Hi Eric,
On 2025/12/11 02:45, Eric Auger wrote:
On 11/26/25 4:45 PM, Tao Tang wrote:
Add a qtest suite that validates ARM SMMUv3 translation without guest
firmware or OS. The tests leverage iommu-testdev to trigger DMA
operations and the qos-smmuv3 library to configure IOMMU translation
structures.
This test suite targets the virt machine and covers:
- Stage 1 only translation (VA -> PA via CD page tables)
- Stage 2 only translation (IPA -> PA via STE S2 tables)
- Nested translation (VA -> IPA -> PA, Stage 1 + Stage 2)
- Design to extended to support multiple security spaces
(Non-Secure, Secure, Root, Realm)
Each test case follows this sequence:
1. Initialize SMMUv3 with appropriate command/event queues
2. Build translation tables (STE/CD/PTE) for the target scenario
3. Configure iommu-testdev with IOVA and DMA attributes via MMIO
4. Trigger DMA and validate successful translation
5. Verify data integrity through a deterministic write-read pattern
This bare-metal approach provides deterministic IOMMU testing with
minimal dependencies, making failures directly attributable to the SMMU
translation path.
Signed-off-by: Tao Tang <[email protected]>
---
tests/qtest/iommu-smmuv3-test.c | 114 ++++++++++++++++++++++++++++++++
tests/qtest/meson.build | 1 +
2 files changed, 115 insertions(+)
create mode 100644 tests/qtest/iommu-smmuv3-test.c
diff --git a/tests/qtest/iommu-smmuv3-test.c b/tests/qtest/iommu-smmuv3-test.c
new file mode 100644
index 0000000000..af438ecce0
--- /dev/null
+++ b/tests/qtest/iommu-smmuv3-test.c
@@ -0,0 +1,114 @@
+/*
+ * QTest for SMMUv3 with iommu-testdev
+ *
+ * This QTest file is used to test the SMMUv3 with iommu-testdev so that we can
+ * test SMMUv3 without any guest kernel or firmware.
+ *
+ * Copyright (c) 2025 Phytium Technology
+ *
+ * Author:
+ * Tao Tang <[email protected]>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "libqtest.h"
+#include "libqos/pci.h"
+#include "libqos/generic-pcihost.h"
+#include "hw/pci/pci_regs.h"
+#include "hw/misc/iommu-testdev.h"
+#include "libqos/qos-smmuv3.h"
+
+#define DMA_LEN 4
+
+/* Test configurations for different SMMU modes and spaces */
+static const QSMMUTestConfig base_test_configs[] = {
+ {
+ .trans_mode = QSMMU_TM_S1_ONLY,
+ .sec_sid = QSMMU_SEC_SID_NONSECURE,
+ .dma_iova = QSMMU_IOVA_OR_IPA,
what does this mean? QSMMU_IOVA_OR_IPA
Eric
`QSMMU_IOVA_OR_IPA` was intended to represent the address that is seen
as the *input* to the SMMU in the test. In other words:
- for the S1-only and nested cases, this value is used as the IOVA, and
- for the S2-only case, the same numeric value is used as the IPA.
So conceptually it is “the address fed into the IOMMU”, and the actual
interpretation depends on `trans_mode`.
I agree the name `IOVA_OR_IPA` is confusing and does not make this model
very clear.
Maybe we could use `QSMMU_DMA_INPUT_ADDR` instead?
Thanks for catching this.
Tao
