From nobody Thu Nov 28 05:48:47 2024 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AF77B221E39; Fri, 4 Oct 2024 14:44:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728053050; cv=none; b=tvWJ9S+/53727c7PbHVPUp/24Z02bNBcZL12a0VdHCh7XIHBEn+w7JKtgonSjJFZASGfZYQyh5en6+wauRn1QPhqEHyMs8rFvWcsOt7wvcQY6gKPZ+0Owo0qNMBcxgV5wbAR+oTgEjQgw5GuYpXgM2qW+1KjUyyShPQ91VOmMZc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728053050; c=relaxed/simple; bh=nSPzNh8EFOA2Eq6tLS6YHR+y3k2CJCfa9IMYEfTmvec=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=F66NfwqUFpYxX5IiN2NO80GkuwOHCJs0x6hCsjRp6zwnBVjgceS8a2w4BAImuQ5ae+hcSe3zVuqG5kAaS3cSVLHX5nrDuHP3hl8F0FkaG0H7Vw0KHDJMVgLkUusBRzCgi6LSkeNC1eaM6PZ/Q1JD/DRaqn8F6tE6TulAEVBjDUU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id B1BB81516; Fri, 4 Oct 2024 07:44:36 -0700 (PDT) Received: from e122027.cambridge.arm.com (unknown [10.1.25.25]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 4D8563F7C5; Fri, 4 Oct 2024 07:44:03 -0700 (PDT) From: Steven Price To: kvm@vger.kernel.org, kvmarm@lists.linux.dev Cc: Sami Mujawar , Catalin Marinas , Marc Zyngier , Will Deacon , James Morse , Oliver Upton , Suzuki K Poulose , Zenghui Yu , linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Joey Gouly , Alexandru Elisei , Christoffer Dall , Fuad Tabba , linux-coco@lists.linux.dev, Ganapatrao Kulkarni , Gavin Shan , Shanker Donthineni , Alper Gun , Dan Williams , "Aneesh Kumar K . V" , Steven Price Subject: [PATCH v6 10/11] virt: arm-cca-guest: TSM_REPORT support for realms Date: Fri, 4 Oct 2024 15:43:05 +0100 Message-Id: <20241004144307.66199-11-steven.price@arm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241004144307.66199-1-steven.price@arm.com> References: <20241004144307.66199-1-steven.price@arm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sami Mujawar Introduce an arm-cca-guest driver that registers with the configfs-tsm module to provide user interfaces for retrieving an attestation token. When a new report is requested the arm-cca-guest driver invokes the appropriate RSI interfaces to query an attestation token. The steps to retrieve an attestation token are as follows: 1. Mount the configfs filesystem if not already mounted mount -t configfs none /sys/kernel/config 2. Generate an attestation token report=3D/sys/kernel/config/tsm/report/report0 mkdir $report dd if=3D/dev/urandom bs=3D64 count=3D1 > $report/inblob hexdump -C $report/outblob rmdir $report Signed-off-by: Sami Mujawar Signed-off-by: Suzuki K Poulose Signed-off-by: Steven Price --- v3: Minor improvements to comments and adapt to the renaming of GRANULE_SIZE to RSI_GRANULE_SIZE. --- drivers/virt/coco/Kconfig | 2 + drivers/virt/coco/Makefile | 1 + drivers/virt/coco/arm-cca-guest/Kconfig | 11 + drivers/virt/coco/arm-cca-guest/Makefile | 2 + .../virt/coco/arm-cca-guest/arm-cca-guest.c | 211 ++++++++++++++++++ 5 files changed, 227 insertions(+) create mode 100644 drivers/virt/coco/arm-cca-guest/Kconfig create mode 100644 drivers/virt/coco/arm-cca-guest/Makefile create mode 100644 drivers/virt/coco/arm-cca-guest/arm-cca-guest.c diff --git a/drivers/virt/coco/Kconfig b/drivers/virt/coco/Kconfig index d9ff676bf48d..ff869d883d95 100644 --- a/drivers/virt/coco/Kconfig +++ b/drivers/virt/coco/Kconfig @@ -14,3 +14,5 @@ source "drivers/virt/coco/pkvm-guest/Kconfig" source "drivers/virt/coco/sev-guest/Kconfig" =20 source "drivers/virt/coco/tdx-guest/Kconfig" + +source "drivers/virt/coco/arm-cca-guest/Kconfig" diff --git a/drivers/virt/coco/Makefile b/drivers/virt/coco/Makefile index b69c30c1c720..c3d07cfc087e 100644 --- a/drivers/virt/coco/Makefile +++ b/drivers/virt/coco/Makefile @@ -7,3 +7,4 @@ obj-$(CONFIG_EFI_SECRET) +=3D efi_secret/ obj-$(CONFIG_ARM_PKVM_GUEST) +=3D pkvm-guest/ obj-$(CONFIG_SEV_GUEST) +=3D sev-guest/ obj-$(CONFIG_INTEL_TDX_GUEST) +=3D tdx-guest/ +obj-$(CONFIG_ARM_CCA_GUEST) +=3D arm-cca-guest/ diff --git a/drivers/virt/coco/arm-cca-guest/Kconfig b/drivers/virt/coco/ar= m-cca-guest/Kconfig new file mode 100644 index 000000000000..9dd27c3ee215 --- /dev/null +++ b/drivers/virt/coco/arm-cca-guest/Kconfig @@ -0,0 +1,11 @@ +config ARM_CCA_GUEST + tristate "Arm CCA Guest driver" + depends on ARM64 + default m + select TSM_REPORTS + help + The driver provides userspace interface to request and + attestation report from the Realm Management Monitor(RMM). + + If you choose 'M' here, this module will be called + arm-cca-guest. diff --git a/drivers/virt/coco/arm-cca-guest/Makefile b/drivers/virt/coco/a= rm-cca-guest/Makefile new file mode 100644 index 000000000000..69eeba08e98a --- /dev/null +++ b/drivers/virt/coco/arm-cca-guest/Makefile @@ -0,0 +1,2 @@ +# SPDX-License-Identifier: GPL-2.0-only +obj-$(CONFIG_ARM_CCA_GUEST) +=3D arm-cca-guest.o diff --git a/drivers/virt/coco/arm-cca-guest/arm-cca-guest.c b/drivers/virt= /coco/arm-cca-guest/arm-cca-guest.c new file mode 100644 index 000000000000..e22a565cb425 --- /dev/null +++ b/drivers/virt/coco/arm-cca-guest/arm-cca-guest.c @@ -0,0 +1,211 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2023 ARM Ltd. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include + +/** + * struct arm_cca_token_info - a descriptor for the token buffer. + * @granule: PA of the page to which the token will be written + * @offset: Offset within granule to start of buffer in bytes + * @len: Number of bytes of token data that was retrieved + * @result: result of rsi_attestation_token_continue operation + */ +struct arm_cca_token_info { + phys_addr_t granule; + unsigned long offset; + int result; +}; + +/** + * arm_cca_attestation_continue - Retrieve the attestation token data. + * + * @param: pointer to the arm_cca_token_info + * + * Attestation token generation is a long running operation and therefore + * the token data may not be retrieved in a single call. Moreover, the + * token retrieval operation must be requested on the same CPU on which the + * attestation token generation was initialised. + * This helper function is therefore scheduled on the same CPU multiple + * times until the entire token data is retrieved. + */ +static void arm_cca_attestation_continue(void *param) +{ + unsigned long len; + unsigned long size; + struct arm_cca_token_info *info; + + if (!param) + return; + + info =3D (struct arm_cca_token_info *)param; + + size =3D RSI_GRANULE_SIZE - info->offset; + info->result =3D rsi_attestation_token_continue(info->granule, + info->offset, size, &len); + info->offset +=3D len; +} + +/** + * arm_cca_report_new - Generate a new attestation token. + * + * @report: pointer to the TSM report context information. + * @data: pointer to the context specific data for this module. + * + * Initialise the attestation token generation using the challenge data + * passed in the TSM descriptor. Allocate memory for the attestation token + * and schedule calls to retrieve the attestation token on the same CPU + * on which the attestation token generation was initialised. + * + * The challenge data must be at least 32 bytes and no more than 64 bytes.= If + * less than 64 bytes are provided it will be zero padded to 64 bytes. + * + * Return: + * * %0 - Attestation token generated successfully. + * * %-EINVAL - A parameter was not valid. + * * %-ENOMEM - Out of memory. + * * %-EFAULT - Failed to get IPA for memory page(s). + * * A negative status code as returned by smp_call_function_single(). + */ +static int arm_cca_report_new(struct tsm_report *report, void *data) +{ + int ret; + int cpu; + long max_size; + unsigned long token_size; + struct arm_cca_token_info info; + void *buf; + u8 *token __free(kvfree) =3D NULL; + struct tsm_desc *desc =3D &report->desc; + + if (!report) + return -EINVAL; + + if (desc->inblob_len < 32 || desc->inblob_len > 64) + return -EINVAL; + + /* + * Get a CPU on which the attestation token generation will be + * scheduled and initialise the attestation token generation. + */ + cpu =3D get_cpu(); + max_size =3D rsi_attestation_token_init(desc->inblob, desc->inblob_len); + put_cpu(); + + if (max_size <=3D 0) + return -EINVAL; + + /* Allocate outblob */ + token =3D kvzalloc(max_size, GFP_KERNEL); + if (!token) + return -ENOMEM; + + /* + * Since the outblob may not be physically contiguous, use a page + * to bounce the buffer from RMM. + */ + buf =3D alloc_pages_exact(RSI_GRANULE_SIZE, GFP_KERNEL); + if (!buf) + return -ENOMEM; + + /* Get the PA of the memory page(s) that were allocated. */ + info.granule =3D (unsigned long)virt_to_phys(buf); + + token_size =3D 0; + /* Loop until the token is ready or there is an error. */ + do { + /* Retrieve one RSI_GRANULE_SIZE data per loop iteration. */ + info.offset =3D 0; + do { + /* + * Schedule a call to retrieve a sub-granule chunk + * of data per loop iteration. + */ + ret =3D smp_call_function_single(cpu, + arm_cca_attestation_continue, + (void *)&info, true); + if (ret !=3D 0) { + token_size =3D 0; + goto exit_free_granule_page; + } + + ret =3D info.result; + } while ((ret =3D=3D RSI_INCOMPLETE) && + (info.offset < RSI_GRANULE_SIZE)); + + /* + * Copy the retrieved token data from the granule + * to the token buffer, ensuring that the RMM doesn't + * overflow the buffer. + */ + if (WARN_ON(token_size + info.offset > max_size)) + break; + memcpy(&token[token_size], buf, info.offset); + token_size +=3D info.offset; + } while (ret =3D=3D RSI_INCOMPLETE); + + if (ret !=3D RSI_SUCCESS) { + ret =3D -ENXIO; + token_size =3D 0; + goto exit_free_granule_page; + } + + report->outblob =3D no_free_ptr(token); +exit_free_granule_page: + report->outblob_len =3D token_size; + free_pages_exact(buf, RSI_GRANULE_SIZE); + return ret; +} + +static const struct tsm_ops arm_cca_tsm_ops =3D { + .name =3D KBUILD_MODNAME, + .report_new =3D arm_cca_report_new, +}; + +/** + * arm_cca_guest_init - Register with the Trusted Security Module (TSM) + * interface. + * + * Return: + * * %0 - Registered successfully with the TSM interface. + * * %-ENODEV - The execution context is not an Arm Realm. + * * %-EINVAL - A parameter was not valid. + * * %-EBUSY - Already registered. + */ +static int __init arm_cca_guest_init(void) +{ + int ret; + + if (!is_realm_world()) + return -ENODEV; + + ret =3D tsm_register(&arm_cca_tsm_ops, NULL); + if (ret < 0) + pr_err("Failed to register with TSM.\n"); + + return ret; +} +module_init(arm_cca_guest_init); + +/** + * arm_cca_guest_exit - unregister with the Trusted Security Module (TSM) + * interface. + */ +static void __exit arm_cca_guest_exit(void) +{ + tsm_unregister(&arm_cca_tsm_ops); +} +module_exit(arm_cca_guest_exit); + +MODULE_AUTHOR("Sami Mujawar "); +MODULE_DESCRIPTION("Arm CCA Guest TSM Driver."); +MODULE_LICENSE("GPL"); --=20 2.34.1