 + > lib/arm/asm/sve-vl-test.h | 9 + > lib/arm/gic-v3.c | 6 +- > lib/arm/io.c | 24 +- > lib/arm/mmu.c | 80 +- > lib/arm/psci.c | 19 +- > lib/arm/setup.c | 26 +- > lib/arm64/asm/arm-smccc.h | 6 + > lib/arm64/asm/esr.h | 1 + > lib/arm64/asm/io.h | 6 + > lib/arm64/asm/pgtable-hwdef.h | 6 - > lib/arm64/asm/pgtable.h | 20 + > lib/arm64/asm/processor.h | 34 + > lib/arm64/asm/rsi.h | 89 ++ > lib/arm64/asm/smc-rsi.h | 173 ++++ > lib/arm64/asm/sve-vl-test.h | 28 + > lib/arm64/asm/sysreg.h | 7 + > lib/arm64/gic-v3-its.c | 6 +- > lib/arm64/processor.c | 1 + > lib/arm64/rsi.c | 188 ++++ > lib/asm-generic/io.h | 12 + > lib/libcflat.h | 1 + > lib/qcbor | 1 + > lib/token_verifier/attest_defines.h | 50 ++ > lib/token_verifier/token_dumper.c | 157 ++++ > lib/token_verifier/token_dumper.h | 15 + > lib/token_verifier/token_verifier.c | 591 +++++++++++++ > lib/token_verifier/token_verifier.h | 77 ++ > 46 files changed, 4355 insertions(+), 55 deletions(-) > create mode 100644 .gitmodules > create mode 100644 arm/fpu.c > create mode 100644 arm/realm-attest.c > create mode 100644 arm/realm-ns-memory.c > create mode 100644 arm/realm-rsi.c > create mode 100644 arm/realm-sea.c > create mode 100755 arm/run-realm-tests > create mode 100644 lib/arm/asm/arm-smccc.h > create mode 100644 lib/arm/asm/rsi.h > create mode 100644 lib/arm/asm/sve-vl-test.h > create mode 100644 lib/arm64/asm/arm-smccc.h > create mode 100644 lib/arm64/asm/rsi.h > create mode 100644 lib/arm64/asm/smc-rsi.h > create mode 100644 lib/arm64/asm/sve-vl-test.h > create mode 100644 lib/arm64/rsi.c > create mode 160000 lib/qcbor > create mode 100644 lib/token_verifier/attest_defines.h > create mode 100644 lib/token_verifier/token_dumper.c > create mode 100644 lib/token_verifier/token_dumper.h > create mode 100644 lib/token_verifier/token_verifier.c > create mode 100644 lib/token_verifier/token_verifier.h > > -- > 2.34.1 > _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel