[Qemu-devel] [PATCH v2 0/2] support reading of CNT[VCT|FRQ]_EL0 from user-space

[Qemu-devel] [PATCH v2 0/2] support reading of CNT[VCT|FRQ]_EL0 from user-space

[Alex Bennée]

Hi,

The second patch won't build on master until the tcg testing revival
is merged but I've included it for reference.

Alex.

Alex Bennée (2):
  target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space
  tests/tcg/aarch64: userspace system register test

 target/arm/helper.c               | 27 ++++++++++++++++++++++++---
 tests/tcg/aarch64/Makefile.target |  2 +-
 tests/tcg/aarch64/sysregs.c       | 14 ++++++++++++++
 3 files changed, 39 insertions(+), 4 deletions(-)
 create mode 100644 tests/tcg/aarch64/sysregs.c

-- 
2.17.0

[Qemu-devel] [PATCH v2 1/2] target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space

[Alex Bennée]

Since kernel commit a86bd139f2 (arm64: arch_timer: Enable CNTVCT_EL0
trap..) user-space has been able to read these system registers. As we
can't use QEMUTimer's in linux-user mode we just directly call
cpu_get_clock().

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

---
v2
  - include CNTFRQ_EL0 for PL0_R only
---
 target/arm/helper.c | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index db8bbe52a6..39098a15bf 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -2135,11 +2135,32 @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
 };
 
 #else
-/* In user-mode none of the generic timer registers are accessible,
- * and their implementation depends on QEMU_CLOCK_VIRTUAL and qdev gpio outputs,
- * so instead just don't register any of them.
+
+/* In user-mode most of the generic timer registers are inaccessible
+ * however modern kernels (4.12+) allow access to cntvct_el0
  */
+
+static uint64_t gt_virt_cnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
+{
+    /* Currently we have no support for QEMUTimer in linux-user so we
+     * can't call gt_get_countervalue(env), instead we directly
+     * call the lower level functions.
+     */
+    return cpu_get_clock() / GTIMER_SCALE;
+}
+
 static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
+    { .name = "CNTFRQ_EL0", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 0,
+      .access = PL0_R /* no PL1_RW in linux-user */,
+      .fieldoffset = offsetof(CPUARMState, cp15.c14_cntfrq),
+      .resetvalue = (1000 * 1000 * 1000) / GTIMER_SCALE,
+    },
+    { .name = "CNTVCT_EL0", .state = ARM_CP_STATE_AA64,
+      .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 2,
+      .access = PL0_R, .type = ARM_CP_NO_RAW | ARM_CP_IO,
+      .readfn = gt_virt_cnt_read,
+    },
     REGINFO_SENTINEL
 };
 
-- 
2.17.0

[Qemu-devel] [PATCH v2 2/2] tests/tcg/aarch64: userspace system register test

[Alex Bennée]

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
 tests/tcg/aarch64/Makefile.target |  2 +-
 tests/tcg/aarch64/sysregs.c       | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 tests/tcg/aarch64/sysregs.c

diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
index ac177d9747..595927f027 100644
--- a/tests/tcg/aarch64/Makefile.target
+++ b/tests/tcg/aarch64/Makefile.target
@@ -7,7 +7,7 @@ VPATH 		+= $(AARCH64_SRC)
 
 # we don't build any of the ARM tests
 AARCH64_TESTS=$(filter-out $(ARM_TESTS), $(TESTS))
-AARCH64_TESTS+=fcvt
+AARCH64_TESTS+=fcvt sysregs
 TESTS:=$(AARCH64_TESTS)
 
 fcvt: LDFLAGS+=-lm
diff --git a/tests/tcg/aarch64/sysregs.c b/tests/tcg/aarch64/sysregs.c
new file mode 100644
index 0000000000..0cd0c42d8c
--- /dev/null
+++ b/tests/tcg/aarch64/sysregs.c
@@ -0,0 +1,14 @@
+#include <stdio.h>
+
+#define get_cpu_reg(id) ({                                      \
+                unsigned long __val;                            \
+                asm("mrs %0, "#id : "=r" (__val));              \
+                printf("%-20s: 0x%016lx\n", #id, __val);        \
+        })
+
+int main(void)
+{
+    get_cpu_reg(cntvct_el0);
+    get_cpu_reg(cntfrq_el0);
+    return 0;
+}
-- 
2.17.0

Re: [Qemu-devel] [PATCH v2 1/2] target/arm: support reading of CNT[VCT|FRQ]_EL0 from user-space

[Peter Maydell]

On 18 May 2018 at 12:44, Alex Bennée <alex.bennee@linaro.org> wrote:
> Since kernel commit a86bd139f2 (arm64: arch_timer: Enable CNTVCT_EL0
> trap..) user-space has been able to read these system registers. As we
> can't use QEMUTimer's in linux-user mode we just directly call
> cpu_get_clock().
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v2
>   - include CNTFRQ_EL0 for PL0_R only
> ---
>  target/arm/helper.c | 27 ++++++++++++++++++++++++---
>  1 file changed, 24 insertions(+), 3 deletions(-)
>
> diff --git a/target/arm/helper.c b/target/arm/helper.c
> index db8bbe52a6..39098a15bf 100644
> --- a/target/arm/helper.c
> +++ b/target/arm/helper.c
> @@ -2135,11 +2135,32 @@ static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
>  };
>
>  #else
> -/* In user-mode none of the generic timer registers are accessible,
> - * and their implementation depends on QEMU_CLOCK_VIRTUAL and qdev gpio outputs,
> - * so instead just don't register any of them.
> +
> +/* In user-mode most of the generic timer registers are inaccessible
> + * however modern kernels (4.12+) allow access to cntvct_el0
>   */
> +
> +static uint64_t gt_virt_cnt_read(CPUARMState *env, const ARMCPRegInfo *ri)
> +{
> +    /* Currently we have no support for QEMUTimer in linux-user so we
> +     * can't call gt_get_countervalue(env), instead we directly
> +     * call the lower level functions.
> +     */
> +    return cpu_get_clock() / GTIMER_SCALE;
> +}
> +
>  static const ARMCPRegInfo generic_timer_cp_reginfo[] = {
> +    { .name = "CNTFRQ_EL0", .state = ARM_CP_STATE_AA64,
> +      .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 0,
> +      .access = PL0_R /* no PL1_RW in linux-user */,
> +      .fieldoffset = offsetof(CPUARMState, cp15.c14_cntfrq),
> +      .resetvalue = (1000 * 1000 * 1000) / GTIMER_SCALE,

You might as well just make this be .type = ARM_CP_CONST,
since the CPU state field can never change.

Also, perhaps NANOSECONDS_PER_SECOND / GTIMER_SCALE.)

> +    },
> +    { .name = "CNTVCT_EL0", .state = ARM_CP_STATE_AA64,
> +      .opc0 = 3, .opc1 = 3, .crn = 14, .crm = 0, .opc2 = 2,
> +      .access = PL0_R, .type = ARM_CP_NO_RAW | ARM_CP_IO,
> +      .readfn = gt_virt_cnt_read,
> +    },
>      REGINFO_SENTINEL
>  };

Do we need to make the 32-bit registers accessible to linux-user
processes too?

(Incidentally, another thing along these lines we should probably
look at is that I think that newer kernels emulate ID register
accesses from EL0, so we should do something to make those
registers work too.)

thanks
-- PMM