2013-12-17 20:42:30 +01:00
|
|
|
/*
|
|
|
|
* ARM implementation of KVM hooks, 64 bit specific code
|
|
|
|
*
|
|
|
|
* Copyright Mian-M. Hamayun 2013, Virtual Open Systems
|
2015-12-17 14:37:15 +01:00
|
|
|
* Copyright Alex Bennée 2014, Linaro
|
2013-12-17 20:42:30 +01:00
|
|
|
*
|
|
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or later.
|
|
|
|
* See the COPYING file in the top-level directory.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2015-12-07 17:23:44 +01:00
|
|
|
#include "qemu/osdep.h"
|
2013-12-17 20:42:30 +01:00
|
|
|
#include <sys/ioctl.h>
|
2015-12-17 14:37:15 +01:00
|
|
|
#include <sys/ptrace.h>
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
#include <linux/elf.h>
|
2013-12-17 20:42:30 +01:00
|
|
|
#include <linux/kvm.h>
|
|
|
|
|
|
|
|
#include "qemu-common.h"
|
2020-10-01 08:17:18 +02:00
|
|
|
#include "qapi/error.h"
|
2016-03-15 16:58:45 +01:00
|
|
|
#include "cpu.h"
|
2013-12-17 20:42:30 +01:00
|
|
|
#include "qemu/timer.h"
|
2015-12-17 14:37:15 +01:00
|
|
|
#include "qemu/error-report.h"
|
2015-12-17 14:37:15 +01:00
|
|
|
#include "qemu/host-utils.h"
|
Include qemu/main-loop.h less
In my "build everything" tree, changing qemu/main-loop.h triggers a
recompile of some 5600 out of 6600 objects (not counting tests and
objects that don't depend on qemu/osdep.h). It includes block/aio.h,
which in turn includes qemu/event_notifier.h, qemu/notify.h,
qemu/processor.h, qemu/qsp.h, qemu/queue.h, qemu/thread-posix.h,
qemu/thread.h, qemu/timer.h, and a few more.
Include qemu/main-loop.h only where it's needed. Touching it now
recompiles only some 1700 objects. For block/aio.h and
qemu/event_notifier.h, these numbers drop from 5600 to 2800. For the
others, they shrink only slightly.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190812052359.30071-21-armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-08-12 07:23:50 +02:00
|
|
|
#include "qemu/main-loop.h"
|
2015-12-17 14:37:15 +01:00
|
|
|
#include "exec/gdbstub.h"
|
2020-01-30 17:02:06 +01:00
|
|
|
#include "sysemu/runstate.h"
|
2013-12-17 20:42:30 +01:00
|
|
|
#include "sysemu/kvm.h"
|
2019-08-02 14:25:26 +02:00
|
|
|
#include "sysemu/kvm_int.h"
|
2013-12-17 20:42:30 +01:00
|
|
|
#include "kvm_arm.h"
|
2014-08-04 15:41:54 +02:00
|
|
|
#include "internals.h"
|
target-arm: kvm64: handle SIGBUS signal from kernel or KVM
Add a SIGBUS signal handler. In this handler, it checks the SIGBUS type,
translates the host VA delivered by host to guest PA, then fills this PA
to guest APEI GHES memory, then notifies guest according to the SIGBUS
type.
When guest accesses the poisoned memory, it will generate a Synchronous
External Abort(SEA). Then host kernel gets an APEI notification and calls
memory_failure() to unmapped the affected page in stage 2, finally
returns to guest.
Guest continues to access the PG_hwpoison page, it will trap to KVM as
stage2 fault, then a SIGBUS_MCEERR_AR synchronous signal is delivered to
Qemu, Qemu records this error address into guest APEI GHES memory and
notifes guest using Synchronous-External-Abort(SEA).
In order to inject a vSEA, we introduce the kvm_inject_arm_sea() function
in which we can setup the type of exception and the syndrome information.
When switching to guest, the target vcpu will jump to the synchronous
external abort vector table entry.
The ESR_ELx.DFSC is set to synchronous external abort(0x10), and the
ESR_ELx.FnV is set to not valid(0x1), which will tell guest that FAR is
not valid and hold an UNKNOWN value. These values will be set to KVM
register structures through KVM_SET_ONE_REG IOCTL.
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
Signed-off-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20200512030609.19593-10-gengdongjiu@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-12 05:06:08 +02:00
|
|
|
#include "hw/acpi/acpi.h"
|
|
|
|
#include "hw/acpi/ghes.h"
|
|
|
|
#include "hw/arm/virt.h"
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2015-12-17 14:37:14 +01:00
|
|
|
static bool have_guest_debug;
|
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
/*
|
|
|
|
* Although the ARM implementation of hardware assisted debugging
|
|
|
|
* allows for different breakpoints per-core, the current GDB
|
|
|
|
* interface treats them as a global pool of registers (which seems to
|
|
|
|
* be the case for x86, ppc and s390). As a result we store one copy
|
|
|
|
* of registers which is used for all active cores.
|
|
|
|
*
|
|
|
|
* Write access is serialised by virtue of the GDB protocol which
|
|
|
|
* updates things. Read access (i.e. when the values are copied to the
|
|
|
|
* vCPU) is also gated by GDB's run control.
|
|
|
|
*
|
|
|
|
* This is not unreasonable as most of the time debugging kernels you
|
|
|
|
* never know which core will eventually execute your function.
|
|
|
|
*/
|
|
|
|
|
|
|
|
typedef struct {
|
|
|
|
uint64_t bcr;
|
|
|
|
uint64_t bvr;
|
|
|
|
} HWBreakpoint;
|
|
|
|
|
|
|
|
/* The watchpoint registers can cover more area than the requested
|
|
|
|
* watchpoint so we need to store the additional information
|
|
|
|
* somewhere. We also need to supply a CPUWatchpoint to the GDB stub
|
|
|
|
* when the watchpoint is hit.
|
|
|
|
*/
|
|
|
|
typedef struct {
|
|
|
|
uint64_t wcr;
|
|
|
|
uint64_t wvr;
|
|
|
|
CPUWatchpoint details;
|
|
|
|
} HWWatchpoint;
|
|
|
|
|
|
|
|
/* Maximum and current break/watch point counts */
|
|
|
|
int max_hw_bps, max_hw_wps;
|
|
|
|
GArray *hw_breakpoints, *hw_watchpoints;
|
|
|
|
|
|
|
|
#define cur_hw_wps (hw_watchpoints->len)
|
|
|
|
#define cur_hw_bps (hw_breakpoints->len)
|
|
|
|
#define get_hw_bp(i) (&g_array_index(hw_breakpoints, HWBreakpoint, i))
|
|
|
|
#define get_hw_wp(i) (&g_array_index(hw_watchpoints, HWWatchpoint, i))
|
|
|
|
|
2015-12-17 14:37:14 +01:00
|
|
|
/**
|
2015-12-17 14:37:15 +01:00
|
|
|
* kvm_arm_init_debug() - check for guest debug capabilities
|
2015-12-17 14:37:14 +01:00
|
|
|
* @cs: CPUState
|
|
|
|
*
|
2015-12-17 14:37:15 +01:00
|
|
|
* kvm_check_extension returns the number of debug registers we have
|
|
|
|
* or 0 if we have none.
|
2015-12-17 14:37:14 +01:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
static void kvm_arm_init_debug(CPUState *cs)
|
|
|
|
{
|
|
|
|
have_guest_debug = kvm_check_extension(cs->kvm_state,
|
|
|
|
KVM_CAP_SET_GUEST_DEBUG);
|
2015-12-17 14:37:15 +01:00
|
|
|
|
|
|
|
max_hw_wps = kvm_check_extension(cs->kvm_state, KVM_CAP_GUEST_DEBUG_HW_WPS);
|
|
|
|
hw_watchpoints = g_array_sized_new(true, true,
|
|
|
|
sizeof(HWWatchpoint), max_hw_wps);
|
|
|
|
|
|
|
|
max_hw_bps = kvm_check_extension(cs->kvm_state, KVM_CAP_GUEST_DEBUG_HW_BPS);
|
|
|
|
hw_breakpoints = g_array_sized_new(true, true,
|
|
|
|
sizeof(HWBreakpoint), max_hw_bps);
|
2015-12-17 14:37:14 +01:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
/**
|
|
|
|
* insert_hw_breakpoint()
|
|
|
|
* @addr: address of breakpoint
|
|
|
|
*
|
|
|
|
* See ARM ARM D2.9.1 for details but here we are only going to create
|
|
|
|
* simple un-linked breakpoints (i.e. we don't chain breakpoints
|
|
|
|
* together to match address and context or vmid). The hardware is
|
|
|
|
* capable of fancier matching but that will require exposing that
|
|
|
|
* fanciness to GDB's interface
|
|
|
|
*
|
2018-11-13 11:47:59 +01:00
|
|
|
* DBGBCR<n>_EL1, Debug Breakpoint Control Registers
|
2015-12-17 14:37:15 +01:00
|
|
|
*
|
|
|
|
* 31 24 23 20 19 16 15 14 13 12 9 8 5 4 3 2 1 0
|
|
|
|
* +------+------+-------+-----+----+------+-----+------+-----+---+
|
|
|
|
* | RES0 | BT | LBN | SSC | HMC| RES0 | BAS | RES0 | PMC | E |
|
|
|
|
* +------+------+-------+-----+----+------+-----+------+-----+---+
|
|
|
|
*
|
|
|
|
* BT: Breakpoint type (0 = unlinked address match)
|
|
|
|
* LBN: Linked BP number (0 = unused)
|
|
|
|
* SSC/HMC/PMC: Security, Higher and Priv access control (Table D-12)
|
|
|
|
* BAS: Byte Address Select (RES1 for AArch64)
|
|
|
|
* E: Enable bit
|
2018-11-13 11:47:59 +01:00
|
|
|
*
|
|
|
|
* DBGBVR<n>_EL1, Debug Breakpoint Value Registers
|
|
|
|
*
|
|
|
|
* 63 53 52 49 48 2 1 0
|
|
|
|
* +------+-----------+----------+-----+
|
|
|
|
* | RESS | VA[52:49] | VA[48:2] | 0 0 |
|
|
|
|
* +------+-----------+----------+-----+
|
|
|
|
*
|
|
|
|
* Depending on the addressing mode bits the top bits of the register
|
|
|
|
* are a sign extension of the highest applicable VA bit. Some
|
|
|
|
* versions of GDB don't do it correctly so we ensure they are correct
|
|
|
|
* here so future PC comparisons will work properly.
|
2015-12-17 14:37:15 +01:00
|
|
|
*/
|
2018-11-13 11:47:59 +01:00
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
static int insert_hw_breakpoint(target_ulong addr)
|
|
|
|
{
|
|
|
|
HWBreakpoint brk = {
|
|
|
|
.bcr = 0x1, /* BCR E=1, enable */
|
2018-11-13 11:47:59 +01:00
|
|
|
.bvr = sextract64(addr, 0, 53)
|
2015-12-17 14:37:15 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
if (cur_hw_bps >= max_hw_bps) {
|
|
|
|
return -ENOBUFS;
|
|
|
|
}
|
|
|
|
|
|
|
|
brk.bcr = deposit32(brk.bcr, 1, 2, 0x3); /* PMC = 11 */
|
|
|
|
brk.bcr = deposit32(brk.bcr, 5, 4, 0xf); /* BAS = RES1 */
|
|
|
|
|
|
|
|
g_array_append_val(hw_breakpoints, brk);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* delete_hw_breakpoint()
|
|
|
|
* @pc: address of breakpoint
|
|
|
|
*
|
|
|
|
* Delete a breakpoint and shuffle any above down
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int delete_hw_breakpoint(target_ulong pc)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < hw_breakpoints->len; i++) {
|
|
|
|
HWBreakpoint *brk = get_hw_bp(i);
|
|
|
|
if (brk->bvr == pc) {
|
|
|
|
g_array_remove_index(hw_breakpoints, i);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* insert_hw_watchpoint()
|
|
|
|
* @addr: address of watch point
|
|
|
|
* @len: size of area
|
|
|
|
* @type: type of watch point
|
|
|
|
*
|
|
|
|
* See ARM ARM D2.10. As with the breakpoints we can do some advanced
|
|
|
|
* stuff if we want to. The watch points can be linked with the break
|
|
|
|
* points above to make them context aware. However for simplicity
|
|
|
|
* currently we only deal with simple read/write watch points.
|
|
|
|
*
|
|
|
|
* D7.3.11 DBGWCR<n>_EL1, Debug Watchpoint Control Registers
|
|
|
|
*
|
|
|
|
* 31 29 28 24 23 21 20 19 16 15 14 13 12 5 4 3 2 1 0
|
|
|
|
* +------+-------+------+----+-----+-----+-----+-----+-----+-----+---+
|
|
|
|
* | RES0 | MASK | RES0 | WT | LBN | SSC | HMC | BAS | LSC | PAC | E |
|
|
|
|
* +------+-------+------+----+-----+-----+-----+-----+-----+-----+---+
|
|
|
|
*
|
|
|
|
* MASK: num bits addr mask (0=none,01/10=res,11=3 bits (8 bytes))
|
|
|
|
* WT: 0 - unlinked, 1 - linked (not currently used)
|
|
|
|
* LBN: Linked BP number (not currently used)
|
|
|
|
* SSC/HMC/PAC: Security, Higher and Priv access control (Table D2-11)
|
|
|
|
* BAS: Byte Address Select
|
|
|
|
* LSC: Load/Store control (01: load, 10: store, 11: both)
|
|
|
|
* E: Enable
|
|
|
|
*
|
|
|
|
* The bottom 2 bits of the value register are masked. Therefore to
|
|
|
|
* break on any sizes smaller than an unaligned word you need to set
|
|
|
|
* MASK=0, BAS=bit per byte in question. For larger regions (^2) you
|
|
|
|
* need to ensure you mask the address as required and set BAS=0xff
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int insert_hw_watchpoint(target_ulong addr,
|
|
|
|
target_ulong len, int type)
|
|
|
|
{
|
|
|
|
HWWatchpoint wp = {
|
|
|
|
.wcr = 1, /* E=1, enable */
|
|
|
|
.wvr = addr & (~0x7ULL),
|
|
|
|
.details = { .vaddr = addr, .len = len }
|
|
|
|
};
|
|
|
|
|
|
|
|
if (cur_hw_wps >= max_hw_wps) {
|
|
|
|
return -ENOBUFS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* HMC=0 SSC=0 PAC=3 will hit EL0 or EL1, any security state,
|
|
|
|
* valid whether EL3 is implemented or not
|
|
|
|
*/
|
|
|
|
wp.wcr = deposit32(wp.wcr, 1, 2, 3);
|
|
|
|
|
|
|
|
switch (type) {
|
|
|
|
case GDB_WATCHPOINT_READ:
|
|
|
|
wp.wcr = deposit32(wp.wcr, 3, 2, 1);
|
|
|
|
wp.details.flags = BP_MEM_READ;
|
|
|
|
break;
|
|
|
|
case GDB_WATCHPOINT_WRITE:
|
|
|
|
wp.wcr = deposit32(wp.wcr, 3, 2, 2);
|
|
|
|
wp.details.flags = BP_MEM_WRITE;
|
|
|
|
break;
|
|
|
|
case GDB_WATCHPOINT_ACCESS:
|
|
|
|
wp.wcr = deposit32(wp.wcr, 3, 2, 3);
|
|
|
|
wp.details.flags = BP_MEM_ACCESS;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
g_assert_not_reached();
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
if (len <= 8) {
|
|
|
|
/* we align the address and set the bits in BAS */
|
|
|
|
int off = addr & 0x7;
|
|
|
|
int bas = (1 << len) - 1;
|
|
|
|
|
|
|
|
wp.wcr = deposit32(wp.wcr, 5 + off, 8 - off, bas);
|
|
|
|
} else {
|
|
|
|
/* For ranges above 8 bytes we need to be a power of 2 */
|
|
|
|
if (is_power_of_2(len)) {
|
|
|
|
int bits = ctz64(len);
|
|
|
|
|
|
|
|
wp.wvr &= ~((1 << bits) - 1);
|
|
|
|
wp.wcr = deposit32(wp.wcr, 24, 4, bits);
|
|
|
|
wp.wcr = deposit32(wp.wcr, 5, 8, 0xff);
|
|
|
|
} else {
|
|
|
|
return -ENOBUFS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
g_array_append_val(hw_watchpoints, wp);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static bool check_watchpoint_in_range(int i, target_ulong addr)
|
|
|
|
{
|
|
|
|
HWWatchpoint *wp = get_hw_wp(i);
|
|
|
|
uint64_t addr_top, addr_bottom = wp->wvr;
|
|
|
|
int bas = extract32(wp->wcr, 5, 8);
|
|
|
|
int mask = extract32(wp->wcr, 24, 4);
|
|
|
|
|
|
|
|
if (mask) {
|
|
|
|
addr_top = addr_bottom + (1 << mask);
|
|
|
|
} else {
|
|
|
|
/* BAS must be contiguous but can offset against the base
|
|
|
|
* address in DBGWVR */
|
|
|
|
addr_bottom = addr_bottom + ctz32(bas);
|
|
|
|
addr_top = addr_bottom + clo32(bas);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (addr >= addr_bottom && addr <= addr_top) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* delete_hw_watchpoint()
|
|
|
|
* @addr: address of breakpoint
|
|
|
|
*
|
|
|
|
* Delete a breakpoint and shuffle any above down
|
|
|
|
*/
|
|
|
|
|
|
|
|
static int delete_hw_watchpoint(target_ulong addr,
|
|
|
|
target_ulong len, int type)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < cur_hw_wps; i++) {
|
|
|
|
if (check_watchpoint_in_range(i, addr)) {
|
|
|
|
g_array_remove_index(hw_watchpoints, i);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return -ENOENT;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int kvm_arch_insert_hw_breakpoint(target_ulong addr,
|
|
|
|
target_ulong len, int type)
|
|
|
|
{
|
|
|
|
switch (type) {
|
|
|
|
case GDB_BREAKPOINT_HW:
|
|
|
|
return insert_hw_breakpoint(addr);
|
|
|
|
break;
|
|
|
|
case GDB_WATCHPOINT_READ:
|
|
|
|
case GDB_WATCHPOINT_WRITE:
|
|
|
|
case GDB_WATCHPOINT_ACCESS:
|
|
|
|
return insert_hw_watchpoint(addr, len, type);
|
|
|
|
default:
|
|
|
|
return -ENOSYS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
int kvm_arch_remove_hw_breakpoint(target_ulong addr,
|
|
|
|
target_ulong len, int type)
|
|
|
|
{
|
|
|
|
switch (type) {
|
|
|
|
case GDB_BREAKPOINT_HW:
|
|
|
|
return delete_hw_breakpoint(addr);
|
|
|
|
case GDB_WATCHPOINT_READ:
|
|
|
|
case GDB_WATCHPOINT_WRITE:
|
|
|
|
case GDB_WATCHPOINT_ACCESS:
|
|
|
|
return delete_hw_watchpoint(addr, len, type);
|
|
|
|
default:
|
|
|
|
return -ENOSYS;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void kvm_arch_remove_all_hw_breakpoints(void)
|
|
|
|
{
|
|
|
|
if (cur_hw_wps > 0) {
|
|
|
|
g_array_remove_range(hw_watchpoints, 0, cur_hw_wps);
|
|
|
|
}
|
|
|
|
if (cur_hw_bps > 0) {
|
|
|
|
g_array_remove_range(hw_breakpoints, 0, cur_hw_bps);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void kvm_arm_copy_hw_debug_data(struct kvm_guest_debug_arch *ptr)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
memset(ptr, 0, sizeof(struct kvm_guest_debug_arch));
|
|
|
|
|
|
|
|
for (i = 0; i < max_hw_wps; i++) {
|
|
|
|
HWWatchpoint *wp = get_hw_wp(i);
|
|
|
|
ptr->dbg_wcr[i] = wp->wcr;
|
|
|
|
ptr->dbg_wvr[i] = wp->wvr;
|
|
|
|
}
|
|
|
|
for (i = 0; i < max_hw_bps; i++) {
|
|
|
|
HWBreakpoint *bp = get_hw_bp(i);
|
|
|
|
ptr->dbg_bcr[i] = bp->bcr;
|
|
|
|
ptr->dbg_bvr[i] = bp->bvr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool kvm_arm_hw_debug_active(CPUState *cs)
|
|
|
|
{
|
|
|
|
return ((cur_hw_wps > 0) || (cur_hw_bps > 0));
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool find_hw_breakpoint(CPUState *cpu, target_ulong pc)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < cur_hw_bps; i++) {
|
|
|
|
HWBreakpoint *bp = get_hw_bp(i);
|
|
|
|
if (bp->bvr == pc) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static CPUWatchpoint *find_hw_watchpoint(CPUState *cpu, target_ulong addr)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < cur_hw_wps; i++) {
|
|
|
|
if (check_watchpoint_in_range(i, addr)) {
|
|
|
|
return &get_hw_wp(i)->details;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2020-10-01 08:17:18 +02:00
|
|
|
static bool kvm_arm_set_device_attr(CPUState *cs, struct kvm_device_attr *attr,
|
|
|
|
const char *name)
|
2016-06-14 16:59:12 +02:00
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
err = kvm_vcpu_ioctl(cs, KVM_HAS_DEVICE_ATTR, attr);
|
|
|
|
if (err != 0) {
|
2020-10-01 08:17:18 +02:00
|
|
|
error_report("%s: KVM_HAS_DEVICE_ATTR: %s", name, strerror(-err));
|
2017-09-04 16:21:54 +02:00
|
|
|
return false;
|
2016-06-14 16:59:12 +02:00
|
|
|
}
|
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
err = kvm_vcpu_ioctl(cs, KVM_SET_DEVICE_ATTR, attr);
|
2017-09-04 16:21:54 +02:00
|
|
|
if (err != 0) {
|
2020-10-01 08:17:18 +02:00
|
|
|
error_report("%s: KVM_SET_DEVICE_ATTR: %s", name, strerror(-err));
|
2017-09-04 16:21:54 +02:00
|
|
|
return false;
|
2016-06-14 16:59:12 +02:00
|
|
|
}
|
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
return true;
|
|
|
|
}
|
2016-06-14 16:59:12 +02:00
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
void kvm_arm_pmu_init(CPUState *cs)
|
2017-09-04 16:21:54 +02:00
|
|
|
{
|
|
|
|
struct kvm_device_attr attr = {
|
|
|
|
.group = KVM_ARM_VCPU_PMU_V3_CTRL,
|
|
|
|
.attr = KVM_ARM_VCPU_PMU_V3_INIT,
|
|
|
|
};
|
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
if (!ARM_CPU(cs)->has_pmu) {
|
|
|
|
return;
|
|
|
|
}
|
2020-10-01 08:17:18 +02:00
|
|
|
if (!kvm_arm_set_device_attr(cs, &attr, "PMU")) {
|
2017-09-04 16:21:54 +02:00
|
|
|
error_report("failed to init PMU");
|
|
|
|
abort();
|
|
|
|
}
|
2017-09-04 16:21:54 +02:00
|
|
|
}
|
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
void kvm_arm_pmu_set_irq(CPUState *cs, int irq)
|
2017-09-04 16:21:54 +02:00
|
|
|
{
|
|
|
|
struct kvm_device_attr attr = {
|
|
|
|
.group = KVM_ARM_VCPU_PMU_V3_CTRL,
|
|
|
|
.addr = (intptr_t)&irq,
|
|
|
|
.attr = KVM_ARM_VCPU_PMU_V3_IRQ,
|
|
|
|
};
|
2016-06-14 16:59:12 +02:00
|
|
|
|
2017-09-04 16:21:54 +02:00
|
|
|
if (!ARM_CPU(cs)->has_pmu) {
|
|
|
|
return;
|
|
|
|
}
|
2020-10-01 08:17:18 +02:00
|
|
|
if (!kvm_arm_set_device_attr(cs, &attr, "PMU")) {
|
2017-09-04 16:21:54 +02:00
|
|
|
error_report("failed to set irq for PMU");
|
|
|
|
abort();
|
|
|
|
}
|
2016-06-14 16:59:12 +02:00
|
|
|
}
|
2015-12-17 14:37:15 +01:00
|
|
|
|
2020-10-01 08:17:18 +02:00
|
|
|
void kvm_arm_pvtime_init(CPUState *cs, uint64_t ipa)
|
|
|
|
{
|
|
|
|
struct kvm_device_attr attr = {
|
|
|
|
.group = KVM_ARM_VCPU_PVTIME_CTRL,
|
|
|
|
.attr = KVM_ARM_VCPU_PVTIME_IPA,
|
|
|
|
.addr = (uint64_t)&ipa,
|
|
|
|
};
|
|
|
|
|
|
|
|
if (ARM_CPU(cs)->kvm_steal_time == ON_OFF_AUTO_OFF) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (!kvm_arm_set_device_attr(cs, &attr, "PVTIME IPA")) {
|
|
|
|
error_report("failed to init PVTIME IPA");
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-19 16:29:07 +01:00
|
|
|
static int read_sys_reg32(int fd, uint32_t *pret, uint64_t id)
|
|
|
|
{
|
|
|
|
uint64_t ret;
|
|
|
|
struct kvm_one_reg idreg = { .id = id, .addr = (uintptr_t)&ret };
|
|
|
|
int err;
|
|
|
|
|
|
|
|
assert((id & KVM_REG_SIZE_MASK) == KVM_REG_SIZE_U64);
|
|
|
|
err = ioctl(fd, KVM_GET_ONE_REG, &idreg);
|
|
|
|
if (err < 0) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
*pret = ret;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int read_sys_reg64(int fd, uint64_t *pret, uint64_t id)
|
|
|
|
{
|
|
|
|
struct kvm_one_reg idreg = { .id = id, .addr = (uintptr_t)pret };
|
|
|
|
|
|
|
|
assert((id & KVM_REG_SIZE_MASK) == KVM_REG_SIZE_U64);
|
|
|
|
return ioctl(fd, KVM_GET_ONE_REG, &idreg);
|
|
|
|
}
|
|
|
|
|
2022-01-07 16:01:54 +01:00
|
|
|
static bool kvm_arm_pauth_supported(void)
|
|
|
|
{
|
|
|
|
return (kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_ADDRESS) &&
|
|
|
|
kvm_check_extension(kvm_state, KVM_CAP_ARM_PTRAUTH_GENERIC));
|
|
|
|
}
|
|
|
|
|
2018-03-09 18:09:44 +01:00
|
|
|
bool kvm_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
|
2013-12-17 20:42:30 +01:00
|
|
|
{
|
|
|
|
/* Identify the feature bits corresponding to the host CPU, and
|
|
|
|
* fill out the ARMHostCPUClass fields accordingly. To do this
|
|
|
|
* we have to create a scratch VM, create a single CPU inside it,
|
|
|
|
* and then query that CPU for the relevant ID registers.
|
|
|
|
*/
|
|
|
|
int fdarray[3];
|
2019-10-31 15:27:34 +01:00
|
|
|
bool sve_supported;
|
2013-12-17 20:42:30 +01:00
|
|
|
uint64_t features = 0;
|
2019-10-31 15:27:34 +01:00
|
|
|
uint64_t t;
|
2018-11-19 16:29:07 +01:00
|
|
|
int err;
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
/* Old kernels may not know about the PREFERRED_TARGET ioctl: however
|
|
|
|
* we know these will only support creating one kind of guest CPU,
|
|
|
|
* which is its preferred CPU type. Fortunately these old kernels
|
|
|
|
* support only a very limited number of CPUs.
|
|
|
|
*/
|
|
|
|
static const uint32_t cpus_to_try[] = {
|
|
|
|
KVM_ARM_TARGET_AEM_V8,
|
|
|
|
KVM_ARM_TARGET_FOUNDATION_V8,
|
|
|
|
KVM_ARM_TARGET_CORTEX_A57,
|
|
|
|
QEMU_KVM_ARM_TARGET_NONE
|
|
|
|
};
|
2019-10-31 15:27:32 +01:00
|
|
|
/*
|
|
|
|
* target = -1 informs kvm_arm_create_scratch_host_vcpu()
|
|
|
|
* to use the preferred target
|
|
|
|
*/
|
|
|
|
struct kvm_vcpu_init init = { .target = -1, };
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2022-01-07 16:01:54 +01:00
|
|
|
/*
|
|
|
|
* Ask for Pointer Authentication if supported. We can't play the
|
|
|
|
* SVE trick of synthesising the ID reg as KVM won't tell us
|
|
|
|
* whether we have the architected or IMPDEF version of PAuth, so
|
|
|
|
* we have to use the actual ID regs.
|
|
|
|
*/
|
|
|
|
if (kvm_arm_pauth_supported()) {
|
|
|
|
init.features[0] |= (1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS |
|
|
|
|
1 << KVM_ARM_VCPU_PTRAUTH_GENERIC);
|
|
|
|
}
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
if (!kvm_arm_create_scratch_host_vcpu(cpus_to_try, fdarray, &init)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2018-03-09 18:09:44 +01:00
|
|
|
ahcf->target = init.target;
|
|
|
|
ahcf->dtb_compatible = "arm,arm-v8";
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2018-11-19 16:29:07 +01:00
|
|
|
err = read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64pfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 4, 0));
|
|
|
|
if (unlikely(err < 0)) {
|
|
|
|
/*
|
|
|
|
* Before v4.15, the kernel only exposed a limited number of system
|
|
|
|
* registers, not including any of the interesting AArch64 ID regs.
|
|
|
|
* For the most part we could leave these fields as zero with minimal
|
|
|
|
* effect, since this does not affect the values seen by the guest.
|
|
|
|
*
|
|
|
|
* However, it could cause problems down the line for QEMU,
|
|
|
|
* so provide a minimal v8.0 default.
|
|
|
|
*
|
|
|
|
* ??? Could read MIDR and use knowledge from cpu64.c.
|
|
|
|
* ??? Could map a page of memory into our temp guest and
|
|
|
|
* run the tiniest of hand-crafted kernels to extract
|
|
|
|
* the values seen by the guest.
|
|
|
|
* ??? Either of these sounds like too much effort just
|
|
|
|
* to work around running a modern host kernel.
|
|
|
|
*/
|
|
|
|
ahcf->isar.id_aa64pfr0 = 0x00000011; /* EL1&0, AArch64 only */
|
|
|
|
err = 0;
|
|
|
|
} else {
|
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64pfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 4, 1));
|
2020-02-14 18:51:07 +01:00
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64dfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 5, 0));
|
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64dfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 5, 1));
|
2018-11-19 16:29:07 +01:00
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64isar0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 6, 0));
|
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64isar1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 6, 1));
|
2018-12-13 15:40:56 +01:00
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64mmfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 7, 0));
|
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64mmfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 7, 1));
|
2020-02-08 13:58:13 +01:00
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64mmfr2,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 7, 2));
|
2018-11-19 16:29:07 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Note that if AArch32 support is not present in the host,
|
|
|
|
* the AArch32 sysregs are present to be read, but will
|
|
|
|
* return UNKNOWN values. This is neither better nor worse
|
|
|
|
* than skipping the reads and leaving 0, as we must avoid
|
|
|
|
* considering the values in every case.
|
|
|
|
*/
|
2020-09-10 19:38:52 +02:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_pfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 0));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_pfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 1));
|
2021-01-28 13:00:09 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_pfr2,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 3, 4));
|
2020-02-14 18:51:07 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_dfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 2));
|
2020-02-14 18:51:13 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 4));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 5));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr2,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 6));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr3,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 1, 7));
|
2018-11-19 16:29:07 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 0));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 1));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar2,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 2));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar3,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 3));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar4,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 4));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar5,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 5));
|
2020-02-14 18:51:13 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_mmfr4,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 6));
|
2018-11-19 16:29:07 +01:00
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.id_isar6,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 2, 7));
|
|
|
|
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.mvfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 3, 0));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.mvfr1,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 3, 1));
|
|
|
|
err |= read_sys_reg32(fdarray[2], &ahcf->isar.mvfr2,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 3, 2));
|
2020-02-14 18:51:07 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* DBGDIDR is a bit complicated because the kernel doesn't
|
|
|
|
* provide an accessor for it in 64-bit mode, which is what this
|
|
|
|
* scratch VM is in, and there's no architected "64-bit sysreg
|
|
|
|
* which reads the same as the 32-bit register" the way there is
|
|
|
|
* for other ID registers. Instead we synthesize a value from the
|
|
|
|
* AArch64 ID_AA64DFR0, the same way the kernel code in
|
|
|
|
* arch/arm64/kvm/sys_regs.c:trap_dbgidr() does.
|
|
|
|
* We only do this if the CPU supports AArch32 at EL1.
|
|
|
|
*/
|
|
|
|
if (FIELD_EX32(ahcf->isar.id_aa64pfr0, ID_AA64PFR0, EL1) >= 2) {
|
|
|
|
int wrps = FIELD_EX64(ahcf->isar.id_aa64dfr0, ID_AA64DFR0, WRPS);
|
|
|
|
int brps = FIELD_EX64(ahcf->isar.id_aa64dfr0, ID_AA64DFR0, BRPS);
|
|
|
|
int ctx_cmps =
|
|
|
|
FIELD_EX64(ahcf->isar.id_aa64dfr0, ID_AA64DFR0, CTX_CMPS);
|
|
|
|
int version = 6; /* ARMv8 debug architecture */
|
|
|
|
bool has_el3 =
|
|
|
|
!!FIELD_EX32(ahcf->isar.id_aa64pfr0, ID_AA64PFR0, EL3);
|
|
|
|
uint32_t dbgdidr = 0;
|
|
|
|
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, WRPS, wrps);
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, BRPS, brps);
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, CTX_CMPS, ctx_cmps);
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, VERSION, version);
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, NSUHD_IMP, has_el3);
|
|
|
|
dbgdidr = FIELD_DP32(dbgdidr, DBGDIDR, SE_IMP, has_el3);
|
|
|
|
dbgdidr |= (1 << 15); /* RES1 bit */
|
|
|
|
ahcf->isar.dbgdidr = dbgdidr;
|
|
|
|
}
|
2018-11-19 16:29:07 +01:00
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:34 +01:00
|
|
|
sve_supported = ioctl(fdarray[0], KVM_CHECK_EXTENSION, KVM_CAP_ARM_SVE) > 0;
|
|
|
|
|
|
|
|
/* Add feature bits that can't appear until after VCPU init. */
|
|
|
|
if (sve_supported) {
|
|
|
|
t = ahcf->isar.id_aa64pfr0;
|
|
|
|
t = FIELD_DP64(t, ID_AA64PFR0, SVE, 1);
|
|
|
|
ahcf->isar.id_aa64pfr0 = t;
|
2021-05-25 03:02:27 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Before v5.1, KVM did not support SVE and did not expose
|
|
|
|
* ID_AA64ZFR0_EL1 even as RAZ. After v5.1, KVM still does
|
|
|
|
* not expose the register to "user" requests like this
|
|
|
|
* unless the host supports SVE.
|
|
|
|
*/
|
|
|
|
err |= read_sys_reg64(fdarray[2], &ahcf->isar.id_aa64zfr0,
|
|
|
|
ARM64_SYS_REG(3, 0, 0, 4, 4));
|
|
|
|
}
|
|
|
|
|
|
|
|
kvm_arm_destroy_scratch_host_vcpu(fdarray);
|
|
|
|
|
|
|
|
if (err < 0) {
|
|
|
|
return false;
|
2019-10-31 15:27:34 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We can assume any KVM supporting CPU is at least a v8
|
2013-12-17 20:42:30 +01:00
|
|
|
* with VFPv4+Neon; this in turn implies most of the other
|
|
|
|
* feature bits.
|
|
|
|
*/
|
2020-05-04 19:24:44 +02:00
|
|
|
features |= 1ULL << ARM_FEATURE_V8;
|
|
|
|
features |= 1ULL << ARM_FEATURE_NEON;
|
|
|
|
features |= 1ULL << ARM_FEATURE_AARCH64;
|
|
|
|
features |= 1ULL << ARM_FEATURE_PMU;
|
|
|
|
features |= 1ULL << ARM_FEATURE_GENERIC_TIMER;
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2018-03-09 18:09:44 +01:00
|
|
|
ahcf->features = features;
|
2013-12-17 20:42:30 +01:00
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2020-10-01 08:17:18 +02:00
|
|
|
void kvm_arm_steal_time_finalize(ARMCPU *cpu, Error **errp)
|
|
|
|
{
|
|
|
|
bool has_steal_time = kvm_arm_steal_time_supported();
|
|
|
|
|
|
|
|
if (cpu->kvm_steal_time == ON_OFF_AUTO_AUTO) {
|
|
|
|
if (!has_steal_time || !arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
|
|
|
|
cpu->kvm_steal_time = ON_OFF_AUTO_OFF;
|
|
|
|
} else {
|
|
|
|
cpu->kvm_steal_time = ON_OFF_AUTO_ON;
|
|
|
|
}
|
|
|
|
} else if (cpu->kvm_steal_time == ON_OFF_AUTO_ON) {
|
|
|
|
if (!has_steal_time) {
|
|
|
|
error_setg(errp, "'kvm-steal-time' cannot be enabled "
|
|
|
|
"on this host");
|
|
|
|
return;
|
|
|
|
} else if (!arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
|
|
|
|
/*
|
|
|
|
* DEN0057A chapter 2 says "This specification only covers
|
|
|
|
* systems in which the Execution state of the hypervisor
|
|
|
|
* as well as EL1 of virtual machines is AArch64.". And,
|
|
|
|
* to ensure that, the smc/hvc calls are only specified as
|
|
|
|
* smc64/hvc64.
|
|
|
|
*/
|
|
|
|
error_setg(errp, "'kvm-steal-time' cannot be enabled "
|
|
|
|
"for AArch32 guests");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
target/arm: Check supported KVM features globally (not per vCPU)
Since commit d70c996df23f, when enabling the PMU we get:
$ qemu-system-aarch64 -cpu host,pmu=on -M virt,accel=kvm,gic-version=3
Segmentation fault (core dumped)
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
2588 ret = ioctl(s->fd, type, arg);
(gdb) bt
#0 0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
#1 0x0000aaaaaae31568 in kvm_check_extension (s=0x0, extension=126) at accel/kvm/kvm-all.c:916
#2 0x0000aaaaaafce254 in kvm_arm_pmu_supported (cpu=0xaaaaac214ab0) at target/arm/kvm.c:213
#3 0x0000aaaaaafc0f94 in arm_set_pmu (obj=0xaaaaac214ab0, value=true, errp=0xffffffffe438) at target/arm/cpu.c:1111
#4 0x0000aaaaab5533ac in property_set_bool (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", opaque=0xaaaaac222730, errp=0xffffffffe438) at qom/object.c:2170
#5 0x0000aaaaab5512f0 in object_property_set (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1328
#6 0x0000aaaaab551e10 in object_property_parse (obj=0xaaaaac214ab0, string=0xaaaaac11b4c0 "on", name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1561
#7 0x0000aaaaab54ee8c in object_apply_global_props (obj=0xaaaaac214ab0, props=0xaaaaac018e20, errp=0xaaaaabd6fd88 <error_fatal>) at qom/object.c:407
#8 0x0000aaaaab1dd5a4 in qdev_prop_set_globals (dev=0xaaaaac214ab0) at hw/core/qdev-properties.c:1218
#9 0x0000aaaaab1d9fac in device_post_init (obj=0xaaaaac214ab0) at hw/core/qdev.c:1050
...
#15 0x0000aaaaab54f310 in object_initialize_with_type (obj=0xaaaaac214ab0, size=52208, type=0xaaaaabe237f0) at qom/object.c:512
#16 0x0000aaaaab54fa24 in object_new_with_type (type=0xaaaaabe237f0) at qom/object.c:687
#17 0x0000aaaaab54fa80 in object_new (typename=0xaaaaabe23970 "host-arm-cpu") at qom/object.c:702
#18 0x0000aaaaaaf04a74 in machvirt_init (machine=0xaaaaac0a8550) at hw/arm/virt.c:1770
#19 0x0000aaaaab1e8720 in machine_run_board_init (machine=0xaaaaac0a8550) at hw/core/machine.c:1138
#20 0x0000aaaaaaf95394 in qemu_init (argc=5, argv=0xffffffffea58, envp=0xffffffffea88) at softmmu/vl.c:4348
#21 0x0000aaaaaada3f74 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at softmmu/main.c:48
This is because in frame #2, cpu->kvm_state is still NULL
(the vCPU is not yet realized).
KVM has a hard requirement of all cores supporting the same
feature set. We only need to check if the accelerator supports
a feature, not each vCPU individually.
Fix by removing the 'CPUState *cpu' argument from the
kvm_arm_<FEATURE>_supported() functions.
Fixes: d70c996df23f ('Use CPUState::kvm_state in kvm_arm_pmu_supported')
Reported-by: Haibo Xu <haibo.xu@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-23 11:06:22 +02:00
|
|
|
bool kvm_arm_aarch32_supported(void)
|
2019-08-02 14:25:26 +02:00
|
|
|
{
|
target/arm: Check supported KVM features globally (not per vCPU)
Since commit d70c996df23f, when enabling the PMU we get:
$ qemu-system-aarch64 -cpu host,pmu=on -M virt,accel=kvm,gic-version=3
Segmentation fault (core dumped)
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
2588 ret = ioctl(s->fd, type, arg);
(gdb) bt
#0 0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
#1 0x0000aaaaaae31568 in kvm_check_extension (s=0x0, extension=126) at accel/kvm/kvm-all.c:916
#2 0x0000aaaaaafce254 in kvm_arm_pmu_supported (cpu=0xaaaaac214ab0) at target/arm/kvm.c:213
#3 0x0000aaaaaafc0f94 in arm_set_pmu (obj=0xaaaaac214ab0, value=true, errp=0xffffffffe438) at target/arm/cpu.c:1111
#4 0x0000aaaaab5533ac in property_set_bool (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", opaque=0xaaaaac222730, errp=0xffffffffe438) at qom/object.c:2170
#5 0x0000aaaaab5512f0 in object_property_set (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1328
#6 0x0000aaaaab551e10 in object_property_parse (obj=0xaaaaac214ab0, string=0xaaaaac11b4c0 "on", name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1561
#7 0x0000aaaaab54ee8c in object_apply_global_props (obj=0xaaaaac214ab0, props=0xaaaaac018e20, errp=0xaaaaabd6fd88 <error_fatal>) at qom/object.c:407
#8 0x0000aaaaab1dd5a4 in qdev_prop_set_globals (dev=0xaaaaac214ab0) at hw/core/qdev-properties.c:1218
#9 0x0000aaaaab1d9fac in device_post_init (obj=0xaaaaac214ab0) at hw/core/qdev.c:1050
...
#15 0x0000aaaaab54f310 in object_initialize_with_type (obj=0xaaaaac214ab0, size=52208, type=0xaaaaabe237f0) at qom/object.c:512
#16 0x0000aaaaab54fa24 in object_new_with_type (type=0xaaaaabe237f0) at qom/object.c:687
#17 0x0000aaaaab54fa80 in object_new (typename=0xaaaaabe23970 "host-arm-cpu") at qom/object.c:702
#18 0x0000aaaaaaf04a74 in machvirt_init (machine=0xaaaaac0a8550) at hw/arm/virt.c:1770
#19 0x0000aaaaab1e8720 in machine_run_board_init (machine=0xaaaaac0a8550) at hw/core/machine.c:1138
#20 0x0000aaaaaaf95394 in qemu_init (argc=5, argv=0xffffffffea58, envp=0xffffffffea88) at softmmu/vl.c:4348
#21 0x0000aaaaaada3f74 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at softmmu/main.c:48
This is because in frame #2, cpu->kvm_state is still NULL
(the vCPU is not yet realized).
KVM has a hard requirement of all cores supporting the same
feature set. We only need to check if the accelerator supports
a feature, not each vCPU individually.
Fix by removing the 'CPUState *cpu' argument from the
kvm_arm_<FEATURE>_supported() functions.
Fixes: d70c996df23f ('Use CPUState::kvm_state in kvm_arm_pmu_supported')
Reported-by: Haibo Xu <haibo.xu@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-23 11:06:22 +02:00
|
|
|
return kvm_check_extension(kvm_state, KVM_CAP_ARM_EL1_32BIT);
|
2019-08-02 14:25:26 +02:00
|
|
|
}
|
|
|
|
|
target/arm: Check supported KVM features globally (not per vCPU)
Since commit d70c996df23f, when enabling the PMU we get:
$ qemu-system-aarch64 -cpu host,pmu=on -M virt,accel=kvm,gic-version=3
Segmentation fault (core dumped)
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
2588 ret = ioctl(s->fd, type, arg);
(gdb) bt
#0 0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
#1 0x0000aaaaaae31568 in kvm_check_extension (s=0x0, extension=126) at accel/kvm/kvm-all.c:916
#2 0x0000aaaaaafce254 in kvm_arm_pmu_supported (cpu=0xaaaaac214ab0) at target/arm/kvm.c:213
#3 0x0000aaaaaafc0f94 in arm_set_pmu (obj=0xaaaaac214ab0, value=true, errp=0xffffffffe438) at target/arm/cpu.c:1111
#4 0x0000aaaaab5533ac in property_set_bool (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", opaque=0xaaaaac222730, errp=0xffffffffe438) at qom/object.c:2170
#5 0x0000aaaaab5512f0 in object_property_set (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1328
#6 0x0000aaaaab551e10 in object_property_parse (obj=0xaaaaac214ab0, string=0xaaaaac11b4c0 "on", name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1561
#7 0x0000aaaaab54ee8c in object_apply_global_props (obj=0xaaaaac214ab0, props=0xaaaaac018e20, errp=0xaaaaabd6fd88 <error_fatal>) at qom/object.c:407
#8 0x0000aaaaab1dd5a4 in qdev_prop_set_globals (dev=0xaaaaac214ab0) at hw/core/qdev-properties.c:1218
#9 0x0000aaaaab1d9fac in device_post_init (obj=0xaaaaac214ab0) at hw/core/qdev.c:1050
...
#15 0x0000aaaaab54f310 in object_initialize_with_type (obj=0xaaaaac214ab0, size=52208, type=0xaaaaabe237f0) at qom/object.c:512
#16 0x0000aaaaab54fa24 in object_new_with_type (type=0xaaaaabe237f0) at qom/object.c:687
#17 0x0000aaaaab54fa80 in object_new (typename=0xaaaaabe23970 "host-arm-cpu") at qom/object.c:702
#18 0x0000aaaaaaf04a74 in machvirt_init (machine=0xaaaaac0a8550) at hw/arm/virt.c:1770
#19 0x0000aaaaab1e8720 in machine_run_board_init (machine=0xaaaaac0a8550) at hw/core/machine.c:1138
#20 0x0000aaaaaaf95394 in qemu_init (argc=5, argv=0xffffffffea58, envp=0xffffffffea88) at softmmu/vl.c:4348
#21 0x0000aaaaaada3f74 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at softmmu/main.c:48
This is because in frame #2, cpu->kvm_state is still NULL
(the vCPU is not yet realized).
KVM has a hard requirement of all cores supporting the same
feature set. We only need to check if the accelerator supports
a feature, not each vCPU individually.
Fix by removing the 'CPUState *cpu' argument from the
kvm_arm_<FEATURE>_supported() functions.
Fixes: d70c996df23f ('Use CPUState::kvm_state in kvm_arm_pmu_supported')
Reported-by: Haibo Xu <haibo.xu@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-23 11:06:22 +02:00
|
|
|
bool kvm_arm_sve_supported(void)
|
2019-10-31 15:27:31 +01:00
|
|
|
{
|
target/arm: Check supported KVM features globally (not per vCPU)
Since commit d70c996df23f, when enabling the PMU we get:
$ qemu-system-aarch64 -cpu host,pmu=on -M virt,accel=kvm,gic-version=3
Segmentation fault (core dumped)
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
2588 ret = ioctl(s->fd, type, arg);
(gdb) bt
#0 0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
#1 0x0000aaaaaae31568 in kvm_check_extension (s=0x0, extension=126) at accel/kvm/kvm-all.c:916
#2 0x0000aaaaaafce254 in kvm_arm_pmu_supported (cpu=0xaaaaac214ab0) at target/arm/kvm.c:213
#3 0x0000aaaaaafc0f94 in arm_set_pmu (obj=0xaaaaac214ab0, value=true, errp=0xffffffffe438) at target/arm/cpu.c:1111
#4 0x0000aaaaab5533ac in property_set_bool (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", opaque=0xaaaaac222730, errp=0xffffffffe438) at qom/object.c:2170
#5 0x0000aaaaab5512f0 in object_property_set (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1328
#6 0x0000aaaaab551e10 in object_property_parse (obj=0xaaaaac214ab0, string=0xaaaaac11b4c0 "on", name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1561
#7 0x0000aaaaab54ee8c in object_apply_global_props (obj=0xaaaaac214ab0, props=0xaaaaac018e20, errp=0xaaaaabd6fd88 <error_fatal>) at qom/object.c:407
#8 0x0000aaaaab1dd5a4 in qdev_prop_set_globals (dev=0xaaaaac214ab0) at hw/core/qdev-properties.c:1218
#9 0x0000aaaaab1d9fac in device_post_init (obj=0xaaaaac214ab0) at hw/core/qdev.c:1050
...
#15 0x0000aaaaab54f310 in object_initialize_with_type (obj=0xaaaaac214ab0, size=52208, type=0xaaaaabe237f0) at qom/object.c:512
#16 0x0000aaaaab54fa24 in object_new_with_type (type=0xaaaaabe237f0) at qom/object.c:687
#17 0x0000aaaaab54fa80 in object_new (typename=0xaaaaabe23970 "host-arm-cpu") at qom/object.c:702
#18 0x0000aaaaaaf04a74 in machvirt_init (machine=0xaaaaac0a8550) at hw/arm/virt.c:1770
#19 0x0000aaaaab1e8720 in machine_run_board_init (machine=0xaaaaac0a8550) at hw/core/machine.c:1138
#20 0x0000aaaaaaf95394 in qemu_init (argc=5, argv=0xffffffffea58, envp=0xffffffffea88) at softmmu/vl.c:4348
#21 0x0000aaaaaada3f74 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at softmmu/main.c:48
This is because in frame #2, cpu->kvm_state is still NULL
(the vCPU is not yet realized).
KVM has a hard requirement of all cores supporting the same
feature set. We only need to check if the accelerator supports
a feature, not each vCPU individually.
Fix by removing the 'CPUState *cpu' argument from the
kvm_arm_<FEATURE>_supported() functions.
Fixes: d70c996df23f ('Use CPUState::kvm_state in kvm_arm_pmu_supported')
Reported-by: Haibo Xu <haibo.xu@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-23 11:06:22 +02:00
|
|
|
return kvm_check_extension(kvm_state, KVM_CAP_ARM_SVE);
|
2019-10-31 15:27:31 +01:00
|
|
|
}
|
|
|
|
|
2020-10-01 08:17:18 +02:00
|
|
|
bool kvm_arm_steal_time_supported(void)
|
|
|
|
{
|
|
|
|
return kvm_check_extension(kvm_state, KVM_CAP_STEAL_TIME);
|
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:33 +01:00
|
|
|
QEMU_BUILD_BUG_ON(KVM_ARM64_SVE_VQ_MIN != 1);
|
|
|
|
|
|
|
|
void kvm_arm_sve_get_vls(CPUState *cs, unsigned long *map)
|
|
|
|
{
|
|
|
|
/* Only call this function if kvm_arm_sve_supported() returns true. */
|
|
|
|
static uint64_t vls[KVM_ARM64_SVE_VLS_WORDS];
|
|
|
|
static bool probed;
|
|
|
|
uint32_t vq = 0;
|
|
|
|
int i, j;
|
|
|
|
|
2021-08-23 18:06:45 +02:00
|
|
|
bitmap_zero(map, ARM_MAX_VQ);
|
2019-10-31 15:27:33 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* KVM ensures all host CPUs support the same set of vector lengths.
|
|
|
|
* So we only need to create the scratch VCPUs once and then cache
|
|
|
|
* the results.
|
|
|
|
*/
|
|
|
|
if (!probed) {
|
|
|
|
struct kvm_vcpu_init init = {
|
|
|
|
.target = -1,
|
|
|
|
.features[0] = (1 << KVM_ARM_VCPU_SVE),
|
|
|
|
};
|
|
|
|
struct kvm_one_reg reg = {
|
|
|
|
.id = KVM_REG_ARM64_SVE_VLS,
|
|
|
|
.addr = (uint64_t)&vls[0],
|
|
|
|
};
|
|
|
|
int fdarray[3], ret;
|
|
|
|
|
|
|
|
probed = true;
|
|
|
|
|
|
|
|
if (!kvm_arm_create_scratch_host_vcpu(NULL, fdarray, &init)) {
|
|
|
|
error_report("failed to create scratch VCPU with SVE enabled");
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
ret = ioctl(fdarray[2], KVM_GET_ONE_REG, ®);
|
|
|
|
kvm_arm_destroy_scratch_host_vcpu(fdarray);
|
|
|
|
if (ret) {
|
|
|
|
error_report("failed to get KVM_REG_ARM64_SVE_VLS: %s",
|
|
|
|
strerror(errno));
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = KVM_ARM64_SVE_VLS_WORDS - 1; i >= 0; --i) {
|
|
|
|
if (vls[i]) {
|
|
|
|
vq = 64 - clz64(vls[i]) + i * 64;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (vq > ARM_MAX_VQ) {
|
|
|
|
warn_report("KVM supports vector lengths larger than "
|
|
|
|
"QEMU can enable");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < KVM_ARM64_SVE_VLS_WORDS; ++i) {
|
|
|
|
if (!vls[i]) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
for (j = 1; j <= 64; ++j) {
|
|
|
|
vq = j + i * 64;
|
|
|
|
if (vq > ARM_MAX_VQ) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (vls[i] & (1UL << (j - 1))) {
|
|
|
|
set_bit(vq - 1, map);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static int kvm_arm_sve_set_vls(CPUState *cs)
|
|
|
|
{
|
|
|
|
uint64_t vls[KVM_ARM64_SVE_VLS_WORDS] = {0};
|
|
|
|
struct kvm_one_reg reg = {
|
|
|
|
.id = KVM_REG_ARM64_SVE_VLS,
|
|
|
|
.addr = (uint64_t)&vls[0],
|
|
|
|
};
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
uint32_t vq;
|
|
|
|
int i, j;
|
|
|
|
|
|
|
|
assert(cpu->sve_max_vq <= KVM_ARM64_SVE_VQ_MAX);
|
|
|
|
|
|
|
|
for (vq = 1; vq <= cpu->sve_max_vq; ++vq) {
|
|
|
|
if (test_bit(vq - 1, cpu->sve_vq_map)) {
|
|
|
|
i = (vq - 1) / 64;
|
|
|
|
j = (vq - 1) % 64;
|
|
|
|
vls[i] |= 1UL << j;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
}
|
|
|
|
|
2015-06-15 19:06:09 +02:00
|
|
|
#define ARM_CPU_ID_MPIDR 3, 0, 0, 0, 5
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
int kvm_arch_init_vcpu(CPUState *cs)
|
|
|
|
{
|
|
|
|
int ret;
|
2015-06-15 19:06:09 +02:00
|
|
|
uint64_t mpidr;
|
2014-06-19 19:06:26 +02:00
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
2016-10-28 15:12:31 +02:00
|
|
|
CPUARMState *env = &cpu->env;
|
2013-12-17 20:42:30 +01:00
|
|
|
|
|
|
|
if (cpu->kvm_target == QEMU_KVM_ARM_TARGET_NONE ||
|
2015-02-13 06:46:08 +01:00
|
|
|
!object_dynamic_cast(OBJECT(cpu), TYPE_AARCH64_CPU)) {
|
2019-10-31 15:27:33 +01:00
|
|
|
error_report("KVM is not supported for this guest CPU type");
|
2013-12-17 20:42:30 +01:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2020-01-30 17:02:06 +01:00
|
|
|
qemu_add_vm_change_state_handler(kvm_arm_vm_state_change, cs);
|
|
|
|
|
2014-06-19 19:06:26 +02:00
|
|
|
/* Determine init features for this CPU */
|
|
|
|
memset(cpu->kvm_init_features, 0, sizeof(cpu->kvm_init_features));
|
2020-08-26 07:55:28 +02:00
|
|
|
if (cs->start_powered_off) {
|
2014-06-19 19:06:26 +02:00
|
|
|
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_POWER_OFF;
|
|
|
|
}
|
2014-06-19 19:06:26 +02:00
|
|
|
if (kvm_check_extension(cs->kvm_state, KVM_CAP_ARM_PSCI_0_2)) {
|
2014-06-19 19:06:26 +02:00
|
|
|
cpu->psci_version = 2;
|
2014-06-19 19:06:26 +02:00
|
|
|
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_PSCI_0_2;
|
|
|
|
}
|
2015-02-13 06:46:08 +01:00
|
|
|
if (!arm_feature(&cpu->env, ARM_FEATURE_AARCH64)) {
|
|
|
|
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_EL1_32BIT;
|
|
|
|
}
|
2017-09-04 16:21:54 +02:00
|
|
|
if (!kvm_check_extension(cs->kvm_state, KVM_CAP_ARM_PMU_V3)) {
|
2019-10-31 15:27:31 +01:00
|
|
|
cpu->has_pmu = false;
|
2016-10-28 15:12:31 +02:00
|
|
|
}
|
|
|
|
if (cpu->has_pmu) {
|
2016-06-14 16:59:12 +02:00
|
|
|
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_PMU_V3;
|
2016-10-28 15:12:31 +02:00
|
|
|
} else {
|
2020-05-04 19:24:44 +02:00
|
|
|
env->features &= ~(1ULL << ARM_FEATURE_PMU);
|
2016-06-14 16:59:12 +02:00
|
|
|
}
|
2019-10-31 15:27:31 +01:00
|
|
|
if (cpu_isar_feature(aa64_sve, cpu)) {
|
target/arm: Check supported KVM features globally (not per vCPU)
Since commit d70c996df23f, when enabling the PMU we get:
$ qemu-system-aarch64 -cpu host,pmu=on -M virt,accel=kvm,gic-version=3
Segmentation fault (core dumped)
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
2588 ret = ioctl(s->fd, type, arg);
(gdb) bt
#0 0x0000aaaaaae356d0 in kvm_ioctl (s=0x0, type=44547) at accel/kvm/kvm-all.c:2588
#1 0x0000aaaaaae31568 in kvm_check_extension (s=0x0, extension=126) at accel/kvm/kvm-all.c:916
#2 0x0000aaaaaafce254 in kvm_arm_pmu_supported (cpu=0xaaaaac214ab0) at target/arm/kvm.c:213
#3 0x0000aaaaaafc0f94 in arm_set_pmu (obj=0xaaaaac214ab0, value=true, errp=0xffffffffe438) at target/arm/cpu.c:1111
#4 0x0000aaaaab5533ac in property_set_bool (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", opaque=0xaaaaac222730, errp=0xffffffffe438) at qom/object.c:2170
#5 0x0000aaaaab5512f0 in object_property_set (obj=0xaaaaac214ab0, v=0xaaaaac223a80, name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1328
#6 0x0000aaaaab551e10 in object_property_parse (obj=0xaaaaac214ab0, string=0xaaaaac11b4c0 "on", name=0xaaaaac11a970 "pmu", errp=0xffffffffe438) at qom/object.c:1561
#7 0x0000aaaaab54ee8c in object_apply_global_props (obj=0xaaaaac214ab0, props=0xaaaaac018e20, errp=0xaaaaabd6fd88 <error_fatal>) at qom/object.c:407
#8 0x0000aaaaab1dd5a4 in qdev_prop_set_globals (dev=0xaaaaac214ab0) at hw/core/qdev-properties.c:1218
#9 0x0000aaaaab1d9fac in device_post_init (obj=0xaaaaac214ab0) at hw/core/qdev.c:1050
...
#15 0x0000aaaaab54f310 in object_initialize_with_type (obj=0xaaaaac214ab0, size=52208, type=0xaaaaabe237f0) at qom/object.c:512
#16 0x0000aaaaab54fa24 in object_new_with_type (type=0xaaaaabe237f0) at qom/object.c:687
#17 0x0000aaaaab54fa80 in object_new (typename=0xaaaaabe23970 "host-arm-cpu") at qom/object.c:702
#18 0x0000aaaaaaf04a74 in machvirt_init (machine=0xaaaaac0a8550) at hw/arm/virt.c:1770
#19 0x0000aaaaab1e8720 in machine_run_board_init (machine=0xaaaaac0a8550) at hw/core/machine.c:1138
#20 0x0000aaaaaaf95394 in qemu_init (argc=5, argv=0xffffffffea58, envp=0xffffffffea88) at softmmu/vl.c:4348
#21 0x0000aaaaaada3f74 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at softmmu/main.c:48
This is because in frame #2, cpu->kvm_state is still NULL
(the vCPU is not yet realized).
KVM has a hard requirement of all cores supporting the same
feature set. We only need to check if the accelerator supports
a feature, not each vCPU individually.
Fix by removing the 'CPUState *cpu' argument from the
kvm_arm_<FEATURE>_supported() functions.
Fixes: d70c996df23f ('Use CPUState::kvm_state in kvm_arm_pmu_supported')
Reported-by: Haibo Xu <haibo.xu@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-06-23 11:06:22 +02:00
|
|
|
assert(kvm_arm_sve_supported());
|
2019-10-31 15:27:31 +01:00
|
|
|
cpu->kvm_init_features[0] |= 1 << KVM_ARM_VCPU_SVE;
|
|
|
|
}
|
2022-01-07 16:01:54 +01:00
|
|
|
if (cpu_isar_feature(aa64_pauth, cpu)) {
|
|
|
|
cpu->kvm_init_features[0] |= (1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS |
|
|
|
|
1 << KVM_ARM_VCPU_PTRAUTH_GENERIC);
|
|
|
|
}
|
2014-06-19 19:06:26 +02:00
|
|
|
|
|
|
|
/* Do KVM_ARM_VCPU_INIT ioctl */
|
|
|
|
ret = kvm_arm_vcpu_init(cs);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
2013-12-17 20:42:30 +01:00
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:31 +01:00
|
|
|
if (cpu_isar_feature(aa64_sve, cpu)) {
|
2019-10-31 15:27:33 +01:00
|
|
|
ret = kvm_arm_sve_set_vls(cs);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
2019-10-31 15:27:31 +01:00
|
|
|
ret = kvm_arm_vcpu_finalize(cs, KVM_ARM_VCPU_SVE);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-15 19:06:09 +02:00
|
|
|
/*
|
|
|
|
* When KVM is in use, PSCI is emulated in-kernel and not by qemu.
|
|
|
|
* Currently KVM has its own idea about MPIDR assignment, so we
|
|
|
|
* override our defaults with what we get from KVM.
|
|
|
|
*/
|
|
|
|
ret = kvm_get_one_reg(cs, ARM64_SYS_REG(ARM_CPU_ID_MPIDR), &mpidr);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
2015-09-07 11:39:31 +02:00
|
|
|
cpu->mp_affinity = mpidr & ARM64_AFFINITY_MASK;
|
2015-06-15 19:06:09 +02:00
|
|
|
|
2015-12-17 14:37:14 +01:00
|
|
|
kvm_arm_init_debug(cs);
|
|
|
|
|
2018-10-24 08:50:16 +02:00
|
|
|
/* Check whether user space can specify guest syndrome value */
|
|
|
|
kvm_arm_init_serror_injection(cs);
|
|
|
|
|
2014-12-11 13:07:53 +01:00
|
|
|
return kvm_arm_init_cpreg_list(cpu);
|
|
|
|
}
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2019-06-19 18:21:32 +02:00
|
|
|
int kvm_arch_destroy_vcpu(CPUState *cs)
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2014-12-11 13:07:53 +01:00
|
|
|
bool kvm_arm_reg_syncs_via_cpreg_list(uint64_t regidx)
|
|
|
|
{
|
|
|
|
/* Return true if the regidx is a register we should synchronize
|
2019-10-31 15:27:30 +01:00
|
|
|
* via the cpreg_tuples array (ie is not a core or sve reg that
|
|
|
|
* we sync by hand in kvm_arch_get/put_registers())
|
2014-12-11 13:07:53 +01:00
|
|
|
*/
|
|
|
|
switch (regidx & KVM_REG_ARM_COPROC_MASK) {
|
|
|
|
case KVM_REG_ARM_CORE:
|
2019-10-31 15:27:30 +01:00
|
|
|
case KVM_REG_ARM64_SVE:
|
2014-12-11 13:07:53 +01:00
|
|
|
return false;
|
|
|
|
default:
|
|
|
|
return true;
|
|
|
|
}
|
2013-12-17 20:42:30 +01:00
|
|
|
}
|
|
|
|
|
2015-07-21 12:18:45 +02:00
|
|
|
typedef struct CPRegStateLevel {
|
|
|
|
uint64_t regidx;
|
|
|
|
int level;
|
|
|
|
} CPRegStateLevel;
|
|
|
|
|
|
|
|
/* All system registers not listed in the following table are assumed to be
|
|
|
|
* of the level KVM_PUT_RUNTIME_STATE. If a register should be written less
|
|
|
|
* often, you must add it to this table with a state of either
|
|
|
|
* KVM_PUT_RESET_STATE or KVM_PUT_FULL_STATE.
|
|
|
|
*/
|
|
|
|
static const CPRegStateLevel non_runtime_cpregs[] = {
|
|
|
|
{ KVM_REG_ARM_TIMER_CNT, KVM_PUT_FULL_STATE },
|
|
|
|
};
|
|
|
|
|
|
|
|
int kvm_arm_cpreg_level(uint64_t regidx)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_SIZE(non_runtime_cpregs); i++) {
|
|
|
|
const CPRegStateLevel *l = &non_runtime_cpregs[i];
|
|
|
|
if (l->regidx == regidx) {
|
|
|
|
return l->level;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return KVM_PUT_RUNTIME_STATE;
|
|
|
|
}
|
|
|
|
|
target-arm: kvm64: handle SIGBUS signal from kernel or KVM
Add a SIGBUS signal handler. In this handler, it checks the SIGBUS type,
translates the host VA delivered by host to guest PA, then fills this PA
to guest APEI GHES memory, then notifies guest according to the SIGBUS
type.
When guest accesses the poisoned memory, it will generate a Synchronous
External Abort(SEA). Then host kernel gets an APEI notification and calls
memory_failure() to unmapped the affected page in stage 2, finally
returns to guest.
Guest continues to access the PG_hwpoison page, it will trap to KVM as
stage2 fault, then a SIGBUS_MCEERR_AR synchronous signal is delivered to
Qemu, Qemu records this error address into guest APEI GHES memory and
notifes guest using Synchronous-External-Abort(SEA).
In order to inject a vSEA, we introduce the kvm_inject_arm_sea() function
in which we can setup the type of exception and the syndrome information.
When switching to guest, the target vcpu will jump to the synchronous
external abort vector table entry.
The ESR_ELx.DFSC is set to synchronous external abort(0x10), and the
ESR_ELx.FnV is set to not valid(0x1), which will tell guest that FAR is
not valid and hold an UNKNOWN value. These values will be set to KVM
register structures through KVM_SET_ONE_REG IOCTL.
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
Signed-off-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20200512030609.19593-10-gengdongjiu@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-12 05:06:08 +02:00
|
|
|
/* Callers must hold the iothread mutex lock */
|
|
|
|
static void kvm_inject_arm_sea(CPUState *c)
|
|
|
|
{
|
|
|
|
ARMCPU *cpu = ARM_CPU(c);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
uint32_t esr;
|
|
|
|
bool same_el;
|
|
|
|
|
|
|
|
c->exception_index = EXCP_DATA_ABORT;
|
|
|
|
env->exception.target_el = 1;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Set the DFSC to synchronous external abort and set FnV to not valid,
|
|
|
|
* this will tell guest the FAR_ELx is UNKNOWN for this abort.
|
|
|
|
*/
|
|
|
|
same_el = arm_current_el(env) == env->exception.target_el;
|
|
|
|
esr = syn_data_abort_no_iss(same_el, 1, 0, 0, 0, 0, 0x10);
|
|
|
|
|
|
|
|
env->exception.syndrome = esr;
|
|
|
|
|
2021-02-04 17:39:16 +01:00
|
|
|
arm_cpu_do_interrupt(c);
|
target-arm: kvm64: handle SIGBUS signal from kernel or KVM
Add a SIGBUS signal handler. In this handler, it checks the SIGBUS type,
translates the host VA delivered by host to guest PA, then fills this PA
to guest APEI GHES memory, then notifies guest according to the SIGBUS
type.
When guest accesses the poisoned memory, it will generate a Synchronous
External Abort(SEA). Then host kernel gets an APEI notification and calls
memory_failure() to unmapped the affected page in stage 2, finally
returns to guest.
Guest continues to access the PG_hwpoison page, it will trap to KVM as
stage2 fault, then a SIGBUS_MCEERR_AR synchronous signal is delivered to
Qemu, Qemu records this error address into guest APEI GHES memory and
notifes guest using Synchronous-External-Abort(SEA).
In order to inject a vSEA, we introduce the kvm_inject_arm_sea() function
in which we can setup the type of exception and the syndrome information.
When switching to guest, the target vcpu will jump to the synchronous
external abort vector table entry.
The ESR_ELx.DFSC is set to synchronous external abort(0x10), and the
ESR_ELx.FnV is set to not valid(0x1), which will tell guest that FAR is
not valid and hold an UNKNOWN value. These values will be set to KVM
register structures through KVM_SET_ONE_REG IOCTL.
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
Signed-off-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20200512030609.19593-10-gengdongjiu@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-12 05:06:08 +02:00
|
|
|
}
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
#define AARCH64_CORE_REG(x) (KVM_REG_ARM64 | KVM_REG_SIZE_U64 | \
|
|
|
|
KVM_REG_ARM_CORE | KVM_REG_ARM_CORE_REG(x))
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
#define AARCH64_SIMD_CORE_REG(x) (KVM_REG_ARM64 | KVM_REG_SIZE_U128 | \
|
|
|
|
KVM_REG_ARM_CORE | KVM_REG_ARM_CORE_REG(x))
|
|
|
|
|
|
|
|
#define AARCH64_SIMD_CTRL_REG(x) (KVM_REG_ARM64 | KVM_REG_SIZE_U32 | \
|
|
|
|
KVM_REG_ARM_CORE | KVM_REG_ARM_CORE_REG(x))
|
|
|
|
|
2019-08-02 14:25:35 +02:00
|
|
|
static int kvm_arch_put_fpsimd(CPUState *cs)
|
2013-12-17 20:42:30 +01:00
|
|
|
{
|
2019-10-31 15:27:30 +01:00
|
|
|
CPUARMState *env = &ARM_CPU(cs)->env;
|
2013-12-17 20:42:30 +01:00
|
|
|
struct kvm_one_reg reg;
|
2019-08-02 14:25:35 +02:00
|
|
|
int i, ret;
|
|
|
|
|
|
|
|
for (i = 0; i < 32; i++) {
|
|
|
|
uint64_t *q = aa64_vfp_qreg(env, i);
|
|
|
|
#ifdef HOST_WORDS_BIGENDIAN
|
|
|
|
uint64_t fp_val[2] = { q[1], q[0] };
|
|
|
|
reg.addr = (uintptr_t)fp_val;
|
|
|
|
#else
|
|
|
|
reg.addr = (uintptr_t)q;
|
|
|
|
#endif
|
|
|
|
reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:30 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* KVM SVE registers come in slices where ZREGs have a slice size of 2048 bits
|
|
|
|
* and PREGS and the FFR have a slice size of 256 bits. However we simply hard
|
|
|
|
* code the slice index to zero for now as it's unlikely we'll need more than
|
|
|
|
* one slice for quite some time.
|
|
|
|
*/
|
|
|
|
static int kvm_arch_put_sve(CPUState *cs)
|
|
|
|
{
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
uint64_t tmp[ARM_MAX_VQ * 2];
|
|
|
|
uint64_t *r;
|
|
|
|
struct kvm_one_reg reg;
|
|
|
|
int n, ret;
|
|
|
|
|
|
|
|
for (n = 0; n < KVM_ARM64_SVE_NUM_ZREGS; ++n) {
|
|
|
|
r = sve_bswap64(tmp, &env->vfp.zregs[n].d[0], cpu->sve_max_vq * 2);
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_ZREG(n, 0);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (n = 0; n < KVM_ARM64_SVE_NUM_PREGS; ++n) {
|
|
|
|
r = sve_bswap64(tmp, r = &env->vfp.pregs[n].p[0],
|
|
|
|
DIV_ROUND_UP(cpu->sve_max_vq * 2, 8));
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_PREG(n, 0);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
r = sve_bswap64(tmp, &env->vfp.pregs[FFR_PRED_NUM].p[0],
|
|
|
|
DIV_ROUND_UP(cpu->sve_max_vq * 2, 8));
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_FFR(0);
|
2019-08-02 14:25:35 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int kvm_arch_put_registers(CPUState *cs, int level)
|
|
|
|
{
|
|
|
|
struct kvm_one_reg reg;
|
2013-12-17 20:42:30 +01:00
|
|
|
uint64_t val;
|
2019-10-31 15:27:30 +01:00
|
|
|
uint32_t fpr;
|
2019-08-02 14:25:35 +02:00
|
|
|
int i, ret;
|
2015-04-01 18:57:30 +02:00
|
|
|
unsigned int el;
|
2013-12-17 20:42:30 +01:00
|
|
|
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
|
2015-02-13 06:46:08 +01:00
|
|
|
/* If we are in AArch32 mode then we need to copy the AArch32 regs to the
|
|
|
|
* AArch64 registers before pushing them out to 64-bit KVM.
|
|
|
|
*/
|
|
|
|
if (!is_a64(env)) {
|
|
|
|
aarch64_sync_32_to_64(env);
|
|
|
|
}
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
for (i = 0; i < 31; i++) {
|
|
|
|
reg.id = AARCH64_CORE_REG(regs.regs[i]);
|
|
|
|
reg.addr = (uintptr_t) &env->xregs[i];
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-04-15 20:18:43 +02:00
|
|
|
/* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the
|
|
|
|
* QEMU side we keep the current SP in xregs[31] as well.
|
|
|
|
*/
|
2014-08-04 15:41:54 +02:00
|
|
|
aarch64_save_sp(env, 1);
|
2014-04-15 20:18:43 +02:00
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
reg.id = AARCH64_CORE_REG(regs.sp);
|
2014-04-15 20:18:43 +02:00
|
|
|
reg.addr = (uintptr_t) &env->sp_el[0];
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.id = AARCH64_CORE_REG(sp_el1);
|
|
|
|
reg.addr = (uintptr_t) &env->sp_el[1];
|
2013-12-17 20:42:30 +01:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Note that KVM thinks pstate is 64 bit but we use a uint32_t */
|
2015-02-13 06:46:08 +01:00
|
|
|
if (is_a64(env)) {
|
|
|
|
val = pstate_read(env);
|
|
|
|
} else {
|
|
|
|
val = cpsr_read(env);
|
|
|
|
}
|
2013-12-17 20:42:30 +01:00
|
|
|
reg.id = AARCH64_CORE_REG(regs.pstate);
|
|
|
|
reg.addr = (uintptr_t) &val;
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.id = AARCH64_CORE_REG(regs.pc);
|
|
|
|
reg.addr = (uintptr_t) &env->pc;
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2014-04-15 20:18:42 +02:00
|
|
|
reg.id = AARCH64_CORE_REG(elr_el1);
|
2014-05-27 18:09:51 +02:00
|
|
|
reg.addr = (uintptr_t) &env->elr_el[1];
|
2014-04-15 20:18:42 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
/* Saved Program State Registers
|
|
|
|
*
|
|
|
|
* Before we restore from the banked_spsr[] array we need to
|
|
|
|
* ensure that any modifications to env->spsr are correctly
|
|
|
|
* reflected in the banks.
|
|
|
|
*/
|
|
|
|
el = arm_current_el(env);
|
|
|
|
if (el > 0 && !is_a64(env)) {
|
|
|
|
i = bank_number(env->uncached_cpsr & CPSR_M);
|
|
|
|
env->banked_spsr[i] = env->spsr;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* KVM 0-4 map to QEMU banks 1-5 */
|
2014-04-15 20:18:43 +02:00
|
|
|
for (i = 0; i < KVM_NR_SPSR; i++) {
|
|
|
|
reg.id = AARCH64_CORE_REG(spsr[i]);
|
2015-04-01 18:57:30 +02:00
|
|
|
reg.addr = (uintptr_t) &env->banked_spsr[i + 1];
|
2014-04-15 20:18:43 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:30 +01:00
|
|
|
if (cpu_isar_feature(aa64_sve, cpu)) {
|
|
|
|
ret = kvm_arch_put_sve(cs);
|
|
|
|
} else {
|
|
|
|
ret = kvm_arch_put_fpsimd(cs);
|
|
|
|
}
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.addr = (uintptr_t)(&fpr);
|
|
|
|
fpr = vfp_get_fpsr(env);
|
|
|
|
reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.addr = (uintptr_t)(&fpr);
|
|
|
|
fpr = vfp_get_fpcr(env);
|
|
|
|
reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_SET_ONE_REG, ®);
|
2019-08-02 14:25:35 +02:00
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
write_cpustate_to_list(cpu, true);
|
|
|
|
|
|
|
|
if (!write_list_to_kvmstate(cpu, level)) {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2020-03-12 01:34:00 +01:00
|
|
|
/*
|
|
|
|
* Setting VCPU events should be triggered after syncing the registers
|
|
|
|
* to avoid overwriting potential changes made by KVM upon calling
|
|
|
|
* KVM_SET_VCPU_EVENTS ioctl
|
|
|
|
*/
|
|
|
|
ret = kvm_put_vcpu_events(cpu);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2019-08-02 14:25:35 +02:00
|
|
|
kvm_arm_sync_mpstate_to_kvm(cpu);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int kvm_arch_get_fpsimd(CPUState *cs)
|
|
|
|
{
|
2019-10-31 15:27:30 +01:00
|
|
|
CPUARMState *env = &ARM_CPU(cs)->env;
|
2019-08-02 14:25:35 +02:00
|
|
|
struct kvm_one_reg reg;
|
|
|
|
int i, ret;
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
for (i = 0; i < 32; i++) {
|
2018-01-25 12:45:29 +01:00
|
|
|
uint64_t *q = aa64_vfp_qreg(env, i);
|
2015-04-01 18:57:30 +02:00
|
|
|
reg.id = AARCH64_SIMD_CORE_REG(fp_regs.vregs[i]);
|
2019-08-02 14:25:35 +02:00
|
|
|
reg.addr = (uintptr_t)q;
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
2015-04-01 18:57:30 +02:00
|
|
|
if (ret) {
|
|
|
|
return ret;
|
2019-08-02 14:25:35 +02:00
|
|
|
} else {
|
|
|
|
#ifdef HOST_WORDS_BIGENDIAN
|
|
|
|
uint64_t t;
|
|
|
|
t = q[0], q[0] = q[1], q[1] = t;
|
|
|
|
#endif
|
2015-04-01 18:57:30 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:30 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* KVM SVE registers come in slices where ZREGs have a slice size of 2048 bits
|
|
|
|
* and PREGS and the FFR have a slice size of 256 bits. However we simply hard
|
|
|
|
* code the slice index to zero for now as it's unlikely we'll need more than
|
|
|
|
* one slice for quite some time.
|
|
|
|
*/
|
|
|
|
static int kvm_arch_get_sve(CPUState *cs)
|
|
|
|
{
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
struct kvm_one_reg reg;
|
|
|
|
uint64_t *r;
|
|
|
|
int n, ret;
|
|
|
|
|
|
|
|
for (n = 0; n < KVM_ARM64_SVE_NUM_ZREGS; ++n) {
|
|
|
|
r = &env->vfp.zregs[n].d[0];
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_ZREG(n, 0);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
sve_bswap64(r, r, cpu->sve_max_vq * 2);
|
2015-04-01 18:57:30 +02:00
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:30 +01:00
|
|
|
for (n = 0; n < KVM_ARM64_SVE_NUM_PREGS; ++n) {
|
|
|
|
r = &env->vfp.pregs[n].p[0];
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_PREG(n, 0);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
sve_bswap64(r, r, DIV_ROUND_UP(cpu->sve_max_vq * 2, 8));
|
|
|
|
}
|
|
|
|
|
|
|
|
r = &env->vfp.pregs[FFR_PRED_NUM].p[0];
|
|
|
|
reg.addr = (uintptr_t)r;
|
|
|
|
reg.id = KVM_REG_ARM64_SVE_FFR(0);
|
2019-08-02 14:25:35 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
2018-10-24 08:50:16 +02:00
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
2019-10-31 15:27:30 +01:00
|
|
|
sve_bswap64(r, r, DIV_ROUND_UP(cpu->sve_max_vq * 2, 8));
|
2018-10-24 08:50:16 +02:00
|
|
|
|
2019-08-02 14:25:35 +02:00
|
|
|
return 0;
|
2013-12-17 20:42:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
int kvm_arch_get_registers(CPUState *cs)
|
|
|
|
{
|
|
|
|
struct kvm_one_reg reg;
|
|
|
|
uint64_t val;
|
2015-04-01 18:57:30 +02:00
|
|
|
unsigned int el;
|
2019-10-31 15:27:30 +01:00
|
|
|
uint32_t fpr;
|
2019-08-02 14:25:35 +02:00
|
|
|
int i, ret;
|
2013-12-17 20:42:30 +01:00
|
|
|
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
|
|
|
|
for (i = 0; i < 31; i++) {
|
|
|
|
reg.id = AARCH64_CORE_REG(regs.regs[i]);
|
|
|
|
reg.addr = (uintptr_t) &env->xregs[i];
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.id = AARCH64_CORE_REG(regs.sp);
|
2014-04-15 20:18:43 +02:00
|
|
|
reg.addr = (uintptr_t) &env->sp_el[0];
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.id = AARCH64_CORE_REG(sp_el1);
|
|
|
|
reg.addr = (uintptr_t) &env->sp_el[1];
|
2013-12-17 20:42:30 +01:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.id = AARCH64_CORE_REG(regs.pstate);
|
|
|
|
reg.addr = (uintptr_t) &val;
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
2015-02-13 06:46:08 +01:00
|
|
|
|
|
|
|
env->aarch64 = ((val & PSTATE_nRW) == 0);
|
|
|
|
if (is_a64(env)) {
|
|
|
|
pstate_write(env, val);
|
|
|
|
} else {
|
2016-02-23 16:36:43 +01:00
|
|
|
cpsr_write(env, val, 0xffffffff, CPSRWriteRaw);
|
2015-02-13 06:46:08 +01:00
|
|
|
}
|
2013-12-17 20:42:30 +01:00
|
|
|
|
2014-04-15 20:18:43 +02:00
|
|
|
/* KVM puts SP_EL0 in regs.sp and SP_EL1 in regs.sp_el1. On the
|
|
|
|
* QEMU side we keep the current SP in xregs[31] as well.
|
|
|
|
*/
|
2014-08-04 15:41:54 +02:00
|
|
|
aarch64_restore_sp(env, 1);
|
2014-04-15 20:18:43 +02:00
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
reg.id = AARCH64_CORE_REG(regs.pc);
|
|
|
|
reg.addr = (uintptr_t) &env->pc;
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-02-13 06:46:08 +01:00
|
|
|
/* If we are in AArch32 mode then we need to sync the AArch32 regs with the
|
|
|
|
* incoming AArch64 regs received from 64-bit KVM.
|
|
|
|
* We must perform this after all of the registers have been acquired from
|
|
|
|
* the kernel.
|
|
|
|
*/
|
|
|
|
if (!is_a64(env)) {
|
|
|
|
aarch64_sync_64_to_32(env);
|
|
|
|
}
|
|
|
|
|
2014-04-15 20:18:42 +02:00
|
|
|
reg.id = AARCH64_CORE_REG(elr_el1);
|
2014-05-27 18:09:51 +02:00
|
|
|
reg.addr = (uintptr_t) &env->elr_el[1];
|
2014-04-15 20:18:42 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
/* Fetch the SPSR registers
|
|
|
|
*
|
|
|
|
* KVM SPSRs 0-4 map to QEMU banks 1-5
|
|
|
|
*/
|
2014-04-15 20:18:43 +02:00
|
|
|
for (i = 0; i < KVM_NR_SPSR; i++) {
|
|
|
|
reg.id = AARCH64_CORE_REG(spsr[i]);
|
2015-04-01 18:57:30 +02:00
|
|
|
reg.addr = (uintptr_t) &env->banked_spsr[i + 1];
|
2014-04-15 20:18:43 +02:00
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
el = arm_current_el(env);
|
|
|
|
if (el > 0 && !is_a64(env)) {
|
|
|
|
i = bank_number(env->uncached_cpsr & CPSR_M);
|
|
|
|
env->spsr = env->banked_spsr[i];
|
|
|
|
}
|
|
|
|
|
2019-10-31 15:27:30 +01:00
|
|
|
if (cpu_isar_feature(aa64_sve, cpu)) {
|
|
|
|
ret = kvm_arch_get_sve(cs);
|
|
|
|
} else {
|
|
|
|
ret = kvm_arch_get_fpsimd(cs);
|
|
|
|
}
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
reg.addr = (uintptr_t)(&fpr);
|
|
|
|
reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpsr);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
vfp_set_fpsr(env, fpr);
|
|
|
|
|
|
|
|
reg.addr = (uintptr_t)(&fpr);
|
|
|
|
reg.id = AARCH64_SIMD_CTRL_REG(fp_regs.fpcr);
|
|
|
|
ret = kvm_vcpu_ioctl(cs, KVM_GET_ONE_REG, ®);
|
2015-04-01 18:57:30 +02:00
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
2019-10-31 15:27:30 +01:00
|
|
|
vfp_set_fpcr(env, fpr);
|
2015-04-01 18:57:30 +02:00
|
|
|
|
2018-10-24 08:50:16 +02:00
|
|
|
ret = kvm_get_vcpu_events(cpu);
|
|
|
|
if (ret) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2015-02-05 14:37:25 +01:00
|
|
|
if (!write_kvmstate_to_list(cpu)) {
|
2019-08-02 14:25:34 +02:00
|
|
|
return -EINVAL;
|
2015-02-05 14:37:25 +01:00
|
|
|
}
|
|
|
|
/* Note that it's OK to have registers which aren't in CPUState,
|
|
|
|
* so we can ignore a failure return here.
|
|
|
|
*/
|
|
|
|
write_list_to_cpustate(cpu);
|
|
|
|
|
2015-04-01 18:57:30 +02:00
|
|
|
kvm_arm_sync_mpstate_to_qemu(cpu);
|
|
|
|
|
2013-12-17 20:42:30 +01:00
|
|
|
/* TODO: other registers */
|
|
|
|
return ret;
|
|
|
|
}
|
2015-12-17 14:37:15 +01:00
|
|
|
|
target-arm: kvm64: handle SIGBUS signal from kernel or KVM
Add a SIGBUS signal handler. In this handler, it checks the SIGBUS type,
translates the host VA delivered by host to guest PA, then fills this PA
to guest APEI GHES memory, then notifies guest according to the SIGBUS
type.
When guest accesses the poisoned memory, it will generate a Synchronous
External Abort(SEA). Then host kernel gets an APEI notification and calls
memory_failure() to unmapped the affected page in stage 2, finally
returns to guest.
Guest continues to access the PG_hwpoison page, it will trap to KVM as
stage2 fault, then a SIGBUS_MCEERR_AR synchronous signal is delivered to
Qemu, Qemu records this error address into guest APEI GHES memory and
notifes guest using Synchronous-External-Abort(SEA).
In order to inject a vSEA, we introduce the kvm_inject_arm_sea() function
in which we can setup the type of exception and the syndrome information.
When switching to guest, the target vcpu will jump to the synchronous
external abort vector table entry.
The ESR_ELx.DFSC is set to synchronous external abort(0x10), and the
ESR_ELx.FnV is set to not valid(0x1), which will tell guest that FAR is
not valid and hold an UNKNOWN value. These values will be set to KVM
register structures through KVM_SET_ONE_REG IOCTL.
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
Signed-off-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20200512030609.19593-10-gengdongjiu@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-12 05:06:08 +02:00
|
|
|
void kvm_arch_on_sigbus_vcpu(CPUState *c, int code, void *addr)
|
|
|
|
{
|
|
|
|
ram_addr_t ram_addr;
|
|
|
|
hwaddr paddr;
|
|
|
|
|
|
|
|
assert(code == BUS_MCEERR_AR || code == BUS_MCEERR_AO);
|
|
|
|
|
2021-06-17 14:24:38 +02:00
|
|
|
if (acpi_ghes_present() && addr) {
|
target-arm: kvm64: handle SIGBUS signal from kernel or KVM
Add a SIGBUS signal handler. In this handler, it checks the SIGBUS type,
translates the host VA delivered by host to guest PA, then fills this PA
to guest APEI GHES memory, then notifies guest according to the SIGBUS
type.
When guest accesses the poisoned memory, it will generate a Synchronous
External Abort(SEA). Then host kernel gets an APEI notification and calls
memory_failure() to unmapped the affected page in stage 2, finally
returns to guest.
Guest continues to access the PG_hwpoison page, it will trap to KVM as
stage2 fault, then a SIGBUS_MCEERR_AR synchronous signal is delivered to
Qemu, Qemu records this error address into guest APEI GHES memory and
notifes guest using Synchronous-External-Abort(SEA).
In order to inject a vSEA, we introduce the kvm_inject_arm_sea() function
in which we can setup the type of exception and the syndrome information.
When switching to guest, the target vcpu will jump to the synchronous
external abort vector table entry.
The ESR_ELx.DFSC is set to synchronous external abort(0x10), and the
ESR_ELx.FnV is set to not valid(0x1), which will tell guest that FAR is
not valid and hold an UNKNOWN value. These values will be set to KVM
register structures through KVM_SET_ONE_REG IOCTL.
Signed-off-by: Dongjiu Geng <gengdongjiu@huawei.com>
Signed-off-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Xiang Zheng <zhengxiang9@huawei.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Message-id: 20200512030609.19593-10-gengdongjiu@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-05-12 05:06:08 +02:00
|
|
|
ram_addr = qemu_ram_addr_from_host(addr);
|
|
|
|
if (ram_addr != RAM_ADDR_INVALID &&
|
|
|
|
kvm_physical_memory_addr_from_host(c->kvm_state, addr, &paddr)) {
|
|
|
|
kvm_hwpoison_page_add(ram_addr);
|
|
|
|
/*
|
|
|
|
* If this is a BUS_MCEERR_AR, we know we have been called
|
|
|
|
* synchronously from the vCPU thread, so we can easily
|
|
|
|
* synchronize the state and inject an error.
|
|
|
|
*
|
|
|
|
* TODO: we currently don't tell the guest at all about
|
|
|
|
* BUS_MCEERR_AO. In that case we might either be being
|
|
|
|
* called synchronously from the vCPU thread, or a bit
|
|
|
|
* later from the main thread, so doing the injection of
|
|
|
|
* the error would be more complicated.
|
|
|
|
*/
|
|
|
|
if (code == BUS_MCEERR_AR) {
|
|
|
|
kvm_cpu_synchronize_state(c);
|
|
|
|
if (!acpi_ghes_record_errors(ACPI_HEST_SRC_ID_SEA, paddr)) {
|
|
|
|
kvm_inject_arm_sea(c);
|
|
|
|
} else {
|
|
|
|
error_report("failed to record the error");
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (code == BUS_MCEERR_AO) {
|
|
|
|
error_report("Hardware memory error at addr %p for memory used by "
|
|
|
|
"QEMU itself instead of guest system!", addr);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (code == BUS_MCEERR_AR) {
|
|
|
|
error_report("Hardware memory error!");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
/* C6.6.29 BRK instruction */
|
|
|
|
static const uint32_t brk_insn = 0xd4200000;
|
|
|
|
|
|
|
|
int kvm_arch_insert_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
|
|
|
|
{
|
|
|
|
if (have_guest_debug) {
|
|
|
|
if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 4, 0) ||
|
|
|
|
cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&brk_insn, 4, 1)) {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
error_report("guest debug not supported on this kernel");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
int kvm_arch_remove_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
|
|
|
|
{
|
|
|
|
static uint32_t brk;
|
|
|
|
|
|
|
|
if (have_guest_debug) {
|
|
|
|
if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&brk, 4, 0) ||
|
|
|
|
brk != brk_insn ||
|
|
|
|
cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 4, 1)) {
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
error_report("guest debug not supported on this kernel");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/* See v8 ARM ARM D7.2.27 ESR_ELx, Exception Syndrome Register
|
|
|
|
*
|
|
|
|
* To minimise translating between kernel and user-space the kernel
|
|
|
|
* ABI just provides user-space with the full exception syndrome
|
|
|
|
* register value to be decoded in QEMU.
|
|
|
|
*/
|
|
|
|
|
|
|
|
bool kvm_arm_handle_debug(CPUState *cs, struct kvm_debug_exit_arch *debug_exit)
|
|
|
|
{
|
2018-10-24 08:50:18 +02:00
|
|
|
int hsr_ec = syn_get_ec(debug_exit->hsr);
|
2015-12-17 14:37:15 +01:00
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
|
|
|
|
/* Ensure PC is synchronised */
|
|
|
|
kvm_cpu_synchronize_state(cs);
|
|
|
|
|
|
|
|
switch (hsr_ec) {
|
2015-12-17 14:37:15 +01:00
|
|
|
case EC_SOFTWARESTEP:
|
|
|
|
if (cs->singlestep_enabled) {
|
|
|
|
return true;
|
|
|
|
} else {
|
2015-12-17 14:37:15 +01:00
|
|
|
/*
|
|
|
|
* The kernel should have suppressed the guest's ability to
|
|
|
|
* single step at this point so something has gone wrong.
|
|
|
|
*/
|
|
|
|
error_report("%s: guest single-step while debugging unsupported"
|
2017-04-20 18:32:29 +02:00
|
|
|
" (%"PRIx64", %"PRIx32")",
|
2015-12-17 14:37:15 +01:00
|
|
|
__func__, env->pc, debug_exit->hsr);
|
|
|
|
return false;
|
2015-12-17 14:37:15 +01:00
|
|
|
}
|
|
|
|
break;
|
2015-12-17 14:37:15 +01:00
|
|
|
case EC_AA64_BKPT:
|
|
|
|
if (kvm_find_sw_breakpoint(cs, env->pc)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
break;
|
2015-12-17 14:37:15 +01:00
|
|
|
case EC_BREAKPOINT:
|
|
|
|
if (find_hw_breakpoint(cs, env->pc)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case EC_WATCHPOINT:
|
|
|
|
{
|
|
|
|
CPUWatchpoint *wp = find_hw_watchpoint(cs, debug_exit->far);
|
|
|
|
if (wp) {
|
|
|
|
cs->watchpoint_hit = wp;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
2015-12-17 14:37:15 +01:00
|
|
|
default:
|
2017-04-20 18:32:29 +02:00
|
|
|
error_report("%s: unhandled debug exit (%"PRIx32", %"PRIx64")",
|
2015-12-17 14:37:15 +01:00
|
|
|
__func__, debug_exit->hsr, env->pc);
|
|
|
|
}
|
|
|
|
|
2015-12-17 14:37:15 +01:00
|
|
|
/* If we are not handling the debug exception it must belong to
|
|
|
|
* the guest. Let's re-use the existing TCG interrupt code to set
|
|
|
|
* everything up properly.
|
|
|
|
*/
|
|
|
|
cs->exception_index = EXCP_BKPT;
|
|
|
|
env->exception.syndrome = debug_exit->hsr;
|
|
|
|
env->exception.vaddress = debug_exit->far;
|
2018-11-13 11:47:59 +01:00
|
|
|
env->exception.target_el = 1;
|
2018-11-13 11:47:59 +01:00
|
|
|
qemu_mutex_lock_iothread();
|
2021-02-04 17:39:16 +01:00
|
|
|
arm_cpu_do_interrupt(cs);
|
2018-11-13 11:47:59 +01:00
|
|
|
qemu_mutex_unlock_iothread();
|
2015-12-17 14:37:15 +01:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
2020-07-03 17:59:42 +02:00
|
|
|
|
|
|
|
#define ARM64_REG_ESR_EL1 ARM64_SYS_REG(3, 0, 5, 2, 0)
|
|
|
|
#define ARM64_REG_TCR_EL1 ARM64_SYS_REG(3, 0, 2, 0, 2)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ESR_EL1
|
|
|
|
* ISS encoding
|
|
|
|
* AARCH64: DFSC, bits [5:0]
|
|
|
|
* AARCH32:
|
|
|
|
* TTBCR.EAE == 0
|
|
|
|
* FS[4] - DFSR[10]
|
|
|
|
* FS[3:0] - DFSR[3:0]
|
|
|
|
* TTBCR.EAE == 1
|
|
|
|
* FS, bits [5:0]
|
|
|
|
*/
|
|
|
|
#define ESR_DFSC(aarch64, lpae, v) \
|
|
|
|
((aarch64 || (lpae)) ? ((v) & 0x3F) \
|
|
|
|
: (((v) >> 6) | ((v) & 0x1F)))
|
|
|
|
|
|
|
|
#define ESR_DFSC_EXTABT(aarch64, lpae) \
|
|
|
|
((aarch64) ? 0x10 : (lpae) ? 0x10 : 0x8)
|
|
|
|
|
|
|
|
bool kvm_arm_verify_ext_dabt_pending(CPUState *cs)
|
|
|
|
{
|
|
|
|
uint64_t dfsr_val;
|
|
|
|
|
|
|
|
if (!kvm_get_one_reg(cs, ARM64_REG_ESR_EL1, &dfsr_val)) {
|
|
|
|
ARMCPU *cpu = ARM_CPU(cs);
|
|
|
|
CPUARMState *env = &cpu->env;
|
|
|
|
int aarch64_mode = arm_feature(env, ARM_FEATURE_AARCH64);
|
|
|
|
int lpae = 0;
|
|
|
|
|
|
|
|
if (!aarch64_mode) {
|
|
|
|
uint64_t ttbcr;
|
|
|
|
|
|
|
|
if (!kvm_get_one_reg(cs, ARM64_REG_TCR_EL1, &ttbcr)) {
|
|
|
|
lpae = arm_feature(env, ARM_FEATURE_LPAE)
|
|
|
|
&& (ttbcr & TTBCR_EAE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* The verification here is based on the DFSC bits
|
|
|
|
* of the ESR_EL1 reg only
|
|
|
|
*/
|
|
|
|
return (ESR_DFSC(aarch64_mode, lpae, dfsr_val) ==
|
|
|
|
ESR_DFSC_EXTABT(aarch64_mode, lpae));
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|