Check SPRR by issuing MRS

Author: wtdcode

qemu/configure

@@ -2151,32 +2151,26 @@ EOF
     cat > $TMPC << EOF
 #include "stdint.h"
 int main() {
-    uint64_t commpage_sprr = (*(uint64_t*)0xFFFFFC10C);
-
-    // In Apple Hypervisor, this value is not accessbile and
-    // pthread_jit_write_protect_np essentially is a no-op
-    
-    /*
-    if (!commpage_sprr) {
-        return 1;
-    } else {
-        return 0;
-    }
-    */
+    uint64_t v;
 
-    // Now it is accessible but always zero, let's probe it runtime.
+    __asm__ __volatile__("isb sy\n"
+                          "mrs %0, S3_6_c15_c1_5\n"
+                          : "=r"(v)::"memory");
+    // In Apple Hypervisor virtualized environment (EL1), this value is not accessbile
+    // but pthread_jit_write_protect_np essentially is a no-op.
     return 0;
 }
 EOF
     if ! compile_prog ""; then
-      have_sprr='no'
+      have_sprr_mrs='no'
       have_pthread_jit_protect='no'
     else
       $TMPE
       if [ $? -eq 0 ]; then
-        have_sprr='yes'
+        have_sprr_mrs='yes'
       else
-        have_sprr='no'
+        have_sprr_mrs='no'
+        have_pthread_jit_protect='no'
       fi
     fi
   fi
@@ -2560,8 +2554,8 @@ if test "$have_pthread_jit_protect" = "yes" ; then
   echo "HAVE_PTHREAD_JIT_PROTECT=y" >> $config_host_mak
 fi
 
-if test "$have_sprr" = "yes" ; then
-  echo "HAVE_SPRR=y" >> $config_host_mak
+if test "$have_sprr_mrs" = "yes" ; then
+  echo "HAVE_SPRR_MRS=y" >> $config_host_mak
 fi
 
 # Hold two types of flag:

qemu/include/tcg/tcg-apple-jit.h

@@ -30,13 +30,12 @@
 #include "stdlib.h"
 #include "stdbool.h"
 
-#if defined(__APPLE__) && defined(HAVE_SPRR) && (defined(__arm__) || defined(__aarch64__))
-
 // Returns the S3_6_c15_c1_5 register's value
 // Taken from 
 // https://stackoverflow.com/questions/70019553/lldb-how-to-read-the-permissions-of-a-memory-region-for-a-thread
 // https://blog.svenpeter.dev/posts/m1_sprr_gxf/
 // On Github Action (Virtualized environment), this shall always returns 0
+#if defined(HAVE_SPRR_MRS)
 static inline uint64_t read_sprr_perm(void)
 {
     uint64_t v;
@@ -45,6 +44,14 @@ static inline uint64_t read_sprr_perm(void)
                          : "=r"(v)::"memory");
     return v;
 }
+#else
+static inline uint64_t read_sprr_perm(void)
+{
+    return 0;
+}
+#endif
+
+#if defined(__APPLE__) && defined(HAVE_PTHREAD_JIT_PROTECT) && (defined(__arm__) || defined(__aarch64__))
 
 __attribute__((unused)) static inline uint8_t thread_mask() 
 {
@@ -77,15 +84,6 @@ static inline void assert_executable(bool executable) {
 
 #else
 
-// Returns the S3_6_c15_c1_5 register's value
-// Taken from 
-// https://stackoverflow.com/questions/70019553/lldb-how-to-read-the-permissions-of-a-memory-region-for-a-thread
-// https://blog.svenpeter.dev/posts/m1_sprr_gxf/
-static inline uint64_t read_sprr_perm(void)
-{
-    return 0;
-}
-
 __attribute__((unused)) static inline uint8_t thread_mask() 
 {
     return 0;
@@ -107,7 +105,7 @@ static inline void assert_executable(bool executable) {
 #endif
 
 
-#if defined(__APPLE__) && defined(HAVE_PTHREAD_JIT_PROTECT) && defined(HAVE_SPRR) && (defined(__arm__) || defined(__aarch64__))
+#if defined(__APPLE__) && defined(HAVE_PTHREAD_JIT_PROTECT) && (defined(__arm__) || defined(__aarch64__))
 
 /* write protect enable = write disable */
 static inline void jit_write_protect(int enabled)