Provide a comprehensive set of software and emulated hardware that enables a person to run Confidential Computing on Arm. This should be done through the usage of Realms without the need to have access to real hardware.
This will involve the provision of full system emulation capable of running the Realms Management Extension (RME) as defined by the Confidential Computing Architecture (CCA) specification, alongside all the software to run a full Confidential Computing solution on Arm (firmware, operating system, system libraries, virtualization management, and confidential virtual machine images).
Confidential Computing is inherently complex and covers a wide spectrum of technologies. As such we are proposing to divide the project in 6 sets for objectives. That way the project remains manageable and it provides a roadmap that is easier to understand. The first objective is to run confidential virtual machines on an existing hardware model. From there we intend to validate CCA support provided by an open source emulator and make sure that both (hardware model and emulator) provide the same behaviour. The third objective is to run Confidential Containers in confidential virtual machines while the fourth objective is to integrate CCA in Linaro’s Trusted Reference Stack (TRS), providing a delivery medium for the technology. The fifth objective is to integrate CCA in Edge related use cases such as live updates without service disruption. Lastly we plan to explore advanced scenarios like PCIe devices pass through and confidential VM live migration. Those are not fully covered by the current CCA specification but will surely be addressed in future versions.
In line with traditions, Arm drove the base CCA enablement in the firmware and Linux kernel communities. In that respect they introduced the Runtime Security Subsystem (RSS) in TF-M, added support for the RME extension in the TF-A Monitor, released the Realm Management Monitor (TF-RMM) and provided support for Realms in the Linux kernel and KVM.
Our goal is to integrate the above components to provide a set of software and emulated hardware capable of running a full Confidential Computing solution based on Realms on Arm. Even though Linaro is not alone on this task, with many companies, notably Arm, working on various parts of the solution, there is currently no one approaching the problem with a holistic view. The objective is to address challenges identified while integrating all the components of the stack in order to provide a complete reference model that can be used by others to build their own Confidential Computing solutions on top of Arm platforms.
Arms traditionally avoids making contributions to the QEMU project and as such, it was already in Linaro’s roadmap to enable RME support in QEMU emulation. This work is now completed and upstream, targeted to be available in August 2023 as part of QEMU release 8.1. So, in theory, someone would have all the basic pieces needed to run an emulated system with CCA support: Arm simulator or QEMU emulator, RSS, TF-A Monitor, TF-RMM and Linux/KVM. How well these things fit together needs to be evaluated. The accuracy of the Arm simulator and QEMU emulator with respect to the CCA specification also need to be assessed.
On the upper side of the software stack, many applications and frameworks appeared in the past years to support Confidential Computing with confidential virtual machines on other platforms, most notably AMD with their SVE-SNP support. Even though some of these applications are catching up and adding support for the Arm CCA, there is still work to be done on that side as well to make sure we have a coherent reference implementation for the virtualization management.