Commit graph

1315 commits

Author SHA1 Message Date
Hector Martin
08873880fa m1n1.hv: Fix TLB invalidation issue
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-10-15 23:44:12 +09:00
Hector Martin
1444c93a24 proxy: Add P_MMU_INIT_SECONDARY
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-10-15 23:44:12 +09:00
Danny Lin
7a29455646 proxyclient: Fix typo in LazyADT str implementation
Fix the `gstr` typo so that `print(hv.adt)` works as expected.

Signed-off-by: Danny Lin <danny@kdrag0n.dev>
2021-10-11 12:42:55 +09:00
Alyssa Rosenzweig
8010e38376 Add smc.py script to enable radios
Add a basic SMC client and a script in experiments/ using it to enable
the radios. Running this before booting Linux will make the network
controller devices show up in lspci, even if Linux lacks an SMC driver.

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-10-11 12:41:27 +09:00
Martin Povišer
925215aea2 proxyclient: Expect m1n1 at /dev/ttyACM0
Change the default serial port.

Signed-off-by: Martin Povišer <povik@protonmail.com>
2021-10-11 12:40:43 +09:00
Hector Martin
3a4b2870a8 experiments/cpu_pstates.py: Only set DVMR if necessary
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-24 01:16:32 +09:00
Hector Martin
febf83a981 experiments/cpu_pstates.py: Enable DVMR unconditionally
Seems this is not always enabled by the bootloader on some systems

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-24 00:53:07 +09:00
Sven Peter
0b4d5bd793 proxyclient: hv: Add simple DWC3/XHCI/ATCPHY tracer
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-09-22 19:01:03 +09:00
TophEvich
913c775165 proxyclient: removed unused code
Little clean-up of unused proxyclient code.
Code used/referenced by commented out sections were taken
into account and left behind to be used by it at a later point.

Signed-off-by: TophEvich <84676511+TophEvich@users.noreply.github.com>
2021-09-22 19:00:34 +09:00
Martin Povišer
18bc2c7db1 Add m1n1.hw.admac, experiments/speaker_amp.py
Add initial code for driving the ADMAC hw blocks, also add a script
which shows it in action by streaming audio to the Mac mini's embedded
speaker.

Signed-off-by: Martin Povišer <povik@protonmail.com>
2021-09-22 16:02:35 +09:00
Martin Povišer
d25581ddb3 Fill in m1n1.hw.i2c
Signed-off-by: Martin Povišer <povik@protonmail.com>
2021-09-22 16:02:35 +09:00
Hector Martin
9dc332b660 tools/dump_pmgr.py: Show fixed clock usages from DT
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-22 01:03:10 +09:00
Hector Martin
a816f2718b m1n1.hv: Improve bt()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-22 00:36:41 +09:00
Hector Martin
9cc0c0a55b m1n1.hv: Add lower() command to send an exception to the guest
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-22 00:36:40 +09:00
Hector Martin
36e0283a87 hv: Handle PAC mask automatically
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 23:28:31 +09:00
Hector Martin
bce239b36f exception: Make space in the stack for full exception context
This is step 1 of the rework to make reentrant exceptions work

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 20:29:19 +09:00
Hector Martin
04668b370a m1n1.proxyutils: Print and clear L2C regs on SErrors
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 17:15:49 +09:00
Hector Martin
0e3770ca47 hv, m1n1.hv: Add cpu() command to switch CPU contexts
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 13:18:06 +09:00
Hector Martin
5feae51f25 tools/run_guest.py: Add --debug-xnu argument
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 13:15:24 +09:00
Hector Martin
9545371c87 m1n1.hv: Add more PMGR hacks for xnu bug workarounds etc
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 13:15:04 +09:00
Hector Martin
160ced7449 m1n1.hv: Also guard IMX pstate
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-21 00:40:31 +09:00
Hector Martin
16314a6203 m1n1.fw.pmp: New module
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 18:01:21 +09:00
Hector Martin
6211e9f9e6 m1n1.hw.pmgr: New module
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 18:01:09 +09:00
Hector Martin
eae9eceff1 m1n1.adt: Fix more pmgr fields, improve dump_pmgr.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 17:55:45 +09:00
Hector Martin
d2d5952aa5 tools: dump_pmgr.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 03:00:40 +09:00
Hector Martin
1e98c320df m1n1.adt: Pretty sure the v_ things were wrong
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 02:49:58 +09:00
Hector Martin
5c99406790 m1n1.hv: Guard UART0 pmgr regs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-20 02:48:23 +09:00
Hector Martin
c461b5d033 m1n1.adt: Add clock-frequencies decoding
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-19 22:33:38 +09:00
Hector Martin
6c070fa224 m1n1.proxyutils: Only set baud if connected via serial
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-19 22:32:58 +09:00
Hector Martin
99e38d24d0 experiments/cpu_pstates.py: Remove p-core boost testing hack
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-19 02:28:49 +09:00
Hector Martin
c8eb9a7862 experiments: Add cpu_pstate_latencies.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-19 02:03:27 +09:00
Hector Martin
6a620ddab9 experiments: Add cpu_pstates.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-19 02:03:24 +09:00
Hector Martin
c3ba77ce16 hv_exc: Handle SYS_IMP_APL_CYC_OVRD in the fast path
m1n1 now uses this for SMP, and due to wfi FIQ leakage from the HV
timer this gets spammed thousands of times per second. Handle it in
the HV directly.

Fixes: #107

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-18 22:33:28 +09:00
Hector Martin
37b2fdda7c m1n1.adt: Handle empty function props
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-18 22:27:13 +09:00
Hector Martin
2d952752db proxy: Add smp_wait() to the proxy
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 15:25:34 +09:00
Hector Martin
b16bad61b4 m1n1.utils: Fix RegAccessor assignment
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:34:56 +09:00
Hector Martin
bbf8889d87 m1n1.trace.asc: Print more registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:34:42 +09:00
Hector Martin
36a7f3f2e1 m1n1.hw.asc: Print raw messages in hex
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:34:22 +09:00
Hector Martin
0d13ed692e m1n1.fw.asc: Align buffer sizes in reply messages
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:33:34 +09:00
Hector Martin
966b50a753 m1n1.fw.asc: Support booting an ASC
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:33:12 +09:00
Hector Martin
b53b627cb9 m1n1.hw.dart: Support initializing a DART from scratch
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:30:41 +09:00
Hector Martin
97ed24a908 m1n1.fw.asc: Make DVA offset configurable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-17 00:30:14 +09:00
Hector Martin
77fbb05623 m1n1.adt: Pretty-print functions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-16 17:06:51 +09:00
Hector Martin
961f8eae4d m1n1.adt: Print a useful diag when a prop fails to parse
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-16 16:48:22 +09:00
Hector Martin
de8b490b01 m1n1.adt: Add some mcc props
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-16 16:47:45 +09:00
Hector Martin
3b6a645db6 m1n1.adt: Support master (templated) ADTs properly
They used to parse but not round-trip, now they do

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-16 16:47:22 +09:00
Hector Martin
9ecaeb9e1b m1n1.hv: Add SMP support
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:32:57 +09:00
Hector Martin
509481d5d5 hv: Add SMP support
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:32:57 +09:00
Hector Martin
d68e4e42dd m1n1.trace: Show CPU number in default MMIO PrintTracer 2021-09-15 23:32:57 +09:00
Hector Martin
e88d55005a m1n1.trace: Use hv.log() in Tracer.log() 2021-09-15 23:32:57 +09:00
Hector Martin
a4efa373f3 m1n1.trace: Make Tracer.trace() take read/write args
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:32:57 +09:00
Hector Martin
81aaa72740 m1n1.hv: Improve pmgr hack messages
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:32:57 +09:00
Hector Martin
2598b3a7ba m1n1.hv: Only patch exception handling on CPU#0
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:27:21 +09:00
Hector Martin
e06e58e864 m1n1.xnutools: Update decode_debugger_state() for 12.0
We need to find a better way of doing this...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:26:45 +09:00
Hector Martin
290e851d98 m1n1.hv: Add read/write args to hv.trace_range()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:25:12 +09:00
Hector Martin
683161eef4 m1n1.hv: Make sysreg storage per-CPU
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:24:37 +09:00
Hector Martin
3871fa1e2f m1n1.hv: Add hv.log() that prepends CPU index, use it
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:24:37 +09:00
Hector Martin
56b54a6641 hv_vm/hv_exc: Add cpu_id to exception & mmiotrace structs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:24:37 +09:00
Hector Martin
6627873267 m1n1.hv, run_guest.py: Make exception hook enable an argument
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:24:37 +09:00
Hector Martin
368b48a365 hv_wdt: Make HV WDT CPU configurable and WDT optional
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 23:24:37 +09:00
Hector Martin
aa11841808 m1n1.adt: s/gate/psidx/
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 21:59:13 +09:00
Hector Martin
496516ded0 m1n1.adt: PMGR and function call stuff
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 17:11:45 +09:00
Hector Martin
dfb10956bc m1n1.fw.dcp: Add OSSerialize parser for DCPAV properties
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 17:08:21 +09:00
Hector Martin
9b91c90f3a m1n1.utils: Move FourCC definition here
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-09-15 17:08:21 +09:00
Hector Martin
fa50bb6474 fb: Do not restore logo when using kboot
Also don't clear the whole screen, only the console section so the logo
is glitchless.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-31 14:10:52 +09:00
Hector Martin
219950235c fw.dcp.ipc: Define rt_bw_config_t properly
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-30 12:09:36 +09:00
Hector Martin
4df78129aa m1n1.shell: Fix broken signature thing for some objects
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-29 01:36:27 +09:00
Hector Martin
63547f6fc9 m1n1.fw.asc.mgmt: Print endpoints
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-29 01:36:01 +09:00
Hector Martin
0584200aaf m1n1.fw.dcp.manager: Make map_buf() work
What it needs to do is map the buffer to the disp dart stream 4,
apparently (or maybe the stream varies?)

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-29 01:35:25 +09:00
Hector Martin
43c93af949 m1n1.fw.asc: Handle DARTless ASCs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-29 01:32:27 +09:00
Hector Martin
eec6bbdeaf m1n1.hw.dart: Fix dirty cache clobbering on iomap_at()
Fixes: #102

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-29 00:03:39 +09:00
Alyssa Rosenzweig
eb466796d8 fw.dcp: Add some stubs needed for modesetting
This isn't enough to set the video mode yet but it gets us further. I
think allocate_memory/map_buf/powerOnDART need real implementations,
otherwise setting a video mode crashes the DCP in an APIODMA interrupt
handler, whatever that is.

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-08-24 21:09:35 +09:00
Hector Martin
e6d3b6b6c6 m1n1.adt: Handle borked reg properties
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-24 12:20:31 +09:00
Hector Martin
d0731de381 m1n1.hv: Fix pac_mask for linux
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-23 23:10:28 +09:00
Hector Martin
c39fe2fbde m1n1.fw.asc: Handle syslog/ioreporting buffer size properly
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-23 23:10:28 +09:00
Hector Martin
1666d86d43 fw.asc.mgmt: Handle version negotiation properly
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-23 23:04:23 +09:00
Hector Martin
cc39491863 m1n1.proxy: Allow overriding default timeout with M1N1TIMEOUT
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-23 17:03:20 +09:00
Hector Martin
017f050fff hv_vuart: Implement RX & enough to support Linux
This works to get to a serial shell on Linux, and to use m1n1-as-LV1
proxyclient with M1N1DEVICE=/dev/m1n1-sec

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-23 17:02:28 +09:00
Hector Martin
c2c6da3df2 fw.dcp.ipc: Remove junk prints
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:53:32 +09:00
Hector Martin
fa3b1ddcf6 experiments/dcp.py: Add DCP driver example
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:40:18 +09:00
Hector Martin
de5b5d996c m1n1.fw.dcp: Add DCP client framework, port tracer to it
This also includes an update to the macOS 12.0 beta ABI

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:39:17 +09:00
Hector Martin
b32aec3786 m1n1.trace.asc: Use shared reg/msg definitions, improve syslog
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:37:09 +09:00
Hector Martin
27a0a15eee m1n1.hw/fw.asc: Add basic ASC driver and RTKit handling
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:36:49 +09:00
Hector Martin
7b01b0525b m1n1.trace.asc: Be more clear about endpoint number in log
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:34:24 +09:00
Hector Martin
105b671fb3 m1n1.hw.dart: Add mutation functions (iomap, iowrite)
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:33:18 +09:00
Hector Martin
fc5ce75c21 m1n1.adt: Add repr()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:32:26 +09:00
Hector Martin
fe503a3802 m1n1.proxy: Handle zero-length readmem()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:32:07 +09:00
Hector Martin
a96e277b56 m1n1.utils: Add Constant support to Register
This allows setting register fields to an expected contant value, e.g.
because they are opcodes for a variable-format register (like a mailbox)

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:31:10 +09:00
Hector Martin
b00b36620a m1n1.utils: Add unhex() helper
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:30:38 +09:00
Hector Martin
f8110dd409 hv_exc: Handle M1RACLES mitigation here due to 12.0 spam
macOS 12.0 added a silly ineffective "mitigation" that clears the
register on every context switch. This doesn't actually mitigate
anything, but it does make this sysreg trap performance-critical,
so we have to move its handling into the C side.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-08-14 16:30:18 +09:00
Andrew Worsley
bd5211909e Fix Exception when no Signature present
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 23:54:23 +09:00
Pip Cet
d709b047d8 proxyclient/m1n1/utils.py: don't compact non-adjacent ranges
Signed-off-by: Pip Cet <pipcet@gmail.com>
2021-08-03 13:53:41 +09:00
Andrew Worsley
1d932888f9 Add command categories to reduce command clutter
Based on a suggestion from Ludwig Schubert it now uses the inspect class
to generate signatures of the functions for the help messages and
the qualified names which is a big improvement.

Also greatly reduced the clutter by putting the class functions into seperate
categories based on their class name. Now the top level help fits on one
page making it much more readable.

Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
ddb6951abb Fix some review comments, spacing
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
255f1bac16 Add some doc string to write/read/mrs/msr
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
eab52cc855 Extend help to all commands
Also print 1 line summary or full output if called directly on command

Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
bf4f702077 Add some docstrings/help to shell commands
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
012ecc07e7 Add simple help command to shell tool
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Andrew Worsley
2ea43e6ff1 Briefly document protocol
Signed-off-by: Andrew Worsley <amworsley@gmail.com>
2021-08-03 13:52:31 +09:00
Hector Martin
63e8d0d48e m1n1.fw.dcp.ipc: Fix late_init_signal return type
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-18 02:28:27 +09:00
Hector Martin
9fae977161 m1n1.fw.dcp.ipc: Add SizedArray/SizedBytes to handle data/len pairs
The serialization always uses fixed-length arrays. These wrappers use a
length argument (possibly coming later in the args) to size the fields
so that the arrays are truncated or padded to the right length as
returned to the user.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-18 02:28:26 +09:00
Hector Martin
231aa772fd m1n1.fw.dcp: Initial DCP log tracing implementation
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-15 22:29:01 +09:00
Hector Martin
f635d64429 hv/trace_dcp.py: Update call list for 11.4 (partial?)
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-15 22:28:27 +09:00
Hector Martin
0034311ee3 m1n1.utils: Add indent argument to chexdump
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-15 22:27:52 +09:00
Hector Martin
4a6fa4b0e1 hv/trace_dcp.py: Redo cmd/ack handling properly, add logging & msg list
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-07-15 16:27:56 +09:00
Sven Peter
5b86c1ee8d proxyclient: sep: add initial code to boot SEPOS
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-07-09 15:58:00 +09:00
Sven Peter
93ca3fae08 hv: add hardware breakpoint support
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-07-09 15:52:40 +09:00
Sven Peter
e0d889fac1 hv: add proper single stepping support
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-07-09 15:52:40 +09:00
Sven Peter
620f1972ce linux.py: add missing serial import
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-07-09 15:41:04 +09:00
Janne Grunau
e74b79dc2a m1n1/hv: fix irq trace after "Rework MMIO PT handling & tracing"
Also removes unused leftover demonstration code which came obsolete by
tracer scripts. See hv/trace_gpio.py for an example.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-07-09 15:31:08 +09:00
Hector Martin
e00e8f178d hv/trace_dcp.py: Fix stuff
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-24 02:12:07 +09:00
Hector Martin
819d2cf6bc hv/trace_dcp.py: Parsing a bunch of stuff now
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-24 01:15:32 +09:00
Hector Martin
3cfe943ec3 m1n1.trace.asc.Syslog: Fix message termination
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-24 01:15:15 +09:00
Hector Martin
7687d00f5f m1n1.trace.asc: Add EP.start() to initialize endpoints
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-24 01:14:57 +09:00
Hector Martin
c490f74872 m1n1.trace.asc: Move EP handlers to per-EP objects
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-23 20:19:30 +09:00
Hector Martin
b4c2272855 m1n1.hw.dart: Don't cache invalid mappings
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-23 20:19:30 +09:00
Hector Martin
b4fef18e12 m1n1.trace.dart: Log invalidates
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-23 17:04:30 +09:00
Hector Martin
92c3ad223c m1n1.proxyutils.RegMonitor: Add ASCII mode, overridable readmem, abbrev
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-23 17:02:14 +09:00
Hector Martin
faa37342f9 m1n1.utils.chexdump: Add abbreviation
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-23 17:01:17 +09:00
Hector Martin
cf00bedade m1n1.hv.HV: Upload ADT late to allow user overrides
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 02:02:06 +09:00
Hector Martin
94f5c29c9f hv/trace_dcp.py: More things
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
9a480c656b m1n1.shell.HistoryConsole: Guard against mon.poll() exceptions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
912776372a m1n1.trace.asc: Support more messages, syslog decoding, associated DART
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
42b7adad06 m1n1.trace.dart: Add DART tracer/handler
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
b7147a130a m1n1.trace.ADTDevTracer: Fix _reloadcls() binding issue
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
c76489e6dd m1n1.hw.dart: Move DART support code here, add IOVA resolver
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
d025574e1d m1n1.hv.HV: Run passive tracers *before* issuing the MMIO write
E.g. this means tracers run *before* an ASC command gets sent, which
might be relevant if the same memory is used for commands and responses.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
d255a74271 m1n1.hv: Add HV.run_shell() convenience function, fix messages
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
83b05e7743 m1n1.utils.RegAccessor: Pass through None when register is unavailable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
d942984b72 m1n1.utils.Reloadable: Be verbose about what gets reloaded
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
026c16c7c2 m1n1.utils.chexdump(): Fix justification
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
32d03f3ae2 m1n1.utils.RegMap: Fix register access widths
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-22 01:39:38 +09:00
Hector Martin
f7063e6f06 m1n1.trace.Tracer: Multiple bugfixes
- Set ident properly before looking up cache
- Off-by-one error in regmap lookups
- Reload regmap classes on reload

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 16:24:04 +09:00
Hector Martin
035aa486d6 m1n1.hv: Properly update current shell globals after run_script()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 16:19:43 +09:00
Hector Martin
a714c74e1a m1n1.utils.Reloadable: Only reload each module once
This avoids confusion with types changing ID when the same module is
repeatedly reloaded. Now we use the file mtime and only reload things
which have changed since last time, and dependent modules.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 16:00:00 +09:00
Alyssa Rosenzweig
ba478f2de5 mini.hv.dcp: Decode common messages
This accounts for most of the DCP traffic once macOS is booted. I used
a sophisticated side-channel hypervisor timing attack to determine the
message functions [ adding time.sleep(1) ]

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-06-21 14:02:25 +09:00
Alyssa Rosenzweig
6adf0c692c mini.trace.asc: Don't log handled messages
ASC handlers now return a boolean to indicate whether they successfully
handled the message (True if so). In that case, printing the underlying
mailbox traffic is redundant, so let's hide it.

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-06-21 14:02:25 +09:00
Hector Martin
86e233931e m1n1.trace.asc: Add core endpoint numbers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:51:46 +09:00
Hector Martin
e4a591d81a m1n1.trace.asc: Fix MSG_EP_MAP.LAST
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:49:55 +09:00
Hector Martin
71cdcb9bef ASCTracer: Fix subclassing
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:43:01 +09:00
Hector Martin
dbeb174ac9 m1n1.hv: Don't die on ^C in the shell 2021-06-21 02:34:07 +09:00
Hector Martin
03ceed3a97 m1n1.hv: Fix map_hook_idx read/write options
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:06:22 +09:00
Hector Martin
7632a57ff3 m1n1.trace.asc: Implement basic message handling/dispatch
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:05:36 +09:00
Hector Martin
8a0125ac17 m1n1.trce.gpio: Use new register arrays
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:05:08 +09:00
Hector Martin
86154a8194 dart_dump.py: Use new 2D register arrays
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:04:35 +09:00
Hector Martin
2e250df645 run_guest.py: Don't die if -m or -c fails, bring up a shell instead.
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:04:09 +09:00
Hector Martin
0a3bd5c91b m1n1.utils: Add support for multidimensional reg arrays in RegMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:03:18 +09:00
Hector Martin
9e42f4fc0f m1n1.trace: Add a state stash to Tracer that persists
This allows Tracers to keep internal state around even across complete
re-instantiations.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:02:05 +09:00
Hector Martin
7090138779 m1n1.utils: Make Register sub-subclasses work, optimize
Now figures out the fields/etc in a metaclass, not at object
instantiation time.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:01:07 +09:00
Hector Martin
8d61a81bed m1n1.hv: Wrap tracer calls in a shell to handle exceptions
This allows you to fix a tracer and retry ('cont' or ^D) or skip
('skip') its execution.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 01:58:47 +09:00
Hector Martin
7c19dcc33f m1n1.hv: Handle symbol addresses properly for Linux
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-19 21:51:36 +09:00
Hector Martin
8197538078 m1n1.hv: Add System.map support and make pac_mask configurable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-19 15:53:14 +09:00
Janne Grunau
36dcc1b8f3 hv.py: remove only the used USB-C port from the ADT
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
bbd2cf8710 hv.py: hook USB-C port specific pmgr addresses
Allows running HV over each USB-C port of a Mac Mini with Mac OS as
guest.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
d88e255c56 hv.py: remove secondary CPU cores unconditionally from the ADT
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
98076ef693 usb: disable tps6598x interrupts
Restore the interrupt masks on chainload or HV guest start. The
interrupt mask is not restored on the USB-C port used by the hypervisor.
This prevents an interrupt storm in the guest when the other USB-C port
is exposed to the guest. Both tps6598x share unfortunately an interrupt
line.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
de82209079 m1n1.trace.gpio: convert GPIOTracer to new framework
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:23:23 +09:00
Janne Grunau
ccd765464d m1n1.utils: fix RegMap range lookup
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:23:23 +09:00
Hector Martin
cb6d1f58a2 m1n1.trace.asc: Initial ASCTracer implementation
A tracer for the ASC coprocessor mailbox interface.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:24:55 +09:00
Hector Martin
b3526bd667 m1n1.trace: Implement RegMap-based tracing & ADTDevTracer
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:23:56 +09:00
Hector Martin
2784f48a24 m1n1.hv: Fix MMIO handling bugs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:23:08 +09:00
Hector Martin
1213ec4173 m1n1.utils: Improve RegMap lookup functions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:22:27 +09:00
Hector Martin
94db82f8a0 m1n1.hv: Reload shell globals when reloading class
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:22:06 +09:00
Hector Martin
332e7e22e7 m1n1.utils: Improve Reloadable, add cls._reloadcls()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:21:09 +09:00
Hector Martin
0ee96c7ffd m1n1.proxutils: Add ProxyUtils.{read,write}
These implement generic-size read/write. Use them for hypervisor MMIO
handling and for regmaps.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:19:39 +09:00
Hector Martin
990f5b3995 m1n1.hv: Complete TraceMode.SYNC/HOOK support
Also fix a nasty bug in legacy/bare map_hook() support

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:35:57 +09:00
Hector Martin
cdbc07e74c m1n1.utils: Add Register.copy()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:35:26 +09:00
Hector Martin
e218129931 m1n1.utils: Introduce Reloadable class for magic live-reloading
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:34:54 +09:00
Hector Martin
2f68012d6c m1n1.hv: Show ident for RESERVED page table mappings
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 02:32:46 +09:00
Hector Martin
49dad3b9ff m1n1.hv: Rework MMIO PT handling & tracing
Now keeps track of the requested MMIO maps in a DictRangeMap, which is
then flattened to HV page table updates.

TODO: HOOK/SYNC codepaths

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 02:00:32 +09:00
Hector Martin
228033f9ce m1n1.hv: Make map_hw() fall back to map_sw() for unaligned cases
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:59:35 +09:00
Hector Martin
db928acd61 m1n1.utils: RangeMap fixes & improvements, add BoolRangeMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:57:57 +09:00
Hector Martin
69745c3310 m1n1.utils: Add align_up() and align_down()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:57:35 +09:00
Hector Martin
526cd8a55e m1n1.utils: Register: Keep fields sorted in __str__/__repr__
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:53:02 +09:00
Hector Martin
bb6ef8caa1 experiments/dart_dump.py: Port to RegMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:52:51 +09:00
Hector Martin
234051df1c m1n1.utils: Add RegMap base class
This metaclass voodoo allows us to define register maps like this:

class SomeDevice(RegMap):
    FOO = 0x0000, Register32
    BAR = 0x0004, Register32
    # Register array
    BAZ = range(0x100, 0x200, 4), Register32

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:29:46 +09:00
Hector Martin
53dcba6f25 m1n1.utils: RangeMap improvements, add {Scalar,Dict,Set}RangeMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:29:30 +09:00
Hector Martin
3d0bb889ab m1n1.utils: Move Register.value -> _value and wrap
Also pre-compute _fields

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:28:00 +09:00
Hector Martin
15381b8d74 m1n1.adt: Dump out address lookup table in script mode
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 19:45:58 +09:00
Hector Martin
48b4466abf m1n1.utils: Rewrite AddrLookup to improve performance & fix bugs
* Fix correctness issues (ranges could end up overlapping)
* Split ranges instead of merging them on overlap (previously a single
  range overlapping everything would reduce the lookup to a linear
  search over all ranges)
* Support removal and generic mutations by splitting out a generic
  RangeMap class that can be used with arbitrary values/collections

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 19:42:30 +09:00
Hector Martin
7e5054548a hv_vm: Rename SPTE_SYNC_TRACE to SPTE_TRACE_UNBUF
It's not really synchronous, it just flushes USB buffering.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 16:10:06 +09:00
Hector Martin
96ecd52b65 tools/chainload.py: Remove 1-second delay
I don't think we need this any more, ever since the new reconnection
code

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:59:55 +09:00
Hector Martin
05db5dba6f trace_agx.py: Disable tracing the PMP bits
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:46:08 +09:00
Hector Martin
baa46bf4f1 find_regs.py: Fix script mode invocation
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:45:51 +09:00
Janne Grunau
dc57e586bc hv/trace_gpio.py: mmiotrace handler for "/arm-io/gpio"
The hanlder omits noise/useless of the mmio access and annotates
known offsets, pins, interrupts and config values.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-15 15:41:50 +09:00
Janne Grunau
3128956a8e hv.py: support device specific mmiotrace handlers
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-15 15:41:50 +09:00
Janne Grunau
670ce212d1 hv.py: style: use shorter conditional statements in handle_mmiotrace()
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-15 15:41:50 +09:00
Janne Grunau
1d6a9c5257 utils.py: prepare AddrLookup for device specific mmiotrace handlers
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-15 15:41:50 +09:00
Hector Martin
e833e3c052 run_guest.py: Fix usage without -m or -c
Closes: #75

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-11 11:59:21 +09:00
Janne Grunau
d525979fb7 proxy/tools: add reboot.py
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-11 11:41:24 +09:00
Hector Martin
edbe471804 run_guest.py: Add options to run external scripts:
-m <script>

  Run a script in hypervisor context prior to starting the guest.
  This is essentially the same as the shell context.

-c <code>
  Run a literal string of code prior to starting the guest.

-S
  Start a shell instead of directly starting the guest. Use `start` to
  actually begin guest execution.

This also adds a couple example scripts under hv/.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-10 22:37:12 +09:00
Hector Martin
d9561b7507 proxyclient: Big cleanup/move to module
All the common/importable stuff now lives in the 'm1n1' module.

General use tools are in tools/

Reverse engineering experiments are in experiments/

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-10 19:40:48 +09:00
Janne Grunau
88275b5cb5 hv: add AIC interrupt tracing
Implemented by MMIO tracing of AIC's event register. Proposed by pipcet.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-10 15:41:02 +09:00
Janne Grunau
012d8964f9 adt.py: improve "interrupts" parsing
Correct parsing would require a second pass to use the
interrupt-parent's "#interrupt-cells".

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-10 15:41:02 +09:00
Vincent Duvert
1a95a9fc17 Shell: do not access properties on startup
Change the way the shell finds methods to add to the locals on startup: the
methods are queried on the object’s class, rather than the object itself. This
allows detecting if an object’s member is a property and ignore it, rather than
accessing the property.

Attributes whose name starts by ‘_’ are also now ignored, which avoids
importing private methods or Python magic methods in the shell namespace.

Fixes spurious accesses to ProxyUtils’s SIMD properties (b, h, etc) on shell
startup, which caused a ProxyCommandError if m1n1 is not recent enough.

Signed-off-by: Vincent Duvert <vincent@duvert.net>
2021-06-09 19:47:54 +09:00
Janne Grunau
d61bf13cb0 hv: shadow perf monitor IRQ mode and state
The development Mac OS kernel panics if the PMCR0 sysreg is in an
unexpected state. To avoid that the hypervisor needs to shadow the
interrupt mode and interrupt active flag after it mask the PM FIQ.
Mac OS reads and writes frequently from PMCR0 and PMC 0/1 so handling
in m1n1 is preferred over Python.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-09 19:47:20 +09:00
Sven Peter
c47f1b2095 proxy: add dart_dump.py
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-06-09 19:45:55 +09:00
Hector Martin
7b22a72442 hv.py: Add reboot() command to reboot the system and exit
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-04 15:09:59 +09:00
Hector Martin
a175b6d159 proxy: Add reboot() call to hard reboot the system
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-04 15:09:11 +09:00
Hector Martin
89a7a3a5b1 proxy.py: Rename reboot() to reload()
reboot() is confusing (it doesn't reboot the system)

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-04 15:00:24 +09:00
Hector Martin
f1cfe27e31 hv: Use AFSR_GL1 when in guarded mode.
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-30 03:34:17 +09:00
Hector Martin
c794ea6dc2 hv_vuart: Make compatible with xnu and enable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-30 01:39:26 +09:00
Hector Martin
a5c7e1557f proxy.py: Make compatible with older pyserial
We don't use this right now, anyway

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-30 01:22:22 +09:00
Hector Martin
775902112d hv.py: Add M1RACLES mitigation
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 02:41:17 +09:00
Hector Martin
469b1258c0 hv.py: Branding 2021-05-28 02:13:23 +09:00
Hector Martin
3427bc0a2e hv.py: Be more selective about MMIO tracing
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 02:13:23 +09:00
Hector Martin
64973d43a5 hv.py: Disable exception patching
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 02:13:23 +09:00
Hector Martin
f502dc7a83 hv.py: Activate logo improvements
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 02:13:23 +09:00
Hector Martin
66fc157e94 fb: Improve visuals
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 00:45:05 +09:00
Hector Martin
3a44625803 hv.py; mmiotrace: Show op width
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-28 00:00:54 +09:00
Hector Martin
77a36a7d34 utils,proxy: Add basic SIMD register fetch and mutation support
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 22:57:25 +09:00
Hector Martin
5d0f6e21f6 utils: Coerce address lookup addresses to int
If this is a wrapper class, "in range()" is not optimized and does a
linear scan through the range...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 22:14:09 +09:00
Vincent Duvert
3d1747466b Add an option to disable checksumming if possible
* Introduce feature flags which allows the proxy and m1n1 to determine which
features they have in common.
* Add a feature flag that disables checksumming (by replacing checksums with
constant values) for the data packets exchanged by REQ_MEMREAD, REQ_MEMWRITE
and REQ_EVENT. The feature is enabled if m1n1 supports it; checksumming is kept
enabled for UART communication.
* To ensure no packet loss when checksumming is disabled, an extra sentinel
value is added after the exchanged data for memory read/write operations.

Signed-off-by: Vincent Duvert <vincent@duvert.net>
2021-05-27 21:34:37 +09:00
Janne Grunau
16f0abe6bb hv.py: resolve adresses from ADT in mmiotrace
Signed-off-by: Janne Grunau <j@jannau.net>
2021-05-27 21:32:05 +09:00
Janne Grunau
67cdf57540 adt.py: add option to retrieve the adt from m1n1
Signed-off-by: Janne Grunau <j@jannau.net>
2021-05-27 21:32:05 +09:00
Janne Grunau
07314994ed adt.py: raise AttributeError in ADTNode._getattr__()
Signed-off-by: Janne Grunau <j@jannau.net>
2021-05-27 21:32:05 +09:00
Hector Martin
2aa41192ed hv.py: Put back UART MMIO bypass
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:29:58 +09:00
Hector Martin
0f99ee834d hv.py: Put back most of the removed ADT nodes
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:29:58 +09:00
Hector Martin
dedada1f57 hv.py: Remove sync mode from main MMIO region
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:29:58 +09:00
Hector Martin
85411d1714 hv_vm: Add support for 128-bit ops, stp/ldp, fix some emu bugs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:29:58 +09:00
Hector Martin
bfe8c94c47 hv_wdt: Add hypervisor watchdog on secondary core
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:28:43 +09:00
Hector Martin
45960036c8 find_regs.py: Fix typo
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-27 21:10:37 +09:00
Hector Martin
f44942015f hv.py: Current mmiotrace config/experiments
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
5d8b3a1ab1 hv.py: Remove more devices for testing
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
59cf1a1bcd hv.py: Map low physmem to the guest
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
e92e075fba hv_exc: Add IPI and guest timer FIQ virtualization
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
c943af62b9 hv: Enable FIQ trapping
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
75f206e65c hv_exc, hv.py: Add support for interrupting guest with ^C
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
2e014f58fa hv: Implement a periodic hypervisor ptimer and use vtimer for stepping
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
ba3a1b1028 hacr_trap_bits.py: Enable GXF around checks
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
e99680cb1e hv: Rename HV_HOOK proxy start type to HV
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-25 20:12:20 +09:00
Hector Martin
989625ac65 adt.py: Support /-separated node path accesses 2021-05-22 04:42:38 +09:00
Hector Martin
4cc22c73c0 hv.py: Add a novm mode without stage 2 translation
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 04:42:38 +09:00
Hector Martin
81bf0ad578 apple_regs.json: More GXF and SPRR registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 04:42:38 +09:00
Hector Martin
a9c189fe27 hv.py: Add more sysreg redirects
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 04:42:38 +09:00
Hector Martin
5f7aded3ce find_sprr_regs.py: Port to find_regs.py, fixes
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 04:42:38 +09:00
Hector Martin
30e14f1a0b find_regs: Modular version of find_all_regs.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Hector Martin
d82f5db064 apple_regs.json: Add CNTPCT_ALIAS_EL0
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Hector Martin
81793508ae proxyutils.py: Use sysreg_parse() for mrs/msr
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Hector Martin
91a94992ea proxyutils.py: Improve the various exec() modes
Now we can just say call="el1" etc., and it takes care of the region for
you.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Hector Martin
d0995e0653 proxyutils: Make GuardedHeap able to take a single Heap argument
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Hector Martin
7bdff8ad10 sysreg.py: Add sysreg_parse() function
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-22 03:21:01 +09:00
Mark Kettenis
e23e89849f proxy: linux.py: fix tty initialization
commit 35fddd51 broke loading a kernel without explitly specifying
a tty.  Fix this.

Signed-off-by: Mark Kettenis <kettenis@openbsd.org>
2021-05-16 18:47:00 +09:00
Hector Martin
957bf40d20 proxy.py: Add debug for rx events
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-16 18:46:35 +09:00
Sven Peter
35fddd5117 proxy: linux.py: allow to load u-boot before Linux
right now u-boot can bring up the PCIe bus such that Linux only requires
a very minimal driver. this new --u-boot flag for linux.py allows to
load u-boot before the Linux kernel to make use of this.
This requires a small hack to inject the booti command into the default
u-boot boot environment.

Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-16 02:45:46 +09:00
Hector Martin
3283987ba9 proxy.py: Fix spurious garbage printed to TTY
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-16 00:04:33 +09:00
Hector Martin
afc088840d hv: Add Python-side MMIO emulation hooks
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-15 23:57:48 +09:00
Hector Martin
323b02ce1d hv: Implement basic MMIO tracing to Python
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-15 23:57:48 +09:00
Janne Grunau
a742f05532 usb/hv: add second CDC ACM interface for virtualized UART
Signed-off-by: Janne Grunau <j@jannau.net>
2021-05-15 19:47:08 +09:00
Sven Peter
4a893dc57a apple_regs: document more SPRR regs
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-15 16:38:45 +09:00
Hector Martin
87ae3a91fd hv.py: Nuke all the PCIe/TB nodes for the hypervisor Type C port
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-15 01:39:54 +09:00
Hector Martin
e9aa876d12 Add missing xnutools.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 22:46:07 +09:00
Hector Martin
11fb2a403b adt.py: Unbork reg parsing, fix some stuff
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 22:44:50 +09:00
Hector Martin
7358e79d74 hv.py: Support pointer auth correctly
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 21:28:52 +09:00
Hector Martin
11ef3bb461 proxyutils.py: Allow mrs/msr to pass region (for EL1 etc)
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 20:10:51 +09:00
Hector Martin
757213b7a9 apple_regs.json: Add some EL1 registers for AP
Still not sure how to enable APSTS_EL12...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 20:10:34 +09:00
Hector Martin
98839afab0 proxyutils.py: Use keyword-only arguments for msr/msr/inst
So I stop writing mrs(sysreg, value)...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 19:02:57 +09:00
Hector Martin
aebda5213a hv.py: Now gets pretty far into XNU boot
Next up: mmiotrace

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 19:02:35 +09:00
Hector Martin
495732ef6a proxyutils.py: Fix returning from ad-hoc code
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 18:16:13 +09:00
Hector Martin
7fb35a8533 proxyutils.py: Call ad-hoc code in RX EL1 region
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-13 18:15:35 +09:00
Hector Martin
4a918346a8 shell.py: Add only callables to locals, but also sysregs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:21:39 +09:00
Hector Martin
4d75ff90ff proxyutils.py: Support Apple impdef MSR trap decoding
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:21:09 +09:00
Hector Martin
f56318abc9 hacr_trap_bits.py: Look at ARM standard-but-not regs too
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:20:51 +09:00
Hector Martin
9268f83f9f sysreg.py: Define bitfields for more Apple regs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:20:06 +09:00
Hector Martin
5bea278509 sysreg.py: Add sysreg_name() helper
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:19:50 +09:00
Hector Martin
a519af2ca8 proxyutils.py: Add support for symbolizing addresses
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:19:19 +09:00
Hector Martin
90872f460e macho.py: Support loading and importing symbol files
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:18:12 +09:00
Hector Martin
db9acba268 utils.py: Register: Initialize to 0
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:17:38 +09:00
Hector Martin
51bafa3c3f proxyutils.py: Fix silent arg for mrs/msr
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:17:09 +09:00
Hector Martin
ec5388d6b5 chainload.py: Support SMP when loading XNU
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:16:33 +09:00
Hector Martin
4e545d0513 adt.py: Improve parsing of reg/ranges & add resolver
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-12 21:16:15 +09:00
Sven Peter
e58c264a07 gxf: add SPRR/GXF proxyclient experiments
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-11 15:48:40 +09:00
Sven Peter
34123e33d8 proxyutils: added GuardedHeap
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-11 15:48:40 +09:00
Sven Peter
1c604a77c5 gxf: add support for guarded exception levels
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-11 15:48:40 +09:00
Sven Peter
2c5b202c99 sysreg: add support for Apple's custom sysregs
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-11 15:48:40 +09:00
Sven Peter
9120cb8426 memory: allow to reinit and temporarily disable the MMU
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-05-11 15:48:40 +09:00
Hector Martin
9a7a5c86a5 hv.py: Map only from guest base to RAM top to guest
This keeps the hypervisor safe, in theory.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
a6287ae68d proxy.py: Add defaults to hv_translate flag args
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
19415bd6a5 run_guest.py: Support setting boot_args
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
3fecf181f9 proxyutils.py: Only decode abort/msr info for SYNC exceptions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
9bfe278f52 proxyutils.py: Add disassemble_at() method
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
e3d7e569dc sysreg.py: Define an impdef EC code that Apple seems to use
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
6ad3b263a1 macho.py: Add support for loaded section hooks for patching
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
ed32cf6328 hv_exc: Add a hacky STEP feature to interrupt guest after a while
This should eventually be a proper single step feature or something, but
for now...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
aadf54d86f proxy.py: Add missing FB defines
Also fix some calls

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-09 03:25:51 +09:00
Hector Martin
f58a9774d2 hv.py: Shut down fb before entering guest
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 03:43:59 +09:00
Hector Martin
0203aa6d3d proxy: Add framebuffer ops
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 03:42:21 +09:00
Hector Martin
8a8a004d48 hv.py: Correctly declare BootArgs in ADT memory map
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 02:40:57 +09:00
Hector Martin
530069bbfa proxyutils.py: Switch to gzip compression for writemem_compressed
lzma is too slow, not worth the gain now that we have USB.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 02:40:13 +09:00
Hector Martin
36a6c9de3e proxy.py: Correctly indicate USB reconnection timeout
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 02:39:56 +09:00
Hector Martin
adb91b4374 chainload.py: Add support for setting boot-args
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-08 02:39:32 +09:00
Hector Martin
c6965acc75 adt.py: Fix typo
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-06 23:36:29 +09:00
Hector Martin
f1cc65f6c0 chainload.py: Set up SEPFW address in ADT
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-06 03:33:35 +09:00
Hector Martin
bbbea9db34 proxyutils: Disable serial timeout for writemem_compressed
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-06 03:32:39 +09:00
Hector Martin
0ae3455d51 hv_vuart: World's stupidest virtual UART implementation
Work in progress...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 04:03:44 +09:00
Hector Martin
9407dba2e0 hv_vm: Initial data abort handling
Supports software-mapping for a subset of ldr/str instructions.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 04:03:44 +09:00
Hector Martin
8a64441bcd hv_vm: Extend hv_translate() for stage1 and write modes
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 03:27:19 +09:00
Hector Martin
27af846aae hv_vm.c: Move SPTE_TYPE to bit 50
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 03:23:04 +09:00
Hector Martin
76b690e767 hv.py: Make ^D exit the hypervisor, not cont
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 00:46:53 +09:00
Hector Martin
4b3f527de9 proxyutils: Disassemble faulting code on exceptions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 00:46:48 +09:00
Hector Martin
652c7e27a1 proxyutils.py: u.inst -> u.exec and support assembly
Also refactor mrs/msr in terms of u.exec.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 00:28:39 +09:00
Hector Martin
50f112c396 hv: Add support for address translation & abort decoding
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 00:28:39 +09:00
Hector Martin
a3440f2b48 hv: Support cleanly exiting the hypervisor from an exception
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-05 00:28:39 +09:00
Hector Martin
5ad0bdf994 sysreg: Fix ESR_ISS_MSR.CRm field bounds
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 23:01:55 +09:00
Hector Martin
78895edf2c hv.py: Properly copy ADT and TrustCache into guest region
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 22:57:08 +09:00
Hector Martin
954408cc65 chainload: Support old-school call based chainloading
This is useful in the middle of the HV exception handler to reboot m1n1
entirely, since we can't do a clean exit the way we would for normal
chainloading.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 22:56:47 +09:00
Hector Martin
826bdb709c sysreg.py: Correct SPSR definition for AArch64 mode
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 20:05:54 +09:00
Hector Martin
4d64c33ca6 hv: Implement basic exception handling
Allows Python to handle hypervisor exceptions, and implements exception
info display and basic debug commands.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:36:23 +09:00
Hector Martin
b015dcf272 shell.py: Make usable as a module
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:35:19 +09:00
Hector Martin
315fcf36aa uartproxy: Add support for nested invocations
This allows the proxy to call back to Python for handling exceptions or
other events, passing reason information about why it was invoked and
returning normally when the exception has been handled.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:34:08 +09:00
Hector Martin
38b716c33c hv.py: Do not fail if ADT was already mutated
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:32:18 +09:00
Hector Martin
23c723003f sysreg.py: Move sysreg definitions here from proxyutils
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:31:41 +09:00
Hector Martin
35d564801a utils.py: Add Register class to handle register fields
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 19:26:41 +09:00
Hector Martin
2df4654555 hv.py: Disable secondary CPUs for now
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-04 01:52:58 +09:00
Hector Martin
948e507031 hv: Update ADT to fix SEPFW address and disable HV USB
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-03 21:30:30 +09:00
Hector Martin
9584e7d312 uartproxy: Add IODEV_WHOAMI feature to get current iodev
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-03 21:19:35 +09:00
Hector Martin
a3e50e8f44 proxy.py: Use the enum module for GUARD_/USAGE_/IODEV_
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-03 21:19:35 +09:00
Hector Martin
ec9221cf32 adt.py: Support serializing back to binary ADT
This should losslessly round-trip

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-03 21:19:15 +09:00
Hector Martin
7d18e8afb9 hv.py: Add missing file
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-03 21:18:57 +09:00
Hector Martin
1ae60ad715 hv: Beginnings of a hypervisor
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:21:33 +09:00
Hector Martin
4547773edf setup.py: Remove unnecessary imports
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:04:01 +09:00
Hector Martin
63366e43d2 proxy.py: Fix typo
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:03:46 +09:00
Hector Martin
5fdeb1c3e3 chainload.py: Remove useless import
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:03:21 +09:00
Hector Martin
8b1ea3f04d proxyutils: Make heap size configurable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:02:25 +09:00
Hector Martin
2a1a04ea0d setup.py: Move baudrate auto setup to proxyutils
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 19:02:20 +09:00
Hector Martin
7c2dace0b0 chainload.py: Cleanup, move Mach-O loader to macho.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 15:16:02 +09:00
Hector Martin
a489a646bd Add tools for ARM sysreg database management
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 15:14:35 +09:00
Hector Martin
7bb490eb58 utils.py: New file for misc util functions (non proxy)
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 15:13:29 +09:00
Hector Martin
aaf4b2785b Rename utils.py -> proxyutils.py
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-05-01 15:13:06 +09:00
Hector Martin
fcd103b2a4 proxy.py: Reopen port on reboot if necessary
This is needed for USB mode, as the device re-enumerates after a reboot.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-27 19:49:59 +09:00
Hector Martin
80f73926e8 proxy.py: Move M1N1DEVICE/UART port open logic into UartInterface
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-27 19:49:59 +09:00
Jean-Francois Bortolotti
82978081f8 chainload.py: Fix el1 support
Signed-off-by: Jean-Francois Bortolotti <jeff@borto.fr>
2021-04-18 02:29:32 +09:00
Hector Martin
f6297437c0 linux.py: Allow specifying a separate TTY device
This allows e.g. opening a TTY on the UART serial device after
booting the kernel via USB.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-17 18:12:59 +09:00
Hector Martin
7dfe24ee2c Rework kboot/chainload flow to shut down before calling the next stage
Next stage boots now exit back to main() after replying to the proxy
command, allowing shutdown functions to be called. Introduces a new
P_VECTOR proxy op, distinct from P_CALL. The Python side is reworked
to remain compatible with older versions that do not support this.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-17 18:12:59 +09:00
Hector Martin
88e1612c09 uartproxy: s/CRCERR/CSUMERR/ and actually use it
It's not a CRC.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-17 16:25:48 +09:00
Hector Martin
8104ec02c4 iodev: Add proxy ops
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-15 23:18:57 +09:00
Hector Martin
ce79483165 proxy: Add support for passing buffer/string values to reqs
This only works if the utils class has been instantiated, which is a bit
of a hack.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-15 23:18:57 +09:00
Hector Martin
f8c1c65cf9 Revert "proxy: add fb console console ops"
This reverts commit de0456b9a5.

These ops become redundant with the new iodev control op.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-15 23:18:57 +09:00
Sven Peter
35007b700e proxy: add dart ops
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-15 01:36:29 +09:00
Hector Martin
6d87b3b016 chainload.py: Improve chainloading
- Support chainload-in-place
- Do Mach-O loading host-side
- Handle copying SEPFW (WIP, ADT not updated yet)

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-14 21:13:19 +09:00
Hector Martin
b40fffea20 adt.py: Add basic ADT parser
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-14 21:12:38 +09:00
Sven Peter
de0456b9a5 proxy: add fb console console ops
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-14 18:11:37 +09:00
Hector Martin
0df6db324b timer_test.py: More exhaustive tests
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-14 17:48:02 +09:00
Hector Martin
f30e91b933 asm.py: Build for ARMv8.2-A
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-04-14 17:48:01 +09:00
Sven Peter
1314a426e2 proxyclient: add PMGR ops
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-11 05:26:29 +09:00
Sven Peter
f17a15d19a proxyclient/i2c: experiment with the i2c and ti usb chip
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-09 14:47:22 +09:00
Sven Peter
8aa3c69a2d tunables: add tunables_apply_local_addr
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-08 20:32:12 +09:00
Sven Peter
a17e64f1e2 tunables: add proxy ops
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-08 20:32:12 +09:00
Sven Peter
ed72fe443c proxyclient/asm.py: allow to override compiler prefix
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-04-05 23:49:25 +09:00
Hector Martin
3a42f80a73 chainload.py: Set up sane EL1 config for timers/IRQs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-28 19:31:14 +09:00
Hector Martin
70f6bc7514 linux.py: support up to 512MB kernels
Some people apparently have the patience to load KASAN kernels over
serial :-)

Also bump the python-managed heap to 1GB.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-08 01:33:43 +09:00
Hector Martin
3c514e826c fptest.py: test Apple floating-point controls
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-04 23:22:41 +09:00
Hector Martin
db49cc92f3 hacr_trap_bits.py: figure out HACR_EL2 sysreg traps
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-04 23:20:50 +09:00
Hector Martin
1a880518b0 chainload.py: implement chainloading at EL1
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-04 22:41:06 +09:00
Hector Martin
3bf3613e7d find_all_regs: print EL2-only registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-04 22:40:25 +09:00
Hector Martin
b8349819fe Implement calling code as EL1
This works by clearing HCR_EL2.TGE, and then doing essentially the same
thunk/return dance as for EL0 calls. However, since most EL1 exceptions
are not routed to EL2, we install hypercall vectors in EL1 to forward
them to EL2, and then short circuit the exception return to whatever
triggered the original exception.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-04 22:10:37 +09:00
Hector Martin
acf1198fbb timer_test.py: add test of HV/guest timers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-01 01:47:42 +09:00
Hector Martin
0f2be2c0ee utils.py: unbork inst()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-03-01 01:45:39 +09:00
Hector Martin
2f959f758c find_all_regs.py: show EL0-accessible registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-25 00:33:00 +09:00
Hector Martin
d918b066b6 utils.py: add silent and call arguments to msr/mrs
call allows the caller to override the function used for the function
call, e.g. to use EL0.

Use silent=True for find_all_regs.py

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-25 00:30:58 +09:00
Hector Martin
3872b1a7da exception: implement el0_call to run code as EL0
This lets us test register access and other features from EL0.

No serious attempt at security is made, but at least EL0 runs off of a
separate stack and can return to EL2 at any time with `brk`; we can
easily implement a guard mode to break straight to EL2 on exception
later if needed.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-24 21:48:12 +09:00
Hector Martin
73a85be2b8 memory: prepare for EL0 support
Enable EL0 access to MMIO/etc, but not main RAM, because AArch64
architecturally enforces EL0w ^ EL2x.

Instead, create an alias of main RAM to grant EL0 full permissions,
at 0x80_0000_0000.

Grant EL0 full access to MMIO stuff, since EL2 will never execute
from there.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-24 21:48:12 +09:00
Hector Martin
a0960fca81 find_all_regs.py: test writability
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-24 21:48:12 +09:00
Hector Martin
65824016b7 utils.py add silent argument to inst() 2021-02-24 19:01:17 +09:00
Hector Martin
64306e78a0 linux.py: only mask DAIF.IF
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-21 11:55:54 +09:00
Sven Peter
54a147013f chainload.py: compress payload to improve loading time
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-02-20 01:29:46 +09:00
Sven Peter
fa02cc9602 utils.py: add compressed writemem
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-02-20 01:29:46 +09:00
Hector Martin
b7d30250b2 utils: allow inst() to return r0 and take args
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-19 03:25:28 +09:00
Sven Peter
870fead39c proxyclient: add ops for writeread{8,16,32,64}
Signed-off-by: Sven Peter <sven@svenpeter.dev>
2021-02-18 16:12:28 +09:00
Khoa Hoang
2789b6f3e0 proxyclient: add input support for tty mode
Use miniterm from pyserial for tty passthrough mode

Signed-off-by: Khoa Hoang <admin@khoahoang.com>
2021-02-13 02:48:58 +09:00
Hector Martin
207767472b Add find_all_regs.py (brute-force system regs)
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-11 00:56:19 +09:00
Hector Martin
063b9a1d27 exception: Add GUARD_SILENT feature to suppress logs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-11 00:55:59 +09:00
Hector Martin
c1b9ef89b5 utils.py: guard mrs/msr/etc
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-11 00:55:59 +09:00
Hector Martin
7d3dd54441 utils.py: replace manual reg list with a full dump
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-11 00:55:59 +09:00
Hector Martin
ec59b0d2c7 chainload: do proper Mach-O parsing
This is required for payloads to work properly

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-06 16:44:10 +09:00
Hector Martin
d12ac86448 utils.py: add more timer registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-06 16:44:10 +09:00
Hector Martin
1bb05d056f linux.py: Fix and simplify argument count handling
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-06 16:44:10 +09:00
Janne Grunau
57c4ddd00d linux.py: add support for setting boot arguments
Signed-off-by: Janne Grunau <j@jannau.net>
2021-02-06 12:16:04 +09:00
Janne Grunau
214173ba51 linux.py: support xz compressed payload
3 second faster load and uncompress time for small kernel
(5.6M uncompressed, 2.1M gz and 1.6M xz). Compression method is
autodetect by the filename suffix or can be set by the '--compression'
command line option.
Also supports uncompressed payloads (no auto detection).

Signed-off-by: Janne Grunau <j@jannau.net>
2021-02-06 12:16:04 +09:00
Janne Grunau
128368751c linux.py: use argparse and pathlib
Signed-off-by: Janne Grunau <j@jannau.net>
2021-02-06 12:16:04 +09:00
Witold Baryluk
62db38ae91 Fix #! and exec bits for scripts
Signed-off-by: Witold Baryluk <witold.baryluk@gmail.com>
2021-02-06 12:01:15 +09:00
Hector Martin
5970824491 utils.py: add more ID registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-05 02:58:08 +09:00
Hector Martin
19f915b779 aic_test.py: more experiments
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-05 02:58:08 +09:00
Hector Martin
60665a2ee2 linux.py: spin up secondaries
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-05 02:58:08 +09:00
Iris Johnson
7fc52bc799 Fix broken hexdumps in proxy.py
Proxy.py has a few typos that appear if you try to use debug mode and dump a region of memory. This should fix those.

Signed-off-by: Iris Johnson <iris@modwiz.com>
2021-02-05 02:57:36 +09:00
Hector Martin
4c999733da setup.py: restore timeout properly after the baudrate guesswork
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-03 04:52:17 +09:00
Hector Martin
053f2edbc3 proxyclient: handle baud rate switching properly for non-Glasgow UARTs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-02-03 03:51:41 +09:00
Hector Martin
f247643fe6 chainload.py: shut down mmu and flush caches when chainloading
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-30 22:00:00 +09:00
Hector Martin
6dde40b05c exception: introduce recovery from synchronous exceptions
Use this to recover from address faults in the proxy. Also print out L2
subsystem fault info.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-30 22:00:00 +09:00
Hector Martin
74307af0df kboot: add proper kernel boot & DT manipulation code
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-30 01:37:09 +09:00
Hector Martin
33d6c311ad malloc.py: fix memalign
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-30 01:37:09 +09:00
Hector Martin
352c6945d1 chickens.py: fix some brokenness
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-30 01:37:09 +09:00
Hector Martin
986c6730e9 Add heapblock and dlmalloc for managing memory
heapblock is a simple `sbrk` style implementation, also useful as an
"endless" decompression buffer. dlmalloc is used on top as a malloc
implementation.

This also changes how the Python side manages its heap. We still use a
python-side malloc implementation (since this is faster), and we put the
Python heap at the m1n1 heap + 128MB, without allocating it.
Hopefully this should never step on anything m1n1 neads, and avoids
having to manage freeing across Python script calls.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-29 16:25:15 +09:00
Hector Martin
f3d0a58f42 proxy: add mmu_shutdown call, use it for linux.py
I saw at least one SError crash on Linux after doing this, but can't
repro; unclear if related to the MMU changes or not...

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-29 00:36:46 +09:00
Hector Martin
c3c6e4e8f9 smp: add scaffolding and proxy funcs for cross-CPU calls
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-29 00:36:46 +09:00
Hector Martin
08763968ac malloc.py: add memalign
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-28 16:06:12 +09:00
Hector Martin
d0d691524c chickens.py: disable unnecessary stuff
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-25 19:11:42 +09:00
Hector Martin
fc6163c8d2 linux.py: add simple Linux loader
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-25 17:24:29 +09:00
Hector Martin
2647df774d chickens.py: chickenbits/tunables test code
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-25 17:24:29 +09:00
Hector Martin
c648a517e3 memdump.py: add simple memory dumper
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:21 +09:00
Hector Martin
e5caf91d79 utils: add u.inst() to run arbitrary instructions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:21 +09:00
Hector Martin
99fb647a9b utils.py: add more ARM registers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:19 +09:00
Hector Martin
7b53b0ae9c shell.py: remove missing unused import
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:18 +09:00
Hector Martin
644ab28e32 setup.py: fb is the framebuffer
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:16 +09:00
Hector Martin
e1f0be37b4 proxy.py: add a ttymode() call to switch to a dump terminal print
TODO: implement input

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:43:14 +09:00
Hector Martin
674a82a2bb aic_test: UART IRQ testing stuff
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:42:59 +09:00
Hector Martin
63319ed348 utils: implement udelay()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:42:25 +09:00
Hector Martin
cfe597e447 proxy: introduce reboot() as distinct from vector()
vector() does not expect a reply, reboot() expects a hello reply.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:42:25 +09:00
Hector Martin
ee12d053a9 proxy: add XZ and GZ decompression functions and code
This embeds tinf and minlzma.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-23 22:42:23 +09:00
Hector Martin
74d3575369 proxyclient: Add aic_test
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-17 00:50:50 +09:00
Hector Martin
397bfa17c6 proxyclient: new asm/malloc/utils, clean up
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-17 00:50:34 +09:00
Hector Martin
81aaf2ed35 Basic exceptions, irq, cache mgmt support
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-17 00:49:22 +09:00
Ferdinand Bachmann
b02d70730a proxyclient: fix mask commands accidently sending clear opcode instead
Signed-off-by: Ferdinand Bachmann <theferdi265@gmail.com>
2021-01-16 02:48:48 +09:00
Hector Martin
d2fa0c9db9 README: add missing close angle bracket
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-15 13:04:14 +09:00
Hector Martin
bd19584743 proxyclient: initial files
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-01-15 04:04:12 +09:00