git.ipfire.org Git - thirdparty/systemd.git/commit

author	Jeremy Linton <jeremy.linton@arm.com>
	Fri, 10 Jan 2025 03:24:07 +0000 (21:24 -0600)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Wed, 15 Jan 2025 04:51:12 +0000 (13:51 +0900)
commit	2572bf6a39b6c548acef07fd25f461c5a88560af
tree	fcad6ce2ce861ac3cd80730ce5b43650e4bebd01	tree \| snapshot
parent	28425b73eed45b718b54b9ad57f2f943b0adfafb	commit \| diff

confidential-virt: add detection for aarch64 CCA

The arm confidential compute architecture (CCA) provides a platform design for
confidential VMs running in a new realm context.

This can be detected by the existence of a platform device exported for the
arm-cca-guest driver, which provides attestation services via the realm
services interface (RSI) to the Realm Management Monitor (RMM).

Like the other methods systemd uses to detect Confidential VM's, checking
the sysfs entry suggests that this is a confidential VM and should only be
used for informative purposes, or to trigger further attestation.

Like the s390 detection logic, the sysfs path being checked is not labeled
as ABI, and may change in the future. It was chosen because its
directly tied to the kernel's detection of the realm service interface rather
to the Trusted Security Module (TSM) which is what is being triggered by the
device entry. The TSM module has a provider string of 'arm-cca-guest' which
could also be used, but that (IMHO) doesn't currently provide any additional
benefit except that it can fail of the module isn't loaded.

More information can be found here:
https://developer.arm.com/documentation/den0125/0300

Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>

man/systemd-detect-virt.xml		diff \| blob \| blame \| history
src/basic/confidential-virt.c		diff \| blob \| blame \| history
src/basic/confidential-virt.h		diff \| blob \| blame \| history