Re: [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm prope

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm prope

From:	Markus Armbruster
Subject:	Re: [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm property
Date:	Tue, 23 Apr 2024 14:23:55 +0200
User-agent:	Gnus/5.13 (Gnus v5.13)

Jean-Philippe Brucker <jean-philippe@linaro.org> writes:

> This option selects which measurement algorithm to use for attestation.
> Supported values are SHA256 and SHA512. Default to SHA512 arbitrarily.
>
> SHA512 is generally faster on 64-bit architectures. On a few arm64 CPUs
> I tested SHA256 is much faster, but that's most likely because they only
> support acceleration via FEAT_SHA256 (Armv8.0) and not FEAT_SHA512
> (Armv8.2). Future CPUs supporting RME are likely to also support
> FEAT_SHA512.
>
> Cc: Eric Blake <eblake@redhat.com>
> Cc: Markus Armbruster <armbru@redhat.com>
> Cc: Daniel P. Berrangé <berrange@redhat.com>
> Cc: Eduardo Habkost <eduardo@habkost.net>
> Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
> ---
> v1->v2: use enum, pick default
> ---
>  qapi/qom.json        | 18 +++++++++++++++++-
>  target/arm/kvm-rme.c | 39 ++++++++++++++++++++++++++++++++++++++-
>  2 files changed, 55 insertions(+), 2 deletions(-)
>
> diff --git a/qapi/qom.json b/qapi/qom.json
> index 91654aa267..84dce666b2 100644
> --- a/qapi/qom.json
> +++ b/qapi/qom.json
> @@ -931,18 +931,34 @@
>    'data': { '*cpu-affinity': ['uint16'],
>              '*node-affinity': ['uint16'] } }
>  
> +##
> +# @RmeGuestMeasurementAlgo:
> +#
> +# @sha256: Use the SHA256 algorithm

Let's have a blank line here.

> +# @sha512: Use the SHA512 algorithm
> +#
> +# Algorithm to use for realm measurements
> +#
> +# Since: FIXME

9.1

> +##
> +{ 'enum': 'RmeGuestMeasurementAlgo',
> +  'data': ['sha256', 'sha512'] }
> +
>  ##
>  # @RmeGuestProperties:
>  #
>  # Properties for rme-guest objects.
>  #
> +# @measurement-algo: Realm measurement algorithm (default: sha512)
> +#

We tend to avoid abbreviations in QMP: @measurement-algorithm.

May want to rename the type to RmeGuestMeasurementAlgorithm for
consistency.

>  # @personalization-value: Realm personalization value, as a 64-byte hex 
> string
>  #     (default: 0)
>  #
>  # Since: FIXME
>  ##
>  { 'struct': 'RmeGuestProperties',
> -  'data': { '*personalization-value': 'str' } }
> +  'data': { '*personalization-value': 'str',
> +            '*measurement-algo': 'RmeGuestMeasurementAlgo' } }
>  
>  ##
>  # @ObjectType:

With these issues addressed, QAPI schema
Acked-by: Markus Armbruster <armbru@redhat.com>

[...]

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 07/22] hw/arm/virt: Reserve one bit of guest-physical address for RME, (continued)
- [PATCH v2 07/22] hw/arm/virt: Reserve one bit of guest-physical address for RME, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 09/22] target/arm/kvm-rme: Initialize vCPU, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter, Jean-Philippe Brucker, 2024/04/19
  - Re: [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter, Markus Armbruster, 2024/04/23
  - Re: [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter, Peter Maydell, 2024/04/23
    - Re: [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter, Daniel P . Berrangé, 2024/04/23
- [PATCH v2 17/22] target/arm/cpu: Set number of PMU counters in KVM, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 18/22] target/arm/kvm: Disable Realm reboot, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 05/22] hw/arm/virt: Add support for Arm RME, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm property, Jean-Philippe Brucker, 2024/04/19
  - Re: [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm property, Markus Armbruster <=
- [PATCH v2 16/22] target/arm/cpu: Set number of breakpoints and watchpoints in KVM, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 04/22] target/arm/kvm-rme: Initialize realm, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 10/22] target/arm/kvm: Create scratch VM as Realm if necessary, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 06/22] hw/arm/virt: Disable DTB randomness for confidential VMs, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 11/22] hw/core/loader: Add ROM loader notifier, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 12/22] target/arm/kvm-rme: Populate Realm memory, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 13/22] hw/arm/boot: Register Linux BSS section for confidential guests, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 19/22] target/arm/cpu: Inform about reading confidential CPU registers, Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 21/22] hw/arm/virt: Move virt_flash_create() to machvirt_init(), Jean-Philippe Brucker, 2024/04/19
- [PATCH v2 22/22] hw/arm/virt: Use RAM instead of flash for confidential guest firmware, Jean-Philippe Brucker, 2024/04/19

Prev by Date: Re: [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter
Next by Date: Re: [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter
Previous by thread: [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm property
Next by thread: [PATCH v2 16/22] target/arm/cpu: Set number of breakpoints and watchpoints in KVM
Index(es):
- Date
- Thread