Arm SMMUv3 uses a SEC_SID (StreamID Security state) to determine the security state of the programming interface that controls a transaction. The architecture explicitly states that the association between a device and its SEC_SID is a system-defined property, not something derived from the physical address space.
We need a way to represent this system-defined SEC_SID for PCI devices if we want to implement SMMU's Secure state. So that SMMUv3 can select the correct register bank and configuration when handling their streams. This patch adds a new char *sec_sid field to PCIDevice, together with a "sec-sid" QOM property. The property is intended to carry the platform-defined SEC_SID for the device; for now only Non-secure and Secure security states are supported. Future RME-DA/TDISP work will use the PCIe TDISP/DTI protocol to model Realm and Non-secure streams, instead of extending this static field. Signed-off-by: Tao Tang <[email protected]> --- hw/pci/pci.c | 7 +++++++ include/hw/pci/pci_device.h | 3 +++ 2 files changed, 10 insertions(+) diff --git a/hw/pci/pci.c b/hw/pci/pci.c index 90d6d71efdc..aca0509f705 100644 --- a/hw/pci/pci.c +++ b/hw/pci/pci.c @@ -98,6 +98,13 @@ static const Property pci_props[] = { DEFINE_PROP_STRING("sriov-pf", PCIDevice, sriov_pf), DEFINE_PROP_BIT("x-pcie-ext-tag", PCIDevice, cap_present, QEMU_PCIE_EXT_TAG_BITNR, true), + + /* + * System-defined, statically configured SEC_SID for this PCI device, used + * by Arm SMMU. Only support "non-secure" and "secure" security states. + */ + DEFINE_PROP_STRING("sec-sid", PCIDevice, sec_sid), + { .name = "busnr", .info = &prop_pci_busnr }, }; diff --git a/include/hw/pci/pci_device.h b/include/hw/pci/pci_device.h index 88ccea50113..47ed4a13e40 100644 --- a/include/hw/pci/pci_device.h +++ b/include/hw/pci/pci_device.h @@ -184,6 +184,9 @@ struct PCIDevice { uint32_t max_bounce_buffer_size; char *sriov_pf; + + /* Arm SMMU SEC_SID */ + char *sec_sid; }; static inline int pci_intx(PCIDevice *pci_dev) -- 2.34.1
