Re: [PATCH v2 0/2] target/arm: make granule_protection_check usable from SMMU

Mon, 12 Jan 2026 08:30:42 -0800 

On 12/15/25 4:01 PM, Pierrick Bouvier wrote:

This series prepare granule_protection_check to be usable from SMMU, for
implementing RME feature.
It's based on Tao's commit [1] extracting ARMSecuritySpace from cpu.h header for
convenience.

[1] 
https://lore.kernel.org/qemu-devel/[email protected]/

To demonstrate the purpose, this is the (wip) change to use that from SMMU:

diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 80f48df3dda..1acff3bbd66 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -1055,12 +1056,36 @@ static SMMUTranslationStatus 
smmuv3_do_translate(SMMUv3State *s, hwaddr addr,
      }

      cached_entry = smmu_translate(bs, cfg, addr, flag, &ptw_info);
      if (desc_s2_translation) {
          cfg->asid = asid;
          cfg->stage = stage;
      }

+    if (cached_entry) {
+        /* The fields in SMMU_ROOT_GPT_BASE_CFG are the same as for GPCCR_EL3,
+         * except there is no copy of GPCCR_EL3.GPC. See SMMU_ROOT_CR0.GPCEN. 
*/
+        const bool gpc_enabled = FIELD_EX32(s->root.cr0, ROOT_CR0, GPCEN);
+        if (gpc_enabled) {
+            hwaddr paddress = CACHED_ENTRY_TO_ADDR(cached_entry, addr);
+            ARMSecuritySpace pspace = sec_sid_to_security_space(cfg->sec_sid);
+            ARMSecuritySpace ss = ARMSS_Root;
+            ARMMMUFaultInfo fi;
+
+            ARMGranuleProtectionConfig config = {
+                .gpccr = s->root.gpt_base_cfg,
+                .gptbr = s->root.gpt_base >> 12,
+                .parange = 6, /* 52 bits */
+                .support_sel2 = false,
+                .gpt_as = &s->smmu_state.as_secure_memory
+            };
+            if (!arm_granule_protection_check(config, paddress,
+                                              pspace, ss, &fi)) {
+                printf("ERROR: fi.type=%d fi.gpcf=%d\n", fi.type, fi.gpcf);
+                g_assert_not_reached();
+            }
+        }
+    }
+
      if (!cached_entry) {
          /* All faults from PTW has S2 field. */
          event->u.f_walk_eabt.s2 = (ptw_info.stage == SMMU_STAGE_2);

v2
--

- remove extra boilerplate/include/line from arm-security.h
- use local var gpccr instead of config.gpccr
- extract GPC enable check out of arm_granule_protection_check
- rename as_secure in gpt_as
- use arm_addresspace to retrieve gpt address space

Pierrick Bouvier (1):
   target/arm/ptw: make granule_protection_check usable without a cpu

Tao Tang (1):
   target/arm: Move ARMSecuritySpace to a common header

  include/hw/arm/arm-security.h | 37 ++++++++++++++++++++++
  target/arm/cpu.h              | 59 +++++++++++++++++++++--------------
  target/arm/ptw.c              | 59 ++++++++++++++++++++++-------------
  3 files changed, 110 insertions(+), 45 deletions(-)
  create mode 100644 include/hw/arm/arm-security.h



Another gentle ping.
This series has been reviewed and should be ready to be pulled.

Regards,
Pierrick

Reply via email to