* [virtio-dev] [PATCH v3] virtio-tee: Reserve device ID 46 for TEE device
@ 2023-09-28 6:12 jeshwank
2023-10-05 5:10 ` [virtio-dev] " NK, JESHWANTHKUMAR
0 siblings, 1 reply; 2+ messages in thread
From: jeshwank @ 2023-09-28 6:12 UTC (permalink / raw)
To: virtio-comment
Cc: jeshwank, Mythri.Pandeshwarakrishna, Devaraj.Rangasamy,
jeshwanthkumar.nk, Rijo-john.Thomas, Nimesh.Easow, virtio-dev,
jens.wiklander, sumit.semwal, alex.bennee, arnd.bergmann, op-tee,
Parav Pandit, Sumit Garg
In a virtual environment, an application running in guest VM may want
to delegate security sensitive tasks to a Trusted Application (TA)
running within a Trusted Execution Environment (TEE). A TEE is a trusted
OS running in some secure environment, for example, TrustZone on ARM
CPUs, or a separate secure co-processor etc.
A virtual TEE device emulates a TEE within a guest VM. Such a virtual
TEE device supports multiple operations such as:
VIRTIO_TEE_CMD_OPEN_DEVICE – Open a communication channel with virtio
TEE device.
VIRTIO_TEE_CMD_CLOSE_DEVICE – Close communication channel with virtio
TEE device.
VIRTIO_TEE_CMD_GET_VERSION – Get version of virtio TEE.
VIRTIO_TEE_CMD_OPEN_SESSION – Open a session to communicate with
trusted application running in TEE.
VIRTIO_TEE_CMD_CLOSE_SESSION – Close a session to end communication
with trusted application running in TEE.
VIRTIO_TEE_CMD_INVOKE_FUNC – Invoke a command or function in trusted
application running in TEE.
VIRTIO_TEE_CMD_CANCEL_REQ – Cancel an ongoing command within TEE.
VIRTIO_TEE_CMD_REGISTER_MEM - Register shared memory with TEE.
VIRTIO_TEE_CMD_UNREGISTER_MEM - Unregister shared memory from TEE.
We would like to reserve device ID 46 for Virtio-TEE device.
Signed-off-by: Jeshwanth Kumar <jeshwanthkumar.nk@amd.com>
Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
Reviewed-by: Parav Pandit <parav@nvidia.com>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
---
content.tex | 2 ++
1 file changed, 2 insertions(+)
diff --git a/content.tex b/content.tex
index 0a62dce..644aa4a 100644
--- a/content.tex
+++ b/content.tex
@@ -739,6 +739,8 @@ \chapter{Device Types}\label{sec:Device Types}
\hline
45 & SPI master \\
\hline
+46 & TEE device \\
+\hline
\end{tabular}
Some of the devices above are unspecified by this document,
--
2.25.1
---------------------------------------------------------------------
To unsubscribe, e-mail: virtio-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: virtio-dev-help@lists.oasis-open.org
^ permalink raw reply related [flat|nested] 2+ messages in thread* [virtio-dev] Re: [PATCH v3] virtio-tee: Reserve device ID 46 for TEE device
2023-09-28 6:12 [virtio-dev] [PATCH v3] virtio-tee: Reserve device ID 46 for TEE device jeshwank
@ 2023-10-05 5:10 ` NK, JESHWANTHKUMAR
0 siblings, 0 replies; 2+ messages in thread
From: NK, JESHWANTHKUMAR @ 2023-10-05 5:10 UTC (permalink / raw)
To: virtio-comment
Cc: Mythri.Pandeshwarakrishna, Devaraj.Rangasamy, Rijo-john.Thomas,
Nimesh.Easow, virtio-dev, jens.wiklander, sumit.semwal,
alex.bennee, arnd.bergmann, op-tee, Parav Pandit, Sumit Garg
Fixes: https://github.com/oasis-tcs/virtio-spec/issues/175
Request for votes.
Regards,
Jeshwanth
On 28-Sep-23 11:42 AM, jeshwank wrote:
> In a virtual environment, an application running in guest VM may want
> to delegate security sensitive tasks to a Trusted Application (TA)
> running within a Trusted Execution Environment (TEE). A TEE is a trusted
> OS running in some secure environment, for example, TrustZone on ARM
> CPUs, or a separate secure co-processor etc.
>
> A virtual TEE device emulates a TEE within a guest VM. Such a virtual
> TEE device supports multiple operations such as:
>
> VIRTIO_TEE_CMD_OPEN_DEVICE – Open a communication channel with virtio
> TEE device.
> VIRTIO_TEE_CMD_CLOSE_DEVICE – Close communication channel with virtio
> TEE device.
> VIRTIO_TEE_CMD_GET_VERSION – Get version of virtio TEE.
> VIRTIO_TEE_CMD_OPEN_SESSION – Open a session to communicate with
> trusted application running in TEE.
> VIRTIO_TEE_CMD_CLOSE_SESSION – Close a session to end communication
> with trusted application running in TEE.
> VIRTIO_TEE_CMD_INVOKE_FUNC – Invoke a command or function in trusted
> application running in TEE.
> VIRTIO_TEE_CMD_CANCEL_REQ – Cancel an ongoing command within TEE.
> VIRTIO_TEE_CMD_REGISTER_MEM - Register shared memory with TEE.
> VIRTIO_TEE_CMD_UNREGISTER_MEM - Unregister shared memory from TEE.
>
> We would like to reserve device ID 46 for Virtio-TEE device.
>
> Signed-off-by: Jeshwanth Kumar <jeshwanthkumar.nk@amd.com>
> Reviewed-by: Rijo Thomas <Rijo-john.Thomas@amd.com>
> Reviewed-by: Parav Pandit <parav@nvidia.com>
> Acked-by: Sumit Garg <sumit.garg@linaro.org>
> ---
> content.tex | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/content.tex b/content.tex
> index 0a62dce..644aa4a 100644
> --- a/content.tex
> +++ b/content.tex
> @@ -739,6 +739,8 @@ \chapter{Device Types}\label{sec:Device Types}
> \hline
> 45 & SPI master \\
> \hline
> +46 & TEE device \\
> +\hline
> \end{tabular}
>
> Some of the devices above are unspecified by this document,
---------------------------------------------------------------------
To unsubscribe, e-mail: virtio-dev-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: virtio-dev-help@lists.oasis-open.org
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-10-05 5:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-09-28 6:12 [virtio-dev] [PATCH v3] virtio-tee: Reserve device ID 46 for TEE device jeshwank
2023-10-05 5:10 ` [virtio-dev] " NK, JESHWANTHKUMAR
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox