From: Alexander Graf <graf@amazon.com>
To: <linux-crypto@vger.kernel.org>
Cc: <linux-kernel@vger.kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Arnd Bergmann <arnd@arndb.de>,
Herbert Xu <herbert@gondor.apana.org.au>,
Olivia Mackall <olivia@selenic.com>,
"Petre Eftime" <petre.eftime@gmail.com>,
Erdem Meydanlli <meydanli@amazon.nl>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
David Woodhouse <dwmw@amazon.co.uk>,
"Michael S . Tsirkin" <mst@redhat.com>,
Jason Wang <jasowang@redhat.com>,
Xuan Zhuo <xuanzhuo@linux.alibaba.com>
Subject: [PATCH v2 0/2] Add Nitro Secure Module support
Date: Fri, 29 Sep 2023 13:33:18 +0000 [thread overview]
Message-ID: <20230929133320.74848-1-graf@amazon.com> (raw)
We already have support for the Nitro Enclave kernel module in upstream
Linux, which is needed to control a Nitro Enclave's lifecycle.
However, users typically want to run Linux inside the Enclave as well. To
do that well, they need the ability to communicate to the Nitro Secure
Module: A virtio based PV device that provides access to PCRs, an attestation
document as well as access to entropy.
These patches add driver support for NSM. With them in place, upstream Linux
has everything that's needed to run as a Nitro Enclave kernel.
Alex
v1 -> v2:
- Remove boilerplate
- Add uapi header
Alexander Graf (2):
misc: Add Nitro Secure Module driver
hwrng: Add support for Nitro Secure Module
MAINTAINERS | 11 +
drivers/char/hw_random/Kconfig | 12 +
drivers/char/hw_random/Makefile | 1 +
drivers/char/hw_random/nsm-rng.c | 272 +++++++++++++++++++
drivers/misc/Kconfig | 11 +
drivers/misc/Makefile | 1 +
drivers/misc/nsm.c | 448 +++++++++++++++++++++++++++++++
include/linux/nsm.h | 35 +++
include/uapi/linux/nsm.h | 24 ++
9 files changed, 815 insertions(+)
create mode 100644 drivers/char/hw_random/nsm-rng.c
create mode 100644 drivers/misc/nsm.c
create mode 100644 include/linux/nsm.h
create mode 100644 include/uapi/linux/nsm.h
--
2.40.1
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
next reply other threads:[~2023-09-29 13:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-29 13:33 Alexander Graf [this message]
2023-09-29 13:33 ` [PATCH v2 1/2] misc: Add Nitro Secure Module driver Alexander Graf
2023-09-29 17:28 ` Arnd Bergmann
2023-09-29 19:26 ` Alexander Graf
2023-09-30 6:20 ` Greg Kroah-Hartman
2023-10-02 12:28 ` Alexander Graf
2023-10-03 16:47 ` Arnd Bergmann
2023-10-03 17:48 ` Arnd Bergmann
2023-09-29 13:33 ` [PATCH v2 2/2] hwrng: Add support for Nitro Secure Module Alexander Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230929133320.74848-1-graf@amazon.com \
--to=graf@amazon.com \
--cc=arnd@arndb.de \
--cc=benh@kernel.crashing.org \
--cc=dwmw@amazon.co.uk \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=jasowang@redhat.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=meydanli@amazon.nl \
--cc=mst@redhat.com \
--cc=olivia@selenic.com \
--cc=petre.eftime@gmail.com \
--cc=xuanzhuo@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox