xref: /openbmc/qemu/target/riscv/kvm/kvm-cpu.c (revision 5d7a40b5b280cd82f24a9b4e5f4557e200111030) 
1 /*
2  * RISC-V implementation of KVM hooks
3  *
4  * Copyright (c) 2020 Huawei Technologies Co., Ltd
5  *
6  * This program is free software; you can redistribute it and/or modify it
7  * under the terms and conditions of the GNU General Public License,
8  * version 2 or later, as published by the Free Software Foundation.
9  *
10  * This program is distributed in the hope it will be useful, but WITHOUT
11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
13  * more details.
14  *
15  * You should have received a copy of the GNU General Public License along with
16  * this program.  If not, see <http://www.gnu.org/licenses/>.
17  */
18 
19 #include "qemu/osdep.h"
20 #include <sys/ioctl.h>
21 #include <sys/prctl.h>
22 
23 #include <linux/kvm.h>
24 
25 #include "qemu/timer.h"
26 #include "qapi/error.h"
27 #include "qemu/error-report.h"
28 #include "qemu/main-loop.h"
29 #include "qapi/visitor.h"
30 #include "system/system.h"
31 #include "system/kvm.h"
32 #include "system/kvm_int.h"
33 #include "cpu.h"
34 #include "trace.h"
35 #include "accel/accel-cpu-target.h"
36 #include "hw/pci/pci.h"
37 #include "exec/memattrs.h"
38 #include "system/address-spaces.h"
39 #include "system/memory.h"
40 #include "hw/boards.h"
41 #include "hw/irq.h"
42 #include "hw/intc/riscv_imsic.h"
43 #include "qemu/log.h"
44 #include "hw/loader.h"
45 #include "kvm_riscv.h"
46 #include "sbi_ecall_interface.h"
47 #include "chardev/char-fe.h"
48 #include "migration/misc.h"
49 #include "system/runstate.h"
50 #include "hw/riscv/numa.h"
51 
52 #define PR_RISCV_V_SET_CONTROL            69
53 #define PR_RISCV_V_VSTATE_CTRL_ON          2
54 
55 void riscv_kvm_aplic_request(void *opaque, int irq, int level)
56 {
57     kvm_set_irq(kvm_state, irq, !!level);
58 }
59 
60 static bool cap_has_mp_state;
61 
62 #define KVM_RISCV_REG_ID_U32(type, idx) (KVM_REG_RISCV | KVM_REG_SIZE_U32 | \
63                                          type | idx)
64 
65 #define KVM_RISCV_REG_ID_U64(type, idx) (KVM_REG_RISCV | KVM_REG_SIZE_U64 | \
66                                          type | idx)
67 
68 #if defined(TARGET_RISCV64)
69 #define KVM_RISCV_REG_ID_ULONG(type, idx) KVM_RISCV_REG_ID_U64(type, idx)
70 #else
71 #define KVM_RISCV_REG_ID_ULONG(type, idx) KVM_RISCV_REG_ID_U32(type, idx)
72 #endif
73 
74 static uint64_t kvm_encode_reg_size_id(uint64_t id, size_t size_b)
75 {
76     uint64_t size_ctz = __builtin_ctz(size_b);
77 
78     return id | (size_ctz << KVM_REG_SIZE_SHIFT);
79 }
80 
81 static uint64_t kvm_riscv_vector_reg_id(RISCVCPU *cpu,
82                                         uint64_t idx)
83 {
84     uint64_t id;
85     size_t size_b;
86 
87     g_assert(idx < 32);
88 
89     id = KVM_REG_RISCV | KVM_REG_RISCV_VECTOR | KVM_REG_RISCV_VECTOR_REG(idx);
90     size_b = cpu->cfg.vlenb;
91 
92     return kvm_encode_reg_size_id(id, size_b);
93 }
94 
95 #define RISCV_CORE_REG(name) \
96     KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CORE, \
97                            KVM_REG_RISCV_CORE_REG(name))
98 
99 #define RISCV_CSR_REG(name) \
100     KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CSR, \
101                            KVM_REG_RISCV_CSR_REG(name))
102 
103 #define RISCV_CONFIG_REG(name) \
104     KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CONFIG, \
105                            KVM_REG_RISCV_CONFIG_REG(name))
106 
107 #define RISCV_TIMER_REG(name)  KVM_RISCV_REG_ID_U64(KVM_REG_RISCV_TIMER, \
108                  KVM_REG_RISCV_TIMER_REG(name))
109 
110 #define RISCV_FP_F_REG(idx)  KVM_RISCV_REG_ID_U32(KVM_REG_RISCV_FP_F, idx)
111 
112 #define RISCV_FP_D_REG(idx)  KVM_RISCV_REG_ID_U64(KVM_REG_RISCV_FP_D, idx)
113 
114 #define RISCV_VECTOR_CSR_REG(name) \
115     KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_VECTOR, \
116                            KVM_REG_RISCV_VECTOR_CSR_REG(name))
117 
118 #define KVM_RISCV_GET_TIMER(cs, name, reg) \
119     do { \
120         int ret = kvm_get_one_reg(cs, RISCV_TIMER_REG(name), &reg); \
121         if (ret) { \
122             abort(); \
123         } \
124     } while (0)
125 
126 #define KVM_RISCV_SET_TIMER(cs, name, reg) \
127     do { \
128         int ret = kvm_set_one_reg(cs, RISCV_TIMER_REG(name), &reg); \
129         if (ret) { \
130             abort(); \
131         } \
132     } while (0)
133 
134 typedef struct KVMCPUConfig {
135     const char *name;
136     const char *description;
137     target_ulong offset;
138     uint64_t kvm_reg_id;
139     uint32_t prop_size;
140     bool user_set;
141     bool supported;
142 } KVMCPUConfig;
143 
144 #define KVM_MISA_CFG(_bit, _reg_id) \
145     {.offset = _bit, .kvm_reg_id = _reg_id}
146 
147 /* KVM ISA extensions */
148 static KVMCPUConfig kvm_misa_ext_cfgs[] = {
149     KVM_MISA_CFG(RVA, KVM_RISCV_ISA_EXT_A),
150     KVM_MISA_CFG(RVC, KVM_RISCV_ISA_EXT_C),
151     KVM_MISA_CFG(RVD, KVM_RISCV_ISA_EXT_D),
152     KVM_MISA_CFG(RVF, KVM_RISCV_ISA_EXT_F),
153     KVM_MISA_CFG(RVH, KVM_RISCV_ISA_EXT_H),
154     KVM_MISA_CFG(RVI, KVM_RISCV_ISA_EXT_I),
155     KVM_MISA_CFG(RVM, KVM_RISCV_ISA_EXT_M),
156     KVM_MISA_CFG(RVV, KVM_RISCV_ISA_EXT_V),
157 };
158 
159 static void kvm_cpu_get_misa_ext_cfg(Object *obj, Visitor *v,
160                                      const char *name,
161                                      void *opaque, Error **errp)
162 {
163     KVMCPUConfig *misa_ext_cfg = opaque;
164     target_ulong misa_bit = misa_ext_cfg->offset;
165     RISCVCPU *cpu = RISCV_CPU(obj);
166     CPURISCVState *env = &cpu->env;
167     bool value = env->misa_ext_mask & misa_bit;
168 
169     visit_type_bool(v, name, &value, errp);
170 }
171 
172 static void kvm_cpu_set_misa_ext_cfg(Object *obj, Visitor *v,
173                                      const char *name,
174                                      void *opaque, Error **errp)
175 {
176     KVMCPUConfig *misa_ext_cfg = opaque;
177     target_ulong misa_bit = misa_ext_cfg->offset;
178     RISCVCPU *cpu = RISCV_CPU(obj);
179     CPURISCVState *env = &cpu->env;
180     bool value, host_bit;
181 
182     if (!visit_type_bool(v, name, &value, errp)) {
183         return;
184     }
185 
186     host_bit = env->misa_ext_mask & misa_bit;
187 
188     if (value == host_bit) {
189         return;
190     }
191 
192     if (!value) {
193         misa_ext_cfg->user_set = true;
194         return;
195     }
196 
197     /*
198      * Forbid users to enable extensions that aren't
199      * available in the hart.
200      */
201     error_setg(errp, "Enabling MISA bit '%s' is not allowed: it's not "
202                "enabled in the host", misa_ext_cfg->name);
203 }
204 
205 static void kvm_riscv_update_cpu_misa_ext(RISCVCPU *cpu, CPUState *cs)
206 {
207     CPURISCVState *env = &cpu->env;
208     uint64_t id, reg;
209     int i, ret;
210 
211     for (i = 0; i < ARRAY_SIZE(kvm_misa_ext_cfgs); i++) {
212         KVMCPUConfig *misa_cfg = &kvm_misa_ext_cfgs[i];
213         target_ulong misa_bit = misa_cfg->offset;
214 
215         if (!misa_cfg->user_set) {
216             continue;
217         }
218 
219         /* If we're here we're going to disable the MISA bit */
220         reg = 0;
221         id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_ISA_EXT,
222                                     misa_cfg->kvm_reg_id);
223         ret = kvm_set_one_reg(cs, id, &reg);
224         if (ret != 0) {
225             /*
226              * We're not checking for -EINVAL because if the bit is about
227              * to be disabled, it means that it was already enabled by
228              * KVM. We determined that by fetching the 'isa' register
229              * during init() time. Any error at this point is worth
230              * aborting.
231              */
232             error_report("Unable to set KVM reg %s, error %d",
233                          misa_cfg->name, ret);
234             exit(EXIT_FAILURE);
235         }
236         env->misa_ext &= ~misa_bit;
237     }
238 }
239 
240 #define KVM_CSR_CFG(_name, _env_prop, reg_id) \
241     {.name = _name, .offset = ENV_CSR_OFFSET(_env_prop), \
242      .prop_size = sizeof(((CPURISCVState *)0)->_env_prop), \
243      .kvm_reg_id = reg_id}
244 
245 static KVMCPUConfig kvm_csr_cfgs[] = {
246     KVM_CSR_CFG("sstatus",    mstatus,    RISCV_CSR_REG(sstatus)),
247     KVM_CSR_CFG("sie",        mie,        RISCV_CSR_REG(sie)),
248     KVM_CSR_CFG("stvec",      stvec,      RISCV_CSR_REG(stvec)),
249     KVM_CSR_CFG("sscratch",   sscratch,   RISCV_CSR_REG(sscratch)),
250     KVM_CSR_CFG("sepc",       sepc,       RISCV_CSR_REG(sepc)),
251     KVM_CSR_CFG("scause",     scause,     RISCV_CSR_REG(scause)),
252     KVM_CSR_CFG("stval",      stval,      RISCV_CSR_REG(stval)),
253     KVM_CSR_CFG("sip",        mip,        RISCV_CSR_REG(sip)),
254     KVM_CSR_CFG("satp",       satp,       RISCV_CSR_REG(satp)),
255     KVM_CSR_CFG("scounteren", scounteren, RISCV_CSR_REG(scounteren)),
256     KVM_CSR_CFG("senvcfg",    senvcfg,    RISCV_CSR_REG(senvcfg)),
257 };
258 
259 static void *kvmconfig_get_env_addr(RISCVCPU *cpu, KVMCPUConfig *csr_cfg)
260 {
261     return (void *)&cpu->env + csr_cfg->offset;
262 }
263 
264 static uint32_t kvm_cpu_csr_get_u32(RISCVCPU *cpu, KVMCPUConfig *csr_cfg)
265 {
266     uint32_t *val32 = kvmconfig_get_env_addr(cpu, csr_cfg);
267     return *val32;
268 }
269 
270 static uint64_t kvm_cpu_csr_get_u64(RISCVCPU *cpu, KVMCPUConfig *csr_cfg)
271 {
272     uint64_t *val64 = kvmconfig_get_env_addr(cpu, csr_cfg);
273     return *val64;
274 }
275 
276 static void kvm_cpu_csr_set_u32(RISCVCPU *cpu, KVMCPUConfig *csr_cfg,
277                                 uint32_t val)
278 {
279     uint32_t *val32 = kvmconfig_get_env_addr(cpu, csr_cfg);
280     *val32 = val;
281 }
282 
283 static void kvm_cpu_csr_set_u64(RISCVCPU *cpu, KVMCPUConfig *csr_cfg,
284                                 uint64_t val)
285 {
286     uint64_t *val64 = kvmconfig_get_env_addr(cpu, csr_cfg);
287     *val64 = val;
288 }
289 
290 #define KVM_EXT_CFG(_name, _prop, _reg_id) \
291     {.name = _name, .offset = CPU_CFG_OFFSET(_prop), \
292      .kvm_reg_id = _reg_id}
293 
294 static KVMCPUConfig kvm_multi_ext_cfgs[] = {
295     KVM_EXT_CFG("zicbom", ext_zicbom, KVM_RISCV_ISA_EXT_ZICBOM),
296     KVM_EXT_CFG("zicboz", ext_zicboz, KVM_RISCV_ISA_EXT_ZICBOZ),
297     KVM_EXT_CFG("ziccrse", ext_ziccrse, KVM_RISCV_ISA_EXT_ZICCRSE),
298     KVM_EXT_CFG("zicntr", ext_zicntr, KVM_RISCV_ISA_EXT_ZICNTR),
299     KVM_EXT_CFG("zicond", ext_zicond, KVM_RISCV_ISA_EXT_ZICOND),
300     KVM_EXT_CFG("zicsr", ext_zicsr, KVM_RISCV_ISA_EXT_ZICSR),
301     KVM_EXT_CFG("zifencei", ext_zifencei, KVM_RISCV_ISA_EXT_ZIFENCEI),
302     KVM_EXT_CFG("zihintntl", ext_zihintntl, KVM_RISCV_ISA_EXT_ZIHINTNTL),
303     KVM_EXT_CFG("zihintpause", ext_zihintpause, KVM_RISCV_ISA_EXT_ZIHINTPAUSE),
304     KVM_EXT_CFG("zihpm", ext_zihpm, KVM_RISCV_ISA_EXT_ZIHPM),
305     KVM_EXT_CFG("zimop", ext_zimop, KVM_RISCV_ISA_EXT_ZIMOP),
306     KVM_EXT_CFG("zcmop", ext_zcmop, KVM_RISCV_ISA_EXT_ZCMOP),
307     KVM_EXT_CFG("zabha", ext_zabha, KVM_RISCV_ISA_EXT_ZABHA),
308     KVM_EXT_CFG("zacas", ext_zacas, KVM_RISCV_ISA_EXT_ZACAS),
309     KVM_EXT_CFG("zawrs", ext_zawrs, KVM_RISCV_ISA_EXT_ZAWRS),
310     KVM_EXT_CFG("zfa", ext_zfa, KVM_RISCV_ISA_EXT_ZFA),
311     KVM_EXT_CFG("zfh", ext_zfh, KVM_RISCV_ISA_EXT_ZFH),
312     KVM_EXT_CFG("zfhmin", ext_zfhmin, KVM_RISCV_ISA_EXT_ZFHMIN),
313     KVM_EXT_CFG("zba", ext_zba, KVM_RISCV_ISA_EXT_ZBA),
314     KVM_EXT_CFG("zbb", ext_zbb, KVM_RISCV_ISA_EXT_ZBB),
315     KVM_EXT_CFG("zbc", ext_zbc, KVM_RISCV_ISA_EXT_ZBC),
316     KVM_EXT_CFG("zbkb", ext_zbkb, KVM_RISCV_ISA_EXT_ZBKB),
317     KVM_EXT_CFG("zbkc", ext_zbkc, KVM_RISCV_ISA_EXT_ZBKC),
318     KVM_EXT_CFG("zbkx", ext_zbkx, KVM_RISCV_ISA_EXT_ZBKX),
319     KVM_EXT_CFG("zbs", ext_zbs, KVM_RISCV_ISA_EXT_ZBS),
320     KVM_EXT_CFG("zca", ext_zca, KVM_RISCV_ISA_EXT_ZCA),
321     KVM_EXT_CFG("zcb", ext_zcb, KVM_RISCV_ISA_EXT_ZCB),
322     KVM_EXT_CFG("zcd", ext_zcd, KVM_RISCV_ISA_EXT_ZCD),
323     KVM_EXT_CFG("zcf", ext_zcf, KVM_RISCV_ISA_EXT_ZCF),
324     KVM_EXT_CFG("zknd", ext_zknd, KVM_RISCV_ISA_EXT_ZKND),
325     KVM_EXT_CFG("zkne", ext_zkne, KVM_RISCV_ISA_EXT_ZKNE),
326     KVM_EXT_CFG("zknh", ext_zknh, KVM_RISCV_ISA_EXT_ZKNH),
327     KVM_EXT_CFG("zkr", ext_zkr, KVM_RISCV_ISA_EXT_ZKR),
328     KVM_EXT_CFG("zksed", ext_zksed, KVM_RISCV_ISA_EXT_ZKSED),
329     KVM_EXT_CFG("zksh", ext_zksh, KVM_RISCV_ISA_EXT_ZKSH),
330     KVM_EXT_CFG("zkt", ext_zkt, KVM_RISCV_ISA_EXT_ZKT),
331     KVM_EXT_CFG("ztso", ext_ztso, KVM_RISCV_ISA_EXT_ZTSO),
332     KVM_EXT_CFG("zvbb", ext_zvbb, KVM_RISCV_ISA_EXT_ZVBB),
333     KVM_EXT_CFG("zvbc", ext_zvbc, KVM_RISCV_ISA_EXT_ZVBC),
334     KVM_EXT_CFG("zvfh", ext_zvfh, KVM_RISCV_ISA_EXT_ZVFH),
335     KVM_EXT_CFG("zvfhmin", ext_zvfhmin, KVM_RISCV_ISA_EXT_ZVFHMIN),
336     KVM_EXT_CFG("zvkb", ext_zvkb, KVM_RISCV_ISA_EXT_ZVKB),
337     KVM_EXT_CFG("zvkg", ext_zvkg, KVM_RISCV_ISA_EXT_ZVKG),
338     KVM_EXT_CFG("zvkned", ext_zvkned, KVM_RISCV_ISA_EXT_ZVKNED),
339     KVM_EXT_CFG("zvknha", ext_zvknha, KVM_RISCV_ISA_EXT_ZVKNHA),
340     KVM_EXT_CFG("zvknhb", ext_zvknhb, KVM_RISCV_ISA_EXT_ZVKNHB),
341     KVM_EXT_CFG("zvksed", ext_zvksed, KVM_RISCV_ISA_EXT_ZVKSED),
342     KVM_EXT_CFG("zvksh", ext_zvksh, KVM_RISCV_ISA_EXT_ZVKSH),
343     KVM_EXT_CFG("zvkt", ext_zvkt, KVM_RISCV_ISA_EXT_ZVKT),
344     KVM_EXT_CFG("smnpm", ext_smnpm, KVM_RISCV_ISA_EXT_SMNPM),
345     KVM_EXT_CFG("smstateen", ext_smstateen, KVM_RISCV_ISA_EXT_SMSTATEEN),
346     KVM_EXT_CFG("ssaia", ext_ssaia, KVM_RISCV_ISA_EXT_SSAIA),
347     KVM_EXT_CFG("sscofpmf", ext_sscofpmf, KVM_RISCV_ISA_EXT_SSCOFPMF),
348     KVM_EXT_CFG("ssnpm", ext_ssnpm, KVM_RISCV_ISA_EXT_SSNPM),
349     KVM_EXT_CFG("sstc", ext_sstc, KVM_RISCV_ISA_EXT_SSTC),
350     KVM_EXT_CFG("svade", ext_svade, KVM_RISCV_ISA_EXT_SVADE),
351     KVM_EXT_CFG("svadu", ext_svadu, KVM_RISCV_ISA_EXT_SVADU),
352     KVM_EXT_CFG("svinval", ext_svinval, KVM_RISCV_ISA_EXT_SVINVAL),
353     KVM_EXT_CFG("svnapot", ext_svnapot, KVM_RISCV_ISA_EXT_SVNAPOT),
354     KVM_EXT_CFG("svpbmt", ext_svpbmt, KVM_RISCV_ISA_EXT_SVPBMT),
355     KVM_EXT_CFG("svvptc", ext_svvptc, KVM_RISCV_ISA_EXT_SVVPTC),
356 };
357 
358 static void *kvmconfig_get_cfg_addr(RISCVCPU *cpu, KVMCPUConfig *kvmcfg)
359 {
360     return (void *)&cpu->cfg + kvmcfg->offset;
361 }
362 
363 static void kvm_cpu_cfg_set(RISCVCPU *cpu, KVMCPUConfig *multi_ext,
364                             uint32_t val)
365 {
366     bool *ext_enabled = kvmconfig_get_cfg_addr(cpu, multi_ext);
367 
368     *ext_enabled = val;
369 }
370 
371 static uint32_t kvm_cpu_cfg_get(RISCVCPU *cpu,
372                                 KVMCPUConfig *multi_ext)
373 {
374     bool *ext_enabled = kvmconfig_get_cfg_addr(cpu, multi_ext);
375 
376     return *ext_enabled;
377 }
378 
379 static void kvm_cpu_get_multi_ext_cfg(Object *obj, Visitor *v,
380                                       const char *name,
381                                       void *opaque, Error **errp)
382 {
383     KVMCPUConfig *multi_ext_cfg = opaque;
384     RISCVCPU *cpu = RISCV_CPU(obj);
385     bool value = kvm_cpu_cfg_get(cpu, multi_ext_cfg);
386 
387     visit_type_bool(v, name, &value, errp);
388 }
389 
390 static void kvm_cpu_set_multi_ext_cfg(Object *obj, Visitor *v,
391                                       const char *name,
392                                       void *opaque, Error **errp)
393 {
394     KVMCPUConfig *multi_ext_cfg = opaque;
395     RISCVCPU *cpu = RISCV_CPU(obj);
396     bool value, host_val;
397 
398     if (!visit_type_bool(v, name, &value, errp)) {
399         return;
400     }
401 
402     host_val = kvm_cpu_cfg_get(cpu, multi_ext_cfg);
403 
404     /*
405      * Ignore if the user is setting the same value
406      * as the host.
407      */
408     if (value == host_val) {
409         return;
410     }
411 
412     if (!multi_ext_cfg->supported) {
413         /*
414          * Error out if the user is trying to enable an
415          * extension that KVM doesn't support. Ignore
416          * option otherwise.
417          */
418         if (value) {
419             error_setg(errp, "KVM does not support disabling extension %s",
420                        multi_ext_cfg->name);
421         }
422 
423         return;
424     }
425 
426     multi_ext_cfg->user_set = true;
427     kvm_cpu_cfg_set(cpu, multi_ext_cfg, value);
428 }
429 
430 static KVMCPUConfig kvm_cbom_blocksize = {
431     .name = "cbom_blocksize",
432     .offset = CPU_CFG_OFFSET(cbom_blocksize),
433     .kvm_reg_id = KVM_REG_RISCV_CONFIG_REG(zicbom_block_size)
434 };
435 
436 static KVMCPUConfig kvm_cboz_blocksize = {
437     .name = "cboz_blocksize",
438     .offset = CPU_CFG_OFFSET(cboz_blocksize),
439     .kvm_reg_id = KVM_REG_RISCV_CONFIG_REG(zicboz_block_size)
440 };
441 
442 static KVMCPUConfig kvm_v_vlenb = {
443     .name = "vlenb",
444     .offset = CPU_CFG_OFFSET(vlenb),
445     .kvm_reg_id =  KVM_REG_RISCV | KVM_REG_SIZE_U64 | KVM_REG_RISCV_VECTOR |
446                    KVM_REG_RISCV_VECTOR_CSR_REG(vlenb)
447 };
448 
449 static KVMCPUConfig kvm_sbi_dbcn = {
450     .name = "sbi_dbcn",
451     .kvm_reg_id = KVM_REG_RISCV | KVM_REG_SIZE_U64 |
452                   KVM_REG_RISCV_SBI_EXT | KVM_RISCV_SBI_EXT_DBCN
453 };
454 
455 static void kvm_riscv_update_cpu_cfg_isa_ext(RISCVCPU *cpu, CPUState *cs)
456 {
457     uint64_t id, reg;
458     int i, ret;
459 
460     for (i = 0; i < ARRAY_SIZE(kvm_multi_ext_cfgs); i++) {
461         KVMCPUConfig *multi_ext_cfg = &kvm_multi_ext_cfgs[i];
462 
463         if (!multi_ext_cfg->user_set) {
464             continue;
465         }
466 
467         id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_ISA_EXT,
468                                     multi_ext_cfg->kvm_reg_id);
469         reg = kvm_cpu_cfg_get(cpu, multi_ext_cfg);
470         ret = kvm_set_one_reg(cs, id, &reg);
471         if (ret != 0) {
472             if (!reg && ret == -EINVAL) {
473                 warn_report("KVM cannot disable extension %s",
474                             multi_ext_cfg->name);
475             } else {
476                 error_report("Unable to enable extension %s in KVM, error %d",
477                              multi_ext_cfg->name, ret);
478                 exit(EXIT_FAILURE);
479             }
480         }
481     }
482 }
483 
484 static void cpu_get_cfg_unavailable(Object *obj, Visitor *v,
485                                     const char *name,
486                                     void *opaque, Error **errp)
487 {
488     bool value = false;
489 
490     visit_type_bool(v, name, &value, errp);
491 }
492 
493 static void cpu_set_cfg_unavailable(Object *obj, Visitor *v,
494                                     const char *name,
495                                     void *opaque, Error **errp)
496 {
497     const char *propname = opaque;
498     bool value;
499 
500     if (!visit_type_bool(v, name, &value, errp)) {
501         return;
502     }
503 
504     if (value) {
505         error_setg(errp, "'%s' is not available with KVM",
506                    propname);
507     }
508 }
509 
510 static void riscv_cpu_add_kvm_unavail_prop(Object *obj, const char *prop_name)
511 {
512     /* Check if KVM created the property already */
513     if (object_property_find(obj, prop_name)) {
514         return;
515     }
516 
517     /*
518      * Set the default to disabled for every extension
519      * unknown to KVM and error out if the user attempts
520      * to enable any of them.
521      */
522     object_property_add(obj, prop_name, "bool",
523                         cpu_get_cfg_unavailable,
524                         cpu_set_cfg_unavailable,
525                         NULL, (void *)prop_name);
526 }
527 
528 static void riscv_cpu_add_kvm_unavail_prop_array(Object *obj,
529                                         const RISCVCPUMultiExtConfig *array)
530 {
531     const RISCVCPUMultiExtConfig *prop;
532 
533     g_assert(array);
534 
535     for (prop = array; prop && prop->name; prop++) {
536         riscv_cpu_add_kvm_unavail_prop(obj, prop->name);
537     }
538 }
539 
540 static void kvm_riscv_add_cpu_user_properties(Object *cpu_obj)
541 {
542     int i;
543 
544     riscv_add_satp_mode_properties(cpu_obj);
545 
546     for (i = 0; i < ARRAY_SIZE(kvm_misa_ext_cfgs); i++) {
547         KVMCPUConfig *misa_cfg = &kvm_misa_ext_cfgs[i];
548         int bit = misa_cfg->offset;
549 
550         misa_cfg->name = riscv_get_misa_ext_name(bit);
551         misa_cfg->description = riscv_get_misa_ext_description(bit);
552 
553         object_property_add(cpu_obj, misa_cfg->name, "bool",
554                             kvm_cpu_get_misa_ext_cfg,
555                             kvm_cpu_set_misa_ext_cfg,
556                             NULL, misa_cfg);
557         object_property_set_description(cpu_obj, misa_cfg->name,
558                                         misa_cfg->description);
559     }
560 
561     for (i = 0; misa_bits[i] != 0; i++) {
562         const char *ext_name = riscv_get_misa_ext_name(misa_bits[i]);
563         riscv_cpu_add_kvm_unavail_prop(cpu_obj, ext_name);
564     }
565 
566     for (i = 0; i < ARRAY_SIZE(kvm_multi_ext_cfgs); i++) {
567         KVMCPUConfig *multi_cfg = &kvm_multi_ext_cfgs[i];
568 
569         object_property_add(cpu_obj, multi_cfg->name, "bool",
570                             kvm_cpu_get_multi_ext_cfg,
571                             kvm_cpu_set_multi_ext_cfg,
572                             NULL, multi_cfg);
573     }
574 
575     riscv_cpu_add_kvm_unavail_prop_array(cpu_obj, riscv_cpu_extensions);
576     riscv_cpu_add_kvm_unavail_prop_array(cpu_obj, riscv_cpu_vendor_exts);
577     riscv_cpu_add_kvm_unavail_prop_array(cpu_obj, riscv_cpu_experimental_exts);
578 
579    /* We don't have the needed KVM support for profiles */
580     for (i = 0; riscv_profiles[i] != NULL; i++) {
581         riscv_cpu_add_kvm_unavail_prop(cpu_obj, riscv_profiles[i]->name);
582     }
583 }
584 
585 static int kvm_riscv_get_regs_core(CPUState *cs)
586 {
587     int ret = 0;
588     int i;
589     target_ulong reg;
590     CPURISCVState *env = &RISCV_CPU(cs)->env;
591 
592     ret = kvm_get_one_reg(cs, RISCV_CORE_REG(regs.pc), &reg);
593     if (ret) {
594         return ret;
595     }
596     env->pc = reg;
597 
598     for (i = 1; i < 32; i++) {
599         uint64_t id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CORE, i);
600         ret = kvm_get_one_reg(cs, id, &reg);
601         if (ret) {
602             return ret;
603         }
604         env->gpr[i] = reg;
605     }
606 
607     return ret;
608 }
609 
610 static int kvm_riscv_put_regs_core(CPUState *cs)
611 {
612     int ret = 0;
613     int i;
614     target_ulong reg;
615     CPURISCVState *env = &RISCV_CPU(cs)->env;
616 
617     reg = env->pc;
618     ret = kvm_set_one_reg(cs, RISCV_CORE_REG(regs.pc), &reg);
619     if (ret) {
620         return ret;
621     }
622 
623     for (i = 1; i < 32; i++) {
624         uint64_t id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CORE, i);
625         reg = env->gpr[i];
626         ret = kvm_set_one_reg(cs, id, &reg);
627         if (ret) {
628             return ret;
629         }
630     }
631 
632     return ret;
633 }
634 
635 static int kvm_riscv_get_regs_csr(CPUState *cs)
636 {
637     RISCVCPU *cpu = RISCV_CPU(cs);
638     uint64_t reg;
639     int i, ret;
640 
641     for (i = 0; i < ARRAY_SIZE(kvm_csr_cfgs); i++) {
642         KVMCPUConfig *csr_cfg = &kvm_csr_cfgs[i];
643 
644         if (!csr_cfg->supported) {
645             continue;
646         }
647 
648         ret = kvm_get_one_reg(cs, csr_cfg->kvm_reg_id, &reg);
649         if (ret) {
650             return ret;
651         }
652 
653         if (csr_cfg->prop_size == sizeof(uint32_t)) {
654             kvm_cpu_csr_set_u32(cpu, csr_cfg, (uint32_t)reg);
655         } else if (csr_cfg->prop_size == sizeof(uint64_t)) {
656             kvm_cpu_csr_set_u64(cpu, csr_cfg, reg);
657         } else {
658             g_assert_not_reached();
659         }
660     }
661 
662     return 0;
663 }
664 
665 static int kvm_riscv_put_regs_csr(CPUState *cs)
666 {
667     RISCVCPU *cpu = RISCV_CPU(cs);
668     uint64_t reg;
669     int i, ret;
670 
671     for (i = 0; i < ARRAY_SIZE(kvm_csr_cfgs); i++) {
672         KVMCPUConfig *csr_cfg = &kvm_csr_cfgs[i];
673 
674         if (!csr_cfg->supported) {
675             continue;
676         }
677 
678         if (csr_cfg->prop_size == sizeof(uint32_t)) {
679             reg = kvm_cpu_csr_get_u32(cpu, csr_cfg);
680         } else if (csr_cfg->prop_size == sizeof(uint64_t)) {
681             reg = kvm_cpu_csr_get_u64(cpu, csr_cfg);
682         } else {
683             g_assert_not_reached();
684         }
685 
686         ret = kvm_set_one_reg(cs, csr_cfg->kvm_reg_id, &reg);
687         if (ret) {
688             return ret;
689         }
690     }
691 
692     return 0;
693 }
694 
695 static void kvm_riscv_reset_regs_csr(CPURISCVState *env)
696 {
697     env->mstatus = 0;
698     env->mie = 0;
699     env->stvec = 0;
700     env->sscratch = 0;
701     env->sepc = 0;
702     env->scause = 0;
703     env->stval = 0;
704     env->mip = 0;
705     env->satp = 0;
706     env->scounteren = 0;
707     env->senvcfg = 0;
708     env->priv = PRV_S;
709 }
710 
711 static int kvm_riscv_get_regs_fp(CPUState *cs)
712 {
713     int ret = 0;
714     int i;
715     CPURISCVState *env = &RISCV_CPU(cs)->env;
716 
717     if (riscv_has_ext(env, RVD)) {
718         uint64_t reg;
719         for (i = 0; i < 32; i++) {
720             ret = kvm_get_one_reg(cs, RISCV_FP_D_REG(i), &reg);
721             if (ret) {
722                 return ret;
723             }
724             env->fpr[i] = reg;
725         }
726         return ret;
727     }
728 
729     if (riscv_has_ext(env, RVF)) {
730         uint32_t reg;
731         for (i = 0; i < 32; i++) {
732             ret = kvm_get_one_reg(cs, RISCV_FP_F_REG(i), &reg);
733             if (ret) {
734                 return ret;
735             }
736             env->fpr[i] = reg;
737         }
738         return ret;
739     }
740 
741     return ret;
742 }
743 
744 static int kvm_riscv_put_regs_fp(CPUState *cs)
745 {
746     int ret = 0;
747     int i;
748     CPURISCVState *env = &RISCV_CPU(cs)->env;
749 
750     if (riscv_has_ext(env, RVD)) {
751         uint64_t reg;
752         for (i = 0; i < 32; i++) {
753             reg = env->fpr[i];
754             ret = kvm_set_one_reg(cs, RISCV_FP_D_REG(i), &reg);
755             if (ret) {
756                 return ret;
757             }
758         }
759         return ret;
760     }
761 
762     if (riscv_has_ext(env, RVF)) {
763         uint32_t reg;
764         for (i = 0; i < 32; i++) {
765             reg = env->fpr[i];
766             ret = kvm_set_one_reg(cs, RISCV_FP_F_REG(i), &reg);
767             if (ret) {
768                 return ret;
769             }
770         }
771         return ret;
772     }
773 
774     return ret;
775 }
776 
777 static void kvm_riscv_get_regs_timer(CPUState *cs)
778 {
779     CPURISCVState *env = &RISCV_CPU(cs)->env;
780 
781     if (env->kvm_timer_dirty) {
782         return;
783     }
784 
785     KVM_RISCV_GET_TIMER(cs, time, env->kvm_timer_time);
786     KVM_RISCV_GET_TIMER(cs, compare, env->kvm_timer_compare);
787     KVM_RISCV_GET_TIMER(cs, state, env->kvm_timer_state);
788     KVM_RISCV_GET_TIMER(cs, frequency, env->kvm_timer_frequency);
789 
790     env->kvm_timer_dirty = true;
791 }
792 
793 static void kvm_riscv_put_regs_timer(CPUState *cs)
794 {
795     uint64_t reg;
796     CPURISCVState *env = &RISCV_CPU(cs)->env;
797 
798     if (!env->kvm_timer_dirty) {
799         return;
800     }
801 
802     KVM_RISCV_SET_TIMER(cs, time, env->kvm_timer_time);
803     KVM_RISCV_SET_TIMER(cs, compare, env->kvm_timer_compare);
804 
805     /*
806      * To set register of RISCV_TIMER_REG(state) will occur a error from KVM
807      * on env->kvm_timer_state == 0, It's better to adapt in KVM, but it
808      * doesn't matter that adaping in QEMU now.
809      * TODO If KVM changes, adapt here.
810      */
811     if (env->kvm_timer_state) {
812         KVM_RISCV_SET_TIMER(cs, state, env->kvm_timer_state);
813     }
814 
815     /*
816      * For now, migration will not work between Hosts with different timer
817      * frequency. Therefore, we should check whether they are the same here
818      * during the migration.
819      */
820     if (migration_is_running()) {
821         KVM_RISCV_GET_TIMER(cs, frequency, reg);
822         if (reg != env->kvm_timer_frequency) {
823             error_report("Dst Hosts timer frequency != Src Hosts");
824         }
825     }
826 
827     env->kvm_timer_dirty = false;
828 }
829 
830 uint64_t kvm_riscv_get_timebase_frequency(RISCVCPU *cpu)
831 {
832     uint64_t reg;
833 
834     KVM_RISCV_GET_TIMER(CPU(cpu), frequency, reg);
835 
836     return reg;
837 }
838 
839 static int kvm_riscv_get_regs_vector(CPUState *cs)
840 {
841     RISCVCPU *cpu = RISCV_CPU(cs);
842     CPURISCVState *env = &cpu->env;
843     target_ulong reg;
844     uint64_t vreg_id;
845     int vreg_idx, ret = 0;
846 
847     if (!riscv_has_ext(env, RVV)) {
848         return 0;
849     }
850 
851     ret = kvm_get_one_reg(cs, RISCV_VECTOR_CSR_REG(vstart), &reg);
852     if (ret) {
853         return ret;
854     }
855     env->vstart = reg;
856 
857     ret = kvm_get_one_reg(cs, RISCV_VECTOR_CSR_REG(vl), &reg);
858     if (ret) {
859         return ret;
860     }
861     env->vl = reg;
862 
863     ret = kvm_get_one_reg(cs, RISCV_VECTOR_CSR_REG(vtype), &reg);
864     if (ret) {
865         return ret;
866     }
867     env->vtype = reg;
868 
869     if (kvm_v_vlenb.supported) {
870         ret = kvm_get_one_reg(cs, RISCV_VECTOR_CSR_REG(vlenb), &reg);
871         if (ret) {
872             return ret;
873         }
874         cpu->cfg.vlenb = reg;
875 
876         for (int i = 0; i < 32; i++) {
877             /*
878              * vreg[] is statically allocated using RV_VLEN_MAX.
879              * Use it instead of vlenb to calculate vreg_idx for
880              * simplicity.
881              */
882             vreg_idx = i * RV_VLEN_MAX / 64;
883             vreg_id = kvm_riscv_vector_reg_id(cpu, i);
884 
885             ret = kvm_get_one_reg(cs, vreg_id, &env->vreg[vreg_idx]);
886             if (ret) {
887                 return ret;
888             }
889         }
890     }
891 
892     return 0;
893 }
894 
895 static int kvm_riscv_put_regs_vector(CPUState *cs)
896 {
897     RISCVCPU *cpu = RISCV_CPU(cs);
898     CPURISCVState *env = &cpu->env;
899     target_ulong reg;
900     uint64_t vreg_id;
901     int vreg_idx, ret = 0;
902 
903     if (!riscv_has_ext(env, RVV)) {
904         return 0;
905     }
906 
907     reg = env->vstart;
908     ret = kvm_set_one_reg(cs, RISCV_VECTOR_CSR_REG(vstart), &reg);
909     if (ret) {
910         return ret;
911     }
912 
913     reg = env->vl;
914     ret = kvm_set_one_reg(cs, RISCV_VECTOR_CSR_REG(vl), &reg);
915     if (ret) {
916         return ret;
917     }
918 
919     reg = env->vtype;
920     ret = kvm_set_one_reg(cs, RISCV_VECTOR_CSR_REG(vtype), &reg);
921     if (ret) {
922         return ret;
923     }
924 
925     if (kvm_v_vlenb.supported) {
926         reg = cpu->cfg.vlenb;
927         ret = kvm_set_one_reg(cs, RISCV_VECTOR_CSR_REG(vlenb), &reg);
928 
929         for (int i = 0; i < 32; i++) {
930             /*
931              * vreg[] is statically allocated using RV_VLEN_MAX.
932              * Use it instead of vlenb to calculate vreg_idx for
933              * simplicity.
934              */
935             vreg_idx = i * RV_VLEN_MAX / 64;
936             vreg_id = kvm_riscv_vector_reg_id(cpu, i);
937 
938             ret = kvm_set_one_reg(cs, vreg_id, &env->vreg[vreg_idx]);
939             if (ret) {
940                 return ret;
941             }
942         }
943     }
944 
945     return ret;
946 }
947 
948 typedef struct KVMScratchCPU {
949     int kvmfd;
950     int vmfd;
951     int cpufd;
952 } KVMScratchCPU;
953 
954 /*
955  * Heavily inspired by kvm_arm_create_scratch_host_vcpu()
956  * from target/arm/kvm.c.
957  */
958 static bool kvm_riscv_create_scratch_vcpu(KVMScratchCPU *scratch)
959 {
960     int kvmfd = -1, vmfd = -1, cpufd = -1;
961 
962     kvmfd = qemu_open_old("/dev/kvm", O_RDWR);
963     if (kvmfd < 0) {
964         goto err;
965     }
966     do {
967         vmfd = ioctl(kvmfd, KVM_CREATE_VM, 0);
968     } while (vmfd == -1 && errno == EINTR);
969     if (vmfd < 0) {
970         goto err;
971     }
972     cpufd = ioctl(vmfd, KVM_CREATE_VCPU, 0);
973     if (cpufd < 0) {
974         goto err;
975     }
976 
977     scratch->kvmfd =  kvmfd;
978     scratch->vmfd = vmfd;
979     scratch->cpufd = cpufd;
980 
981     return true;
982 
983  err:
984     if (cpufd >= 0) {
985         close(cpufd);
986     }
987     if (vmfd >= 0) {
988         close(vmfd);
989     }
990     if (kvmfd >= 0) {
991         close(kvmfd);
992     }
993 
994     return false;
995 }
996 
997 static void kvm_riscv_destroy_scratch_vcpu(KVMScratchCPU *scratch)
998 {
999     close(scratch->cpufd);
1000     close(scratch->vmfd);
1001     close(scratch->kvmfd);
1002 }
1003 
1004 static void kvm_riscv_init_max_satp_mode(RISCVCPU *cpu, KVMScratchCPU *kvmcpu)
1005 {
1006     struct kvm_one_reg reg;
1007     int ret;
1008 
1009     reg.id = RISCV_CONFIG_REG(satp_mode);
1010     reg.addr = (uint64_t)&cpu->cfg.max_satp_mode;
1011     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1012     if (ret != 0) {
1013         error_report("Unable to retrieve satp mode from host, error %d", ret);
1014     }
1015 }
1016 
1017 static void kvm_riscv_init_machine_ids(RISCVCPU *cpu, KVMScratchCPU *kvmcpu)
1018 {
1019     struct kvm_one_reg reg;
1020     int ret;
1021 
1022     reg.id = RISCV_CONFIG_REG(mvendorid);
1023     reg.addr = (uint64_t)&cpu->cfg.mvendorid;
1024     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1025     if (ret != 0) {
1026         error_report("Unable to retrieve mvendorid from host, error %d", ret);
1027     }
1028 
1029     reg.id = RISCV_CONFIG_REG(marchid);
1030     reg.addr = (uint64_t)&cpu->cfg.marchid;
1031     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1032     if (ret != 0) {
1033         error_report("Unable to retrieve marchid from host, error %d", ret);
1034     }
1035 
1036     reg.id = RISCV_CONFIG_REG(mimpid);
1037     reg.addr = (uint64_t)&cpu->cfg.mimpid;
1038     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1039     if (ret != 0) {
1040         error_report("Unable to retrieve mimpid from host, error %d", ret);
1041     }
1042 }
1043 
1044 static void kvm_riscv_init_misa_ext_mask(RISCVCPU *cpu,
1045                                          KVMScratchCPU *kvmcpu)
1046 {
1047     CPURISCVState *env = &cpu->env;
1048     struct kvm_one_reg reg;
1049     int ret;
1050 
1051     reg.id = RISCV_CONFIG_REG(isa);
1052     reg.addr = (uint64_t)&env->misa_ext_mask;
1053     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1054 
1055     if (ret) {
1056         error_report("Unable to fetch ISA register from KVM, "
1057                      "error %d", ret);
1058         kvm_riscv_destroy_scratch_vcpu(kvmcpu);
1059         exit(EXIT_FAILURE);
1060     }
1061 
1062     env->misa_ext = env->misa_ext_mask;
1063 }
1064 
1065 static void kvm_riscv_read_cbomz_blksize(RISCVCPU *cpu, KVMScratchCPU *kvmcpu,
1066                                          KVMCPUConfig *cbomz_cfg)
1067 {
1068     struct kvm_one_reg reg;
1069     int ret;
1070 
1071     reg.id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CONFIG,
1072                                     cbomz_cfg->kvm_reg_id);
1073     reg.addr = (uint64_t)kvmconfig_get_cfg_addr(cpu, cbomz_cfg);
1074     ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1075     if (ret != 0) {
1076         error_report("Unable to read KVM reg %s, error %d",
1077                      cbomz_cfg->name, ret);
1078         exit(EXIT_FAILURE);
1079     }
1080 }
1081 
1082 static void kvm_riscv_read_multiext_legacy(RISCVCPU *cpu,
1083                                            KVMScratchCPU *kvmcpu)
1084 {
1085     uint64_t val;
1086     int i, ret;
1087 
1088     for (i = 0; i < ARRAY_SIZE(kvm_multi_ext_cfgs); i++) {
1089         KVMCPUConfig *multi_ext_cfg = &kvm_multi_ext_cfgs[i];
1090         struct kvm_one_reg reg;
1091 
1092         reg.id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_ISA_EXT,
1093                                         multi_ext_cfg->kvm_reg_id);
1094         reg.addr = (uint64_t)&val;
1095         ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1096         if (ret != 0) {
1097             if (errno == EINVAL) {
1098                 /* Silently default to 'false' if KVM does not support it. */
1099                 multi_ext_cfg->supported = false;
1100                 val = false;
1101             } else {
1102                 error_report("Unable to read ISA_EXT KVM register %s: %s",
1103                              multi_ext_cfg->name, strerror(errno));
1104                 exit(EXIT_FAILURE);
1105             }
1106         } else {
1107             multi_ext_cfg->supported = true;
1108         }
1109 
1110         kvm_cpu_cfg_set(cpu, multi_ext_cfg, val);
1111     }
1112 
1113     if (cpu->cfg.ext_zicbom) {
1114         kvm_riscv_read_cbomz_blksize(cpu, kvmcpu, &kvm_cbom_blocksize);
1115     }
1116 
1117     if (cpu->cfg.ext_zicboz) {
1118         kvm_riscv_read_cbomz_blksize(cpu, kvmcpu, &kvm_cboz_blocksize);
1119     }
1120 }
1121 
1122 static void kvm_riscv_read_csr_cfg_legacy(KVMScratchCPU *kvmcpu)
1123 {
1124     uint64_t val;
1125     int i, ret;
1126 
1127     for (i = 0; i < ARRAY_SIZE(kvm_csr_cfgs); i++) {
1128         KVMCPUConfig *csr_cfg = &kvm_csr_cfgs[i];
1129         struct kvm_one_reg reg;
1130 
1131         reg.id = csr_cfg->kvm_reg_id;
1132         reg.addr = (uint64_t)&val;
1133         ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1134         if (ret != 0) {
1135             if (errno == EINVAL) {
1136                 csr_cfg->supported = false;
1137             } else {
1138                 error_report("Unable to read KVM CSR %s: %s",
1139                              csr_cfg->name, strerror(errno));
1140                 exit(EXIT_FAILURE);
1141             }
1142         } else {
1143             csr_cfg->supported = true;
1144         }
1145     }
1146 }
1147 
1148 static int uint64_cmp(const void *a, const void *b)
1149 {
1150     uint64_t val1 = *(const uint64_t *)a;
1151     uint64_t val2 = *(const uint64_t *)b;
1152 
1153     if (val1 < val2) {
1154         return -1;
1155     }
1156 
1157     if (val1 > val2) {
1158         return 1;
1159     }
1160 
1161     return 0;
1162 }
1163 
1164 static void kvm_riscv_check_sbi_dbcn_support(RISCVCPU *cpu,
1165                                              struct kvm_reg_list *reglist)
1166 {
1167     struct kvm_reg_list *reg_search;
1168 
1169     reg_search = bsearch(&kvm_sbi_dbcn.kvm_reg_id, reglist->reg, reglist->n,
1170                          sizeof(uint64_t), uint64_cmp);
1171 
1172     if (reg_search) {
1173         kvm_sbi_dbcn.supported = true;
1174     }
1175 }
1176 
1177 static void kvm_riscv_read_vlenb(RISCVCPU *cpu, KVMScratchCPU *kvmcpu,
1178                                  struct kvm_reg_list *reglist)
1179 {
1180     struct kvm_one_reg reg;
1181     struct kvm_reg_list *reg_search;
1182     uint64_t val;
1183     int ret;
1184 
1185     reg_search = bsearch(&kvm_v_vlenb.kvm_reg_id, reglist->reg, reglist->n,
1186                          sizeof(uint64_t), uint64_cmp);
1187 
1188     if (reg_search) {
1189         reg.id = kvm_v_vlenb.kvm_reg_id;
1190         reg.addr = (uint64_t)&val;
1191 
1192         ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1193         if (ret != 0) {
1194             error_report("Unable to read vlenb register, error code: %d",
1195                          errno);
1196             exit(EXIT_FAILURE);
1197         }
1198 
1199         kvm_v_vlenb.supported = true;
1200         cpu->cfg.vlenb = val;
1201     }
1202 }
1203 
1204 static void kvm_riscv_read_csr_cfg(struct kvm_reg_list *reglist)
1205 {
1206     struct kvm_reg_list *reg_search;
1207     uint64_t reg_id;
1208 
1209     for (int i = 0; i < ARRAY_SIZE(kvm_csr_cfgs); i++) {
1210         KVMCPUConfig *csr_cfg = &kvm_csr_cfgs[i];
1211 
1212         reg_id = csr_cfg->kvm_reg_id;
1213         reg_search = bsearch(&reg_id, reglist->reg, reglist->n,
1214                              sizeof(uint64_t), uint64_cmp);
1215         if (!reg_search) {
1216             continue;
1217         }
1218 
1219         csr_cfg->supported = true;
1220     }
1221 }
1222 
1223 static void kvm_riscv_init_cfg(RISCVCPU *cpu, KVMScratchCPU *kvmcpu)
1224 {
1225     g_autofree struct kvm_reg_list *reglist = NULL;
1226     KVMCPUConfig *multi_ext_cfg;
1227     struct kvm_one_reg reg;
1228     struct kvm_reg_list rl_struct;
1229     uint64_t val, reg_id, *reg_search;
1230     int i, ret;
1231 
1232     rl_struct.n = 0;
1233     ret = ioctl(kvmcpu->cpufd, KVM_GET_REG_LIST, &rl_struct);
1234 
1235     /*
1236      * If KVM_GET_REG_LIST isn't supported we'll get errno 22
1237      * (EINVAL). Use read_legacy() in this case.
1238      */
1239     if (errno == EINVAL) {
1240         kvm_riscv_read_multiext_legacy(cpu, kvmcpu);
1241         kvm_riscv_read_csr_cfg_legacy(kvmcpu);
1242         return;
1243     } else if (errno != E2BIG) {
1244         /*
1245          * E2BIG is an expected error message for the API since we
1246          * don't know the number of registers. The right amount will
1247          * be written in rl_struct.n.
1248          *
1249          * Error out if we get any other errno.
1250          */
1251         error_report("Error when accessing get-reg-list: %s",
1252                      strerror(errno));
1253         exit(EXIT_FAILURE);
1254     }
1255 
1256     reglist = g_malloc(sizeof(struct kvm_reg_list) +
1257                        rl_struct.n * sizeof(uint64_t));
1258     reglist->n = rl_struct.n;
1259     ret = ioctl(kvmcpu->cpufd, KVM_GET_REG_LIST, reglist);
1260     if (ret) {
1261         error_report("Error when reading KVM_GET_REG_LIST: %s",
1262                      strerror(errno));
1263         exit(EXIT_FAILURE);
1264     }
1265 
1266     /* sort reglist to use bsearch() */
1267     qsort(&reglist->reg, reglist->n, sizeof(uint64_t), uint64_cmp);
1268 
1269     for (i = 0; i < ARRAY_SIZE(kvm_multi_ext_cfgs); i++) {
1270         multi_ext_cfg = &kvm_multi_ext_cfgs[i];
1271         reg_id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_ISA_EXT,
1272                                         multi_ext_cfg->kvm_reg_id);
1273         reg_search = bsearch(&reg_id, reglist->reg, reglist->n,
1274                              sizeof(uint64_t), uint64_cmp);
1275         if (!reg_search) {
1276             continue;
1277         }
1278 
1279         reg.id = reg_id;
1280         reg.addr = (uint64_t)&val;
1281         ret = ioctl(kvmcpu->cpufd, KVM_GET_ONE_REG, &reg);
1282         if (ret != 0) {
1283             error_report("Unable to read ISA_EXT KVM register %s: %s",
1284                          multi_ext_cfg->name, strerror(errno));
1285             exit(EXIT_FAILURE);
1286         }
1287 
1288         multi_ext_cfg->supported = true;
1289         kvm_cpu_cfg_set(cpu, multi_ext_cfg, val);
1290     }
1291 
1292     if (cpu->cfg.ext_zicbom) {
1293         kvm_riscv_read_cbomz_blksize(cpu, kvmcpu, &kvm_cbom_blocksize);
1294     }
1295 
1296     if (cpu->cfg.ext_zicboz) {
1297         kvm_riscv_read_cbomz_blksize(cpu, kvmcpu, &kvm_cboz_blocksize);
1298     }
1299 
1300     if (riscv_has_ext(&cpu->env, RVV)) {
1301         kvm_riscv_read_vlenb(cpu, kvmcpu, reglist);
1302     }
1303 
1304     kvm_riscv_check_sbi_dbcn_support(cpu, reglist);
1305     kvm_riscv_read_csr_cfg(reglist);
1306 }
1307 
1308 static void riscv_init_kvm_registers(Object *cpu_obj)
1309 {
1310     RISCVCPU *cpu = RISCV_CPU(cpu_obj);
1311     KVMScratchCPU kvmcpu;
1312 
1313     if (!kvm_riscv_create_scratch_vcpu(&kvmcpu)) {
1314         return;
1315     }
1316 
1317     kvm_riscv_init_machine_ids(cpu, &kvmcpu);
1318     kvm_riscv_init_misa_ext_mask(cpu, &kvmcpu);
1319     kvm_riscv_init_cfg(cpu, &kvmcpu);
1320     kvm_riscv_init_max_satp_mode(cpu, &kvmcpu);
1321 
1322     kvm_riscv_destroy_scratch_vcpu(&kvmcpu);
1323 }
1324 
1325 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
1326     KVM_CAP_LAST_INFO
1327 };
1328 
1329 int kvm_arch_get_registers(CPUState *cs, Error **errp)
1330 {
1331     int ret = 0;
1332 
1333     ret = kvm_riscv_get_regs_core(cs);
1334     if (ret) {
1335         return ret;
1336     }
1337 
1338     ret = kvm_riscv_get_regs_csr(cs);
1339     if (ret) {
1340         return ret;
1341     }
1342 
1343     ret = kvm_riscv_get_regs_fp(cs);
1344     if (ret) {
1345         return ret;
1346     }
1347 
1348     ret = kvm_riscv_get_regs_vector(cs);
1349     if (ret) {
1350         return ret;
1351     }
1352 
1353     return ret;
1354 }
1355 
1356 int kvm_riscv_sync_mpstate_to_kvm(RISCVCPU *cpu, int state)
1357 {
1358     if (cap_has_mp_state) {
1359         struct kvm_mp_state mp_state = {
1360             .mp_state = state
1361         };
1362 
1363         int ret = kvm_vcpu_ioctl(CPU(cpu), KVM_SET_MP_STATE, &mp_state);
1364         if (ret) {
1365             fprintf(stderr, "%s: failed to sync MP_STATE %d/%s\n",
1366                     __func__, ret, strerror(-ret));
1367             return -1;
1368         }
1369     }
1370 
1371     return 0;
1372 }
1373 
1374 int kvm_arch_put_registers(CPUState *cs, KvmPutState level, Error **errp)
1375 {
1376     int ret = 0;
1377 
1378     ret = kvm_riscv_put_regs_core(cs);
1379     if (ret) {
1380         return ret;
1381     }
1382 
1383     ret = kvm_riscv_put_regs_csr(cs);
1384     if (ret) {
1385         return ret;
1386     }
1387 
1388     ret = kvm_riscv_put_regs_fp(cs);
1389     if (ret) {
1390         return ret;
1391     }
1392 
1393     ret = kvm_riscv_put_regs_vector(cs);
1394     if (ret) {
1395         return ret;
1396     }
1397 
1398     if (KVM_PUT_RESET_STATE == level) {
1399         RISCVCPU *cpu = RISCV_CPU(cs);
1400         if (cs->cpu_index == 0) {
1401             ret = kvm_riscv_sync_mpstate_to_kvm(cpu, KVM_MP_STATE_RUNNABLE);
1402         } else {
1403             ret = kvm_riscv_sync_mpstate_to_kvm(cpu, KVM_MP_STATE_STOPPED);
1404         }
1405         if (ret) {
1406             return ret;
1407         }
1408     }
1409 
1410     return ret;
1411 }
1412 
1413 int kvm_arch_release_virq_post(int virq)
1414 {
1415     return 0;
1416 }
1417 
1418 int kvm_arch_fixup_msi_route(struct kvm_irq_routing_entry *route,
1419                              uint64_t address, uint32_t data, PCIDevice *dev)
1420 {
1421     return 0;
1422 }
1423 
1424 int kvm_arch_destroy_vcpu(CPUState *cs)
1425 {
1426     return 0;
1427 }
1428 
1429 unsigned long kvm_arch_vcpu_id(CPUState *cpu)
1430 {
1431     return cpu->cpu_index;
1432 }
1433 
1434 static void kvm_riscv_vm_state_change(void *opaque, bool running,
1435                                       RunState state)
1436 {
1437     CPUState *cs = opaque;
1438 
1439     if (running) {
1440         kvm_riscv_put_regs_timer(cs);
1441     } else {
1442         kvm_riscv_get_regs_timer(cs);
1443     }
1444 }
1445 
1446 void kvm_arch_init_irq_routing(KVMState *s)
1447 {
1448 }
1449 
1450 static int kvm_vcpu_set_machine_ids(RISCVCPU *cpu, CPUState *cs)
1451 {
1452     target_ulong reg;
1453     uint64_t id;
1454     int ret;
1455 
1456     id = RISCV_CONFIG_REG(mvendorid);
1457     /*
1458      * cfg.mvendorid is an uint32 but a target_ulong will
1459      * be written. Assign it to a target_ulong var to avoid
1460      * writing pieces of other cpu->cfg fields in the reg.
1461      */
1462     reg = cpu->cfg.mvendorid;
1463     ret = kvm_set_one_reg(cs, id, &reg);
1464     if (ret != 0) {
1465         return ret;
1466     }
1467 
1468     id = RISCV_CONFIG_REG(marchid);
1469     ret = kvm_set_one_reg(cs, id, &cpu->cfg.marchid);
1470     if (ret != 0) {
1471         return ret;
1472     }
1473 
1474     id = RISCV_CONFIG_REG(mimpid);
1475     ret = kvm_set_one_reg(cs, id, &cpu->cfg.mimpid);
1476 
1477     return ret;
1478 }
1479 
1480 static int kvm_vcpu_enable_sbi_dbcn(RISCVCPU *cpu, CPUState *cs)
1481 {
1482     target_ulong reg = 1;
1483 
1484     if (!kvm_sbi_dbcn.supported) {
1485         return 0;
1486     }
1487 
1488     return kvm_set_one_reg(cs, kvm_sbi_dbcn.kvm_reg_id, &reg);
1489 }
1490 
1491 int kvm_arch_pre_create_vcpu(CPUState *cpu, Error **errp)
1492 {
1493     return 0;
1494 }
1495 
1496 int kvm_arch_init_vcpu(CPUState *cs)
1497 {
1498     int ret = 0;
1499     RISCVCPU *cpu = RISCV_CPU(cs);
1500 
1501     qemu_add_vm_change_state_handler(kvm_riscv_vm_state_change, cs);
1502 
1503     if (!object_dynamic_cast(OBJECT(cpu), TYPE_RISCV_CPU_HOST)) {
1504         ret = kvm_vcpu_set_machine_ids(cpu, cs);
1505         if (ret != 0) {
1506             return ret;
1507         }
1508     }
1509 
1510     kvm_riscv_update_cpu_misa_ext(cpu, cs);
1511     kvm_riscv_update_cpu_cfg_isa_ext(cpu, cs);
1512 
1513     ret = kvm_vcpu_enable_sbi_dbcn(cpu, cs);
1514 
1515     return ret;
1516 }
1517 
1518 int kvm_arch_msi_data_to_gsi(uint32_t data)
1519 {
1520     abort();
1521 }
1522 
1523 int kvm_arch_add_msi_route_post(struct kvm_irq_routing_entry *route,
1524                                 int vector, PCIDevice *dev)
1525 {
1526     return 0;
1527 }
1528 
1529 int kvm_arch_get_default_type(MachineState *ms)
1530 {
1531     return 0;
1532 }
1533 
1534 int kvm_arch_init(MachineState *ms, KVMState *s)
1535 {
1536     cap_has_mp_state = kvm_check_extension(s, KVM_CAP_MP_STATE);
1537     return 0;
1538 }
1539 
1540 int kvm_arch_irqchip_create(KVMState *s)
1541 {
1542     /*
1543      * We can create the VAIA using the newer device control API.
1544      */
1545     return kvm_check_extension(s, KVM_CAP_DEVICE_CTRL);
1546 }
1547 
1548 int kvm_arch_process_async_events(CPUState *cs)
1549 {
1550     return 0;
1551 }
1552 
1553 void kvm_arch_pre_run(CPUState *cs, struct kvm_run *run)
1554 {
1555 }
1556 
1557 MemTxAttrs kvm_arch_post_run(CPUState *cs, struct kvm_run *run)
1558 {
1559     return MEMTXATTRS_UNSPECIFIED;
1560 }
1561 
1562 bool kvm_arch_stop_on_emulation_error(CPUState *cs)
1563 {
1564     return true;
1565 }
1566 
1567 static void kvm_riscv_handle_sbi_dbcn(CPUState *cs, struct kvm_run *run)
1568 {
1569     const MemTxAttrs attrs = MEMTXATTRS_UNSPECIFIED;
1570     g_autofree uint8_t *buf = NULL;
1571     RISCVCPU *cpu = RISCV_CPU(cs);
1572     target_ulong num_bytes;
1573     uint64_t addr;
1574     unsigned char ch;
1575     int ret;
1576 
1577     switch (run->riscv_sbi.function_id) {
1578     case SBI_EXT_DBCN_CONSOLE_READ:
1579     case SBI_EXT_DBCN_CONSOLE_WRITE:
1580         num_bytes = run->riscv_sbi.args[0];
1581 
1582         if (num_bytes == 0) {
1583             run->riscv_sbi.ret[0] = SBI_SUCCESS;
1584             run->riscv_sbi.ret[1] = 0;
1585             break;
1586         }
1587 
1588         addr = run->riscv_sbi.args[1];
1589 
1590         /*
1591          * Handle the case where a 32 bit CPU is running in a
1592          * 64 bit addressing env.
1593          */
1594         if (riscv_cpu_is_32bit(cpu)) {
1595             addr |= (uint64_t)run->riscv_sbi.args[2] << 32;
1596         }
1597 
1598         buf = g_malloc0(num_bytes);
1599 
1600         if (run->riscv_sbi.function_id == SBI_EXT_DBCN_CONSOLE_READ) {
1601             ret = qemu_chr_fe_read_all(serial_hd(0)->fe, buf, num_bytes);
1602             if (ret < 0) {
1603                 error_report("SBI_EXT_DBCN_CONSOLE_READ: error when "
1604                              "reading chardev");
1605                 exit(1);
1606             }
1607 
1608             address_space_write(cs->as, addr, attrs, buf, ret);
1609         } else {
1610             address_space_read(cs->as, addr, attrs, buf, num_bytes);
1611 
1612             ret = qemu_chr_fe_write_all(serial_hd(0)->fe, buf, num_bytes);
1613             if (ret < 0) {
1614                 error_report("SBI_EXT_DBCN_CONSOLE_WRITE: error when "
1615                              "writing chardev");
1616                 exit(1);
1617             }
1618         }
1619 
1620         run->riscv_sbi.ret[0] = SBI_SUCCESS;
1621         run->riscv_sbi.ret[1] = ret;
1622         break;
1623     case SBI_EXT_DBCN_CONSOLE_WRITE_BYTE:
1624         ch = run->riscv_sbi.args[0];
1625         ret = qemu_chr_fe_write_all(serial_hd(0)->fe, &ch, sizeof(ch));
1626 
1627         if (ret < 0) {
1628             error_report("SBI_EXT_DBCN_CONSOLE_WRITE_BYTE: error when "
1629                          "writing chardev");
1630             exit(1);
1631         }
1632 
1633         run->riscv_sbi.ret[0] = SBI_SUCCESS;
1634         run->riscv_sbi.ret[1] = 0;
1635         break;
1636     default:
1637         run->riscv_sbi.ret[0] = SBI_ERR_NOT_SUPPORTED;
1638     }
1639 }
1640 
1641 static int kvm_riscv_handle_sbi(CPUState *cs, struct kvm_run *run)
1642 {
1643     int ret = 0;
1644     unsigned char ch;
1645     switch (run->riscv_sbi.extension_id) {
1646     case SBI_EXT_0_1_CONSOLE_PUTCHAR:
1647         ch = run->riscv_sbi.args[0];
1648         qemu_chr_fe_write(serial_hd(0)->fe, &ch, sizeof(ch));
1649         break;
1650     case SBI_EXT_0_1_CONSOLE_GETCHAR:
1651         ret = qemu_chr_fe_read_all(serial_hd(0)->fe, &ch, sizeof(ch));
1652         if (ret == sizeof(ch)) {
1653             run->riscv_sbi.ret[0] = ch;
1654         } else {
1655             run->riscv_sbi.ret[0] = -1;
1656         }
1657         ret = 0;
1658         break;
1659     case SBI_EXT_DBCN:
1660         kvm_riscv_handle_sbi_dbcn(cs, run);
1661         break;
1662     default:
1663         qemu_log_mask(LOG_UNIMP,
1664                       "%s: un-handled SBI EXIT, specific reasons is %lu\n",
1665                       __func__, run->riscv_sbi.extension_id);
1666         ret = -1;
1667         break;
1668     }
1669     return ret;
1670 }
1671 
1672 static int kvm_riscv_handle_csr(CPUState *cs, struct kvm_run *run)
1673 {
1674     target_ulong csr_num = run->riscv_csr.csr_num;
1675     target_ulong new_value = run->riscv_csr.new_value;
1676     target_ulong write_mask = run->riscv_csr.write_mask;
1677     int ret = 0;
1678 
1679     switch (csr_num) {
1680     case CSR_SEED:
1681         run->riscv_csr.ret_value = riscv_new_csr_seed(new_value, write_mask);
1682         break;
1683     default:
1684         qemu_log_mask(LOG_UNIMP,
1685                       "%s: un-handled CSR EXIT for CSR %lx\n",
1686                       __func__, csr_num);
1687         ret = -1;
1688         break;
1689     }
1690 
1691     return ret;
1692 }
1693 
1694 static bool kvm_riscv_handle_debug(CPUState *cs)
1695 {
1696     RISCVCPU *cpu = RISCV_CPU(cs);
1697     CPURISCVState *env = &cpu->env;
1698 
1699     /* Ensure PC is synchronised */
1700     kvm_cpu_synchronize_state(cs);
1701 
1702     if (kvm_find_sw_breakpoint(cs, env->pc)) {
1703         return true;
1704     }
1705 
1706     return false;
1707 }
1708 
1709 int kvm_arch_handle_exit(CPUState *cs, struct kvm_run *run)
1710 {
1711     int ret = 0;
1712     switch (run->exit_reason) {
1713     case KVM_EXIT_RISCV_SBI:
1714         ret = kvm_riscv_handle_sbi(cs, run);
1715         break;
1716     case KVM_EXIT_RISCV_CSR:
1717         ret = kvm_riscv_handle_csr(cs, run);
1718         break;
1719     case KVM_EXIT_DEBUG:
1720         if (kvm_riscv_handle_debug(cs)) {
1721             ret = EXCP_DEBUG;
1722         }
1723         break;
1724     default:
1725         qemu_log_mask(LOG_UNIMP, "%s: un-handled exit reason %d\n",
1726                       __func__, run->exit_reason);
1727         ret = -1;
1728         break;
1729     }
1730     return ret;
1731 }
1732 
1733 void kvm_riscv_reset_vcpu(RISCVCPU *cpu)
1734 {
1735     CPURISCVState *env = &cpu->env;
1736     int i;
1737 
1738     for (i = 0; i < 32; i++) {
1739         env->gpr[i] = 0;
1740     }
1741     env->pc = cpu->env.kernel_addr;
1742     env->gpr[10] = kvm_arch_vcpu_id(CPU(cpu)); /* a0 */
1743     env->gpr[11] = cpu->env.fdt_addr;          /* a1 */
1744 
1745     kvm_riscv_reset_regs_csr(env);
1746 }
1747 
1748 void kvm_riscv_set_irq(RISCVCPU *cpu, int irq, int level)
1749 {
1750     int ret;
1751     unsigned virq = level ? KVM_INTERRUPT_SET : KVM_INTERRUPT_UNSET;
1752 
1753     if (irq != IRQ_S_EXT) {
1754         perror("kvm riscv set irq != IRQ_S_EXT\n");
1755         abort();
1756     }
1757 
1758     ret = kvm_vcpu_ioctl(CPU(cpu), KVM_INTERRUPT, &virq);
1759     if (ret < 0) {
1760         perror("Set irq failed");
1761         abort();
1762     }
1763 }
1764 
1765 static int aia_mode;
1766 
1767 static const char *kvm_aia_mode_str(uint64_t mode)
1768 {
1769     switch (mode) {
1770     case KVM_DEV_RISCV_AIA_MODE_EMUL:
1771         return "emul";
1772     case KVM_DEV_RISCV_AIA_MODE_HWACCEL:
1773         return "hwaccel";
1774     case KVM_DEV_RISCV_AIA_MODE_AUTO:
1775     default:
1776         return "auto";
1777     };
1778 }
1779 
1780 static char *riscv_get_kvm_aia(Object *obj, Error **errp)
1781 {
1782     return g_strdup(kvm_aia_mode_str(aia_mode));
1783 }
1784 
1785 static void riscv_set_kvm_aia(Object *obj, const char *val, Error **errp)
1786 {
1787     if (!strcmp(val, "emul")) {
1788         aia_mode = KVM_DEV_RISCV_AIA_MODE_EMUL;
1789     } else if (!strcmp(val, "hwaccel")) {
1790         aia_mode = KVM_DEV_RISCV_AIA_MODE_HWACCEL;
1791     } else if (!strcmp(val, "auto")) {
1792         aia_mode = KVM_DEV_RISCV_AIA_MODE_AUTO;
1793     } else {
1794         error_setg(errp, "Invalid KVM AIA mode");
1795         error_append_hint(errp, "Valid values are emul, hwaccel, and auto.\n");
1796     }
1797 }
1798 
1799 void kvm_arch_accel_class_init(ObjectClass *oc)
1800 {
1801     object_class_property_add_str(oc, "riscv-aia", riscv_get_kvm_aia,
1802                                   riscv_set_kvm_aia);
1803     object_class_property_set_description(oc, "riscv-aia",
1804         "Set KVM AIA mode. Valid values are 'emul', 'hwaccel' and 'auto'. "
1805         "Changing KVM AIA modes relies on host support. Defaults to 'auto' "
1806         "if the host supports it");
1807     object_property_set_default_str(object_class_property_find(oc, "riscv-aia"),
1808                                     "auto");
1809 }
1810 
1811 void kvm_riscv_aia_create(MachineState *machine, uint64_t group_shift,
1812                           uint64_t aia_irq_num, uint64_t aia_msi_num,
1813                           uint64_t aplic_base, uint64_t imsic_base,
1814                           uint64_t guest_num)
1815 {
1816     int ret, i;
1817     int aia_fd = -1;
1818     uint64_t default_aia_mode;
1819     uint64_t socket_count = riscv_socket_count(machine);
1820     uint64_t max_hart_per_socket = 0;
1821     uint64_t socket, base_hart, hart_count, socket_imsic_base, imsic_addr;
1822     uint64_t socket_bits, hart_bits, guest_bits;
1823     uint64_t max_group_id;
1824 
1825     aia_fd = kvm_create_device(kvm_state, KVM_DEV_TYPE_RISCV_AIA, false);
1826 
1827     if (aia_fd < 0) {
1828         error_report("Unable to create in-kernel irqchip");
1829         exit(1);
1830     }
1831 
1832     ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1833                             KVM_DEV_RISCV_AIA_CONFIG_MODE,
1834                             &default_aia_mode, false, NULL);
1835     if (ret < 0) {
1836         error_report("KVM AIA: failed to get current KVM AIA mode");
1837         exit(1);
1838     }
1839 
1840     if (default_aia_mode != aia_mode) {
1841         ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1842                                 KVM_DEV_RISCV_AIA_CONFIG_MODE,
1843                                 &aia_mode, true, NULL);
1844         if (ret < 0) {
1845             warn_report("KVM AIA: failed to set KVM AIA mode '%s', using "
1846                         "default host mode '%s'",
1847                         kvm_aia_mode_str(aia_mode),
1848                         kvm_aia_mode_str(default_aia_mode));
1849 
1850             /* failed to change AIA mode, use default */
1851             aia_mode = default_aia_mode;
1852         }
1853     }
1854 
1855     /*
1856      * Skip APLIC creation in KVM if we're running split mode.
1857      * This is done by leaving KVM_DEV_RISCV_AIA_CONFIG_SRCS
1858      * unset. We can also skip KVM_DEV_RISCV_AIA_ADDR_APLIC
1859      * since KVM won't be using it.
1860      */
1861     if (!kvm_kernel_irqchip_split()) {
1862         ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1863                                 KVM_DEV_RISCV_AIA_CONFIG_SRCS,
1864                                 &aia_irq_num, true, NULL);
1865         if (ret < 0) {
1866             error_report("KVM AIA: failed to set number of input irq lines");
1867             exit(1);
1868         }
1869 
1870         ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_ADDR,
1871                                 KVM_DEV_RISCV_AIA_ADDR_APLIC,
1872                                 &aplic_base, true, NULL);
1873         if (ret < 0) {
1874             error_report("KVM AIA: failed to set the base address of APLIC");
1875             exit(1);
1876         }
1877      }
1878 
1879     ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1880                             KVM_DEV_RISCV_AIA_CONFIG_IDS,
1881                             &aia_msi_num, true, NULL);
1882     if (ret < 0) {
1883         error_report("KVM AIA: failed to set number of msi");
1884         exit(1);
1885     }
1886 
1887 
1888     if (socket_count > 1) {
1889         max_group_id = socket_count - 1;
1890         socket_bits = find_last_bit(&max_group_id, BITS_PER_LONG) + 1;
1891         ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1892                                 KVM_DEV_RISCV_AIA_CONFIG_GROUP_BITS,
1893                                 &socket_bits, true, NULL);
1894         if (ret < 0) {
1895             error_report("KVM AIA: failed to set group_bits");
1896             exit(1);
1897         }
1898 
1899         ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1900                                 KVM_DEV_RISCV_AIA_CONFIG_GROUP_SHIFT,
1901                                 &group_shift, true, NULL);
1902         if (ret < 0) {
1903             error_report("KVM AIA: failed to set group_shift");
1904             exit(1);
1905         }
1906     }
1907 
1908     guest_bits = guest_num == 0 ? 0 :
1909                  find_last_bit(&guest_num, BITS_PER_LONG) + 1;
1910     ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1911                             KVM_DEV_RISCV_AIA_CONFIG_GUEST_BITS,
1912                             &guest_bits, true, NULL);
1913     if (ret < 0) {
1914         error_report("KVM AIA: failed to set guest_bits");
1915         exit(1);
1916     }
1917 
1918     for (socket = 0; socket < socket_count; socket++) {
1919         socket_imsic_base = imsic_base + socket * (1U << group_shift);
1920         hart_count = riscv_socket_hart_count(machine, socket);
1921         base_hart = riscv_socket_first_hartid(machine, socket);
1922 
1923         if (max_hart_per_socket < hart_count) {
1924             max_hart_per_socket = hart_count;
1925         }
1926 
1927         for (i = 0; i < hart_count; i++) {
1928             imsic_addr = socket_imsic_base + i * IMSIC_HART_SIZE(guest_bits);
1929             ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_ADDR,
1930                                     KVM_DEV_RISCV_AIA_ADDR_IMSIC(i + base_hart),
1931                                     &imsic_addr, true, NULL);
1932             if (ret < 0) {
1933                 error_report("KVM AIA: failed to set the IMSIC address for hart %d", i);
1934                 exit(1);
1935             }
1936         }
1937     }
1938 
1939 
1940     if (max_hart_per_socket > 1) {
1941         max_hart_per_socket--;
1942         hart_bits = find_last_bit(&max_hart_per_socket, BITS_PER_LONG) + 1;
1943     } else {
1944         hart_bits = 0;
1945     }
1946 
1947     ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CONFIG,
1948                             KVM_DEV_RISCV_AIA_CONFIG_HART_BITS,
1949                             &hart_bits, true, NULL);
1950     if (ret < 0) {
1951         error_report("KVM AIA: failed to set hart_bits");
1952         exit(1);
1953     }
1954 
1955     if (kvm_has_gsi_routing()) {
1956         for (uint64_t idx = 0; idx < aia_irq_num + 1; ++idx) {
1957             /* KVM AIA only has one APLIC instance */
1958             kvm_irqchip_add_irq_route(kvm_state, idx, 0, idx);
1959         }
1960         kvm_gsi_routing_allowed = true;
1961         kvm_irqchip_commit_routes(kvm_state);
1962     }
1963 
1964     ret = kvm_device_access(aia_fd, KVM_DEV_RISCV_AIA_GRP_CTRL,
1965                             KVM_DEV_RISCV_AIA_CTRL_INIT,
1966                             NULL, true, NULL);
1967     if (ret < 0) {
1968         error_report("KVM AIA: initialized fail");
1969         exit(1);
1970     }
1971 
1972     kvm_msi_via_irqfd_allowed = true;
1973 }
1974 
1975 static void kvm_cpu_instance_init(CPUState *cs)
1976 {
1977     Object *obj = OBJECT(RISCV_CPU(cs));
1978 
1979     riscv_init_kvm_registers(obj);
1980 
1981     kvm_riscv_add_cpu_user_properties(obj);
1982 }
1983 
1984 /*
1985  * We'll get here via the following path:
1986  *
1987  * riscv_cpu_realize()
1988  *   -> cpu_exec_realizefn()
1989  *      -> kvm_cpu_realize() (via accel_cpu_common_realize())
1990  */
1991 static bool kvm_cpu_realize(CPUState *cs, Error **errp)
1992 {
1993     RISCVCPU *cpu = RISCV_CPU(cs);
1994     int ret;
1995 
1996     if (riscv_has_ext(&cpu->env, RVV)) {
1997         ret = prctl(PR_RISCV_V_SET_CONTROL, PR_RISCV_V_VSTATE_CTRL_ON);
1998         if (ret) {
1999             error_setg(errp, "Error in prctl PR_RISCV_V_SET_CONTROL, code: %s",
2000                        strerrorname_np(errno));
2001             return false;
2002         }
2003     }
2004 
2005     return true;
2006 }
2007 
2008 void riscv_kvm_cpu_finalize_features(RISCVCPU *cpu, Error **errp)
2009 {
2010     CPURISCVState *env = &cpu->env;
2011     KVMScratchCPU kvmcpu;
2012     struct kvm_one_reg reg;
2013     uint64_t val;
2014     int ret;
2015 
2016     /* short-circuit without spinning the scratch CPU */
2017     if (!cpu->cfg.ext_zicbom && !cpu->cfg.ext_zicboz &&
2018         !riscv_has_ext(env, RVV)) {
2019         return;
2020     }
2021 
2022     if (!kvm_riscv_create_scratch_vcpu(&kvmcpu)) {
2023         error_setg(errp, "Unable to create scratch KVM cpu");
2024         return;
2025     }
2026 
2027     if (cpu->cfg.ext_zicbom &&
2028         riscv_cpu_option_set(kvm_cbom_blocksize.name)) {
2029 
2030         reg.id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CONFIG,
2031                                         kvm_cbom_blocksize.kvm_reg_id);
2032         reg.addr = (uint64_t)&val;
2033         ret = ioctl(kvmcpu.cpufd, KVM_GET_ONE_REG, &reg);
2034         if (ret != 0) {
2035             error_setg(errp, "Unable to read cbom_blocksize, error %d", errno);
2036             return;
2037         }
2038 
2039         if (cpu->cfg.cbom_blocksize != val) {
2040             error_setg(errp, "Unable to set cbom_blocksize to a different "
2041                        "value than the host (%lu)", val);
2042             return;
2043         }
2044     }
2045 
2046     if (cpu->cfg.ext_zicboz &&
2047         riscv_cpu_option_set(kvm_cboz_blocksize.name)) {
2048 
2049         reg.id = KVM_RISCV_REG_ID_ULONG(KVM_REG_RISCV_CONFIG,
2050                                         kvm_cboz_blocksize.kvm_reg_id);
2051         reg.addr = (uint64_t)&val;
2052         ret = ioctl(kvmcpu.cpufd, KVM_GET_ONE_REG, &reg);
2053         if (ret != 0) {
2054             error_setg(errp, "Unable to read cboz_blocksize, error %d", errno);
2055             return;
2056         }
2057 
2058         if (cpu->cfg.cboz_blocksize != val) {
2059             error_setg(errp, "Unable to set cboz_blocksize to a different "
2060                        "value than the host (%lu)", val);
2061             return;
2062         }
2063     }
2064 
2065     /* Users are setting vlen, not vlenb */
2066     if (riscv_has_ext(env, RVV) && riscv_cpu_option_set("vlen")) {
2067         if (!kvm_v_vlenb.supported) {
2068             error_setg(errp, "Unable to set 'vlenb': register not supported");
2069             return;
2070         }
2071 
2072         reg.id = kvm_v_vlenb.kvm_reg_id;
2073         reg.addr = (uint64_t)&val;
2074         ret = ioctl(kvmcpu.cpufd, KVM_GET_ONE_REG, &reg);
2075         if (ret != 0) {
2076             error_setg(errp, "Unable to read vlenb register, error %d", errno);
2077             return;
2078         }
2079 
2080         if (cpu->cfg.vlenb != val) {
2081             error_setg(errp, "Unable to set 'vlen' to a different "
2082                        "value than the host (%lu)", val * 8);
2083             return;
2084         }
2085     }
2086 
2087     kvm_riscv_destroy_scratch_vcpu(&kvmcpu);
2088 }
2089 
2090 static void kvm_cpu_accel_class_init(ObjectClass *oc, const void *data)
2091 {
2092     AccelCPUClass *acc = ACCEL_CPU_CLASS(oc);
2093 
2094     acc->cpu_instance_init = kvm_cpu_instance_init;
2095     acc->cpu_target_realize = kvm_cpu_realize;
2096 }
2097 
2098 static const TypeInfo kvm_cpu_accel_type_info = {
2099     .name = ACCEL_CPU_NAME("kvm"),
2100 
2101     .parent = TYPE_ACCEL_CPU,
2102     .class_init = kvm_cpu_accel_class_init,
2103     .abstract = true,
2104 };
2105 static void kvm_cpu_accel_register_types(void)
2106 {
2107     type_register_static(&kvm_cpu_accel_type_info);
2108 }
2109 type_init(kvm_cpu_accel_register_types);
2110 
2111 static const TypeInfo riscv_kvm_cpu_type_infos[] = {
2112     {
2113         .name = TYPE_RISCV_CPU_HOST,
2114         .parent = TYPE_RISCV_CPU,
2115 #if defined(TARGET_RISCV32)
2116         .class_data = &(const RISCVCPUDef) {
2117             .misa_mxl_max = MXL_RV32,
2118             .priv_spec = RISCV_PROFILE_ATTR_UNUSED,
2119             .vext_spec = RISCV_PROFILE_ATTR_UNUSED,
2120             .cfg.max_satp_mode = -1,
2121         },
2122 #elif defined(TARGET_RISCV64)
2123         .class_data = &(const RISCVCPUDef) {
2124             .misa_mxl_max = MXL_RV64,
2125             .priv_spec = RISCV_PROFILE_ATTR_UNUSED,
2126             .vext_spec = RISCV_PROFILE_ATTR_UNUSED,
2127             .cfg.max_satp_mode = -1,
2128         },
2129 #endif
2130     }
2131 };
2132 
2133 DEFINE_TYPES(riscv_kvm_cpu_type_infos)
2134 
2135 static const uint32_t ebreak_insn = 0x00100073;
2136 static const uint16_t c_ebreak_insn = 0x9002;
2137 
2138 int kvm_arch_insert_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
2139 {
2140     if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 2, 0)) {
2141         return -EINVAL;
2142     }
2143 
2144     if ((bp->saved_insn & 0x3) == 0x3) {
2145         if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 4, 0)
2146             || cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&ebreak_insn, 4, 1)) {
2147             return -EINVAL;
2148         }
2149     } else {
2150         if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&c_ebreak_insn, 2, 1)) {
2151             return -EINVAL;
2152         }
2153     }
2154 
2155     return 0;
2156 }
2157 
2158 int kvm_arch_remove_sw_breakpoint(CPUState *cs, struct kvm_sw_breakpoint *bp)
2159 {
2160     uint32_t ebreak;
2161     uint16_t c_ebreak;
2162 
2163     if ((bp->saved_insn & 0x3) == 0x3) {
2164         if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&ebreak, 4, 0) ||
2165             ebreak != ebreak_insn ||
2166             cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 4, 1)) {
2167             return -EINVAL;
2168         }
2169     } else {
2170         if (cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&c_ebreak, 2, 0) ||
2171             c_ebreak != c_ebreak_insn ||
2172             cpu_memory_rw_debug(cs, bp->pc, (uint8_t *)&bp->saved_insn, 2, 1)) {
2173             return -EINVAL;
2174         }
2175     }
2176 
2177     return 0;
2178 }
2179 
2180 int kvm_arch_insert_hw_breakpoint(vaddr addr, vaddr len, int type)
2181 {
2182     /* TODO; To be implemented later. */
2183     return -EINVAL;
2184 }
2185 
2186 int kvm_arch_remove_hw_breakpoint(vaddr addr, vaddr len, int type)
2187 {
2188     /* TODO; To be implemented later. */
2189     return -EINVAL;
2190 }
2191 
2192 void kvm_arch_remove_all_hw_breakpoints(void)
2193 {
2194     /* TODO; To be implemented later. */
2195 }
2196 
2197 void kvm_arch_update_guest_debug(CPUState *cs, struct kvm_guest_debug *dbg)
2198 {
2199     if (kvm_sw_breakpoints_active(cs)) {
2200         dbg->control |= KVM_GUESTDBG_ENABLE;
2201     }
2202 }
2203