Re: [Qemu-devel] [PATCH v4 02/17] hw/intc/arm_gic: Add Security Extensions property

[Edgar E. Iglesias]

On Fri, May 01, 2015 at 06:50:28PM +0100, Peter Maydell wrote:
> From: Fabian Aggeler <address@hidden>
> 
> Add a QOM property which allows the GIC Security Extensions to be
> enabled. These are an optional part of the GICv1 and GICv2 architecture.
> This commit just adds the property and some sanity checks that it
> is only enabled on GIC revisions that support it.
> 
> Signed-off-by: Fabian Aggeler <address@hidden>
> Signed-off-by: Greg Bellows <address@hidden>
> Message-id: address@hidden
> [PMM: changed property name, added checks that it isn't set for
>  older GIC revisions or if using the KVM VGIC; reworded commit message]
> Signed-off-by: Peter Maydell <address@hidden>

Reviewed-by: Edgar E. Iglesias <address@hidden>


> ---
>  hw/intc/arm_gic.c                | 5 ++++-
>  hw/intc/arm_gic_common.c         | 9 +++++++++
>  hw/intc/arm_gic_kvm.c            | 6 ++++++
>  include/hw/intc/arm_gic_common.h | 1 +
>  4 files changed, 20 insertions(+), 1 deletion(-)
> 
> diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
> index e9fb8b9..cdf7408 100644
> --- a/hw/intc/arm_gic.c
> +++ b/hw/intc/arm_gic.c
> @@ -298,7 +298,10 @@ static uint32_t gic_dist_readb(void *opaque, hwaddr 
> offset)
>          if (offset == 0)
>              return s->enabled;
>          if (offset == 4)
> -            return ((s->num_irq / 32) - 1) | ((NUM_CPU(s) - 1) << 5);
> +            /* Interrupt Controller Type Register */
> +            return ((s->num_irq / 32) - 1)
> +                    | ((NUM_CPU(s) - 1) << 5)
> +                    | (s->security_extn << 10);
>          if (offset < 0x08)
>              return 0;
>          if (offset >= 0x80) {
> diff --git a/hw/intc/arm_gic_common.c b/hw/intc/arm_gic_common.c
> index 18b01ba..5ed21f1 100644
> --- a/hw/intc/arm_gic_common.c
> +++ b/hw/intc/arm_gic_common.c
> @@ -110,6 +110,13 @@ static void arm_gic_common_realize(DeviceState *dev, 
> Error **errp)
>                     num_irq);
>          return;
>      }
> +
> +    if (s->security_extn &&
> +        (s->revision == REV_11MPCORE || s->revision == REV_NVIC)) {
> +        error_setg(errp, "this GIC revision does not implement "
> +                   "the security extensions");
> +        return;
> +    }
>  }
>  
>  static void arm_gic_common_reset(DeviceState *dev)
> @@ -149,6 +156,8 @@ static Property arm_gic_common_properties[] = {
>       * (Internally, 0xffffffff also indicates "not a GIC but an NVIC".)
>       */
>      DEFINE_PROP_UINT32("revision", GICState, revision, 1),
> +    /* True if the GIC should implement the security extensions */
> +    DEFINE_PROP_BOOL("has-security-extensions", GICState, security_extn, 0),
>      DEFINE_PROP_END_OF_LIST(),
>  };
>  
> diff --git a/hw/intc/arm_gic_kvm.c b/hw/intc/arm_gic_kvm.c
> index 5aedae1..cb47b12 100644
> --- a/hw/intc/arm_gic_kvm.c
> +++ b/hw/intc/arm_gic_kvm.c
> @@ -544,6 +544,12 @@ static void kvm_arm_gic_realize(DeviceState *dev, Error 
> **errp)
>          return;
>      }
>  
> +    if (s->security_extn) {
> +        error_setg(errp, "the in-kernel VGIC does not implement the "
> +                   "security extensions");
> +        return;
> +    }
> +
>      i = s->num_irq - GIC_INTERNAL;
>      /* For the GIC, also expose incoming GPIO lines for PPIs for each CPU.
>       * GPIO array layout is thus:
> diff --git a/include/hw/intc/arm_gic_common.h 
> b/include/hw/intc/arm_gic_common.h
> index 01c6f24..7825134 100644
> --- a/include/hw/intc/arm_gic_common.h
> +++ b/include/hw/intc/arm_gic_common.h
> @@ -105,6 +105,7 @@ typedef struct GICState {
>      MemoryRegion cpuiomem[GIC_NCPU + 1]; /* CPU interfaces */
>      uint32_t num_irq;
>      uint32_t revision;
> +    bool security_extn;
>      int dev_fd; /* kvm device fd if backed by kvm vgic support */
>  } GICState;
>  
> -- 
> 1.9.1
>