Re: [RFC v4 08/31] hw/arm/smmuv3: Plumb transaction attributes into config helpers

Wed, 25 Feb 2026 12:56:18 -0800 

On 2/21/26 2:02 AM, Tao Tang wrote:

As a preliminary step towards a multi-security-state configuration
cache, introduce MemTxAttrs and AddressSpace * members to the
SMMUTransCfg struct. The goal is to cache these attributes so that
internal functions can use them directly.

To facilitate this, hw/arm/arm-security.h is now included in
smmu-common.h. This is a notable change, as it marks the first time
these Arm CPU-specific security space definitions are used outside of
cpu.h, making them more generally available for device models.

The decode helpers (smmu_get_ste, smmu_get_cd, smmu_find_ste,
smmuv3_get_config) are updated to use these new attributes for memory
accesses. This ensures that reads of SMMU structures from memory, such
as the Stream Table, use the correct security context.

For the special case of smmuv3-accel.c, we only support the NS-only path
for now. Therefore, we initialize a minimal cfg with sec_sid, txattrs,
and as for the NS-only accel path.

For now, the configuration cache lookup key remains unchanged and is
still based solely on the SMMUDevice pointer. The new attributes are
populated during a cache miss in smmuv3_get_config. And some paths still
rely on the NS-only address_space_memory, for example smmuv3_notify_iova
and get_pte(). These will be progressively converted in follow-up commits
to use an AddressSpace selected according to SEC_SID.

Signed-off-by: Tao Tang <[email protected]>
---
  hw/arm/smmu-common.c         | 19 ++++++++++++++++++
  hw/arm/smmuv3-accel.c        | 12 +++++++++++-
  hw/arm/smmuv3-internal.h     |  3 ++-
  hw/arm/smmuv3.c              | 38 ++++++++++++++++++++++--------------
  include/hw/arm/smmu-common.h | 12 ++++++++++++
  5 files changed, 67 insertions(+), 17 deletions(-)

diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
index 3baba2a4c8e..b320aec8c60 100644
--- a/hw/arm/smmu-common.c
+++ b/hw/arm/smmu-common.c
@@ -30,6 +30,25 @@
  #include "hw/arm/smmu-common.h"
  #include "smmu-internal.h"
+ARMSecuritySpace smmu_get_security_space(SMMUSecSID sec_sid) 
+{
+    switch (sec_sid) {
+    case SMMU_SEC_SID_S:
+        return ARMSS_Secure;
+    case SMMU_SEC_SID_NS:
+    default:
+        return ARMSS_NonSecure;
+    }
+}
+
Would that be possible to add all switch values, and use g_assert_not_reached() for SMMU_SEC_SID_NUM. This way, when adding SMMU_SEC_SID_R, we'll be directly blocked at compilation because case is missing. 

Regards,
Pierrick

Reply via email to