On 8/10/25 9:54 AM, Tao Tang wrote:
+/* Macro for secure read validation - returns RAZ if validation
fails */
+#define SMMU_CHECK_SECURE_READ(reg_name) \
+ do { \
+ if (!smmu_validate_secure_read(attrs, secure_impl, offset, \
+ reg_name, data)) { \
+ return MEMTX_OK; \
+ } \
+ } while (0)
+
For this, and previous macros, shouldn't we return MEMTX_ERROR instead?
According to ARM IHI 0070 G.b page 87/:
/
/When SMMU_S_IDR1.SECURE_IMPL == 0, /
/ - The SMMU does not support the Secure state/
/ - SMMU_S_* registers are RAZ/WI to all accesses./
RAZ/WI is indeed a deterministic hardware behavior, and I think it is
architecturally distinct from conditions like a Terminate or a Fault.
While the software might not get a "real" value from a register (it gets
zeros) or its write might have no effect, the hardware access itself
completes without any protocol-level error.
This is my current understanding, but I'm keen to hear if anyone has a
different perspective or sees it differently.
This looks like the expected behaviour indeed.
Thanks for sharing the reference.
