hvf.c (42531B)
1/* 2 * QEMU Hypervisor.framework support for Apple Silicon 3 4 * Copyright 2020 Alexander Graf <agraf@csgraf.de> 5 * Copyright 2020 Google LLC 6 * 7 * This work is licensed under the terms of the GNU GPL, version 2 or later. 8 * See the COPYING file in the top-level directory. 9 * 10 */ 11 12#include "qemu/osdep.h" 13#include "qemu-common.h" 14#include "qemu/error-report.h" 15 16#include "sysemu/runstate.h" 17#include "sysemu/hvf.h" 18#include "sysemu/hvf_int.h" 19#include "sysemu/hw_accel.h" 20#include "hvf_arm.h" 21 22#include <mach/mach_time.h> 23 24#include "exec/address-spaces.h" 25#include "hw/irq.h" 26#include "qemu/main-loop.h" 27#include "sysemu/cpus.h" 28#include "arm-powerctl.h" 29#include "target/arm/cpu.h" 30#include "target/arm/internals.h" 31#include "trace/trace-target_arm_hvf.h" 32#include "migration/vmstate.h" 33 34#define HVF_SYSREG(crn, crm, op0, op1, op2) \ 35 ENCODE_AA64_CP_REG(CP_REG_ARM64_SYSREG_CP, crn, crm, op0, op1, op2) 36#define PL1_WRITE_MASK 0x4 37 38#define SYSREG(op0, op1, crn, crm, op2) \ 39 ((op0 << 20) | (op2 << 17) | (op1 << 14) | (crn << 10) | (crm << 1)) 40#define SYSREG_MASK SYSREG(0x3, 0x7, 0xf, 0xf, 0x7) 41#define SYSREG_OSLAR_EL1 SYSREG(2, 0, 1, 0, 4) 42#define SYSREG_OSLSR_EL1 SYSREG(2, 0, 1, 1, 4) 43#define SYSREG_OSDLR_EL1 SYSREG(2, 0, 1, 3, 4) 44#define SYSREG_CNTPCT_EL0 SYSREG(3, 3, 14, 0, 1) 45#define SYSREG_PMCR_EL0 SYSREG(3, 3, 9, 12, 0) 46#define SYSREG_PMUSERENR_EL0 SYSREG(3, 3, 9, 14, 0) 47#define SYSREG_PMCNTENSET_EL0 SYSREG(3, 3, 9, 12, 1) 48#define SYSREG_PMCNTENCLR_EL0 SYSREG(3, 3, 9, 12, 2) 49#define SYSREG_PMINTENCLR_EL1 SYSREG(3, 0, 9, 14, 2) 50#define SYSREG_PMOVSCLR_EL0 SYSREG(3, 3, 9, 12, 3) 51#define SYSREG_PMSWINC_EL0 SYSREG(3, 3, 9, 12, 4) 52#define SYSREG_PMSELR_EL0 SYSREG(3, 3, 9, 12, 5) 53#define SYSREG_PMCEID0_EL0 SYSREG(3, 3, 9, 12, 6) 54#define SYSREG_PMCEID1_EL0 SYSREG(3, 3, 9, 12, 7) 55#define SYSREG_PMCCNTR_EL0 SYSREG(3, 3, 9, 13, 0) 56#define SYSREG_PMCCFILTR_EL0 SYSREG(3, 3, 14, 15, 7) 57 58#define WFX_IS_WFE (1 << 0) 59 60#define TMR_CTL_ENABLE (1 << 0) 61#define TMR_CTL_IMASK (1 << 1) 62#define TMR_CTL_ISTATUS (1 << 2) 63 64static void hvf_wfi(CPUState *cpu); 65 66typedef struct HVFVTimer { 67 /* Vtimer value during migration and paused state */ 68 uint64_t vtimer_val; 69} HVFVTimer; 70 71static HVFVTimer vtimer; 72 73typedef struct ARMHostCPUFeatures { 74 ARMISARegisters isar; 75 uint64_t features; 76 uint64_t midr; 77 uint32_t reset_sctlr; 78 const char *dtb_compatible; 79} ARMHostCPUFeatures; 80 81static ARMHostCPUFeatures arm_host_cpu_features; 82 83struct hvf_reg_match { 84 int reg; 85 uint64_t offset; 86}; 87 88static const struct hvf_reg_match hvf_reg_match[] = { 89 { HV_REG_X0, offsetof(CPUARMState, xregs[0]) }, 90 { HV_REG_X1, offsetof(CPUARMState, xregs[1]) }, 91 { HV_REG_X2, offsetof(CPUARMState, xregs[2]) }, 92 { HV_REG_X3, offsetof(CPUARMState, xregs[3]) }, 93 { HV_REG_X4, offsetof(CPUARMState, xregs[4]) }, 94 { HV_REG_X5, offsetof(CPUARMState, xregs[5]) }, 95 { HV_REG_X6, offsetof(CPUARMState, xregs[6]) }, 96 { HV_REG_X7, offsetof(CPUARMState, xregs[7]) }, 97 { HV_REG_X8, offsetof(CPUARMState, xregs[8]) }, 98 { HV_REG_X9, offsetof(CPUARMState, xregs[9]) }, 99 { HV_REG_X10, offsetof(CPUARMState, xregs[10]) }, 100 { HV_REG_X11, offsetof(CPUARMState, xregs[11]) }, 101 { HV_REG_X12, offsetof(CPUARMState, xregs[12]) }, 102 { HV_REG_X13, offsetof(CPUARMState, xregs[13]) }, 103 { HV_REG_X14, offsetof(CPUARMState, xregs[14]) }, 104 { HV_REG_X15, offsetof(CPUARMState, xregs[15]) }, 105 { HV_REG_X16, offsetof(CPUARMState, xregs[16]) }, 106 { HV_REG_X17, offsetof(CPUARMState, xregs[17]) }, 107 { HV_REG_X18, offsetof(CPUARMState, xregs[18]) }, 108 { HV_REG_X19, offsetof(CPUARMState, xregs[19]) }, 109 { HV_REG_X20, offsetof(CPUARMState, xregs[20]) }, 110 { HV_REG_X21, offsetof(CPUARMState, xregs[21]) }, 111 { HV_REG_X22, offsetof(CPUARMState, xregs[22]) }, 112 { HV_REG_X23, offsetof(CPUARMState, xregs[23]) }, 113 { HV_REG_X24, offsetof(CPUARMState, xregs[24]) }, 114 { HV_REG_X25, offsetof(CPUARMState, xregs[25]) }, 115 { HV_REG_X26, offsetof(CPUARMState, xregs[26]) }, 116 { HV_REG_X27, offsetof(CPUARMState, xregs[27]) }, 117 { HV_REG_X28, offsetof(CPUARMState, xregs[28]) }, 118 { HV_REG_X29, offsetof(CPUARMState, xregs[29]) }, 119 { HV_REG_X30, offsetof(CPUARMState, xregs[30]) }, 120 { HV_REG_PC, offsetof(CPUARMState, pc) }, 121}; 122 123static const struct hvf_reg_match hvf_fpreg_match[] = { 124 { HV_SIMD_FP_REG_Q0, offsetof(CPUARMState, vfp.zregs[0]) }, 125 { HV_SIMD_FP_REG_Q1, offsetof(CPUARMState, vfp.zregs[1]) }, 126 { HV_SIMD_FP_REG_Q2, offsetof(CPUARMState, vfp.zregs[2]) }, 127 { HV_SIMD_FP_REG_Q3, offsetof(CPUARMState, vfp.zregs[3]) }, 128 { HV_SIMD_FP_REG_Q4, offsetof(CPUARMState, vfp.zregs[4]) }, 129 { HV_SIMD_FP_REG_Q5, offsetof(CPUARMState, vfp.zregs[5]) }, 130 { HV_SIMD_FP_REG_Q6, offsetof(CPUARMState, vfp.zregs[6]) }, 131 { HV_SIMD_FP_REG_Q7, offsetof(CPUARMState, vfp.zregs[7]) }, 132 { HV_SIMD_FP_REG_Q8, offsetof(CPUARMState, vfp.zregs[8]) }, 133 { HV_SIMD_FP_REG_Q9, offsetof(CPUARMState, vfp.zregs[9]) }, 134 { HV_SIMD_FP_REG_Q10, offsetof(CPUARMState, vfp.zregs[10]) }, 135 { HV_SIMD_FP_REG_Q11, offsetof(CPUARMState, vfp.zregs[11]) }, 136 { HV_SIMD_FP_REG_Q12, offsetof(CPUARMState, vfp.zregs[12]) }, 137 { HV_SIMD_FP_REG_Q13, offsetof(CPUARMState, vfp.zregs[13]) }, 138 { HV_SIMD_FP_REG_Q14, offsetof(CPUARMState, vfp.zregs[14]) }, 139 { HV_SIMD_FP_REG_Q15, offsetof(CPUARMState, vfp.zregs[15]) }, 140 { HV_SIMD_FP_REG_Q16, offsetof(CPUARMState, vfp.zregs[16]) }, 141 { HV_SIMD_FP_REG_Q17, offsetof(CPUARMState, vfp.zregs[17]) }, 142 { HV_SIMD_FP_REG_Q18, offsetof(CPUARMState, vfp.zregs[18]) }, 143 { HV_SIMD_FP_REG_Q19, offsetof(CPUARMState, vfp.zregs[19]) }, 144 { HV_SIMD_FP_REG_Q20, offsetof(CPUARMState, vfp.zregs[20]) }, 145 { HV_SIMD_FP_REG_Q21, offsetof(CPUARMState, vfp.zregs[21]) }, 146 { HV_SIMD_FP_REG_Q22, offsetof(CPUARMState, vfp.zregs[22]) }, 147 { HV_SIMD_FP_REG_Q23, offsetof(CPUARMState, vfp.zregs[23]) }, 148 { HV_SIMD_FP_REG_Q24, offsetof(CPUARMState, vfp.zregs[24]) }, 149 { HV_SIMD_FP_REG_Q25, offsetof(CPUARMState, vfp.zregs[25]) }, 150 { HV_SIMD_FP_REG_Q26, offsetof(CPUARMState, vfp.zregs[26]) }, 151 { HV_SIMD_FP_REG_Q27, offsetof(CPUARMState, vfp.zregs[27]) }, 152 { HV_SIMD_FP_REG_Q28, offsetof(CPUARMState, vfp.zregs[28]) }, 153 { HV_SIMD_FP_REG_Q29, offsetof(CPUARMState, vfp.zregs[29]) }, 154 { HV_SIMD_FP_REG_Q30, offsetof(CPUARMState, vfp.zregs[30]) }, 155 { HV_SIMD_FP_REG_Q31, offsetof(CPUARMState, vfp.zregs[31]) }, 156}; 157 158struct hvf_sreg_match { 159 int reg; 160 uint32_t key; 161 uint32_t cp_idx; 162}; 163 164static struct hvf_sreg_match hvf_sreg_match[] = { 165 { HV_SYS_REG_DBGBVR0_EL1, HVF_SYSREG(0, 0, 14, 0, 4) }, 166 { HV_SYS_REG_DBGBCR0_EL1, HVF_SYSREG(0, 0, 14, 0, 5) }, 167 { HV_SYS_REG_DBGWVR0_EL1, HVF_SYSREG(0, 0, 14, 0, 6) }, 168 { HV_SYS_REG_DBGWCR0_EL1, HVF_SYSREG(0, 0, 14, 0, 7) }, 169 170 { HV_SYS_REG_DBGBVR1_EL1, HVF_SYSREG(0, 1, 14, 0, 4) }, 171 { HV_SYS_REG_DBGBCR1_EL1, HVF_SYSREG(0, 1, 14, 0, 5) }, 172 { HV_SYS_REG_DBGWVR1_EL1, HVF_SYSREG(0, 1, 14, 0, 6) }, 173 { HV_SYS_REG_DBGWCR1_EL1, HVF_SYSREG(0, 1, 14, 0, 7) }, 174 175 { HV_SYS_REG_DBGBVR2_EL1, HVF_SYSREG(0, 2, 14, 0, 4) }, 176 { HV_SYS_REG_DBGBCR2_EL1, HVF_SYSREG(0, 2, 14, 0, 5) }, 177 { HV_SYS_REG_DBGWVR2_EL1, HVF_SYSREG(0, 2, 14, 0, 6) }, 178 { HV_SYS_REG_DBGWCR2_EL1, HVF_SYSREG(0, 2, 14, 0, 7) }, 179 180 { HV_SYS_REG_DBGBVR3_EL1, HVF_SYSREG(0, 3, 14, 0, 4) }, 181 { HV_SYS_REG_DBGBCR3_EL1, HVF_SYSREG(0, 3, 14, 0, 5) }, 182 { HV_SYS_REG_DBGWVR3_EL1, HVF_SYSREG(0, 3, 14, 0, 6) }, 183 { HV_SYS_REG_DBGWCR3_EL1, HVF_SYSREG(0, 3, 14, 0, 7) }, 184 185 { HV_SYS_REG_DBGBVR4_EL1, HVF_SYSREG(0, 4, 14, 0, 4) }, 186 { HV_SYS_REG_DBGBCR4_EL1, HVF_SYSREG(0, 4, 14, 0, 5) }, 187 { HV_SYS_REG_DBGWVR4_EL1, HVF_SYSREG(0, 4, 14, 0, 6) }, 188 { HV_SYS_REG_DBGWCR4_EL1, HVF_SYSREG(0, 4, 14, 0, 7) }, 189 190 { HV_SYS_REG_DBGBVR5_EL1, HVF_SYSREG(0, 5, 14, 0, 4) }, 191 { HV_SYS_REG_DBGBCR5_EL1, HVF_SYSREG(0, 5, 14, 0, 5) }, 192 { HV_SYS_REG_DBGWVR5_EL1, HVF_SYSREG(0, 5, 14, 0, 6) }, 193 { HV_SYS_REG_DBGWCR5_EL1, HVF_SYSREG(0, 5, 14, 0, 7) }, 194 195 { HV_SYS_REG_DBGBVR6_EL1, HVF_SYSREG(0, 6, 14, 0, 4) }, 196 { HV_SYS_REG_DBGBCR6_EL1, HVF_SYSREG(0, 6, 14, 0, 5) }, 197 { HV_SYS_REG_DBGWVR6_EL1, HVF_SYSREG(0, 6, 14, 0, 6) }, 198 { HV_SYS_REG_DBGWCR6_EL1, HVF_SYSREG(0, 6, 14, 0, 7) }, 199 200 { HV_SYS_REG_DBGBVR7_EL1, HVF_SYSREG(0, 7, 14, 0, 4) }, 201 { HV_SYS_REG_DBGBCR7_EL1, HVF_SYSREG(0, 7, 14, 0, 5) }, 202 { HV_SYS_REG_DBGWVR7_EL1, HVF_SYSREG(0, 7, 14, 0, 6) }, 203 { HV_SYS_REG_DBGWCR7_EL1, HVF_SYSREG(0, 7, 14, 0, 7) }, 204 205 { HV_SYS_REG_DBGBVR8_EL1, HVF_SYSREG(0, 8, 14, 0, 4) }, 206 { HV_SYS_REG_DBGBCR8_EL1, HVF_SYSREG(0, 8, 14, 0, 5) }, 207 { HV_SYS_REG_DBGWVR8_EL1, HVF_SYSREG(0, 8, 14, 0, 6) }, 208 { HV_SYS_REG_DBGWCR8_EL1, HVF_SYSREG(0, 8, 14, 0, 7) }, 209 210 { HV_SYS_REG_DBGBVR9_EL1, HVF_SYSREG(0, 9, 14, 0, 4) }, 211 { HV_SYS_REG_DBGBCR9_EL1, HVF_SYSREG(0, 9, 14, 0, 5) }, 212 { HV_SYS_REG_DBGWVR9_EL1, HVF_SYSREG(0, 9, 14, 0, 6) }, 213 { HV_SYS_REG_DBGWCR9_EL1, HVF_SYSREG(0, 9, 14, 0, 7) }, 214 215 { HV_SYS_REG_DBGBVR10_EL1, HVF_SYSREG(0, 10, 14, 0, 4) }, 216 { HV_SYS_REG_DBGBCR10_EL1, HVF_SYSREG(0, 10, 14, 0, 5) }, 217 { HV_SYS_REG_DBGWVR10_EL1, HVF_SYSREG(0, 10, 14, 0, 6) }, 218 { HV_SYS_REG_DBGWCR10_EL1, HVF_SYSREG(0, 10, 14, 0, 7) }, 219 220 { HV_SYS_REG_DBGBVR11_EL1, HVF_SYSREG(0, 11, 14, 0, 4) }, 221 { HV_SYS_REG_DBGBCR11_EL1, HVF_SYSREG(0, 11, 14, 0, 5) }, 222 { HV_SYS_REG_DBGWVR11_EL1, HVF_SYSREG(0, 11, 14, 0, 6) }, 223 { HV_SYS_REG_DBGWCR11_EL1, HVF_SYSREG(0, 11, 14, 0, 7) }, 224 225 { HV_SYS_REG_DBGBVR12_EL1, HVF_SYSREG(0, 12, 14, 0, 4) }, 226 { HV_SYS_REG_DBGBCR12_EL1, HVF_SYSREG(0, 12, 14, 0, 5) }, 227 { HV_SYS_REG_DBGWVR12_EL1, HVF_SYSREG(0, 12, 14, 0, 6) }, 228 { HV_SYS_REG_DBGWCR12_EL1, HVF_SYSREG(0, 12, 14, 0, 7) }, 229 230 { HV_SYS_REG_DBGBVR13_EL1, HVF_SYSREG(0, 13, 14, 0, 4) }, 231 { HV_SYS_REG_DBGBCR13_EL1, HVF_SYSREG(0, 13, 14, 0, 5) }, 232 { HV_SYS_REG_DBGWVR13_EL1, HVF_SYSREG(0, 13, 14, 0, 6) }, 233 { HV_SYS_REG_DBGWCR13_EL1, HVF_SYSREG(0, 13, 14, 0, 7) }, 234 235 { HV_SYS_REG_DBGBVR14_EL1, HVF_SYSREG(0, 14, 14, 0, 4) }, 236 { HV_SYS_REG_DBGBCR14_EL1, HVF_SYSREG(0, 14, 14, 0, 5) }, 237 { HV_SYS_REG_DBGWVR14_EL1, HVF_SYSREG(0, 14, 14, 0, 6) }, 238 { HV_SYS_REG_DBGWCR14_EL1, HVF_SYSREG(0, 14, 14, 0, 7) }, 239 240 { HV_SYS_REG_DBGBVR15_EL1, HVF_SYSREG(0, 15, 14, 0, 4) }, 241 { HV_SYS_REG_DBGBCR15_EL1, HVF_SYSREG(0, 15, 14, 0, 5) }, 242 { HV_SYS_REG_DBGWVR15_EL1, HVF_SYSREG(0, 15, 14, 0, 6) }, 243 { HV_SYS_REG_DBGWCR15_EL1, HVF_SYSREG(0, 15, 14, 0, 7) }, 244 245#ifdef SYNC_NO_RAW_REGS 246 /* 247 * The registers below are manually synced on init because they are 248 * marked as NO_RAW. We still list them to make number space sync easier. 249 */ 250 { HV_SYS_REG_MDCCINT_EL1, HVF_SYSREG(0, 2, 2, 0, 0) }, 251 { HV_SYS_REG_MIDR_EL1, HVF_SYSREG(0, 0, 3, 0, 0) }, 252 { HV_SYS_REG_MPIDR_EL1, HVF_SYSREG(0, 0, 3, 0, 5) }, 253 { HV_SYS_REG_ID_AA64PFR0_EL1, HVF_SYSREG(0, 4, 3, 0, 0) }, 254#endif 255 { HV_SYS_REG_ID_AA64PFR1_EL1, HVF_SYSREG(0, 4, 3, 0, 2) }, 256 { HV_SYS_REG_ID_AA64DFR0_EL1, HVF_SYSREG(0, 5, 3, 0, 0) }, 257 { HV_SYS_REG_ID_AA64DFR1_EL1, HVF_SYSREG(0, 5, 3, 0, 1) }, 258 { HV_SYS_REG_ID_AA64ISAR0_EL1, HVF_SYSREG(0, 6, 3, 0, 0) }, 259 { HV_SYS_REG_ID_AA64ISAR1_EL1, HVF_SYSREG(0, 6, 3, 0, 1) }, 260#ifdef SYNC_NO_MMFR0 261 /* We keep the hardware MMFR0 around. HW limits are there anyway */ 262 { HV_SYS_REG_ID_AA64MMFR0_EL1, HVF_SYSREG(0, 7, 3, 0, 0) }, 263#endif 264 { HV_SYS_REG_ID_AA64MMFR1_EL1, HVF_SYSREG(0, 7, 3, 0, 1) }, 265 { HV_SYS_REG_ID_AA64MMFR2_EL1, HVF_SYSREG(0, 7, 3, 0, 2) }, 266 267 { HV_SYS_REG_MDSCR_EL1, HVF_SYSREG(0, 2, 2, 0, 2) }, 268 { HV_SYS_REG_SCTLR_EL1, HVF_SYSREG(1, 0, 3, 0, 0) }, 269 { HV_SYS_REG_CPACR_EL1, HVF_SYSREG(1, 0, 3, 0, 2) }, 270 { HV_SYS_REG_TTBR0_EL1, HVF_SYSREG(2, 0, 3, 0, 0) }, 271 { HV_SYS_REG_TTBR1_EL1, HVF_SYSREG(2, 0, 3, 0, 1) }, 272 { HV_SYS_REG_TCR_EL1, HVF_SYSREG(2, 0, 3, 0, 2) }, 273 274 { HV_SYS_REG_APIAKEYLO_EL1, HVF_SYSREG(2, 1, 3, 0, 0) }, 275 { HV_SYS_REG_APIAKEYHI_EL1, HVF_SYSREG(2, 1, 3, 0, 1) }, 276 { HV_SYS_REG_APIBKEYLO_EL1, HVF_SYSREG(2, 1, 3, 0, 2) }, 277 { HV_SYS_REG_APIBKEYHI_EL1, HVF_SYSREG(2, 1, 3, 0, 3) }, 278 { HV_SYS_REG_APDAKEYLO_EL1, HVF_SYSREG(2, 2, 3, 0, 0) }, 279 { HV_SYS_REG_APDAKEYHI_EL1, HVF_SYSREG(2, 2, 3, 0, 1) }, 280 { HV_SYS_REG_APDBKEYLO_EL1, HVF_SYSREG(2, 2, 3, 0, 2) }, 281 { HV_SYS_REG_APDBKEYHI_EL1, HVF_SYSREG(2, 2, 3, 0, 3) }, 282 { HV_SYS_REG_APGAKEYLO_EL1, HVF_SYSREG(2, 3, 3, 0, 0) }, 283 { HV_SYS_REG_APGAKEYHI_EL1, HVF_SYSREG(2, 3, 3, 0, 1) }, 284 285 { HV_SYS_REG_SPSR_EL1, HVF_SYSREG(4, 0, 3, 0, 0) }, 286 { HV_SYS_REG_ELR_EL1, HVF_SYSREG(4, 0, 3, 0, 1) }, 287 { HV_SYS_REG_SP_EL0, HVF_SYSREG(4, 1, 3, 0, 0) }, 288 { HV_SYS_REG_AFSR0_EL1, HVF_SYSREG(5, 1, 3, 0, 0) }, 289 { HV_SYS_REG_AFSR1_EL1, HVF_SYSREG(5, 1, 3, 0, 1) }, 290 { HV_SYS_REG_ESR_EL1, HVF_SYSREG(5, 2, 3, 0, 0) }, 291 { HV_SYS_REG_FAR_EL1, HVF_SYSREG(6, 0, 3, 0, 0) }, 292 { HV_SYS_REG_PAR_EL1, HVF_SYSREG(7, 4, 3, 0, 0) }, 293 { HV_SYS_REG_MAIR_EL1, HVF_SYSREG(10, 2, 3, 0, 0) }, 294 { HV_SYS_REG_AMAIR_EL1, HVF_SYSREG(10, 3, 3, 0, 0) }, 295 { HV_SYS_REG_VBAR_EL1, HVF_SYSREG(12, 0, 3, 0, 0) }, 296 { HV_SYS_REG_CONTEXTIDR_EL1, HVF_SYSREG(13, 0, 3, 0, 1) }, 297 { HV_SYS_REG_TPIDR_EL1, HVF_SYSREG(13, 0, 3, 0, 4) }, 298 { HV_SYS_REG_CNTKCTL_EL1, HVF_SYSREG(14, 1, 3, 0, 0) }, 299 { HV_SYS_REG_CSSELR_EL1, HVF_SYSREG(0, 0, 3, 2, 0) }, 300 { HV_SYS_REG_TPIDR_EL0, HVF_SYSREG(13, 0, 3, 3, 2) }, 301 { HV_SYS_REG_TPIDRRO_EL0, HVF_SYSREG(13, 0, 3, 3, 3) }, 302 { HV_SYS_REG_CNTV_CTL_EL0, HVF_SYSREG(14, 3, 3, 3, 1) }, 303 { HV_SYS_REG_CNTV_CVAL_EL0, HVF_SYSREG(14, 3, 3, 3, 2) }, 304 { HV_SYS_REG_SP_EL1, HVF_SYSREG(4, 1, 3, 4, 0) }, 305}; 306 307int hvf_get_registers(CPUState *cpu) 308{ 309 ARMCPU *arm_cpu = ARM_CPU(cpu); 310 CPUARMState *env = &arm_cpu->env; 311 hv_return_t ret; 312 uint64_t val; 313 hv_simd_fp_uchar16_t fpval; 314 int i; 315 316 for (i = 0; i < ARRAY_SIZE(hvf_reg_match); i++) { 317 ret = hv_vcpu_get_reg(cpu->hvf->fd, hvf_reg_match[i].reg, &val); 318 *(uint64_t *)((void *)env + hvf_reg_match[i].offset) = val; 319 assert_hvf_ok(ret); 320 } 321 322 for (i = 0; i < ARRAY_SIZE(hvf_fpreg_match); i++) { 323 ret = hv_vcpu_get_simd_fp_reg(cpu->hvf->fd, hvf_fpreg_match[i].reg, 324 &fpval); 325 memcpy((void *)env + hvf_fpreg_match[i].offset, &fpval, sizeof(fpval)); 326 assert_hvf_ok(ret); 327 } 328 329 val = 0; 330 ret = hv_vcpu_get_reg(cpu->hvf->fd, HV_REG_FPCR, &val); 331 assert_hvf_ok(ret); 332 vfp_set_fpcr(env, val); 333 334 val = 0; 335 ret = hv_vcpu_get_reg(cpu->hvf->fd, HV_REG_FPSR, &val); 336 assert_hvf_ok(ret); 337 vfp_set_fpsr(env, val); 338 339 ret = hv_vcpu_get_reg(cpu->hvf->fd, HV_REG_CPSR, &val); 340 assert_hvf_ok(ret); 341 pstate_write(env, val); 342 343 for (i = 0; i < ARRAY_SIZE(hvf_sreg_match); i++) { 344 if (hvf_sreg_match[i].cp_idx == -1) { 345 continue; 346 } 347 348 ret = hv_vcpu_get_sys_reg(cpu->hvf->fd, hvf_sreg_match[i].reg, &val); 349 assert_hvf_ok(ret); 350 351 arm_cpu->cpreg_values[hvf_sreg_match[i].cp_idx] = val; 352 } 353 assert(write_list_to_cpustate(arm_cpu)); 354 355 aarch64_restore_sp(env, arm_current_el(env)); 356 357 return 0; 358} 359 360int hvf_put_registers(CPUState *cpu) 361{ 362 ARMCPU *arm_cpu = ARM_CPU(cpu); 363 CPUARMState *env = &arm_cpu->env; 364 hv_return_t ret; 365 uint64_t val; 366 hv_simd_fp_uchar16_t fpval; 367 int i; 368 369 for (i = 0; i < ARRAY_SIZE(hvf_reg_match); i++) { 370 val = *(uint64_t *)((void *)env + hvf_reg_match[i].offset); 371 ret = hv_vcpu_set_reg(cpu->hvf->fd, hvf_reg_match[i].reg, val); 372 assert_hvf_ok(ret); 373 } 374 375 for (i = 0; i < ARRAY_SIZE(hvf_fpreg_match); i++) { 376 memcpy(&fpval, (void *)env + hvf_fpreg_match[i].offset, sizeof(fpval)); 377 ret = hv_vcpu_set_simd_fp_reg(cpu->hvf->fd, hvf_fpreg_match[i].reg, 378 fpval); 379 assert_hvf_ok(ret); 380 } 381 382 ret = hv_vcpu_set_reg(cpu->hvf->fd, HV_REG_FPCR, vfp_get_fpcr(env)); 383 assert_hvf_ok(ret); 384 385 ret = hv_vcpu_set_reg(cpu->hvf->fd, HV_REG_FPSR, vfp_get_fpsr(env)); 386 assert_hvf_ok(ret); 387 388 ret = hv_vcpu_set_reg(cpu->hvf->fd, HV_REG_CPSR, pstate_read(env)); 389 assert_hvf_ok(ret); 390 391 aarch64_save_sp(env, arm_current_el(env)); 392 393 assert(write_cpustate_to_list(arm_cpu, false)); 394 for (i = 0; i < ARRAY_SIZE(hvf_sreg_match); i++) { 395 if (hvf_sreg_match[i].cp_idx == -1) { 396 continue; 397 } 398 399 val = arm_cpu->cpreg_values[hvf_sreg_match[i].cp_idx]; 400 ret = hv_vcpu_set_sys_reg(cpu->hvf->fd, hvf_sreg_match[i].reg, val); 401 assert_hvf_ok(ret); 402 } 403 404 ret = hv_vcpu_set_vtimer_offset(cpu->hvf->fd, hvf_state->vtimer_offset); 405 assert_hvf_ok(ret); 406 407 return 0; 408} 409 410static void flush_cpu_state(CPUState *cpu) 411{ 412 if (cpu->vcpu_dirty) { 413 hvf_put_registers(cpu); 414 cpu->vcpu_dirty = false; 415 } 416} 417 418static void hvf_set_reg(CPUState *cpu, int rt, uint64_t val) 419{ 420 hv_return_t r; 421 422 flush_cpu_state(cpu); 423 424 if (rt < 31) { 425 r = hv_vcpu_set_reg(cpu->hvf->fd, HV_REG_X0 + rt, val); 426 assert_hvf_ok(r); 427 } 428} 429 430static uint64_t hvf_get_reg(CPUState *cpu, int rt) 431{ 432 uint64_t val = 0; 433 hv_return_t r; 434 435 flush_cpu_state(cpu); 436 437 if (rt < 31) { 438 r = hv_vcpu_get_reg(cpu->hvf->fd, HV_REG_X0 + rt, &val); 439 assert_hvf_ok(r); 440 } 441 442 return val; 443} 444 445static bool hvf_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf) 446{ 447 ARMISARegisters host_isar = {}; 448 const struct isar_regs { 449 int reg; 450 uint64_t *val; 451 } regs[] = { 452 { HV_SYS_REG_ID_AA64PFR0_EL1, &host_isar.id_aa64pfr0 }, 453 { HV_SYS_REG_ID_AA64PFR1_EL1, &host_isar.id_aa64pfr1 }, 454 { HV_SYS_REG_ID_AA64DFR0_EL1, &host_isar.id_aa64dfr0 }, 455 { HV_SYS_REG_ID_AA64DFR1_EL1, &host_isar.id_aa64dfr1 }, 456 { HV_SYS_REG_ID_AA64ISAR0_EL1, &host_isar.id_aa64isar0 }, 457 { HV_SYS_REG_ID_AA64ISAR1_EL1, &host_isar.id_aa64isar1 }, 458 { HV_SYS_REG_ID_AA64MMFR0_EL1, &host_isar.id_aa64mmfr0 }, 459 { HV_SYS_REG_ID_AA64MMFR1_EL1, &host_isar.id_aa64mmfr1 }, 460 { HV_SYS_REG_ID_AA64MMFR2_EL1, &host_isar.id_aa64mmfr2 }, 461 }; 462 hv_vcpu_t fd; 463 hv_return_t r = HV_SUCCESS; 464 hv_vcpu_exit_t *exit; 465 int i; 466 467 ahcf->dtb_compatible = "arm,arm-v8"; 468 ahcf->features = (1ULL << ARM_FEATURE_V8) | 469 (1ULL << ARM_FEATURE_NEON) | 470 (1ULL << ARM_FEATURE_AARCH64) | 471 (1ULL << ARM_FEATURE_PMU) | 472 (1ULL << ARM_FEATURE_GENERIC_TIMER); 473 474 /* We set up a small vcpu to extract host registers */ 475 476 if (hv_vcpu_create(&fd, &exit, NULL) != HV_SUCCESS) { 477 return false; 478 } 479 480 for (i = 0; i < ARRAY_SIZE(regs); i++) { 481 r |= hv_vcpu_get_sys_reg(fd, regs[i].reg, regs[i].val); 482 } 483 r |= hv_vcpu_get_sys_reg(fd, HV_SYS_REG_MIDR_EL1, &ahcf->midr); 484 r |= hv_vcpu_destroy(fd); 485 486 ahcf->isar = host_isar; 487 488 /* 489 * A scratch vCPU returns SCTLR 0, so let's fill our default with the M1 490 * boot SCTLR from https://github.com/AsahiLinux/m1n1/issues/97 491 */ 492 ahcf->reset_sctlr = 0x30100180; 493 /* 494 * SPAN is disabled by default when SCTLR.SPAN=1. To improve compatibility, 495 * let's disable it on boot and then allow guest software to turn it on by 496 * setting it to 0. 497 */ 498 ahcf->reset_sctlr |= 0x00800000; 499 500 /* Make sure we don't advertise AArch32 support for EL0/EL1 */ 501 if ((host_isar.id_aa64pfr0 & 0xff) != 0x11) { 502 return false; 503 } 504 505 return r == HV_SUCCESS; 506} 507 508void hvf_arm_set_cpu_features_from_host(ARMCPU *cpu) 509{ 510 if (!arm_host_cpu_features.dtb_compatible) { 511 if (!hvf_enabled() || 512 !hvf_arm_get_host_cpu_features(&arm_host_cpu_features)) { 513 /* 514 * We can't report this error yet, so flag that we need to 515 * in arm_cpu_realizefn(). 516 */ 517 cpu->host_cpu_probe_failed = true; 518 return; 519 } 520 } 521 522 cpu->dtb_compatible = arm_host_cpu_features.dtb_compatible; 523 cpu->isar = arm_host_cpu_features.isar; 524 cpu->env.features = arm_host_cpu_features.features; 525 cpu->midr = arm_host_cpu_features.midr; 526 cpu->reset_sctlr = arm_host_cpu_features.reset_sctlr; 527} 528 529void hvf_arch_vcpu_destroy(CPUState *cpu) 530{ 531} 532 533int hvf_arch_init_vcpu(CPUState *cpu) 534{ 535 ARMCPU *arm_cpu = ARM_CPU(cpu); 536 CPUARMState *env = &arm_cpu->env; 537 uint32_t sregs_match_len = ARRAY_SIZE(hvf_sreg_match); 538 uint32_t sregs_cnt = 0; 539 uint64_t pfr; 540 hv_return_t ret; 541 int i; 542 543 env->aarch64 = 1; 544 asm volatile("mrs %0, cntfrq_el0" : "=r"(arm_cpu->gt_cntfrq_hz)); 545 546 /* Allocate enough space for our sysreg sync */ 547 arm_cpu->cpreg_indexes = g_renew(uint64_t, arm_cpu->cpreg_indexes, 548 sregs_match_len); 549 arm_cpu->cpreg_values = g_renew(uint64_t, arm_cpu->cpreg_values, 550 sregs_match_len); 551 arm_cpu->cpreg_vmstate_indexes = g_renew(uint64_t, 552 arm_cpu->cpreg_vmstate_indexes, 553 sregs_match_len); 554 arm_cpu->cpreg_vmstate_values = g_renew(uint64_t, 555 arm_cpu->cpreg_vmstate_values, 556 sregs_match_len); 557 558 memset(arm_cpu->cpreg_values, 0, sregs_match_len * sizeof(uint64_t)); 559 560 /* Populate cp list for all known sysregs */ 561 for (i = 0; i < sregs_match_len; i++) { 562 const ARMCPRegInfo *ri; 563 uint32_t key = hvf_sreg_match[i].key; 564 565 ri = get_arm_cp_reginfo(arm_cpu->cp_regs, key); 566 if (ri) { 567 assert(!(ri->type & ARM_CP_NO_RAW)); 568 hvf_sreg_match[i].cp_idx = sregs_cnt; 569 arm_cpu->cpreg_indexes[sregs_cnt++] = cpreg_to_kvm_id(key); 570 } else { 571 hvf_sreg_match[i].cp_idx = -1; 572 } 573 } 574 arm_cpu->cpreg_array_len = sregs_cnt; 575 arm_cpu->cpreg_vmstate_array_len = sregs_cnt; 576 577 assert(write_cpustate_to_list(arm_cpu, false)); 578 579 /* Set CP_NO_RAW system registers on init */ 580 ret = hv_vcpu_set_sys_reg(cpu->hvf->fd, HV_SYS_REG_MIDR_EL1, 581 arm_cpu->midr); 582 assert_hvf_ok(ret); 583 584 ret = hv_vcpu_set_sys_reg(cpu->hvf->fd, HV_SYS_REG_MPIDR_EL1, 585 arm_cpu->mp_affinity); 586 assert_hvf_ok(ret); 587 588 ret = hv_vcpu_get_sys_reg(cpu->hvf->fd, HV_SYS_REG_ID_AA64PFR0_EL1, &pfr); 589 assert_hvf_ok(ret); 590 pfr |= env->gicv3state ? (1 << 24) : 0; 591 ret = hv_vcpu_set_sys_reg(cpu->hvf->fd, HV_SYS_REG_ID_AA64PFR0_EL1, pfr); 592 assert_hvf_ok(ret); 593 594 /* We're limited to underlying hardware caps, override internal versions */ 595 ret = hv_vcpu_get_sys_reg(cpu->hvf->fd, HV_SYS_REG_ID_AA64MMFR0_EL1, 596 &arm_cpu->isar.id_aa64mmfr0); 597 assert_hvf_ok(ret); 598 599 return 0; 600} 601 602void hvf_kick_vcpu_thread(CPUState *cpu) 603{ 604 cpus_kick_thread(cpu); 605 hv_vcpus_exit(&cpu->hvf->fd, 1); 606} 607 608static void hvf_raise_exception(CPUState *cpu, uint32_t excp, 609 uint32_t syndrome) 610{ 611 ARMCPU *arm_cpu = ARM_CPU(cpu); 612 CPUARMState *env = &arm_cpu->env; 613 614 cpu->exception_index = excp; 615 env->exception.target_el = 1; 616 env->exception.syndrome = syndrome; 617 618 arm_cpu_do_interrupt(cpu); 619} 620 621static void hvf_psci_cpu_off(ARMCPU *arm_cpu) 622{ 623 int32_t ret = arm_set_cpu_off(arm_cpu->mp_affinity); 624 assert(ret == QEMU_ARM_POWERCTL_RET_SUCCESS); 625} 626 627/* 628 * Handle a PSCI call. 629 * 630 * Returns 0 on success 631 * -1 when the PSCI call is unknown, 632 */ 633static bool hvf_handle_psci_call(CPUState *cpu) 634{ 635 ARMCPU *arm_cpu = ARM_CPU(cpu); 636 CPUARMState *env = &arm_cpu->env; 637 uint64_t param[4] = { 638 env->xregs[0], 639 env->xregs[1], 640 env->xregs[2], 641 env->xregs[3] 642 }; 643 uint64_t context_id, mpidr; 644 bool target_aarch64 = true; 645 CPUState *target_cpu_state; 646 ARMCPU *target_cpu; 647 target_ulong entry; 648 int target_el = 1; 649 int32_t ret = 0; 650 651 trace_hvf_psci_call(param[0], param[1], param[2], param[3], 652 arm_cpu->mp_affinity); 653 654 switch (param[0]) { 655 case QEMU_PSCI_0_2_FN_PSCI_VERSION: 656 ret = QEMU_PSCI_0_2_RET_VERSION_0_2; 657 break; 658 case QEMU_PSCI_0_2_FN_MIGRATE_INFO_TYPE: 659 ret = QEMU_PSCI_0_2_RET_TOS_MIGRATION_NOT_REQUIRED; /* No trusted OS */ 660 break; 661 case QEMU_PSCI_0_2_FN_AFFINITY_INFO: 662 case QEMU_PSCI_0_2_FN64_AFFINITY_INFO: 663 mpidr = param[1]; 664 665 switch (param[2]) { 666 case 0: 667 target_cpu_state = arm_get_cpu_by_id(mpidr); 668 if (!target_cpu_state) { 669 ret = QEMU_PSCI_RET_INVALID_PARAMS; 670 break; 671 } 672 target_cpu = ARM_CPU(target_cpu_state); 673 674 ret = target_cpu->power_state; 675 break; 676 default: 677 /* Everything above affinity level 0 is always on. */ 678 ret = 0; 679 } 680 break; 681 case QEMU_PSCI_0_2_FN_SYSTEM_RESET: 682 qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); 683 /* 684 * QEMU reset and shutdown are async requests, but PSCI 685 * mandates that we never return from the reset/shutdown 686 * call, so power the CPU off now so it doesn't execute 687 * anything further. 688 */ 689 hvf_psci_cpu_off(arm_cpu); 690 break; 691 case QEMU_PSCI_0_2_FN_SYSTEM_OFF: 692 qemu_system_shutdown_request(SHUTDOWN_CAUSE_GUEST_SHUTDOWN); 693 hvf_psci_cpu_off(arm_cpu); 694 break; 695 case QEMU_PSCI_0_1_FN_CPU_ON: 696 case QEMU_PSCI_0_2_FN_CPU_ON: 697 case QEMU_PSCI_0_2_FN64_CPU_ON: 698 mpidr = param[1]; 699 entry = param[2]; 700 context_id = param[3]; 701 ret = arm_set_cpu_on(mpidr, entry, context_id, 702 target_el, target_aarch64); 703 break; 704 case QEMU_PSCI_0_1_FN_CPU_OFF: 705 case QEMU_PSCI_0_2_FN_CPU_OFF: 706 hvf_psci_cpu_off(arm_cpu); 707 break; 708 case QEMU_PSCI_0_1_FN_CPU_SUSPEND: 709 case QEMU_PSCI_0_2_FN_CPU_SUSPEND: 710 case QEMU_PSCI_0_2_FN64_CPU_SUSPEND: 711 /* Affinity levels are not supported in QEMU */ 712 if (param[1] & 0xfffe0000) { 713 ret = QEMU_PSCI_RET_INVALID_PARAMS; 714 break; 715 } 716 /* Powerdown is not supported, we always go into WFI */ 717 env->xregs[0] = 0; 718 hvf_wfi(cpu); 719 break; 720 case QEMU_PSCI_0_1_FN_MIGRATE: 721 case QEMU_PSCI_0_2_FN_MIGRATE: 722 ret = QEMU_PSCI_RET_NOT_SUPPORTED; 723 break; 724 default: 725 return false; 726 } 727 728 env->xregs[0] = ret; 729 return true; 730} 731 732static int hvf_sysreg_read(CPUState *cpu, uint32_t reg, uint32_t rt) 733{ 734 ARMCPU *arm_cpu = ARM_CPU(cpu); 735 CPUARMState *env = &arm_cpu->env; 736 uint64_t val = 0; 737 738 switch (reg) { 739 case SYSREG_CNTPCT_EL0: 740 val = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) / 741 gt_cntfrq_period_ns(arm_cpu); 742 break; 743 case SYSREG_PMCR_EL0: 744 val = env->cp15.c9_pmcr; 745 break; 746 case SYSREG_PMCCNTR_EL0: 747 pmu_op_start(env); 748 val = env->cp15.c15_ccnt; 749 pmu_op_finish(env); 750 break; 751 case SYSREG_PMCNTENCLR_EL0: 752 val = env->cp15.c9_pmcnten; 753 break; 754 case SYSREG_PMOVSCLR_EL0: 755 val = env->cp15.c9_pmovsr; 756 break; 757 case SYSREG_PMSELR_EL0: 758 val = env->cp15.c9_pmselr; 759 break; 760 case SYSREG_PMINTENCLR_EL1: 761 val = env->cp15.c9_pminten; 762 break; 763 case SYSREG_PMCCFILTR_EL0: 764 val = env->cp15.pmccfiltr_el0; 765 break; 766 case SYSREG_PMCNTENSET_EL0: 767 val = env->cp15.c9_pmcnten; 768 break; 769 case SYSREG_PMUSERENR_EL0: 770 val = env->cp15.c9_pmuserenr; 771 break; 772 case SYSREG_PMCEID0_EL0: 773 case SYSREG_PMCEID1_EL0: 774 /* We can't really count anything yet, declare all events invalid */ 775 val = 0; 776 break; 777 case SYSREG_OSLSR_EL1: 778 val = env->cp15.oslsr_el1; 779 break; 780 case SYSREG_OSDLR_EL1: 781 /* Dummy register */ 782 break; 783 default: 784 cpu_synchronize_state(cpu); 785 trace_hvf_unhandled_sysreg_read(env->pc, reg, 786 (reg >> 20) & 0x3, 787 (reg >> 14) & 0x7, 788 (reg >> 10) & 0xf, 789 (reg >> 1) & 0xf, 790 (reg >> 17) & 0x7); 791 hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); 792 return 1; 793 } 794 795 trace_hvf_sysreg_read(reg, 796 (reg >> 20) & 0x3, 797 (reg >> 14) & 0x7, 798 (reg >> 10) & 0xf, 799 (reg >> 1) & 0xf, 800 (reg >> 17) & 0x7, 801 val); 802 hvf_set_reg(cpu, rt, val); 803 804 return 0; 805} 806 807static void pmu_update_irq(CPUARMState *env) 808{ 809 ARMCPU *cpu = env_archcpu(env); 810 qemu_set_irq(cpu->pmu_interrupt, (env->cp15.c9_pmcr & PMCRE) && 811 (env->cp15.c9_pminten & env->cp15.c9_pmovsr)); 812} 813 814static bool pmu_event_supported(uint16_t number) 815{ 816 return false; 817} 818 819/* Returns true if the counter (pass 31 for PMCCNTR) should count events using 820 * the current EL, security state, and register configuration. 821 */ 822static bool pmu_counter_enabled(CPUARMState *env, uint8_t counter) 823{ 824 uint64_t filter; 825 bool enabled, filtered = true; 826 int el = arm_current_el(env); 827 828 enabled = (env->cp15.c9_pmcr & PMCRE) && 829 (env->cp15.c9_pmcnten & (1 << counter)); 830 831 if (counter == 31) { 832 filter = env->cp15.pmccfiltr_el0; 833 } else { 834 filter = env->cp15.c14_pmevtyper[counter]; 835 } 836 837 if (el == 0) { 838 filtered = filter & PMXEVTYPER_U; 839 } else if (el == 1) { 840 filtered = filter & PMXEVTYPER_P; 841 } 842 843 if (counter != 31) { 844 /* 845 * If not checking PMCCNTR, ensure the counter is setup to an event we 846 * support 847 */ 848 uint16_t event = filter & PMXEVTYPER_EVTCOUNT; 849 if (!pmu_event_supported(event)) { 850 return false; 851 } 852 } 853 854 return enabled && !filtered; 855} 856 857static void pmswinc_write(CPUARMState *env, uint64_t value) 858{ 859 unsigned int i; 860 for (i = 0; i < pmu_num_counters(env); i++) { 861 /* Increment a counter's count iff: */ 862 if ((value & (1 << i)) && /* counter's bit is set */ 863 /* counter is enabled and not filtered */ 864 pmu_counter_enabled(env, i) && 865 /* counter is SW_INCR */ 866 (env->cp15.c14_pmevtyper[i] & PMXEVTYPER_EVTCOUNT) == 0x0) { 867 /* 868 * Detect if this write causes an overflow since we can't predict 869 * PMSWINC overflows like we can for other events 870 */ 871 uint32_t new_pmswinc = env->cp15.c14_pmevcntr[i] + 1; 872 873 if (env->cp15.c14_pmevcntr[i] & ~new_pmswinc & INT32_MIN) { 874 env->cp15.c9_pmovsr |= (1 << i); 875 pmu_update_irq(env); 876 } 877 878 env->cp15.c14_pmevcntr[i] = new_pmswinc; 879 } 880 } 881} 882 883static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val) 884{ 885 ARMCPU *arm_cpu = ARM_CPU(cpu); 886 CPUARMState *env = &arm_cpu->env; 887 888 trace_hvf_sysreg_write(reg, 889 (reg >> 20) & 0x3, 890 (reg >> 14) & 0x7, 891 (reg >> 10) & 0xf, 892 (reg >> 1) & 0xf, 893 (reg >> 17) & 0x7, 894 val); 895 896 switch (reg) { 897 case SYSREG_PMCCNTR_EL0: 898 pmu_op_start(env); 899 env->cp15.c15_ccnt = val; 900 pmu_op_finish(env); 901 break; 902 case SYSREG_PMCR_EL0: 903 pmu_op_start(env); 904 905 if (val & PMCRC) { 906 /* The counter has been reset */ 907 env->cp15.c15_ccnt = 0; 908 } 909 910 if (val & PMCRP) { 911 unsigned int i; 912 for (i = 0; i < pmu_num_counters(env); i++) { 913 env->cp15.c14_pmevcntr[i] = 0; 914 } 915 } 916 917 env->cp15.c9_pmcr &= ~PMCR_WRITEABLE_MASK; 918 env->cp15.c9_pmcr |= (val & PMCR_WRITEABLE_MASK); 919 920 pmu_op_finish(env); 921 break; 922 case SYSREG_PMUSERENR_EL0: 923 env->cp15.c9_pmuserenr = val & 0xf; 924 break; 925 case SYSREG_PMCNTENSET_EL0: 926 env->cp15.c9_pmcnten |= (val & pmu_counter_mask(env)); 927 break; 928 case SYSREG_PMCNTENCLR_EL0: 929 env->cp15.c9_pmcnten &= ~(val & pmu_counter_mask(env)); 930 break; 931 case SYSREG_PMINTENCLR_EL1: 932 pmu_op_start(env); 933 env->cp15.c9_pminten |= val; 934 pmu_op_finish(env); 935 break; 936 case SYSREG_PMOVSCLR_EL0: 937 pmu_op_start(env); 938 env->cp15.c9_pmovsr &= ~val; 939 pmu_op_finish(env); 940 break; 941 case SYSREG_PMSWINC_EL0: 942 pmu_op_start(env); 943 pmswinc_write(env, val); 944 pmu_op_finish(env); 945 break; 946 case SYSREG_PMSELR_EL0: 947 env->cp15.c9_pmselr = val & 0x1f; 948 break; 949 case SYSREG_PMCCFILTR_EL0: 950 pmu_op_start(env); 951 env->cp15.pmccfiltr_el0 = val & PMCCFILTR_EL0; 952 pmu_op_finish(env); 953 break; 954 case SYSREG_OSLAR_EL1: 955 env->cp15.oslsr_el1 = val & 1; 956 break; 957 case SYSREG_OSDLR_EL1: 958 /* Dummy register */ 959 break; 960 default: 961 cpu_synchronize_state(cpu); 962 trace_hvf_unhandled_sysreg_write(env->pc, reg, 963 (reg >> 20) & 0x3, 964 (reg >> 14) & 0x7, 965 (reg >> 10) & 0xf, 966 (reg >> 1) & 0xf, 967 (reg >> 17) & 0x7); 968 hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); 969 return 1; 970 } 971 972 return 0; 973} 974 975static int hvf_inject_interrupts(CPUState *cpu) 976{ 977 if (cpu->interrupt_request & CPU_INTERRUPT_FIQ) { 978 trace_hvf_inject_fiq(); 979 hv_vcpu_set_pending_interrupt(cpu->hvf->fd, HV_INTERRUPT_TYPE_FIQ, 980 true); 981 } 982 983 if (cpu->interrupt_request & CPU_INTERRUPT_HARD) { 984 trace_hvf_inject_irq(); 985 hv_vcpu_set_pending_interrupt(cpu->hvf->fd, HV_INTERRUPT_TYPE_IRQ, 986 true); 987 } 988 989 return 0; 990} 991 992static uint64_t hvf_vtimer_val_raw(void) 993{ 994 /* 995 * mach_absolute_time() returns the vtimer value without the VM 996 * offset that we define. Add our own offset on top. 997 */ 998 return mach_absolute_time() - hvf_state->vtimer_offset; 999} 1000 1001static uint64_t hvf_vtimer_val(void) 1002{ 1003 if (!runstate_is_running()) { 1004 /* VM is paused, the vtimer value is in vtimer.vtimer_val */ 1005 return vtimer.vtimer_val; 1006 } 1007 1008 return hvf_vtimer_val_raw(); 1009} 1010 1011static void hvf_wait_for_ipi(CPUState *cpu, struct timespec *ts) 1012{ 1013 /* 1014 * Use pselect to sleep so that other threads can IPI us while we're 1015 * sleeping. 1016 */ 1017 qatomic_mb_set(&cpu->thread_kicked, false); 1018 qemu_mutex_unlock_iothread(); 1019 pselect(0, 0, 0, 0, ts, &cpu->hvf->unblock_ipi_mask); 1020 qemu_mutex_lock_iothread(); 1021} 1022 1023static void hvf_wfi(CPUState *cpu) 1024{ 1025 ARMCPU *arm_cpu = ARM_CPU(cpu); 1026 struct timespec ts; 1027 hv_return_t r; 1028 uint64_t ctl; 1029 uint64_t cval; 1030 int64_t ticks_to_sleep; 1031 uint64_t seconds; 1032 uint64_t nanos; 1033 uint32_t cntfrq; 1034 1035 if (cpu->interrupt_request & (CPU_INTERRUPT_HARD | CPU_INTERRUPT_FIQ)) { 1036 /* Interrupt pending, no need to wait */ 1037 return; 1038 } 1039 1040 r = hv_vcpu_get_sys_reg(cpu->hvf->fd, HV_SYS_REG_CNTV_CTL_EL0, &ctl); 1041 assert_hvf_ok(r); 1042 1043 if (!(ctl & 1) || (ctl & 2)) { 1044 /* Timer disabled or masked, just wait for an IPI. */ 1045 hvf_wait_for_ipi(cpu, NULL); 1046 return; 1047 } 1048 1049 r = hv_vcpu_get_sys_reg(cpu->hvf->fd, HV_SYS_REG_CNTV_CVAL_EL0, &cval); 1050 assert_hvf_ok(r); 1051 1052 ticks_to_sleep = cval - hvf_vtimer_val(); 1053 if (ticks_to_sleep < 0) { 1054 return; 1055 } 1056 1057 cntfrq = gt_cntfrq_period_ns(arm_cpu); 1058 seconds = muldiv64(ticks_to_sleep, cntfrq, NANOSECONDS_PER_SECOND); 1059 ticks_to_sleep -= muldiv64(seconds, NANOSECONDS_PER_SECOND, cntfrq); 1060 nanos = ticks_to_sleep * cntfrq; 1061 1062 /* 1063 * Don't sleep for less than the time a context switch would take, 1064 * so that we can satisfy fast timer requests on the same CPU. 1065 * Measurements on M1 show the sweet spot to be ~2ms. 1066 */ 1067 if (!seconds && nanos < (2 * SCALE_MS)) { 1068 return; 1069 } 1070 1071 ts = (struct timespec) { seconds, nanos }; 1072 hvf_wait_for_ipi(cpu, &ts); 1073} 1074 1075static void hvf_sync_vtimer(CPUState *cpu) 1076{ 1077 ARMCPU *arm_cpu = ARM_CPU(cpu); 1078 hv_return_t r; 1079 uint64_t ctl; 1080 bool irq_state; 1081 1082 if (!cpu->hvf->vtimer_masked) { 1083 /* We will get notified on vtimer changes by hvf, nothing to do */ 1084 return; 1085 } 1086 1087 r = hv_vcpu_get_sys_reg(cpu->hvf->fd, HV_SYS_REG_CNTV_CTL_EL0, &ctl); 1088 assert_hvf_ok(r); 1089 1090 irq_state = (ctl & (TMR_CTL_ENABLE | TMR_CTL_IMASK | TMR_CTL_ISTATUS)) == 1091 (TMR_CTL_ENABLE | TMR_CTL_ISTATUS); 1092 qemu_set_irq(arm_cpu->gt_timer_outputs[GTIMER_VIRT], irq_state); 1093 1094 if (!irq_state) { 1095 /* Timer no longer asserting, we can unmask it */ 1096 hv_vcpu_set_vtimer_mask(cpu->hvf->fd, false); 1097 cpu->hvf->vtimer_masked = false; 1098 } 1099} 1100 1101int hvf_vcpu_exec(CPUState *cpu) 1102{ 1103 ARMCPU *arm_cpu = ARM_CPU(cpu); 1104 CPUARMState *env = &arm_cpu->env; 1105 hv_vcpu_exit_t *hvf_exit = cpu->hvf->exit; 1106 hv_return_t r; 1107 bool advance_pc = false; 1108 1109 if (hvf_inject_interrupts(cpu)) { 1110 return EXCP_INTERRUPT; 1111 } 1112 1113 if (cpu->halted) { 1114 return EXCP_HLT; 1115 } 1116 1117 flush_cpu_state(cpu); 1118 1119 qemu_mutex_unlock_iothread(); 1120 assert_hvf_ok(hv_vcpu_run(cpu->hvf->fd)); 1121 1122 /* handle VMEXIT */ 1123 uint64_t exit_reason = hvf_exit->reason; 1124 uint64_t syndrome = hvf_exit->exception.syndrome; 1125 uint32_t ec = syn_get_ec(syndrome); 1126 1127 qemu_mutex_lock_iothread(); 1128 switch (exit_reason) { 1129 case HV_EXIT_REASON_EXCEPTION: 1130 /* This is the main one, handle below. */ 1131 break; 1132 case HV_EXIT_REASON_VTIMER_ACTIVATED: 1133 qemu_set_irq(arm_cpu->gt_timer_outputs[GTIMER_VIRT], 1); 1134 cpu->hvf->vtimer_masked = true; 1135 return 0; 1136 case HV_EXIT_REASON_CANCELED: 1137 /* we got kicked, no exit to process */ 1138 return 0; 1139 default: 1140 assert(0); 1141 } 1142 1143 hvf_sync_vtimer(cpu); 1144 1145 switch (ec) { 1146 case EC_DATAABORT: { 1147 bool isv = syndrome & ARM_EL_ISV; 1148 bool iswrite = (syndrome >> 6) & 1; 1149 bool s1ptw = (syndrome >> 7) & 1; 1150 uint32_t sas = (syndrome >> 22) & 3; 1151 uint32_t len = 1 << sas; 1152 uint32_t srt = (syndrome >> 16) & 0x1f; 1153 uint64_t val = 0; 1154 1155 trace_hvf_data_abort(env->pc, hvf_exit->exception.virtual_address, 1156 hvf_exit->exception.physical_address, isv, 1157 iswrite, s1ptw, len, srt); 1158 1159 assert(isv); 1160 1161 if (iswrite) { 1162 val = hvf_get_reg(cpu, srt); 1163 address_space_write(&address_space_memory, 1164 hvf_exit->exception.physical_address, 1165 MEMTXATTRS_UNSPECIFIED, &val, len); 1166 } else { 1167 address_space_read(&address_space_memory, 1168 hvf_exit->exception.physical_address, 1169 MEMTXATTRS_UNSPECIFIED, &val, len); 1170 hvf_set_reg(cpu, srt, val); 1171 } 1172 1173 advance_pc = true; 1174 break; 1175 } 1176 case EC_SYSTEMREGISTERTRAP: { 1177 bool isread = (syndrome >> 0) & 1; 1178 uint32_t rt = (syndrome >> 5) & 0x1f; 1179 uint32_t reg = syndrome & SYSREG_MASK; 1180 uint64_t val; 1181 int ret = 0; 1182 1183 if (isread) { 1184 ret = hvf_sysreg_read(cpu, reg, rt); 1185 } else { 1186 val = hvf_get_reg(cpu, rt); 1187 ret = hvf_sysreg_write(cpu, reg, val); 1188 } 1189 1190 advance_pc = !ret; 1191 break; 1192 } 1193 case EC_WFX_TRAP: 1194 advance_pc = true; 1195 if (!(syndrome & WFX_IS_WFE)) { 1196 hvf_wfi(cpu); 1197 } 1198 break; 1199 case EC_AA64_HVC: 1200 cpu_synchronize_state(cpu); 1201 if (arm_cpu->psci_conduit == QEMU_PSCI_CONDUIT_HVC) { 1202 if (!hvf_handle_psci_call(cpu)) { 1203 trace_hvf_unknown_hvc(env->xregs[0]); 1204 /* SMCCC 1.3 section 5.2 says every unknown SMCCC call returns -1 */ 1205 env->xregs[0] = -1; 1206 } 1207 } else { 1208 trace_hvf_unknown_hvc(env->xregs[0]); 1209 hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); 1210 } 1211 break; 1212 case EC_AA64_SMC: 1213 cpu_synchronize_state(cpu); 1214 if (arm_cpu->psci_conduit == QEMU_PSCI_CONDUIT_SMC) { 1215 advance_pc = true; 1216 1217 if (!hvf_handle_psci_call(cpu)) { 1218 trace_hvf_unknown_smc(env->xregs[0]); 1219 /* SMCCC 1.3 section 5.2 says every unknown SMCCC call returns -1 */ 1220 env->xregs[0] = -1; 1221 } 1222 } else { 1223 trace_hvf_unknown_smc(env->xregs[0]); 1224 hvf_raise_exception(cpu, EXCP_UDEF, syn_uncategorized()); 1225 } 1226 break; 1227 default: 1228 cpu_synchronize_state(cpu); 1229 trace_hvf_exit(syndrome, ec, env->pc); 1230 error_report("0x%llx: unhandled exception ec=0x%x", env->pc, ec); 1231 } 1232 1233 if (advance_pc) { 1234 uint64_t pc; 1235 1236 flush_cpu_state(cpu); 1237 1238 r = hv_vcpu_get_reg(cpu->hvf->fd, HV_REG_PC, &pc); 1239 assert_hvf_ok(r); 1240 pc += 4; 1241 r = hv_vcpu_set_reg(cpu->hvf->fd, HV_REG_PC, pc); 1242 assert_hvf_ok(r); 1243 } 1244 1245 return 0; 1246} 1247 1248static const VMStateDescription vmstate_hvf_vtimer = { 1249 .name = "hvf-vtimer", 1250 .version_id = 1, 1251 .minimum_version_id = 1, 1252 .fields = (VMStateField[]) { 1253 VMSTATE_UINT64(vtimer_val, HVFVTimer), 1254 VMSTATE_END_OF_LIST() 1255 }, 1256}; 1257 1258static void hvf_vm_state_change(void *opaque, bool running, RunState state) 1259{ 1260 HVFVTimer *s = opaque; 1261 1262 if (running) { 1263 /* Update vtimer offset on all CPUs */ 1264 hvf_state->vtimer_offset = mach_absolute_time() - s->vtimer_val; 1265 cpu_synchronize_all_states(); 1266 } else { 1267 /* Remember vtimer value on every pause */ 1268 s->vtimer_val = hvf_vtimer_val_raw(); 1269 } 1270} 1271 1272int hvf_arch_init(void) 1273{ 1274 hvf_state->vtimer_offset = mach_absolute_time(); 1275 vmstate_register(NULL, 0, &vmstate_hvf_vtimer, &vtimer); 1276 qemu_add_vm_change_state_handler(hvf_vm_state_change, &vtimer); 1277 return 0; 1278}