On 13.09.21 10:28, Peter Maydell wrote:
> On Sun, 12 Sept 2021 at 21:23, Alexander Graf <ag...@csgraf.de> wrote:
>>
>> On 15.06.21 12:56, Peter Maydell wrote:
>>> On Wed, 19 May 2021 at 21:23, Alexander Graf <ag...@csgraf.de> wrote:
>>>> Now that we have working system register sync, we push more target CPU
>>>> properties into the virtual machine. That might be useful in some
>>>> situations, but is not the typical case that users want.
>>>>
>>>> So let's add a -cpu host option that allows them to explicitly pass all
>>>> CPU capabilities of their host CPU into the guest.
>>>>
>>>> Signed-off-by: Alexander Graf <ag...@csgraf.de>
>>>> Acked-by: Roman Bolshakov <r.bolsha...@yadro.com>
>>>>
>>>> ---
>>>>
>>>> v6 -> v7:
>>>>
>>>> - Move function define to own header
>>>> - Do not propagate SVE features for HVF
>>>> - Remove stray whitespace change
>>>> - Verify that EL0 and EL1 do not allow AArch32 mode
>>>> - Only probe host CPU features once
>>>> +static void hvf_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
>>>> +{
>>>> + ARMISARegisters host_isar;
>>> Can you zero-initialize this (with "= { }"), please? That way we
>>> know we have zeroes in the aarch32 ID fields rather than random junk
>>> later...
>>>
>>>> + const struct isar_regs {
>>>> + int reg;
>>>> + uint64_t *val;
>>>> + } regs[] = {
>>>> + { HV_SYS_REG_ID_AA64PFR0_EL1, &host_isar.id_aa64pfr0 },
>>>> + { HV_SYS_REG_ID_AA64PFR1_EL1, &host_isar.id_aa64pfr1 },
>>>> + { HV_SYS_REG_ID_AA64DFR0_EL1, &host_isar.id_aa64dfr0 },
>>>> + { HV_SYS_REG_ID_AA64DFR1_EL1, &host_isar.id_aa64dfr1 },
>>>> + { HV_SYS_REG_ID_AA64ISAR0_EL1, &host_isar.id_aa64isar0 },
>>>> + { HV_SYS_REG_ID_AA64ISAR1_EL1, &host_isar.id_aa64isar1 },
>>>> + { HV_SYS_REG_ID_AA64MMFR0_EL1, &host_isar.id_aa64mmfr0 },
>>>> + { HV_SYS_REG_ID_AA64MMFR1_EL1, &host_isar.id_aa64mmfr1 },
>>>> + { HV_SYS_REG_ID_AA64MMFR2_EL1, &host_isar.id_aa64mmfr2 },
>>>> + };
>>>> + hv_vcpu_t fd;
>>>> + hv_vcpu_exit_t *exit;
>>>> + int i;
>>>> +
>>>> + ahcf->dtb_compatible = "arm,arm-v8";
>>>> + ahcf->features = (1ULL << ARM_FEATURE_V8) |
>>>> + (1ULL << ARM_FEATURE_NEON) |
>>>> + (1ULL << ARM_FEATURE_AARCH64) |
>>>> + (1ULL << ARM_FEATURE_PMU) |
>>>> + (1ULL << ARM_FEATURE_GENERIC_TIMER);
>>>> +
>>>> + /* We set up a small vcpu to extract host registers */
>>>> +
>>>> + assert_hvf_ok(hv_vcpu_create(&fd, &exit, NULL));
>>>> + for (i = 0; i < ARRAY_SIZE(regs); i++) {
>>>> + assert_hvf_ok(hv_vcpu_get_sys_reg(fd, regs[i].reg, regs[i].val));
>>>> + }
>>>> + assert_hvf_ok(hv_vcpu_get_sys_reg(fd, HV_SYS_REG_MIDR_EL1,
>>>> &ahcf->midr));
>>>> + assert_hvf_ok(hv_vcpu_destroy(fd));
>>>> +
>>>> + ahcf->isar = host_isar;
>>>> + ahcf->reset_sctlr = 0x00c50078;
>>> Why this value in particular? Could we just ask the scratch HVF CPU
>>> for the value of SCTLR_EL1 rather than hardcoding something?
>>
>> The fresh scratch hvf CPU has 0 as SCTLR.
> Yuck. That's pretty unhelpful of hvf, since it's not an
> architecturally valid thing for a freshly reset EL1-only
> CPU to have as its SCTLR (some bits are supposed to be RES1
> or reset-to-1). In that case we do need to set this to a known
> value here, I guess -- but we should have a comment explaining
> why we do it and what bits we're setting.
Ok :)
>
>>>> + /* Make sure we don't advertise AArch32 support for EL0/EL1 */
>>>> + g_assert((host_isar.id_aa64pfr0 & 0xff) == 0x11);
>>> This shouldn't really be an assert, I think. error_report() something
>>> and return false, and then arm_cpu_realizefn() will fail, which should
>>> cause us to exit.
>>
>> I don't follow. We're filling in the -cpu host CPU template here. There
>> is no error path anywhere we could take.
> Look at how the kvm_arm_get_host_cpu_features() error handling works:
> it returns a bool. The caller (kvm_arm_set_cpu_features_from_host())
> checks the return value, and if the function failed it sets
> the cpu->host_cpu_probe_failed flag, which then results in realize
> failing. (You'll want to update the arm_cpu_realizefn to allow hvf
> as well as kvm for that error message.)
Sure, happy to adjust accordingly :)
>
>> This is a case that on today's systems can't happen - M1 does not
>> support AArch32 anywhere. So that assert could only ever hit if you run
>> macOS on non-Apple hardware (in which case I doubt hvf works as
>> intended) or if a new Apple CPU starts supporting AArch32 (again, very
>> unlikely).
>>
>> So overall, I think the assert here is not too bad :)
> Well, probably not, but you need the error handling path
> anyway for the boring case of "oops, this syscall failed".
Why? You only get to this code path if you already selected -accel hvf.
If even a simple "create scratch vcpu" syscall failed then, pretty
failure when you define -cpu host is the last thing you care about. Any
CPU creation would fail.
Alex
