Julien Grall writes:
On 6/18/19 3:30 PM, Volodymyr Babchuk wrote:
Julien Grall writes:
On 18/06/2019 12:19, Volodymyr Babchuk wrote:
Hi Julien,
Hi,
Julien Grall writes:
+=item B<optee>
+Allow a guest to use OP-TEE. Note that a virtualization-aware OP-TEE +is required for this. If this option is selected, guest will be able
OOI, what happen if OP-TEE does not support virtualization. Will Xen forbid to use it?
Yes, Xen will get an error from OP-TEE during domain construction. This will lead to domain creation failure.
This is a bit odd. It means we have no way to know in advance whether OP-TEE will be able to create a client.
Yes. There can be at least two reasons for this:
- OP-TEE is built without virtualization support at all
- OP-TEE have no resources for a new guest
In other word, when the mediator is built in Xen, all existing setup with OP-TEE (and no-virtualization) will fail.
Right. If user provides DTB with 'optee' node, but OP-TEE is build without virtualization support, Dom0 will not be created. This can be fixed by adding new capability flag into OP-TEE, that tells Xen about virtualization support. For some reason I missed this when I implemented VM support in OP-TEE :(
My expectation is Xen should be able to know whether the mediator can be used.
I need to implement additional capability flag in the OP-TEE. This is not so hard, but it will be available only in the next release. For now, we can document this limitation somewhere.
Is OP-TEE already released with virtualization? If not, when will it be?
Yes, OP-TEE 3.5.0 was released on 26 April 2019 and it includes virtualization support.
+to access to the real OP-TEE OS running on the host. Guest creation
s/real// it is redundant with the rest of the sentence. However, it does not really answer to the question regarding isolation.
Your assumption is correct - OP-TEE provides isolation on its side.
+will fail if OP-TEE have no resources for a new guest. Number of supported +guests depends on OP-TEE configuration.
How about the following description (correct me if my understanding is wrong):
"Allow a guest to access the host OP-TEE OS. Xen will mediate the access to OP-TEE and the resource isolation will be provided directly by OP-TEE. OP-TEE itself may limit the number of guests that can concurrently use it. This requires a virtualization-aware OP-TEE for this to work.
This feature is a B<technology preview>."
That's much better than my version. Thank you.
How can a user know whether OP-TEE supports virtualization? Is it configurable at build?
Yes, there is a special configuration option CFG_VIRTUALIZATION. This is covered in OP-TEE documentation at [1]
[1] https://optee.readthedocs.io/architecture/virtualization.html
Do we expect the link to be stable? If so, then I think a link in the documentation would be useful.
This is the official OP-TEE documentation. So, yes, it should be stable. I can put this link into the code somewhere.
I would add the link in the xl documentation and also in the commit message of patch #2. I can do the later on commit.
It would be great. Thank you.