Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix image location. #46

Merged
merged 2 commits into from
Mar 5, 2025
Merged

fix image location. #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3416499
fix image location.
jyao1 Feb 25, 2025
1644b6a
Fix more image location
jyao1 Feb 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion chapter2.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ Finally, if no such above entry exists, the transaction is illegal with error ty

[caption="Figure {counter:image}: ", reftext="Figure {image}"]
[title="an example block diagram of an IOPMP. It illustrates the checking flow of an IOPMP. This IOPMP takes three inputs: RRID, the transaction type (read/write), and the request range (address/len). It first looks up the SRCMD table according to the RRID carried by the incoming transaction to retrieve associated MD indexes and the corresponding permissions related to these MDs. By the MD indexes, the IOPMP looks up the MDCFG table to get the belonging entry indexes. The final step checks the access right according to the above entry indexes and corresponding permissions. An interrupt, an error response, and/or a record is generated once the transaction fails the permission check in the step.", id=iopmp-block-diagram]
image::iopmp_unit_block_diagram.png[]
image::images/iopmp_unit_block_diagram.png[]

[#SECTION_2_7]
=== Error Reactions
Expand Down
6 changes: 3 additions & 3 deletions chapter3.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,15 +61,15 @@ For the sake of convenience of discussion, some highly used combinations of *HWC

[caption="Figure {counter:image}: ", reftext="Figure {image}"]
[title="an example block diagram of the rapid-4 model. The flow is the same as in <<iopmp-block-diagram>>, except the MDCFG table is simplified to a constant mapping illustrated in the dashed box. In this example, every MD has exactly four entries."]
image::iopmp_unit_block_diagram_rapid_4.png[]
image::images/iopmp_unit_block_diagram_rapid_4.png[]

[caption="Figure {counter:image}: ", reftext="Figure {image}"]
[title="an example block diagram of the compact-4 model."]
image::iopmp_unit_block_diagram_compact_4.png[]
image::images/iopmp_unit_block_diagram_compact_4.png[]

[caption="Figure {counter:image}: ", reftext="Figure {image}"]
[title="an example block diagram of the model implements SRCMD table format 2 and MDCFG table format 1 with HWCFG0.md_entry_num is 0. In this example, every MD has exactly single entry, i.e., the entry index is equal to the MD index."]
image::iopmp_unit_block_diagram_srcmd_fmt2.png[]
image::images/iopmp_unit_block_diagram_srcmd_fmt2.png[]

[#SECTION_3_5]
=== Configuration Protection
Expand Down
2 changes: 1 addition & 1 deletion intro.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ IOPMP is considered a hardware component in a bus fabric. But why is a pure-soft

[caption="Figure {counter:image}: ", reftext="Figure {image}"]
[title="Figure 1: Example integrations of IOPMP(s) in a system. Figure (a) shows a system deploying two IOPMPs (destination-enforcement). The IOPMPs take three inputs: RRID, the transaction type (read/write), and the request range (address/len). Figure (b) shows a system deploying two IOPMPs (source-enforcement). In this deployment, the RRID can be ignored."]
image::iopmp_system_position.png[]
image::images/iopmp_system_position.png[]

Another hardware component in a bus matrix, the Input-Output Memory Management Unit (IOMMU), is used to translate a virtual address in a device to a physical address in the bus matrix by one or more stages of page tables. It could be operated in a trusted or untrusted environment and typically is a tool of a hypervisor or an OS. It provides excellent flexibility and reduces external memory fragmentation. However, it may not be an ideal tool for security software running in M-mode because it needs relatively large memory and relatively complicated software compared to a typical security monitor. Besides, the tables are usually stored in the DRAM, which is outside the chip and needs extra protection. For simple systems, this burden may not be affordable. IOPMP, however, consumes much less memory and stores rules inside the chip. Both of them have their own useful areas of application, so IOMMU and IOPMP could coexist and collaborate. IOPMP can be used as a tool for the secure monitor by checking access from devices controlled by other software, while IOMMU can be used by software with richer resources.

4 changes: 2 additions & 2 deletions iopmp.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@
:preface-title: Preamble
:colophon:
:appendix-caption: Appendix
:imagesdir: images
:title-logo-image: image:risc-v_logo.svg[pdfwidth=3.25in,align=center]
:imagesdir: .
:title-logo-image: image:./docs-resources/images/risc-v_logo.svg[pdfwidth=3.25in,align=center]
// Settings:
:experimental:
:reproducible:
Expand Down