About

The IOPMP is a hardware checker located in a bus fabric. It has the ability to check each transaction passing through it on the fly. It is an essential component used to create isolation spaces for trusted execution environments by controlling transactions initiated, especially by I/O agents. This project will help programmers of secure systems using the QEMU emulation as an alternative before their hardware supports IOPMP.
The IOPMP spec v0.9.1: https://github.com/riscv-non-isa/iopmp-spec/releases/tag/v0.9.1

Project Scope and Timelines

Addition to hw/misc/riscv_iopmp.c around:

IOPMP device which checks the permission of memory acces with requestor-role-ID (RRID).

Change to hw/riscv/virt.c around:

Addition of "iopmp" machine option.
When "iopmp" option is enabled:
- Addition IOPMP device
- The devices on the generic PCIe host bridge connect to the IOPMP device

Components and Repos

Current verison(v8) patch
[v8] Support RISC-V IOPMP | Patchew

Stakeholders and Partners

Other QEMU for RISC-V contributors, including:

RISE
- Daniel Henrique Barboza
External
- Alistair Francis (QEMU for RISC-V maintainer)

Dependencies

None

Measure of Success

TBD

RISE Requirements