[Qualcomm feedback] Chapter 7.3: Clarify memory conversion/donation operation

Question

[Qualcomm feedback] Chapter 7.3: Clarify memory conversion/donation operation

rsahita opened this issue 6 months ago · 3 comments

Reference: link

The RISC-V architecture supports page types of 4KB, 2MB, 1GB and 512GB. The untrusted OS/VMM
may assign memory to the TVM at any architecture-supported page size. The TSM configures the
memory tracking table (MTT) via the TSM-driver to track the assignment of memory pages to TVMs.

Why is this authority the TSM itself? I think the sole authority is the tsm-driver in M-mode but who triggers the assignment? it has to be converted during creation time ie doesn't it come from the host and then validated by TSM?

Answer 1 · 2024-02-06T03:52:01.000Z

from Qualcomm feedback: As explained in section 8.1.1 it is actually the host triggering these transitions/assignments and the tsm driver enforces it by managing mtt

Logging to clarify in spec.

Answer 2 · 2024-03-08T23:38:50.000Z

Updated to say:

The RISC-V architecture supports page types of 4KB, 2MB, 1GB and 512GB.
The untrusted OS/VMM may assign memory to the TVM at any architecture-supported
page size. This assignment is enforced via the TSM-driver and the TSM.
Specifically, the TSM-driver configures the memory tracking table (MTT) after
enforcing the security requirements to track the assignment of memory pages to
a supervisor domain/TSM. The TSM manages subsequent assignment of memory to
TVMs.

Answer 3 · 2024-03-08T23:48:10.000Z

Addressed by PR #68
cc @ozkoyuncu