On 2/21/26 2:19 AM, Tao Tang wrote:
Parse each PCI device's sec-sid property during SMMU device initialization
and cache it in SMMUDevice::sec_sid. Support "non-secure" and "secure",
default to non-secure when unspecified, and reject invalid values with an
explicit error. Use sdev->sec_sid in smmuv3_translate() to select the
register bank instead of hardcoding the non-secure context.
Keep sec-sid parsing in smmu-common, and add a SMMUv3-specific validation
hook to enforce architectural constraints: fail fast when sec-sid=secure
while SMMU_S_IDR1.SECURE_IMPL is 0 or secure AS is not available.
Typically, SEC_SID is a system-defined attribute (e.g. sideband or tied-off)
rather than something a PCIe endpoint can freely toggle in pre-RME scenario.
So this PCI sec-sid property is used as a static platform/testing knob to
drive the SMMU bank selection.
For future RME-DA + TDISP, this will need to become dynamic: the effective
state for PCIe requests is derived from PCIe IDE/TDISP T/XT
(e.g. SEC_SID = (XT || T) ? Realm : Non-secure), so we'll switch from a
static property to a runtime per-device state update when that plumbing
is added.
Signed-off-by: Tao Tang <[email protected]>
---
hw/arm/smmu-common.c | 37 ++++++++++++++++++++++++++++++++++++
hw/arm/smmuv3.c | 34 ++++++++++++++++++++++++++++++++-
include/hw/arm/smmu-common.h | 2 ++
3 files changed, 72 insertions(+), 1 deletion(-)
Reviewed-by: Pierrick Bouvier <[email protected]>
