[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [virtio-comment] RE: [virtio-dev] Re: [virtio-comment] [PATCH] Add virtio rpmb device specification
On Sun, Aug 04, 2019 at 01:57:35PM +0000, Huang, Yang wrote: > > > > -----Original Message----- > > From: Michael S. Tsirkin [mailto:mst@redhat.com] > > Sent: Sunday, August 4, 2019 15:49 > > To: Huang, Yang <yang.huang@intel.com> > > Cc: Paolo Bonzini <pbonzini@redhat.com>; virtio-dev@lists.oasis-open.org; > > virtio-comment@lists.oasis-open.org; Zhu, Bing <bing.zhu@intel.com>; Winkler, > > Tomas <tomas.winkler@intel.com> > > Subject: Re: [virtio-comment] RE: [virtio-dev] Re: [virtio-comment] [PATCH] Add > > virtio rpmb device specification > > > > On Sun, Aug 04, 2019 at 02:07:49AM +0000, Huang, Yang wrote: > > > > > > > > > > -----Original Message----- > > > > From: virtio-dev@lists.oasis-open.org > > > > [mailto:virtio-dev@lists.oasis-open.org] > > > > On Behalf Of Michael S. Tsirkin > > > > Sent: Sunday, August 4, 2019 5:00 > > > > To: Huang, Yang <yang.huang@intel.com> > > > > Cc: Paolo Bonzini <pbonzini@redhat.com>; > > > > virtio-dev@lists.oasis-open.org; > > > > virtio-comment@lists.oasis-open.org; Zhu, Bing <bing.zhu@intel.com>; > > > > Winkler, Tomas <tomas.winkler@intel.com> > > > > Subject: [virtio-dev] Re: [virtio-comment] [PATCH] Add virtio rpmb > > > > device specification > > > > > > > > On Tue, Jul 30, 2019 at 12:33:17AM +0000, Huang, Yang wrote: > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > From: virtio-comment@lists.oasis-open.org > > > > > > [mailto:virtio-comment@lists.oasis- > > > > > > open.org] On Behalf Of Paolo Bonzini > > > > > > Sent: Monday, July 29, 2019 17:19 > > > > > > To: Huang, Yang <yang.huang@intel.com>; > > > > > > virtio-dev@lists.oasis-open.org > > > > > > Cc: virtio-comment@lists.oasis-open.org; mst@redhat.com; Zhu, > > > > > > Bing <bing.zhu@intel.com>; Winkler, Tomas > > > > > > <tomas.winkler@intel.com> > > > > > > Subject: Re: [virtio-comment] [PATCH] Add virtio rpmb device > > > > > > specification > > > > > > > > > > > > On 29/07/19 09:48, Huang Yang wrote: > > > > > > > > > > > > > > But virtualization software like Qemu doesn't provide > > > > > > > eMMC/UFS/NVMe RPMB emulation. It blocks the OS like Trusty or > > > > > > > OP-TEE running in a virtualization environment. For instance, > > > > > > > Google right now uses another way to work around RPMB > > > > > > > emulation issue when running Trusty in > > > > > > ARM Qemu: > > > > > > > https://android.googlesource.com/trusty/external/trusty/+/refs > > > > > > > /hea > > > > > > > ds/m > > > > > > > aster/test-runner/ > > > > > > > > > > > > > > Virtio RPMB standardization will definitely benefit OP-TEE, > > > > > > > Google Trusty TEE, Qemu, OVMF or other modules to develop the > > > > > > > RPMB based secure storage in virtualization. > > > > > > > > > > > > > > > > > > > Is there any reason to use a new virtio-blk device, and not add > > > > > > this functionality to virtio-blk? > > > > > > > > > > > > Paolo > > > > > > > > > > RPMB does not behave as a blk device. It doesn't have block device APIs. > > > > > Current virtio blk features or definitions in spec are mostly > > > > > useless or > > > > inapplicable to virtio rpmb. > > > > > It performs a different behaviors from the operations on a blk device. > > > > > Key, writer counter or nonce are required to read/write on it. > > > > > If add it to blk device, it will not only cause to a higher > > > > > complexity, but also > > > > cause to two different behaviors on a same device. > > > > > > > > > > > > > > > > > Well it seems that current RPMB implementations are all tied to a > > > > storage device, like MMC or NVMe. Why is that and why doesn't the same > > logic apply here? > > > > > > > > -- > > > > MST > > > > > > > > > > RPMB is a mandatory hardware partition of eMMC, UFS and optional for > > NVMe. > > > It is standardized by JEDEC and NVMe. > > > This partition is different from the user data partition that blk device emulates. > > > It provides a signed access in an authenticated and replay protected > > > manner that blk device does not perform. Only RPMB key owner can write > > > to it while anybody can access to a user data partition. > > > > Sorry if I'm being dense, so how is this different from e.g. NVMe? > > > > -- > > MST > > Do you refer to the difference between NVMe RPMB and eMMC RPMB? > Or between NVMe RPMB partition and NVMe user data partition? I refer to the fact that NVMe and eMMC are storage devices that support an RPMB partition. Why is virtio blk different? wouldn't it make sense for it to support an RPMB partition?
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]