Bochs/bochs/cpu/vmexit.cc
2024-01-27 18:04:00 +02:00

805 lines
25 KiB
C++

/////////////////////////////////////////////////////////////////////////
// $Id$
/////////////////////////////////////////////////////////////////////////
//
// Copyright (c) 2009-2024 Stanislav Shwartsman
// Written by Stanislav Shwartsman [sshwarts at sourceforge net]
//
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2 of the License, or (at your option) any later version.
//
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public
// License along with this library; if not, write to the Free Software
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA B 02110-1301 USA
//
/////////////////////////////////////////////////////////////////////////
#define NEED_CPU_REG_SHORTCUTS 1
#include "bochs.h"
#include "cpu.h"
#define LOG_THIS BX_CPU_THIS_PTR
#include "pc_system.h"
#if BX_SUPPORT_VMX
#include "decoder/ia_opcodes.h"
// BX_READ(0) form means nnn(), rm(); BX_WRITE(1) form means rm(), nnn()
Bit32u gen_instruction_info(bxInstruction_c *i, Bit32u reason, bool rw_form)
{
Bit32u instr_info = 0;
switch(reason) {
case VMX_VMEXIT_VMREAD:
case VMX_VMEXIT_VMWRITE:
#if BX_SUPPORT_VMX >= 2
case VMX_VMEXIT_GDTR_IDTR_ACCESS:
case VMX_VMEXIT_LDTR_TR_ACCESS:
case VMX_VMEXIT_INVEPT:
case VMX_VMEXIT_INVVPID:
case VMX_VMEXIT_INVPCID:
#endif
if (rw_form == BX_WRITE)
instr_info |= i->dst() << 28;
else
instr_info |= i->src() << 28;
break;
case VMX_VMEXIT_RDRAND:
case VMX_VMEXIT_RDSEED:
case VMX_VMEXIT_UMWAIT:
case VMX_VMEXIT_TPAUSE:
// bits 12:11 hold operand size
if (i->os64L())
instr_info |= 1 << 12;
else if (i->as32L())
instr_info |= 1 << 11;
break;
default:
break;
}
// --------------------------------------
// instruction information field format
// --------------------------------------
//
// [01:00] | Memory operand scale field (encoded)
// [02:02] | Undefined
// [06:03] | Reg1, undefined when memory operand
// [09:07] | Memory operand address size
// [10:10] | Memory/Register format (0 - mem, 1 - reg)
// [14:11] | Reserved
// [17:15] | Memory operand segment register field
// [21:18] | Memory operand index field
// [22:22] | Memory operand index field invalid
// [26:23] | Memory operand base field
// [27:27] | Memory operand base field invalid
// [31:28] | Reg2, if exists
//
if (i->modC0()) {
// reg/reg format
instr_info |= (1 << 10);
if (rw_form == BX_WRITE)
instr_info |= i->src() << 3;
else
instr_info |= i->dst() << 3;
}
else {
// memory format
if (i->as64L())
instr_info |= 1 << 8;
else if (i->as32L())
instr_info |= 1 << 7;
instr_info |= i->seg() << 15;
// index field is always initialized because of gather but not always valid
if (i->sibIndex() != BX_NIL_REGISTER && i->sibIndex() != 4)
instr_info |= i->sibScale() | (i->sibIndex() << 18);
else
instr_info |= 1 << 22; // index invalid
if (i->sibBase() != BX_NIL_REGISTER)
instr_info |= i->sibBase() << 23;
else
instr_info |= 1 << 27; // base invalid
}
return instr_info;
}
void BX_CPP_AttrRegparmN(3) BX_CPU_C::VMexit_Instruction(bxInstruction_c *i, Bit32u reason, bool rw_form)
{
Bit64u qualification = 0;
Bit32u instr_info = 0;
switch(reason) {
case VMX_VMEXIT_VMREAD:
case VMX_VMEXIT_VMWRITE:
case VMX_VMEXIT_VMPTRLD:
case VMX_VMEXIT_VMPTRST:
case VMX_VMEXIT_VMCLEAR:
case VMX_VMEXIT_VMXON:
#if BX_SUPPORT_VMX >= 2
case VMX_VMEXIT_GDTR_IDTR_ACCESS:
case VMX_VMEXIT_LDTR_TR_ACCESS:
case VMX_VMEXIT_INVEPT:
case VMX_VMEXIT_INVVPID:
case VMX_VMEXIT_INVPCID:
case VMX_VMEXIT_XSAVES:
case VMX_VMEXIT_XRSTORS:
#endif
#if BX_SUPPORT_X86_64
if (long64_mode()) {
qualification = (Bit64u) i->displ32s();
if (i->sibBase() == BX_64BIT_REG_RIP)
qualification += RIP;
}
else
#endif
{
qualification = (Bit64u) ((Bit32u) i->displ32s());
qualification &= i->asize_mask();
}
// fall through
case VMX_VMEXIT_RDRAND:
case VMX_VMEXIT_RDSEED:
case VMX_VMEXIT_UMWAIT:
case VMX_VMEXIT_TPAUSE:
instr_info = gen_instruction_info(i, reason, rw_form);
VMwrite32(VMCS_32BIT_VMEXIT_INSTRUCTION_INFO, instr_info);
break;
default:
BX_PANIC(("VMexit_Instruction reason %d", reason));
}
VMexit(reason, qualification);
}
void BX_CPU_C::VMexit_PAUSE(void)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->vmexec_ctrls1.PAUSE_VMEXIT()) {
VMexit(VMX_VMEXIT_PAUSE, 0);
}
#if BX_SUPPORT_VMX >= 2
if (vm->vmexec_ctrls2.PAUSE_LOOP_VMEXIT() && CPL == 0) {
VMX_PLE *ple = &vm->ple;
Bit64u currtime = bx_pc_system.time_ticks();
if ((currtime - ple->last_pause_time) > ple->pause_loop_exiting_gap) {
ple->first_pause_time = currtime;
}
else {
if ((currtime - ple->first_pause_time) > ple->pause_loop_exiting_window)
VMexit(VMX_VMEXIT_PAUSE, 0);
}
ple->last_pause_time = currtime;
}
#endif
}
void BX_CPU_C::VMexit_ExtInterrupt(void)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->pin_vmexec_ctrls.EXTERNAL_INTERRUPT_VMEXIT()) {
if (! vm->vmexit_ctrls1.INTA_ON_VMEXIT()) {
// interrupt wasn't acknowledged and still pending, interruption info is invalid
VMwrite32(VMCS_32BIT_VMEXIT_INTERRUPTION_INFO, 0);
VMexit(VMX_VMEXIT_EXTERNAL_INTERRUPT, 0);
}
}
}
void BX_CPU_C::VMexit_Event(unsigned type, unsigned vector, Bit16u errcode, bool errcode_valid, Bit64u qualification)
{
if (! BX_CPU_THIS_PTR in_vmx_guest) return;
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
bool vmexit = false;
VMX_vmexit_reason reason = VMX_VMEXIT_EXCEPTION_NMI;
switch(type) {
case BX_EXTERNAL_INTERRUPT:
reason = VMX_VMEXIT_EXTERNAL_INTERRUPT;
if (vm->pin_vmexec_ctrls.EXTERNAL_INTERRUPT_VMEXIT())
vmexit = true;
break;
case BX_NMI:
if (vm->pin_vmexec_ctrls.NMI_EXITING())
vmexit = true;
break;
case BX_PRIVILEGED_SOFTWARE_INTERRUPT:
case BX_SOFTWARE_EXCEPTION:
case BX_HARDWARE_EXCEPTION:
BX_ASSERT(vector < BX_CPU_HANDLED_EXCEPTIONS);
if (vector == BX_PF_EXCEPTION) {
// page faults are specially treated
bool err_match = ((errcode & vm->vm_pf_mask) == vm->vm_pf_match);
bool bitmap = (vm->vm_exceptions_bitmap >> BX_PF_EXCEPTION) & 1;
vmexit = (err_match == bitmap);
}
else {
vmexit = (vm->vm_exceptions_bitmap >> vector) & 1;
}
break;
case BX_SOFTWARE_INTERRUPT:
break; // no VMEXIT on software interrupt
default:
BX_ERROR(("VMexit_Event: unknown event type %d", type));
}
// ----------------------------------------------------
// VMExit interruption info
// ----------------------------------------------------
// [07:00] | Interrupt/Exception vector
// [10:08] | Interrupt/Exception type
// [11:11] | error code pushed to the stack
// [12:12] | NMI unblocking due to IRET
// [30:13] | reserved
// [31:31] | interruption info valid
//
if (! vmexit) {
// record IDT vectoring information
vm->idt_vector_error_code = errcode;
vm->idt_vector_info = vector | (type << 8);
if (errcode_valid)
vm->idt_vector_info |= (1 << 11); // error code delivered
BX_CPU_THIS_PTR nmi_unblocking_iret = false;
return;
}
BX_DEBUG(("VMEXIT: event vector 0x%02x type %d error code=0x%04x", vector, type, errcode));
// VMEXIT is not considered to occur during event delivery if it results
// in a double fault exception that causes VMEXIT directly
if (vector == BX_DF_EXCEPTION)
BX_CPU_THIS_PTR in_event = false; // clear in_event indication on #DF
if (vector == BX_DB_EXCEPTION) {
// qualification for debug exceptions similar to debug_trap field
if (type == BX_PRIVILEGED_SOFTWARE_INTERRUPT)
qualification = BX_CPU_THIS_PTR debug_trap & 0xf;
else
qualification = BX_CPU_THIS_PTR debug_trap & 0x0000600f;
BX_CPU_THIS_PTR debug_trap = 0;
}
// interruption info:
// -----------------
// [7 : 0] vector
// [10: 8] interruption type
// [11:11] error code delivered
// [12:12] NMI unblocking due to IRET
// [30:13] reserved
// [31:31] valid
Bit32u interruption_info = vector | (type << 8);
if (errcode_valid)
interruption_info |= (1 << 11); // error code delivered
interruption_info |= (1 << 31); // valid
if (BX_CPU_THIS_PTR nmi_unblocking_iret)
interruption_info |= (1 << 12);
VMwrite32(VMCS_32BIT_VMEXIT_INTERRUPTION_INFO, interruption_info);
VMwrite32(VMCS_32BIT_VMEXIT_INTERRUPTION_ERR_CODE, errcode);
VMexit(reason, qualification);
}
void BX_CPU_C::VMexit_TripleFault(void)
{
if (! BX_CPU_THIS_PTR in_vmx_guest) return;
// VMEXIT is not considered to occur during event delivery if it results
// in a triple fault exception (that causes VMEXIT directly)
BX_CPU_THIS_PTR in_event = false;
VMexit(VMX_VMEXIT_TRIPLE_FAULT, 0);
}
void BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_TaskSwitch(Bit16u tss_selector, unsigned source)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMexit(VMX_VMEXIT_TASK_SWITCH, tss_selector | (source << 30));
}
const Bit32u BX_VMX_LO_MSR_START = 0x00000000;
const Bit32u BX_VMX_LO_MSR_END = 0x00001FFF;
const Bit32u BX_VMX_HI_MSR_START = 0xC0000000;
const Bit32u BX_VMX_HI_MSR_END = 0xC0001FFF;
void BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_MSR(unsigned op, Bit32u msr)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
bool readmsr = (op == VMX_VMEXIT_RDMSR || op == VMX_VMEXIT_RDMSRLIST);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (! vm->vmexec_ctrls1.MSR_BITMAPS()) {
BX_DEBUG(("VMEXIT: %sMSR 0x%08x", (readmsr) ? "RD" : "WR", msr));
VMexit(op, 0);
}
bool vmexit = false;
if (msr >= BX_VMX_HI_MSR_START) {
if (msr > BX_VMX_HI_MSR_END) vmexit = true;
else {
// check MSR-HI bitmaps
bx_phy_address pAddr = vm->msr_bitmap_addr + ((msr - BX_VMX_HI_MSR_START) >> 3) + 1024 + (readmsr ? 0 : 2048);
Bit8u field = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_MSR_BITMAP_ACCESS);
if (field & (1 << (msr & 7)))
vmexit = true;
}
}
else {
if (msr > BX_VMX_LO_MSR_END) vmexit = true;
else {
// check MSR-LO bitmaps
bx_phy_address pAddr = vm->msr_bitmap_addr + (msr >> 3) + (readmsr ? 0 : 2048);
Bit8u field = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_MSR_BITMAP_ACCESS);
if (field & (1 << (msr & 7)))
vmexit = true;
}
}
if (vmexit) {
BX_DEBUG(("VMEXIT: %sMSR 0x%08x", (readmsr) ? "RD" : "WR", msr));
VMexit(op, (op >= VMX_VMEXIT_RDMSRLIST) ? msr : 0);
}
}
enum {
VMX_VMEXIT_IO_PORTIN = (1 << 3),
VMX_VMEXIT_IO_INSTR_STRING = (1 << 4),
VMX_VMEXIT_IO_INSTR_REP = (1 << 5),
VMX_VMEXIT_IO_INSTR_IMM = (1 << 6)
};
void BX_CPP_AttrRegparmN(3) BX_CPU_C::VMexit_IO(bxInstruction_c *i, unsigned port, unsigned len)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
BX_ASSERT(port <= 0xFFFF);
bool vmexit = false;
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->vmexec_ctrls1.IO_BITMAPS()) {
// always VMEXIT on port "wrap around" case
if ((port + len) > 0x10000) vmexit = true;
else {
Bit8u bitmap[2];
bx_phy_address pAddr;
if ((port & 0x7fff) + len > 0x8000) {
// special case - the IO access split cross both I/O bitmaps
pAddr = vm->io_bitmap_addr[0] + 0xfff;
bitmap[0] = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_IO_BITMAP_ACCESS);
pAddr = vm->io_bitmap_addr[1];
bitmap[1] = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_IO_BITMAP_ACCESS);
}
else {
// access_read_physical cannot read 2 bytes cross 4K boundary :(
pAddr = vm->io_bitmap_addr[(port >> 15) & 1] + ((port & 0x7fff) / 8);
bitmap[0] = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_IO_BITMAP_ACCESS);
pAddr++;
bitmap[1] = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_IO_BITMAP_ACCESS);
}
Bit16u combined_bitmap = bitmap[1];
combined_bitmap = (combined_bitmap << 8) | bitmap[0];
unsigned mask = ((1 << len) - 1) << (port & 7);
if (combined_bitmap & mask) vmexit = true;
}
}
else if (vm->vmexec_ctrls1.IO_VMEXIT()) vmexit = true;
if (vmexit) {
BX_DEBUG(("VMEXIT: I/O port 0x%04x", port));
Bit32u qualification = 0;
switch(i->getIaOpcode()) {
case BX_IA_IN_ALIb:
case BX_IA_IN_AXIb:
case BX_IA_IN_EAXIb:
qualification = VMX_VMEXIT_IO_PORTIN | VMX_VMEXIT_IO_INSTR_IMM;
break;
case BX_IA_OUT_IbAL:
case BX_IA_OUT_IbAX:
case BX_IA_OUT_IbEAX:
qualification = VMX_VMEXIT_IO_INSTR_IMM;
break;
case BX_IA_IN_ALDX:
case BX_IA_IN_AXDX:
case BX_IA_IN_EAXDX:
qualification = VMX_VMEXIT_IO_PORTIN; // no immediate
break;
case BX_IA_OUT_DXAL:
case BX_IA_OUT_DXAX:
case BX_IA_OUT_DXEAX:
qualification = 0; // PORTOUT, no immediate
break;
case BX_IA_REP_INSB_YbDX:
case BX_IA_REP_INSW_YwDX:
case BX_IA_REP_INSD_YdDX:
qualification = VMX_VMEXIT_IO_PORTIN | VMX_VMEXIT_IO_INSTR_STRING;
if (i->repUsedL())
qualification |= VMX_VMEXIT_IO_INSTR_REP;
break;
case BX_IA_REP_OUTSB_DXXb:
case BX_IA_REP_OUTSW_DXXw:
case BX_IA_REP_OUTSD_DXXd:
qualification = VMX_VMEXIT_IO_INSTR_STRING; // PORTOUT
if (i->repUsedL())
qualification |= VMX_VMEXIT_IO_INSTR_REP;
break;
default:
BX_PANIC(("VMexit_IO: I/O instruction %s unknown", i->getIaOpcodeNameShort()));
}
if (qualification & VMX_VMEXIT_IO_INSTR_STRING) {
bx_address asize_mask = (bx_address) i->asize_mask(), laddr;
if (qualification & VMX_VMEXIT_IO_PORTIN)
laddr = get_laddr(BX_SEG_REG_ES, RDI & asize_mask);
else // PORTOUT
laddr = get_laddr(i->seg(), RSI & asize_mask);
VMwrite_natural(VMCS_GUEST_LINEAR_ADDR, laddr);
Bit32u instruction_info = i->seg() << 15;
if (i->as64L())
instruction_info |= (1 << 8);
else if (i->as32L())
instruction_info |= (1 << 7);
VMwrite32(VMCS_32BIT_VMEXIT_INSTRUCTION_INFO, instruction_info);
}
VMexit(VMX_VMEXIT_IO_INSTRUCTION, qualification | (len-1) | (port << 16));
}
}
//
// ----------------------------------------------------------------
// Exit qualification for CR access
// ----------------------------------------------------------------
// [03:00] | Number of CR register (CR0, CR3, CR4, CR8)
// [05:04] | CR access type (0 - MOV to CR, 1 - MOV from CR, 2 - CLTS, 3 - LMSW)
// [06:06] | LMSW operand reg/mem (cleared for CR access and CLTS)
// [07:07] | reserved
// [11:08] | Source Operand Register for CR access (cleared for CLTS and LMSW)
// [15:12] | reserved
// [31:16] | LMSW source data (cleared for CR access and CLTS)
// [63:32] | reserved
//
bool BX_CPU_C::VMexit_CLTS(void)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->vm_cr0_mask & vm->vm_cr0_read_shadow & 0x8)
{
// all rest of the fields cleared to zero
Bit64u qualification = VMX_VMEXIT_CR_ACCESS_CLTS << 4;
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
if ((vm->vm_cr0_mask & 0x8) != 0 && (vm->vm_cr0_read_shadow & 0x8) == 0)
return true; /* do not clear CR0.TS */
else
return false;
}
Bit32u BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_LMSW(bxInstruction_c *i, Bit32u msw)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
Bit32u mask = vm->vm_cr0_mask & 0xF; /* LMSW affects only low 4 bits */
bool vmexit = false;
if ((mask & msw & 0x1) != 0 && (vm->vm_cr0_read_shadow & 0x1) == 0)
vmexit = true;
if ((mask & vm->vm_cr0_read_shadow & 0xE) != (mask & msw & 0xE))
vmexit = true;
if (vmexit) {
BX_DEBUG(("VMEXIT: CR0 write by LMSW of value 0x%04x", msw));
Bit64u qualification = VMX_VMEXIT_CR_ACCESS_LMSW << 4;
qualification |= msw << 16;
if (! i->modC0()) {
qualification |= (1 << 6); // memory operand
VMwrite_natural(VMCS_GUEST_LINEAR_ADDR, get_laddr(i->seg(), RMAddr(i)));
}
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
// keep untouched all the bits set in CR0 mask
return (BX_CPU_THIS_PTR cr0.get32() & mask) | (msw & ~mask);
}
bx_address BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_CR0_Write(bxInstruction_c *i, bx_address val)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if ((vm->vm_cr0_mask & vm->vm_cr0_read_shadow) != (vm->vm_cr0_mask & val))
{
BX_DEBUG(("VMEXIT: CR0 write"));
Bit64u qualification = i->src() << 8;
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
// keep untouched all the bits set in CR0 mask
return (BX_CPU_THIS_PTR cr0.get32() & vm->vm_cr0_mask) | (val & ~vm->vm_cr0_mask);
}
void BX_CPP_AttrRegparmN(1) BX_CPU_C::VMexit_CR3_Read(bxInstruction_c *i)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
if (BX_CPU_THIS_PTR vmcs.vmexec_ctrls1.CR3_READ_VMEXIT()) {
BX_DEBUG(("VMEXIT: CR3 read"));
Bit64u qualification = 3 | (VMX_VMEXIT_CR_ACCESS_CR_READ << 4) | (i->dst() << 8);
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
}
void BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_CR3_Write(bxInstruction_c *i, bx_address val)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->vmexec_ctrls1.CR3_WRITE_VMEXIT()) {
for (unsigned n=0; n < vm->vm_cr3_target_cnt; n++) {
if (vm->vm_cr3_target_value[n] == val) return;
}
BX_DEBUG(("VMEXIT: CR3 write"));
Bit64u qualification = 3 | (i->src() << 8);
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
}
bx_address BX_CPP_AttrRegparmN(2) BX_CPU_C::VMexit_CR4_Write(bxInstruction_c *i, bx_address val)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if ((vm->vm_cr4_mask & vm->vm_cr4_read_shadow) != (vm->vm_cr4_mask & val))
{
BX_DEBUG(("VMEXIT: CR4 write"));
Bit64u qualification = 4 | (i->src() << 8);
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
// keep untouched all the bits set in CR4 mask
return (BX_CPU_THIS_PTR cr4.get32() & vm->vm_cr4_mask) | (val & ~vm->vm_cr4_mask);
}
void BX_CPP_AttrRegparmN(1) BX_CPU_C::VMexit_CR8_Read(bxInstruction_c *i)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
if (BX_CPU_THIS_PTR vmcs.vmexec_ctrls1.CR8_READ_VMEXIT()) {
BX_DEBUG(("VMEXIT: CR8 read"));
Bit64u qualification = 8 | (VMX_VMEXIT_CR_ACCESS_CR_READ << 4) | (i->dst() << 8);
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
}
void BX_CPP_AttrRegparmN(1) BX_CPU_C::VMexit_CR8_Write(bxInstruction_c *i)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
if (BX_CPU_THIS_PTR vmcs.vmexec_ctrls1.CR8_WRITE_VMEXIT()) {
BX_DEBUG(("VMEXIT: CR8 write"));
Bit64u qualification = 8 | (i->src() << 8);
VMexit(VMX_VMEXIT_CR_ACCESS, qualification);
}
}
//
// ----------------------------------------------------------------
// Exit qualification for DR access
// ----------------------------------------------------------------
// [03:00] | Number of DR register
// [04:04] | DR access type (0 - MOV to DR, 1 - MOV from DR)
// [07:05] | reserved
// [11:08] | Source Operand Register
// [63:12] | reserved
//
void BX_CPU_C::VMexit_DR_Access(unsigned read, unsigned dr, unsigned reg)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
if (BX_CPU_THIS_PTR vmcs.vmexec_ctrls1.DRx_ACCESS_VMEXIT())
{
BX_DEBUG(("VMEXIT: DR%d %s access", dr, read ? "READ" : "WRITE"));
Bit64u qualification = dr | (reg << 8);
if (read)
qualification |= (1 << 4);
VMexit(VMX_VMEXIT_DR_ACCESS, qualification);
}
}
#if BX_SUPPORT_VMX >= 2
Bit16u BX_CPU_C::VMX_Get_Current_VPID(void)
{
if (! BX_CPU_THIS_PTR in_vmx_guest || ! BX_CPU_THIS_PTR vmcs.vmexec_ctrls2.VPID_ENABLE())
return 0;
return BX_CPU_THIS_PTR vmcs.vpid;
}
#endif
#if BX_SUPPORT_VMX >= 2
bool BX_CPP_AttrRegparmN(1) BX_CPU_C::Vmexit_Vmread(bxInstruction_c *i)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (! vm->vmexec_ctrls2.VMCS_SHADOWING()) return true;
#if BX_SUPPORT_X86_64
if (BX_CPU_THIS_PTR cpu_mode == BX_MODE_LONG_64) {
if (BX_READ_64BIT_REG_HIGH(i->src())) return true;
}
#endif
unsigned encoding = BX_READ_32BIT_REG(i->src());
if (encoding > 0x7fff) return true;
bx_phy_address pAddr = vm->vmread_bitmap_addr | (encoding >> 3);
Bit8u bitmap = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_VMREAD_BITMAP_ACCESS);
if (bitmap & (1 << (encoding & 7)))
return true;
return false;
}
bool BX_CPP_AttrRegparmN(1) BX_CPU_C::Vmexit_Vmwrite(bxInstruction_c *i)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (! vm->vmexec_ctrls2.VMCS_SHADOWING()) return true;
#if BX_SUPPORT_X86_64
if (BX_CPU_THIS_PTR cpu_mode == BX_MODE_LONG_64) {
if (BX_READ_64BIT_REG_HIGH(i->dst())) return true;
}
#endif
unsigned encoding = BX_READ_32BIT_REG(i->dst());
if (encoding > 0x7fff) return true;
bx_phy_address pAddr = vm->vmwrite_bitmap_addr | (encoding >> 3);
Bit8u bitmap = read_physical_byte(pAddr, MEMTYPE(resolve_memtype(pAddr)), BX_VMWRITE_BITMAP_ACCESS);
if (bitmap & (1 << (encoding & 7)))
return true;
return false;
}
void BX_CPU_C::Virtualization_Exception(Bit64u qualification, Bit64u guest_physical, Bit64u guest_linear)
{
BX_ASSERT(BX_CPU_THIS_PTR in_vmx_guest);
// A convertible EPT violation causes a virtualization exception if the following all hold:
// - CR0.PE is set
// - the logical processor is not in the process of delivering an event through the IDT
// - the 32 bits at offset 4 in the virtualization-exception information area are all 0
// - the EPT violation cause a shadow stack to become prematurely busy
if (! BX_CPU_THIS_PTR cr0.get_PE() || BX_CPU_THIS_PTR in_event) return;
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
#if BX_SUPPORT_CET
if (vm->shadow_stack_prematurely_busy) return;
#endif
BxMemtype ve_info_memtype = BX_MEMTYPE_INVALID;
#if BX_SUPPORT_MEMTYPE
ve_info_memtype = resolve_memtype(vm->ve_info_addr);
#endif
Bit32u magic = read_physical_dword(vm->ve_info_addr + 4, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
if (magic != 0) return;
struct ve_info {
Bit32u reason; // always VMX_VMEXIT_EPT_VIOLATION
Bit32u magic;
Bit64u qualification;
Bit64u guest_linear_addr;
Bit64u guest_physical_addr;
Bit16u eptp_index;
} ve_info = { VMX_VMEXIT_EPT_VIOLATION, 0xffffffff, qualification, guest_linear, guest_physical, vm->eptp_index };
write_physical_dword(vm->ve_info_addr, ve_info.reason, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
write_physical_dword(vm->ve_info_addr + 4, ve_info.magic, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
write_physical_qword(vm->ve_info_addr + 8, ve_info.qualification, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
write_physical_qword(vm->ve_info_addr + 16, ve_info.guest_linear_addr, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
write_physical_qword(vm->ve_info_addr + 24, ve_info.guest_physical_addr, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
write_physical_qword(vm->ve_info_addr + 32, ve_info.eptp_index, MEMTYPE(ve_info_memtype), BX_ACCESS_REASON_NOT_SPECIFIED);
exception(BX_VE_EXCEPTION, 0);
}
void BX_CPU_C::vmx_page_modification_logging(Bit64u guest_laddr, Bit64u guest_paddr, unsigned dirty_update)
{
VMCS_CACHE *vm = &BX_CPU_THIS_PTR vmcs;
if (vm->pml_index >= 512) {
Bit32u vmexit_qualification = 0;
if (BX_CPU_THIS_PTR nmi_unblocking_iret)
vmexit_qualification |= (1 << 12);
if (vm->vmexit_ctrls2.SHADOW_STACK_PREMATURELY_BUSY_CTRL()) {
VMwrite_natural(VMCS_GUEST_LINEAR_ADDR, guest_laddr);
}
VMexit(VMX_VMEXIT_PML_LOGFULL, vmexit_qualification);
}
if (dirty_update) {
Bit64u pAddr = vm->pml_address + 8 * vm->pml_index;
write_physical_qword(pAddr, LPFOf(guest_paddr), MEMTYPE(resolve_memtype(pAddr)), BX_VMX_PML_WRITE);
vm->pml_index--;
}
}
#endif
#endif // BX_SUPPORT_VMX