[RFC PATCH v7 0/7] vmapple: making it work on the latest macOS host releases

[RFC PATCH v7 0/7] vmapple: making it work on the latest macOS host releases

[Mohamed Mediouni]

v7:

Support for newer guest OSes.

Added not mergable patch for private ISA enablement.

Not grabbing a memory reference and still using flatview_for_each_range
for this one, which works fine as live migration is disallowed anyway.

v6:
Rework the patches a bit, with making sure that there's no compiler warnings

v5:
Address review comments and rebase.

v4:
Rebase and resend without the RFC tag as I didn't get feedback.
Drop patch 1 (version I posted was incomplete anyways). Last patch isn't worth it too tbh.

v2->v3:
Remove the Apple M4 support workaround part for now, to be part of another patchset perhaps
Address comments

v1->v2:
Remove some lines that shouldn't have been present...

Mohamed Mediouni (7):
  vmapple: apple-gfx: make it work on the latest macOS release
  hw/vmapple: aes: convert MAX_LEN to a #define
  vmapple: declare it as an AArch64-compatible machine
  Revert "hw/arm: Do not build VMapple machine by default"
  vmapple: add gicv2m
  vmapple, gicv2m: add macOS compat quirk
  hvf: do not merge: enable private ISA

 accel/hvf/entitlements.plist                |  2 +-
 configs/devices/aarch64-softmmu/default.mak |  1 -
 hw/display/apple-gfx-mmio.m                 | 59 ++++++++++++++++-----
 hw/display/apple-gfx.h                      | 16 ++++++
 hw/display/apple-gfx.m                      | 41 +++++++++++++-
 hw/intc/arm_gicv2m.c                        |  5 ++
 hw/vmapple/aes.c                            |  3 +-
 hw/vmapple/vmapple.c                        | 27 ++++++++++
 target/arm/hvf/hvf.c                        |  8 +++
 9 files changed, 144 insertions(+), 18 deletions(-)

-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 1/7] vmapple: apple-gfx: make it work on the latest macOS release

[Mohamed Mediouni]

Follow changes in memory management introduced on macOS 15.4.

The legacy memory management API has been removed for the IOSurface mapper on that macOS version.

Also enable process isolation for a sandboxed GPU process when on a new OS.

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 hw/display/apple-gfx-mmio.m | 59 ++++++++++++++++++++++++++++---------
 hw/display/apple-gfx.h      | 16 ++++++++++
 hw/display/apple-gfx.m      | 41 +++++++++++++++++++++++++-
 3 files changed, 101 insertions(+), 15 deletions(-)

diff --git a/hw/display/apple-gfx-mmio.m b/hw/display/apple-gfx-mmio.m
index 58beaadd1f..cc1f8cfcad 100644
--- a/hw/display/apple-gfx-mmio.m
+++ b/hw/display/apple-gfx-mmio.m
@@ -19,6 +19,7 @@
 #include "hw/core/irq.h"
 #include "apple-gfx.h"
 #include "trace.h"
+#include "system/address-spaces.h"
 
 #import <ParavirtualizedGraphics/ParavirtualizedGraphics.h>
 
@@ -36,12 +37,19 @@ typedef bool(^IOSFCMapMemory)(uint64_t phys, uint64_t len, bool ro, void **va,
 
 @interface PGDeviceDescriptor (IOSurfaceMapper)
 @property (readwrite, nonatomic) bool usingIOSurfaceMapper;
+@property (readwrite, nonatomic) bool enableArgumentBuffers;
+@property (readwrite, nonatomic) bool enableProcessIsolation;
+@property (readwrite, nonatomic) bool enableProtectedContent;
+
+@property (readwrite, nonatomic, copy, nullable) PGMemoryMapDescriptor* memoryMapDescriptor;
 @end
 
 @interface PGIOSurfaceHostDeviceDescriptor : NSObject
 -(PGIOSurfaceHostDeviceDescriptor *)init;
 @property (readwrite, nonatomic, copy, nullable) IOSFCMapMemory mapMemory;
 @property (readwrite, nonatomic, copy, nullable) IOSFCUnmapMemory unmapMemory;
+@property (readwrite, nonatomic, copy, nullable) PGMemoryMapDescriptor* memoryMapDescriptor;
+@property (readwrite, nonatomic) unsigned long long mmioLength;
 @property (readwrite, nonatomic, copy, nullable) IOSFCRaiseInterrupt raiseInterrupt;
 @end
 
@@ -183,19 +191,32 @@ static bool apple_gfx_mmio_unmap_surface_memory(void *ptr)
         [PGIOSurfaceHostDeviceDescriptor new];
     PGIOSurfaceHostDevice *iosfc_host_dev;
 
-    iosfc_desc.mapMemory =
-        ^bool(uint64_t phys, uint64_t len, bool ro, void **va, void *e, void *f) {
-            *va = apple_gfx_mmio_map_surface_memory(phys, len, ro);
-
-            trace_apple_gfx_iosfc_map_memory(phys, len, ro, va, e, f, *va);
-
-            return *va != NULL;
-        };
-
-    iosfc_desc.unmapMemory =
-        ^bool(void *va, void *b, void *c, void *d, void *e, void *f) {
-            return apple_gfx_mmio_unmap_surface_memory(va);
-        };
+    /*
+     * The legacy memory management API is no longer present
+     * for the IOSurface mapper as of macOS 15.4.
+     */
+    if (@available(macOS 15.4, *)) {
+        PGMemoryMapDescriptor *memory_map_descriptor = [PGMemoryMapDescriptor new];
+        FlatView* fv = address_space_to_flatview(&address_space_memory);
+        flatview_for_each_range(fv, apple_gfx_register_memory_cb, memory_map_descriptor);
+        /* the device model defines this as a single-page MMIO region, hence 16KB */
+        iosfc_desc.mmioLength = 0x10000;
+        iosfc_desc.memoryMapDescriptor = memory_map_descriptor;
+    } else {
+        iosfc_desc.mapMemory =
+            ^bool(uint64_t phys, uint64_t len, bool ro, void **va, void *e, void *f) {
+                *va = apple_gfx_mmio_map_surface_memory(phys, len, ro);
+
+                trace_apple_gfx_iosfc_map_memory(phys, len, ro, va, e, f, *va);
+
+                return *va != NULL;
+            };
+
+        iosfc_desc.unmapMemory =
+            ^bool(void *va, void *b, void *c, void *d, void *e, void *f) {
+                return apple_gfx_mmio_unmap_surface_memory(va);
+            };
+    }
 
     iosfc_desc.raiseInterrupt = ^bool(uint32_t vector) {
         trace_apple_gfx_iosfc_raise_irq(vector);
@@ -223,13 +244,23 @@ static void apple_gfx_mmio_realize(DeviceState *dev, Error **errp)
         };
 
         desc.usingIOSurfaceMapper = true;
-        s->pgiosfc = apple_gfx_prepare_iosurface_host_device(s);
+        desc.enableArgumentBuffers = true;
+        /* 
+         * Process isolation needs PGMemoryMapDescriptor instead of
+         * the legacy memory management interface present in releases
+         * older than macOS 15.4.
+         */
+        if (@available(macOS 15.4, *)) {
+            desc.enableProcessIsolation = true;
+        }
 
         if (!apple_gfx_common_realize(&s->common, dev, desc, errp)) {
             [s->pgiosfc release];
             s->pgiosfc = nil;
         }
 
+        s->pgiosfc = apple_gfx_prepare_iosurface_host_device(s);
+
         [desc release];
         desc = nil;
     }
diff --git a/hw/display/apple-gfx.h b/hw/display/apple-gfx.h
index 3197bd853d..384aee0c5f 100644
--- a/hw/display/apple-gfx.h
+++ b/hw/display/apple-gfx.h
@@ -12,6 +12,7 @@
 #include "system/memory.h"
 #include "hw/core/qdev-properties.h"
 #include "ui/surface.h"
+#include "objc/NSObject.h"
 
 #define TYPE_APPLE_GFX_MMIO         "apple-gfx-mmio"
 #define TYPE_APPLE_GFX_PCI          "apple-gfx-pci"
@@ -23,6 +24,17 @@
 @protocol MTLTexture;
 @protocol MTLCommandQueue;
 
+typedef struct PGGuestPhysicalRange_s
+{
+    uint64_t physicalAddress;
+    uint64_t physicalLength;
+    void *hostAddress;
+} PGGuestPhysicalRange_t;
+
+@interface PGMemoryMapDescriptor : NSObject
+-(void)addRange:(PGGuestPhysicalRange_t) range;
+@end
+
 typedef QTAILQ_HEAD(, PGTask_s) PGTaskList;
 
 typedef struct AppleGFXDisplayMode {
@@ -68,6 +80,10 @@ void *apple_gfx_host_ptr_for_gpa_range(uint64_t guest_physical,
                                        uint64_t length, bool read_only,
                                        MemoryRegion **mapping_in_region);
 
+bool apple_gfx_register_memory_cb(Int128 start, Int128 len,
+                                  const MemoryRegion *mr,
+                                  hwaddr offset_in_region, void *opaque);
+
 extern const PropertyInfo qdev_prop_apple_gfx_display_mode;
 
 #endif
diff --git a/hw/display/apple-gfx.m b/hw/display/apple-gfx.m
index e0a765fcb1..213233084d 100644
--- a/hw/display/apple-gfx.m
+++ b/hw/display/apple-gfx.m
@@ -21,6 +21,7 @@
 #include "system/address-spaces.h"
 #include "system/dma.h"
 #include "migration/blocker.h"
+#include "system/memory.h"
 #include "ui/console.h"
 #include "apple-gfx.h"
 #include "trace.h"
@@ -596,6 +597,35 @@ void apple_gfx_common_init(Object *obj, AppleGFXState *s, const char* obj_name)
     /* TODO: PVG framework supports serialising device state: integrate it! */
 }
 
+@interface PGDeviceDescriptor (IOSurfaceMapper)
+@property (readwrite, nonatomic, copy, nullable) PGMemoryMapDescriptor* memoryMapDescriptor;
+@end
+
+bool apple_gfx_register_memory_cb(Int128 start, Int128 len,
+                                  const MemoryRegion *mr,
+                                  hwaddr offset_in_region, void *opaque) {
+    PGGuestPhysicalRange_t range;
+    PGMemoryMapDescriptor *memory_map_descriptor = opaque;
+    if (memory_access_is_direct(mr, true, MEMTXATTRS_UNSPECIFIED)) {
+        range.physicalAddress = start;
+        range.physicalLength = len;
+        range.hostAddress = memory_region_get_ram_ptr(mr);
+        [memory_map_descriptor addRange:range];
+    }
+    return false;
+}
+
+static void apple_gfx_register_memory(AppleGFXState *s,
+                                                     PGDeviceDescriptor *desc)
+{
+    PGMemoryMapDescriptor* memoryMapDescriptor = [PGMemoryMapDescriptor new];
+
+    FlatView* fv = address_space_to_flatview(&address_space_memory);
+    flatview_for_each_range(fv, apple_gfx_register_memory_cb, memoryMapDescriptor);
+
+    desc.memoryMapDescriptor = memoryMapDescriptor;
+}
+
 static void apple_gfx_register_task_mapping_handlers(AppleGFXState *s,
                                                      PGDeviceDescriptor *desc)
 {
@@ -763,7 +793,16 @@ bool apple_gfx_common_realize(AppleGFXState *s, DeviceState *dev,
 
     desc.device = s->mtl;
 
-    apple_gfx_register_task_mapping_handlers(s, desc);
+    /* 
+     * The legacy memory management interface doesn't allow for
+     * vGPU sandboxing. As such, always use the new interface
+     * on macOS 15.4 onwards. 
+     */
+    if (@available(macOS 15.4, *)) {
+        apple_gfx_register_memory(s, desc);
+    } else {
+        apple_gfx_register_task_mapping_handlers(s, desc);
+    }
 
     s->cursor_show = true;
 
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 2/7] hw/vmapple: aes: convert MAX_LEN to a #define

[Mohamed Mediouni]

Working around this compiler warning:

../hw/vmapple/aes.c:257:14: warning: variable length array folded to constant array as an extension [-Wgnu-folding-constant]
  257 |     char hex[MAX_LEN * 2 + 1] = "";
      |              ^~~~~~~~~~~~~~~
1 warning generated.

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 hw/vmapple/aes.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/vmapple/aes.c b/hw/vmapple/aes.c
index 553e688adb..9d062d5a7f 100644
--- a/hw/vmapple/aes.c
+++ b/hw/vmapple/aes.c
@@ -253,7 +253,7 @@ static bool cmd_iv(AESState *s)
 
 static void dump_data(const char *desc, const void *p, size_t len)
 {
-    static const size_t MAX_LEN = 0x1000;
+#define MAX_LEN  0x1000
     char hex[MAX_LEN * 2 + 1] = "";
 
     if (len > MAX_LEN) {
@@ -262,6 +262,7 @@ static void dump_data(const char *desc, const void *p, size_t len)
 
     qemu_hexdump_to_buffer(hex, sizeof(hex), p, len);
     trace_aes_dump_data(desc, hex);
+#undef MAX_LEN
 }
 
 static bool cmd_data(AESState *s)
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 3/7] vmapple: declare it as an AArch64-compatible machine

[Mohamed Mediouni]

.interfaces = aarch64_machine_interfaces is expected for
AArch64 machines now. Consider vmapple as an AArch64-only
machine

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 hw/vmapple/vmapple.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/vmapple/vmapple.c b/hw/vmapple/vmapple.c
index b1379eafef..48d1ebc7d1 100644
--- a/hw/vmapple/vmapple.c
+++ b/hw/vmapple/vmapple.c
@@ -32,6 +32,7 @@
 #include "hw/core/sysbus.h"
 #include "hw/usb/usb.h"
 #include "hw/arm/boot.h"
+#include "hw/arm/machines-qom.h"
 #include "hw/arm/primecell.h"
 #include "hw/char/pl011.h"
 #include "hw/intc/arm_gic.h"
@@ -610,6 +611,7 @@ static const TypeInfo vmapple_machine_info = {
     .instance_size = sizeof(VMAppleMachineState),
     .class_init    = vmapple_machine_class_init,
     .instance_init = vmapple_instance_init,
+    .interfaces    = aarch64_machine_interfaces
 };
 
 static void machvmapple_machine_init(void)
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 4/7] Revert "hw/arm: Do not build VMapple machine by default"

[Mohamed Mediouni]

The vmapple virtual machine is now functional on newer macOS host releases.
Revert commit 49551752e860f5e403cdacac11ee1d218141fd3d.

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 configs/devices/aarch64-softmmu/default.mak | 1 -
 1 file changed, 1 deletion(-)

diff --git a/configs/devices/aarch64-softmmu/default.mak b/configs/devices/aarch64-softmmu/default.mak
index ad8028cfd4..93f4022ad6 100644
--- a/configs/devices/aarch64-softmmu/default.mak
+++ b/configs/devices/aarch64-softmmu/default.mak
@@ -9,4 +9,3 @@ include ../arm-softmmu/default.mak
 # CONFIG_XLNX_VERSAL=n
 # CONFIG_SBSA_REF=n
 # CONFIG_NPCM8XX=n
-CONFIG_VMAPPLE=n
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 5/7] vmapple: add gicv2m

[Mohamed Mediouni]

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 hw/vmapple/vmapple.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/hw/vmapple/vmapple.c b/hw/vmapple/vmapple.c
index 48d1ebc7d1..f2a6fda2e5 100644
--- a/hw/vmapple/vmapple.c
+++ b/hw/vmapple/vmapple.c
@@ -84,6 +84,7 @@ enum {
     VMAPPLE_MEM,
     VMAPPLE_GIC_DIST,
     VMAPPLE_GIC_REDIST,
+    VMAPPLE_GICV2M,
     VMAPPLE_UART,
     VMAPPLE_RTC,
     VMAPPLE_PCIE,
@@ -105,6 +106,7 @@ static const MemMapEntry memmap[] = {
 
     [VMAPPLE_GIC_DIST] =           { 0x10000000, 0x00010000 },
     [VMAPPLE_GIC_REDIST] =         { 0x10010000, 0x00400000 },
+    [VMAPPLE_GICV2M] =             { 0x1FFF0000, 0x00010000 },
 
     [VMAPPLE_UART] =               { 0x20010000, 0x00010000 },
     [VMAPPLE_RTC] =                { 0x20050000, 0x00001000 },
@@ -130,6 +132,7 @@ static const int irqmap[] = {
     [VMAPPLE_APV_GFX] = 0x11,
     [VMAPPLE_AES_1] = 0x12,
     [VMAPPLE_PCIE] = 0x20,
+    [VMAPPLE_GICV2M] = 0x80
 };
 
 #define GPEX_NUM_IRQS 16
@@ -287,6 +290,26 @@ static void create_gic(VMAppleMachineState *vms, MemoryRegion *mem)
     }
 }
 
+#define NUM_GICV2M_SPIS       128
+
+static void create_gicv2m(VMAppleMachineState *vms)
+{
+    int i;
+    int irq = vms->irqmap[VMAPPLE_GICV2M];
+    DeviceState *dev;
+
+    dev = qdev_new("arm-gicv2m");
+    qdev_prop_set_uint32(dev, "base-spi", irq);
+    qdev_prop_set_uint32(dev, "num-spi", NUM_GICV2M_SPIS);
+    sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
+    sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, vms->memmap[VMAPPLE_GICV2M].base);
+
+    for (i = 0; i < NUM_GICV2M_SPIS; i++) {
+        sysbus_connect_irq(SYS_BUS_DEVICE(dev), i,
+                           qdev_get_gpio_in(vms->gic, irq + i));
+    }
+}
+
 static void create_uart(const VMAppleMachineState *vms, int uart,
                         MemoryRegion *mem, Chardev *chr)
 {
@@ -497,6 +520,7 @@ static void mach_vmapple_init(MachineState *machine)
                                 machine->ram);
 
     create_gic(vms, sysmem);
+    create_gicv2m(vms);
     create_bdif(vms, sysmem);
     create_pvpanic(vms, sysmem);
     create_aes(vms, sysmem);
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 6/7] vmapple, gicv2m: add macOS compat quirk

[Mohamed Mediouni]

macOS expects bit 31 of MSI_TYPER to be set.

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 hw/intc/arm_gicv2m.c | 5 +++++
 hw/vmapple/vmapple.c | 1 +
 2 files changed, 6 insertions(+)

diff --git a/hw/intc/arm_gicv2m.c b/hw/intc/arm_gicv2m.c
index b343e17ca5..ead1d9d079 100644
--- a/hw/intc/arm_gicv2m.c
+++ b/hw/intc/arm_gicv2m.c
@@ -57,6 +57,7 @@ struct ARMGICv2mState {
 
     uint32_t base_spi;
     uint32_t num_spi;
+    uint32_t macos_compat;
 };
 
 static void gicv2m_set_irq(void *opaque, int irq)
@@ -81,6 +82,9 @@ static uint64_t gicv2m_read(void *opaque, hwaddr offset,
     case V2M_MSI_TYPER:
         val = (s->base_spi + 32) << 16;
         val |= s->num_spi;
+        if (s->macos_compat) {
+            val |= BIT(31);
+        }
         return val;
     case V2M_MSI_IIDR:
         /* We don't have any valid implementor so we leave that field as zero
@@ -173,6 +177,7 @@ static void gicv2m_init(Object *obj)
 static const Property gicv2m_properties[] = {
     DEFINE_PROP_UINT32("base-spi", ARMGICv2mState, base_spi, 0),
     DEFINE_PROP_UINT32("num-spi", ARMGICv2mState, num_spi, 64),
+    DEFINE_PROP_UINT32("macos-compat", ARMGICv2mState, macos_compat, 0),
 };
 
 static void gicv2m_class_init(ObjectClass *klass, const void *data)
diff --git a/hw/vmapple/vmapple.c b/hw/vmapple/vmapple.c
index f2a6fda2e5..e68b623c5b 100644
--- a/hw/vmapple/vmapple.c
+++ b/hw/vmapple/vmapple.c
@@ -301,6 +301,7 @@ static void create_gicv2m(VMAppleMachineState *vms)
     dev = qdev_new("arm-gicv2m");
     qdev_prop_set_uint32(dev, "base-spi", irq);
     qdev_prop_set_uint32(dev, "num-spi", NUM_GICV2M_SPIS);
+    qdev_prop_set_uint32(dev, "macos-compat", 1);
     sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal);
     sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, vms->memmap[VMAPPLE_GICV2M].base);
 
-- 
2.50.1 (Apple Git-155)

[RFC PATCH v7 7/7] hvf: do not merge: enable private ISA

[Mohamed Mediouni]

Booting macOS Tahoe.

There in the series to show that's all it takes, but not
mergable as is. Testing this requires SIP to be disabled
and AMFI to be bypassed to be able to launch the executable.

Note that macOS Tahoe uses ISV=0, and the corresponding series
is needed too.

The script to do so:
https://gist.githubusercontent.com/zhaofengli/1df11ae3f0dd4e2c872a12ef849f7371/raw/b0ef43f2168600e8810d35a3e70d9a1eb39929e2/amfid-allow.py

Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
---
 accel/hvf/entitlements.plist | 2 +-
 target/arm/hvf/hvf.c         | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/accel/hvf/entitlements.plist b/accel/hvf/entitlements.plist
index 154f3308ef..b1a25a2319 100644
--- a/accel/hvf/entitlements.plist
+++ b/accel/hvf/entitlements.plist
@@ -2,7 +2,7 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 <dict>
-    <key>com.apple.security.hypervisor</key>
+    <key>com.apple.private.hypervisor</key>
     <true/>
 </dict>
 </plist>
diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
index 000e54bd16..5d23aa8ae4 100644
--- a/target/arm/hvf/hvf.c
+++ b/target/arm/hvf/hvf.c
@@ -1219,6 +1219,8 @@ void hvf_arch_vcpu_destroy(CPUState *cpu)
     assert_hvf_ok(ret);
 }
 
+hv_return_t _hv_vm_config_set_isa(hv_vm_config_t cfg, int isa);
+
 hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
 {
     hv_return_t ret;
@@ -1230,6 +1232,12 @@ hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
     }
     chosen_ipa_bit_size = pa_range;
 
+    ret = _hv_vm_config_set_isa(config, 3);
+    if (ret != HV_SUCCESS) {
+        error_report("error setting private ISA");
+        goto cleanup;
+    }
+
     ret = hv_vm_create(config);
 
 cleanup:
-- 
2.50.1 (Apple Git-155)

Re: [RFC PATCH v7 3/7] vmapple: declare it as an AArch64-compatible machine

[Philippe Mathieu-Daudé]

On 24/3/26 21:48, Mohamed Mediouni wrote:
> .interfaces = aarch64_machine_interfaces is expected for
> AArch64 machines now. Consider vmapple as an AArch64-only
> machine
> 
> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
> ---
>   hw/vmapple/vmapple.c | 2 ++
>   1 file changed, 2 insertions(+)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Re: [RFC PATCH v7 6/7] vmapple, gicv2m: add macOS compat quirk

[Philippe Mathieu-Daudé]

On 24/3/26 21:48, Mohamed Mediouni wrote:
> macOS expects bit 31 of MSI_TYPER to be set.
> 
> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
> ---
>   hw/intc/arm_gicv2m.c | 5 +++++
>   hw/vmapple/vmapple.c | 1 +
>   2 files changed, 6 insertions(+)


>   static void gicv2m_set_irq(void *opaque, int irq)
> @@ -81,6 +82,9 @@ static uint64_t gicv2m_read(void *opaque, hwaddr offset,
>       case V2M_MSI_TYPER:
>           val = (s->base_spi + 32) << 16;
>           val |= s->num_spi;
> +        if (s->macos_compat) {
> +            val |= BIT(31);
> +        }
>           return val;
>       case V2M_MSI_IIDR:
>           /* We don't have any valid implementor so we leave that field as zero
> @@ -173,6 +177,7 @@ static void gicv2m_init(Object *obj)
>   static const Property gicv2m_properties[] = {
>       DEFINE_PROP_UINT32("base-spi", ARMGICv2mState, base_spi, 0),
>       DEFINE_PROP_UINT32("num-spi", ARMGICv2mState, num_spi, 64),
> +    DEFINE_PROP_UINT32("macos-compat", ARMGICv2mState, macos_compat, 0),

DEFINE_PROP_BOOL("x-macos-compat")?

>   };

Re: [RFC PATCH v7 7/7] hvf: do not merge: enable private ISA

[Akihiko Odaki]

On 2026/03/25 5:48, Mohamed Mediouni wrote:
> Booting macOS Tahoe.
> 
> There in the series to show that's all it takes, but not
> mergable as is. Testing this requires SIP to be disabled
> and AMFI to be bypassed to be able to launch the executable.


This is interesting. Do you have any idea what is the private ISA?

Regards,
Akihiko Odaki

> 
> Note that macOS Tahoe uses ISV=0, and the corresponding series
> is needed too.
> 
> The script to do so:
> https://gist.githubusercontent.com/zhaofengli/1df11ae3f0dd4e2c872a12ef849f7371/raw/b0ef43f2168600e8810d35a3e70d9a1eb39929e2/amfid-allow.py
> 
> Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
> ---
>   accel/hvf/entitlements.plist | 2 +-
>   target/arm/hvf/hvf.c         | 8 ++++++++
>   2 files changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/accel/hvf/entitlements.plist b/accel/hvf/entitlements.plist
> index 154f3308ef..b1a25a2319 100644
> --- a/accel/hvf/entitlements.plist
> +++ b/accel/hvf/entitlements.plist
> @@ -2,7 +2,7 @@
>   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
>   <plist version="1.0">
>   <dict>
> -    <key>com.apple.security.hypervisor</key>
> +    <key>com.apple.private.hypervisor</key>
>       <true/>
>   </dict>
>   </plist>
> diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
> index 000e54bd16..5d23aa8ae4 100644
> --- a/target/arm/hvf/hvf.c
> +++ b/target/arm/hvf/hvf.c
> @@ -1219,6 +1219,8 @@ void hvf_arch_vcpu_destroy(CPUState *cpu)
>       assert_hvf_ok(ret);
>   }
>   
> +hv_return_t _hv_vm_config_set_isa(hv_vm_config_t cfg, int isa);
> +
>   hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
>   {
>       hv_return_t ret;
> @@ -1230,6 +1232,12 @@ hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
>       }
>       chosen_ipa_bit_size = pa_range;
>   
> +    ret = _hv_vm_config_set_isa(config, 3);
> +    if (ret != HV_SUCCESS) {
> +        error_report("error setting private ISA");
> +        goto cleanup;
> +    }
> +
>       ret = hv_vm_create(config);
>   
>   cleanup:

Re: [RFC PATCH v7 0/7] vmapple: making it work on the latest macOS host releases

[Akihiko Odaki]

On 2026/03/25 5:48, Mohamed Mediouni wrote:
> v7:
> 
> Support for newer guest OSes.
> 
> Added not mergable patch for private ISA enablement.
> 
> Not grabbing a memory reference and still using flatview_for_each_range
> for this one, which works fine as live migration is disallowed anyway.

I prefer the other solutions suggested earlier. My preference order:
- Use a listener or change flatview_for_each_range() to remove const.
- Casting away const.
- Avoid grabbing memory references (this version)

Regards,
Akihiko Odaki

> 
> v6:
> Rework the patches a bit, with making sure that there's no compiler warnings
> 
> v5:
> Address review comments and rebase.
> 
> v4:
> Rebase and resend without the RFC tag as I didn't get feedback.
> Drop patch 1 (version I posted was incomplete anyways). Last patch isn't worth it too tbh.
> 
> v2->v3:
> Remove the Apple M4 support workaround part for now, to be part of another patchset perhaps
> Address comments
> 
> v1->v2:
> Remove some lines that shouldn't have been present...
> 
> Mohamed Mediouni (7):
>    vmapple: apple-gfx: make it work on the latest macOS release
>    hw/vmapple: aes: convert MAX_LEN to a #define
>    vmapple: declare it as an AArch64-compatible machine
>    Revert "hw/arm: Do not build VMapple machine by default"
>    vmapple: add gicv2m
>    vmapple, gicv2m: add macOS compat quirk
>    hvf: do not merge: enable private ISA
> 
>   accel/hvf/entitlements.plist                |  2 +-
>   configs/devices/aarch64-softmmu/default.mak |  1 -
>   hw/display/apple-gfx-mmio.m                 | 59 ++++++++++++++++-----
>   hw/display/apple-gfx.h                      | 16 ++++++
>   hw/display/apple-gfx.m                      | 41 +++++++++++++-
>   hw/intc/arm_gicv2m.c                        |  5 ++
>   hw/vmapple/aes.c                            |  3 +-
>   hw/vmapple/vmapple.c                        | 27 ++++++++++
>   target/arm/hvf/hvf.c                        |  8 +++
>   9 files changed, 144 insertions(+), 18 deletions(-)
> 

Re: [RFC PATCH v7 7/7] hvf: do not merge: enable private ISA

[Mohamed Mediouni]

> On 25. Mar 2026, at 12:07, Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> wrote:
> 
> On 2026/03/25 5:48, Mohamed Mediouni wrote:
>> Booting macOS Tahoe.
>> There in the series to show that's all it takes, but not
>> mergable as is. Testing this requires SIP to be disabled
>> and AMFI to be bypassed to be able to launch the executable.
> 
> 
> This is interesting. Do you have any idea what is the private ISA?
> 
> Regards,
> Akihiko Odaki

Hello,

For the macOS vmapple target:

Apple PAC is paravirtualised and not trappable by the VMM without
patching the “hvc #0” to something else.

That’s the only private ISA bit being used there needed for boot.

The documentation for those HVCs:
https://github.com/matteyeux/darwin-xnu/blob/master/doc/vmapple_pac.md

Apple briefly pushed that there, and open-source XNU has that code present.

When private ISA is disabled, instead of the VMM being able to process those
HVCs, they return an error code and the guest dutifully goes into a infinite
loop.

For the vresearch1 target used for PCC VRE and iOS:

Bunch of private ISA used there, including GXF. Private ISA level 3 isn’t
enough to boot those, it wants private ISA level 4.

Thanks,

Re: [RFC PATCH v7 7/7] hvf: do not merge: enable private ISA

[Akihiko Odaki]

On 2026/03/25 20:21, Mohamed Mediouni wrote:
> 
>> On 25. Mar 2026, at 12:07, Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp> wrote:
>>
>> On 2026/03/25 5:48, Mohamed Mediouni wrote:
>>> Booting macOS Tahoe.
>>> There in the series to show that's all it takes, but not
>>> mergable as is. Testing this requires SIP to be disabled
>>> and AMFI to be bypassed to be able to launch the executable.
>>
>>
>> This is interesting. Do you have any idea what is the private ISA?
>>
>> Regards,
>> Akihiko Odaki
> 
> Hello,
> 
> For the macOS vmapple target:
> 
> Apple PAC is paravirtualised and not trappable by the VMM without
> patching the “hvc #0” to something else.
> 
> That’s the only private ISA bit being used there needed for boot.
> 
> The documentation for those HVCs:
> https://github.com/matteyeux/darwin-xnu/blob/master/doc/vmapple_pac.md
> 
> Apple briefly pushed that there, and open-source XNU has that code present.
> 
> When private ISA is disabled, instead of the VMM being able to process those
> HVCs, they return an error code and the guest dutifully goes into a infinite
> loop.
> 
> For the vresearch1 target used for PCC VRE and iOS:
> 
> Bunch of private ISA used there, including GXF. Private ISA level 3 isn’t
> enough to boot those, it wants private ISA level 4.

It’s fascinating to learn about these Apple-specifics. The insight 
regarding the GXF requirement for PCC VRE and iOS is also very 
intriguing. Thanks for sharing the information.

Regards,
Akihiko Odaki