Skip to main content

Supervisor Domains Priv. ISA Extension Emulation

Supervisor Domains Priv. ISA Extension Emulation

RISC-V International

Internship Description

Security-sensitive workloads on embedded and server platforms require isolation primitives to support many use cases that require enforcement of confidentiality and integrity for workload against software and hardware adversaries. Providing these protection properties requires architectural support for page-based physical memory isolation managed at the machine level to be able to create isolated supervisor domains which can then host isolated S/H and (V)U, V(S) mode software. A supervisor domain can extend the trusted computing base (TCB) to host isolated VMs and/or applications. The Supervisor domains task group has defined privileged ISA extensions (Smsdid, Smmtt, Smsdia, Smsedbg etc.), to be used by machine mode to isolate physical memory, and other platform resources flexibly across supervisor domains. As specified in the RISC-V Supervisor Domains specification, per-hart controls for a supervisor domain identifier can be used to program a memory tracking table (MTT) structure that will specify if a supervisor domain is allowed to access physical memory regions (at architectural page-size granularities). The MTT will be programmed by an M-mode root-domain security manager (RDSM). The mentee will primarily focus on developing extensions to Qemu to emulate the RISC-V Supervisor Domain (Smmtt) ISA extensions, and build an priv. software prototype for the M-mode RDSM using OpenSBI to demonstrate the functionality of the emulated ISA.

Repository URL

https://github.com/riscv/riscv-smmtt

Learning Objectives

Gain experience with QEMU, Spike and ACT; Gain experience with OpenSBI to build a e2e POC; work on a new priv. isa extension.

Expected Outcomes

E2e POC showing at least 2 supervisor domains isolated via the Smmtt emulation on an emulated RISC-V hart and platform. The POC should demonstrate flexible conversion of memory from one domain to another (and reclamation). The IO extensions for supervisor domains are out of scope of this POC.

Skills/Interests

Programming in C, C++, Rust preferred; good communication skills; self-starter

To apply for this job please visit mentorship.lfx.linuxfoundation.org.

View All Jobs

Stay Connected With RISC-V

We send occasional news about RISC-V technical progress, news, and events.