Re: [PATCH v5] misc: Add Nitro Secure Module driver

[Michael S. Tsirkin]

On Tue, Oct 10, 2023 at 11:29:00PM +0200, Alexander Graf wrote:
> 
> On 10.10.23 22:34, Michael S. Tsirkin wrote:
> > 
> > On Tue, Oct 10, 2023 at 07:18:15PM +0000, Alexander Graf wrote:
> > > When running Linux inside a Nitro Enclave, the hypervisor provides a
> > > special virtio device called "Nitro Security Module" (NSM). This device
> > > has 3 main functions:
> > > 
> > >    1) Provide attestation reports
> > >    2) Modify PCR state
> > >    3) Provide entropy
> > > 
> > > This patch adds a driver for NSM that exposes a /dev/nsm device node which
> > > user space can issue an ioctl on this device with raw NSM CBOR formatted
> > > commands to request attestation documents, influence PCR states, read
> > > entropy and enumerate status of the device. In addition, the driver
> > > implements a hwrng backend.
> > > 
> > > Originally-by: Petre Eftime <petre.eftime@xxxxxxxxx>
> > > Signed-off-by: Alexander Graf <graf@xxxxxxxxxx>
> > Could some documentation about how this device works be posted on virtio
> > list please?
> 
> 
> Sure! What is your preferred method to provide this? :)
> 
> Alex
> 

Posting patch adding a text file with it to virtio-comment would be best.

> 
> 
> 
> Amazon Development Center Germany GmbH
> Krausenstr. 38
> 10117 Berlin
> Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
> Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
> Sitz: Berlin
> Ust-ID: DE 289 237 879
> 
>