4 Commands

Chapter 4 Commands This section describes the behavior of commands given to the SMMU through the Command queue. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 194

Chapter 4. Commands 4.1. Commands overview 4.1 Commands overview 4.1.1 Command opcodes All entries in the Command queue are 16 bytes long. All Command queue entries are little-endian. Each command begins with an 8-bit command opcode, defined as follows: Command opcode Command name 0x00 Reserved 0x01 CMD_PREFETCH_CONFIG 0x02 CMD_PREFETCH_ADDR 0x03 CMD_CFGI_STE 0x04 CMD_CFGI_STE_RANGE Note: CMD_CFGI_ALL has the same opcode as this command. 0x05 CMD_CFGI_CD 0x06 CMD_CFGI_CD_ALL 0x07 CMD_CFGI_VMS_PIDM 0x08 CMD_CFGI_CIT 0x09 CMD_CFGI_VSTT_VSID 0x0A CMD_CFGI_VSTT 0x10 CMD_TLBI_NH_ALL 0x11 CMD_TLBI_NH_ASID 0x12 CMD_TLBI_NH_VA 0x13 CMD_TLBI_NH_VAA 0x14-0x17 Reserved 0x18 CMD_TLBI_EL3_ALL 0x19 Reserved 0x1A CMD_TLBI_EL3_VA 0x1B-0x1F Reserved 0x20 CMD_TLBI_EL2_ALL 0x21 CMD_TLBI_EL2_ASID 0x22 CMD_TLBI_EL2_VA ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 195

Chapter 4. Commands 4.1. Commands overview Command opcode Command name 0x23 CMD_TLBI_EL2_VAA 0x24-0x27 Reserved 0x28 CMD_TLBI_S12_VMALL 0x29 Reserved 0x2A CMD_TLBI_S2_IPA 0x2B-0x2F Reserved 0x30 CMD_TLBI_NSNH_ALL 0x31-0x3F Reserved 0x40 CMD_ATC_INV 0x41 CMD_PRI_RESP 0x42-0x43 Reserved 0x44 CMD_RESUME 0x45 CMD_STALL_TERM 0x46 CMD_SYNC 0x47-0x4F Reserved 0x50 CMD_TLBI_S_EL2_ALL 0x51 CMD_TLBI_S_EL2_ASID 0x52 CMD_TLBI_S_EL2_VA 0x53 CMD_TLBI_S_EL2_VAA 0x54-0x57 Reserved 0x58 CMD_TLBI_S_S12_VMALL 0x59 Reserved 0x5A CMD_TLBI_S_S2_IPA 0x5B-0X5F Reserved 0x60 CMD_TLBI_SNH_ALL 0x61-0x6F Reserved 0x70 CMD_DPTI_ALL ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 196

Chapter 4. Commands 4.1. Commands overview Command opcode Command name 0x71-0x72 Reserved 0x73 CMD_DPTI_PA 0x74-0x7F Reserved 0x80-0x8F IMPLEMENTATION DEFINED 0x90-0xFF Reserved 4.1.2 Submitting commands to the Command queue Commands are submitted to the SMMU by writing them to the Command queue then, after ensuring their visibility to the SMMU, updating the SMMU_()CMDQ_PROD.WR index which notifies the SMMU that there are commands to process. The SMMU does not execute commands beyond the CMDQ_PROD.WR index and, when commands are able to be processed as described in this chapter, a write to SMMU()CMDQ_PROD.WR is all that is required from software to cause the SMMU to consider newly-produced commands. See section 3.21.2 Queues. Commands are able to be processed from the Command queue when all of the following conditions are met: • The Command queue CONS and PROD indexes indicate that the queue is not empty. • The Command queue is enabled through SMMU()CR0.CMDQEN. • No Command queue error is active for the given Command queue. The SMMU processes commands in a timely manner until all commands are consumed, or a command queue error occurs, or the queue is disabled. When SMMU_IDR0.SEV == 1, the SMMU triggers a WFE wake-up event when a Command queue becomes non-full and an agent external to the SMMU could have observed that the queue was previously full. This applies to the Non-secure Command queue and, if implemented, the Secure Command queue. Note: Arm expects that an attempt to insert a command into the queue will first observe from SMMU()CMDQ_CONS whether the queue has space, and if it is full might then poll the SMMU(*_)CMDQ_CONS index in a loop until the queue becomes non-full. Such a loop can be throttled using the WFE instruction when the SMMU and system supports sending of WFE wake-up events. The behaviors of some commands are dependent on SMMU register state. Register state must not be altered between such a command having been submitted to the Command queue and the command completion. If a register field is changed while a dependent command could be being processed, it is UNPREDICTABLE whether the command is interpreted under the new or old register field value. 4.1.3 Command errors A Command queue CERROR_ILL error occurs when: • A Reserved command opcode is encountered. • A valid command opcode is used with invalid parameters, see the individual command descriptions. • A valid command opcode is used and a Reserved or undefined field is optionally detected as non-zero, which results in the command being treated as malformed. Some commands, where specified, are IGNORED in certain circumstances. If a command causes a CERROR_ILL this takes precedence over whether the command is IGNORED or not. A command queue CERROR_ABT error occurs when: • An external abort is encountered upon accessing memory. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 197

Chapter 4. Commands 4.1. Commands overview The SMMU stops command consumption immediately upon the first occurrence of an error, so that the SMMU_()CMDQ_CONS.RD index indicates the command that could not be correctly consumed, and the error code is reported. See section 7.1 Command queue errors for details on Command queue error reporting and recovery. 4.1.4 Consumption of commands from the Command queue A command is Consumed when the value observed in the SMMU()CMDQ_CONS.RD index register passes beyond the location of the command in the queue. This means that: • As defined by the normal circular queue semantics, the location has been read by the SMMU and the producer might later re-use the location for a different command. • Where explicitly noted in a command description, certain side effects or guarantees have occurred. – Where not noted, no conclusions can be drawn from the Consumption of a command. The SMMU(*_)CMDQ_CONS index can be polled to determine whether a specific command has been Consumed. See section 4.8 Command Consumption summary for a summary of Consumption behavior. A CMD_SYNC command is provided as a mechanism to ensure completion of commands submitted to the same queue at a location before the CMD_SYNC, including side effects. A CMD_SYNC is not required to be issued in order to start the processing of earlier commands. Note: A CMD_SYNC is used where it is necessary to determine completion of prior commands, such as a TLB invalidation, but commands are able to complete without depending on a CMD_SYNC. 4.1.5 Reserved fields All non-specified fields in the commands are RES0. An implementation is permitted to check whether these fields are zero. An implementation does one of the following: • Detects non-zero use of a Reserved field as a malformed command, resulting in CERROR_ILL. • Ignores the entirety of any Reserved fields. Some combinations or ranges of parameter values are defined in this section to be ILLEGAL and use of these values results in a CERROR_ILL command error. 4.1.6 Common command fields These fields are common to more than one command and have the following behavior: • SubstreamID and Substream Valid (SSV) – SSV indicates whether a SubstreamID is provided. 0: SubstreamID not supplied. 1: SubstreamID supplied. • When SMMU_S_IDR1.SECURE_IMPL == 1, SSec is used by commands on the Secure Command queue to indicate whether the given StreamID parameter is Secure or Non-secure, in a similar way to SEC_SID for an input transaction (see section 3.10.1 StreamID Security state (SEC_SID)): SSec Meaning 0 StreamID is Non-secure 1 StreamID is Secure ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 198

Chapter 4. Commands 4.1. Commands overview – Commands on the Non-secure Command queue must set SSec == 0, where present, and cannot affect Secure streams. A command on the Non-secure Command queue with SSec == 1 is ILLEGAL, regardless of whether Secure state is supported, and raises CERROR_ILL. – For the Realm Command queue, SSec must be set to 0, otherwise CERROR_ILL is raised. See 10.7 Support for Realm state. • Virtual address fields are Address[63:12], with [11:0] taken as zero. • Physical, or IPA address fields are Address[55:12], or [55:2] for the case of MSIAddr, with other bits taken as zero. – Bits[55:52] of these fields are RES0 in SMMUv3.1 to SMMUv3.3. – Bits[55:48] of these fields are RES0 in SMMUv3.0. 4.1.7 Out-of-range parameters Providing an out-of-range parameter to a command has one of the following CONSTRAINED UNPREDICTABLE behaviors: • The command has no effect • The command has an effect, taking an UNPREDICTABLE value for the parameter that is out-of-range. – Note: For example, an implementation might truncate an out-of-range StreamID parameter to another in-range StreamID which might then be affected by the command. See section 3.16.1.2 Command Queue. Some implementations might not provide the ability to express out-of-range values in certain fields. A StreamID parameter for a command on the Non-secure Command queue is out of range if the value exceeds the implemented Non-secure StreamID size, as reported by SMMU_IDR1.SIDSIZE. For a command on the Secure Command queue, a Non-secure StreamID is out of range if the value exceeds the Non-secure SMMU_IDR1.SIDSIZE and a Secure StreamID is out of range if the value exceeds the Secure SMMU_S_IDR1.S_SIDSIZE. In an SMMU with RME DA, the size of a StreamID parameter for Realm state is the same as for the Non-secure state. This means that when submitting a command to the Realm command queue, the StreamID parameter is out of range if the value exceeds SMMU_IDR1.SIDSIZE. A SubstreamID parameter is out of range if the value exceeds the implemented SubstreamID size, as reported by SMMU_IDR1.SSIDSIZE. Address parameter ranges are described for each command type that takes an address parameter. The allowed range of ASID and VMID parameters is covered in section 4.4 TLB invalidation. For information about out-of-range parameters during SID translation, see 3.5.9.4 vSID Errors and external aborts. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 199

Chapter 4. Commands 4.2. Prefetch 4.2 Prefetch Two forms of prefetch command are available which can prefetch the configuration or translation data associated with a stream. Valid prefetch commands with out of range parameters do not generate command errors. A request to prefetch an address that is out of range with respect to the translation table configuration for the StreamID or SubstreamID is IGNORED and does not record any kind of fault or error. An implementation is not required to check the range of an Address parameter, but if it does then the parameter is considered out of range if: • When the stream configuration enables stage 1 translation, the parameter has bits at Address[VAS-1] and upwards that are not all equal in value. TBI is permitted but not required to apply to the parameter. • When the stream configuration enables stage 2 translation, the parameter has bits at Address[IAS] and upwards that are not zero. If either SMMU_IDR1.SSIDSIZE == 0 or STE.S1CDMax == 0, then: • Prefetch commands must be submitted with SSV == 0 and the SubstreamID parameter is IGNORED. • Setting SSV == 1 is CONSTRAINED UNPREDICTABLE and has one of the following behaviors: – The command behaves as though SSV == 0. – The command has no effect. Prefetch commands directed to invalid configuration, for example, an STE or CD with V == 0 or out of range of the Stream table (or level-2 sub-table), fail silently and do not record error events. Similarly, prefetch commands directed to addresses that cause translation-related faults for any reason do not record error events. When SMMU_()CR0.SMMUEN == 0, valid prefetch commands are consumed but do not trigger a prefetch. 4.2.1 CMD_PREFETCH_CONFIG(StreamID, SSec, SubstreamID, SSV) RES0 127 96 RES0 95 64 StreamID 63 32 SubstreamID 31 12 SSV 11 10 RES0 9 8 0x01 7 0 SSec Prefetch any STE and CD configuration structures that are required to process traffic from the given StreamID, and SubstreamID if SSV == 1. An implementation is not required to prefetch any, or all, of the configuration requested. If the STE of a StreamID configures both stage 1 and stage 2 translation, stage 2 HTTU is enabled, and if a CD or L1CD is fetched, then this command sets AF == 1 in the stage 2 translation table descriptor that is used to fetch the CD or L1CD. Note: The CD might not be fetched if it is already cached. The common behaviors for SSec apply. See 4.1.6 Common command fields. If SMMU(_)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ: • In the Secure state, this command is IGNORED. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 200

Chapter 4. Commands 4.2. Prefetch • In the Non-secure and Realm state, if SMMU_(R_)ECMDQ_BASEn.VSID is 0, this command is IGNORED. Otherwise a prefetch operation might be performed depending on the implementation with the StreamID replaced by the SMMU as described in section 3.5.9 Virtual to physical SID translation. 4.2.2 CMD_PREFETCH_ADDR(StreamID, SSec, SubstreamID, SSV, Addr, NS, Size, Stride) Address[63:12] 127 96 Address[63:12] 95 76 NS 75 74 Stride 73 69 Size 68 64 RES0 StreamID 63 32 SubstreamID 31 12 SSV 11 10 RES0 9 8 0x02 7 0 SSec Prefetch any STE and CD configuration structures and TLB entries for the given span of addresses as though accessed by transactions associated with StreamID, and SubstreamID if SSV == 1. An implementation is not required to prefetch any, or all, entries requested. This command performs a prefetch of one or more TLB entries associated with a sequence of addresses given by: Addr + (n * 212+Stride) where 0 <= n < 2Size. The Stride parameter expresses the expected size of each resulting TLB entry, for the intended span. It controls the gap between successive addresses for which translations are prefetched. This parameter is encoded so that prefetches occur at a stride of 212+Stride bytes. For SMMUv3.0 implementations, Stride is RES0, must be set to 0, and the effective prefetch stride is 4KB. Use of a non-zero value either ignores the value or results in a CERROR_ILL. The Size parameter expresses the desired number of prefetched translations, made for addresses at the effective Stride size, encoded as a 2Size multiple of the stride size. The NS parameter is used in the scenario where the command targets a Secure stream and one of the following applies: • The stream is configured for stage 2 translation only. • The stream is configured for stage 1 and stage 2 translation, but stage 1 translation is bypassed. In these scenarios, the NS parameter is used as the NS attribute required to be input to Secure stage 2 translation. The NS parameter is ignored when stage 2 translation is not performed or when stage 1 translation is performed. Note: When stage 1 translation is performed, the NS attribute provided to stage 2 comes from stage 1 translation tables. When SMMU_S_IDR1.SEL2 == 0, the NS parameter is RES0. For CMD_PREFETCH_ADDR commands issued to the Non-secure Command queue, the NS parameter is RES0. For CMD_PREFETCH_ADDR commands issued to the Secure Command queue with SSec == 0, the NS parameter is RES0. An implementation internally limits the number of translation operations performed so that the overall prefetch operation completes in a reasonable time. Note: An implementation might achieve this by ceasing prefetch at a point after which further prefetch would overwrite TLB entries prefetched earlier in the same operation. Note: If translation table entries have been created for a range of addresses with a consistent page or block size, a prefetch operation can be optimized by setting Stride to align with the page or block size of the range. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 201

Chapter 4. Commands 4.2. Prefetch Note: In some configurations, particularly those with smaller page sizes, it might negatively impact performance to request a prefetch of a span that results in insertion of a large number of TLB entries. When HTTU is enabled, this command: • Marks a stage 2 translation table descriptor as accessed for a CD fetch through stage 2 as described in 4.2.1 CMD_PREFETCH_CONFIG(StreamID, SSec, SubstreamID, SSV) above. • Performs HTTU in a manner consistent with that of a speculative read. See sections 3.14 Speculative accesses and 3.13 Translation tables and Access flag/Dirty state. The common behaviors for SSec apply. See 4.1.6 Common command fields. When issued to a Realm command queue, CMD_PREFETCH_ADDR.NS is RES0 and the address is in Realm address space. If SMMU_(*)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ: • In the Secure state, this command is IGNORED. • In the Non-secure and Realm state, if SMMU(R_)ECMDQ_BASEn.VSID is 0, this command is IGNORED. Otherwise a prefetch operation might be performed depending on the implementation with the StreamID replaced by the SMMU as described in section 3.5.9 Virtual to physical SID translation. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 202

Chapter 4. Commands 4.3. Configuration structure invalidation 4.3 Configuration structure invalidation After an SMMU configuration structure is altered in any way, an invalidation command must be issued to ensure that any cached copies of stale configuration are discarded. The following commands allow invalidation of L1STDs, Stream table entries, L1CDs and CDs by StreamID and by StreamID and SubstreamID. All configuration structures must be considered to be individually cached and the agent controlling the SMMU cannot assume that invalidation of one type of structure affects those of another type unless explicitly specified, regardless of the implementation properties of a particular SMMU. See section 16.2 Caching. Modifications of translation tables require separate invalidation of SMMU TLBs, using broadcast TLB invalidation or explicit TLB invalidation commands. See section 4.4 TLB invalidation. Where a StreamID parameter is provided, it corresponds directly with an STE or L1STD. The StreamID parameter indicates that an STE is to be invalidated, or a CD that has been located directly via the indicated STE. The SSec parameter indicates whether the invalidation applies to configuration related to the Secure or Non-secure Stream table. A structure invalidation command, at a minimum, invalidates all cached copies of structures directly indicated by the command parameters. The commands are permitted to over-invalidate by invalidating other entries. Note: Arm recommends that implementations limit over-invalidation to avoid a negative performance impact. When issued from the Secure Command queue, a command might indicate a Secure or Non-secure Stream table entry and associated CD, using SSec. If over-invalidation occurs, it is permitted to affect either Security state. Over-invalidation is permitted for non-locked configuration cache entries, but when issued from the Non-secure Command queue, Arm strongly recommends that a command only causes invalidation of cached copies of structures associated with Non-secure streams. Where IMPLEMENTATION DEFINED configuration cache locking is used, the IMPLEMENTATION DEFINED configuration cache invalidation semantics might restrict the effects of over-invalidation on locked configuration cache entries. Note: Arm recommends that implementations choosing to allow over-invalidation consider the impact of Non-secure software being able to invalidate structures for Secure streams. 4.3.1 CMD_CFGI_STE(StreamID, SSec, Leaf) RES0 127 96 RES0 95 65 64 Leaf StreamID 63 32 RES0 31 11 10 RES0 9 8 0x03 7 0 SSec Invalidate the STE indicated by StreamID and SSec. This might be used for: • Stream became invalid or valid. • Enabling ATS. • Enabling PASIDs. • Changing stage 1 between bypass and translate. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 203

Chapter 4. Commands 4.3. Configuration structure invalidation Note: This command is not required to affect TLB contents. Separate TLB invalidation must be performed to clean up TLB entries resulting from a prior configuration. When Leaf == 0, this command invalidates the STE for the specified StreamID, and all caching of the intermediate L1ST descriptor structures walked to locate the specified STE (as might be cached when multi-level Stream tables are used). When Leaf == 1, only the STE is invalidated and the intermediate L1ST descriptors are not required to be invalidated. An implementation is permitted to always invalidate the intermediate L1ST descriptors. STEs cached from linear Stream tables are invalidated with any value of Leaf. This command invalidates all Context Descriptors (including L1CD) that were cached using the given StreamID. This command invalidates all information cached from the VMS structure referenced using the given StreamID, for all configuration caches that are indexed by StreamID. Arm recommends the use of the Leaf == 1 form of this command unless Leaf == 0 behavior is explicitly required. When a linear (single-level) Stream table is in use, the extra scope of the Leaf == 0 form is not required to be used. Note: By avoiding Leaf == 0 invalidations unless cached intermediate pointers might exist from multi-level walks, invalidations might be faster and more power-efficient, depending on the implementation of STE caching. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.3.2 CMD_CFGI_STE_RANGE(StreamID, SSec, Range) RES0 127 96 RES0 95 69 Range 68 64 StreamID 63 32 RES0 31 11 10 RES0 9 8 0x04 7 0 SSec Invalidate more than one STE, falling into the range of StreamIDs given by (inclusive): Start = (StreamID & ~(2Range+1 - 1); End = Start + 2(Range+1) - 1; Invalidation is performed for an aligned range of 2(Range+1) StreamIDs. The Range parameter encodes a value 0-31 corresponding to a range of 21 - 232 StreamIDs. The bottom Range+1 bits of the StreamID parameter are IGNORED, aligning the range to its size. Note: Arm expects this command to be used for mass-invalidation when large sections of the Stream table are updated at the same time. This command invalidates all caching of intermediate L1ST descriptors walked to locate the STEs in the given range (as might be cached when multi-level Stream tables are used). An implementation is permitted to over-invalidate these L1ST descriptors if required. This command invalidates any Context Descriptors (including L1CD) that were cached using all StreamIDs in the given range. This command invalidates all information cached from the VMS structure referenced using the given StreamID, for all configuration caches that are indexed by StreamID. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 204

Chapter 4. Commands 4.3. Configuration structure invalidation Note: CMD_CFGI_STE_RANGE(n, SSec, 31) is the encoding for CMD_CFGI_ALL. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(*_)IDR6.DCMDQ is 0b01: • This command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. • When Range == 31, this command additionally invalidates all information cached from the CIT and VSTT structures. 4.3.3 CMD_CFGI_CD(StreamID, SSec, SubstreamID, Leaf) RES0 127 96 RES0 95 65 64 Leaf StreamID 63 32 SubstreamID 31 12 11 10 RES0 9 8 0x05 7 0 RES0 SSec Invalidate one CD. This might be used when: • Changing TTBRx/ASID (software must also invalidate TLBs using the old ASID). • Enabling TBI. The SubstreamID parameter indicates the Context Descriptor to be invalidated. When a cached Context Descriptor was fetched from index x of the CD table indicated by StreamID, then it is invalidated by this command when issued with SubstreamID == x. This includes the case where the STE indicates one CD which is equivalent to a CD table with one entry at index 0. Note: • Where substreams have been used with StreamID, that is when the STE located a CD table with multiple entries, the SubstreamID parameter indicates the CD to be invalidated as an index into the CD table. – STE.S1DSS might alter the translation behavior of the CD at index 0 (which might be used with SubstreamID 0, or transactions without a SubstreamID) but when issued with SubstreamID == 0, this command invalidates caching of the CD read from index 0 independent of its role in translation through S1DSS. • Where substreams are not used with the given StreamID, this command invalidates the CD when it is issued with SubstreamID == 0. When the SubstreamID parameter is outside of the range of implemented SubstreamIDs, including the case where SMMU_IDR1.SSIDSIZE == 0 and the SubstreamID parameter is greater than 0, the behavior is consistent with the out-of-range parameter CONSTRAINED UNPREDICTABLE behavior described in section 4.1.7 Out-of-range parameters. Note: An out-of-range SubstreamID parameter might cause this command to have no effect, or to operate on a different SubstreamID. In the case that SMMU_IDR1.SSIDSIZE == 0, a non-zero SubstreamID parameter might invalidate the single cached CD or have no effect. Note: In the case where STE.S1DSS == 0b10, non-SubstreamID traffic uses CD table entry 0, which would be invalidated using this command with the SubstreamID parameter equal to 0, although SubstreamID == 0 traffic is ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 205

Chapter 4. Commands 4.3. Configuration structure invalidation terminated (therefore is not associated with CD table entry 0), see STE.S1DSS for more information. Note: The SubstreamID parameter is interpreted as a CD table index to invalidate. As such, a configuration with one CD can be thought of as a one-entry table. To invalidate the CD cached from this configuration, the SubstreamID parameter to this command would be 0. When Leaf == 0, this command invalidates all caching of an intermediate L1CD descriptor that locates the CD in a 2-level CD table (see STE.S1Fmt). When Leaf == 1, intermediate L1CD descriptors are not required to be invalidated. An implementation is permitted to always invalidate the intermediate descriptors. This command raises CERROR_ILL when stage 1 is not implemented. A cached copy of CD data is treated as being local to the StreamID that locates the CD, because the CDs are indexed using SubstreamIDs whose scope is local to the StreamID. If multiple StreamIDs use a shared CD or table of CDs, the CD might be cached multiple times, having been fetched through any of the STEs. An invalidation command must be performed that affects all StreamIDs whose STEs point to the CD to be invalidated. Note: This means that, when cached, CDs do not have to be located by address and might be indexed by StreamID and SubstreamID. Note: For example, multiple CMD_CFGI_CD or CMD_CFGI_STE commands for each StreamID can be performed, or a wider-scope CMD_CFGI_STE_RANGE or CMD_CFGI_ALL covering all StreamIDs. Arm recommends the use of the Leaf == 1 form of this command unless Leaf == 0 behavior is explicitly required. When a linear (single-level) CD table is in use, the extra scope of the Leaf == 0 form is not required to be used. Note: Avoiding Leaf == 0 invalidations unless cached intermediate pointers might exist from multi-level walks might have power and performance benefits. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.3.4 CMD_CFGI_CD_ALL(StreamID, SSec) RES0 127 96 RES0 95 64 StreamID 63 32 RES0 31 11 10 RES0 9 8 0x06 7 0 SSec Invalidate all CDs referenced by StreamID, for example when decommissioning a device. A separate command must also be issued to invalidate TLB entries for any ASIDs used, either by ASID or all. Note: When STE configuration has enabled substreams, this command affects all CDs cached for the StreamID substreams. When STE configuration has disabled substreams and used a single CD for stage 1, this command affects that single CD. This command must also invalidate caches of all intermediate L1CD descriptors that locate CDs using the given StreamID. This command raises CERROR_ILL when stage 1 is not implemented. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 206

Chapter 4. Commands 4.3. Configuration structure invalidation See 4.3.3 CMD_CFGI_CD(StreamID, SSec, SubstreamID, Leaf), when a CD table is shared by multiple STEs this can give rise to multiple caches of each CD table entry. This command, or similar for STE or ALL scope, must be performed for all StreamIDs that could have cached the CD table contents. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.3.5 CMD_CFGI_VMS_PIDM(SSec, VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 11 10 RES0 9 8 0x07 7 0 SSec This command invalidates cached VMS.PARTID_MAP information that is stored in a cache that is not affected by CMD_CFGI_STE. The SSec parameter is encoded the same as for other CMD_CFGI_ commands and indicates the Security state associated with the VMID parameter. The validity and usage of the VMID parameter is consistent with the behavior of VMID in the CMD_TLBI_ commands. See section 4.4.2 TLB invalidation of stage 1. A CERROR_ILL is raised in any of the following conditions: • SMMU_IDR3.MPAM == 0. • MPAM is not supported by the programming interface indicated by SSec or the VMS is not supported by the programming interface indicated by SSec. • SSec is used improperly, consistent with the common definition of SSec. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.3.5.1 Usage The PARTID_MAP might be cached in either of a configuration cache or a separate PARTID_MAP cache. This means that a change to the PARTID_MAP requires invalidation of both configuration that could have used that PARTID_MAP and of a separate PARTID_MAP cache. The following invalidation procedure can be used: 1. CMD_CFGI_VMS_PIDM(s, VMID) 2. CMD_SYNC 3. STE configuration cache invalidations for all StreamIDs associated with the VMS holding the PARTID_MAP (for example, CMD_CFGI_STE_RANGE). 4. CMD_SYNC Note: The VMID required for invalidation is the STE.S2VMID value that is used by the STEs that reference the VMS. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 207

Chapter 4. Commands 4.3. Configuration structure invalidation 4.3.6 CMD_CFGI_CIT(StreamID) RES0 127 96 RES0 95 64 StreamID 63 32 RES0 31 8 0x8 7 0 This command invalidates the CITE for the specified StreamID and all caching of the intermediate L1CIT descriptor. This command also invalidates the corresponding StreamID Translation Table (L1 VSTT descriptors and VSTT entries). StreamID is a qSID associated with a DCMDQ control page. See section 3.5.9 Virtual to physical SID translation. If SMMU_(R_)IDR6.VSID is 0b01: • This command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. • Otherwise, this command is ILLEGAL on any CMDQ and CERROR_ILL is raised. 4.3.7 CMD_CFGI_VSTT_VSID(StreamID, vSID) RES0 127 96 RES0 95 80 vSID 79 64 StreamID 63 32 RES0 31 8 0x9 7 0 This command invalidates the vSID Translation Entry for the specified virtual SID and StreamID. This command only affects VSTT descriptors and VSTT entries, not the CIT entry through which this VSTT was accessed. StreamID is a qSID associated with a DCMDQ control page. vSID is the Virtual StreamID for which the translation needs to be invalidated. See section 3.5.9 Virtual to physical SID translation. If SMMU_(R_)IDR6.VSID is 0b01: • This command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. • Otherwise, this command is ILLEGAL on any CMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 208

Chapter 4. Commands 4.3. Configuration structure invalidation 4.3.8 CMD_CFGI_VSTT(StreamID) RES0 127 96 RES0 95 64 StreamID 63 32 RES0 31 8 0x0A 7 0 This command invalidates the complete vSID Translation Table for the specified StreamID. This command only affects VSTT descriptors and VSTT entries, not the CIT entry through which this VSTT was accessed. StreamID is a qSID associated with a DCMDQ control page. See section 3.5.9 Virtual to physical SID translation. If SMMU_(R_)IDR6.VSID is 0b01: • This command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. • Otherwise, this command is ILLEGAL on any CMDQ and CERROR_ILL is raised. 4.3.9 CMD_CFGI_ALL(SSec) RES0 127 96 RES0 95 69 31 68 64 IGNORED 63 32 RES0 31 11 10 RES0 9 8 0x04 7 0 SSec This command is encoded as CMD_CFGI_STE_RANGE with Range == 31. This command invalidates: • The cached configuration for all possible StreamIDs that are associated with the Security state given by SSec. Because Range == 31, the StreamID parameter is IGNORED. • All information cached from all VMS structures associated with the Security state given by SSec, including from caches that are indexed by VMID. The common behaviors for SSec apply. See 4.1.6 Common command fields. Note: Behavior for caches indexed by StreamID is as described in CMD_CFGI_STE_RANGE and invalidates caches of all configuration structures relevant to the Security state indicated by SSec. This includes caches of: • Stream Table Entries. • Intermediate or L1ST descriptor multi-level Stream Table Entries. • Context Descriptors. • Intermediate or L1CD multi-level Context Descriptor table entries. • VMS structures. Note: Arm recommends that an implementation explicitly detects this case and performs an invalidate-all operation instead of using an invalidate-range, if invalidate-all would be faster or more efficient. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 209

Chapter 4. Commands 4.3. Configuration structure invalidation Note: If it is required that TLB entries are also invalidated (such as reset-time initialization of the SMMU), Arm recommends that this command is followed by a command sequence to invalidate all TLB entries. A sequence in which TLB invalidations precede a CMD_CFGI_ALL might lead to a race in which TLB entries are pre-loaded using prefetch with possibly-stale cached configuration structures. When issued to a Realm command queue, this command always applies to Realm StreamIDs only. If SMMU_(*_)IDR6.DCMDQ is 0b01: • This command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. • If Range == 31, this command additionally invalidates all information cached from the CIT and VSTT structures. 4.3.10 Action of VM guest OS structure invalidations by hypervisor Note: When a guest issues structure invalidation commands on its Command queue, the hypervisor must perform maintenance on its behalf. In particular, StreamIDs might need to be mapped from the guest view into real system StreamIDs. Arm recommends the following behavior: Guest S1 command Hypervisor action Notes CMD_CFGI_STE Re-shadow STE, CMD_CFGI_STE Map guest StreamID to host StreamID. Note: SubstreamID is the same in guest and host. CMD_CFGI_STE_RANGE Re-shadow STEs, CMD_CFGI_STE or CMD_CFGI_STE_RANGE as appropriate. CMD_CFGI_CD CMD_CFGI_CD CMD_CFGI_CD_ALL CMD_CFGI_CD_ALL CMD_CFGI_ALL CMD_CFGI_ALL, or, For each S in (GUEST_STREAMS) { CMD_CFGI_STE(S); } CMD_CFGI_ALL might over-invalidate and affect performance of other guests. An alternative is to explicitly invalidate structures for each StreamID assigned to the guest in question. 4.3.11 Configuration structure invalidation semantics/rules Stalled transactions are unaffected by structure or TLB invalidation commands and must be dealt with either by using CMD_RESUME to retry or terminate them individually, or flushed using CMD_STALL_TERM for affected StreamIDs. Note: When a stalled transaction is retried, it is re-translated as though it had just arrived, using newly-updated structures that might have been made visible to the SMMU with prior structure or TLB invalidation operations. Translation of a transaction through the SMMU might not be a single atomic step and an invalidation command might be received while the transaction is in progress inside the SMMU. An invalidation of a structure that is used by a transaction that is in progress is not required to affect the transaction, if the transaction looked up the structure before it was invalidated. However, invalidation of any given structure must be seen as atomic so that a transaction must never see a partially-valid structure. A subsequent CMD_SYNC ensures that the transaction, having used a structure that was affected by an invalidation command, is visible to the system before the CMD_SYNC completes. The consumption of structure and TLB invalidation commands does not guarantee invalidation completion. A subsequent CMD_SYNC is consumed when all prior invalidations of both structure and TLB have completed. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 210

Chapter 4. Commands 4.3. Configuration structure invalidation Refer to section 3.21 Structure access rules and update procedures for structure update procedure and information about invalidation completion. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 211

Chapter 4. Commands 4.4. TLB invalidation 4.4 TLB invalidation The TLB invalidation commands are similar to the Armv8-A broadcast TLB invalidation messages originating from PE TLB invalidation operations. These commands only affect the SMMU TLB and do not generate any broadcast operations to other agents in the system. Note: SMMU TLB invalidate commands might be required because: • The SMMU or interconnect does not support broadcast TLB invalidation messages. • The ASET flag in a Context Descriptor might cause a TLB entry to be marked as not participating in certain types of broadcast TLB invalidation, see section 3.17 TLB tagging, VMIDs, ASIDs and participation in broadcast TLB maintenance. The Armv8-A Last Level (leaf) scope is supported, to only invalidate an indicated TLB entry and last level cache. Entries in this section show the PE TLB invalidation instructions that have the same scope as the SMMU command being described. Broadcast TLB invalidation messages from these PE operations trigger the equivalent operation on the SMMU. The scope of broadcast TLB invalidation and SMMU TLB invalidation commands are affected by VMID Wildcards, if enabled, see section 3.17.6 VMID Wildcards and SMMU_()CR0.VMW. ASID and VMID parameters to TLB invalidation commands are either 8-bit or 16-bit values, as appropriate, depending on whether the SMMU implementation supports 8-bit or 16-bit ASIDs and VMIDs (SMMU_IDR0.{ASID16,VMID16}). When support for either ASIDs or VMIDs is 8 bits, the upper 8 bits of the corresponding 16-bit parameter field are RES0. In this case, if the upper 8 bits are non-zero, the command is not required to affect TLB entries. Note: There are some configurations where VMID is RES0. See Section 4.4.2 TLB invalidation of stage 1. Commands matching TLB entries on ASID disregard the ASET value with which TLB entries were inserted. Each command specifies the minimum required scope of TLB invalidation that must be performed. An implementation is permitted to invalidate more non-locked entries than this required scope (over-invalidation) but doing so can adversely affect performance and is not recommended by Arm. Where IMPLEMENTATION DEFINED TLB locking is used, invalidation semantics set out in section 16.6.1 Configuration cache locking and TLB locking must be observed. Note: As described in section 4.3.11 Configuration structure invalidation semantics/rules above, a CMD_SYNC completes when prior TLB invalidations have completed. A sequence of CMD_TLBI commands followed by a CMD_SYNC is analogous to a sequence of TLBI instructions followed by a DSB on the PE, where the DSB ensures TLB invalidation completion. Note: Consistent with the A-profile architecture[2], for an entry to be eligible for invalidation, addresses that are provided for non-ranged TLB invalidation are not required to be aligned to the start of a TLB entry address range. To match a TLB entry, the least significant bits of the address are ignored as needed, given the size of the entry. 4.4.1 Common TLB invalidation fields 4.4.1.1 Range-based invalidation and level hint Armv8.4 [2] introduces range-based TLB invalidation operations and adds a level hint to both existing and range-based invalidation operations. The SMMU_IDR3.RIL bit indicates support for both range-based invalidation and the level hint. This feature is mandatory in SMMUv3.2 or later. The following fields are common across all address-based invalidation operation commands, for VA and IPA, as described in sections 4.4.2 TLB invalidation of stage 1 and 4.4.3 TLB invalidation of stage 2. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 212

Chapter 4. Commands 4.4. TLB invalidation Bits Name Meaning [25:20] SCALE Range invalidation scale. • See below for use of this field in range invalidation. • When TG == 0b00 this field is RES0. • If SMMU_IDR3.RIL == 0, this field is RES0. • If SMMU_IDR5.DS == 0, this field is 5 bits wide, bits [24:20]. Bit 25 is RES0. • If SMMU_IDR5.DS == 1, this field is 6 bits wide, bits [25:20]. Values of this field that are greater than 39 are treated as 39, but software must not rely on this behavior. With the larger values of this field, it is possible that a CMD_TLBI_ with a base address that targets the TTB0 region can include a range that overflows into the TTB1 region, for translation regimes that have two VA ranges. In this scenario, the CMD_TLBI_ is not required to invalidate any entries in the TTB1 region. [16:12] NUM Range invalidation granule multiplier • See below for use of this field in range invalidation. • When TG = 0b00, this field is RES0. • If SMMU_IDR3.RIL == 0, this field is RES0. [75:74] TG Translation Granule • This field indicates the Translation Granule size of the TLB entries that are intended to be invalidated and is used with both the range TLB invalidation and the TTL hint, as described in Armv8.4(1). It applies to TLB entries that cache information from Table descriptors or information from last level descriptors. • TG is encoded as follows: – 0b00: Entries to be invalidated were inserted using any Translation Granule size, and: * Range invalidation is not performed. * The TTL hint is not used. – 0b01: Entries to be invalidated were inserted using a 4KB Translation Granule. – 0b10: Entries to be invalidated were inserted using a 16KB Translation Granule. – 0b11: Entries to be invalidated were inserted using a 64KB Translation Granule. • If SMMU_IDR3.RIL == 0, this field is RES0. • If a non-zero value is specified then the SMMU is only required to invalidate TLB entries that were inserted using a Translation Granule that matches TG. [73:72] TTL Translation Table Level • When TG != 0b00, this field provides a hint that indicates the level of the translation table walk holding the leaf entry for the address that is being invalidated, as described in Armv8.4(1). • When TG == 0b00, this field is RES0. The TTL field does not affect the scope of the invalidation. • If a non-zero value is specified, then the SMMU is only required to invalidate TLB entries that were inserted from a translation table walk level matching TTL. • If SMMU_IDR3.RIL == 0, this field is RES0. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 213

Chapter 4. Commands 4.4. TLB invalidation Bits Name Meaning [71] TTL128 Translation Table Level when using 128-bit descriptors • When TG != 0b00 and TTL != 0b00, this field indicates that the TTL hint applies to a translation regime using 128-bit descriptors. • When TG == 0b00 or TTL == 0b00, this field is RES0. (1)[2] The encodings of TTL reduce the required scope of the invalidation as follows: TTL When TG == 0b00 When TG == 0b01 When TG == 0b10 When TG == 0b11 0b00 TTL is RES0, not used. Leaf entries at any level Leaf entries at any level Leaf entries at any level Leaf entries at any level of of a 4KB Granule table. of a 16KB Granule table. of a 64KB Granule table. walk of a table with any Translation Granule size. 0b01 Leaf entries at Level 1 If SMMU_IDR5.DS == 1 Leaf entries at Level 1 of a 4KB Granule table. then leaf entries at level 1 of a 64KB Granule table. of a 16KB Granule table. Otherwise Reserved, and hardware treats as TTL == 0b00. 0b10 Leaf entries at Level 2 Leaf entries at Level 2 Leaf entries at Level 2 of a 4KB Granule table. of a 16KB Granule table. of a 64KB Granule table. 0b11 Leaf entries at Level 3 Leaf entries at Level 3 Leaf entries at Level 3 of a 4KB Granule table. of a 16KB Granule table. of a 64KB Granule table. Note: Armv8.7 FEAT_LPA2 [2] introduces a TTL encoding to target level 0 block descriptors for the 4KB translation granule size. The SMMU CMD_TLBI_ operations do not have an equivalent encoding. When TG = 0b00, the TTL and TTL128 hints are not used and range invalidation is not performed. Note: The TTL hint gives the level of translation table walk of the page or block last level descriptor entries for the addresses being invalidated. For operations with Leaf=0, invalidation of cached Table descriptors for the address and scope additionally occurs at levels between the start of the walk and the level before the last level given by TTL. When TG != 0b00: • The TTL field might indicate a level hint. • A range invalidation is performed. The range, in bytes, of virtual or intermediate physical addresses are given by: – Range = ((NUM+1)2SCALE)*Translation_Granule_Size ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 214

Chapter 4. Commands 4.4. TLB invalidation – The range begins at the address given by the Address field in the command, meaning that the set of invalidated addresses, A, is given by: * Address <= A < Address + Range – Note: This differs from the range expressible using an Armv8.4 [2] PE ‘TLBI R’ instruction, because the SCALE field is larger in an SMMU command. The SMMU encoding can express a superset of all possible ranges expressible in a PE ‘TLBI R’ instruction. – Note: The span is a single granule when NUM == 0 and SCALE == 0. In this case, the command has similar behavior to a non-range SMMU invalidation operation, except it uses the TTL hint. If SMMU_IDR5.DS == 0, a TLBI configured with TG == 0b10 and TTL == 0b01, raises a CERROR_ILL, since TTL is treated as 0b00, whereas for an equivalent single address TLBI issued by a PE, the invalidation is performed and the encoding means that the leaf entry can be from any level. – Note: A CMD_TLBI_ can be issued with an Address in the TTB1 half of the Virtual Address space, with SCALE and NUM values such that the Range exceeds the top of the address space. The Address is not considered to “wrap” on overflow and the SMMU is not required to invalidate any entries inserted for the TTB0 half of the Virtual Address space in this scenario. • For 64-bit descriptors, the range of addresses that is invalidated is UNPREDICTABLE in the following conditions: – For the 4K translation granule (TG == 0b01): * If TTL == 0b01 and bits Address[29:12] are not all zero. * If TTL == 0b10 and bits Address[20:12] are not all zero. – For the 16K translation granule (TG == 0b10): * If TTL == 0b10 and bits Address[24:12] are not all zero. * If TTL == 0b11 or 0b00 and bits Address[13:12] are not all zero. * If SMMU_IDR5.DS == 1, TTL == 0b01, and bits Address[35:12] are not all zero. * Note: If SMMU_IDR5.DS == 0 then TTL == 0b01 is Reserved when TG == 0b10 and this value should not be programmed. Hardware treats TTL == 0b01 as though TTL == 0b00. This means that, to avoid an unpredictable range of invalidation, Address[13:12] are also required to be zero when TTL == 0b01. – For the 64K translation granule (TG == 0b11): * If TTL == 0b01 and bits Address[41:12] are not all zero. * If TTL == 0b10 and bits Address[28:12] are not all zero. * If TTL == 0b11 or 0b00 and bits Address[15:12] are not all zero. • For 128-bit descriptors, the TLBI is not required to invalidate any TLB entries in the following conditions: – For the 4K translation granule (TG == 0b01): * If TTL == 0b01 and bits Address[27:12] are not all zero. * If TTL == 0b10 and bits Address[19:12] are not all zero. – For the 16K translation granule (TG == 0b10): * If TTL == 0b01 and bits Address[33:12] are not all zero. * If TTL == 0b10 and bits Address[23:12] are not all zero. * If TTL == 0b11 and bits Address[13:12] are not all zero. – For the 64K translation granule (TG == 0b11): * If TTL == 0b01 and bits Address[39:12] are not all zero. * If TTL == 0b10 and bits Address[27:12] are not all zero. * If TTL == 0b11 and bits Address[15:12] are not all zero. – Note: Bits Address[11:0] are not supplied in the address argument. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 215

Chapter 4. Commands 4.4. TLB invalidation • The parameter combination of NUM == 0, SCALE == 0 and TTL = 0b00 is Reserved. Use of this Reserved combination of parameters causes CERROR_ILL. – Note: Providing granule information without using TTL or a range invalidate has no purpose and this command encoding is Reserved. • If TTL != 0b00: – If the TTL128 field is RES0 or zero, invalidation is performed to TLB entries using TG and 64-bit descriptor format, from the level of walk in TTL. – If the TTL128 field is 1 then invalidation is performed to TLB entries using TG and 128-bit descriptor format, from the level of walk in TTL. An implementation of SMMUv3.2 or later in a system that supports broadcast invalidation, that is when SMMU_IDR0.BTM == 1, also supports broadcast range invalidation operations. Note: For example, for a TLBI issued with TTL=0b10 and Leaf=0: • The SMMU will invalidate cached entries for matching: – Level 2 block entries. – Level 0 and level 1 table entries. • The SMMU is not required to invalidate: – Level 3 entries. – Level 2 table entries. – Level 1 block entries. 4.4.2 TLB invalidation of stage 1 The commands in this section are available in the following cases: • On an SMMU with stage 1-only (SMMU_IDR0.{S1P, S2P} == {1, 0}). • On an SMMU with stage 1 and stage 2 (SMMU_IDR0.{S1P, S2P} == {1, 1}). On an SMMU with stage 2-only (SMMU_IDR0.{S1P, S2P} == {0, 1}), these commands result in CERROR_ILL. Stage 1 command Stage 1 From Non-secure From Secure Command queue, not supported Command queue if present CMD_TLBI_NH_ALL CERROR_ILL Invalidate NS EL1 mappings Invalidate Secure stage 1 CMD_TLBI_NH_ASID mappings (inserted with CMD_TLBI_NH_VAA StreamWorld == Secure). CMD_TLBI_NH_VA Note: EL3 entries are not required to be affected. CMD_TLBI_EL3_ALL CERROR_ILL Invalidate EL3 stage 1 mappings CMD_TLBI_EL3_VA (insered with StreamWorld == EL3). CMD_TLBI_EL2_ALL If SMMU_IDR0.Hyp == 1, invalidate EL2 or El2-E2H stage CMD_TLBI_EL2_VA 1 mappings as indicated by SMMU_CR2.E2H, in the CMD_TLBI_EL2_VAA corresponding Security state (see text). CMD_TLBI_EL2_ASID If SMMU_IDR0.Hyp == 0, CERROR_ILL. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 216

Chapter 4. Commands 4.4. TLB invalidation Note: Arm expects that software controlling a stage 1-only SMMU will use the first four commands. This includes driver software operating in a virtual machine controlling a stage 1-only SMMU interface. In the following CMD_TLBI_NH_ commands, VMID is only matched when stage 2 is supported for the Security state corresponding to the command queue that the command was issued in. Otherwise, the VMID parameter is RES0 and, if it has a non-zero value, the SMMU is permitted to perform the invalidation on an UNKNOWN VMID value, or to not perform an invalidation. Note: A stage 1-only implementation is not required to check that the VMID parameter of CMD_TLBI_NH_ is zero. The Address parameters of these commands are VAs. An implementation is permitted but not required to treat the parameter as out of range if bits at Address[VAS-1] and upwards are not all equal in value. TBI is permitted but not required to apply to the parameter. 4.4.2.1 CMD_TLBI_NH_ALL(VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 8 0x10 7 0 When issued from the Non-secure Command queue, the invalidation scope is equivalent to that of VMALLE1, invalidates all stage 1 NS-EL1 (not NS-EL2 or NS-EL2-E2H) entries for VMID, including global entries. When issued from the Secure Command queue and Secure stage 2 is not supported, the invalidation scope is equivalent to that of Secure ALLE1, invalidates all Secure entries, including global entries. When issued from the Secure Command queue and Secure stage 2 is supported, the invalidation scope is equivalent to that of Secure VMALLE1, invalidates all Secure stage 1 EL1 (not S-EL2 or S-EL2-E2H) entries for VMID, including global entries. For an equivalent to Non-secure ALLE1, see CMD_TLBI_NSNH_ALL. When issued from the Realm Command queue, the invalidation scope is equivalent to that of VMALLE1, invalidates all stage 1 Realm-EL1 (not Realm-EL2 or Realm-EL2-E2H) entries for VMID, including global entries. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ, the SMMU replaces the supplied VMID with the VMID configured in STE[qSID].S2VMID, but treats the other fields as usual. See section 3.5.7.3.2 Stream Table Entry (STE). ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 217

Chapter 4. Commands 4.4. TLB invalidation 4.4.2.2 CMD_TLBI_NH_ASID(VMID, ASID) RES0 127 96 RES0 95 64 ASID 63 48 VMID 47 32 RES0 31 8 0x11 7 0 The invalidation scope is equivalent to that of ASIDE1: When issued from the Non-secure Command queue, invalidates stage 1 NS-EL1 non-global entries by ASID and VMID. When issued from the Secure Command queue and Secure stage 2 is not supported, invalidates stage 1 Secure non-global entries by ASID. When issued from the Secure Command queue and Secure stage 2 is supported, invalidates Secure stage 1 non-global entries by ASID and VMID. When issued from the Realm Command queue, invalidates stage 1 Realm-EL1 non-global entries by ASID and VMID. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ, the SMMU replaces the supplied VMID with the VMID configured in STE[qSID].S2VMID, but treats the other fields as usual. See section 3.5.7.3.2 Stream Table Entry (STE). 4.4.2.3 CMD_TLBI_NH_VAA(VMID, Addr, Leaf) Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf RES0 63 48 VMID 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x13 7 0 The invalidation scope is equivalent to that of VAA{L}E1: When issued from the Non-secure Command queue, invalidates stage 1 NS-EL1 entries by VA for all ASIDs in VMID, including global entries. When issued from the Secure Command queue and Secure stage 2 is not supported, invalidates stage 1 Secure entries by VA for all ASIDs, including global entries. When issued from the Secure Command queue and Secure stage 2 is supported, invalidates stage 1 Secure entries by VA for all ASIDs in VMID, including global entries. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 218

Chapter 4. Commands 4.4. TLB invalidation When issued from the Realm Command queue, invalidates stage 1 Realm-EL1 entries by VA for all ASIDs in VMID, including global entries. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_()IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ, the SMMU replaces the supplied VMID with the VMID configured in STE[qSID].S2VMID, but treats the other fields as usual. See section 3.5.7.3.2 Stream Table Entry (STE). 4.4.2.4 CMD_TLBI_NH_VA(VMID, ASID, Addr, Leaf) Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf ASID 63 48 VMID 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x12 7 0 The invalidation scope is equivalent to that of VA{L}E1: When issued from the Non-secure Command queue, invalidates stage 1 NS-EL1 entries by VMID, ASID and VA, as well as global entries by VMID and VA regardless of the ASID used during allocation. When issued from the Secure Command queue and Secure stage 2 is not supported, invalidates stage 1 Secure entries by ASID and VA, as well as global entries by VA regardless of the ASID used during allocation. When issued from the Secure Command queue and Secure stage 2 is supported, invalidates stage 1 Secure entries by VMID, ASID and VA, as well as global entries by VMID and VA regardless of the ASID used during allocation. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. When issued from the Realm Command queue, invalidates stage 1 Realm-EL1 entries by VMID, ASID and VA, as well as global entries by VMID and VA regardless of the ASID used during allocation. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ, the SMMU replaces the supplied VMID with the VMID configured in STE[qSID].S2VMID, but treats the other fields as usual. See section 3.5.7.3.2 Stream Table Entry (STE). 4.4.2.5 CMD_TLBI_EL3_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x18 7 0 ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 219

Chapter 4. Commands 4.4. TLB invalidation The invalidation scope is equivalent to that of ALLE3, invalidates all stage 1 EL3 entries. This command is valid only on the Secure Command queue, otherwise a CERROR_ILL is raised. If SMMU_IDR0.RME_IMPL == 1, this command results in CERROR_ILL, as EL3 StreamWorld is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.6 CMD_TLBI_EL3_VA(Addr, Leaf) Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf RES0 63 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x1a 7 0 The invalidation scope is equivalent to that of VA{L}E3, invalidates stage 1 EL3 by VA. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. This command is valid only on the Secure Command queue, otherwise a CERROR_ILL is raised. If SMMU_IDR0.RME_IMPL == 1, this command results in CERROR_ILL, as EL3 StreamWorld is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.7 CMD_TLBI_EL2_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x20 7 0 All stage 1 NS-EL2/Hyp entries are invalidated, whether ASID-tagged (inserted in NS-EL2-E2H mode when SMMU_CR2.E2H == 1) or not. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 220

Chapter 4. Commands 4.4. TLB invalidation The invalidation scope is equivalent to that of ALLE2, and when HCR_EL2.TGE == 1 && HCR_EL2.E2H == 1, VMALLE1. When SMMU_IDR0.Hyp == 0, this command causes a CERROR_ILL. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued on a Realm Command queue, all stage 1 Realm-EL2 entries are invalidated, whether ASID-tagged (inserted in Realm-EL2-E2H mode when SMMU_R_CR2.E2H == 1) or not. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.8 CMD_TLBI_EL2_VA(ASID, Addr, Leaf) Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf ASID 63 48 RES0 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x22 7 0 When issued on a Non-secure or Secure command queue, stage 1 NS-EL2/Hyp entries by VA are invalidated, including global. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. This behavior of the command is governed by SMMU_CR2.E2H: • When SMMU_CR2.E2H == 1, TLB entries inserted with a StreamWorld == NS-EL2-E2H configuration are invalidated if ASID matches (or global) and VA matches. TLB entries inserted with StreamWorld == NS-EL2 are not required to be invalidated. • When SMMU_CR2.E2H == 0, TLB entries inserted with a StreamWorld == NS-EL2 configuration are invalidated if VA matches, and the ASID parameter is ignored. TLB entries inserted with StreamWorld == NS-EL2-E2H are not required to be invalidated. This command must not be submitted to a Command queue when the effective value of SMMU_CR2.E2H is UNKNOWN. Otherwise, it is UNPREDICTABLE whether any NS-EL2 or NS-EL2-E2H entries that match Addr and ASID are invalidated. See section 6.3.12.3 E2H. The invalidation scope is equivalent to that of VA{L}E2, and when HCR_EL2.TGE == 1 && HCR_EL2.E2H == 1, VA{L}E1. When SMMU_IDR0.Hyp == 0, this command causes a CERROR_ILL. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued to a Realm command queue, this command applies to Realm EL2 or EL2-E2H TLB entries with the same qualification about E2H that are described for Non-secure state. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 221

Chapter 4. Commands 4.4. TLB invalidation 4.4.2.9 CMD_TLBI_EL2_VAA(Addr, Leaf) Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf RES0 63 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x23 7 0 When issued on a Non-secure or Secure command queue, stage 1 NS-EL2/Hyp entries by VA for all ASIDs are invalidated, including global. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. This behavior of this command is governed by SMMU_CR2.E2H: • When SMMU_CR2.E2H == 1, TLB entries inserted with a StreamWorld == NS-EL2-E2H configuration are invalidated if the VA matches, for all ASIDs. TLB entries inserted with StreamWorld == NS-EL2 are not required to be invalidated. • When SMMU_CR2.E2H == 0, TLB entries inserted with a StreamWorld == NS-EL2 configuration are invalidated if the VA matches. TLB entries inserted with StreamWorld == NS-EL2-E2H are not required to be invalidated. This command must not be submitted to a Command queue when the effective value of E2H is UNKNOWN. Otherwise, it is UNPREDICTABLE whether any NS-EL2 or NS-EL2-E2H entries that match Addr and ASID are invalidated. See section 6.3.12.3 E2H. Note: An implementation might choose to optimize search of a TLB given this information, and access a single location for the given VA. The invalidation scope is equivalent to that of VAA{L}E1 when HCR_EL2.TGE == 1 && HCR_EL2.E2H == 1. When a PE is not in EL2-E2H mode, it does not have an equivalent. When SMMU_IDR0.Hyp == 0, this command causes CERROR_ILL. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued to a Realm command queue, this command always applies to Realm EL2 or EL2-E2H TLB entries with the same qualifications about E2H that are described for Non-secure state above. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 222

Chapter 4. Commands 4.4. TLB invalidation 4.4.2.10 CMD_TLBI_EL2_ASID(ASID) RES0 127 96 RES0 95 64 ASID 63 48 RES0 47 32 RES0 31 8 0x21 7 0 Invalidates stage 1 NS-EL2/Hyp non-global entries by ASID. Non-global TLB entries inserted with a StreamWorld == NS-EL2-E2H configuration are invalidated if ASID matches. EL2 (non-ASID-tagged) entries are not required to be invalidated. The invalidation scope is equivalent to that of ASIDE1 when HCR_EL2.TGE == 1 && HCR_EL2.E2H == 1. When a PE is not in NS-EL2-E2H mode, it does not have an equivalent. When SMMU_IDR0.Hyp == 0, this command causes a CERROR_ILL. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued to a Realm command queue, this command always applies to Realm-EL2-E2H TLB entries. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.11 CMD_TLBI_S_EL2_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x50 7 0 This command is equivalent to, and is encoded similarly to CMD_TLBI_EL2_ALL but acts on S-EL2 instead of NS-EL2. This command relates to SMMU_S_CR2.E2H in a similar way as CMD_TLBI_EL2_ALL relates to SMMU_CR2.E2H. This command causes CERROR_ILL when used on the Non-secure Command queue. The opcode for this command is Reserved and causes CERROR_ILL when Secure EL2 is not supported. See section 3.10.2.2 Secure EL2 and support for Secure stage 2 translation. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 223

Chapter 4. Commands 4.4. TLB invalidation If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.12 CMD_TLBI_S_EL2_VA Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf ASID 63 48 RES0 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x52 7 0 This command is equivalent to, and is encoded similarly to CMD_TLBI_EL2_VA but acts on S-EL2 instead of NS-EL2. This command relates to SMMU_S_CR2.E2H in a similar way as CMD_TLBI_EL2_VA relates to SMMU_CR2.E2H. This command causes CERROR_ILL when used on the Non-secure Command queue. The opcode for this command is Reserved and causes CERROR_ILL when Secure EL2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.13 CMD_TLBI_S_EL2_VAA Address[63:12] 127 96 Address[63:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf RES0 63 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x53 7 0 This command is equivalent to, and is encoded similarly to CMD_TLBI_EL2_VAA but acts on S-EL2 instead of NS-EL2. This command relates to SMMU_S_CR2.E2H in a similar way as CMD_TLBI_EL2_VAA relates to SMMU_CR2.E2H. This command causes CERROR_ILL when used on the Non-secure Command queue. The opcode for this command is Reserved and causes CERROR_ILL when Secure EL2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 224

Chapter 4. Commands 4.4. TLB invalidation If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.2.14 CMD_TLBI_S_EL2_ASID RES0 127 96 RES0 95 64 ASID 63 48 RES0 47 32 RES0 31 8 0x51 7 0 This command is equivalent to, and is encoded similarly to CMD_TLBI_EL2_ASID but acts on S-EL2 instead of NS-EL2. This command relates to SMMU_S_CR2.E2H in a similar way as CMD_TLBI_EL2_ASID relates to SMMU_CR2.E2H. This command causes CERROR_ILL when used on the Non-secure Command queue. The opcode for this command is Reserved and causes CERROR_ILL when Secure EL2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. Note: When issued on an SMMU without stage 1 support (SMMU_IDR0.S1P == 0), this command results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.3 TLB invalidation of stage 2 These commands allow a hypervisor to perform stage 2 invalidations on behalf of a VM. 4.4.3.1 CMD_TLBI_S2_IPA(VMID, Addr, Leaf) RES0 127 120 Address[55:12] 119 96 Address[55:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 65 64 TTL128 Leaf RES0 63 48 VMID 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x2a 7 0 The invalidation scope is equivalent to that of IPAS2{L}E1, invalidates stage 2 by VMID and IPA. When Leaf == 1, only cached entries for the last level of translation table walk are required to be invalidated. When issued on an SMMU without stage 2 support, a CERROR_ILL is raised. If issued on a Non-secure or Secure Command queue, the Address parameter is a Non-secure IPA in the Non-secure translation regime. An implementation is permitted but not required to treat the parameter as out of range if bits at Address[IAS] and upwards are not all zero. Address bits [11:0] are treated as 0s. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 225

Chapter 4. Commands 4.4. TLB invalidation Consistent with Armv8-A [2], this command is not required to invalidate structures containing combined stage 1 and stage 2 information (from nested stage 1 and 2 translation configuration). Where combined Stage 1 and stage 2 mappings are possible, this command is expected to be used with CMD_TLBI_NH_ALL or CMD_TLBI_NH_VAA. However, this command is sufficient to invalidate translations resulting from stage 2-only configuration. Note: An implementation choosing to combine all stages of translation into one TLB must distinguish whether an entry represents a VA or an IPA (inserted from stage 1, stage 1 and 2 configuration or stage 2-only) so that invalidation by IPA is able to locate entries inserted from stage 2-only configurations. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued to a Realm command queue, this command always applies to Realm stage 2 TLB entries. If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.3.2 CMD_TLBI_S12_VMALL(VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 8 0x28 7 0 The invalidation scope is equivalent to that of VMALLS12E1, invalidates all Non-secure (and non-Hyp) entries at all implemented stages for VMID. When issued on an SMMU without stage 2 support, a CERROR_ILL is raised. This command has the same effect whether issued from the Secure or Non-secure command queues. When issued to a Realm command queue, this command always applies to Realm EL1 TLB entries. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.3.3 CMD_TLBI_S2_VMALLW(VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 8 0x29 7 0 The invalidation scope is equivalent to that of VMALLWS2E1, invalidates all Non-secure (and non-Hyp) stage 2 dirty state from entries for a given VMID. This includes entries that contain combined stage 1 and stage 2 information. When issued on an SMMU without SMMU_IDR3.TLBIW == 1, a CERROR_ILL is raised. This command has the same effect whether issued from the Secure or Non-secure command queues. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 226

Chapter 4. Commands 4.4. TLB invalidation When issued on an SMMU without stage 2 support, a CERROR_ILL is raised. When issued to a Realm command queue, this command always applies to Stage 2 dirty state in Realm EL1 TLB entries. If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.3.4 CMD_TLBI_S_S2_IPA(VMID, Addr, Leaf, NS) RES0 127 120 Address[55:12] 119 96 Address[55:12] 95 76 TG 75 74 TTL 73 72 71 RES0 70 66 NS 65 64 TTL128 Leaf RES0 63 48 VMID 47 32 RES0 31 26 SCALE 25 20 RES0 19 17 NUM 16 12 RES0 11 8 0x5a 7 0 Invalidates Secure stage 2-only by IPA. This command is similar to the Non-secure CMD_TLBI_S2_IPA command, except acts on TLB entries in the Secure translation regime and has an additional parameter, NS, defined as follows: • 0: The Addr parameter is in the Secure IPA address space in the Secure translation regime. • 1: The Addr parameter is in the Non-secure IPA address space in the Secure translation regime. This command causes CERROR_ILL when used on the Non-secure Command queue. The opcode for this command is Reserved and causes CERROR_ILL when Secure stage 2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. If SMMU()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.3.5 CMD_TLBI_S_S12_VMALL(VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 8 0x58 7 0 Invalidates all stages for all TLB entries in the Secure translation regime, by VMID. This command is the Secure equivalent of the CMD_TLBI_S12_VMALL command and is equivalent to Secure VMALLS12E1 scope on the PE. This command invalidates all TLB entries in the Secure translation regime matching VMID. This command causes CERROR_ILL when used on the Non-secure Command queue. This command opcode is RESERVED and causes CERROR_ILL when Secure stage 2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. If SMMU(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 227

Chapter 4. Commands 4.4. TLB invalidation 4.4.3.6 CMD_TLBI_S_S2_VMALLW(VMID) RES0 127 96 RES0 95 64 RES0 63 48 VMID 47 32 RES0 31 8 0x59 7 0 Invalidates stage 2 dirty state from all TLB entries in the Secure translation regime for a given VMID. This includes entries that contain combined stage 1 and stage 2 information. This command is the Secure equivalent of the CMD_TLBI_S2_VMALLW command and is equivalent to Secure VMALLWS2E1 scope on the PE. This command causes CERROR_ILL when used on the Non-secure Command queue. When issued on an SMMU without stage 2 support, a CERROR_ILL is raised. Issuing this command to the Realm Command queue results in CERROR_ILL. When issued on an SMMU without SMMU_IDR3.TLBIW == 1, a CERROR_ILL is raised. If SMMU_()IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.4.4 Common TLB invalidation 4.4.4.1 CMD_TLBI_NSNH_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x30 7 0 When issued on a Non-secure or Secure Command queue, the invalidation scope is equivalent to that of Non-secure ALLE1, valid from both the Non-secure and Secure Command queue. All Non-secure, non-NS-EL2, non-NS-EL2-E2H TLB entries are invalidated at all implemented stages. Note: A stage 1-only Non-secure SMMU with SMMU_IDR0.Hyp == 0 can also be initialized with CMD_TLBI_NH_ALL. This command is valid whether the SMMU supports only stage 1, only stage 2, or both stages. When issued from a Realm Command queue, this command behaves according to Realm ALLE1. Note: When issuing to the Realm programming interface, even though this command has NS in its name, it only applies to Realm entries. If SMMU(_)IDR6.DCMDQ is 0b01, when this command is submitted on a DCMDQ: • In the Secure state, CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 228

Chapter 4. Commands 4.4. TLB invalidation • In the Non-Secure and Realm state, this is processed as CMD_TLBI_NH_ALL with the VMID configured in STE[qSID].S2VMID. 4.4.4.2 CMD_TLBI_SNH_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x60 7 0 All stages for all TLB entries in the Secure translation regime are invalidated. This command is the Secure equivalent of the CMD_TLBI_NSNH_ALL command and is equivalent to Secure ALLE1 scope on the PE. This command invalidates all Secure, non-S-EL2, non-S-EL2-E2H TLB entries at all implemented stages. This command causes CERROR_ILL when used on the Non-secure Command queue. This command opcode is RESERVED and causes CERROR_ILL when Secure stage 2 is not supported. Issuing this command to the Realm Command queue results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 229

Chapter 4. Commands 4.5. ATS and PRI 4.5 ATS and PRI These commands issue outgoing requests on the SMMU ATS port, to a connected Root Complex. Software must not use these commands if ATS and PRI are not fully supported by all system components beyond the SMMU, such as a Root Complex or Endpoint, even if SMMU ID registers indicate support within the SMMU. An SMMU and system remain fully functional even if these commands are used without full system ATS and PRI support and do not deadlock. In this scenario these commands are IGNORED. Note: The StreamID is either Non-secure or Realm. ATS and PRI are supported only for Non-secure streams and Realm streams. 4.5.1 CMD_ATC_INV(StreamID, SubstreamID, SSV, Global, Address, Size) Address[63:12] 127 96 Address[63:12] 95 76 RES0 75 70 Size[5:0] 69 64 StreamID 63 32 SubstreamID 31 12 SSV 11 10 G 9 8 0x40 7 0 RES0 RES0 Sends an invalidation request to StreamID, and SubstreamID when SSV == 1, for translations spanned by Address plus span of 4096 * 2Size. The Address span is aligned to its size by the SMMU. The effective value of Address[11 + Size:0] is taken as zero. All bits of Address[63:N] are conveyed to the endpoint, where N == 12 + Size. A Size value of 52 corresponds to a 264 byte span, meaning invalidate all. Use of values greater than 52 in an otherwise valid CMD_ATC_INV are permitted, but not required, to raise a CERROR_ILL, or might cause an UNKNOWN span to be used, which might mean no invalidation occurs. In systems that do not support PASIDs, SubstreamID is IGNORED and SSV must be 0. If SSV == 1, one of the following CONSTRAINED UNPREDICTABLE behaviors occurs: • The command behaves as though SSV == 0, issuing an invalidate to the given StreamID without a PASID TLP prefix. • The command has no effect. In systems that support PASIDs, a PCIe PASID TLP prefix containing SubstreamID is used on the ATS Invalidation Request message when SSV is set to 1. In addition, setting the Global (G) parameter to 1 when SSV == 1 sets the Global Invalidate flag in the Invalidation Request. The Global parameter is IGNORED when SSV == 0. Note: In the PCIe ATS protocol, the Global Invalidate flag in the Invalidation Request message is Reserved when no PASID prefix is used. Note: When SSV == 1, SubstreamID is always used as the PASID in the PASID TLP prefix. Global has no effect on this property. Note: If the SMMU is configured, through STE.S1DSS == 0b10, to treat non-PASID (non-SubstreamID) Translation Requests as using the CD at index 0 of a table of CDs, the request is internally treated similar to a request with Substream 0 in an STE.S1DSS == 0b00 configuration, but as with the request, the response is given without PASID. For correct invalidation of ATC entries to occur in this configuration, software must issue CMD_ATC_INV with SSV == 0. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 230

Chapter 4. Commands 4.5. ATS and PRI This command is ILLEGAL if any of the following are true: • SMMU_IDR0.ATS == 0 and this command is issued on a Non-secure or Secure Command queue. • SMMU_IDR0.ATS == 1, SMMU_S_IDR3.SAMS == 1, and this command is issued on a Secure Command queue. • SMMU_R_IDR0.ATS == 0 and this command is issued on a Realm Command queue. • SMMU_S_IDR6.DCMDQ == 0b01 and this command is issued on a Secure DCMDQ. Note: SMMU_S_IDR3.SAMS does not affect the interpretation of CMD_ATC_INV on DCMDQs in the Secure state. • SMMU_(R_)IDR6.VSID == 0 and this command is issued on Non-secure or Realm DCMDQ. Note: If SMMU_(R_)IDR6.VSID == 1, StreamID is replaced by the SMMU as described in 3.5.9 Virtual to physical SID translation. This command is IGNORED if it is not ILLEGAL and any of the following are true: • SMMU_IDR0.ATS == 1 but ATS is not supported by the rest of the system. • SMMUEN is 0 for the Security state corresponding to the Command queue that the command is issued on. If this command is issued on a Secure Command queue and it is not ILLEGAL, the StreamID is considered to be Non-secure. If this command is issued on a Realm Command queue and it is not ILLEGAL, the StreamID is considered to be Realm. The Consumption of CMD_ATC_INV does not guarantee invalidation completion. Completion is ensured by the completion of a subsequent CMD_SYNC. In a similar way to a TLBI operation, transactions that could have been translated using TLB entries targeted by the invalidation must all be visible to their Shareability domain before the ATS Invalidation is considered complete. Note: In a system with separate Root Complex and SMMU components, the protocol between the two must enforce this ordering, for example, the Root Complex signals that an ATS Invalidation is complete only when affected transactions have been pushed to the SMMU and the SMMU then ensures this ordering is maintained, so that the completion signal is not observed before the affected transactions can be observed. To invalidate a translation from an ATC, software must first invalidate SMMU caches of the translation (whether by explicit command or using broadcast invalidation) and then, after ensuring completion of the SMMU translation invalidate, issue a CMD_ATC_INV to invalidate ATC translations. Note: For example, to alter and invalidate the last-level (leaf) translation table descriptor for a Non-secure EL1 translation of address VA using explicit SMMU operations: 1. Change translation table entry (and barrier to make visible to Shareability domain). 2. CMD_TLBI_NH_VA(VMID, ASID, VA, Leaf == 1). 3. CMD_SYNC. 4. CMD_ATC_INV(SID, SSID, SSV, Global == 0, VA). 5. CMD_SYNC (and wait for completion) 6. The new translation table entry at VA is guaranteed to be in use. Note: System software is expected to associate a device with a translation context and translation table and, when changes to the translation table are made, perform SMMU TLB maintenance using the translation table’s associated ASID/VMID and ATC maintenance of all devices associated with that translation table using the StreamID/SubstreamIDs of the devices. Note: Software must not provide a Size parameter that is lower than the system STU, as invalidation is not guaranteed if this is done. If a request is made with a span smaller than the STU, the PCIe specification [1] for ATS permits an endpoint to respond using a UR, or to round up the span and perform the invalidate with STU size. Note: If this command results in a UR response from the endpoint, the command completes without error but invalidation is not guaranteed, see section 3.9.1.5 ATS Invalidation errors. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 231

Chapter 4. Commands 4.5. ATS and PRI 4.5.2 CMD_PRI_RESP(StreamID, SubstreamID, SSV, PRGIndex, Resp) RES0 127 96 RES0 95 78 Resp 77 76 RES0 75 73 PRGIndex 72 64 StreamID 63 32 SubstreamID 31 12 SSV 11 RES0 10 8 0x41 7 0 Notifies a device corresponding to StreamID, and SubstreamID when SSV == 1, that page request group indicated by PRGIndex has completed with given response, Resp. PRGIndex: Page Request Group Index from page requests Resp: 0b00: ResponseFailure: Permanent non-paging error (for example ATS or PRI is disabled for the device) 0b01: InvalidRequest: Page-in unsuccessful for one or more pages in the group 0b10: Success: Page request group was paged in successfully 0b11: Reserved: ILLEGAL In systems that do not support PASIDs, SubstreamID is IGNORED and SSV must be 0. If SSV == 1, one of the following CONSTRAINED UNPREDICTABLE behaviors occurs: • The command behaves as though SSV == 0, issuing a response to the given StreamID without a PASID TLP prefix. • The command has no effect. In systems that support PASIDs, SSV == 1 results in a PCIe PASID TLP prefix. This command is ILLEGAL if any of the following are true: • SMMU_IDR0.ATS == 0 and this command is issued on a Non-secure or Secure Command queue. • SMMU_IDR0.ATS == 1, SMMU_S_IDR3.SAMS == 1, and this command is issued on a Secure Command queue. • SMMU_R_IDR0.ATS == 0 and this command is issued on a Realm Command queue. • SMMU_S_IDR6.DCMDQ == 0b01 and this command is issued on a Secure DCMDQ. Note: SMMU_S_IDR3.SAMS does not affect the interpretation of CMD_ATC_INV on DCMDQs in the Secure state. • SMMU_(R_)IDR6.VSID == 0 and this command is issued on Non-secure or Realm DCMDQ. Note: If SMMU_(R_)IDR6.VSID == 1, StreamID is replaced by the SMMU as described in 3.5.9 Virtual to physical SID translation. This command is IGNORED if it is not ILLEGAL and any of the following are True: • SMMU_IDR0.PRI == 1, but PRI is not supported by the rest of the system. • SMMUEN is 0 for the Security state corresponding to the Command queue that the command is issued on. If the command is issued on a Secure Command queue and it is not ILLEGAL, the StreamID is considered to be Non-secure. When issued to a Realm command queue, this command always applies to Realm StreamIDs. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 232

Chapter 4. Commands 4.6. DPT maintenance 4.6 DPT maintenance 4.6.1 CMD_DPTI_ALL RES0 127 96 RES0 95 64 RES0 63 32 RES0 31 8 0x70 7 0 Removes all cached DPT information associated with the target Security state. The target Security state is: • Realm state when issued to a Realm command queue. • Non-secure state when issued to a Non-secure command queue. • Non-secure state when issued to a Secure command queue and SMMU_S_IDR3.SAMS = 0. This command results in CERROR_ILL for each of the following conditions: • If issued on a Realm command queue when SMMU_R_IDR3.DPT = 0. • If issued on a Non-secure command queue when SMMU_IDR3.DPT = 0. • If issued on a Secure command queue when SMMU_IDR3.DPT = 0 or SMMU_S_IDR3.SAMS = 1. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.6.2 CMD_DPTI_PA RES0 127 120 Address[55:12] 119 96 Address[55:12] 95 76 SIZE 75 72 RES0 71 65 64 Leaf RES0 63 32 RES0 31 8 0x73 7 0 Removes cached DPT information for the aligned region of length SIZE, starting from the base address specified in Physical Address, for the target Security state. The target Security state is: • Realm state when issued to a Realm command queue. • Non-secure state when issued to a Non-secure command queue. • Non-secure state when issued to a Secure command queue and SMMU_S_IDR3.SAMS = 0. If the address is not aligned to the effective size of the invalidation, no entries are required to be invalidated. Bits [11:0] of the base address are treated as 0. Bits of the base address above the implemented output address size, advertised in SMMU_IDR5.OAS, are treated as 0. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 233

Chapter 4. Commands 4.6. DPT maintenance The encoding of the SIZE field is: Value Meaning 0b0000 4KB 0b0001 16KB 0b0010 64KB 0b0011 2MB 0b0100 32MB 0b0101 512MB 0b0110 1GB 0b0111 16GB 0b1000 64GB 0b1001 512GB Other values are Reserved. If SIZE selects a Reserved value, the SMMU is not required to invalidate any entries. A DPT TLB entry is only guaranteed to be invalidated by this command if SIZE selects a value equal to or greater than the region size of the DPT TLB entry. The encoding of the Leaf field is: Value Meaning 0b0 Invalidate information from all levels of the walk. 0b1 Invalidate entries from the final level of lookup only. This command results in CERROR_ILL for each of the following conditions: • If issued on a Realm command queue when SMMU_R_IDR3.DPT = 0. • If issued on a Non-secure command queue when SMMU_IDR3.DPT = 0. • If issued on a Secure command queue when SMMU_IDR3.DPT = 0 or SMMU_S_IDR3.SAMS = 1. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 234

Chapter 4. Commands 4.7. Fault response and synchronization commands 4.7 Fault response and synchronization commands 4.7.1 CMD_RESUME(StreamID, SSec, STAG, Action, Abort) RES0 127 96 RES0 95 80 STAG 79 64 StreamID 63 32 RES0 31 14 Ab 13 Ac 12 11 10 RES0 9 8 0x44 7 0 RES0 SSec Resumes processing of the stalled transaction identified with the given StreamID and STAG parameter, with the given action parameter, Ac: Action (Ac) Result 1 Transaction is retried as though it had just arrived at the SMMU. Configuration and translations are (Retry) looked up, it might then progress into the system or fault again. The Abort parameter, Ab, is IGNORED. 0:(Terminate) Transaction is terminated in the manner given by the Abort parameter, Ab. When Ab == 0, the transaction is completed successfully with RAZ/WI semantics. When Ab == 1, an abort/bus error is reported to client. If SMMU_IDR0.TERM_MODEL == 1, the Ab parameter is IGNORED: transaction is terminated with abort. Note: The Abort parameter is analogous to the CD.A configuration for non-stalled terminated transactions. In response to a transaction experiencing a stage 2 fault, the STE configuration provides only two behaviors, whether the transaction is terminated by abort or becomes stalled, but a subsequent CMD_RESUME for the stall will (if supported, as indicated by SMMU_IDR0.TERM_MODEL) allow the stalled transaction to be terminated with RAZ/WI behavior. There is no dependency between STE.S2S and the behavior of the CMD_RESUME, and the Terminate parameter is not limited by STE configuration. When issued on an SMMU implementation that does not support the Stall model (or where the Stall model has been disabled with NSSTALLD for the Security state of the Command queue), indicated by SMMU_(*_)IDR0.STALL_MODEL == 0b01, a CERROR_ILL is raised. The STAG parameter is an opaque token that must be supplied exactly as provided in the corresponding fault event record from which the existence of the stalled transaction is determined. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 235

Chapter 4. Commands 4.7. Fault response and synchronization commands The common behaviors for SSec apply. See 4.1.6 Common command fields. Note: A CMD_RESUME issued from the Non-secure Command queue does not affect a stalled transaction that originated from a Secure StreamID. An SMMU must: • Use the StreamID, SSec and STAG to locate the specific stalled transaction to be resumed. • Differentiate individual transactions in the case of multiple stalled transactions from the same StreamID. • Verify that a STAG value corresponds to the given StreamID. If this command is issued with a STAG value that does not correspond to any stalled transaction, or if the transaction does not match the given StreamID, this command has no effect on any transaction (it is effectively a no-op). This can occur in any of these cases: • There are no stalled transactions from the given StreamID. • STAG indicates an SMMU resource that is not holding a stalled transaction. • The STAG indicates an SMMU resource that does hold a stalled transaction, but it is not associated with the given StreamID. Note: When SMMU_S_IDR1.SECURE_IMPL == 1, the SMMU might be presented with transactions from a Secure stream and a Non-secure stream that have the same StreamID value. The Secure and Non-secure StreamID namespaces are independent so the streams and transactions are unrelated. It is therefore possible for two stalled transactions to exist, one from a Secure stream and the other from a Non-secure stream, which cause an event to be recorded in both Secure and Non-secure Event queues that coincidentally have the same StreamID and STAG value. Despite having the same numeric values, the two stall event records represent independent transactions, as the Security states of the streams are different. Note: Event records from stalled transactions indicate the StreamID and SubstreamID of the transaction, the SubstreamID is not required to be supplied for this command as STAG locates the specific transaction. Stalled transactions might be retried with CMD_RESUME in any order, but IMPLEMENTATION DEFINED interconnect ordering rules must still be observed and these might not allow a retried transaction to progress into the system unless a prior stalled transaction is also resumed. For example, two stalled reads from the same StreamID might not be allowed to cross. If the later read is resumed with retry it might still stall until the first read is resumed with retry or terminated, at which point the later read might progress. Arm expects software to respond to every recorded event record indicating a stall using a CMD_RESUME or a CMD_STALL_TERM, and expects that a CMD_RESUME is only issued in response to a stall event record visible in an Event queue. Software must only issue CMD_RESUME with StreamID and STAG values that have directly been supplied in a stall event record that has not already been subject to a matching CMD_RESUME or CMD_STALL_TERM operation. The STAG value of a stall event record matched by CMD_RESUME is returned to the set of values that the SMMU might use in future stall event records. It is CONSTRAINED UNPREDICTABLE whether a matching transaction is affected by this command in the following cases: • The indicated stalled transaction exists in the SMMU but, at the time of the CMD_RESUME, an event has not yet been made visible to software. • The encoding of STAG in an implementation allows a CMD_RESUME to target a stalled transaction for which an event was not recorded because it was suppressed as a duplicate, see section 3.12.2 Stall model. • The stalled transaction has already been subject to a prior CMD_RESUME or CMD_STALL_TERM. Note: Arm does not expect software to issue a CMD_RESUME in these circumstances, but an implementation is not required to explicitly prevent an effect. Consumption of CMD_RESUME(Retry) does not guarantee that the given stalled transaction has already been retried, but does guarantee that, if it has not, it will be retried at a later time. The SMMU will retry the transaction in finite time. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 236

Chapter 4. Commands 4.7. Fault response and synchronization commands Note: A stalled transaction that has no matching CMD_RESUME response might never be retried. A retried transaction behaves as though the transaction had just arrived at the SMMU. Note: The transaction must respect configuration cache invalidations, TLB invalidations and structure updates that occurred between the time of its original arrival and the retry. Consumption of CMD_RESUME(Terminate) does not guarantee that the given stalled transaction has already been terminated, but does guarantee that, if it has not, it will be terminated at a later time unless it retries (completing successfully) before being terminated. An implementation ensures that a transaction marked for termination with a CMD_RESUME(Terminate) is terminated in finite time without unbounded delay, if it is not successfully retried before the termination occurs. Note: If configuration remains in a state that would cause retries of the transaction to continue to fault, the transaction is guaranteed to be terminated. This also guarantees that a client device might wait for completion of the transaction, and will always eventually make forward progress. Note: If the transaction is retried before the point of termination, it might complete successfully if its initial fault reason was resolved in the intervening time. The SMMU does not guarantee response visibility by the client device. Note: This means that software cannot guarantee that a given transaction has terminated without performing a synchronization involving the originating device originator or interconnect. This would need to be performed in a device- and system-specific manner before changing device configuration or translations in order to ensure that the transaction will not retry successfully with the new configuration. A similar scenario can exist where a system would need to ensure all transactions that are in progress that are buffered arrive at the SMMU (for termination) so that they do not later appear after new configuration or new translation state is applied. Issuing this command to the Realm Command queue results in CERROR_ILL. If SMMU_(*_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.7.2 CMD_STALL_TERM(StreamID, SSec) RES0 127 96 RES0 95 64 StreamID 63 32 RES0 31 11 10 RES0 9 8 0x45 7 0 SSec This command provides a mechanism to mark all stalled transactions originating from StreamID for termination. Note: This command is equivalent to tracking individual stalls and issuing CMD_RESUME(Terminate) separately. This command must only be issued after the STE for the StreamID is updated to cause all new incoming transactions to immediately terminate with abort, including any required configuration cache invalidation and synchronization for the STE update. When issued in this condition, any transactions that are outstanding on the stream at the time that this command is observed by the SMMU are guaranteed to terminate with an abort, including the set of transactions that might have become stalled under a previous stream configuration, if the agent controlling the SMMU waits for outstanding transactions to complete before altering the STE of the StreamID to a non-terminating configuration. The mechanism for this wait operation is IMPLEMENTATION DEFINED. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 237

Chapter 4. Commands 4.7. Fault response and synchronization commands If no stalled transactions from the given stream exist before the command is observed and no transactions become stalled before the command is consumed, this command has no effect. Consider the following cases: • The STE is not configured to immediately terminate new transactions. This includes the case when configuration cache maintenance and synchronization for the STE update has not been performed. • The STE is written in a way that changes such a configuration before all outstanding transactions have completed. If the CMD_STALL_TERM command is issued when one of these cases apply, it is UNPREDICTABLE whether one of the following occurs: • Stalled transactions related to the StreamID are terminated. • Pending stall fault event records are prevented from being recorded. The STAG values in stall event records associated with stalled transactions affected by CMD_STALL_TERM are returned to the set of values that the SMMU might use in future stall event records. When issued on an SMMU implementation that does not support the Stall model, or where the Stall model has been disabled with NSSTALLD for the Non-secure Command queue, indicated by SMMU_()IDR0.STALL_MODEL == 0b01, a CERROR_ILL is raised. The common behaviors for SSec apply. See 4.1.6 Common command fields. Consumption of a CMD_STALL_TERM does not guarantee that matching stalled transactions have been terminated. When used as described in this section, consumption guarantees that the set of matching stalled transactions will be terminated at a future time. Transactions for the matching StreamID are not affected by this command if they become stalled after the command is consumed. Note: This behavior matches CMD_RESUME(Terminate). Note: Early-retry cannot cause stalled transactions to complete successfully before termination occurs, because the STE configuration will terminate such early-retries, and therefore termination is guaranteed. Issuing this command to the Realm Command queue results in CERROR_ILL. If SMMU(_)IDR6.DCMDQ is 0b01, this command is ILLEGAL when submitted on a DCMDQ and CERROR_ILL is raised. 4.7.2.1 Notes and usage Some matching stalled transactions might not record events because the events are suppressed, as described in 3.12.2.1 Suppression of duplicate Stall event records. Event queue record visibility semantics are covered in section 3.5.2 Queue entry visibility semantics. This command is not intended to be used on a stream for which incoming transactions might become stalled during processing of this command because, in this scenario, the point in an ongoing sequence of transactions at which newly-faulting stalling transactions would no longer be matched by an ongoing CMD_STALL_TERM is UNPREDICTABLE. In addition, stall fault events might become visible to software for transactions that were matched and marked for termination by this command. This command is intended to be used when forcibly de-commissioning or reclaiming a stream controlled by untrusted or unreliable software. It is intended to be issued after the stream has been explicitly configured to immediately terminate future incoming transactions without creating new stalled transactions. Note: This sequence will shut down a device stream, including removal of stalled transactions: 1. Software stops the device from issuing transactions. 2. Transactions are terminated using: a) Set STE[i].Config to 0b000 and keep STE[i].V == 1 b) Issuing a CMD_CFGI_STE(i, j, k) (or other configuration invalidation that covers relevant STE(s)). ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 238

Chapter 4. Commands 4.7. Fault response and synchronization commands c) Issuing a CMD_SYNC. d) At this point, any incoming transactions will terminate and no new transactions will enter stalled state. In addition, the completion of CMD_SYNC ensures visibility of all stall fault event records related to STE[i], see 4.7.3 CMD_SYNC(ComplSignal, MSIAddress, MSIData, MSIWriteAttributes). If a stall event record cannot be written (for example, the queue is full), the transaction is either retried when the queue becomes writable and terminates given the new configuration or is marked for termination, if a retry does not happen before the CMD_STALL_TERM in the next step. Note: A stall record (STALL == 1) is not written after this point. Any record that is written relates to new STE configuration, which terminates. 3. CMD_STALL_TERM (i, j): a) At this point, remaining stalled transactions are marked for termination, but might not have terminated yet. 4. Software waits for outstanding device transactions to complete. a) How this is achieved is IMPLEMENTATION DEFINED. b) This step waits for the stalled transactions to terminate and for transactions that are in progress to reach the SMMU and be terminated on arrival. 5. [Optional] CMD_SYNC a) If the STE configuration causes incoming transactions to terminate in a non-silent manner (for example, if STE[i].V == 0 instead of STE[i].Config == 0b000), terminated fault events might have been generated because of the arrival of in-progress transactions during this procedure. This CMD_SYNC ensures visibility (if the Event queue is writable) of the events related to terminated transactions for which an abort has been returned to the client device (see section 4.7.3 CMD_SYNC(ComplSignal, MSIAddress, MSIData, MSIWriteAttributes)). If the Event queue is not writable, the completion of the CMD_SYNC means that events for terminated transactions will not become visible after this point. 6. Software discards all event records relating to StreamID ‘i’ in the current set of Event queue records. Thereafter, all events relating to StreamID ‘i’ are from subsequent or newly-created configuration. This sequence ensures that the Event queue will not subsequently receive any further stall event records associated with the stream and that there are no incomplete transactions still stalled in the SMMU. 4.7.3 CMD_SYNC(ComplSignal, MSIAddress, MSIData, MSIWriteAttributes) 127 RES0 126 120 MSIAddress[55:2] 119 96 MSI_NS MSIAddress[55:2] 95 66 RES0 65 64 MSIData 63 32 RES0 31 28 MSIAttr 27 24 MSH 23 22 RES0 21 14 CS 13 12 RES0 11 8 0x46 7 0 This command provides a synchronization mechanism for the following: • Preceding commands that were issued to the same Command queue as the CMD_SYNC. • Visibility of event records for client transactions terminated before the CMD_SYNC. • HTTU updates caused by completed translations. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 239

Chapter 4. Commands 4.7. Fault response and synchronization commands When this command completes, it can raise a completion signal as an optional interrupt and an optional WFE wakeup event. The interrupt might take the form of an MSI (if supported by the implementation). Any operations made observable by the completion of the synchronization operation are observable before the interrupt or event is observable, and before the SMMU_CMDQ_CONS index indicates that the CMD_SYNC has been consumed. Observation of the interrupt or event means that the consumption of the CMD_SYNC is observable. The ComplSignal parameter, CS, determines the signaling mechanism that notifies host software of the completion of a CMD_SYNC, and can take the following values: • 0b00: SIG_NONE: The command takes no further action on its completion. The MSIAddress, MSIData, MSIWriteAttributes parameters are IGNORED. • 0b01: SIG_IRQ: The command signals its completion by raising an interrupt. On implementations supporting MSIs, a write containing MSIData is made to the physical address given by MSIAddress, if MSIAddress is non-zero, using memory type attributes from MSIAttr. On implementations that do not support MSIs, MSIAddress and MSIData are IGNORED. On implementations that support wired interrupts, an event on a unique wired interrupt output is asserted on this signal, regardless of the value of MSIAddress. Note: This allows the choice of wired or MSIs on implementations that support both. Software can configure an MSI and ignore a wired output, or can disable MSIs and configure an interrupt controller for the wired output. Note: See section 3.18 Interrupts and notifications. The MSI write might be directed toward an interrupt controller to generate an interrupt, or toward a shared memory location so that the PE can poll, or wait, on the location until the notification appears. Note: Where an SMMU can send an MSI and the system allows the MSI write to coherently affect shared cached memory locations, an Armv8-A PE might use the loss of a reservation on a location as a WFE wakeup event, providing the same semantics as SIG_SEV with SIG_IRQ. • 0b10: SIG_SEV: The command sends an Event to the PE similar to SEV. • Use of SIG_SEV only sends an event when SMMU_IDR0.SEV is set, otherwise, no event is available to a PE and SIG_SEV is equivalent to SIG_NONE, that is no completion signal is generated. • Note: The PE might poll on the SMMU_CMDQ_CONS.RD register in a loop throttled by WFE. • 0b11: Reserved: Causes a CERROR_ILL. The MSI configuration is given by the following parameters: MSIAttr: Write attribute for MSI, encoded the same as the STE.MemAttr field MSH: Shareability attribute for MSI write, encoded as: • 0b00: Non-shareable • 0b01: Reserved, treated as 0b00. • 0b10: Outer Shareable. • 0b11: Inner Shareable. Note: This field is IGNORED if MSIAttr specifies a memory type of any-Device or Normal-iNC-oNC, and Shareability is effectively Outer Shareable in these cases. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 240

Chapter 4. Commands 4.7. Fault response and synchronization commands MSIAddress[55:2]: If this field is non-zero, it configures the physical address that an MSI is sent to when SIG_IRQ is used. Address bits above and below this field are treated as zero. The MSI is a 32-bit word-aligned write of MSIData. The check for zero applies to the entire specified field span and is not limited to the physical address size (OAS) of an implementation. If the OAS is smaller than this field, MSIAddress is truncated to the OAS, as described in section 3.4.3 Address sizes of SMMU-originated accesses. MSI_NS: On a Realm Command queue, this field indicates the target PA space of an MSI as following. Value Meaning 0b0 MSIs are issued to Realm physical address space. 0b1 MSIs are issued to Non-secure physical address space. This bit is RES0 for CMD_SYNC commands issued to Non-secure and Secure Command queues When a cacheable type is specified in MSIAttr, the allocation and transient hints are IMPLEMENTATION DEFINED. This command waits for completion of all prior commands and ensures observability of any related transactions through and from the SMMU. Commands in the Command queue that are more recent than a CMD_SYNC do not begin processing until the CMD_SYNC completes. When following a given command submitted to the SMMU, completion of a CMD_SYNC makes the following guarantees: Command type Action TLB and ATS Invalidation commands: CMD_TLBI_, CMD_ATC_INV TLB invalidates and ATS Invalidations are guaranteed to be complete (all matching TLB entries are invalidated) and all transactions in progress that were translated using any of the TLB entries targeted by the invalidates are globally observable to their Shareability domain. The semantics of the completion of TLB invalidation match those of an Armv8-A PE. ATOS translations that were in progress at the time of the CMD_SYNC and used any of the TLB entries targeted by the invalidations are complete, or restart from the beginning after the CMD_SYNC completes (see section Translation tables and TLB invalidation completion behavior). Note: No dependency is required on completion of received broadcast TLB invalidation operations. The broadcast invalidation mechanism has its own synchronization and completion mechanisms (for example on AMBA interconnect, a DVM Sync Operation). Configuration invalidation commands: CMD_CFGI_ Configuration invalidations are guaranteed to be complete (matching cached configuration entries are invalidated) and all transactions that are in progress that were translated using any of the configuration cache entries targeted by the invalidates are globally observable to their Shareability domain. ATOS translations that were in progress at the time of the CMD_SYNC and used any of the configuration cache entries targeted by the invalidations are complete, or restart from the beginning after the CMD_SYNC completes (see section 3.21.3 Configuration structures and configuration invalidation completion). ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 241

Chapter 4. Commands 4.7. Fault response and synchronization commands Command type Action Prefetch commands: CMD_PREFETCH_ Translation or configuration table walks initiated by any kind of prefetch, including CMD_PREFETCH_ , are affected by TLB or configuration cache invalidates in the same way as any other table walk and might therefore be transitively affected by the completion of a CMD_SYNC of a CMD_TLBI_ / CMD_CFGI_. See section 3.21 Structure access rules and update procedures. PRI responses: CMD_PRI_RESP Nothing. The SMMU cannot guarantee response visibility by the endpoint. Stall resume/termination: CMD_RESUME, CMD_STALL_TERM Nothing. The CMD_RESUME and CMD_STALL_TERM commands complete by the time they are consumed. Synchronization commands: CMD_SYNC The guarantees of the prior CMD_SYNC have been met. CMD_SYNCs complete in order. The MSI writes of any prior CMD_SYNC are either visible to their Shareability domain or aborted and reported, where the commands are consumed from the same Command queue. If such an MSI write is aborted, it is guaranteed that the abort is reported in the relevant SMMU_()GERROR.MSI_CMDQ_ABT_ERR associated with the security state of the Command queue. CMD_SYNC is not required to affect MSI writes originating from sources other than prior CMD_SYNC completion signals, or completion signals for CMD_SYNC commands related to a different Command queue. In addition, completion of a CMD_SYNC ensures the following behavior: • An unrecorded fault event record relating to a client transaction terminated by the SMMU (either immediately on a fault or after stalling) whose abort or termination response could have been observed by the client device before the start of the CMD_SYNC, is guaranteed to have either: – Become visible in the relevant Event queue (given the visibility semantics of section 3.5.2 Queue entry visibility semantics). – Been discarded, if it could not commit to write to the queue, because the queue is not writable. In this case the unrecorded fault event record will never become visible. * Note: This rule ensures that if software performs a CMD_SYNC after notification from a device that all of its outstanding transactions are complete, it is guaranteed that no termination fault records will later become visible from the device stream after the CMD_SYNC completes. * This rule applies however the termination of the transaction was performed, whether it was immediate because the Terminate fault model was used or whether the transaction originally stalled and was later terminated because a retry encountered a new configuration, or an update of SMMU(_)CR0.SMMUEN transitioned the field to 0. In the case of a retry encountering new configuration, any recorded event relates to the new configuration not the original stall. • Where a particular interconnect does not return a response to a terminated client transaction, all committed unrecorded fault records corresponding to transactions internally terminated before the start of the CMD_SYNC are made visible. Uncommitted fault records either commit to the Event queue and are made visible, or if they cannot be committed, are discarded and will not later become visible. • Event records written to the Event queue after the completion of a CMD_SYNC are guaranteed to be generated from configurations or translations visible to the SMMU after any invalidation completed by the CMD_SYNC has taken effect. Event records relating to translations that were invalidated by broadcast TLBIs and the appropriate synchronization mechanism before the CMD_SYNC was issued, are reported ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 242

Chapter 4. Commands 4.7. Fault response and synchronization commands before completion of the CMD_SYNC. No events relating to out-of-date configuration or translations will later become visible. • When an unrecorded fault event record exists for a stalled transaction affected by TLBI or CFGI invalidations completed by a CMD_SYNC, the completion also affects the event record in one of the following ways: – The record commits to write and is made visible in the relevant Event queue. – If it cannot commit to write to the queue, because the queue is not writable, the transaction is retried when the queue is next writable, if it has not terminated or otherwise completed due to early retry before that time. If a retry leads to a new fault or error, a new event record is generated instead of the original one. If a retry completes successfully, no event is recorded for the transaction, because the original event is stale. This adheres to the previous rule. The original event record pertaining to prior invalidated configuration or translations must not be recorded after the CMD_SYNC completes. • HTTU caused by completed client transactions and completed ATOS translations is made visible, to the extent required to its Shareability domain, by completion of a CMD_SYNC, see section 3.13.4 HTTU behavior summary. There is no requirement for: • A CMD_SYNC submitted to the Non-secure Command queue to affect Secure traffic or event visibility. However, a CMD_SYNC submitted to the Secure Command queue affects Non-secure traffic or event visibility when the CMD_SYNC completes prior commands in the Secure Command queue that operate on Non-secure structures. – Note: Arm strongly recommends that a CMD_SYNC issued on the Secure Command queue is not able to be blocked by actions of the Non-secure state, including Non-secure commands. When ATS is supported, Arm strongly recommends that a CMD_SYNC issued on the Secure Command queue cannot be blocked by ATS Invalidation commands that were issued on the Non-secure Command queue. • A CMD_SYNC to affect any recorded stalled transaction, or to cause an unrecorded stalled transaction to be retried or recorded, except where necessary to record an event relating to newly-changed configuration or translations. Note: A TLB or structure invalidation command has no explicit ordering against prior or subsequent non-CMD_SYNC commands. If software requires one set of invalidations to be guaranteed complete before beginning a second set of invalidations, a CMD_SYNC is required to separate the two sets. If the completion of a prior CMD_ATC_INV cannot be guaranteed by a CMD_SYNC because of a PCIe protocol error, such as a timeout, the CMD_SYNC might cause a CERROR_ATC_INV_SYNC command error to be raised, see sections 7.1 Command queue errors and 3.9.1.4 ATS Invalidation timeout. If a CMD_SYNC raises a CERROR_ATC_INV_SYNC error: • The CMD_SYNC is not complete and has not been consumed, that is, SMMU_()CMDQ_CONS.RD remains pointing at the CMD_SYNC that raised the error. No completion signals are sent. • The completion guarantees of the CMD_SYNC have not been met. • An outstanding CMD_ATC_INV command is one that was submitted to the command queue before the CMD_SYNC and that has not been completed by a previous successful CMD_SYNC, and: – An UNKNOWN set of outstanding CMD_ATC_INV commands has timed out and will never complete. – An UNKNOWN set of outstanding CMD_ATC_INV commands might be in the process of completing successfully, but are not guaranteed to have completed successfully. • All other operations that the CMD_SYNC would otherwise have completed are not guaranteed to have completed, but will be completed by a new CMD_SYNC that is successfully consumed after being re-submitted to the queue after the error is resolved and command processing is resumed. Note: For example, a CMD_TLBI command, that was processed prior to the CMD_SYNC that caused the error, might still be being processed and is guaranteed to still take effect; a CERROR_ATC_INV_SYNC does not cause such commands to be terminated and there is no requirement for them to be re-submitted after resolving the error. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 243

Chapter 4. Commands 4.7. Fault response and synchronization commands If SMMU_()IDR6.DCMDQ is 0b01: • Completion of a CMD_SYNC on a DCMDQ provides the same guarantees as previously discussed in this section, except when reporting an aborted MSI write: – The MSI write of the prior CMD_SYNC consumed on this DCMDQ is either visible to its Shareability domain or is aborted and reported as a hypervisor-serviced error. Note: If the MSI write of the prior CMD_SYNC aborted, the current CMD_SYNC does not complete and an HERROR_MSI_ABT is reported through SMMU()ECMDQ_CONSn. See section 3.5.7.7.4 DCMDQ MSIs. In this case, the CMD_SYNC completes after the hypervisor acknowledges the error. • In addition, completion of CMD_SYNC on a DCMDQ makes the guarantee that the address supplied in CMD_SYNC.MSIAddr has been successfully translated. See section 3.5.7.7.3 Hypervisor-serviced errors. Note: It is the role of the hypervisor to ensure that the guarantees around event record visibility are met from the perspective of the guest OS, for example by trapping guest accesses to the emulated view of SMMU(*_)EVENTQ_PROD. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 244

Chapter 4. Commands 4.8. Command Consumption summary 4.8 Command Consumption summary Command Type Consumption means TLB and ATS Invalidation commands CMD_TLBI_, CMD_ATC_INV Nothing Configuration invalidation commands CMD_CFGI_ Nothing Prefetch commands CMD_PREFETCH_* Nothing PRI responses CMD_PRI_RESP Nothing Stall resume/termination CMD_RESUME, CMD_STALL_TERM CMD_RESUME and CMD_STALL_TERM have individual completion guarantees that have been met. Synchronization commands CMD_SYNC The completion guarantees of CMD_SYNC have been met. ARM IHI 0070 H.a Copyright © 2016-2026 Arm Limited or its affiliates. All rights reserved. Non-confidential 245