About
The IOPMP is a hardware checker located in a bus fabric. It has the ability to check each transaction passing through it on the fly. It is an essential component used to create isolation spaces for trusted execution environments by controlling transactions initiated, especially by I/O agents. This project will help programmers of secure systems using the QEMU emulation as an alternative before their hardware supports IOPMP.
The IOPMP spec v1.0.0-draft4: https://github.com/riscv-non-isa/iopmp-spec/blob/main/riscv_iopmp_specification.pdf
Project Scope and Timelines
Addition to hw/misc/riscv_iopmp.c around:
- IOPMP device which checks the permission of memory acces with source id (SID).
Addtion to hw/dma/atcdmac300.c around:
- A sample to show how dma device to support iopmp features:
- Memory transaction with source id.
- Handling IOPMP stall transaction result.
Change to hw/riscv/virt.c around:
- Addition of "iopmp" and "iopmp_cascade" machine option.
- When "iopmp" option is enabled:
- Addition IOPMP device and DMA device
- Register the DMA device to IOPMP with source id.
- When "iopmp_cascade" option is enabled
- Addition IOPMP2 device which is connected after IOPMP device.
Components and Repos
Current verison patch
https://patchew.org/QEMU/20231122053251.440723-1-ethan84@andestech.com/
Stakeholders and Partners
None
Dependencies
None
Measure of Success
TBD
RISE Requirements
None