We already have support for the Nitro Enclave kernel module in upstream Linux, which is needed to control a Nitro Enclave's lifecycle. However, users typically want to run Linux inside the Enclave as well. To do that well, they need the ability to communicate to the Nitro Secure Module: A virtio based PV device that provides access to PCRs, an attestation document as well as access to entropy. These patches add driver support for NSM. With them in place, upstream Linux has everything that's needed to run as a Nitro Enclave kernel. Alex v1 -> v2: - Remove boilerplate - Add uapi header v2 -> v3: - Move globals to device struct - Add compat handling - Simplify some naming - Remove debug prints - Use module_virtio_driver - Ensure remove only happens on target device - Drop use of uio.h Alexander Graf (2): misc: Add Nitro Secure Module driver hwrng: Add support for Nitro Secure Module MAINTAINERS | 11 + drivers/char/hw_random/Kconfig | 12 + drivers/char/hw_random/Makefile | 1 + drivers/char/hw_random/nsm-rng.c | 275 ++++++++++++++++++++ drivers/misc/Kconfig | 11 + drivers/misc/Makefile | 1 + drivers/misc/nsm.c | 423 +++++++++++++++++++++++++++++++ include/linux/nsm.h | 35 +++ include/uapi/linux/nsm.h | 30 +++ 9 files changed, 799 insertions(+) create mode 100644 drivers/char/hw_random/nsm-rng.c create mode 100644 drivers/misc/nsm.c create mode 100644 include/linux/nsm.h create mode 100644 include/uapi/linux/nsm.h -- 2.40.1 Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879