> On 21. Jan 2026, at 14:58, Mohamed Mediouni <[email protected]> wrote:
>
> Link to branch: https://github.com/mediouni-m/qemu hvf-irqchip-and-nested
> (tag for this submission: hvf-irqchip-and-nested-v8)
>
> This series adds supports for nested virtualisation when using HVF on arm64
> Macs.
>
> It has two parts:
> - Apple vGICv3 support and necessary infrastructure changes for it
> - Nested virtualisation support. Note that the nested virtualisation
> implementation
> shipping as of macOS 26.3 is nVHE only (but it _does_ use VNCR as shipped).
>
> It's rebased on top of the WHPX arm64 series.
>
> Known issues:
> - This series doesn't contain EL2 physical timer emulation, which is
> needed if not leveraging the Apple vGIC.
>
> - when nested virt is enabled, no UI response within EDK2
> and a permanent wait. Workaround: -boot menu=on,splash-time=0.
>
> Apple Feedback Assistant item: FB21649319
>
> When the VM is running at EL2 at the very moment the virtual timer fires:
> HV_EXIT_REASON_VTIMER_ACTIVATED doesn’t fire (when not using the provided vGIC
> - using a GICv2 doesn’t require having transition notifiers which
> Hypervisor.framework doesn’t have…)
>
> and when using the provided vGIC, the interrupt never gets delivered back to
> the guest
>
> Linux as a guest OS is fine with this… but the reference ArmVirtQemu edk2
> build always uses the virtual timer even when running EFI at EL2, so it gets
> broken unless this patch is applied to edk2:
>
> diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
> index 643620371b..1bfe7b67fc 100644
> --- a/ArmVirtPkg/ArmVirt.dsc.inc
> +++ b/ArmVirtPkg/ArmVirt.dsc.inc
> @@ -101,7 +101,7 @@
> CpuExceptionHandlerLib|ArmPkg/Library/ArmExceptionLib/ArmExceptionLib.inf
> ArmSmcLib|MdePkg/Library/ArmSmcLib/ArmSmcLib.inf
> ArmHvcLib|ArmPkg/Library/ArmHvcLib/ArmHvcLib.inf
> -
> ArmGenericTimerCounterLib|ArmPkg/Library/ArmGenericTimerVirtCounterLib/ArmGenericTimerVirtCounterLib.inf
> +
> ArmGenericTimerCounterLib|ArmPkg/Library/ArmGenericTimerPhyCounterLib/ArmGenericTimerPhyCounterLib.inf^M
>
> PlatformPeiLib|ArmVirtPkg/Library/PlatformPeiLib/PlatformPeiLib.inf
>
> MemoryInitPeiLib|ArmVirtPkg/Library/ArmVirtMemoryInitPeiLib/ArmVirtMemoryInitPeiLib.inf
Oops, looks like patchew recognised this as a patch and failed to apply it…
Hopefully other automation didn’t get broken too...
> Changelog:
>
> v1->v2:
> Oops. I did a mistake when preparing my patches.
>
> - Add hvf_arm_el2_enable(_) call to virt_set_virt
> - Fix nested virt support check to add HVF
>
> v2->v3:
> - LORC_EL1 patch was merged separately, remove from this series.
> - fix LPIs when kernel-irqchip disabled and using TCG
> - remove spurious if case in vGIC supported version detection (inapplicable
> now)
> - Add hvf_enabled() check in combination with hvf kernel-irqchip checks
> - cleanly fail on attempt to use the platform vGIC together with ITS
>
> v3->v4:
> - GIC state save improvements, including saving the opaque Apple-specific
> state
> - Saving HVF system register state when using the vGIC and/or EL2
>
> v5:
> - oops, fixed up save/restore to be functional
> - misc changes otherwise
>
> v6:
> - Addressing review comments
>
> v7:
> - Address review comments, adapt around Qemu changes and bugfixes.
>
> v8:
> - Rebase, and misc fixes
>
> Based-on:
> https://patchew.org/QEMU/[email protected]/
>
> Mohamed Mediouni (11):
> hw/intc: Add hvf vGIC interrupt controller support
> accel, hw/arm, include/system/hvf: infrastructure changes for HVF vGIC
> hvf: save/restore Apple GIC state
> hw/arm, target/arm: nested virtualisation on HVF
> hvf: only call hvf_sync_vtimer() when running without the platform
> vGIC
> hvf: gate ARM_FEATURE_PMU register emulation behind not being at EL2
> hvf: arm: allow exposing minimal PMU when running with nested virt on
> target/arm: hvf: instantiate GIC early
> target/arm: hvf: add asserts for code paths not leveraged when using
> the vGIC
> hvf: sync registers used at EL2
> target/arm: hvf: pass through CNTHCTL_EL2 and MDCCINT_EL1
>
> accel/hvf/hvf-all.c | 51 ++
> accel/stubs/hvf-stub.c | 2 +
> hw/arm/virt.c | 32 +-
> hw/intc/arm_gicv3_common.c | 3 +
> hw/intc/arm_gicv3_hvf.c | 742 +++++++++++++++++++++++++++++
> hw/intc/meson.build | 1 +
> include/hw/intc/arm_gicv3_common.h | 1 +
> include/system/hvf.h | 8 +
> system/vl.c | 2 +
> target/arm/hvf/hvf.c | 197 +++++++-
> target/arm/hvf/sysreg.c.inc | 35 ++
> 11 files changed, 1060 insertions(+), 14 deletions(-)
> create mode 100644 hw/intc/arm_gicv3_hvf.c
>
> --
> 2.50.1 (Apple Git-155)
>
