Skip to content

Latest commit

 

History

History
38 lines (33 loc) · 2.14 KB

charter.adoc

File metadata and controls

38 lines (33 loc) · 2.14 KB

RISC-V AP-TEE-IO TG Charter

In order to achieve high performance Input/Output (I/O) operations, Trusted Execution Environment Virtual Machines (TVM) must extend their trust boundary to include a composition of directly assigned, TEE-I/O-capable devices/functions. Without this ability, TVMs have to resort to using para-virtualized I/O using non-confidential memory regions, which has performance impacts due to memory copies and negates use of accelerators used for dense compute. This TG will define CoVE-IO ABI extensions to provide Confidential VM-assigned devices with secure direct access to confidential memory as well as MMIO and Message Signal Interrupt (MSI), removing the dependence on para-virtualized I/O.

The AP-TEE-IO TG will work on the following deliverables; where applicable, the ABI extensions are expected to extend the AP-TEE TEE-Host/TEE-Guest ABIs:

  • A normative non-ISA ABI specification between a non-TCB (host or guest) software and an AP-TEE compliant TEE Security Manager (TSM). This interface will cover:

    • Enable an untrusted OS/VMM to assign/revoke TEE-I/O devices to/from TVMs.

    • Enable TVMs to verify and attest to a device trustworthiness before accepting it into its TCB via the use of a Trusted Device Manager (TDM).

  • Requirements for IOMMU extensions (non-ISA) to support performant TEE-I/O devices DMA to confidential memory, secure MMIO and trusted MSI.

  • Non-normative extensions to the AP-TEE security recommendations to describe the software flows and protocols that may be used for device attestation and updates.

The TG will work on extending the AP-TEE PoC for an open source implementation for TEE-IO. The development of the deliverables will happen in collaboration with other SIGs/TGs that the TEE-I/O framework depends on, e.g. the AP-TEE, Hypervisor and IOMMU TGs.

Device-specific and interconnect security mechanisms required to establish and maintain trust between the TVM and its assigned devices is out-of-scope for this TG. The recommendations will refer to industry-defined frameworks to address these aspects that are being developed in DMTF (CMA/SPDM), PCI-SIG (TDISP and IDE) and CXL proposed standards.