Re: [RFC v4 15/31] hw/arm/smmuv3: Tag IOTLB cache keys with SEC_SID

Thu, 05 Mar 2026 07:56:22 -0800 

Hi Eric,

On 2026/3/3 15:40, Eric Auger wrote:


On 2/21/26 11:16 AM, Tao Tang wrote:

To prevent aliasing between secure and non-secure translations for the
same address space, the IOTLB lookup key must incorporate the security
state of the transaction.

This commit:
- expands SMMUIOTLBKey with SEC_SID field for cache key differentiation
- extends SMMUIOTLBPageInvInfo with SEC_SID for invalidation filtering
- updates all IOTLB invalidation helpers (smmu_iotlb_inv_iova,
   smmu_iotlb_inv_ipa, smmu_iotlb_inv_asid_vmid, smmu_iotlb_inv_vmid,
   smmu_iotlb_inv_vmid_s1) to accept and filter by SEC_SID
- plumbs SEC_SID through smmuv3_range_inval for TLB invalidation
- enhances trace events to include SEC_SID for better debugging

This ensures that secure and non-secure TLB entries are treated as
distinct entities within the cache, preventing TLB pollution between
different worlds.

Signed-off-by: Tao Tang <[email protected]>
---
  hw/arm/smmu-common.c         | 80 ++++++++++++++++++++++++------------
  hw/arm/smmu-internal.h       |  2 +
  hw/arm/smmuv3.c              | 36 ++++++++--------
  hw/arm/trace-events          | 12 +++---
  include/hw/arm/smmu-common.h | 16 +++++---
  5 files changed, 92 insertions(+), 54 deletions(-)

diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c
index 84e71df6767..bb43430cc3b 100644
--- a/hw/arm/smmu-common.c
+++ b/hw/arm/smmu-common.c
@@ -95,7 +95,7 @@ static guint smmu_iotlb_key_hash(gconstpointer v)

  
      /* Jenkins hash */

      a = b = c = JHASH_INITVAL + sizeof(*key);
-    a += key->asid + key->vmid + key->level + key->tg;
+    a += key->asid + key->vmid + key->level + key->tg + key->sec_sid;
      b += extract64(key->iova, 0, 32);
      c += extract64(key->iova, 32, 32);

  
@@ -111,14 +111,15 @@ static gboolean smmu_iotlb_key_equal(gconstpointer v1, gconstpointer v2)
  
      return (k1->asid == k2->asid) && (k1->iova == k2->iova) &&

             (k1->level == k2->level) && (k1->tg == k2->tg) &&
-           (k1->vmid == k2->vmid);
+           (k1->vmid == k2->vmid) && (k1->sec_sid == k2->sec_sid);
  }

  
  SMMUIOTLBKey smmu_get_iotlb_key(int asid, int vmid, uint64_t iova,

-                                uint8_t tg, uint8_t level)
+                                uint8_t tg, uint8_t level,
+                                SMMUSecSID sec_sid)
  {
      SMMUIOTLBKey key = {.asid = asid, .vmid = vmid, .iova = iova,
-                        .tg = tg, .level = level};
+                        .tg = tg, .level = level, .sec_sid = sec_sid};

  
      return key;

  }
@@ -140,7 +141,7 @@ static SMMUTLBEntry *smmu_iotlb_lookup_all_levels(SMMUState 
*bs,
          SMMUIOTLBKey key;

  
          key = smmu_get_iotlb_key(cfg->asid, cfg->s2cfg.vmid,

-                                 iova & ~mask, tg, level);
+                                 iova & ~mask, tg, level, cfg->sec_sid);
          entry = g_hash_table_lookup(bs->iotlb, &key);
          if (entry) {
              break;
@@ -204,7 +205,7 @@ void smmu_iotlb_insert(SMMUState *bs, SMMUTransCfg *cfg, 
SMMUTLBEntry *new)
      }

  
      *key = smmu_get_iotlb_key(cfg->asid, cfg->s2cfg.vmid, new->entry.iova,

-                              tg, new->level);
+                              tg, new->level, cfg->sec_sid);
      trace_smmu_iotlb_insert(cfg->asid, cfg->s2cfg.vmid, new->entry.iova,
                              tg, new->level);

Please update all tracepoints with the additional sec_sid. See also
trace_smmu_iotlb_lookup_hit/miss



Thanks for the review. I'll check all of them.



One question, the spec says in "TLB tagging, VMIDs, ASIDs and
participation in boradcats TLB maintenance" that cached trasnlations are
tagged with
"A translation regime, given by the STE’s StreamWorld and derived in
part from STE.STRW"

Can you confirm this matches our sec_sid?




For this RFC, my intent was narrower than the full architectural 
StreamWorld model. The immediate goal of adding sec_sid to the IOTLB key 
was to prevent obvious aliasing between Secure and Non-secure cached 
translations in the current implementation, and to make lookup / 
invalidation consistently security-state-aware.




Even though in the earlier discussion we clarified that, under the 
current sec-sid property framework, a device may effectively have only a 
single security state, making the IOTLB key security-state-aware still 
avoids unintended aliasing and keeps the behavior consistent with the 
intended model.



Strictly speaking, though, I agree this is not yet the full 
architectural tagging model. As the spec says, cached translations are 
tagged by the translation regime (StreamWorld), with ASID and VMID where 
applicable, and StreamWorld is derived from more than just the stream 
security state. So sec_sid here should be viewed as a coarse proxy for 
the currently implemented subset, not as a claim that we already model 
the complete StreamWorld space. I think this deserved more comments 
before the whole TLB tagging is implemented. Or we should implment it in 
this series?



Best regards,

Tao



Thanks

Eric

      g_hash_table_insert(bs->iotlb, key, new);
@@ -223,26 +224,29 @@ static gboolean smmu_hash_remove_by_asid_vmid(gpointer 
key, gpointer value,
      SMMUIOTLBKey *iotlb_key = (SMMUIOTLBKey *)key;

  
      return (SMMU_IOTLB_ASID(*iotlb_key) == info->asid) &&

-           (SMMU_IOTLB_VMID(*iotlb_key) == info->vmid);
+           (SMMU_IOTLB_VMID(*iotlb_key) == info->vmid) &&
+           (SMMU_IOTLB_SEC_SID(*iotlb_key) == info->sec_sid);
  }

  
  static gboolean smmu_hash_remove_by_vmid(gpointer key, gpointer value,

                                           gpointer user_data)
  {
-    int vmid = *(int *)user_data;
+    SMMUIOTLBPageInvInfo *info = (SMMUIOTLBPageInvInfo *)user_data;
      SMMUIOTLBKey *iotlb_key = (SMMUIOTLBKey *)key;

  
-    return SMMU_IOTLB_VMID(*iotlb_key) == vmid;

+    return (SMMU_IOTLB_VMID(*iotlb_key) == info->vmid) &&
+           (SMMU_IOTLB_SEC_SID(*iotlb_key) == info->sec_sid);
  }

  
  static gboolean smmu_hash_remove_by_vmid_s1(gpointer key, gpointer value,

                                              gpointer user_data)
  {
-    int vmid = *(int *)user_data;
+    SMMUIOTLBPageInvInfo *info = (SMMUIOTLBPageInvInfo *)user_data;
      SMMUIOTLBKey *iotlb_key = (SMMUIOTLBKey *)key;

  
-    return (SMMU_IOTLB_VMID(*iotlb_key) == vmid) &&

-           (SMMU_IOTLB_ASID(*iotlb_key) >= 0);
+    return (SMMU_IOTLB_VMID(*iotlb_key) == info->vmid) &&
+           (SMMU_IOTLB_ASID(*iotlb_key) >= 0) &&
+           (SMMU_IOTLB_SEC_SID(*iotlb_key) == info->sec_sid);
  }

  
  static gboolean smmu_hash_remove_by_asid_vmid_iova(gpointer key, gpointer value,

@@ -259,6 +263,9 @@ static gboolean smmu_hash_remove_by_asid_vmid_iova(gpointer 
key, gpointer value,
      if (info->vmid >= 0 && info->vmid != SMMU_IOTLB_VMID(iotlb_key)) {
          return false;
      }
+    if (info->sec_sid != SMMU_IOTLB_SEC_SID(iotlb_key)) {
+        return false;
+    }
      return ((info->iova & ~entry->addr_mask) == entry->iova) ||
             ((entry->iova & ~info->mask) == info->iova);
  }
@@ -278,6 +285,9 @@ static gboolean smmu_hash_remove_by_vmid_ipa(gpointer key, 
gpointer value,
      if (info->vmid != SMMU_IOTLB_VMID(iotlb_key)) {
          return false;
      }
+    if (info->sec_sid != SMMU_IOTLB_SEC_SID(iotlb_key)) {
+        return false;
+    }
      return ((info->iova & ~entry->addr_mask) == entry->iova) ||
             ((entry->iova & ~info->mask) == info->iova);
  }
@@ -323,13 +333,15 @@ void smmu_configs_inv_sdev(SMMUState *s, SMMUDevice *sdev)
  }

  
  void smmu_iotlb_inv_iova(SMMUState *s, int asid, int vmid, dma_addr_t iova,

-                         uint8_t tg, uint64_t num_pages, uint8_t ttl)
+                         uint8_t tg, uint64_t num_pages, uint8_t ttl,
+                         SMMUSecSID sec_sid)
  {
      /* if tg is not set we use 4KB range invalidation */
      uint8_t granule = tg ? tg * 2 + 10 : 12;

  
      if (ttl && (num_pages == 1) && (asid >= 0)) {

-        SMMUIOTLBKey key = smmu_get_iotlb_key(asid, vmid, iova, tg, ttl);
+        SMMUIOTLBKey key = smmu_get_iotlb_key(asid, vmid, iova,
+                                              tg, ttl, sec_sid);

  
          if (g_hash_table_remove(s->iotlb, &key)) {

              return;
@@ -343,7 +355,8 @@ void smmu_iotlb_inv_iova(SMMUState *s, int asid, int vmid, 
dma_addr_t iova,
      SMMUIOTLBPageInvInfo info = {
          .asid = asid, .iova = iova,
          .vmid = vmid,
-        .mask = (num_pages * 1 << granule) - 1};
+        .mask = (num_pages * 1 << granule) - 1,
+        .sec_sid = sec_sid};

  
      g_hash_table_foreach_remove(s->iotlb,

                                  smmu_hash_remove_by_asid_vmid_iova,
@@ -355,13 +368,15 @@ void smmu_iotlb_inv_iova(SMMUState *s, int asid, int 
vmid, dma_addr_t iova,
   * in Stage-1 invalidation ASID = -1, means don't care.
   */
  void smmu_iotlb_inv_ipa(SMMUState *s, int vmid, dma_addr_t ipa, uint8_t tg,
-                        uint64_t num_pages, uint8_t ttl)
+                        uint64_t num_pages, uint8_t ttl,
+                        SMMUSecSID sec_sid)
  {
      uint8_t granule = tg ? tg * 2 + 10 : 12;
      int asid = -1;

  
     if (ttl && (num_pages == 1)) {

-        SMMUIOTLBKey key = smmu_get_iotlb_key(asid, vmid, ipa, tg, ttl);
+        SMMUIOTLBKey key = smmu_get_iotlb_key(asid, vmid, ipa,
+                                              tg, ttl, sec_sid);

  
          if (g_hash_table_remove(s->iotlb, &key)) {

              return;
@@ -371,34 +386,47 @@ void smmu_iotlb_inv_ipa(SMMUState *s, int vmid, 
dma_addr_t ipa, uint8_t tg,
      SMMUIOTLBPageInvInfo info = {
          .iova = ipa,
          .vmid = vmid,
-        .mask = (num_pages << granule) - 1};
+        .mask = (num_pages << granule) - 1,
+        .sec_sid = sec_sid};

  
      g_hash_table_foreach_remove(s->iotlb,

                                  smmu_hash_remove_by_vmid_ipa,
                                  &info);
  }

  
-void smmu_iotlb_inv_asid_vmid(SMMUState *s, int asid, int vmid)

+void smmu_iotlb_inv_asid_vmid(SMMUState *s, int asid, int vmid,
+                              SMMUSecSID sec_sid)
  {
      SMMUIOTLBPageInvInfo info = {
          .asid = asid,
          .vmid = vmid,
+        .sec_sid = sec_sid,
      };

  
-    trace_smmu_iotlb_inv_asid_vmid(asid, vmid);

+    trace_smmu_iotlb_inv_asid_vmid(sec_sid, asid, vmid);
      g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_asid_vmid, 
&info);
  }

  
-void smmu_iotlb_inv_vmid(SMMUState *s, int vmid)

+void smmu_iotlb_inv_vmid(SMMUState *s, int vmid, SMMUSecSID sec_sid)
  {
-    trace_smmu_iotlb_inv_vmid(vmid);
-    g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_vmid, &vmid);
+    SMMUIOTLBPageInvInfo info = {
+        .vmid = vmid,
+        .sec_sid = sec_sid,
+    };
+
+    trace_smmu_iotlb_inv_vmid(sec_sid, vmid);
+    g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_vmid, &info);
  }

  
-void smmu_iotlb_inv_vmid_s1(SMMUState *s, int vmid)

+void smmu_iotlb_inv_vmid_s1(SMMUState *s, int vmid, SMMUSecSID sec_sid)
  {
-    trace_smmu_iotlb_inv_vmid_s1(vmid);
-    g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_vmid_s1, &vmid);
+    SMMUIOTLBPageInvInfo info = {
+        .vmid = vmid,
+        .sec_sid = sec_sid,
+    };
+
+    trace_smmu_iotlb_inv_vmid_s1(sec_sid, vmid);
+    g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_vmid_s1, &info);
  }

  
  /* VMSAv8-64 Translation */

diff --git a/hw/arm/smmu-internal.h b/hw/arm/smmu-internal.h
index a0454f720da..5ddd0372d5b 100644
--- a/hw/arm/smmu-internal.h
+++ b/hw/arm/smmu-internal.h
@@ -145,12 +145,14 @@ static inline int pgd_concat_idx(int start_level, int 
granule_sz,

  
  #define SMMU_IOTLB_ASID(key) ((key).asid)

  #define SMMU_IOTLB_VMID(key) ((key).vmid)
+#define SMMU_IOTLB_SEC_SID(key) ((key).sec_sid)

  
  typedef struct SMMUIOTLBPageInvInfo {

      int asid;
      int vmid;
      uint64_t iova;
      uint64_t mask;
+    SMMUSecSID sec_sid;
  } SMMUIOTLBPageInvInfo;

  
  #endif

diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 504161ce06d..4a4de719a7c 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -1279,7 +1279,8 @@ static void smmuv3_inv_notifiers_iova(SMMUState *s, int 
asid, int vmid,
      }
  }

  
-static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)

+static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage,
+                               SMMUSecSID sec_sid)
  {
      dma_addr_t end, addr = CMD_ADDR(cmd);
      uint8_t type = CMD_TYPE(cmd);
@@ -1304,12 +1305,13 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, 
SMMUStage stage)
      }

  
      if (!tg) {

-        trace_smmuv3_range_inval(vmid, asid, addr, tg, 1, ttl, leaf, stage);
+        trace_smmuv3_range_inval(sec_sid, vmid, asid, addr,
+                                 tg, 1, ttl, leaf, stage);
          smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1, stage);
          if (stage == SMMU_STAGE_1) {
-            smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, 1, ttl);
+            smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, 1, ttl, sec_sid);
          } else {
-            smmu_iotlb_inv_ipa(s, vmid, addr, tg, 1, ttl);
+            smmu_iotlb_inv_ipa(s, vmid, addr, tg, 1, ttl, sec_sid);
          }
          return;
      }
@@ -1326,13 +1328,15 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, 
SMMUStage stage)
          uint64_t mask = dma_aligned_pow2_mask(addr, end, 64);

  
          num_pages = (mask + 1) >> granule;

-        trace_smmuv3_range_inval(vmid, asid, addr, tg, num_pages,
-                                 ttl, leaf, stage);
-        smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages, stage);
+        trace_smmuv3_range_inval(sec_sid, vmid, asid, addr, tg,
+                                 num_pages, ttl, leaf, stage);
+        smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg,
+                                  num_pages, stage);
          if (stage == SMMU_STAGE_1) {
-            smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, num_pages, ttl);
+            smmu_iotlb_inv_iova(s, asid, vmid, addr, tg,
+                                num_pages, ttl, sec_sid);
          } else {
-            smmu_iotlb_inv_ipa(s, vmid, addr, tg, num_pages, ttl);
+            smmu_iotlb_inv_ipa(s, vmid, addr, tg, num_pages, ttl, sec_sid);
          }
          addr += mask + 1;
      }
@@ -1474,9 +1478,9 @@ static int smmuv3_cmdq_consume(SMMUv3State *s, Error 
**errp)
                  vmid = CMD_VMID(&cmd);
              }

  
-            trace_smmuv3_cmdq_tlbi_nh_asid(asid);

+            trace_smmuv3_cmdq_tlbi_nh_asid(sec_sid, asid);
              smmu_inv_notifiers_all(&s->smmu_state);
-            smmu_iotlb_inv_asid_vmid(bs, asid, vmid);
+            smmu_iotlb_inv_asid_vmid(bs, asid, vmid, sec_sid);
              if (!smmuv3_accel_issue_inv_cmd(s, &cmd, NULL, errp)) {
                  cmd_error = SMMU_CERROR_ILL;
                  break;
@@ -1498,8 +1502,8 @@ static int smmuv3_cmdq_consume(SMMUv3State *s, Error 
**errp)
               */
              if (STAGE2_SUPPORTED(s)) {
                  vmid = CMD_VMID(&cmd);
-                trace_smmuv3_cmdq_tlbi_nh(vmid);
-                smmu_iotlb_inv_vmid_s1(bs, vmid);
+                trace_smmuv3_cmdq_tlbi_nh(sec_sid, vmid);
+                smmu_iotlb_inv_vmid_s1(bs, vmid, sec_sid);
                  break;
              }
              QEMU_FALLTHROUGH;
@@ -1519,7 +1523,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s, Error 
**errp)
                  cmd_error = SMMU_CERROR_ILL;
                  break;
              }
-            smmuv3_range_inval(bs, &cmd, SMMU_STAGE_1);
+            smmuv3_range_inval(bs, &cmd, SMMU_STAGE_1, SMMU_SEC_SID_NS);
              if (!smmuv3_accel_issue_inv_cmd(s, &cmd, NULL, errp)) {
                  cmd_error = SMMU_CERROR_ILL;
                  break;
@@ -1536,7 +1540,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s, Error 
**errp)

  
              trace_smmuv3_cmdq_tlbi_s12_vmid(vmid);

              smmu_inv_notifiers_all(&s->smmu_state);
-            smmu_iotlb_inv_vmid(bs, vmid);
+            smmu_iotlb_inv_vmid(bs, vmid, SMMU_SEC_SID_NS);
              break;
          }
          case SMMU_CMD_TLBI_S2_IPA:
@@ -1548,7 +1552,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s, Error 
**errp)
               * As currently only either s1 or s2 are supported
               * we can reuse same function for s2.
               */
-            smmuv3_range_inval(bs, &cmd, SMMU_STAGE_2);
+            smmuv3_range_inval(bs, &cmd, SMMU_STAGE_2, SMMU_SEC_SID_NS);
              break;
          case SMMU_CMD_ATC_INV:
          {
diff --git a/hw/arm/trace-events b/hw/arm/trace-events
index 9c2cc131ab4..4e360b3c0d3 100644
--- a/hw/arm/trace-events
+++ b/hw/arm/trace-events
@@ -18,9 +18,9 @@ smmu_ptw_page_pte(int stage, int level,  uint64_t iova, 
uint64_t baseaddr, uint6
  smmu_ptw_block_pte(int stage, int level, uint64_t baseaddr, uint64_t pteaddr, uint64_t pte, uint64_t iova, uint64_t gpa, int bsize_mb) 
"stage=%d level=%d base@=0x%"PRIx64" pte@=0x%"PRIx64" pte=0x%"PRIx64" iova=0x%"PRIx64" block 
address = 0x%"PRIx64" block size = %d MiB"
  smmu_get_pte(uint64_t baseaddr, int index, uint64_t pteaddr, uint64_t pte) 
"baseaddr=0x%"PRIx64" index=0x%x, pteaddr=0x%"PRIx64", pte=0x%"PRIx64
  smmu_iotlb_inv_all(void) "IOTLB invalidate all"
-smmu_iotlb_inv_asid_vmid(int asid, int vmid) "IOTLB invalidate asid=%d vmid=%d"
-smmu_iotlb_inv_vmid(int vmid) "IOTLB invalidate vmid=%d"
-smmu_iotlb_inv_vmid_s1(int vmid) "IOTLB invalidate vmid=%d"
+smmu_iotlb_inv_asid_vmid(int sec_sid, int asid, int vmid) "IOTLB invalidate 
sec_sid=%d asid=%d vmid=%d"
+smmu_iotlb_inv_vmid(int sec_sid, int vmid) "IOTLB invalidate sec_sid=%d 
vmid=%d"
+smmu_iotlb_inv_vmid_s1(int sec_sid, int vmid) "IOTLB invalidate S1 sec_sid=%d 
vmid=%d"
  smmu_iotlb_inv_iova(int asid, uint64_t addr) "IOTLB invalidate asid=%d 
addr=0x%"PRIx64
  smmu_configs_inv_sid_range(uint32_t start, uint32_t end) "Config cache INV SID 
range from 0x%x to 0x%x"
  smmu_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
@@ -56,10 +56,10 @@ smmuv3_cmdq_cfgi_ste_range(int start, int end) "start=0x%x - 
end=0x%x"
  smmuv3_cmdq_cfgi_cd(uint32_t sid) "sid=0x%x"
  smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, uint32_t perc) 
"Config cache HIT for sid=0x%x (hits=%d, misses=%d, hit rate=%d)"
  smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, uint32_t perc) 
"Config cache MISS for sid=0x%x (hits=%d, misses=%d, hit rate=%d)"
-smmuv3_range_inval(int vmid, int asid, uint64_t addr, uint8_t tg, uint64_t num_pages, uint8_t ttl, bool 
leaf, int stage) "vmid=%d asid=%d addr=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64" 
ttl=%d leaf=%d stage=%d"
-smmuv3_cmdq_tlbi_nh(int vmid) "vmid=%d"
+smmuv3_range_inval(int sec_sid, int vmid, int asid, uint64_t addr, uint8_t tg, uint64_t num_pages, uint8_t 
ttl, bool leaf, int stage) "sec_sid=%d vmid=%d asid=%d addr=0x%"PRIx64" tg=%d 
num_pages=0x%"PRIx64" ttl=%d leaf=%d stage=%d"
+smmuv3_cmdq_tlbi_nh(int sec_sid, int vmid) "sec_sid=%d vmid=%d"
  smmuv3_cmdq_tlbi_nsnh(void) ""
-smmuv3_cmdq_tlbi_nh_asid(int asid) "asid=%d"
+smmuv3_cmdq_tlbi_nh_asid(int sec_sid, int asid) "sec_sid=%d asid=%d"
  smmuv3_cmdq_tlbi_s12_vmid(int vmid) "vmid=%d"
  smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu 
mr=%s"
  smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu 
mr=%s"
diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h
index b0a02e12fe6..7d1d0936921 100644
--- a/include/hw/arm/smmu-common.h
+++ b/include/hw/arm/smmu-common.h
@@ -162,6 +162,7 @@ typedef struct SMMUIOTLBKey {
      int vmid;
      uint8_t tg;
      uint8_t level;
+    SMMUSecSID sec_sid;
  } SMMUIOTLBKey;

  
  typedef struct SMMUConfigKey {

@@ -256,16 +257,19 @@ SMMUTLBEntry *smmu_iotlb_lookup(SMMUState *bs, 
SMMUTransCfg *cfg,
                                  SMMUTransTableInfo *tt, hwaddr iova);
  void smmu_iotlb_insert(SMMUState *bs, SMMUTransCfg *cfg, SMMUTLBEntry *entry);
  SMMUIOTLBKey smmu_get_iotlb_key(int asid, int vmid, uint64_t iova,
-                                uint8_t tg, uint8_t level);
+                                uint8_t tg, uint8_t level, SMMUSecSID sec_sid);
  SMMUConfigKey smmu_get_config_key(SMMUDevice *sdev, SMMUSecSID sec_sid);
  void smmu_iotlb_inv_all(SMMUState *s);
-void smmu_iotlb_inv_asid_vmid(SMMUState *s, int asid, int vmid);
-void smmu_iotlb_inv_vmid(SMMUState *s, int vmid);
-void smmu_iotlb_inv_vmid_s1(SMMUState *s, int vmid);
+void smmu_iotlb_inv_asid_vmid(SMMUState *s, int asid, int vmid,
+                              SMMUSecSID sec_sid);
+void smmu_iotlb_inv_vmid(SMMUState *s, int vmid, SMMUSecSID sec_sid);
+void smmu_iotlb_inv_vmid_s1(SMMUState *s, int vmid, SMMUSecSID sec_sid);
  void smmu_iotlb_inv_iova(SMMUState *s, int asid, int vmid, dma_addr_t iova,
-                         uint8_t tg, uint64_t num_pages, uint8_t ttl);
+                         uint8_t tg, uint64_t num_pages, uint8_t ttl,
+                         SMMUSecSID sec_sid);
  void smmu_iotlb_inv_ipa(SMMUState *s, int vmid, dma_addr_t ipa, uint8_t tg,
-                        uint64_t num_pages, uint8_t ttl);
+                        uint64_t num_pages, uint8_t ttl,
+                        SMMUSecSID sec_sid);
  void smmu_configs_inv_sid_range(SMMUState *s, SMMUSIDRange sid_range);
  void smmu_configs_inv_sdev(SMMUState *s, SMMUDevice *sdev);
  /* Unmap the range of all the notifiers registered to any IOMMU mr */

























					Reply via email to