This PR allows larger VHD image files. The size in question doesn't
necessarily mean the size of the VHD file on disk. The size is the total
size of the image emulated. This total size is in question.
Without this patch, the total size allowed is 65535 * 16 * 255, or
roughly 32gig.
With this patch, the total size is calculated by who the creator of the
image is, what the CHS values are, and possibly a total size of up to a
limit of 2TB.
Since the original code was ported from QEMU, I ported an updated QEMU
code snippet.
https://gitlab.com/qemu-project/qemu/-/blob/master/block/vpc.c?ref_type=heads#L305
This PR now allows VHD image files with a total size emulated less than
or equal to 2TB.
This improves the detection of the default speed of a device when given
in bochsrc.
It will first get the max speed of the port given. For example, uhci and
ohci will return FULL, ehci will return HIGH.
xHCI will return SUPER if the port is a super-speed port, else it will
return HIGH.
Then it will compare this with the max speed allowed for that device,
returning the highest common speed.
Of course, if the speed option is given, the above is overwritten by the
specified speed.
Both checks are still performed on the result.
1) does device allow the result speed?
2) does the controller allow the result speed?
This catches (possible) errors in the Bochrc file when declaring USB
port options.
The first catches when the user defines a port twice. This will PANIC.
```
usb_ohci: port1=mouse, options1="speed:low, model:m228"
usb_ohci: port1=keyboard, options1="speed:low"
```
The second catches a possible error if the user copy/pastes a line and
forgets to update the options# part as in the example below.
```
usb_ohci: port1=tablet, options1="speed:low"
usb_ohci: port2=disk, options1="speed:full, path:hdd.img"
```
However, this will not PANIC since the following is completely legal:
```
usb_ohci: port2=disk
usb_ohci: options2="speed:full"
usb_ohci: options2="path:hdd.img"
```
This will simply display an error on the Bochs console window.
This adds three additional checks to make sure the Guest is working
correctly.
- checks that the guest allocated the Scratchpad Area. If left zero
(NULL) the controller may access low memory.
- checks that the guest uses correct segment sizes in the interrupter
ring(s)
- checks the burst size value given to be within normal range
This also adds an internal register value for the HcCrcr (Command Ring
Control) register. Since this register reads zero by the Guest, we keep
an internal value so that the emulation can read the value, internally.
This is for features soon to be released.
Minor other syntax/comment changes (misspelled word, etc)
Checked with WinXP, Win7, and Win10
This fixes zero length packet handling.
See the following example that requests 128 bytes:
```
SETUP(8)
IN(64)
IN(64)
STATUS(0)
```
The current code erroneously assumes that there are no more IN packets
after the first two 64-byte packets.
However, what happens with the following:
```
SETUP(8)
IN(64)
IN(64)
IN(64) <--- current code assumes this will be, and expects a STATUS packet
STATUS(0)
```
Currently, the third IN(64) above will result in a coding error because
the code is expecting the STATUS packet, not another IN packet.
The "controller" must allow for more packets than expected, returning a
short packet detect on the third IN(64) packet shown above, actually
returning zero bytes, hence the Short Packet Detect.
This patch was tested on WinXP, Win7, and Win10.
The check for the amount of byte transferred in one frame time was done
before the update of the vertical pointer in the current Queue of the
last executed TD. Therefore, on the next frame time, the last executed
TD was being "executed" again. The check has now been moved to the top
of the loop.
This PR is for "I/O Interface to Bochs Debugger" from ring3 (port range:
**0x8A00 - 0x8A01**)
PR #64 was for E9 HACK (port **0xE9**)
By enabling the iodebug's 'all_rings' option, you can utilize the port
I/O Interface to Bochs Debugger from ring3. This PR allows the code
running inside Bochs (ring3) to monitor memory ranges, trace individual
instructions, and observe register values during execution.
https://bochs.sourceforge.io/doc/docbook/development/debugger-advanced.html
IMO very useful for:
- user-mode sandbox (ex Cuckoo)
- malware analysis
- API/SYSCALL hook/monitor from ring3
- automation + instrumentation from user mode code
...
A complement for PR #64
**This PR is 100% backward compatibility**
btw, @stlintel I'm not certain about:
- if misc is the ideal location for this.. should I create a new
iodebug-option for this?
- should I remove the #if in 'new bx_param_bool_c'?
- the new .bochsrc entry makes sense for you?
By enabling the 'all_rings' option, you can utilize the port e9 hack
from ring3
IMO very useful for:
- user-mode sandbox (ex Cuckoo)
- malware analysis
- API/SYSCALL logger with a simple hook from ring3
- automation + instrumentation from user mode code
- ...
So yes, from this PR a user-mode-sandbox can display on the console of
the system running Bochs anything that is written to 0xE9 port
**This PR is 100% backward compatibility**
btw, @stlintel I'm not certain if **bochs/config.cc** is the ideal
location to define **bool port_e9_hack_all_rings** (unmapped io/dev is
better?)
from Fixes in VM Entry Checks for Guest Segment Registers #51
Correction in checks for Code Segment (CS):
Previously, the DPL of CS was incorrectly compared with its own RPL.
According to Intel SDM, Vol. 3C, Chapter 27.3.1.2, for non-conforming code segments (type 9 or 11), the DPL of CS should be equal to the DPL of SS.
And for conforming code segments (type 13 or 15), the DPL of CS cannot be greater than the DPL of SS.
This way VMCS is not accessed multiple times which is important for some usages
Fixes in VM Entry Checks for Guest Segment Registers #51
Correction in Type range checks for DS, ES, FS, GS:
The original code erroneously applied the check for types less than 11, excluding types equal to 11.
This is not in accordance with Intel SDM, Vol. 3C, Chapter 27.3.1.2, which states that the check should include types equal to or less than 11.
This fix corrects this by including types equal to or less than 11 in the check.
This adds over-current signaling to the USBs four host controllers.
To signal an OC, use the runtime configuration and set the checkbox (GUI) or text config's parameter to 1.
This pull request also adds USB documentation to user.dbk.
This adds over-current signaling to the USBs four host controllers.
To signal an OC, use the runtime configuration and set the checkbox (GUI) or text config's parameter to 1.
This pull request also adds USB documentation to user.dbk.
This adds over-current signaling to the USBs four host controllers.
To signal an OC, use the runtime configuration and set the checkbox (GUI) or text config's parameter to 1.
This pull request also adds USB documentation to user.dbk.
The 'd.pcap_image_t pcapture' in usb_common.h called its constructor and set 'fd' to -1. However, in the usb_device_c() constructor, we then cleared all of 'd', resetting pcapture.fd back to zero. Then on Bochs exit, the pcap_image_t destructor tried to close the file since 'fd' was zero instead of -1. To fix this, I removed the pcap_image_t constructor and now call pcap_image_init() within the usb_device_c constructor.
Added examples for new options.
- xhci: model= option
- xhci: allow the user to select number of ports
- usb disk: proto= option (bbb or uasp)
Added xhci primary stream support.
(Secondary stream support is not included)
Added (experimental) usb disk protocol UASP for super- and high-speed usb disk devices.
(high-speed uasp support is not thoroughly tested)
xhci: fixed "change event" function
scsi: fixed bug in command 0x25
scsi: added command 9E/10
Minor:
Check speed indicator in the Transfer Descriptor matching the device speed.
Max packet size check, checking that the amount requested/sent is within limits.
Checking that the first packet sent is the GetDescriptor Request with a length equal to or less than the max packet size.
Checking the command length in the USB SCSI emulation.
Checking command parameters within various emulations (SCSI (BBB), etc.)
Implemented "Boot Protocol" for the (HID) Mouse emulation.
Fixed wheel mouse HID report (along with the other HID reports)
Added the Over Current bits to the UHCI code
Added the monitoring of the toggle bit in the TDs
Major:
Re-wrote the UHCI stack processing so that control and bulk reclamation can be used.
(This made it so Windows 7 now works)
Adding function to the USB SCSI emulation.
Enhanced the xHCI emulation to further check for errors in a driver.
C99 removed implicit function declarations from the language. All
functions must be declared before they can be called. There are a
few places in the configure script where the exit function is called
without including <stdlib.h>. Instead, return from the main
function, avoiding the exit declaration issue.
Added silent uninstall command for use by WinGet and other packaging tools.
I also made the strings non-expandable because $InstDir will never contain %ProgramFiles% etc.
it is possible that SPP-protected subpage block is allowing write but all others are not.
the TLB entry cannot be cached as writeOK based on SPP subblock check
* Clear pending INIT signal
When the INIT signal is translated into corresponding VM-exit/#VMEXIT,
the signal should no longer be marked as pending. Otherwise, the signal
would be (incorrectly) delivered again.
* Remove trailing space and fix an incorrect indent
* Fix that the blocking by SMI bit is set
The blocking by SMI bit of the guest interruptibility state VMCS should
not be set unless the VM-exit ends in SMM. This only happens under the
dual-monitor treatment, which is not implemented in Bochs.
* Remove trailing whitespaces
MONITOR relies on tickle_read_virtual to set the physical address, but it was
only doing so on TLB miss. So a MONITOR with a TLB hit would arm the most
recently accessed address instead of the requested one.
TLB invalidations disarmed the monitoring range, but didn't wake a CPU that
had already MWAIT-ed. Any instruction that invalidated TLB entries on other
CPUs could have caused an MWAIT-ing CPU to never wake.
- MS-DOS 4.01 caused a stack overflow in the int15_function(). Now handle all
functions that simply return success in the ASM code. Fixes SF bug #1439.
- Added two delay loops in keyboard_init(). Fixes SF bug #1438.
- Added check in config.h whether or not Bochs is configured and compiled for
the same target platform (WIN32 / WIN64).
- Fixed some warnings that occur in the MSVC WIN64 case.
- Added simple clip check method to be called for each destination x / y change.
- Use the new clip check in both host-to-screen methods.
- Some related changes.
- TODO: verify other bitblt methods for clipping correctness.
- Calculate host-to-screen data size for "source stride packing" in color mode
similar to the monochrome mode.
- Set up data swizzle mode for all launch area operations.
- Temporarily draw polygon in normal mode in case the currently unsupported
pattern mode is selected.
- TODO #1: Rewrite of the clipping code at least for host-to-screen functions.
- TODO #2: Drawing polygon with pattern if requested.
monochrome source and "source stride" packing. Now adding the source stride
converted to pixels to the 5-bit srcX value.
TODO #1: color source needs to be handled in a similar way (no test case yet).
TODO #2: clipping needs to be rewritten at least for host-to-screen blts.
