target/arm: Add pre-EL change hooks

Because the design of the PMU requires that the counter values be converted between their delta and guest-visible forms for mode filtering, an additional hook which occurs before the EL is changed is necessary. Backports commit b5c53d1b3886387874f8c8582b205aeb3e4c3df6 from qemu
2025-02-25 16:06:57 +00:00 · 2018-04-26 09:19:21 -04:00 · 2018-04-26 09:19:21 -04:00 · 99a0be89a8
parent 8caf217d26
commit 99a0be89a8
10 changed files with 61 additions and 3 deletions
--- a/qemu/aarch64.h
+++ b/qemu/aarch64.h
@ -3065,6 +3065,7 @@
 #define arm64_release arm64_release_aarch64
 #define arm_regime_tbi0 arm_regime_tbi0_aarch64
 #define arm_regime_tbi1 arm_regime_tbi1_aarch64
+#define arm_register_pre_el_change_hook arm_register_pre_el_change_hook_aarch64
 #define arm_register_el_change_hook arm_register_el_change_hook_aarch64
 #define arm_reset_cpu arm_reset_cpu_aarch64
 #define arm_set_cpu_off arm_set_cpu_off_aarch64
--- a/qemu/aarch64eb.h
+++ b/qemu/aarch64eb.h
@ -3065,6 +3065,7 @@
 #define arm64_release arm64_release_aarch64eb
 #define arm_regime_tbi0 arm_regime_tbi0_aarch64eb
 #define arm_regime_tbi1 arm_regime_tbi1_aarch64eb
+#define arm_register_pre_el_change_hook arm_register_pre_el_change_hook_aarch64eb
 #define arm_register_el_change_hook arm_register_el_change_hook_aarch64eb
 #define arm_reset_cpu arm_reset_cpu_aarch64eb
 #define arm_set_cpu_off arm_set_cpu_off_aarch64eb
--- a/qemu/arm.h
+++ b/qemu/arm.h
@ -3059,6 +3059,7 @@
 #define ARM_REGS_STORAGE_SIZE ARM_REGS_STORAGE_SIZE_arm
 #define arm_regime_tbi0 arm_regime_tbi0_arm
 #define arm_regime_tbi1 arm_regime_tbi1_arm
+#define arm_register_pre_el_change_hook arm_register_pre_el_change_hook_arm
 #define arm_register_el_change_hook arm_register_el_change_hook_arm
 #define arm_reset_cpu arm_reset_cpu_arm
 #define arm_set_cpu_off arm_set_cpu_off_arm
--- a/qemu/armeb.h
+++ b/qemu/armeb.h
@ -3059,6 +3059,7 @@
 #define ARM_REGS_STORAGE_SIZE ARM_REGS_STORAGE_SIZE_armeb
 #define arm_regime_tbi0 arm_regime_tbi0_armeb
 #define arm_regime_tbi1 arm_regime_tbi1_armeb
+#define arm_register_pre_el_change_hook arm_register_pre_el_change_hook_armeb
 #define arm_register_el_change_hook arm_register_el_change_hook_armeb
 #define arm_reset_cpu arm_reset_cpu_armeb
 #define arm_set_cpu_off arm_set_cpu_off_armeb
--- a/qemu/header_gen.py
+++ b/qemu/header_gen.py
@ -3068,6 +3068,7 @@ arm_symbols = (
    'ARM_REGS_STORAGE_SIZE',
    'arm_regime_tbi0',
    'arm_regime_tbi1',
+    'arm_register_pre_el_change_hook',
    'arm_register_el_change_hook',
    'arm_reset_cpu',
    'arm_set_cpu_off',
@ -3085,6 +3086,7 @@ aarch64_symbols = (
    'arm64_release',
    'arm_regime_tbi0',
    'arm_regime_tbi1',
+    'arm_register_pre_el_change_hook',
    'arm_register_el_change_hook',
    'arm_reset_cpu',
    'arm_set_cpu_off',
--- a/qemu/target/arm/cpu.c
+++ b/qemu/target/arm/cpu.c
@ -49,6 +49,17 @@ static bool arm_cpu_has_work(CPUState *cs)
         | CPU_INTERRUPT_EXITTB);
 }

+void arm_register_pre_el_change_hook(ARMCPU *cpu, ARMELChangeHookFn *hook,
+                                 void *opaque)
+{
+    ARMELChangeHook *entry = g_new0(ARMELChangeHook, 1);
+
+    entry->hook = hook;
+    entry->opaque = opaque;
+
+    QLIST_INSERT_HEAD(&cpu->pre_el_change_hooks, entry, node);
+}
+
 void arm_register_el_change_hook(ARMCPU *cpu, ARMELChangeHookFn *hook,
                                 void *opaque)
 {
@ -440,6 +451,7 @@ static void arm_cpu_initfn(struct uc_struct *uc, Object *obj, void *opaque)
    cpu->cp_regs = g_hash_table_new_full(g_int_hash, g_int_equal,
                                         g_free, g_free);

+    QLIST_INIT(&cpu->pre_el_change_hooks);
    QLIST_INIT(&cpu->el_change_hooks);

    /* This cpu-id-to-MPIDR affinity is used only for TCG; KVM will override it.
@ -539,6 +551,10 @@ static void arm_cpu_finalizefn(struct uc_struct *uc, Object *obj, void *opaque)

    g_hash_table_destroy(cpu->cp_regs);

+    QLIST_FOREACH_SAFE(hook, &cpu->pre_el_change_hooks, node, next) {
+        QLIST_REMOVE(hook, node);
+        g_free(hook);
+    }
    QLIST_FOREACH_SAFE(hook, &cpu->el_change_hooks, node, next) {
        QLIST_REMOVE(hook, node);
        g_free(hook);
--- a/qemu/target/arm/cpu.h
+++ b/qemu/target/arm/cpu.h
@ -819,6 +819,7 @@ typedef struct ARMCPU {
     */
    bool cfgend;

+    QLIST_HEAD(, ARMELChangeHook) pre_el_change_hooks;
    QLIST_HEAD(, ARMELChangeHook) el_change_hooks;

    int32_t node_id; /* NUMA node this CPU belongs to */
@ -2853,14 +2854,29 @@ static inline AddressSpace *arm_addressspace(CPUState *cs, MemTxAttrs attrs)
 #endif

 /**
- * arm_register_el_change_hook:
- * Register a hook function which will be called back whenever this
+ * arm_register_pre_el_change_hook:
+ * Register a hook function which will be called immediately before this
 * CPU changes exception level or mode. The hook function will be
 * passed a pointer to the ARMCPU and the opaque data pointer passed
 * to this function when the hook was registered.
+ *
+ * Note that if a pre-change hook is called, any registered post-change hooks
+ * are guaranteed to subsequently be called.
 */
-void arm_register_el_change_hook(ARMCPU *cpu, ARMELChangeHookFn *hook,
+void arm_register_pre_el_change_hook(ARMCPU *cpu, ARMELChangeHookFn *hook,
                                 void *opaque);
+/**
+ * arm_register_el_change_hook:
+ * Register a hook function which will be called immediately after this
+ * CPU changes exception level or mode. The hook function will be
+ * passed a pointer to the ARMCPU and the opaque data pointer passed
+ * to this function when the hook was registered.
+ *
+ * Note that any registered hooks registered here are guaranteed to be called
+ * if pre-change hooks have been.
+ */
+void arm_register_el_change_hook(ARMCPU *cpu, ARMELChangeHookFn *hook, void
+        *opaque);

 /**
 * aa32_vfp_dreg:
--- a/qemu/target/arm/helper.c
+++ b/qemu/target/arm/helper.c
@ -7507,6 +7507,15 @@ void arm_cpu_do_interrupt(CPUState *cs)
        return;
    }

+    /* Hooks may change global state so BQL should be held, also the
+     * BQL needs to be held for any modification of
+     * cs->interrupt_request.
+     */
+    // Unicorn: commented out
+    //g_assert(qemu_mutex_iothread_locked());
+
+    arm_call_pre_el_change_hook(cpu);
+
    assert(!excp_is_internal(cs->exception_index));
    if (arm_el_is_aa64(env, new_el)) {
        arm_cpu_do_interrupt_aarch64_(cs);
--- a/qemu/target/arm/internals.h
+++ b/qemu/target/arm/internals.h
@ -730,6 +730,13 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
                                   MemTxResult response, uintptr_t retaddr);

 /* Call any registered EL change hooks */
+static inline void arm_call_pre_el_change_hook(ARMCPU *cpu)
+{
+    ARMELChangeHook *hook, *next;
+    QLIST_FOREACH_SAFE(hook, &cpu->pre_el_change_hooks, node, next) {
+        hook->hook(cpu, hook->opaque);
+    }
+}
 static inline void arm_call_el_change_hook(ARMCPU *cpu)
 {
    ARMELChangeHook *hook, *next;
--- a/qemu/target/arm/op_helper.c
+++ b/qemu/target/arm/op_helper.c
@ -517,6 +517,8 @@ void HELPER(cpsr_write)(CPUARMState *env, uint32_t val, uint32_t mask)
 /* Write the CPSR for a 32-bit exception return */
 void HELPER(cpsr_write_eret)(CPUARMState *env, uint32_t val)
 {
+    arm_call_pre_el_change_hook(arm_env_get_cpu(env));
+
    cpsr_write(env, val, CPSR_ERET_MASK, CPSRWriteExceptionReturn);

    /* Generated code has already stored the new PC value, but
@ -1010,6 +1012,8 @@ void HELPER(exception_return)(CPUARMState *env)
        goto illegal_return;
    }

+    arm_call_pre_el_change_hook(arm_env_get_cpu(env));
+
    if (!return_to_aa64) {
        env->aarch64 = 0;
        /* We do a raw CPSR write because aarch64_sync_64_to_32()