[PATCH 00/12] Introduce new vmapple machine type

[PATCH 00/12] Introduce new vmapple machine type

[Alexander Graf]

This patch set introduces a new ARM and HVF specific machine type
called "vmapple". It mimicks the device model that Apple's proprietary
Virtualization.Framework exposes, but implements it in QEMU.

With this new machine type, you can run macOS guests on Apple Silicon
systems via HVF. To do so, you need to first install macOS using
Virtualization.Framework onto a virtual disk image using a tool like
macosvm (https://github.com/s-u/macosvm)

  $ macosvm --disk disk.img,size=32g --aux aux.img \
            --restore UniversalMac_12.0.1_21A559_Restore.ipsw vm.json

Then, extract the ECID from the installed VM:

  $ cat "$DIR/macosvm.json" | python3 -c                                 \
  'import json,sys;obj=json.load(sys.stdin);print(obj["machineId"]) |    \
  base64 -d | plutil -extract ECID raw -

In addition, cut off the first 16kb of the aux.img:

  $ dd if=aux.img of=aux.img.trimmed bs=$(( 0x4000 )) skip=1

Now, you can just launch QEMU with the bits generated above:

  $ qemu-system-aarch64 -serial mon:stdio                                \
  -m 4G                                                                  \
  -M vmapple,uuid=6240349656165161789                                    \
  -bios /Sys*/Lib*/Fra*/Virtualization.f*/R*/AVPBooter.vmapple2.bin      \
  -pflash aux.img.trimmed                                                \
  -pflash disk.img                                                       \
  -drive file=disk.img,if=none,id=root                                   \
  -device virtio-blk-pci,drive=root,x-apple-type=1                       \
  -drive file=aux.img.trimmed,if=none,id=aux                             \
  -device virtio-blk-pci,drive=aux,x-apple-type=2                        \
  -accel hvf -no-reboot

There are a few limitations with this implementation:

  - Only runs on macOS because it relies on
    ParavirtualizesGraphics.Framework
  - Something is not fully correct on interrupt delivery or
    similar - the keyboard does not work
  - No Rosetta in the guest because we lack the private
    entitlement to enable TSO

Over time, I hope that some of the limitations above could cease to exist.
This device model would enable very nice use cases with KVM on an Asahi
Linux device.


Alexander Graf (12):
  build: Only define OS_OBJECT_USE_OBJC with gcc
  hw/misc/pvpanic: Add MMIO interface
  hvf: Increase number of possible memory slots
  hvf: arm: Ignore writes to CNTP_CTL_EL0
  hw/virtio: Add support for apple virtio-blk
  hw: Add vmapple subdir
  gpex: Allow more than 4 legacy IRQs
  hw/vmapple/aes: Introduce aes engine
  hw/vmapple/bdif: Introduce vmapple backdoor interface
  hw/vmapple/cfg: Introduce vmapple cfg region
  hw/vmapple/apple-gfx: Introduce ParavirtualizedGraphics.Framework
    support
  hw/vmapple/vmapple: Add vmapple machine type

 MAINTAINERS                                 |   6 +
 accel/hvf/hvf-accel-ops.c                   |   2 +-
 hw/Kconfig                                  |   1 +
 hw/arm/sbsa-ref.c                           |   2 +-
 hw/arm/virt.c                               |   2 +-
 hw/block/virtio-blk.c                       |  23 +
 hw/i386/microvm.c                           |   2 +-
 hw/loongarch/virt.c                         |   2 +-
 hw/meson.build                              |   1 +
 hw/mips/loongson3_virt.c                    |   2 +-
 hw/misc/Kconfig                             |   4 +
 hw/misc/meson.build                         |   1 +
 hw/misc/pvpanic-mmio.c                      |  66 ++
 hw/openrisc/virt.c                          |  12 +-
 hw/pci-host/gpex.c                          |  36 +-
 hw/riscv/virt.c                             |  12 +-
 hw/virtio/virtio-blk-pci.c                  |   7 +
 hw/vmapple/Kconfig                          |  30 +
 hw/vmapple/aes.c                            | 583 +++++++++++++++++
 hw/vmapple/apple-gfx.m                      | 578 +++++++++++++++++
 hw/vmapple/bdif.c                           | 245 ++++++++
 hw/vmapple/cfg.c                            | 105 ++++
 hw/vmapple/meson.build                      |   5 +
 hw/vmapple/trace-events                     |  47 ++
 hw/vmapple/trace.h                          |   1 +
 hw/vmapple/vmapple.c                        | 661 ++++++++++++++++++++
 hw/xtensa/virt.c                            |   2 +-
 include/hw/misc/pvpanic.h                   |   1 +
 include/hw/pci-host/gpex.h                  |   7 +-
 include/hw/pci/pci_ids.h                    |   1 +
 include/hw/virtio/virtio-blk.h              |   1 +
 include/hw/vmapple/bdif.h                   |  31 +
 include/hw/vmapple/cfg.h                    |  68 ++
 include/standard-headers/linux/virtio_blk.h |   3 +
 include/sysemu/hvf_int.h                    |   2 +-
 meson.build                                 |   9 +-
 target/arm/hvf/hvf.c                        |   7 +
 37 files changed, 2538 insertions(+), 30 deletions(-)
 create mode 100644 hw/misc/pvpanic-mmio.c
 create mode 100644 hw/vmapple/Kconfig
 create mode 100644 hw/vmapple/aes.c
 create mode 100644 hw/vmapple/apple-gfx.m
 create mode 100644 hw/vmapple/bdif.c
 create mode 100644 hw/vmapple/cfg.c
 create mode 100644 hw/vmapple/meson.build
 create mode 100644 hw/vmapple/trace-events
 create mode 100644 hw/vmapple/trace.h
 create mode 100644 hw/vmapple/vmapple.c
 create mode 100644 include/hw/vmapple/bdif.h
 create mode 100644 include/hw/vmapple/cfg.h

-- 
2.39.2 (Apple Git-143)




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

[PATCH 01/12] build: Only define OS_OBJECT_USE_OBJC with gcc

[Alexander Graf]

Recent versions of macOS use clang instead of gcc. The OS_OBJECT_USE_OBJC
define is only necessary when building with gcc. Let's not define it when
building with clang.

With this patch, I can successfully include GCD headers in QEMU when
building with clang.

Signed-off-by: Alexander Graf <graf@amazon.com>
---
 meson.build | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index 34306a6205..0bb5ea9d10 100644
--- a/meson.build
+++ b/meson.build
@@ -225,7 +225,9 @@ qemu_ldflags = []
 if targetos == 'darwin'
   # Disable attempts to use ObjectiveC features in os/object.h since they
   # won't work when we're compiling with gcc as a C compiler.
-  qemu_common_flags += '-DOS_OBJECT_USE_OBJC=0'
+  if compiler.get_id() == 'gcc'
+    qemu_common_flags += '-DOS_OBJECT_USE_OBJC=0'
+  endif
 elif targetos == 'solaris'
   # needed for CMSG_ macros in sys/socket.h
   qemu_common_flags += '-D_XOPEN_SOURCE=600'
-- 
2.39.2 (Apple Git-143)




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

[PATCH 02/12] hw/misc/pvpanic: Add MMIO interface

[Alexander Graf]

In addition to the ISA and PCI variants of pvpanic, let's add an MMIO
platform device that we can use in embedded arm environments.

Signed-off-by: Alexander Graf <graf@amazon.com>
---
 hw/misc/Kconfig           |  4 +++
 hw/misc/meson.build       |  1 +
 hw/misc/pvpanic-mmio.c    | 66 +++++++++++++++++++++++++++++++++++++++
 include/hw/misc/pvpanic.h |  1 +
 4 files changed, 72 insertions(+)
 create mode 100644 hw/misc/pvpanic-mmio.c

diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
index e4c2149175..21913ef191 100644
--- a/hw/misc/Kconfig
+++ b/hw/misc/Kconfig
@@ -125,6 +125,10 @@ config PVPANIC_ISA
     depends on ISA_BUS
     select PVPANIC_COMMON
 
+config PVPANIC_MMIO
+    bool
+    select PVPANIC_COMMON
+
 config AUX
     bool
     select I2C
diff --git a/hw/misc/meson.build b/hw/misc/meson.build
index 78ca857c9d..b935e74d51 100644
--- a/hw/misc/meson.build
+++ b/hw/misc/meson.build
@@ -115,6 +115,7 @@ softmmu_ss.add(when: 'CONFIG_ARMSSE_MHU', if_true: files('armsse-mhu.c'))
 
 softmmu_ss.add(when: 'CONFIG_PVPANIC_ISA', if_true: files('pvpanic-isa.c'))
 softmmu_ss.add(when: 'CONFIG_PVPANIC_PCI', if_true: files('pvpanic-pci.c'))
+softmmu_ss.add(when: 'CONFIG_PVPANIC_MMIO', if_true: files('pvpanic-mmio.c'))
 softmmu_ss.add(when: 'CONFIG_AUX', if_true: files('auxbus.c'))
 softmmu_ss.add(when: 'CONFIG_ASPEED_SOC', if_true: files(
   'aspeed_hace.c',
diff --git a/hw/misc/pvpanic-mmio.c b/hw/misc/pvpanic-mmio.c
new file mode 100644
index 0000000000..aebe7227e6
--- /dev/null
+++ b/hw/misc/pvpanic-mmio.c
@@ -0,0 +1,66 @@
+/*
+ * QEMU simulated pvpanic device (MMIO frontend)
+ *
+ * Copyright © 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/module.h"
+#include "sysemu/runstate.h"
+
+#include "hw/nvram/fw_cfg.h"
+#include "hw/qdev-properties.h"
+#include "hw/misc/pvpanic.h"
+#include "qom/object.h"
+#include "hw/isa/isa.h"
+#include "standard-headers/linux/pvpanic.h"
+
+OBJECT_DECLARE_SIMPLE_TYPE(PVPanicMMIOState, PVPANIC_MMIO_DEVICE)
+
+#define PVPANIC_MMIO_SIZE 0x2
+
+struct PVPanicMMIOState {
+    SysBusDevice parent_obj;
+
+    PVPanicState pvpanic;
+};
+
+static void pvpanic_mmio_initfn(Object *obj)
+{
+    PVPanicMMIOState *s = PVPANIC_MMIO_DEVICE(obj);
+
+    pvpanic_setup_io(&s->pvpanic, DEVICE(s), PVPANIC_MMIO_SIZE);
+    sysbus_init_mmio(SYS_BUS_DEVICE(obj), &s->pvpanic.mr);
+}
+
+static Property pvpanic_mmio_properties[] = {
+    DEFINE_PROP_UINT8("events", PVPanicMMIOState, pvpanic.events,
+                      PVPANIC_PANICKED | PVPANIC_CRASH_LOADED),
+    DEFINE_PROP_END_OF_LIST(),
+};
+
+static void pvpanic_mmio_class_init(ObjectClass *klass, void *data)
+{
+    DeviceClass *dc = DEVICE_CLASS(klass);
+
+    device_class_set_props(dc, pvpanic_mmio_properties);
+    set_bit(DEVICE_CATEGORY_MISC, dc->categories);
+}
+
+static const TypeInfo pvpanic_mmio_info = {
+    .name          = TYPE_PVPANIC_MMIO_DEVICE,
+    .parent        = TYPE_SYS_BUS_DEVICE,
+    .instance_size = sizeof(PVPanicMMIOState),
+    .instance_init = pvpanic_mmio_initfn,
+    .class_init    = pvpanic_mmio_class_init,
+};
+
+static void pvpanic_register_types(void)
+{
+    type_register_static(&pvpanic_mmio_info);
+}
+
+type_init(pvpanic_register_types)
diff --git a/include/hw/misc/pvpanic.h b/include/hw/misc/pvpanic.h
index fab94165d0..f9e7c1ea17 100644
--- a/include/hw/misc/pvpanic.h
+++ b/include/hw/misc/pvpanic.h
@@ -20,6 +20,7 @@
 
 #define TYPE_PVPANIC_ISA_DEVICE "pvpanic"
 #define TYPE_PVPANIC_PCI_DEVICE "pvpanic-pci"
+#define TYPE_PVPANIC_MMIO_DEVICE "pvpanic-mmio"
 
 #define PVPANIC_IOPORT_PROP "ioport"
 
-- 
2.39.2 (Apple Git-143)




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

[PATCH 03/12] hvf: Increase number of possible memory slots

[Alexander Graf]

For PVG we will need more than the current 32 possible memory slots.
Bump the limit to 512 instead.

Signed-off-by: Alexander Graf <graf@amazon.com>
---
 accel/hvf/hvf-accel-ops.c | 2 +-
 include/sysemu/hvf_int.h  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/accel/hvf/hvf-accel-ops.c b/accel/hvf/hvf-accel-ops.c
index 9c3da03c94..bf0caaa852 100644
--- a/accel/hvf/hvf-accel-ops.c
+++ b/accel/hvf/hvf-accel-ops.c
@@ -88,7 +88,7 @@ struct mac_slot {
     uint64_t gva;
 };
 
-struct mac_slot mac_slots[32];
+struct mac_slot mac_slots[512];
 
 static int do_hvf_set_memory(hvf_slot *slot, hv_memory_flags_t flags)
 {
diff --git a/include/sysemu/hvf_int.h b/include/sysemu/hvf_int.h
index 6ab119e49f..c7623a2c09 100644
--- a/include/sysemu/hvf_int.h
+++ b/include/sysemu/hvf_int.h
@@ -40,7 +40,7 @@ typedef struct hvf_vcpu_caps {
 
 struct HVFState {
     AccelState parent;
-    hvf_slot slots[32];
+    hvf_slot slots[512];
     int num_slots;
 
     hvf_vcpu_caps *hvf_caps;
-- 
2.39.2 (Apple Git-143)




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

[PATCH 04/12] hvf: arm: Ignore writes to CNTP_CTL_EL0

[Alexander Graf]

MacOS unconditionally disables interrupts of the physical timer on boot
and then continues to use the virtual one. We don't really want to support
a full physical timer emulation, so let's just ignore those writes.

Signed-off-by: Alexander Graf <graf@amazon.com>
---
 target/arm/hvf/hvf.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
index 8f72624586..0dff63fb5f 100644
--- a/target/arm/hvf/hvf.c
+++ b/target/arm/hvf/hvf.c
@@ -179,6 +179,7 @@ void hvf_arm_init_debug(void)
 #define SYSREG_OSLSR_EL1      SYSREG(2, 0, 1, 1, 4)
 #define SYSREG_OSDLR_EL1      SYSREG(2, 0, 1, 3, 4)
 #define SYSREG_CNTPCT_EL0     SYSREG(3, 3, 14, 0, 1)
+#define SYSREG_CNTP_CTL_EL0   SYSREG(3, 3, 14, 2, 1)
 #define SYSREG_PMCR_EL0       SYSREG(3, 3, 9, 12, 0)
 #define SYSREG_PMUSERENR_EL0  SYSREG(3, 3, 9, 14, 0)
 #define SYSREG_PMCNTENSET_EL0 SYSREG(3, 3, 9, 12, 1)
@@ -1551,6 +1552,12 @@ static int hvf_sysreg_write(CPUState *cpu, uint32_t reg, uint64_t val)
     case SYSREG_OSLAR_EL1:
         env->cp15.oslsr_el1 = val & 1;
         break;
+    case SYSREG_CNTP_CTL_EL0:
+        /*
+         * Guests should not rely on the physical counter, but macOS emits
+         * disable writes to it. Let it do so, but ignore the requests.
+         */
+        break;
     case SYSREG_OSDLR_EL1:
         /* Dummy register */
         break;
-- 
2.39.2 (Apple Git-143)




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Re: [PATCH 02/12] hw/misc/pvpanic: Add MMIO interface

[Philippe Mathieu-Daudé]

On 15/6/23 00:40, Alexander Graf wrote:
> In addition to the ISA and PCI variants of pvpanic, let's add an MMIO
> platform device that we can use in embedded arm environments.
> 
> Signed-off-by: Alexander Graf <graf@amazon.com>
> ---
>   hw/misc/Kconfig           |  4 +++
>   hw/misc/meson.build       |  1 +
>   hw/misc/pvpanic-mmio.c    | 66 +++++++++++++++++++++++++++++++++++++++
>   include/hw/misc/pvpanic.h |  1 +
>   4 files changed, 72 insertions(+)
>   create mode 100644 hw/misc/pvpanic-mmio.c


> diff --git a/hw/misc/pvpanic-mmio.c b/hw/misc/pvpanic-mmio.c
> new file mode 100644
> index 0000000000..aebe7227e6
> --- /dev/null
> +++ b/hw/misc/pvpanic-mmio.c
> @@ -0,0 +1,66 @@
> +/*
> + * QEMU simulated pvpanic device (MMIO frontend)
> + *
> + * Copyright © 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or later.
> + * See the COPYING file in the top-level directory.

Preferably SPDX tag.

> + */
> +
> +#include "qemu/osdep.h"
> +#include "qemu/module.h"

Unused header.

> +#include "sysemu/runstate.h"
> +
> +#include "hw/nvram/fw_cfg.h"

Ditto.

> +#include "hw/qdev-properties.h"
> +#include "hw/misc/pvpanic.h"
> +#include "qom/object.h"

Ditto.

> +#include "hw/isa/isa.h"

Ditto.

> +#include "standard-headers/linux/pvpanic.h"
> +
> +OBJECT_DECLARE_SIMPLE_TYPE(PVPanicMMIOState, PVPANIC_MMIO_DEVICE)
> +
> +#define PVPANIC_MMIO_SIZE 0x2
> +
> +struct PVPanicMMIOState {
> +    SysBusDevice parent_obj;

Mising "sysbus.h"

> +
> +    PVPanicState pvpanic;
> +};

This worked for me:

-- >8 --
--- a/hw/misc/pvpanic-mmio.c
+++ b/hw/misc/pvpanic-mmio.c
@@ -3,19 +3,13 @@
   *
   * Copyright © 2023 Amazon.com, Inc. or its affiliates. All Rights 
Reserved.
   *
- * This work is licensed under the terms of the GNU GPL, version 2 or 
later.
- * See the COPYING file in the top-level directory.
+ * SPDX-License-Identifier: GPL-2.0-or-later
   */

  #include "qemu/osdep.h"
-#include "qemu/module.h"
-#include "sysemu/runstate.h"
-
-#include "hw/nvram/fw_cfg.h"
  #include "hw/qdev-properties.h"
  #include "hw/misc/pvpanic.h"
-#include "qom/object.h"
-#include "hw/isa/isa.h"
+#include "hw/sysbus.h"
  #include "standard-headers/linux/pvpanic.h"
---

Fixing the includes:

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Re: [PATCH 03/12] hvf: Increase number of possible memory slots

[Philippe Mathieu-Daudé]

On 15/6/23 00:40, Alexander Graf wrote:
> For PVG we will need more than the current 32 possible memory slots.
> Bump the limit to 512 instead.
> 
> Signed-off-by: Alexander Graf <graf@amazon.com>
> ---
>   accel/hvf/hvf-accel-ops.c | 2 +-
>   include/sysemu/hvf_int.h  | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/accel/hvf/hvf-accel-ops.c b/accel/hvf/hvf-accel-ops.c
> index 9c3da03c94..bf0caaa852 100644
> --- a/accel/hvf/hvf-accel-ops.c
> +++ b/accel/hvf/hvf-accel-ops.c
> @@ -88,7 +88,7 @@ struct mac_slot {
>       uint64_t gva;
>   };
>   
> -struct mac_slot mac_slots[32];
> +struct mac_slot mac_slots[512];
>   
>   static int do_hvf_set_memory(hvf_slot *slot, hv_memory_flags_t flags)
>   {
> diff --git a/include/sysemu/hvf_int.h b/include/sysemu/hvf_int.h
> index 6ab119e49f..c7623a2c09 100644
> --- a/include/sysemu/hvf_int.h
> +++ b/include/sysemu/hvf_int.h
> @@ -40,7 +40,7 @@ typedef struct hvf_vcpu_caps {
>   
>   struct HVFState {
>       AccelState parent;
> -    hvf_slot slots[32];
> +    hvf_slot slots[512];
>       int num_slots;
>   
>       hvf_vcpu_caps *hvf_caps;

Please add a definition in this header (using in ops.c).

In order to save memory and woods, what about keeping
32 on x86 and only raising to 512 on arm?

Re: [PATCH 00/12] Introduce new vmapple machine type

[Mads Ynddal]

> On 15 Jun 2023, at 00.40, Alexander Graf <graf@amazon.com> wrote:
> 
> This patch set introduces a new ARM and HVF specific machine type
> called "vmapple". It mimicks the device model that Apple's proprietary
> Virtualization.Framework exposes, but implements it in QEMU.
> 
> With this new machine type, you can run macOS guests on Apple Silicon
> systems via HVF. To do so, you need to first install macOS using
> Virtualization.Framework onto a virtual disk image using a tool like
> macosvm (https://github.com/s-u/macosvm)
> 
>  $ macosvm --disk disk.img,size=32g --aux aux.img \
>            --restore UniversalMac_12.0.1_21A559_Restore.ipsw vm.json
> 
> Then, extract the ECID from the installed VM:
> 
>  $ cat "$DIR/macosvm.json" | python3 -c                                 \
>  'import json,sys;obj=json.load(sys.stdin);print(obj["machineId"]) |    \
>  base64 -d | plutil -extract ECID raw -

Beware, that the file will be called 'vm.json' and DIR is undefined following
the previous line. Also, it's missing a single-quote at the end of
`["machineId"])`.

> In addition, cut off the first 16kb of the aux.img:
> 
>  $ dd if=aux.img of=aux.img.trimmed bs=$(( 0x4000 )) skip=1
> 
> Now, you can just launch QEMU with the bits generated above:
> 
>  $ qemu-system-aarch64 -serial mon:stdio                                \
>  -m 4G                                                                  \
>  -M vmapple,uuid=6240349656165161789                                    \
>  -bios /Sys*/Lib*/Fra*/Virtualization.f*/R*/AVPBooter.vmapple2.bin      \
>  -pflash aux.img.trimmed                                                \
>  -pflash disk.img                                                       \
>  -drive file=disk.img,if=none,id=root                                   \
>  -device virtio-blk-pci,drive=root,x-apple-type=1                       \
>  -drive file=aux.img.trimmed,if=none,id=aux                             \
>  -device virtio-blk-pci,drive=aux,x-apple-type=2                        \
>  -accel hvf -no-reboot

Just for clarity, I'd add that the 'vmapple,uuid=...' has to be set to the
ECID the previous step.

You haven't defined a display, but I'm not sure if that is on purpose to
show a minimal setup. I had to add '-display sdl' for it to fully work.

> There are a few limitations with this implementation:
> 
>  - Only runs on macOS because it relies on
>    ParavirtualizesGraphics.Framework
>  - Something is not fully correct on interrupt delivery or
>    similar - the keyboard does not work
>  - No Rosetta in the guest because we lack the private
>    entitlement to enable TSO

Would it be possible to mitigate the keyboard issue using an emulated USB
keyboard? I tried poking around with it, but with no success.

> Over time, I hope that some of the limitations above could cease to exist.
> This device model would enable very nice use cases with KVM on an Asahi
> Linux device.

Re: [PATCH 03/12] hvf: Increase number of possible memory slots

[Alexander Graf]

Hi Philippe,


On 16.06.23 12:28, Philippe Mathieu-Daudé wrote:

>
> On 15/6/23 00:40, Alexander Graf wrote:
>> For PVG we will need more than the current 32 possible memory slots.
>> Bump the limit to 512 instead.
>>
>> Signed-off-by: Alexander Graf <graf@amazon.com>
>> ---
>>   accel/hvf/hvf-accel-ops.c | 2 +-
>>   include/sysemu/hvf_int.h  | 2 +-
>>   2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/accel/hvf/hvf-accel-ops.c b/accel/hvf/hvf-accel-ops.c
>> index 9c3da03c94..bf0caaa852 100644
>> --- a/accel/hvf/hvf-accel-ops.c
>> +++ b/accel/hvf/hvf-accel-ops.c
>> @@ -88,7 +88,7 @@ struct mac_slot {
>>       uint64_t gva;
>>   };
>>
>> -struct mac_slot mac_slots[32];
>> +struct mac_slot mac_slots[512];
>>
>>   static int do_hvf_set_memory(hvf_slot *slot, hv_memory_flags_t flags)
>>   {
>> diff --git a/include/sysemu/hvf_int.h b/include/sysemu/hvf_int.h
>> index 6ab119e49f..c7623a2c09 100644
>> --- a/include/sysemu/hvf_int.h
>> +++ b/include/sysemu/hvf_int.h
>> @@ -40,7 +40,7 @@ typedef struct hvf_vcpu_caps {
>>
>>   struct HVFState {
>>       AccelState parent;
>> -    hvf_slot slots[32];
>> +    hvf_slot slots[512];
>>       int num_slots;
>>
>>       hvf_vcpu_caps *hvf_caps;
>
> Please add a definition in this header (using in ops.c).


Happy to :)


>
> In order to save memory and woods, what about keeping
> 32 on x86 and only raising to 512 on arm?


I am hoping that someone takes the apple-gfx driver and enables it for 
x86 as well, so I'd rather keep them consistent.

Alex




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879

Re: [PATCH 00/12] Introduce new vmapple machine type

[Alexander Graf]

Hi Mads,


On 20.06.23 13:17, Mads Ynddal wrote:

>
>> On 15 Jun 2023, at 00.40, Alexander Graf <graf@amazon.com> wrote:
>>
>> This patch set introduces a new ARM and HVF specific machine type
>> called "vmapple". It mimicks the device model that Apple's proprietary
>> Virtualization.Framework exposes, but implements it in QEMU.
>>
>> With this new machine type, you can run macOS guests on Apple Silicon
>> systems via HVF. To do so, you need to first install macOS using
>> Virtualization.Framework onto a virtual disk image using a tool like
>> macosvm (https://github.com/s-u/macosvm)
>>
>>   $ macosvm --disk disk.img,size=32g --aux aux.img \
>>             --restore UniversalMac_12.0.1_21A559_Restore.ipsw vm.json
>>
>> Then, extract the ECID from the installed VM:
>>
>>   $ cat "$DIR/macosvm.json" | python3 -c                                 \
>>   'import json,sys;obj=json.load(sys.stdin);print(obj["machineId"]) |    \
>>   base64 -d | plutil -extract ECID raw -
> Beware, that the file will be called 'vm.json' and DIR is undefined following
> the previous line. Also, it's missing a single-quote at the end of
> `["machineId"])`.


Thanks :)


>
>> In addition, cut off the first 16kb of the aux.img:
>>
>>   $ dd if=aux.img of=aux.img.trimmed bs=$(( 0x4000 )) skip=1
>>
>> Now, you can just launch QEMU with the bits generated above:
>>
>>   $ qemu-system-aarch64 -serial mon:stdio                                \
>>   -m 4G                                                                  \
>>   -M vmapple,uuid=6240349656165161789                                    \
>>   -bios /Sys*/Lib*/Fra*/Virtualization.f*/R*/AVPBooter.vmapple2.bin      \
>>   -pflash aux.img.trimmed                                                \
>>   -pflash disk.img                                                       \
>>   -drive file=disk.img,if=none,id=root                                   \
>>   -device virtio-blk-pci,drive=root,x-apple-type=1                       \
>>   -drive file=aux.img.trimmed,if=none,id=aux                             \
>>   -device virtio-blk-pci,drive=aux,x-apple-type=2                        \
>>   -accel hvf -no-reboot
> Just for clarity, I'd add that the 'vmapple,uuid=...' has to be set to the
> ECID the previous step.
>
> You haven't defined a display, but I'm not sure if that is on purpose to
> show a minimal setup. I had to add '-display sdl' for it to fully work.


Weird, I do get a normal cocoa output screen by default.


>
>> There are a few limitations with this implementation:
>>
>>   - Only runs on macOS because it relies on
>>     ParavirtualizesGraphics.Framework
>>   - Something is not fully correct on interrupt delivery or
>>     similar - the keyboard does not work
>>   - No Rosetta in the guest because we lack the private
>>     entitlement to enable TSO
> Would it be possible to mitigate the keyboard issue using an emulated USB
> keyboard? I tried poking around with it, but with no success.


Unfortunately I was not able to get USB stable inside the guest. This 
may be an issue with interrupt propagation: With usb-kbd I see macOS not 
pick up key up or down events in time.


Alex





Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879