| Table of Contents |
|---|
About
The IOPMP is a hardware checker located in a bus fabric. It has the ability to check each transaction passing through it on the fly. It is an essential component used to create isolation spaces for trusted execution environments by controlling transactions initiated, especially by I/O agents. This project will help programmers of secure systems using the QEMU emulation as an alternative before their hardware supports IOPMP.
The IOPMP spec v1v0.09.0-draft41: https://github.com/riscv-non-isa/iopmp-spec/blobreleases/main/riscv_iopmp_specification.pdftag/v0.9.1
Project Scope and Timelines
...
- IOPMP device which checks the permission of memory acces with source id (SIDrequestor-role-ID (RRID).
Change to hw/riscv/virt.c around:
- Addition of "iopmp" and "iopmp_cascade" machine option.
- When "iopmp" option is enabled:
- Addition IOPMP device
- The device devices on the generic PCIe host bridge connect to the IOPMP device
- Addition IOPMP2 device which is connected after IOPMP device.
Components and Repos
Current verison patch
https://patchew.org/QEMU/20231122053251.440723-1-ethan84@andestech.com/(v8) patch
[v8] Support RISC-V IOPMP | Patchew
Stakeholders and Partners
Other QEMU for RISC-V contributors, including:
- RISE
- Daniel Henrique Barboza
- External
- Alistair Francis (QEMU for RISC-V maintainer)
Dependencies
None
Measure of Success
...
| Page Properties | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...