This repo holds the work area and revisions of the non-ISA specification created by the RISC-V AP-TEE TG. This specification defines the programming interfaces (ABI) to support the Confidential VM Extension (CoVE) confidential computing architecture for RISC-V application-processor platforms.
We propose to extend the COVH get_tsm_info() call with additional information called TSM capabilities to simplify implementation of a hypervisor that supports different CoVE deployment models. Specifically, TSM informs the hypervisor via the tsm_info structure what capabilities is supports, such as support for single- or mult-step TVM creation, local and/or remote attestation, legacy interrupt handling or AIA, static or dynamic memory allocation.
Additionally, we provide a set of minor editorial changes that clarify: (1) how interrupts are injected if AIA is not supported, (2) what properties local attestation can offer for embedded platforms, (3) how TVM enables or disables injection of all interrupts (wildcard), (4) how MMIO regions are specified, (5) how TVM retrieves local attestation secret.
We propose to extend the COVH get_tsm_info() call with additional information called
TSM capabilities
to simplify implementation of a hypervisor that supports different CoVE deployment models. Specifically, TSM informs the hypervisor via thetsm_info
structure what capabilities is supports, such as support for single- or mult-step TVM creation, local and/or remote attestation, legacy interrupt handling or AIA, static or dynamic memory allocation.Additionally, we provide a set of minor editorial changes that clarify: (1) how interrupts are injected if AIA is not supported, (2) what properties local attestation can offer for embedded platforms, (3) how TVM enables or disables injection of all interrupts (wildcard), (4) how MMIO regions are specified, (5) how TVM retrieves local attestation secret.