[PATCH] target/arm: Treat unknown SMC calls as NOP

[Alexander Graf <agraf@csgraf.de>]

We currently treat unknown SMC calls as UNDEF. This behavior is different
from KVM, which treats them as NOP.

Unfortunately, the UNDEF exception breaks running Windows for ARM in QEMU,
as that probes an OEM SMCCC call on boot, but does not expect to receive
an UNDEF exception as response.

So instead, let's follow the KVM path and ignore SMC calls that we don't
handle. This fixes booting the Windows 10 for ARM preview in TCG for me.

Signed-off-by: Alexander Graf <agraf@csgraf.de>
---
 target/arm/helper.c    |  8 ++++++++
 target/arm/op_helper.c | 13 ++++---------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index dc9c29f998..bc1bd2e704 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -9778,6 +9778,14 @@ void arm_cpu_do_interrupt(CPUState *cs)
         return;
     }
 
+    if (cs->exception_index == EXCP_SMC &&
+        !arm_feature(env, ARM_FEATURE_EL3) &&
+        cpu->psci_conduit != QEMU_PSCI_CONDUIT_SMC) {
+        /* Treat unknown SMC calls as NOP, just like KVM */
+        qemu_log_mask(CPU_LOG_INT, "...handled as NOP\n");
+        return;
+    }
+
     /*
      * Semihosting semantics depend on the register width of the code
      * that caused the exception, not the target exception level, so
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index b1065216b2..42b1687860 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -823,7 +823,7 @@ void HELPER(pre_smc)(CPUARMState *env, uint32_t syndrome)
      *
      *  Conduit SMC, valid call  Trap to EL2         PSCI Call
      *  Conduit SMC, inval call  Trap to EL2         Undef insn
-     *  Conduit not SMC          Undef insn          Undef insn
+     *  Conduit not SMC          nop                 nop
      */
 
     /* On ARMv8 with EL3 AArch64, SMD applies to both S and NS state.
@@ -838,16 +838,11 @@ void HELPER(pre_smc)(CPUARMState *env, uint32_t syndrome)
 
     if (!arm_feature(env, ARM_FEATURE_EL3) &&
         cpu->psci_conduit != QEMU_PSCI_CONDUIT_SMC) {
-        /* If we have no EL3 then SMC always UNDEFs and can't be
-         * trapped to EL2. PSCI-via-SMC is a sort of ersatz EL3
-         * firmware within QEMU, and we want an EL2 guest to be able
-         * to forbid its EL1 from making PSCI calls into QEMU's
-         * "firmware" via HCR.TSC, so for these purposes treat
-         * PSCI-via-SMC as implying an EL3.
+        /* If we have no EL3 then we simulate KVM behavior which
+         * simply treats every unknown SMC as a nop.
          * This handles the very last line of the previous table.
          */
-        raise_exception(env, EXCP_UDEF, syn_uncategorized(),
-                        exception_target_el(env));
+        return;
     }
 
     if (cur_el == 1 && (arm_hcr_el2_eff(env) & HCR_TSC)) {
-- 
2.16.4