Hi all,

This is v3 of the secure SMMUv3 series. Many thanks to Eric for the
detailed review feedback on v2, which formed the basis for these
changes. The main updates include:

- Re-sliced the series so that purely mechanical refactors land
ahead of the functional updates, which should make the review flow
easier.

- Renamed SMMUSecurityIndex to SMMUSecSID and plumbed it
consistently through the config cache, event reporting, and
invalidation helpers so it mirrors the architectural SEC_SID.

- Used the actual S_IDR1.SEL2 field to detect Secure Stage-2
support. When SEL2 is absent, we now correctly abort any
conflicting operation, be it a translation walk or a command
queue request.

- MMIO dispatch now derives the register bank from the offset, drops
the old non-secure S_INIT alias, and passes the correct security
context into the command/event queue paths.

- Failed fast if the secure address space is unavailable rather than
silently executing secure transactions against the non-secure
mapping.

On the administrative side, I have re-added the RFC tag that was missed
in v2. Eric's Reviewed-by tags have been applied where appropriate,
and a Fixes tag has been added to the patch that corrects the MMIO
register access checks.

The patches for this series also can be found at:
[1] https://github.com/hnusdr/qemu/commits/secure-smmu-v3-community


Self-testing
----------
Testing has been performed as follows:

- The Non-secure code paths were validated using the method at:
[2] https://github.com/hnusdr/qemu/commits/test-ns-secure-smmu-v3-community

This corresponds to the v2 version of smmu-testdev in another series:
[3] https://lists.nongnu.org/archive/html/qemu-arm/2025-09/msg01497.html

- The Secure code paths were validated using the method at:
[4] https://github.com/hnusdr/qemu/commits/test-secure-smmu-v3-community
which relies on an unsubmitted v3 version of smmu-testdev that has been
updated to support Secure SMMU.

Tao Tang (21):
  hw/arm/smmuv3: Fix incorrect reserved mask for SMMU CR0 register
  hw/arm/smmuv3: Correct SMMUEN field name in CR0
  hw/arm/smmuv3: Introduce secure registers
  refactor: Move ARMSecuritySpace to a common header
  hw/arm/smmuv3: Introduce banked registers for SMMUv3 state
  hw/arm/smmuv3: Thread SEC_SID through helper APIs
  hw/arm/smmuv3: Track SEC_SID in configs and events
  hw/arm/smmuv3: Add separate address space for secure SMMU accesses
  hw/arm/smmuv3: Plumb transaction attributes into config helpers
  hw/arm/smmu-common: Key configuration cache on SMMUDevice and SEC_SID
  hw/arm/smmuv3: Decode security attributes from descriptors
  hw/arm/smmu-common: Implement secure state handling in ptw
  hw/arm/smmuv3: Tag IOTLB cache keys with SEC_SID
  hw/arm/smmuv3: Add access checks for MMIO registers
  hw/arm/smmuv3: Determine register bank from MMIO offset
  hw/arm/smmuv3: Implement SMMU_S_INIT register
  hw/arm/smmuv3: Pass security state to command queue and IRQ logic
  hw/arm/smmuv3: Harden security checks in MMIO handlers
  hw/arm/smmuv3: Use iommu_index to represent the security context
  hw/arm/smmuv3: Initialize the secure register bank
  hw/arm/smmuv3: Add secure migration and enable secure state

 hw/arm/smmu-common.c          |  161 ++++-
 hw/arm/smmu-internal.h        |   16 +-
 hw/arm/smmuv3-internal.h      |  109 +++-
 hw/arm/smmuv3.c               | 1077 ++++++++++++++++++++++++++-------
 hw/arm/trace-events           |    9 +-
 hw/arm/virt.c                 |    5 +
 include/hw/arm/arm-security.h |   54 ++
 include/hw/arm/smmu-common.h  |   59 +-
 include/hw/arm/smmuv3.h       |   39 +-
 target/arm/cpu.h              |   25 +-
 10 files changed, 1249 insertions(+), 305 deletions(-)
 create mode 100644 include/hw/arm/arm-security.h

--
2.34.1