Hi Steven, On Mon, Jul 01, 2024 at 10:54:50AM +0100, Steven Price wrote: > This series adds support for running Linux in a protected VM under the > Arm Confidential Compute Architecture (CCA). This has been updated > following the feedback from the v3 posting[1]. Thanks for the feedback! > Individual patches have a change log. But things to highlight: Hold onto your hat, I'm going to dust off our pKVM protected guest changes and see what we can share here! I've left a few comments on the series, but the main differences seem to be: - You try to probe really early - You have that horrible split IPA space thing from the RSI spec but some of the mechanisms are broadly similar (e.g. implementing the set_memory_*crypted() API). Hopefully I can give your GIC changes a spin, too. Just one minor (but probably annoying) comment: > arch/arm64/Kconfig | 3 + > arch/arm64/include/asm/fixmap.h | 2 +- > arch/arm64/include/asm/io.h | 8 +- > arch/arm64/include/asm/mem_encrypt.h | 17 ++ > arch/arm64/include/asm/pgtable-hwdef.h | 6 - > arch/arm64/include/asm/pgtable-prot.h | 3 + > arch/arm64/include/asm/pgtable.h | 13 +- > arch/arm64/include/asm/rsi.h | 64 ++++++ > arch/arm64/include/asm/rsi_cmds.h | 134 +++++++++++ > arch/arm64/include/asm/rsi_smc.h | 142 ++++++++++++ > arch/arm64/include/asm/set_memory.h | 3 + > arch/arm64/kernel/Makefile | 3 +- > arch/arm64/kernel/efi.c | 2 +- > arch/arm64/kernel/rsi.c | 104 +++++++++ > arch/arm64/kernel/setup.c | 8 + > arch/arm64/mm/init.c | 10 +- > arch/arm64/mm/pageattr.c | 76 ++++++- > drivers/firmware/psci/psci.c | 25 +++ > drivers/irqchip/irq-gic-v3-its.c | 142 +++++++++--- > drivers/virt/coco/Kconfig | 2 + > drivers/virt/coco/Makefile | 1 + > drivers/virt/coco/arm-cca-guest/Kconfig | 11 + > drivers/virt/coco/arm-cca-guest/Makefile | 2 + > .../virt/coco/arm-cca-guest/arm-cca-guest.c | 211 ++++++++++++++++++ > include/linux/psci.h | 5 + > 25 files changed, 953 insertions(+), 44 deletions(-) > create mode 100644 arch/arm64/include/asm/mem_encrypt.h > create mode 100644 arch/arm64/include/asm/rsi.h > create mode 100644 arch/arm64/include/asm/rsi_cmds.h > create mode 100644 arch/arm64/include/asm/rsi_smc.h > create mode 100644 arch/arm64/kernel/rsi.c > create mode 100644 drivers/virt/coco/arm-cca-guest/Kconfig > create mode 100644 drivers/virt/coco/arm-cca-guest/Makefile > create mode 100644 drivers/virt/coco/arm-cca-guest/arm-cca-guest.c Any chance of some documentation, please? Cheers, Will
