Re: [RFC 06/11] hw/arm/smmuv3: Plumb security state through core functions

[Mostafa Saleh <smostafa@google.com>]

On Thu, Aug 21, 2025 at 12:25:40AM +0800, Tao Tang wrote:
> 
> On 2025/8/19 05:28, Mostafa Saleh wrote:
> > On Wed, Aug 06, 2025 at 11:11:29PM +0800, Tao Tang wrote:
> > > To support parallel processing of secure and non-secure streams, the
> > > SMMUv3 model needs to differentiate between the two contexts throughout
> > > its core logic. This commit is the foundational step to make the code
> > > security-state aware.
> > > 
> > > An is_secure flag, which will be used in subsequent patches to represent
> > > the transaction's security state, is now plumbed through the main
> > > processing paths.
> > > 
> > > This change is purely preparatory and introduces no functional changes
> > > for the existing non-secure path. All current call sites are updated
> > > to pass is_secure = false.
> > > 
> > > This refactoring paves the way for upcoming patches that will introduce
> > > separate TLB entries for secure transactions and enable a fully
> > > parallel secure/non-secure SMMU model.
> > > 
> > I think it’s easier to review if this patch was split (STE parsing,
> > page table handling and translation, TLB invalidation)
> > Also based on my comment on patch 2, stage-2 handling doesn’t seem correct to me.
> > 
> > Thanks,
> > Mostafa
> > 
> Hi Mostafa,
> 
> Thank you your suggestion.
> 
> You've made a very good point. This patch is indeed too large and tries to
> cover too many different areas. For the v2 series, I will break this patch
> down into logical parts as you suggested (STE parsing, page table handling,
> etc.).
> 
> I also acknowledge your concern about the stage-2 handling logic from your
> comment on patch 2. I have sent a separate, detailed reply to your feedback
> on patch #2 that outlines my new understanding.
> 
> And as you commented on patch #01:
> 
> > > Inside this TCG VM, a KVM guest was launched, and the same NVMe device was
> > > re-assigned to it via VFIO.
> > > Command line of KVM VM inside TCG VM is below:
> > > 
> > > sudo qemu-system-aarch64  \
> > > -enable-kvm  -m 1024  -cpu host  -M virt \
> > > -machine virt,gic-version=3 \
> > > -cpu max -append "nokaslr" -smp 1 \
> > > -monitor stdio \
> > > -kernel 5.15.Image \
> > > -initrd rootfs.cpio.gz \
> > > -display vnc=:22,id=primary \
> > > -device vfio-pci,host=00:01.0
> > > 
> > > The KVM guest was able to perform I/O on the device
> > > correctly, confirming that the non-secure path is not broken.
> > I gave the patches a quick test and they seem to have broken my
> > nested setup, I will look more into it and let you know what I find.
> > 
> > Thanks,
> > Mostafa
> > 
> I'm sorry to hear that it has broken your environment. Please don't hesitate
> to share any details, logs, or reproduction steps when you find them. I am
> more than happy to help reproduce the issue on my end to get it fixed as
> quickly as possible.
> 
> 
> I would be delighted to hear back from you on any of the topics we've
> discussed, as any further guidance you can offer would be invaluable.
> 

So far, I couldn’t repro, I remember getting permission errors, I will
keep the patches in my stack, and will let you know if I hit that again.

Thanks,
Mostafa

> Thanks,
> 
> Tao
> 
> 
>