Document Actions  

Document:
03520: Resolve Issue #81: content: Reserve virtio-nsm device ID

Draft (A preliminary unapproved sketch, outline, or version.)

Details

Submitted By Mr. Michael S. Tsirkin on 2020-08-17 2:40 pm UTC

Publication Type

None at this time.

Group / Folder

OASIS Virtual I/O Device (VIRTIO) TC / System Ballot Results

Modified by

Not modified.

Copy

This document is not a copy.

Technical Contact

None at this time.

Download Count

224

Download Agreement

None at this time.

Description

Please vote Yes if you agree with all of the following. If you disagree, please vote No. If you don't have an opinion, please vote Abstain. I move that: The TC agrees to resolve the following specification issue: Issue #81: content: Reserve virtio-nsm device ID -------------------------------------- The NitroSecureModule is a device with a very stripped down Trusted Platform Module functionality, which is used in the context of a Nitro Enclave (see https://lkml.org/lkml/2020/4/21/1020) to provide boot time measurement and attestation. Since this device provides some critical cryptographic operations, there are a series of operations which are required to have guarantees of atomicity, ordering and consistency: operations fully succeed or fully fail, including when some external events might interfere in the process: live migration, crashes, etc; any failure in the critical section requires termination of the enclave it is attached to, so the device needs to be as resilient as possible, simplicity is strongly desired. To account for that, the device and driver are made to have very few error cases in the critical path and the operations themselves can be rolled back and retried if events happen outside the critical area, while processing a request. The driver itself can be made very simple and thus is easily portable. Since the requests can be handled directly in the virtio queue, serving most requests requires no additional buffering or memory allocations on the host side. Patch link: https://lists.oasis-open.org/archives/virtio-comment/202005/msg00093.html -------------------------------------- The TC accepts the following proposed changes to the specification: -------------------------------------- https://lists.oasis-open.org/archives/virtio-comment/202005/msg00093.html -------------------------------------- The TC agrees to include the above change(s) in specification version(s) "virtio-v1.2-cs01", and future versions of the specification. -------------------------------------- Reminder: A Voting Member must be active in a TC to maintain voting rights. As the Virtio TC has adopted a standing rule to conduct business only by electronic ballot, without Meetings, a Voting Member who fails to cast a ballot in two consecutive Work Product Ballots loses his or her voting rights at the close of the second ballot missed. --------------------------------------