hv_exc: Handle M1RACLES mitigation here due to 12.0 spam

macOS 12.0 added a silly ineffective "mitigation" that clears the register on every context switch. This doesn't actually mitigate anything, but it does make this sysreg trap performance-critical, so we have to move its handling into the C side. Signed-off-by: Hector Martin <marcan@marcan.st>
2025-02-17 06:08:28 +00:00 · 2021-08-14 16:27:16 +09:00 · 2021-08-14 16:27:16 +09:00 · f8110dd409
commit f8110dd409
parent a18033e569
2 changed files with 8 additions and 4 deletions
--- a/proxyclient/m1n1/hv.py
+++ b/proxyclient/m1n1/hv.py
@ -523,9 +523,7 @@ class HV(Reloadable):

        name = sysreg_name(enc)

-        skip = set((
-            (3, 5, 15, 10, 1), # M1RACLES mitigation
-        ))
+        skip = set()
        shadow = {
            #SPRR_CONFIG_EL1,
            #SPRR_PERM_EL0,
@ -557,7 +555,8 @@ class HV(Reloadable):
                if iss.Rt != 31:
                    ctx.regs[iss.Rt] = 0
            else:
-                value = ctx.regs[iss.Rt]
+                if iss.Rt != 31:
+                    value = ctx.regs[iss.Rt]
                print(f"Skip: msr {name}, x{iss.Rt} = {value:x}")
        else:
            if iss.DIR == MSR_DIR.READ:
--- a/src/hv_exc.c
+++ b/src/hv_exc.c
@ -188,6 +188,11 @@ static bool hv_handle_msr(u64 *regs, u64 iss)
            }
            return true;
 #endif
+        /* M1RACLES reg, handle here due to silly 12.0 "mitigation" */
+        case SYSREG_ISS(sys_reg(3, 5, 15, 10, 1)):
+            if (is_read)
+                regs[rt] = 0;
+            return true;
    }

    return false;