Hi,
I'm working on getting OS X working with QEMU/KVM, and just ran into a bit of entropy. I used to be able to boot using Chameleon, and a command line like this:
bin/qemu-system-x86_64 -enable-kvm -m 2048 -cpu core2duo \ -usb -device usb-kbd -device usb-mouse \ -bios bios-mac.bin -kernel ./chameleon_2.0_boot -device isa-applesmc,osk="..." \ -M q35 -acpitable file=./seabios/out/src/fw/q35-acpi-dsdt.aml ...
I am patching the DSDT source, hence the -acpitable file=... argument, to get QEMU and SeaBIOS to use the modified table.
After commit 11948748495841bd54721b250d68c7b3cb0475ef (as of now, the very last one in the git master), this no longer works. I get the xnu boot process hanging with "Waiting for DSMOS", and no progress beyond that.
After a cursory look at the commit, I'm wondering if I'm missing some new command line argument to quemu by which I can direct it at the modifed .aml for the DSDT ? It appears to me that I'm unwittingly using the unpatched version...
I'm using the latest git master of qemu as well.
Any clues you might be able to throw my way much appreciated !
Thanks, --Gabriel
OK, so it turns out I now have to patch the .dsl files under the qemu tree (hw/i386/acpi-dsdt-[hpet|isa].dsl), and the "-acpitable file=..." qemu command line option is deprecated...
I guess I'm allright now, so nevermind... :)
Thanks, --Gabriel
On Mon, Nov 11, 2013 at 04:39:34PM -0500, Gabriel L. Somlo wrote:
I'm working on getting OS X working with QEMU/KVM, and just ran into a bit of entropy. I used to be able to boot using Chameleon, and a command line like this:
...
I am patching the DSDT source, hence the -acpitable file=... argument, to get QEMU and SeaBIOS to use the modified table.
After commit 11948748495841bd54721b250d68c7b3cb0475ef (as of now, the very last one in the git master), this no longer works. I get the xnu boot process hanging with "Waiting for DSMOS", and no progress beyond that.
Il 11/11/2013 23:18, Gabriel L. Somlo ha scritto:
OK, so it turns out I now have to patch the .dsl files under the qemu tree (hw/i386/acpi-dsdt-[hpet|isa].dsl), and the "-acpitable file=..." qemu command line option is deprecated...
I guess I'm allright now, so nevermind... :)
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
Paolo
On Thu, Nov 21, 2013 at 07:14:27PM +0100, Paolo Bonzini wrote:
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
My current DSDT patch (against QEMU) is enclosed below. The HPET basically needs "IRQNoFlags() {2, 8}", which causes XP to bluescreen.
So, I've made it conditional on the SMC STA method returning success (0x0B).
The SMC node's STA method returns 0x0B unconditionally on real hardware. So I was planning on figuring out what's easier in the context of the most recent QEMU code base:
1. dynamically generating (during qemu runtime initialization) a DSDT entry for SMC with hardcoded 0x0B STA method, whenever "--device isa-applesmc" is present on the qemu command line
or
2. writing a static (compile-time) SMC node but with a slightly smarter _STA method, which returns 0x0B when "--device isa-applesmc" was given on the cmdline, or which returns 0x00 in the absence of "--device isa-applesmc".
Either 1. or 2. could be used with HPET -- I can make inclusion of IRQNoFlags dependent on either the success or on the presence of SMC._STA() :)
Let me know what you think.
Thanks, --Gabriel
############################################################################### # Modify DSDT entry for HPET: conditionally insert "IRQNoFlags() {2, 8}" into # _CRS method only if an AppleSMC DSDT node is also present and enabled (it # otherwise causes WinXP to BSOD). ############################################################################### diff --git a/hw/i386/acpi-dsdt-hpet.dsl b/hw/i386/acpi-dsdt-hpet.dsl index dfde174..205cf05 100644 --- a/hw/i386/acpi-dsdt-hpet.dsl +++ b/hw/i386/acpi-dsdt-hpet.dsl @@ -38,14 +38,23 @@ Scope(_SB) { } Return (0x0F) } - Name(_CRS, ResourceTemplate() { -#if 0 /* This makes WinXP BSOD for not yet figured reasons. */ - IRQNoFlags() {2, 8} -#endif + Name(RESP, ResourceTemplate() { Memory32Fixed(ReadOnly, 0xFED00000, // Address Base 0x00000400, // Address Length ) }) + Name(RESI, ResourceTemplate() { + IRQNoFlags() {2, 8} + }) + Method(_CRS, 0) { + Store(_SB.PCI0.ISA.SMC._STA(), Local0) + If (LEqual(Local0, 0x0B)) { // AppleSMC present, add IRQ + ConcatenateResTemplate(RESP, RESI, Local1) + Return (Local1) + } else { + Return (RESP) + } + } } } ############################################################################### # Add DSDT entry for AppleSMC; # TODO: find a way to make the _STA method return 0x0b only if QEMU command # line contains "-device isa-applesmc", and 0x00 otherwise! ############################################################################### diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl index 89caa16..b7a27bb 100644 --- a/hw/i386/acpi-dsdt-isa.dsl +++ b/hw/i386/acpi-dsdt-isa.dsl @@ -16,6 +16,28 @@ /* Common legacy ISA style devices. */ Scope(_SB.PCI0.ISA) {
+ Device (SMC) { + Name(_HID, EisaId("APP0001")) + OperationRegion(SMC, SystemIO, 0x0300, 0x20) + Field(SMC, ByteAcc, NoLock, Preserve) { + Offset(0x04), + CMDP, 8, + } + Method(_STA, 0) { +// Store(0x10, CMDP) // APPLESMC_READ_CMD +// Store(CMDP, Local0) +// If (LEqual(Local0, 0x0c)) { + Return (0x0B) +// } Else { +// Return (0x00) +// } + } + Name (_CRS, ResourceTemplate () { + IO (Decode16, 0x0300, 0x0300, 0x01, 0x20) + IRQNoFlags() { 6 } + }) + } + Device(RTC) { Name(_HID, EisaId("PNP0B00")) Name(_CRS, ResourceTemplate() {
Added qemu-devel, since that is where this stuff belongs now. Everyone else, sorry for the dupe...
On Thu, Nov 21, 2013 at 07:14:27PM +0100, Paolo Bonzini wrote:
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
My current DSDT patch (against QEMU) is enclosed below. The HPET basically needs "IRQNoFlags() {2, 8}", which causes XP to bluescreen.
So, I've made it conditional on the SMC STA method returning success (0x0B).
The SMC node's STA method returns 0x0B unconditionally on real hardware. So I was planning on figuring out what's easier in the context of the most recent QEMU code base:
1. dynamically generating (during qemu runtime initialization) a DSDT entry for SMC with hardcoded 0x0B STA method, whenever "--device isa-applesmc" is present on the qemu command line
or
2. writing a static (compile-time) SMC node but with a slightly smarter _STA method, which returns 0x0B when "--device isa-applesmc" was given on the cmdline, or which returns 0x00 in the absence of "--device isa-applesmc".
Either 1. or 2. could be used with HPET -- I can make inclusion of IRQNoFlags dependent on either the success or on the presence of SMC._STA() :)
Let me know what you think.
Thanks, --Gabriel
############################################################################### # Modify DSDT entry for HPET: conditionally insert "IRQNoFlags() {2, 8}" into # _CRS method only if an AppleSMC DSDT node is also present and enabled (it # otherwise causes WinXP to BSOD). ############################################################################### diff --git a/hw/i386/acpi-dsdt-hpet.dsl b/hw/i386/acpi-dsdt-hpet.dsl index dfde174..205cf05 100644 --- a/hw/i386/acpi-dsdt-hpet.dsl +++ b/hw/i386/acpi-dsdt-hpet.dsl @@ -38,14 +38,23 @@ Scope(_SB) { } Return (0x0F) } - Name(_CRS, ResourceTemplate() { -#if 0 /* This makes WinXP BSOD for not yet figured reasons. */ - IRQNoFlags() {2, 8} -#endif + Name(RESP, ResourceTemplate() { Memory32Fixed(ReadOnly, 0xFED00000, // Address Base 0x00000400, // Address Length ) }) + Name(RESI, ResourceTemplate() { + IRQNoFlags() {2, 8} + }) + Method(_CRS, 0) { + Store(_SB.PCI0.ISA.SMC._STA(), Local0) + If (LEqual(Local0, 0x0B)) { // AppleSMC present, add IRQ + ConcatenateResTemplate(RESP, RESI, Local1) + Return (Local1) + } else { + Return (RESP) + } + } } } ############################################################################### # Add DSDT entry for AppleSMC; # TODO: find a way to make the _STA method return 0x0b only if QEMU command # line contains "-device isa-applesmc", and 0x00 otherwise! ############################################################################### diff --git a/hw/i386/acpi-dsdt-isa.dsl b/hw/i386/acpi-dsdt-isa.dsl index 89caa16..b7a27bb 100644 --- a/hw/i386/acpi-dsdt-isa.dsl +++ b/hw/i386/acpi-dsdt-isa.dsl @@ -16,6 +16,28 @@ /* Common legacy ISA style devices. */ Scope(_SB.PCI0.ISA) {
+ Device (SMC) { + Name(_HID, EisaId("APP0001")) + OperationRegion(SMC, SystemIO, 0x0300, 0x20) + Field(SMC, ByteAcc, NoLock, Preserve) { + Offset(0x04), + CMDP, 8, + } + Method(_STA, 0) { +// Store(0x10, CMDP) // APPLESMC_READ_CMD +// Store(CMDP, Local0) +// If (LEqual(Local0, 0x0c)) { + Return (0x0B) +// } Else { +// Return (0x00) +// } + } + Name (_CRS, ResourceTemplate () { + IO (Decode16, 0x0300, 0x0300, 0x01, 0x20) + IRQNoFlags() { 6 } + }) + } + Device(RTC) { Name(_HID, EisaId("PNP0B00")) Name(_CRS, ResourceTemplate() {
Il 21/11/2013 23:02, Gabriel L. Somlo ha scritto:
On Thu, Nov 21, 2013 at 07:14:27PM +0100, Paolo Bonzini wrote:
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
My current DSDT patch (against QEMU) is enclosed below. The HPET basically needs "IRQNoFlags() {2, 8}", which causes XP to bluescreen.
The IRQNoFlags(){2,8} setting makes sense if the general configuration register of the HPET has bits 0..1=1 (HPET enabled = 1 and HPET legacy replacement route = 1).
That would be something like
Field(HPTM, DWordAcc, Lock, Preserve) { VEND, 32, PRD, 32, UNUS, 32 GCNF, 32 }
...
Method(_CRS, 0) { Store(GCNF, Local0) If (LEqual(LAnd(Local0, 3), 3)) { // Legacy replacement route ConcatenateResTemplate(RESP, RESI, Local1) Return (Local1) } else { Return (RESP) } }
If that doesn't work, there are various choices here...
(1) Does Mac OS work if you add a _PRS with IRQNoFlags and Memory32Fixed, but leave _CRS as it is?
(2) does it work with -no-hpet?
(3) you could also make that dependent on _OSI("Darwin"). It's unlikely that Linux and/or Windows expose _OSI("Darwin"), and anyway the BSOD is only there for Windows XP as I understand it.
So, I've made it conditional on the SMC STA method returning success (0x0B).
That would mean that running Windows XP on "Mac OS X hardware" breaks, though.
The SMC node's STA method returns 0x0B unconditionally on real hardware. So I was planning on figuring out what's easier in the context of the most recent QEMU code base:
- dynamically generating (during qemu runtime initialization)
a DSDT entry for SMC with hardcoded 0x0B STA method, whenever"--device isa-applesmc" is present on the qemu command line
or
- writing a static (compile-time) SMC node but with a slightly
smarter _STA method, which returns 0x0B when "--device isa-applesmc" was given on the cmdline, or which returns 0x00 in the absence of "--device isa-applesmc".
Either would work. See acpi_get_misc_info and patch_ssdt in hw/i386/acpi-build.c.
I think device-dependent ACPI stuff should become a QOM interface, but you need not do that.
Paolo
On Fri, Nov 22, 2013 at 10:00:20AM +0100, Paolo Bonzini wrote:
Il 21/11/2013 23:02, Gabriel L. Somlo ha scritto:
On Thu, Nov 21, 2013 at 07:14:27PM +0100, Paolo Bonzini wrote:
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
My current DSDT patch (against QEMU) is enclosed below. The HPET basically needs "IRQNoFlags() {2, 8}", which causes XP to bluescreen.
The IRQNoFlags(){2,8} setting makes sense if the general configuration register of the HPET has bits 0..1=1 (HPET enabled = 1 and HPET legacy replacement route = 1).
That would be something like
Field(HPTM, DWordAcc, Lock, Preserve) { VEND, 32, PRD, 32, UNUS, 32 GCNF, 32 } ... Method(_CRS, 0) { Store(GCNF, Local0) If (LEqual(LAnd(Local0, 3), 3)) { // Legacy replacement route ConcatenateResTemplate(RESP, RESI, Local1) Return (Local1) } else { Return (RESP) } }
Which reminds me. We run C preprocessor over the source so there's no good reason to use 4-byte names anymore really (iasl also has an integrated preprocessor but that only appeared in 2012, not sure it's wise to rely on that).
So simply #define HPET_MEMORY HPTM
and use HPET_MEMORY everywhere.
If that doesn't work, there are various choices here...
(1) Does Mac OS work if you add a _PRS with IRQNoFlags and Memory32Fixed, but leave _CRS as it is?
(2) does it work with -no-hpet?
(3) you could also make that dependent on _OSI("Darwin"). It's unlikely that Linux and/or Windows expose _OSI("Darwin"), and anyway the BSOD is only there for Windows XP as I understand it.
So, I've made it conditional on the SMC STA method returning success (0x0B).
That would mean that running Windows XP on "Mac OS X hardware" breaks, though.
The SMC node's STA method returns 0x0B unconditionally on real hardware. So I was planning on figuring out what's easier in the context of the most recent QEMU code base:
- dynamically generating (during qemu runtime initialization)
a DSDT entry for SMC with hardcoded 0x0B STA method, whenever"--device isa-applesmc" is present on the qemu command line
or
- writing a static (compile-time) SMC node but with a slightly
smarter _STA method, which returns 0x0B when "--device isa-applesmc" was given on the cmdline, or which returns 0x00 in the absence of "--device isa-applesmc".
Either would work. See acpi_get_misc_info and patch_ssdt in hw/i386/acpi-build.c.
I think device-dependent ACPI stuff should become a QOM interface, but you need not do that.
Paolo
On Thu, Nov 21, 2013 at 05:02:07PM -0500, Gabriel L. Somlo wrote:
Added qemu-devel, since that is where this stuff belongs now. Everyone else, sorry for the dupe...
On Thu, Nov 21, 2013 at 07:14:27PM +0100, Paolo Bonzini wrote:
Can you remind us about your DSDT modifications? It should be possible to patch the HPET and applesmc bits appropriately from QEMU (or to move them from the DSDT to an SSDT that is built entirely in QEMU).
It actually isn't impossible that Mac OS X would boot just fine with 1.8...
My current DSDT patch (against QEMU) is enclosed below. The HPET basically needs "IRQNoFlags() {2, 8}", which causes XP to bluescreen.
So, I've made it conditional on the SMC STA method returning success (0x0B).
The SMC node's STA method returns 0x0B unconditionally on real hardware. So I was planning on figuring out what's easier in the context of the most recent QEMU code base:
- dynamically generating (during qemu runtime initialization)
a DSDT entry for SMC with hardcoded 0x0B STA method, whenever"--device isa-applesmc" is present on the qemu command line
or
- writing a static (compile-time) SMC node but with a slightly
smarter _STA method, which returns 0x0B when "--device isa-applesmc" was given on the cmdline, or which returns 0x00 in the absence of "--device isa-applesmc".
Either 1. or 2. could be used with HPET -- I can make inclusion of IRQNoFlags dependent on either the success or on the presence of SMC._STA() :)
Let me know what you think.
Thanks, --Gabriel
Without discussing whether this is the right thing to do, main options to implement this would be:
- write code in ASL, supply entry in ACPI always, patch some fields to enable/disable it dynamically
see how pvpanic entry is disabled for an example
- write code in ASL append it to ACPI if necessary
see how CPU entries are added depending on number of CPUs for an example
- generate code in AML directly
see acpi based pci hotplug on pci branch in my tree for an example
-
Gabriel L. Somlo -
Michael S. Tsirkin -
Paolo Bonzini