This series adds support for running Linux in a protected VM under the Arm Confidential Compute Architecture (CCA). This has been updated following the feedback from the v4 posting[1]. Thanks for the feedback! Individual patches have a change log. But things to highlight: * New RMM spec version[2] (v1.0-rel0-rc1). Note that this makes a number of (small) breaking changes so you will need to update the RMM and host too (see below). * 'Borrowed' two commits by Will from the pKVM series which add a dispatcher/hook for mem_encrypt and ioremap. These will hopefully make it easier for CCA to live alongside pKVM. * Reworked the code for handling protected/shared MMIO. The new RMM spec adds a new state (RIPAS_IO - although that may get renamed), which is currently unused, but will be used in a later version to signify that a granule is backed by a protected hardware MMIO region. Using this we can now identify whether the top bit should be set when performing an ioremap (or similar). The ABI to the RMM from a realm (the RSI) is based on the RMM v1.0-rel0-rc1 specification[2]. Future RMM specifications after v1.0 will be backwards compatible so a guest using the v1.0 specification (i.e. this series) will be able to run on future versions of the RMM without modification. This series is based on v6.11-rc1. It is also available as a git repository: https://gitlab.arm.com/linux-arm/linux-cca cca-guest/v5 As mentioned above the new RMM specification means that corresponding changes need to be made in the RMM, at this time these changes are still in review (see 'topics/rmm-1.0-rel0-rc1'). So you'll need to fetch the changes[3] from the gerrit instance until they are pushed to the main branch. It has also been pointed out that some documentation would be a good idea - I'm afraid it hasn't made this version, but I didn't want to hold off posting for any longer. The new version of the RMM also means you'll need to update the host support, a v4 of the host changes will be posted soon, in the mean time the code is available from git here: https://gitlab.arm.com/linux-arm/linux-cca cca-host/v4 [1] https://lore.kernel.org/r/20240701095505.165383-1-steven.price%40arm.com [2] https://developer.arm.com/-/cdn-downloads/permalink/PDF/Architectures/DEN0137_1.0-rel0-rc1_rmm-arch_external.pdf [3] https://review.trustedfirmware.org/c/TF-RMM/tf-rmm/+/30485 Jean-Philippe Brucker (1): firmware/psci: Add psci_early_test_conduit() Sami Mujawar (1): virt: arm-cca-guest: TSM_REPORT support for realms Steven Price (6): arm64: realm: Query IPA size from the RMM arm64: Make the PHYS_MASK_SHIFT dynamic arm64: Enforce bounce buffers for realm DMA arm64: mm: Avoid TLBI when marking pages as valid irqchip/gic-v3-its: Share ITS tables with a non-trusted hypervisor irqchip/gic-v3-its: Rely on genpool alignment Suzuki K Poulose (9): arm64: rsi: Add RSI definitions arm64: Detect if in a realm and set RIPAS RAM arm64: rsi: Add support for checking whether an MMIO is protected fixmap: Allow architecture overriding set_fixmap_io fixmap: Pass down the full phys address for set_fixmap_io arm64: Override set_fixmap_io arm64: rsi: Map unprotected MMIO as decrypted efi: arm64: Map Device with Prot Shared arm64: Enable memory encrypt for Realms Will Deacon (2): arm64: mm: Add top-level dispatcher for internal mem_encrypt API arm64: mm: Add confidential computing hook to ioremap_prot() arch/arm64/Kconfig | 4 + arch/arm64/include/asm/fixmap.h | 2 + arch/arm64/include/asm/io.h | 12 + arch/arm64/include/asm/mem_encrypt.h | 24 ++ arch/arm64/include/asm/pgtable-hwdef.h | 6 - arch/arm64/include/asm/pgtable-prot.h | 4 + arch/arm64/include/asm/pgtable.h | 10 + arch/arm64/include/asm/rsi.h | 68 ++++++ arch/arm64/include/asm/rsi_cmds.h | 157 +++++++++++++ arch/arm64/include/asm/rsi_smc.h | 189 ++++++++++++++++ arch/arm64/include/asm/set_memory.h | 4 + arch/arm64/kernel/Makefile | 3 +- arch/arm64/kernel/efi.c | 12 +- arch/arm64/kernel/rsi.c | 149 +++++++++++++ arch/arm64/kernel/setup.c | 8 + arch/arm64/mm/Makefile | 2 +- arch/arm64/mm/init.c | 10 +- arch/arm64/mm/ioremap.c | 23 +- arch/arm64/mm/mem_encrypt.c | 50 +++++ arch/arm64/mm/mmu.c | 17 ++ arch/arm64/mm/pageattr.c | 84 ++++++- drivers/firmware/psci/psci.c | 25 +++ drivers/irqchip/irq-gic-v3-its.c | 142 +++++++++--- drivers/tty/serial/earlycon.c | 2 +- drivers/virt/coco/Kconfig | 2 + drivers/virt/coco/Makefile | 1 + drivers/virt/coco/arm-cca-guest/Kconfig | 11 + drivers/virt/coco/arm-cca-guest/Makefile | 2 + .../virt/coco/arm-cca-guest/arm-cca-guest.c | 211 ++++++++++++++++++ include/asm-generic/fixmap.h | 4 +- include/linux/psci.h | 5 + 31 files changed, 1200 insertions(+), 43 deletions(-) create mode 100644 arch/arm64/include/asm/mem_encrypt.h create mode 100644 arch/arm64/include/asm/rsi.h create mode 100644 arch/arm64/include/asm/rsi_cmds.h create mode 100644 arch/arm64/include/asm/rsi_smc.h create mode 100644 arch/arm64/kernel/rsi.c create mode 100644 arch/arm64/mm/mem_encrypt.c create mode 100644 drivers/virt/coco/arm-cca-guest/Kconfig create mode 100644 drivers/virt/coco/arm-cca-guest/Makefile create mode 100644 drivers/virt/coco/arm-cca-guest/arm-cca-guest.c -- 2.34.1
