This series adds support for running Linux in a protected VM under the Arm Confidential Compute Architecture (CCA). This is a minor update following the feedback from the v6 posting[1]. Thanks for the feedback! Individual patches have a change log. The biggest changes are in patch 10 where Gavin gave some great feedback to tidy things up a bit. This series is based on v6.12-rc1. Testing ======= Since a couple of the patches have been merged separately, and there was also a bug[2] in -rc1 which impacts 9p filesystems, I've provided the below git tree with everything you need for a CCA guest: https://gitlab.arm.com/linux-arm/linux-cca cca-guest/v7 Back by popular demand is also a tree with both host and guest changes: https://gitlab.arm.com/linux-arm/linux-cca cca-full/v5+v7 You will also need an up-to-date RMM - the necessary changes have been merged into the 'main' branch of upstream: https://git.trustedfirmware.org/TF-RMM/tf-rmm.git main And you also need an updated kvmtool, there's a branch with the necessary changes here: https://git.gitlab.arm.com/linux-arm/kvmtool-cca.git cca/v3 earlycon -------- If using 'earlycon' on the kernel command line it is now necessary to pass the address of the serial port *in the unprotected IPA*. This is because the fixmap changes were dropped (due to the late probing of the RMM). E.g. for kvmtool you will need: earlycon=uart,mmio,0x101000000 This is the main drawback to late probing. One potential improvement would be an option like "earlycon=realm" to identify that the earlycon uart is in the unprotected space without having to know the actual IPA. I've left this out for now as I'm not sure whether there is any actual interest in this. [1] https://lore.kernel.org/r/20241004144307.66199-1-steven.price%40arm.com [2] https://lore.kernel.org/all/cbaf141ba6c0e2e209717d02746584072844841a.1727722269.git.osandov@xxxxxx/ Sami Mujawar (1): virt: arm-cca-guest: TSM_REPORT support for realms Steven Price (4): arm64: realm: Query IPA size from the RMM arm64: Enforce bounce buffers for realm DMA arm64: mm: Avoid TLBI when marking pages as valid arm64: Document Arm Confidential Compute Suzuki K Poulose (6): arm64: rsi: Add RSI definitions arm64: Detect if in a realm and set RIPAS RAM arm64: rsi: Add support for checking whether an MMIO is protected arm64: rsi: Map unprotected MMIO as decrypted efi: arm64: Map Device with Prot Shared arm64: Enable memory encrypt for Realms Documentation/arch/arm64/arm-cca.rst | 69 ++++++ Documentation/arch/arm64/booting.rst | 3 + Documentation/arch/arm64/index.rst | 1 + arch/arm64/Kconfig | 3 + arch/arm64/include/asm/io.h | 8 + arch/arm64/include/asm/mem_encrypt.h | 9 + arch/arm64/include/asm/pgtable-prot.h | 4 + arch/arm64/include/asm/pgtable.h | 5 + arch/arm64/include/asm/rsi.h | 68 ++++++ arch/arm64/include/asm/rsi_cmds.h | 160 +++++++++++++ arch/arm64/include/asm/rsi_smc.h | 193 +++++++++++++++ arch/arm64/include/asm/set_memory.h | 3 + arch/arm64/kernel/Makefile | 3 +- arch/arm64/kernel/efi.c | 12 +- arch/arm64/kernel/rsi.c | 142 +++++++++++ arch/arm64/kernel/setup.c | 3 + arch/arm64/mm/init.c | 10 +- arch/arm64/mm/pageattr.c | 98 +++++++- drivers/virt/coco/Kconfig | 2 + drivers/virt/coco/Makefile | 1 + drivers/virt/coco/arm-cca-guest/Kconfig | 11 + drivers/virt/coco/arm-cca-guest/Makefile | 2 + .../virt/coco/arm-cca-guest/arm-cca-guest.c | 224 ++++++++++++++++++ 23 files changed, 1026 insertions(+), 8 deletions(-) create mode 100644 Documentation/arch/arm64/arm-cca.rst create mode 100644 arch/arm64/include/asm/rsi.h create mode 100644 arch/arm64/include/asm/rsi_cmds.h create mode 100644 arch/arm64/include/asm/rsi_smc.h create mode 100644 arch/arm64/kernel/rsi.c create mode 100644 drivers/virt/coco/arm-cca-guest/Kconfig create mode 100644 drivers/virt/coco/arm-cca-guest/Makefile create mode 100644 drivers/virt/coco/arm-cca-guest/arm-cca-guest.c -- 2.34.1