cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

tz-msc.h (2889B)

      1/*
      2 * ARM TrustZone master security controller emulation
      3 *
      4 * Copyright (c) 2018 Linaro Limited
      5 * Written by Peter Maydell
      6 *
      7 * This program is free software; you can redistribute it and/or modify
      8 * it under the terms of the GNU General Public License version 2 or
      9 * (at your option) any later version.
     10 */
     11
     12/*
     13 * This is a model of the TrustZone master security controller (MSC).
     14 * It is documented in the ARM CoreLink SIE-200 System IP for Embedded TRM
     15 * (DDI 0571G):
     16 * https://developer.arm.com/products/architecture/m-profile/docs/ddi0571/g
     17 *
     18 * The MSC sits in front of a device which can be a bus master (such as
     19 * a DMA controller) and allows secure software to configure it to either
     20 * pass through or reject transactions made by that bus master.
     21 * Rejected transactions may be configured to either be aborted, or to
     22 * behave as RAZ/WI. An interrupt can be signalled for a rejected transaction.
     23 *
     24 * The MSC has no register interface -- it is configured purely by a
     25 * collection of input signals from other hardware in the system. Typically
     26 * they are either hardwired or exposed in an ad-hoc register interface by
     27 * the SoC that uses the MSC.
     28 *
     29 * We don't currently implement the irq_enable GPIO input, because on
     30 * the MPS2 FPGA images it is always tied high, which is awkward to
     31 * implement in QEMU.
     32 *
     33 * QEMU interface:
     34 * + Named GPIO input "cfg_nonsec": set to 1 if the bus master should be
     35 *   treated as nonsecure, or 0 for secure
     36 * + Named GPIO input "cfg_sec_resp": set to 1 if a rejected transaction should
     37 *   result in a transaction error, or 0 for the transaction to RAZ/WI
     38 * + Named GPIO input "irq_clear": set to 1 to clear a pending interrupt
     39 * + Named GPIO output "irq": set for a transaction-failed interrupt
     40 * + Property "downstream": MemoryRegion defining where bus master transactions
     41 *   are made if they are not blocked
     42 * + Property "idau": an object implementing IDAUInterface, which defines which
     43 *   addresses should be treated as secure and which as non-secure.
     44 *   This need not be the same IDAU as the one used by the CPU.
     45 * + sysbus MMIO region 0: MemoryRegion defining the upstream end of the MSC;
     46 *   this should be passed to the bus master device as the region it should
     47 *   make memory transactions to
     48 */
     49
     50#ifndef TZ_MSC_H
     51#define TZ_MSC_H
     52
     53#include "hw/sysbus.h"
     54#include "target/arm/idau.h"
     55#include "qom/object.h"
     56
     57#define TYPE_TZ_MSC "tz-msc"
     58OBJECT_DECLARE_SIMPLE_TYPE(TZMSC, TZ_MSC)
     59
     60struct TZMSC {
     61    /*< private >*/
     62    SysBusDevice parent_obj;
     63
     64    /*< public >*/
     65
     66    /* State: these just track the values of our input signals */
     67    bool cfg_nonsec;
     68    bool cfg_sec_resp;
     69    bool irq_clear;
     70    /* State: are we asserting irq ? */
     71    bool irq_status;
     72
     73    qemu_irq irq;
     74    MemoryRegion *downstream;
     75    AddressSpace downstream_as;
     76    MemoryRegion upstream;
     77    IDAUInterface *idau;
     78};
     79
     80#endif