Commit d7a75ea483 for qemu.org
commit d7a75ea483a57add78b559cd181293e0136cc8c8
Author: Mohamed Mediouni <mohamed@unpredictable.fr>
Date: Tue May 5 09:25:21 2026 +0100
hw/arm, target/arm: nested virtualisation on HVF
Add hvf_arm_el2_supported for querying EL2 availability.
An hvf_nested_virt_enable workaround is added as nested virt has
to be enabled early on HVF.
And adds hvf_nested_virt_enabled.
Signed-off-by: Mohamed Mediouni <mohamed@unpredictable.fr>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Message-id: 20260429190532.26538-6-mohamed@unpredictable.fr
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
diff --git a/accel/hvf/hvf-all.c b/accel/hvf/hvf-all.c
index add265e0c8..da29aa3aa3 100644
--- a/accel/hvf/hvf-all.c
+++ b/accel/hvf/hvf-all.c
@@ -24,6 +24,12 @@
bool hvf_allowed;
bool hvf_kernel_irqchip;
+bool hvf_nested_virt;
+
+void hvf_nested_virt_enable(bool nested_virt)
+{
+ hvf_nested_virt = nested_virt;
+}
const char *hvf_return_string(hv_return_t ret)
{
diff --git a/accel/stubs/hvf-stub.c b/accel/stubs/hvf-stub.c
index 6bd08759ba..7643e8c5f5 100644
--- a/accel/stubs/hvf-stub.c
+++ b/accel/stubs/hvf-stub.c
@@ -11,3 +11,14 @@
bool hvf_allowed;
bool hvf_kernel_irqchip;
+bool hvf_nested_virt;
+
+void hvf_nested_virt_enable(bool nested_virt)
+{
+ /*
+ * This is called unconditionally from hw/arm/virt.c
+ * because we don't know if HVF is going to be used
+ * as that step of initialisation happens later.
+ * As such, do nothing here instead of marking as unreachable.
+ */
+}
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 47400214a2..ca50411020 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -2987,6 +2987,11 @@ static void virt_set_virt(Object *obj, bool value, Error **errp)
VirtMachineState *vms = VIRT_MACHINE(obj);
vms->virt = value;
+ /*
+ * At this point, HVF is not initialised yet.
+ * However, it needs to know if nested virt is enabled at init time.
+ */
+ hvf_nested_virt_enable(value);
}
static bool virt_get_highmem(Object *obj, Error **errp)
diff --git a/include/system/hvf.h b/include/system/hvf.h
index dc8da85979..a961df8b95 100644
--- a/include/system/hvf.h
+++ b/include/system/hvf.h
@@ -28,11 +28,16 @@ extern bool hvf_allowed;
#define hvf_enabled() (hvf_allowed)
extern bool hvf_kernel_irqchip;
#define hvf_irqchip_in_kernel() (hvf_kernel_irqchip)
+extern bool hvf_nested_virt;
+#define hvf_nested_virt_enabled() (hvf_nested_virt)
#else /* !CONFIG_HVF_IS_POSSIBLE */
#define hvf_enabled() 0
#define hvf_irqchip_in_kernel() 0
+#define hvf_nested_virt_enabled() 0
#endif /* !CONFIG_HVF_IS_POSSIBLE */
+void hvf_nested_virt_enable(bool nested_virt);
+
#define TYPE_HVF_ACCEL ACCEL_CLASS_NAME("hvf")
typedef struct HVFState HVFState;
diff --git a/target/arm/hvf/hvf.c b/target/arm/hvf/hvf.c
index f4638002a3..e30442132c 100644
--- a/target/arm/hvf/hvf.c
+++ b/target/arm/hvf/hvf.c
@@ -27,6 +27,7 @@
#include "system/memory.h"
#include "hw/core/boards.h"
#include "hw/core/irq.h"
+#include "hw/arm/virt.h"
#include "qemu/main-loop.h"
#include "system/cpus.h"
#include "arm-powerctl.h"
@@ -1103,6 +1104,10 @@ static bool hvf_arm_get_host_cpu_features(ARMHostCPUFeatures *ahcf)
(1ULL << ARM_FEATURE_PMU) |
(1ULL << ARM_FEATURE_GENERIC_TIMER);
+ if (hvf_nested_virt_enabled()) {
+ ahcf->features |= 1ULL << ARM_FEATURE_EL2;
+ }
+
for (i = 0; i < ARRAY_SIZE(regs); i++) {
r |= hv_vcpu_config_get_feature_reg(config, regs[i].reg,
&host_isar.idregs[regs[i].index]);
@@ -1218,6 +1223,19 @@ void hvf_arch_vcpu_destroy(CPUState *cpu)
assert_hvf_ok(ret);
}
+static bool hvf_arm_el2_supported(void)
+{
+ bool is_nested_virt_supported;
+ if (__builtin_available(macOS 15.0, *)) {
+ hv_return_t ret = hv_vm_config_get_el2_supported(&is_nested_virt_supported);
+ assert_hvf_ok(ret);
+ } else {
+ return false;
+ }
+ return is_nested_virt_supported;
+}
+
+
hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
{
hv_return_t ret;
@@ -1229,6 +1247,20 @@ hv_return_t hvf_arch_vm_create(MachineState *ms, uint32_t pa_range)
}
chosen_ipa_bit_size = pa_range;
+ if (__builtin_available(macOS 15.0, *)) {
+ if (hvf_nested_virt_enabled()) {
+ if (!hvf_arm_el2_supported()) {
+ error_report("Nested virtualization not supported on this system.");
+ goto cleanup;
+ }
+ ret = hv_vm_config_set_el2_enabled(config, true);
+ if (ret != HV_SUCCESS) {
+ error_report("Failed to enable nested virtualization.");
+ goto cleanup;
+ }
+ }
+ }
+
ret = hv_vm_create(config);
if (hvf_irqchip_in_kernel()) {
if (__builtin_available(macOS 15.0, *)) {
@@ -1420,6 +1452,13 @@ static void hvf_psci_cpu_off(ARMCPU *arm_cpu)
assert(ret == QEMU_ARM_POWERCTL_RET_SUCCESS);
}
+static int hvf_psci_get_target_el(void)
+{
+ if (hvf_nested_virt_enabled()) {
+ return 2;
+ }
+ return 1;
+}
/*
* Handle a PSCI call.
*
@@ -1441,7 +1480,6 @@ static bool hvf_handle_psci_call(CPUState *cpu, int *excp_ret)
CPUState *target_cpu_state;
ARMCPU *target_cpu;
uint64_t entry;
- int target_el = 1;
int32_t ret = 0;
trace_arm_psci_call(param[0], param[1], param[2], param[3],
@@ -1495,7 +1533,7 @@ static bool hvf_handle_psci_call(CPUState *cpu, int *excp_ret)
entry = param[2];
context_id = param[3];
ret = arm_set_cpu_on(mpidr, entry, context_id,
- target_el, target_aarch64);
+ hvf_psci_get_target_el(), target_aarch64);
break;
case QEMU_PSCI_0_1_FN_CPU_OFF:
case QEMU_PSCI_0_2_FN_CPU_OFF: