[PATCH 1/5] dt-bindings: interrupt-controller: Add support for secure donated SGIs

Sudeep Holla sudeep.holla at kernel.org
Thu Apr 16 06:09:30 PDT 2026 

On Thu, Apr 16, 2026 at 07:11:46AM -0500, Rob Herring wrote:
> On Sun, Apr 12, 2026 at 06:04:37PM +0100, Sudeep Holla wrote:
> > In GICv3, SGI security is defined by interrupt grouping and configuration
> > rather than by SGI number alone. Linux conventionally reserves SGIs 0-7
> > for non-secure internal kernel IPIs, while higher SGIs is assumed to be
> > owned/stolen by the Secure world unless explicitly made available.
> > 
> > Document secure donated SGI interrupt specifiers for the GICv3 binding.
> > It describes "arm,secure-donated-ns-sgi-ranges" for SGIs donated by the
> > secure world to non-secure software. It excludes SGIs 0-7, which are
> > already used by the kernel for internal IPI purposes.
> > 
> > Signed-off-by: Sudeep Holla <sudeep.holla at kernel.org>
> > ---
> >  .../bindings/interrupt-controller/arm,gic-v3.yaml  | 27 +++++++++++++++++++++-
> >  include/dt-bindings/interrupt-controller/arm-gic.h |  1 +
> >  2 files changed, 27 insertions(+), 1 deletion(-)
> > 
> > diff --git a/Documentation/devicetree/bindings/interrupt-controller/arm,gic-v3.yaml b/Documentation/devicetree/bindings/interrupt-controller/arm,gic-v3.yaml
> > index bfd30aae682b..664727d071c9 100644
> > --- a/Documentation/devicetree/bindings/interrupt-controller/arm,gic-v3.yaml
> > +++ b/Documentation/devicetree/bindings/interrupt-controller/arm,gic-v3.yaml
> > @@ -45,17 +45,24 @@ description: |
> >  
> >        The 1st cell is the interrupt type; 0 for SPI interrupts, 1 for PPI
> >        interrupts, 2 for interrupts in the Extended SPI range, 3 for the
> > -      Extended PPI range. Other values are reserved for future use.
> > +      Extended PPI range, and 4 for SGI interrupts. Other values are
> > +      reserved for future use.
> >  
> >        The 2nd cell contains the interrupt number for the interrupt type.
> >        SPI interrupts are in the range [0-987]. PPI interrupts are in the
> >        range [0-15]. Extended SPI interrupts are in the range [0-1023].
> >        Extended PPI interrupts are in the range [0-127].
> >  
> > +      SGI interrupts are in the range [8-15] which overlaps with the SGIs
> > +      assigned to/reserved for the secure world but donated to the non
> > +      secure world to use. Refer "arm,secure-donated-ns-sgi-ranges" for
> > +      more details.
> > +
> >        The 3rd cell is the flags, encoded as follows:
> >        bits[3:0] trigger type and level flags.
> >          1 = edge triggered
> >          4 = level triggered
> > +      SGIs are edge triggered and must be described as such.
> >  
> >        The 4th cell is a phandle to a node describing a set of CPUs this
> >        interrupt is affine to. The interrupt must be a PPI, and the node
> > @@ -136,6 +143,24 @@ description: |
> >        - $ref: /schemas/types.yaml#/definitions/uint32
> >        - $ref: /schemas/types.yaml#/definitions/uint64
> >  
> > +  arm,secure-donated-ns-sgi-ranges:
> > +    description:
> > +      A list of pairs <sgi span>, where "sgi" is the first SGI INTID of a
> > +      range donated by the secure side to non-secure software, and "span" is
> > +      the size of that range. Multiple ranges can be provided.
> > +
> > +      SGIs described by interrupt specifiers with type 4 (SGI) must fall
> > +      within one of these ranges. SGIs(0-7) reserved by non-secure world
> > +      for internal IPIs must not be listed here. "sgi" must be in the
> > +      range [8-15], "span" must be in the range [1-8], and the range must
> > +      not extend past SGI 15.
> > +    $ref: /schemas/types.yaml#/definitions/uint32-matrix
> > +    items:
> 
> As a matrix, you need:
> 
> items:
>   items:
>     - ...
>     - ...
> 
> However, given this is at most 8 entries, I would just do an array:
> 
> minItems: 1
> maxItems: 8
> uniqueItems: true
> items:
>   minimum: 8
>   maximum: 15
>

Makes sense.

> Unless we need more flexibility in GICv5?
>

IIUC, there are not SGIs in GICv5 and we may need to use one software PPI
as a replacement for SGIs. LPIs are used for IPIs.

I am assuming Marc will soon post his opinion/rejection on this series 😉
based on some offline discussion we had with respect to how it fits with
GICv5.

> Is there an example we can stick this property into so it gets tested?
>

Not sure if [1] serves as an example or you are looking for something else.

-- 
Regards,
Sudeep

[1] https://lore.kernel.org/all/20260412-b4-ffa_ns_sgi_gicv3-v1-5-af61243eb405@kernel.org/

More information about the linux-arm-kernel mailing list