On 2/21/26 2:16 AM, Tao Tang wrote:
To prevent aliasing between secure and non-secure translations for the
same address space, the IOTLB lookup key must incorporate the security
state of the transaction.
This commit:
- expands SMMUIOTLBKey with SEC_SID field for cache key differentiation
- extends SMMUIOTLBPageInvInfo with SEC_SID for invalidation filtering
- updates all IOTLB invalidation helpers (smmu_iotlb_inv_iova,
smmu_iotlb_inv_ipa, smmu_iotlb_inv_asid_vmid, smmu_iotlb_inv_vmid,
smmu_iotlb_inv_vmid_s1) to accept and filter by SEC_SID
- plumbs SEC_SID through smmuv3_range_inval for TLB invalidation
- enhances trace events to include SEC_SID for better debugging
This ensures that secure and non-secure TLB entries are treated as
distinct entities within the cache, preventing TLB pollution between
different worlds.
Signed-off-by: Tao Tang <[email protected]>
---
hw/arm/smmu-common.c | 80 ++++++++++++++++++++++++------------
hw/arm/smmu-internal.h | 2 +
hw/arm/smmuv3.c | 36 ++++++++--------
hw/arm/trace-events | 12 +++---
include/hw/arm/smmu-common.h | 16 +++++---
5 files changed, 92 insertions(+), 54 deletions(-)
Reviewed-by: Pierrick Bouvier <[email protected]>
