Re: [Qemu-devel] [PATCH v2 7/7] i440fx: add an iommu

[Blue Swirl]

On Tue, Oct 30, 2012 at 11:47 AM, Avi Kivity <address@hidden> wrote:
> This iommu encrypts addresses on the device bus to avoid divuling information
> to hackers equipped with bus analyzers.  Following 3DES, addresses are 
> encrypted
> multiple times.  A XOR cypher is employed for efficiency.

If this is not useful as a test device or other purposes, I'd drop it.

>
> Signed-off-by: Avi Kivity <address@hidden>
> ---
>  hw/piix_pci.c | 77 
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 77 insertions(+)
>
> diff --git a/hw/piix_pci.c b/hw/piix_pci.c
> index 9af5847..99601f4 100644
> --- a/hw/piix_pci.c
> +++ b/hw/piix_pci.c
> @@ -30,6 +30,7 @@
>  #include "sysbus.h"
>  #include "range.h"
>  #include "xen.h"
> +#include "exec-memory.h"
>
>  /*
>   * I440FX chipset data sheet.
> @@ -248,6 +249,81 @@ static int i440fx_initfn(PCIDevice *dev)
>      return 0;
>  }
>
> +typedef struct SillyIOMMU SillyIOMMU;
> +
> +struct SillyIOMMU {
> +    MemoryRegion fault;
> +    MemoryRegion l1;
> +    MemoryRegion l2;
> +    hwaddr mask;
> +    hwaddr secret;
> +};
> +
> +static IOMMUTLBEntry silly_l1_translate(MemoryRegion *l1, hwaddr addr)
> +{
> +    SillyIOMMU *s = container_of(l1, SillyIOMMU, l1);
> +    hwaddr xlat = addr ^ s->secret;
> +
> +    printf("l1: %" HWADDR_PRIx " -> %" HWADDR_PRIx "\n", addr, xlat);
> +
> +    return (IOMMUTLBEntry) {
> +        .device_addr = addr & ~s->mask,
> +        .translated_addr = xlat & ~s->mask,
> +        .addr_mask = s->mask,
> +        .perm = { true, true },
> +    };
> +}
> +
> +static MemoryRegionIOMMUOps silly_l1_iommu_ops = {
> +    .translate = silly_l1_translate,
> +};
> +
> +static IOMMUTLBEntry silly_l2_translate(MemoryRegion *l2, hwaddr addr)
> +{
> +    SillyIOMMU *s = container_of(l2, SillyIOMMU, l2);
> +    hwaddr xlat = addr ^ s->secret;
> +
> +    printf("l2: %" HWADDR_PRIx " -> %" HWADDR_PRIx "\n", addr, xlat);
> +
> +    return (IOMMUTLBEntry) {
> +        .device_addr = addr & ~s->mask,
> +        .translated_addr = xlat & ~s->mask,
> +        .addr_mask = s->mask,
> +        .perm = { true, true },
> +    };
> +}
> +
> +static MemoryRegionIOMMUOps silly_l2_iommu_ops = {
> +    .translate = silly_l2_translate,
> +};
> +
> +static MemoryRegion *silly_iommu_new(PCIBus *bus, void *opaque, int devfn)
> +{
> +    SillyIOMMU *s = g_new(SillyIOMMU, 1);
> +    MemoryRegion *sysmem = get_system_memory();
> +
> +    s->mask = (0x1000 << (devfn >> 3)) - 1;
> +    s->secret = ((devfn << 24) | 0x00aabbccdd) & ~s->mask;
> +    memory_region_init(&s->fault, "silly-fault", INT64_MAX);
> +    memory_region_init_iommu(&s->l2, &silly_l2_iommu_ops, sysmem, &s->fault,
> +                             "silly-l2", INT64_MAX);
> +    memory_region_init_iommu(&s->l1, &silly_l1_iommu_ops, &s->l2, &s->fault,
> +                             "silly-l1", INT64_MAX);
> +    return &s->l1;
> +}
> +
> +static void silly_iommu_del(MemoryRegion *l1)
> +{
> +    SillyIOMMU *s = container_of(l1, SillyIOMMU, l1);
> +
> +    memory_region_del_subregion(&s->l2, get_system_memory());
> +    memory_region_del_subregion(&s->l1, &s->l2);
> +    memory_region_destroy(&s->l2);
> +    memory_region_destroy(&s->l1);
> +    memory_region_destroy(&s->fault);
> +    g_free(s);
> +}
> +
>  static PCIBus *i440fx_common_init(const char *device_name,
>                                    PCII440FXState **pi440fx_state,
>                                    int *piix3_devfn,
> @@ -275,6 +351,7 @@ static PCIBus *i440fx_common_init(const char *device_name,
>      s->address_space = address_space_mem;
>      b = pci_bus_new(dev, NULL, pci_address_space,
>                      address_space_io, 0);
> +    pci_setup_iommu(b, silly_iommu_new, silly_iommu_del, NULL);
>      s->bus = b;
>      object_property_add_child(qdev_get_machine(), "i440fx", OBJECT(dev), 
> NULL);
>      qdev_init_nofail(dev);
> --
> 1.7.12
>