feat(aarch64): add system register trapping and emulation

- Add CNTHCTL_EL2 register to GuestSystemRegisters
- Implement handler for trapped MSR/MRS instructions
- Add utility functions for system register exception handling
- Update VCpu initialization to enable system register trapping
- Replace PhantomData with actual IRQ fetching implementation

Author: luodeb

Cargo.toml

@@ -5,6 +5,7 @@ edition = "2021"
 
 [dependencies]
 log = "0.4.21"
+spin = "0.9"
 
 aarch64-cpu = "9.3"
 smccc = "0.1.1"
@@ -14,6 +15,8 @@ numeric-enum-macro = "0.2"
 axerrno = "0.1.0"
 percpu = "0.1.4"
 crate_interface = "0.1"
-
+lazy_static = { version = "1.5", features = ["spin_no_std"] }
+axhal = { path = "../../arceos/modules/axhal" }
 axaddrspace = { git = "https://github.com/arceos-hypervisor/axaddrspace.git" }
 axvcpu = { git = "https://github.com/arceos-hypervisor/axvcpu.git", branch = "axvcpuhal" }
+aarch64_sysreg = "0.1.1"

src/context_frame.rs

@@ -156,6 +156,7 @@ pub struct GuestSystemRegisters {
     cntv_ctl_el0: u32,
     cntp_tval_el0: u32,
     cntv_tval_el0: u32,
+    pub cnthctl_el2: u64,
 
     // vpidr and vmpidr
     vpidr_el2: u32,
@@ -219,6 +220,7 @@ impl GuestSystemRegisters {
         asm!("mrs {0:x}, CNTP_TVAL_EL0", out(reg) self.cntp_tval_el0);
         asm!("mrs {0:x}, CNTV_TVAL_EL0", out(reg) self.cntv_tval_el0);
         asm!("mrs {0}, CNTVCT_EL0", out(reg) self.cntvct_el0);
+        asm!("mrs {0}, CNTHCTL_EL2", out(reg) self.cnthctl_el2);
         // MRS!("self.vpidr_el2, VPIDR_EL2, "x");
         asm!("mrs {0}, VMPIDR_EL2", out(reg) self.vmpidr_el2);
 
@@ -262,6 +264,7 @@ impl GuestSystemRegisters {
         asm!("msr CNTV_CVAL_EL0, {0}", in(reg) self.cntv_cval_el0);
         asm!("msr CNTKCTL_EL1, {0:x}", in (reg) self.cntkctl_el1);
         asm!("msr CNTV_CTL_EL0, {0:x}", in (reg) self.cntv_ctl_el0);
+        asm!("msr CNTHCTL_EL2, {0}", in(reg) self.cnthctl_el2);
         // The restoration of SP_EL0 is done in `exception_return_el2`,
         // which move the value from `self.ctx.sp_el0` to `SP_EL0`.
         // asm!("msr SP_EL0, {0}", in(reg) self.sp_el0);

src/exception.rs

@@ -9,7 +9,8 @@ use crate::exception_utils::{
     exception_data_abort_access_reg, exception_data_abort_access_reg_width,
     exception_data_abort_access_width, exception_data_abort_handleable,
     exception_data_abort_is_permission_fault, exception_data_abort_is_translate_fault,
-    exception_esr, exception_fault_addr, exception_next_instruction_step,
+    exception_esr, exception_fault_addr, exception_next_instruction_step, exception_sysreg_addr,
+    exception_sysreg_direction_write, exception_sysreg_gpr,
 };
 use crate::TrapFrame;
 
@@ -94,6 +95,8 @@ pub fn handle_exception_sync(ctx: &mut TrapFrame) -> AxResult<AxVCpuExitReason>
                 ],
             })
         }
+        Some(ESR_EL2::EC::Value::TrappedMsrMrs) => handle_system_register(ctx),
+        // Some(ESR_EL2::EC::Value::InstrAbortLowerEL) => Ok(AxVCpuExitReason::Nothing),
         _ => {
             panic!(
                 "handler not presents for EC_{} @ipa 0x{:x}, @pc 0x{:x}, @esr 0x{:x},
@@ -112,9 +115,53 @@ pub fn handle_exception_sync(ctx: &mut TrapFrame) -> AxResult<AxVCpuExitReason>
     }
 }
 
+/*
+ESR EC:011000 IL, bit [25]：Instruction Length for synchronous exceptions. Possible values of this bit are: 0：16b 1：32b
+Op0, bits [21:20]
+Op2, bits [19:17]
+Op1, bits [16:14]
+CRn, bits [13:10]
+CRm, bits [4:1]   This five parameters are for SYSREG
+
+Rt, bits [9:5]  general-purpose register used for the transfer.
+Direction, bit [0]  0：Write access, including MSR instructions.  1：Read access, including MRS instructions.
+
+#define SYS_CNTFRQ_EL0			sys_reg(3, 3, 14, 0, 0)
+
+#define SYS_CNTPCT_EL0			sys_reg(3, 3, 14, 0, 1)
+#define SYS_CNTPCTSS_EL0		sys_reg(3, 3, 14, 0, 5)
+#define SYS_CNTVCTSS_EL0		sys_reg(3, 3, 14, 0, 6)
+
+#define SYS_CNTP_TVAL_EL0		sys_reg(3, 3, 14, 2, 0)
+#define SYS_CNTP_CTL_EL0		sys_reg(3, 3, 14, 2, 1)
+#define SYS_CNTP_CVAL_EL0		sys_reg(3, 3, 14, 2, 2)
+
+#define SYS_CNTV_CTL_EL0		sys_reg(3, 3, 14, 3, 1)
+#define SYS_CNTV_CVAL_EL0		sys_reg(3, 3, 14, 3, 2)
+*/
+
+fn handle_system_register(context_frame: &mut TrapFrame) -> AxResult<AxVCpuExitReason> {
+    let iss = ESR_EL2.read(ESR_EL2::ISS);
+    let addr = exception_sysreg_addr(iss.try_into().unwrap());
+    let elr = context_frame.exception_pc();
+    let val = elr + exception_next_instruction_step();
+    let write = exception_sysreg_direction_write(iss);
+    let reg = exception_sysreg_gpr(iss) as usize;
+    context_frame.set_exception_pc(val);
+    // TODO! gicv3 ICC_SRE_ADDR / ICC_SGIR_ADDR
+    if write {
+        return Ok(AxVCpuExitReason::SysregWrite {
+            addr,
+            reg,
+            data: context_frame.gpr(reg as usize) as u64,
+        });
+    }
+    Ok(AxVCpuExitReason::SysregRead { addr, reg })
+}
+
 fn handle_data_abort(context_frame: &mut TrapFrame) -> AxResult<AxVCpuExitReason> {
     let addr = exception_fault_addr()?;
-    debug!("data fault addr {:?}, esr: 0x{:x}", addr, exception_esr());
+    trace!("data fault addr {:?}, esr: 0x{:x}", addr, exception_esr());
 
     let access_width = exception_data_abort_access_width();
     let is_write = exception_data_abort_access_is_write();

src/exception_utils.rs

@@ -171,6 +171,27 @@ pub fn exception_iss() -> usize {
     ESR_EL2.read(ESR_EL2::ISS) as usize
 }
 
+#[inline(always)]
+pub fn exception_sysreg_direction_write(iss: u64) -> bool {
+    const ESR_ISS_SYSREG_DIRECTION: u64 = 0b1;
+    (iss & ESR_ISS_SYSREG_DIRECTION) == 0
+}
+
+#[inline(always)]
+pub fn exception_sysreg_gpr(iss: u64) -> u64 {
+    const ESR_ISS_SYSREG_REG_OFF: u64 = 5;
+    const ESR_ISS_SYSREG_REG_LEN: u64 = 5;
+    const ESR_ISS_SYSREG_REG_MASK: u64 = (1 << ESR_ISS_SYSREG_REG_LEN) - 1;
+    (iss >> ESR_ISS_SYSREG_REG_OFF) & ESR_ISS_SYSREG_REG_MASK
+}
+
+#[inline(always)]
+pub const fn exception_sysreg_addr(iss: usize) -> usize {
+    // (Op0[21..20] + Op2[19..17] + Op1[16..14] + CRn[13..10]) + CRm[4..1]
+    const ESR_ISS_SYSREG_ADDR: usize = (0xfff << 10) | (0xf << 1);
+    iss & ESR_ISS_SYSREG_ADDR
+}
+
 /// Checks if the data abort exception was caused by a permission fault.
 ///
 /// # Returns

src/lib.rs

@@ -12,9 +12,11 @@ mod context_frame;
 mod exception_utils;
 mod exception;
 mod pcpu;
+mod registers;
 mod vcpu;
 
 pub use self::pcpu::Aarch64PerCpu;
+pub use self::registers::{emu_register_add, emu_register_handle_read, emu_register_handle_write};
 pub use self::vcpu::{Aarch64VCpu, Aarch64VCpuCreateConfig};
 
 /// context frame for aarch64

src/registers.rs

@@ -0,0 +1,137 @@
+extern crate alloc;
+use crate::vcpu::Aarch64VCpu;
+use aarch64_cpu::registers::{Readable, Writeable};
+use aarch64_cpu::registers::{CNTFRQ_EL0, CNTPCT_EL0, CNTP_CTL_EL0, CNTP_TVAL_EL0};
+use aarch64_sysreg::SystemRegType;
+use alloc::sync::Arc;
+use alloc::{vec, vec::Vec};
+// pub use arm_gicv2::GicInterface;
+use axvcpu::AxVCpuHal;
+use axvcpu::{AxArchVCpu, AxVCpu};
+use lazy_static::lazy_static;
+use spin::RwLock;
+
+type RegVcpu = Arc<AxVCpu<Aarch64VCpu>>;
+
+/// Struct representing an entry in the emulator register list.
+pub struct EmuRegEntry {
+    /// The type of the emulator register.
+    pub emu_type: EmuRegType,
+    /// The address associated with the emulator register.
+    pub addr: SystemRegType,
+    /// The handler write function for the emulator register.
+    pub handle_write: fn(SystemRegType, usize, u64, RegVcpu) -> bool,
+    /// The handler read function for the emulator register.
+    pub handle_read: fn(SystemRegType, usize, RegVcpu) -> bool,
+}
+
+/// Enumeration representing the type of emulator registers.
+pub enum EmuRegType {
+    /// System register type for emulator registers.
+    SysReg,
+}
+
+pub fn emu_register_add(
+    addr: SystemRegType,
+    handle_write: fn(SystemRegType, usize, u64, RegVcpu) -> bool,
+    handle_read: fn(SystemRegType, usize, RegVcpu) -> bool,
+) {
+    let mut emu_reg = EMU_REGISTERS.write();
+    for entry in emu_reg.iter() {
+        if entry.addr == addr {
+            error!("Register:{} already exists", addr);
+            return;
+        }
+    }
+    info!("Register:{} added", addr);
+    emu_reg.push(EmuRegEntry {
+        emu_type: EmuRegType::SysReg,
+        addr,
+        handle_write,
+        handle_read,
+    });
+}
+
+pub fn emu_register_handle_write(
+    addr: SystemRegType,
+    reg: usize,
+    value: u64,
+    vcpu: RegVcpu,
+) -> bool {
+    let emu_reg = EMU_REGISTERS.read();
+    for entry in emu_reg.iter() {
+        if entry.addr == addr {
+            return (entry.handle_write)(addr, reg, value, vcpu);
+        }
+    }
+    panic!("Invalid emulated register write: addr={}", addr);
+}
+
+pub fn emu_register_handle_read(addr: SystemRegType, reg: usize, vcpu: RegVcpu) -> bool {
+    let emu_reg = EMU_REGISTERS.read();
+    for entry in emu_reg.iter() {
+        if entry.addr == addr {
+            return (entry.handle_read)(addr, reg, vcpu);
+        }
+    }
+    panic!("Invalid emulated register read: addr={}", addr);
+}
+
+fn handle_write(addr: SystemRegType, _reg: usize, value: u64, _vcpu: RegVcpu) -> bool {
+    info!(
+        "write to emulated register: addr: {},  value: {:x}",
+        addr, value
+    );
+    false
+}
+fn handle_read(addr: SystemRegType, _reg: usize, _vcpu: RegVcpu) -> bool {
+    info!("read from emulated register: addr: {}", addr);
+    false
+}
+
+lazy_static! {
+    static ref EMU_REGISTERS: RwLock<Vec<EmuRegEntry>> = RwLock::new(vec![
+        EmuRegEntry {
+            emu_type: EmuRegType::SysReg,
+            addr: SystemRegType::CNTPCT_EL0,
+            handle_write: handle_write,
+            handle_read: |_addr, reg, vcpu| {
+                            // Get the current value of CNTPCT_EL0
+                            // info!("Read CNTPCT_EL0");
+                            (*vcpu).set_gpr(reg, CNTPCT_EL0.get() as usize);
+                            true
+                        },
+        },
+        EmuRegEntry {
+            emu_type: EmuRegType::SysReg,
+            addr: SystemRegType::CNTP_TVAL_EL0,
+            handle_write: |_addr, _reg, value, _vcpu| {
+                info!("Write CNTP_TVAL_EL0 0x{:x}",value);
+                CNTP_TVAL_EL0.set(value);
+                true
+            },
+            handle_read: handle_read,
+        },
+        EmuRegEntry {
+            emu_type: EmuRegType::SysReg,
+            addr: SystemRegType::CNTP_CTL_EL0,
+            handle_write: |_addr, _reg, value, _vcpu| {
+                            // CNTP_CTL_EL0.set(value);
+                            // CNTP_TVAL_EL0.set(value);
+                            // axhal::irq::register_handler(30, || {
+                            //     info!("Timer Interrupt");
+                            // });
+                            info!("Set Timer Interrupt: {}", value);
+                            axhal::arch::enable_irqs();
+                            true
+                        },
+            handle_read: handle_read,
+        },
+        EmuRegEntry {
+            emu_type: EmuRegType::SysReg,
+            addr: SystemRegType::CNTP_CVAL_EL0,
+            handle_write: handle_write,
+            handle_read: handle_read,
+        },
+    ]);
+}

src/timer.rs

@@ -0,0 +1 @@
+

src/vcpu.rs

@@ -57,15 +57,14 @@ pub struct VmCpuRegisters {
 /// A virtual CPU within a guest
 #[repr(C)]
 #[derive(Debug)]
-pub struct Aarch64VCpu<H: AxVCpuHal> {
+pub struct Aarch64VCpu {
     // DO NOT modify `guest_regs` and `host_stack_top` and their order unless you do know what you are doing!
     // DO NOT add anything before or between them unless you do know what you are doing!
     ctx: TrapFrame,
     host_stack_top: u64,
     guest_system_regs: GuestSystemRegisters,
     /// The MPIDR_EL1 value for the vCPU.
     mpidr: u64,
-    _phantom: PhantomData<H>,
 }
 
 /// Configuration for creating a new `Aarch64VCpu`
@@ -77,7 +76,7 @@ pub struct Aarch64VCpuCreateConfig {
     pub mpidr_el1: u64,
 }
 
-impl<H: AxVCpuHal> axvcpu::AxArchVCpu for Aarch64VCpu<H> {
+impl axvcpu::AxArchVCpu for Aarch64VCpu {
     type CreateConfig = Aarch64VCpuCreateConfig;
 
     type SetupConfig = ();
@@ -88,7 +87,6 @@ impl<H: AxVCpuHal> axvcpu::AxArchVCpu for Aarch64VCpu<H> {
             host_stack_top: 0,
             guest_system_regs: GuestSystemRegisters::default(),
             mpidr: config.mpidr_el1,
-            _phantom: PhantomData,
         })
     }
 
@@ -141,7 +139,7 @@ impl<H: AxVCpuHal> axvcpu::AxArchVCpu for Aarch64VCpu<H> {
 }
 
 // Private function
-impl<H: AxVCpuHal> Aarch64VCpu<H> {
+impl Aarch64VCpu {
     fn init_hv(&mut self) {
         self.ctx.spsr = (SPSR_EL1::M::EL1h
             + SPSR_EL1::I::Masked
@@ -168,7 +166,14 @@ impl<H: AxVCpuHal> Aarch64VCpu<H> {
             + VTCR_EL2::SL0.val(0b01)
             + VTCR_EL2::T0SZ.val(64 - 39))
         .into();
-        self.guest_system_regs.hcr_el2 = (HCR_EL2::VM::Enable + HCR_EL2::RW::EL1IsAarch64).into();
+        self.guest_system_regs.hcr_el2 = (HCR_EL2::VM::Enable
+            + HCR_EL2::RW::EL1IsAarch64
+            // + HCR_EL2::IMO::EnableVirtualIRQ
+            // + HCR_EL2::FMO::EnableVirtualFIQ
+            + HCR_EL2::TSC::EnableTrapEl1SmcToEl2)
+            .into();
+        self.guest_system_regs.cnthctl_el2 =
+            (CNTHCTL_EL2::EL1PCEN::CLEAR + CNTHCTL_EL2::EL1PCTEN::CLEAR).into();
         // self.system_regs.hcr_el2 |= 1<<27;
         // + HCR_EL2::IMO::EnableVirtualIRQ).into();
         // trap el1 smc to el2
@@ -195,7 +200,7 @@ impl<H: AxVCpuHal> Aarch64VCpu<H> {
 }
 
 /// Private functions related to vcpu runtime control flow.
-impl<H: AxVCpuHal> Aarch64VCpu<H> {
+impl Aarch64VCpu {
     /// Save host context and run guest.
     ///
     /// When a VM-Exit happens when guest's vCpu is running,
@@ -277,7 +282,7 @@ impl<H: AxVCpuHal> Aarch64VCpu<H> {
         match exit_reason {
             TrapKind::Synchronous => handle_exception_sync(&mut self.ctx),
             TrapKind::Irq => Ok(AxVCpuExitReason::ExternalInterrupt {
-                vector: H::irq_fecth() as _,
+                vector: axhal::irq::fetch_irq() as _,
             }),
             _ => panic!("Unhandled exception {:?}", exit_reason),
         }