Hi Eric,
On 2026/3/3 01:34, Eric Auger wrote:
On 2/21/26 11:16 AM, Tao Tang wrote:
This is a non-functional preparation step that adds storage for
resolved security state in SMMUTLBEntry.
Add the "why"in the commit description.
Together with the earlier commits that added NSCFG handling and
PTE NS/NSTable helpers, the plumbing is complete and we can now
refactor the PTW flow to handle Secure state.
Signed-off-by: Tao Tang <[email protected]>
---
include/hw/arm/smmu-common.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
index bd88e599c77..b0a02e12fe6 100644
--- a/include/hw/arm/smmu-common.h
+++ b/include/hw/arm/smmu-common.h
@@ -91,6 +91,7 @@ typedef struct SMMUTLBEntry {
uint8_t level;
uint8_t granule;
IOMMUAccessFlags parent_perm;
+ SMMUSecSID sec_sid;
} SMMUTLBEntry;
what does it need to be part of the actual entry and not only of the key?
sec_sid does not need to live in SMMUTLBEntry. After rechecking the
code, SMMUTLBEntry.sec_sid is only consumed in:
smmu_ptw_64_s1
if (current_ns) {
tlbe->sec_sid = SMMU_SEC_SID_NS;
} else {
tlbe->sec_sid = PTE_NS(pte) ? SMMU_SEC_SID_NS : SMMU_SEC_SID_S;
}
tlbe->entry.target_as = (tlbe->sec_sid == SMMU_SEC_SID_S)
? &bs->secure_memory_as : &bs->memory_as;
tlbe->entry.translated_addr = gpa;
and smmu_ptw_64_s2:
tlbe->sec_sid = SMMU_SEC_SID_NS;
tlbe->entry.target_as = cfg->ns_as;
tlbe->entry.translated_addr = gpa;
to get the target_as. So keeping it in the cached entry is unnecessary
if we use a local sec_sid instead.
I’ll drop this field and keep the security-state handling local to the
walk instead. If we later need it for TLB disambiguation, it belongs in
the lookup key rather than the entry payload.
Thanks for the catch.
Tao
