[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [virtio-comment] Re: [PATCH v2] content: Reserve virtio-nsm device ID
On Mon, Aug 10, 2020 at 04:06:26PM +0200, Alexander Graf wrote: > > > On 21.07.20 13:23, Eftime, Petre wrote: > > On 2020-07-20 20:10, Michael S. Tsirkin wrote: > > > On Wed, Jun 10, 2020 at 04:17:25PM +0300, Eftime, Petre wrote: > > > > On 2020-05-27 12:07, Petre Eftime wrote: > > > > > > > > Â Â Â Â The NitroSecureModule is a device with a very stripped down > > > > Â Â Â Â Trusted Platform Module functionality, which is used in the > > > > Â Â Â Â context of a Nitro Enclave (see > > > > https://lkml.org/lkml/2020/4/21/1020) > > > > Â Â Â Â to provide boot time measurement and attestation. > > > > > > > > Â Â Â Â Since this device provides some critical cryptographic operations, > > > > Â Â Â Â there are a series of operations which are required to have > > > > guarantees > > > > Â Â Â Â of atomicity, ordering and consistency: operations fully > > > > succeed or fully > > > > Â Â Â Â fail, including when some external events might interfere in the > > > > Â Â Â Â process: live migration, crashes, etc; any failure in the critical > > > > Â Â Â Â section requires termination of the enclave it is attached to, so > > > > Â Â Â Â the device needs to be as resilient as possible, simplicity is > > > > Â Â Â Â strongly desired. > > > > > > > > Â Â Â Â To account for that, the device and driver are made to have > > > > very few > > > > Â Â Â Â error cases in the critical path and the operations > > > > themselves can be > > > > Â Â Â Â rolled back and retried if events happen outside the critical > > > > Â Â Â Â area, while processing a request. The driver itself can be > > > > made very > > > > Â Â Â Â simple and thus is easily portable. > > > > > > > > Â Â Â Â Since the requests can be handled directly in the virtio > > > > queue, serving > > > > Â Â Â Â most requests requires no additional buffering or memory > > > > allocations > > > > Â Â Â Â on the host side. > > > > > > > > Â Â Â Â Signed-off-by: Petre Eftime <epetre@amazon.com> > > > > Â Â Â Â --- > > > > Â Â Â Â Â content.tex | 2 ++ > > > > Â Â Â Â Â 1 file changed, 2 insertions(+) > > > > > > > > Â Â Â Â diff --git a/content.tex b/content.tex > > > > Â Â Â Â index 91735e3..66c8f2b 100644 > > > > Â Â Â Â --- a/content.tex > > > > Â Â Â Â +++ b/content.tex > > > > Â Â Â Â @@ -2801,6 +2801,8 @@ \chapter{Device > > > > Types}\label{sec:Device Types} > > > > Â Â Â Â Â \hline > > > > Â Â Â Â Â 31Â Â Â Â Â Â Â Â &Â Â Video decoder device \\ > > > > Â Â Â Â Â \hline > > > > Â Â Â Â +33Â Â Â Â Â Â Â Â &Â Â NitroSecureModule \\ > > > > Â Â Â Â +\hline > > > > Â Â Â Â Â \end{tabular} > > > > > > > > Â Â Â Â Â Some of the devices above are unspecified by this document, > > > > > > > > Hi all, > > > > > > > > I've opened a corresponding issue on Github. > > > > > > > > Fixes: https://github.com/oasis-tcs/virtio-spec/issues/81 > > > > > > > > Thank you, > > > > Petre Eftime > > > > > > Looks like no one minds. Do you want the TC to vote on this? > > > > > Yes, would help us get started towards upstreaming the Linux driver for > > this. > > So what is the next step to get the vote happening? :) > > > Alex > Missed the answer, sorry. Started vote now. > > Amazon Development Center Germany GmbH > Krausenstr. 38 > 10117 Berlin > Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss > Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B > Sitz: Berlin > Ust-ID: DE 289 237 879 > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]