Re: [PATCH 0/2] target/arm: make granule_protection_check usable from SMMU

[Pierrick Bouvier]

On 12/11/25 3:44 PM, Pierrick Bouvier wrote:

This series prepare granule_protection_check to be usable from SMMU, for
implementing RME feature.
It's based on Tao's commit [1] extracting ARMSecuritySpace from cpu.h header for
convenience.

[1] 
https://lore.kernel.org/qemu-devel/20251012150701.4127034-5-tangtao1...@phytium.com.cn/

To demonstrate the purpose, this is the (wip) change to use that from SMMU:

diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 80f48df3dda..1acff3bbd66 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -1055,12 +1056,36 @@ static SMMUTranslationStatus 
smmuv3_do_translate(SMMUv3State *s, hwaddr addr,
      }

      cached_entry = smmu_translate(bs, cfg, addr, flag, &ptw_info);
      if (desc_s2_translation) {
          cfg->asid = asid;
          cfg->stage = stage;
      }

+    if (cached_entry) {
+        hwaddr paddress = CACHED_ENTRY_TO_ADDR(cached_entry, addr);
+        ARMSecuritySpace pspace = sec_sid_to_security_space(cfg->sec_sid);
+        ARMSecuritySpace ss = ARMSS_Root;
+        ARMMMUFaultInfo fi;
+
+        ARMGranuleProtectionConfig gpc = {
+            .gpccr = s->root.gpt_base_cfg,
+            .gptbr = s->root.gpt_base >> 12,
+            .parange = 6, /* 52 bits */
+            .support_sel2 = false,
+            .as_secure = &s->smmu_state.as_secure_memory
+        };
+        /* The fields in SMMU_ROOT_GPT_BASE_CFG are the same as for GPCCR_EL3,
+         * except there is no copy of GPCCR_EL3.GPC. See SMMU_ROOT_CR0.GPCEN. 
*/
+        const bool gpc_enabled = FIELD_EX32(s->root.cr0, ROOT_CR0, GPCEN);
+        gpc.gpccr = FIELD_DP64(gpc.gpccr, GPCCR, GPC, gpc_enabled);
+        bool gpc_check = arm_granule_protection_check(gpc, paddress,
+                                                      pspace, ss, &fi);
+        if (!gpc_check) {
+            printf("ERROR: fi.type=%d fi.gpcf=%d\n", fi.type, fi.gpcf);
+            g_assert_not_reached();
+        }
+    }
+
      if (!cached_entry) {
          /* All faults from PTW has S2 field. */
          event->u.f_walk_eabt.s2 = (ptw_info.stage == SMMU_STAGE_2);

Pierrick Bouvier (1):
   target/arm/ptw: make granule_protection_check usable without a cpu

Tao Tang (1):
   target/arm: Move ARMSecuritySpace to a common header

  include/hw/arm/arm-security.h | 54 +++++++++++++++++++++++++++++++++++
  target/arm/cpu.h              | 39 ++++++++++---------------
  target/arm/ptw.c              | 41 +++++++++++++++-----------
  3 files changed, 93 insertions(+), 41 deletions(-)
  create mode 100644 include/hw/arm/arm-security.h

Sent v2:
https://lore.kernel.org/qemu-devel/20251216000122.763264-1-pierrick.bouv...@linaro.org/T/#t