Add support for arm cca #211
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
702d17f to
86f75cd
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
b47ef94 to
9e6e5bb
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
9e6e5bb to
68dff0c
Compare
MatiasVara
changed the title
MatiasVara
force-pushed
the
use-guest-memfd
branch
2 times, most recently
from
d5952be to
d4362d6
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
3 times, most recently
from
cae99a3 to
4a0e61b
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
3 times, most recently
from
5089b4f to
e7e2a90
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
3 times, most recently
from
dae13da to
6cebf95
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
6cebf95 to
94688b2
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
94688b2 to
2077cfc
Compare
MatiasVara
force-pushed
the
use-guest-memfd
branch
2 times, most recently
from
18e9a7d to
edb2f4a
Compare
Signed-off-by: Matias Ezequiel Vara Larsen <[email protected]>
MatiasVara
requested review from
mtjhrc,
slp and
tylerfanelli
as code owners
Enable to build confidential guests using ARM CCA (Confidential Computing Architecture). This work relies on v7 series for Linux and v5 series for KVM. This has been tested only on the corresponding FVP model simulator. For testing, you require specific kvm-ioctls and kvm-bindings crates. Signed-off-by: Matias Ezequiel Vara Larsen <[email protected]>
MatiasVara
force-pushed
the
use-guest-memfd
branch
from
edb2f4a to
5ba47b6
Compare
|
@MatiasVara is this ready for review, or should I wait? |
|
@jakecorrenti I'm addressing the KVM guest_memfd changes (which @MatiasVara also added in this PR) to my latest SEV-SNP patches. This will probably require a rebase after that. Once that happens, it will likely be ready for a review. |
I think the PR is ready to review. The current issue is that it does not work for the latest series for KVM (v6). I am investigating the issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR aims at adding support to build realm guests. First commit adds support for
create_guest_memfd()andset_user_memory_region2(). To do this, thememory_init()is modified by adding a boolean parameter. This is required when building a confidential guest for arm cca and probably also required by other cases.The second commit imports the
virtee/ccacrate and adds the steps to build a cca guest. The following items should be completed before merge the PR:This has been testing using the v7 series for Linux as a guest and v5 series for KVM on FVP model.
Feedback is welcome.