[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [virtio-comment] RE: [virtio-dev] Re: [virtio-comment] [PATCH] Add virtio rpmb device specification
> -----Original Message----- > From: Michael S. Tsirkin [mailto:mst@redhat.com] > Sent: Sunday, August 4, 2019 15:49 > To: Huang, Yang <yang.huang@intel.com> > Cc: Paolo Bonzini <pbonzini@redhat.com>; virtio-dev@lists.oasis-open.org; > virtio-comment@lists.oasis-open.org; Zhu, Bing <bing.zhu@intel.com>; Winkler, > Tomas <tomas.winkler@intel.com> > Subject: Re: [virtio-comment] RE: [virtio-dev] Re: [virtio-comment] [PATCH] Add > virtio rpmb device specification > > On Sun, Aug 04, 2019 at 02:07:49AM +0000, Huang, Yang wrote: > > > > > > > -----Original Message----- > > > From: virtio-dev@lists.oasis-open.org > > > [mailto:virtio-dev@lists.oasis-open.org] > > > On Behalf Of Michael S. Tsirkin > > > Sent: Sunday, August 4, 2019 5:00 > > > To: Huang, Yang <yang.huang@intel.com> > > > Cc: Paolo Bonzini <pbonzini@redhat.com>; > > > virtio-dev@lists.oasis-open.org; > > > virtio-comment@lists.oasis-open.org; Zhu, Bing <bing.zhu@intel.com>; > > > Winkler, Tomas <tomas.winkler@intel.com> > > > Subject: [virtio-dev] Re: [virtio-comment] [PATCH] Add virtio rpmb > > > device specification > > > > > > On Tue, Jul 30, 2019 at 12:33:17AM +0000, Huang, Yang wrote: > > > > > > > > > > > > > -----Original Message----- > > > > > From: virtio-comment@lists.oasis-open.org > > > > > [mailto:virtio-comment@lists.oasis- > > > > > open.org] On Behalf Of Paolo Bonzini > > > > > Sent: Monday, July 29, 2019 17:19 > > > > > To: Huang, Yang <yang.huang@intel.com>; > > > > > virtio-dev@lists.oasis-open.org > > > > > Cc: virtio-comment@lists.oasis-open.org; mst@redhat.com; Zhu, > > > > > Bing <bing.zhu@intel.com>; Winkler, Tomas > > > > > <tomas.winkler@intel.com> > > > > > Subject: Re: [virtio-comment] [PATCH] Add virtio rpmb device > > > > > specification > > > > > > > > > > On 29/07/19 09:48, Huang Yang wrote: > > > > > > > > > > > > But virtualization software like Qemu doesn't provide > > > > > > eMMC/UFS/NVMe RPMB emulation. It blocks the OS like Trusty or > > > > > > OP-TEE running in a virtualization environment. For instance, > > > > > > Google right now uses another way to work around RPMB > > > > > > emulation issue when running Trusty in > > > > > ARM Qemu: > > > > > > https://android.googlesource.com/trusty/external/trusty/+/refs > > > > > > /hea > > > > > > ds/m > > > > > > aster/test-runner/ > > > > > > > > > > > > Virtio RPMB standardization will definitely benefit OP-TEE, > > > > > > Google Trusty TEE, Qemu, OVMF or other modules to develop the > > > > > > RPMB based secure storage in virtualization. > > > > > > > > > > > > > > > > Is there any reason to use a new virtio-blk device, and not add > > > > > this functionality to virtio-blk? > > > > > > > > > > Paolo > > > > > > > > RPMB does not behave as a blk device. It doesn't have block device APIs. > > > > Current virtio blk features or definitions in spec are mostly > > > > useless or > > > inapplicable to virtio rpmb. > > > > It performs a different behaviors from the operations on a blk device. > > > > Key, writer counter or nonce are required to read/write on it. > > > > If add it to blk device, it will not only cause to a higher > > > > complexity, but also > > > cause to two different behaviors on a same device. > > > > > > > > > > > > > Well it seems that current RPMB implementations are all tied to a > > > storage device, like MMC or NVMe. Why is that and why doesn't the same > logic apply here? > > > > > > -- > > > MST > > > > > > > RPMB is a mandatory hardware partition of eMMC, UFS and optional for > NVMe. > > It is standardized by JEDEC and NVMe. > > This partition is different from the user data partition that blk device emulates. > > It provides a signed access in an authenticated and replay protected > > manner that blk device does not perform. Only RPMB key owner can write > > to it while anybody can access to a user data partition. > > Sorry if I'm being dense, so how is this different from e.g. NVMe? > > -- > MST Do you refer to the difference between NVMe RPMB and eMMC RPMB? Or between NVMe RPMB partition and NVMe user data partition?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]