From: Raymond Mao <raymondmaoca@gmail.com>
To: opensbi@lists.infradead.org
Cc: scott@riscstar.com, dave.patel@riscstar.com,
raymond.mao@riscstar.com, robin.randhawa@sifive.com,
samuel.holland@sifive.com, anup.patel@qti.qualcomm.com,
anuppate@qti.qualcomm.com, anup@brainfault.org,
dhaval@rivosinc.com, peter.lin@sifive.com
Subject: [RFC PATCH] sbi: add hardware isolation abstraction framework
Date: Tue, 17 Mar 2026 16:18:49 -0400 [thread overview]
Message-ID: <20260317201849.903071-1-raymondmaoca@gmail.com> (raw)
From: Raymond Mao <raymond.mao@riscstar.com>
Introduce a system-level hardware isolation framework with a
registration API and per-domain context tracking.
This establishes an abstraction that allows multiple mechanisms to
be composed while keeping core domain data structures independent
of any single platform implementation.
Signed-off-by: Raymond Mao <raymond.mao@riscstar.com>
---
include/sbi/sbi_domain.h | 4 +
include/sbi/sbi_hwiso.h | 57 +++++++++++
lib/sbi/objects.mk | 1 +
lib/sbi/sbi_hwiso.c | 215 +++++++++++++++++++++++++++++++++++++++
4 files changed, 277 insertions(+)
create mode 100644 include/sbi/sbi_hwiso.h
create mode 100644 lib/sbi/sbi_hwiso.c
diff --git a/include/sbi/sbi_domain.h b/include/sbi/sbi_domain.h
index 02765777..fc7330a6 100644
--- a/include/sbi/sbi_domain.h
+++ b/include/sbi/sbi_domain.h
@@ -14,6 +14,7 @@
#include <sbi/sbi_types.h>
#include <sbi/sbi_hartmask.h>
#include <sbi/sbi_domain_context.h>
+#include <sbi/sbi_hwiso.h>
#include <sbi/sbi_rpxy.h>
struct sbi_scratch;
@@ -199,6 +200,9 @@ struct sbi_domain {
bool system_reset_allowed;
/** Is domain allowed to suspend the system */
bool system_suspend_allowed;
+ /** Hardware isolation contexts for registered mechanisms */
+ struct sbi_hwiso_domain_ctx *hwiso_ctxs;
+ u32 hwiso_ctx_count;
/** Identifies whether to include the firmware region */
bool fw_region_inited;
};
diff --git a/include/sbi/sbi_hwiso.h b/include/sbi/sbi_hwiso.h
new file mode 100644
index 00000000..adbeb715
--- /dev/null
+++ b/include/sbi/sbi_hwiso.h
@@ -0,0 +1,57 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * System-level hardware isolation framework
+ *
+ * Copyright (c) 2026 RISCstar Solutions Corporation.
+ *
+ * Author: Raymond Mao <raymond.mao@riscstar.com>
+ */
+
+#ifndef __SBI_HWISO_H__
+#define __SBI_HWISO_H__
+
+#include <sbi/sbi_types.h>
+
+struct sbi_domain;
+
+struct sbi_hwiso_ops {
+ const char *name;
+
+ /* Boot-time init */
+ int (*init)(void *fdt);
+
+ /* Per-domain init (domain_offset refers to domain instance node) */
+ int (*domain_init)(void *fdt, int domain_offset,
+ struct sbi_domain *dom, void **ctx);
+
+ /* Before switching away from a domain */
+ void (*domain_exit)(const struct sbi_domain *src,
+ const struct sbi_domain *dst, void *ctx);
+
+ /* After switching into a domain */
+ void (*domain_enter)(const struct sbi_domain *dst,
+ const struct sbi_domain *src, void *ctx);
+
+ /* Optional cleanup */
+ void (*domain_cleanup)(struct sbi_domain *dom, void *ctx);
+};
+
+struct sbi_hwiso_domain_ctx {
+ const struct sbi_hwiso_ops *ops;
+ void *ctx;
+};
+
+int sbi_hwiso_register(const struct sbi_hwiso_ops *ops);
+
+int sbi_hwiso_init(void *fdt);
+int sbi_hwiso_domain_init(void *fdt, int domain_offset,
+ struct sbi_domain *dom);
+
+void sbi_hwiso_domain_exit(const struct sbi_domain *src,
+ const struct sbi_domain *dst);
+void sbi_hwiso_domain_enter(const struct sbi_domain *dst,
+ const struct sbi_domain *src);
+void sbi_hwiso_domain_cleanup(struct sbi_domain *dom);
+
+#endif /* __SBI_HWISO_H__ */
diff --git a/lib/sbi/objects.mk b/lib/sbi/objects.mk
index ca312ee2..6091499a 100644
--- a/lib/sbi/objects.mk
+++ b/lib/sbi/objects.mk
@@ -72,6 +72,7 @@ libsbi-objs-y += sbi_domain.o
libsbi-objs-y += sbi_emulate_csr.o
libsbi-objs-y += sbi_fifo.o
libsbi-objs-y += sbi_hart.o
+libsbi-objs-y += sbi_hwiso.o
libsbi-objs-y += sbi_heap.o
libsbi-objs-y += sbi_math.o
libsbi-objs-y += sbi_hfence.o
diff --git a/lib/sbi/sbi_hwiso.c b/lib/sbi/sbi_hwiso.c
new file mode 100644
index 00000000..5f876b33
--- /dev/null
+++ b/lib/sbi/sbi_hwiso.c
@@ -0,0 +1,215 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * System-level hardware isolation framework
+ *
+ * Copyright (c) 2026 RISCstar Solutions Corporation.
+ *
+ * Author: Raymond Mao <raymond.mao@riscstar.com>
+ */
+
+#include <libfdt.h>
+#include <sbi/sbi_console.h>
+#include <sbi/sbi_domain.h>
+#include <sbi/sbi_error.h>
+#include <sbi/sbi_heap.h>
+#include <sbi/sbi_hwiso.h>
+#include <sbi/sbi_list.h>
+
+struct sbi_hwiso_node {
+ const struct sbi_hwiso_ops *ops;
+ struct sbi_dlist node;
+};
+
+static SBI_LIST_HEAD(hwiso_ops_list);
+static u32 hwiso_ops_count;
+
+static bool hwiso_ops_registered(const struct sbi_hwiso_ops *ops)
+{
+ struct sbi_hwiso_node *entry;
+
+ sbi_list_for_each_entry(entry, &hwiso_ops_list, node) {
+ if (entry->ops == ops)
+ return true;
+ }
+
+ return false;
+}
+
+int sbi_hwiso_register(const struct sbi_hwiso_ops *ops)
+{
+ struct sbi_hwiso_node *node;
+
+ if (!ops || !ops->name)
+ return SBI_EINVAL;
+
+ if (hwiso_ops_registered(ops))
+ return SBI_EALREADY;
+
+ node = sbi_zalloc(sizeof(*node));
+ if (!node)
+ return SBI_ENOMEM;
+
+ node->ops = ops;
+ SBI_INIT_LIST_HEAD(&node->node);
+ sbi_list_add_tail(&node->node, &hwiso_ops_list);
+ hwiso_ops_count++;
+
+ return 0;
+}
+
+int sbi_hwiso_init(void *fdt)
+{
+ struct sbi_hwiso_node *entry;
+ int rc;
+
+ sbi_list_for_each_entry(entry, &hwiso_ops_list, node) {
+ if (!entry->ops->init)
+ continue;
+
+ rc = entry->ops->init(fdt);
+ if (rc == SBI_ENOMEM)
+ return rc;
+ if (rc)
+ sbi_printf("hwiso: %s init failed (error %d)\n",
+ entry->ops->name, rc);
+ }
+
+ return 0;
+}
+
+static void hwiso_warn_unknown_nodes(void *fdt, int domain_offset)
+{
+ int hoff, child;
+ struct sbi_hwiso_node *entry;
+ bool known;
+
+ if (!fdt || (domain_offset < 0))
+ return;
+
+ hoff = fdt_subnode_offset(fdt, domain_offset, "hw-isolation");
+ if (hoff < 0)
+ return;
+
+ fdt_for_each_subnode(child, fdt, hoff) {
+ known = false;
+ sbi_list_for_each_entry(entry, &hwiso_ops_list, node) {
+ if (!fdt_node_check_compatible(
+ fdt, child, entry->ops->name)) {
+ known = true;
+ break;
+ }
+ }
+
+ if (!known)
+ sbi_printf("hwiso: unknown mechanism at %s\n",
+ fdt_get_name(fdt, child, NULL));
+ }
+}
+
+int sbi_hwiso_domain_init(void *fdt, int domain_offset,
+ struct sbi_domain *dom)
+{
+ struct sbi_hwiso_node *entry;
+ struct sbi_hwiso_domain_ctx *ctxs;
+ void *ctx;
+ u32 idx = 0;
+ int rc;
+
+ if (!dom)
+ return 0;
+
+ if (!hwiso_ops_count) {
+ hwiso_warn_unknown_nodes(fdt, domain_offset);
+ return 0;
+ }
+
+ ctxs = sbi_calloc(sizeof(*ctxs), hwiso_ops_count);
+ if (!ctxs)
+ return SBI_ENOMEM;
+
+ dom->hwiso_ctxs = ctxs;
+ dom->hwiso_ctx_count = hwiso_ops_count;
+
+ sbi_list_for_each_entry(entry, &hwiso_ops_list, node) {
+ ctxs[idx].ops = entry->ops;
+ ctxs[idx].ctx = NULL;
+ ctx = NULL;
+
+ if (entry->ops->domain_init) {
+ rc = entry->ops->domain_init(fdt, domain_offset,
+ dom, &ctx);
+ if (rc == SBI_ENOMEM) {
+ sbi_hwiso_domain_cleanup(dom);
+ return rc;
+ }
+ if (rc) {
+ sbi_printf("hwiso: %s domain init failed"
+ " (error %d)\n",
+ entry->ops->name, rc);
+ ctx = NULL;
+ }
+ }
+
+ ctxs[idx].ctx = ctx;
+ idx++;
+ }
+
+ hwiso_warn_unknown_nodes(fdt, domain_offset);
+
+ return 0;
+}
+
+void sbi_hwiso_domain_exit(const struct sbi_domain *src,
+ const struct sbi_domain *dst)
+{
+ u32 i;
+
+ if (!src || !src->hwiso_ctxs)
+ return;
+
+ for (i = 0; i < src->hwiso_ctx_count; i++) {
+ if (!src->hwiso_ctxs[i].ops ||
+ !src->hwiso_ctxs[i].ops->domain_exit)
+ continue;
+ src->hwiso_ctxs[i].ops->domain_exit(
+ src, dst, src->hwiso_ctxs[i].ctx);
+ }
+}
+
+void sbi_hwiso_domain_enter(const struct sbi_domain *dst,
+ const struct sbi_domain *src)
+{
+ u32 i;
+
+ if (!dst || !dst->hwiso_ctxs)
+ return;
+
+ for (i = 0; i < dst->hwiso_ctx_count; i++) {
+ if (!dst->hwiso_ctxs[i].ops ||
+ !dst->hwiso_ctxs[i].ops->domain_enter)
+ continue;
+ dst->hwiso_ctxs[i].ops->domain_enter(
+ dst, src, dst->hwiso_ctxs[i].ctx);
+ }
+}
+
+void sbi_hwiso_domain_cleanup(struct sbi_domain *dom)
+{
+ u32 i;
+
+ if (!dom || !dom->hwiso_ctxs)
+ return;
+
+ for (i = 0; i < dom->hwiso_ctx_count; i++) {
+ if (!dom->hwiso_ctxs[i].ops ||
+ !dom->hwiso_ctxs[i].ops->domain_cleanup)
+ continue;
+ dom->hwiso_ctxs[i].ops->domain_cleanup(
+ dom, dom->hwiso_ctxs[i].ctx);
+ }
+
+ sbi_free(dom->hwiso_ctxs);
+ dom->hwiso_ctxs = NULL;
+ dom->hwiso_ctx_count = 0;
+}
--
2.25.1
--
opensbi mailing list
opensbi@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/opensbi
next reply other threads:[~2026-03-17 20:19 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-17 20:18 Raymond Mao [this message]
2026-04-05 7:24 ` [RFC PATCH] sbi: add hardware isolation abstraction framework Yu-Chien Peter Lin
2026-04-07 15:46 ` Raymond Mao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260317201849.903071-1-raymondmaoca@gmail.com \
--to=raymondmaoca@gmail.com \
--cc=anup.patel@qti.qualcomm.com \
--cc=anup@brainfault.org \
--cc=anuppate@qti.qualcomm.com \
--cc=dave.patel@riscstar.com \
--cc=dhaval@rivosinc.com \
--cc=opensbi@lists.infradead.org \
--cc=peter.lin@sifive.com \
--cc=raymond.mao@riscstar.com \
--cc=robin.randhawa@sifive.com \
--cc=samuel.holland@sifive.com \
--cc=scott@riscstar.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox