f8d1050a3f
Save and restore SVM MSRs
1051 lines
38 KiB
C++
1051 lines
38 KiB
C++
/////////////////////////////////////////////////////////////////////////
|
|
// $Id$
|
|
/////////////////////////////////////////////////////////////////////////
|
|
//
|
|
// Copyright (C) 2001-2019 The Bochs Project
|
|
//
|
|
// This library is free software; you can redistribute it and/or
|
|
// modify it under the terms of the GNU Lesser General Public
|
|
// License as published by the Free Software Foundation; either
|
|
// version 2 of the License, or (at your option) any later version.
|
|
//
|
|
// This library is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
// Lesser General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU Lesser General Public
|
|
// License along with this library; if not, write to the Free Software
|
|
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA B 02110-1301 USA
|
|
//
|
|
/////////////////////////////////////////////////////////////////////////
|
|
|
|
#define NEED_CPU_REG_SHORTCUTS 1
|
|
#include "bochs.h"
|
|
#include "cpu.h"
|
|
#define LOG_THIS BX_CPU_THIS_PTR
|
|
|
|
#if BX_SUPPORT_SVM
|
|
#include "svm.h"
|
|
#endif
|
|
|
|
#include "param_names.h"
|
|
#include "iodev/iodev.h"
|
|
|
|
#if BX_SUPPORT_X86_64==0
|
|
// Make life easier merging cpu64 & cpu code.
|
|
#define RIP EIP
|
|
#define RSP ESP
|
|
#endif
|
|
|
|
#if BX_SUPPORT_X86_64
|
|
void BX_CPU_C::long_mode_int(Bit8u vector, bool soft_int, bool push_error, Bit16u error_code)
|
|
{
|
|
bx_descriptor_t gate_descriptor, cs_descriptor;
|
|
bx_selector_t cs_selector;
|
|
|
|
// interrupt vector must be within IDT table limits,
|
|
// else #GP(vector*8 + 2 + EXT)
|
|
if ((vector*16 + 15) > BX_CPU_THIS_PTR idtr.limit) {
|
|
BX_ERROR(("interrupt(long mode): vector must be within IDT table limits, IDT.limit = 0x%x", BX_CPU_THIS_PTR idtr.limit));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
Bit64u desctmp1 = system_read_qword(BX_CPU_THIS_PTR idtr.base + vector*16);
|
|
Bit64u desctmp2 = system_read_qword(BX_CPU_THIS_PTR idtr.base + vector*16 + 8);
|
|
|
|
if (desctmp2 & BX_CONST64(0x00001F0000000000)) {
|
|
BX_ERROR(("interrupt(long mode): IDT entry extended attributes DWORD4 TYPE != 0"));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
Bit32u dword1 = GET32L(desctmp1);
|
|
Bit32u dword2 = GET32H(desctmp1);
|
|
Bit32u dword3 = GET32L(desctmp2);
|
|
|
|
parse_descriptor(dword1, dword2, &gate_descriptor);
|
|
|
|
if ((gate_descriptor.valid==0) || gate_descriptor.segment)
|
|
{
|
|
BX_ERROR(("interrupt(long mode): gate descriptor is not valid sys seg"));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// descriptor AR byte must indicate interrupt gate, trap gate,
|
|
// or task gate, else #GP(vector*8 + 2 + EXT)
|
|
if (gate_descriptor.type != BX_386_INTERRUPT_GATE &&
|
|
gate_descriptor.type != BX_386_TRAP_GATE)
|
|
{
|
|
BX_ERROR(("interrupt(long mode): unsupported gate type %u",
|
|
(unsigned) gate_descriptor.type));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// if software interrupt, then gate descriptor DPL must be >= CPL,
|
|
// else #GP(vector * 8 + 2 + EXT)
|
|
if (soft_int && gate_descriptor.dpl < CPL)
|
|
{
|
|
BX_ERROR(("interrupt(long mode): soft_int && gate.dpl < CPL"));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// Gate must be present, else #NP(vector * 8 + 2 + EXT)
|
|
if (! IS_PRESENT(gate_descriptor)) {
|
|
BX_ERROR(("interrupt(long mode): gate.p == 0"));
|
|
exception(BX_NP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
Bit16u gate_dest_selector = gate_descriptor.u.gate.dest_selector;
|
|
Bit64u gate_dest_offset = GET64_FROM_HI32_LO32(dword3, gate_descriptor.u.gate.dest_offset);
|
|
|
|
unsigned ist = gate_descriptor.u.gate.param_count & 0x7;
|
|
|
|
// examine CS selector and descriptor given in gate descriptor
|
|
// selector must be non-null else #GP(EXT)
|
|
if ((gate_dest_selector & 0xfffc) == 0) {
|
|
BX_ERROR(("int_trap_gate(long mode): selector null"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
parse_selector(gate_dest_selector, &cs_selector);
|
|
|
|
// selector must be within its descriptor table limits
|
|
// else #GP(selector+EXT)
|
|
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
|
|
parse_descriptor(dword1, dword2, &cs_descriptor);
|
|
|
|
// descriptor AR byte must indicate code seg
|
|
// and code segment descriptor DPL<=CPL, else #GP(selector+EXT)
|
|
if (cs_descriptor.valid==0 || cs_descriptor.segment==0 ||
|
|
IS_DATA_SEGMENT(cs_descriptor.type) ||
|
|
cs_descriptor.dpl > CPL)
|
|
{
|
|
BX_ERROR(("interrupt(long mode): not accessible or not code segment"));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
// check that it's a 64 bit segment
|
|
if (! IS_LONG64_SEGMENT(cs_descriptor) || cs_descriptor.u.segment.d_b)
|
|
{
|
|
BX_ERROR(("interrupt(long mode): must be 64 bit segment"));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
// segment must be present, else #NP(selector + EXT)
|
|
if (! IS_PRESENT(cs_descriptor)) {
|
|
BX_ERROR(("interrupt(long mode): segment not present"));
|
|
exception(BX_NP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
Bit64u RSP_for_cpl_x;
|
|
#if BX_SUPPORT_CET
|
|
bx_address new_SSP = 0; // keep warning silent
|
|
unsigned old_SS_DPL = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].cache.dpl;
|
|
unsigned old_CPL = CPL;
|
|
bx_address return_LIP = get_laddr(BX_SEG_REG_CS, RIP);
|
|
bool check_ss_token = true;
|
|
#endif
|
|
|
|
Bit64u old_CS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value;
|
|
Bit64u old_RIP = RIP;
|
|
Bit64u old_SS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].selector.value;
|
|
Bit64u old_RSP = RSP;
|
|
|
|
// if code segment is non-conforming and DPL < CPL then
|
|
// INTERRUPT TO INNER PRIVILEGE:
|
|
if (IS_CODE_SEGMENT_NON_CONFORMING(cs_descriptor.type) && cs_descriptor.dpl < CPL)
|
|
{
|
|
BX_DEBUG(("interrupt(long mode): INTERRUPT TO INNER PRIVILEGE"));
|
|
|
|
// check selector and descriptor for new stack in current TSS
|
|
if (ist > 0) {
|
|
BX_DEBUG(("interrupt(long mode): trap to IST, vector = %d", ist));
|
|
RSP_for_cpl_x = get_RSP_from_TSS(ist+3);
|
|
#if BX_SUPPORT_CET
|
|
if (ShadowStackEnabled(0)) {
|
|
bx_address new_SSP_addr = BX_CPU_THIS_PTR msr.ia32_interrupt_ssp_table + (ist<<3);
|
|
new_SSP = system_read_qword(new_SSP_addr);
|
|
}
|
|
#endif
|
|
}
|
|
else {
|
|
RSP_for_cpl_x = get_RSP_from_TSS(cs_descriptor.dpl);
|
|
#if BX_SUPPORT_CET
|
|
new_SSP = BX_CPU_THIS_PTR msr.ia32_pl_ssp[cs_descriptor.dpl];
|
|
#endif
|
|
}
|
|
|
|
// align stack
|
|
RSP_for_cpl_x &= BX_CONST64(0xfffffffffffffff0);
|
|
|
|
// push old stack long pointer onto new stack
|
|
write_new_stack_qword(RSP_for_cpl_x - 8, cs_descriptor.dpl, old_SS);
|
|
write_new_stack_qword(RSP_for_cpl_x - 16, cs_descriptor.dpl, old_RSP);
|
|
write_new_stack_qword(RSP_for_cpl_x - 24, cs_descriptor.dpl, read_eflags());
|
|
// push long pointer to return address onto new stack
|
|
write_new_stack_qword(RSP_for_cpl_x - 32, cs_descriptor.dpl, old_CS);
|
|
write_new_stack_qword(RSP_for_cpl_x - 40, cs_descriptor.dpl, old_RIP);
|
|
RSP_for_cpl_x -= 40;
|
|
|
|
if (push_error) {
|
|
RSP_for_cpl_x -= 8;
|
|
write_new_stack_qword(RSP_for_cpl_x, cs_descriptor.dpl, error_code);
|
|
}
|
|
|
|
// load CS:RIP (guaranteed to be in 64 bit mode)
|
|
branch_far(&cs_selector, &cs_descriptor, gate_dest_offset, cs_descriptor.dpl);
|
|
|
|
// set up null SS descriptor
|
|
load_null_selector(&BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS], cs_descriptor.dpl);
|
|
}
|
|
else if(IS_CODE_SEGMENT_CONFORMING(cs_descriptor.type) || cs_descriptor.dpl==CPL)
|
|
{
|
|
// if code segment is conforming OR code segment DPL = CPL then
|
|
// INTERRUPT TO SAME PRIVILEGE LEVEL:
|
|
|
|
BX_DEBUG(("interrupt(long mode): INTERRUPT TO SAME PRIVILEGE"));
|
|
|
|
// check selector and descriptor for new stack in current TSS
|
|
if (ist > 0) {
|
|
BX_DEBUG(("interrupt(long mode): trap to IST, vector = %d", ist));
|
|
RSP_for_cpl_x = get_RSP_from_TSS(ist+3);
|
|
#if BX_SUPPORT_CET
|
|
if (ShadowStackEnabled(CPL)) {
|
|
bx_address new_SSP_addr = BX_CPU_THIS_PTR msr.ia32_interrupt_ssp_table + (ist<<3);
|
|
new_SSP = system_read_qword(new_SSP_addr);
|
|
}
|
|
#endif
|
|
}
|
|
else {
|
|
RSP_for_cpl_x = RSP;
|
|
#if BX_SUPPORT_CET
|
|
new_SSP = SSP;
|
|
check_ss_token = false;
|
|
#endif
|
|
}
|
|
|
|
// align stack
|
|
RSP_for_cpl_x &= BX_CONST64(0xfffffffffffffff0);
|
|
|
|
// push flags onto stack
|
|
// push current CS selector onto stack
|
|
// push return offset onto stack
|
|
write_new_stack_qword(RSP_for_cpl_x - 8, cs_descriptor.dpl, old_SS);
|
|
write_new_stack_qword(RSP_for_cpl_x - 16, cs_descriptor.dpl, old_RSP);
|
|
write_new_stack_qword(RSP_for_cpl_x - 24, cs_descriptor.dpl, read_eflags());
|
|
// push long pointer to return address onto new stack
|
|
write_new_stack_qword(RSP_for_cpl_x - 32, cs_descriptor.dpl, old_CS);
|
|
write_new_stack_qword(RSP_for_cpl_x - 40, cs_descriptor.dpl, old_RIP);
|
|
RSP_for_cpl_x -= 40;
|
|
|
|
if (push_error) {
|
|
RSP_for_cpl_x -= 8;
|
|
write_new_stack_qword(RSP_for_cpl_x, cs_descriptor.dpl, error_code);
|
|
}
|
|
|
|
// set the RPL field of CS to CPL
|
|
branch_far(&cs_selector, &cs_descriptor, gate_dest_offset, CPL);
|
|
}
|
|
else {
|
|
BX_ERROR(("interrupt(long mode): bad descriptor type %u (CS.DPL=%u CPL=%u)",
|
|
(unsigned) cs_descriptor.type, (unsigned) cs_descriptor.dpl, (unsigned) CPL));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
#if BX_SUPPORT_CET
|
|
if(ShadowStackEnabled(old_CPL)) {
|
|
if (old_CPL == 3)
|
|
BX_CPU_THIS_PTR msr.ia32_pl_ssp[3] = SSP;
|
|
}
|
|
if (ShadowStackEnabled(CPL)) {
|
|
bx_address old_SSP = SSP;
|
|
if(check_ss_token)
|
|
shadow_stack_switch(new_SSP);
|
|
if (old_SS_DPL != 3)
|
|
call_far_shadow_stack_push(old_CS, return_LIP, old_SSP);
|
|
}
|
|
track_indirect(CPL);
|
|
#endif
|
|
|
|
RSP = RSP_for_cpl_x;
|
|
|
|
// if interrupt gate then set IF to 0
|
|
if (!(gate_descriptor.type & 1)) // even is int-gate
|
|
BX_CPU_THIS_PTR clear_IF();
|
|
BX_CPU_THIS_PTR clear_TF();
|
|
//BX_CPU_THIS_PTR clear_VM(); // VM is clear in long mode
|
|
BX_CPU_THIS_PTR clear_RF();
|
|
BX_CPU_THIS_PTR clear_NT();
|
|
}
|
|
#endif
|
|
|
|
void BX_CPU_C::protected_mode_int(Bit8u vector, bool soft_int, bool push_error, Bit16u error_code)
|
|
{
|
|
bx_descriptor_t gate_descriptor, cs_descriptor;
|
|
bx_selector_t cs_selector;
|
|
|
|
Bit16u raw_tss_selector;
|
|
bx_selector_t tss_selector;
|
|
bx_descriptor_t tss_descriptor;
|
|
|
|
// interrupt vector must be within IDT table limits,
|
|
// else #GP(vector*8 + 2 + EXT)
|
|
if ((vector*8 + 7) > BX_CPU_THIS_PTR idtr.limit) {
|
|
BX_ERROR(("interrupt(): vector must be within IDT table limits, IDT.limit = 0x%x", BX_CPU_THIS_PTR idtr.limit));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
Bit64u desctmp = system_read_qword(BX_CPU_THIS_PTR idtr.base + vector*8);
|
|
|
|
Bit32u dword1 = GET32L(desctmp);
|
|
Bit32u dword2 = GET32H(desctmp);
|
|
|
|
parse_descriptor(dword1, dword2, &gate_descriptor);
|
|
|
|
if ((gate_descriptor.valid==0) || gate_descriptor.segment) {
|
|
BX_ERROR(("interrupt(): gate descriptor is not valid sys seg (vector=0x%02x)", vector));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// descriptor AR byte must indicate interrupt gate, trap gate,
|
|
// or task gate, else #GP(vector*8 + 2 + EXT)
|
|
switch (gate_descriptor.type) {
|
|
case BX_TASK_GATE:
|
|
case BX_286_INTERRUPT_GATE:
|
|
case BX_286_TRAP_GATE:
|
|
case BX_386_INTERRUPT_GATE:
|
|
case BX_386_TRAP_GATE:
|
|
break;
|
|
default:
|
|
BX_ERROR(("interrupt(): gate.type(%u) != {5,6,7,14,15}",
|
|
(unsigned) gate_descriptor.type));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// if software interrupt, then gate descriptor DPL must be >= CPL,
|
|
// else #GP(vector * 8 + 2 + EXT)
|
|
if (soft_int && gate_descriptor.dpl < CPL) {
|
|
BX_ERROR(("interrupt(): soft_int && (gate.dpl < CPL)"));
|
|
exception(BX_GP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
// Gate must be present, else #NP(vector * 8 + 2 + EXT)
|
|
if (! IS_PRESENT(gate_descriptor)) {
|
|
BX_ERROR(("interrupt(): gate not present"));
|
|
exception(BX_NP_EXCEPTION, vector*8 + 2);
|
|
}
|
|
|
|
switch (gate_descriptor.type) {
|
|
case BX_TASK_GATE:
|
|
// examine selector to TSS, given in task gate descriptor
|
|
raw_tss_selector = gate_descriptor.u.taskgate.tss_selector;
|
|
parse_selector(raw_tss_selector, &tss_selector);
|
|
|
|
// must specify global in the local/global bit,
|
|
// else #GP(TSS selector)
|
|
if (tss_selector.ti) {
|
|
BX_ERROR(("interrupt(): tss_selector.ti=1 from gate descriptor - #GP(tss_selector)"));
|
|
exception(BX_GP_EXCEPTION, raw_tss_selector & 0xfffc);
|
|
}
|
|
|
|
// index must be within GDT limits, else #TS(TSS selector)
|
|
fetch_raw_descriptor(&tss_selector, &dword1, &dword2, BX_GP_EXCEPTION);
|
|
|
|
parse_descriptor(dword1, dword2, &tss_descriptor);
|
|
|
|
// AR byte must specify available TSS,
|
|
// else #GP(TSS selector)
|
|
if (tss_descriptor.valid==0 || tss_descriptor.segment) {
|
|
BX_ERROR(("interrupt(): TSS selector points to invalid or bad TSS - #GP(tss_selector)"));
|
|
exception(BX_GP_EXCEPTION, raw_tss_selector & 0xfffc);
|
|
}
|
|
|
|
if (tss_descriptor.type!=BX_SYS_SEGMENT_AVAIL_286_TSS &&
|
|
tss_descriptor.type!=BX_SYS_SEGMENT_AVAIL_386_TSS)
|
|
{
|
|
BX_ERROR(("interrupt(): TSS selector points to bad TSS - #GP(tss_selector)"));
|
|
exception(BX_GP_EXCEPTION, raw_tss_selector & 0xfffc);
|
|
}
|
|
|
|
// TSS must be present, else #NP(TSS selector)
|
|
if (! IS_PRESENT(tss_descriptor)) {
|
|
BX_ERROR(("interrupt(): TSS descriptor.p == 0"));
|
|
exception(BX_NP_EXCEPTION, raw_tss_selector & 0xfffc);
|
|
}
|
|
|
|
// switch tasks with nesting to TSS
|
|
task_switch(0, &tss_selector, &tss_descriptor,
|
|
BX_TASK_FROM_INT, dword1, dword2, push_error, error_code);
|
|
return;
|
|
|
|
case BX_286_INTERRUPT_GATE:
|
|
case BX_286_TRAP_GATE:
|
|
case BX_386_INTERRUPT_GATE:
|
|
case BX_386_TRAP_GATE:
|
|
{
|
|
Bit16u gate_dest_selector = gate_descriptor.u.gate.dest_selector;
|
|
Bit32u gate_dest_offset = gate_descriptor.u.gate.dest_offset;
|
|
|
|
// examine CS selector and descriptor given in gate descriptor
|
|
// selector must be non-null else #GP(EXT)
|
|
if ((gate_dest_selector & 0xfffc) == 0) {
|
|
BX_ERROR(("int_trap_gate(): selector null"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
parse_selector(gate_dest_selector, &cs_selector);
|
|
|
|
// selector must be within its descriptor table limits
|
|
// else #GP(selector+EXT)
|
|
fetch_raw_descriptor(&cs_selector, &dword1, &dword2, BX_GP_EXCEPTION);
|
|
parse_descriptor(dword1, dword2, &cs_descriptor);
|
|
|
|
// descriptor AR byte must indicate code seg
|
|
// and code segment descriptor DPL<=CPL, else #GP(selector+EXT)
|
|
if (cs_descriptor.valid==0 || cs_descriptor.segment==0 ||
|
|
IS_DATA_SEGMENT(cs_descriptor.type) ||
|
|
cs_descriptor.dpl > CPL)
|
|
{
|
|
BX_ERROR(("interrupt(): not accessible or not code segment cs=0x%04x", cs_selector.value));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
// segment must be present, else #NP(selector + EXT)
|
|
if (! IS_PRESENT(cs_descriptor)) {
|
|
BX_ERROR(("interrupt(): segment not present"));
|
|
exception(BX_NP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
Bit32u old_ESP = ESP;
|
|
Bit16u old_SS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].selector.value;
|
|
Bit32u old_EIP = EIP;
|
|
Bit16u old_CS = BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value;
|
|
|
|
#if BX_SUPPORT_CET
|
|
bx_address new_SSP = BX_CPU_THIS_PTR msr.ia32_pl_ssp[cs_descriptor.dpl];
|
|
Bit32u return_LIP = get_laddr(BX_SEG_REG_CS, EIP);
|
|
unsigned old_SS_DPL = BX_CPU_THIS_PTR sregs[BX_SEG_REG_SS].cache.dpl;
|
|
unsigned old_CPL = CPL;
|
|
#endif
|
|
|
|
// if code segment is non-conforming and DPL < CPL then
|
|
// INTERRUPT TO INNER PRIVILEGE
|
|
if(IS_CODE_SEGMENT_NON_CONFORMING(cs_descriptor.type) && cs_descriptor.dpl < CPL)
|
|
{
|
|
Bit16u SS_for_cpl_x;
|
|
Bit32u ESP_for_cpl_x;
|
|
bx_descriptor_t ss_descriptor;
|
|
bx_selector_t ss_selector;
|
|
int is_v8086_mode = v8086_mode();
|
|
|
|
BX_DEBUG(("interrupt(): INTERRUPT TO INNER PRIVILEGE"));
|
|
|
|
// check selector and descriptor for new stack in current TSS
|
|
get_SS_ESP_from_TSS(cs_descriptor.dpl, &SS_for_cpl_x, &ESP_for_cpl_x);
|
|
|
|
if (is_v8086_mode && cs_descriptor.dpl != 0) {
|
|
// if code segment DPL != 0 then #GP(new code segment selector)
|
|
BX_ERROR(("interrupt(): code segment DPL(%d) != 0 in v8086 mode", cs_descriptor.dpl));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
// Selector must be non-null else #TS(EXT)
|
|
if ((SS_for_cpl_x & 0xfffc) == 0) {
|
|
BX_ERROR(("interrupt(): SS selector null"));
|
|
exception(BX_TS_EXCEPTION, 0); /* TS(ext) */
|
|
}
|
|
|
|
// selector index must be within its descriptor table limits
|
|
// else #TS(SS selector + EXT)
|
|
parse_selector(SS_for_cpl_x, &ss_selector);
|
|
// fetch 2 dwords of descriptor; call handles out of limits checks
|
|
fetch_raw_descriptor(&ss_selector, &dword1, &dword2, BX_TS_EXCEPTION);
|
|
parse_descriptor(dword1, dword2, &ss_descriptor);
|
|
|
|
// selector rpl must = dpl of code segment,
|
|
// else #TS(SS selector + ext)
|
|
if (ss_selector.rpl != cs_descriptor.dpl) {
|
|
BX_ERROR(("interrupt(): SS.rpl != CS.dpl"));
|
|
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc);
|
|
}
|
|
|
|
// stack seg DPL must = DPL of code segment,
|
|
// else #TS(SS selector + ext)
|
|
if (ss_descriptor.dpl != cs_descriptor.dpl) {
|
|
BX_ERROR(("interrupt(): SS.dpl != CS.dpl"));
|
|
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc);
|
|
}
|
|
|
|
// descriptor must indicate writable data segment,
|
|
// else #TS(SS selector + EXT)
|
|
if (ss_descriptor.valid==0 || ss_descriptor.segment==0 ||
|
|
IS_CODE_SEGMENT(ss_descriptor.type) ||
|
|
!IS_DATA_SEGMENT_WRITEABLE(ss_descriptor.type))
|
|
{
|
|
BX_ERROR(("interrupt(): SS is not writable data segment"));
|
|
exception(BX_TS_EXCEPTION, SS_for_cpl_x & 0xfffc);
|
|
}
|
|
|
|
// seg must be present, else #SS(SS selector + ext)
|
|
if (! IS_PRESENT(ss_descriptor)) {
|
|
BX_ERROR(("interrupt(): SS not present"));
|
|
exception(BX_SS_EXCEPTION, SS_for_cpl_x & 0xfffc);
|
|
}
|
|
|
|
// IP must be within CS segment boundaries, else #GP(0)
|
|
if (gate_dest_offset > cs_descriptor.u.segment.limit_scaled) {
|
|
BX_ERROR(("interrupt(): gate EIP > CS.limit"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
// Prepare new stack segment
|
|
bx_segment_reg_t new_stack;
|
|
new_stack.selector = ss_selector;
|
|
new_stack.cache = ss_descriptor;
|
|
new_stack.selector.rpl = cs_descriptor.dpl;
|
|
// add cpl to the selector value
|
|
new_stack.selector.value = (0xfffc & new_stack.selector.value) | new_stack.selector.rpl;
|
|
|
|
if (ss_descriptor.u.segment.d_b) {
|
|
Bit32u temp_ESP = ESP_for_cpl_x;
|
|
|
|
if (is_v8086_mode)
|
|
{
|
|
if (gate_descriptor.type>=14) { // 386 int/trap gate
|
|
write_new_stack_dword(&new_stack, temp_ESP-4, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value);
|
|
write_new_stack_dword(&new_stack, temp_ESP-8, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value);
|
|
write_new_stack_dword(&new_stack, temp_ESP-12, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value);
|
|
write_new_stack_dword(&new_stack, temp_ESP-16, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value);
|
|
temp_ESP -= 16;
|
|
}
|
|
else {
|
|
write_new_stack_word(&new_stack, temp_ESP-2, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value);
|
|
write_new_stack_word(&new_stack, temp_ESP-4, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value);
|
|
write_new_stack_word(&new_stack, temp_ESP-6, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value);
|
|
write_new_stack_word(&new_stack, temp_ESP-8, cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value);
|
|
temp_ESP -= 8;
|
|
}
|
|
}
|
|
|
|
if (gate_descriptor.type>=14) { // 386 int/trap gate
|
|
// push long pointer to old stack onto new stack
|
|
write_new_stack_dword(&new_stack, temp_ESP-4, cs_descriptor.dpl, old_SS);
|
|
write_new_stack_dword(&new_stack, temp_ESP-8, cs_descriptor.dpl, old_ESP);
|
|
write_new_stack_dword(&new_stack, temp_ESP-12, cs_descriptor.dpl, read_eflags());
|
|
write_new_stack_dword(&new_stack, temp_ESP-16, cs_descriptor.dpl, old_CS);
|
|
write_new_stack_dword(&new_stack, temp_ESP-20, cs_descriptor.dpl, old_EIP);
|
|
temp_ESP -= 20;
|
|
|
|
if (push_error) {
|
|
temp_ESP -= 4;
|
|
write_new_stack_dword(&new_stack, temp_ESP, cs_descriptor.dpl, error_code);
|
|
}
|
|
}
|
|
else { // 286 int/trap gate
|
|
// push long pointer to old stack onto new stack
|
|
write_new_stack_word(&new_stack, temp_ESP-2, cs_descriptor.dpl, old_SS);
|
|
write_new_stack_word(&new_stack, temp_ESP-4, cs_descriptor.dpl, (Bit16u) old_ESP);
|
|
write_new_stack_word(&new_stack, temp_ESP-6, cs_descriptor.dpl, (Bit16u) read_eflags());
|
|
write_new_stack_word(&new_stack, temp_ESP-8, cs_descriptor.dpl, old_CS);
|
|
write_new_stack_word(&new_stack, temp_ESP-10, cs_descriptor.dpl, (Bit16u) old_EIP);
|
|
temp_ESP -= 10;
|
|
|
|
if (push_error) {
|
|
temp_ESP -= 2;
|
|
write_new_stack_word(&new_stack, temp_ESP, cs_descriptor.dpl, error_code);
|
|
}
|
|
}
|
|
|
|
ESP = temp_ESP;
|
|
}
|
|
else {
|
|
Bit16u temp_SP = (Bit16u) ESP_for_cpl_x;
|
|
|
|
if (is_v8086_mode)
|
|
{
|
|
if (gate_descriptor.type>=14) { // 386 int/trap gate
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-4), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-8), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-12), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-16), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value);
|
|
temp_SP -= 16;
|
|
}
|
|
else {
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-2), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-4), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-6), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-8), cs_descriptor.dpl,
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value);
|
|
temp_SP -= 8;
|
|
}
|
|
}
|
|
|
|
if (gate_descriptor.type>=14) { // 386 int/trap gate
|
|
// push long pointer to old stack onto new stack
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-4), cs_descriptor.dpl, old_SS);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-8), cs_descriptor.dpl, old_ESP);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-12), cs_descriptor.dpl, read_eflags());
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-16), cs_descriptor.dpl, old_CS);
|
|
write_new_stack_dword(&new_stack, (Bit16u)(temp_SP-20), cs_descriptor.dpl, old_EIP);
|
|
temp_SP -= 20;
|
|
|
|
if (push_error) {
|
|
temp_SP -= 4;
|
|
write_new_stack_dword(&new_stack, temp_SP, cs_descriptor.dpl, error_code);
|
|
}
|
|
}
|
|
else { // 286 int/trap gate
|
|
// push long pointer to old stack onto new stack
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-2), cs_descriptor.dpl, old_SS);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-4), cs_descriptor.dpl, (Bit16u) old_ESP);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-6), cs_descriptor.dpl, (Bit16u) read_eflags());
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-8), cs_descriptor.dpl, old_CS);
|
|
write_new_stack_word(&new_stack, (Bit16u)(temp_SP-10), cs_descriptor.dpl, (Bit16u) old_EIP);
|
|
temp_SP -= 10;
|
|
|
|
if (push_error) {
|
|
temp_SP -= 2;
|
|
write_new_stack_word(&new_stack, temp_SP, cs_descriptor.dpl, error_code);
|
|
}
|
|
}
|
|
|
|
SP = temp_SP;
|
|
}
|
|
|
|
// load new CS:eIP values from gate
|
|
// set CPL to new code segment DPL
|
|
// set RPL of CS to CPL
|
|
load_cs(&cs_selector, &cs_descriptor, cs_descriptor.dpl);
|
|
|
|
// load new SS:eSP values from TSS
|
|
load_ss(&ss_selector, &ss_descriptor, cs_descriptor.dpl);
|
|
|
|
#if BX_SUPPORT_CET
|
|
if(ShadowStackEnabled(old_CPL)) {
|
|
if (old_CPL == 3)
|
|
BX_CPU_THIS_PTR msr.ia32_pl_ssp[3] = SSP;
|
|
}
|
|
if (ShadowStackEnabled(CPL)) {
|
|
bx_address old_SSP = SSP;
|
|
shadow_stack_switch(new_SSP);
|
|
if (old_SS_DPL != 3) {
|
|
call_far_shadow_stack_push(old_CS, return_LIP, old_SSP);
|
|
}
|
|
}
|
|
track_indirect(CPL);
|
|
#endif
|
|
|
|
if (is_v8086_mode)
|
|
{
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].cache.valid = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_GS].selector.value = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].cache.valid = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_FS].selector.value = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].cache.valid = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_DS].selector.value = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].cache.valid = 0;
|
|
BX_CPU_THIS_PTR sregs[BX_SEG_REG_ES].selector.value = 0;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
BX_DEBUG(("interrupt(): INTERRUPT TO SAME PRIVILEGE"));
|
|
|
|
if (v8086_mode() && (IS_CODE_SEGMENT_CONFORMING(cs_descriptor.type) || cs_descriptor.dpl != 0)) {
|
|
// if code segment DPL != 0 then #GP(new code segment selector)
|
|
BX_ERROR(("interrupt(): code segment conforming or DPL(%d) != 0 in v8086 mode", cs_descriptor.dpl));
|
|
exception(BX_GP_EXCEPTION, cs_selector.value & 0xfffc);
|
|
}
|
|
|
|
// EIP must be in CS limit else #GP(0)
|
|
if (gate_dest_offset > cs_descriptor.u.segment.limit_scaled) {
|
|
BX_ERROR(("interrupt(): IP > CS descriptor limit"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
// push flags onto stack
|
|
// push current CS selector onto stack
|
|
// push return offset onto stack
|
|
if (gate_descriptor.type >= 14) { // 386 gate
|
|
push_32(read_eflags());
|
|
push_32(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
|
|
push_32(EIP);
|
|
if (push_error)
|
|
push_32(error_code);
|
|
}
|
|
else { // 286 gate
|
|
push_16((Bit16u) read_eflags());
|
|
push_16(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
|
|
push_16(IP);
|
|
if (push_error)
|
|
push_16(error_code);
|
|
}
|
|
|
|
#if BX_SUPPORT_CET
|
|
if(ShadowStackEnabled(CPL)) {
|
|
call_far_shadow_stack_push(old_CS, return_LIP, SSP);
|
|
}
|
|
track_indirect(CPL);
|
|
#endif
|
|
|
|
// load CS:IP from gate
|
|
// load CS descriptor
|
|
// set the RPL field of CS to CPL
|
|
load_cs(&cs_selector, &cs_descriptor, CPL);
|
|
}
|
|
|
|
EIP = gate_dest_offset;
|
|
|
|
// if interrupt gate then set IF to 0
|
|
if (!(gate_descriptor.type & 1)) // even is int-gate
|
|
BX_CPU_THIS_PTR clear_IF();
|
|
BX_CPU_THIS_PTR clear_TF();
|
|
BX_CPU_THIS_PTR clear_NT();
|
|
BX_CPU_THIS_PTR clear_VM();
|
|
BX_CPU_THIS_PTR clear_RF();
|
|
return;
|
|
}
|
|
default:
|
|
BX_PANIC(("bad descriptor type in interrupt()!"));
|
|
break;
|
|
}
|
|
}
|
|
|
|
void BX_CPU_C::real_mode_int(Bit8u vector, bool push_error, Bit16u error_code)
|
|
{
|
|
if ((vector*4+3) > BX_CPU_THIS_PTR idtr.limit) {
|
|
BX_ERROR(("interrupt(real mode) vector > idtr.limit"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
push_16((Bit16u) read_eflags());
|
|
push_16(BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].selector.value);
|
|
push_16(IP);
|
|
|
|
Bit16u new_ip = system_read_word(BX_CPU_THIS_PTR idtr.base + 4 * vector);
|
|
// CS.LIMIT can't change when in real/v8086 mode
|
|
if (new_ip > BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS].cache.u.segment.limit_scaled) {
|
|
BX_ERROR(("interrupt(real mode): instruction pointer not within code segment limits"));
|
|
exception(BX_GP_EXCEPTION, 0);
|
|
}
|
|
|
|
Bit16u cs_selector = system_read_word(BX_CPU_THIS_PTR idtr.base + 4 * vector + 2);
|
|
load_seg_reg(&BX_CPU_THIS_PTR sregs[BX_SEG_REG_CS], cs_selector);
|
|
EIP = new_ip;
|
|
|
|
/* INT affects the following flags: I,T */
|
|
BX_CPU_THIS_PTR clear_IF();
|
|
BX_CPU_THIS_PTR clear_TF();
|
|
#if BX_CPU_LEVEL >= 4
|
|
BX_CPU_THIS_PTR clear_AC();
|
|
#endif
|
|
BX_CPU_THIS_PTR clear_RF();
|
|
}
|
|
|
|
void BX_CPU_C::interrupt(Bit8u vector, unsigned type, bool push_error, Bit16u error_code)
|
|
{
|
|
#if BX_DEBUGGER
|
|
BX_CPU_THIS_PTR show_flag |= Flag_intsig;
|
|
#if BX_DEBUG_LINUX
|
|
if (bx_dbg.linux_syscall) {
|
|
if (vector == 0x80) bx_dbg_linux_syscall(BX_CPU_ID);
|
|
}
|
|
#endif
|
|
bx_dbg_interrupt(BX_CPU_ID, vector, error_code);
|
|
#endif
|
|
|
|
BX_INSTR_INTERRUPT(BX_CPU_ID, vector);
|
|
|
|
invalidate_prefetch_q();
|
|
|
|
bool soft_int = false;
|
|
switch(type) {
|
|
case BX_SOFTWARE_INTERRUPT:
|
|
case BX_SOFTWARE_EXCEPTION:
|
|
soft_int = true;
|
|
break;
|
|
case BX_PRIVILEGED_SOFTWARE_INTERRUPT:
|
|
case BX_EXTERNAL_INTERRUPT:
|
|
case BX_NMI:
|
|
case BX_HARDWARE_EXCEPTION:
|
|
break;
|
|
|
|
default:
|
|
BX_PANIC(("interrupt(): unknown exception type %d", type));
|
|
}
|
|
|
|
BX_DEBUG(("interrupt(): vector = %02x, TYPE = %u, EXT = %u",
|
|
vector, type, (unsigned) BX_CPU_THIS_PTR EXT));
|
|
|
|
// Discard any traps and inhibits for new context; traps will
|
|
// resume upon return.
|
|
BX_CPU_THIS_PTR debug_trap = 0;
|
|
BX_CPU_THIS_PTR inhibit_mask = 0;
|
|
|
|
#if BX_SUPPORT_VMX || BX_SUPPORT_SVM
|
|
BX_CPU_THIS_PTR in_event = true;
|
|
#endif
|
|
|
|
RSP_SPECULATIVE;
|
|
|
|
#if BX_SUPPORT_X86_64
|
|
if (long_mode()) {
|
|
long_mode_int(vector, soft_int, push_error, error_code);
|
|
}
|
|
else
|
|
#endif
|
|
{
|
|
// software interrupt can be redirected in v8086 mode
|
|
if (type != BX_SOFTWARE_INTERRUPT || !v8086_mode() || !v86_redirect_interrupt(vector))
|
|
{
|
|
if(real_mode()) {
|
|
real_mode_int(vector, push_error, error_code);
|
|
}
|
|
else {
|
|
protected_mode_int(vector, soft_int, push_error, error_code);
|
|
}
|
|
}
|
|
}
|
|
|
|
RSP_COMMIT;
|
|
|
|
#if BX_SUPPORT_VMX
|
|
unmask_event(BX_EVENT_VMX_MONITOR_TRAP_FLAG);
|
|
#endif
|
|
|
|
#if BX_SUPPORT_VMX || BX_SUPPORT_SVM
|
|
BX_CPU_THIS_PTR in_event = false;
|
|
#endif
|
|
|
|
BX_CPU_THIS_PTR EXT = 0;
|
|
}
|
|
|
|
/* Exception types. These are used as indexes into the 'is_exception_OK'
|
|
* array below, and are stored in the 'exception' array also
|
|
*/
|
|
enum ExceptionType {
|
|
BX_ET_BENIGN = 0,
|
|
BX_ET_CONTRIBUTORY = 1,
|
|
BX_ET_PAGE_FAULT = 2,
|
|
BX_ET_DOUBLE_FAULT = 10
|
|
};
|
|
|
|
static const bool is_exception_OK[3][3] = {
|
|
{ 1, 1, 1 }, /* 1st exception is BENIGN */
|
|
{ 1, 0, 1 }, /* 1st exception is CONTRIBUTORY */
|
|
{ 1, 0, 0 } /* 1st exception is PAGE_FAULT */
|
|
};
|
|
|
|
struct BxExceptionInfo {
|
|
unsigned exception_type;
|
|
unsigned exception_class;
|
|
bool push_error;
|
|
};
|
|
|
|
static const struct BxExceptionInfo exceptions_info[BX_CPU_HANDLED_EXCEPTIONS] = {
|
|
/* DE */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* DB */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 02 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 }, // NMI
|
|
/* BP */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_TRAP, 0 },
|
|
/* OF */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_TRAP, 0 },
|
|
/* BR */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* UD */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* NM */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* DF */ { BX_ET_DOUBLE_FAULT, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
// coprocessor segment overrun (286,386 only)
|
|
/* 09 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* TS */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* NP */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* SS */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* GP */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* PF */ { BX_ET_PAGE_FAULT, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* 15 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 }, // reserved
|
|
/* MF */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* AC */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* MC */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_ABORT, 0 },
|
|
/* XM */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* VE */ { BX_ET_PAGE_FAULT, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* CP */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 },
|
|
/* 22 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 23 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 24 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 25 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 26 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 27 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 28 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* 29 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 },
|
|
/* SX */ { BX_ET_CONTRIBUTORY, BX_EXCEPTION_CLASS_FAULT, 1 }, // SVM #SX is here and pushes error code
|
|
/* 31 */ { BX_ET_BENIGN, BX_EXCEPTION_CLASS_FAULT, 0 }
|
|
};
|
|
|
|
int get_exception_class(unsigned vector)
|
|
{
|
|
if (vector < BX_CPU_HANDLED_EXCEPTIONS)
|
|
return exceptions_info[vector].exception_class;
|
|
else
|
|
return BX_EXCEPTION_CLASS_FAULT;
|
|
}
|
|
|
|
int BX_CPU_C::get_exception_type(unsigned vector)
|
|
{
|
|
if (vector < BX_CPU_HANDLED_EXCEPTIONS) {
|
|
if (vector == BX_CP_EXCEPTION)
|
|
if (! BX_CPUID_SUPPORT_ISA_EXTENSION(BX_ISA_CET))
|
|
return BX_ET_BENIGN;
|
|
if (vector == BX_SX_EXCEPTION)
|
|
if (! BX_CPUID_SUPPORT_ISA_EXTENSION(BX_ISA_SVM))
|
|
return BX_ET_BENIGN;
|
|
return exceptions_info[vector].exception_type;
|
|
}
|
|
else
|
|
return BX_ET_BENIGN;
|
|
}
|
|
|
|
bool BX_CPU_C::exception_push_error(unsigned vector)
|
|
{
|
|
if (vector < BX_CPU_HANDLED_EXCEPTIONS) {
|
|
if (vector == BX_CP_EXCEPTION)
|
|
if (! BX_CPUID_SUPPORT_ISA_EXTENSION(BX_ISA_CET)) return false;
|
|
if (vector == BX_SX_EXCEPTION)
|
|
if (! BX_CPUID_SUPPORT_ISA_EXTENSION(BX_ISA_SVM)) return false;
|
|
return exceptions_info[vector].push_error;
|
|
}
|
|
else
|
|
return false;
|
|
}
|
|
|
|
// vector: 0..255: vector in IDT
|
|
// error_code: if exception generates and error, push this error code
|
|
void BX_CPU_C::exception(unsigned vector, Bit16u error_code)
|
|
{
|
|
unsigned exception_type = BX_ET_BENIGN;
|
|
unsigned exception_class = BX_EXCEPTION_CLASS_FAULT;
|
|
bool push_error = false;
|
|
|
|
if (vector < BX_CPU_HANDLED_EXCEPTIONS) {
|
|
push_error = exception_push_error(vector);
|
|
exception_class = get_exception_class(vector);
|
|
exception_type = get_exception_type(vector);
|
|
}
|
|
else {
|
|
BX_PANIC(("exception(%u): bad vector", vector));
|
|
}
|
|
|
|
/* Excluding page faults and double faults, error_code may not have the
|
|
* least significant bit set correctly. This correction is applied first
|
|
* to make the change transparent to any instrumentation.
|
|
*/
|
|
if (push_error) {
|
|
if (vector != BX_PF_EXCEPTION && vector != BX_DF_EXCEPTION && vector != BX_CP_EXCEPTION && vector != BX_SX_EXCEPTION) {
|
|
error_code = (error_code & 0xfffe) | (Bit16u)(BX_CPU_THIS_PTR EXT);
|
|
}
|
|
}
|
|
|
|
BX_DEBUG(("exception(0x%02x): error_code=%04x", vector, error_code));
|
|
|
|
if (real_mode()) {
|
|
push_error = false; // not INT, no error code pushed
|
|
error_code = 0;
|
|
}
|
|
|
|
BX_INSTR_EXCEPTION(BX_CPU_ID, vector, error_code);
|
|
|
|
#if BX_DEBUGGER
|
|
bx_dbg_exception(BX_CPU_ID, vector, error_code);
|
|
#endif
|
|
|
|
#if BX_SUPPORT_VMX
|
|
VMexit_Event(BX_HARDWARE_EXCEPTION, vector, error_code, push_error);
|
|
#endif
|
|
|
|
#if BX_SUPPORT_SVM
|
|
SvmInterceptException(BX_HARDWARE_EXCEPTION, vector, error_code, push_error);
|
|
#endif
|
|
|
|
if (exception_class == BX_EXCEPTION_CLASS_FAULT)
|
|
{
|
|
// restore RIP/RSP to value before error occurred
|
|
RIP = BX_CPU_THIS_PTR prev_rip;
|
|
if (BX_CPU_THIS_PTR speculative_rsp) {
|
|
RSP = BX_CPU_THIS_PTR prev_rsp;
|
|
#if BX_SUPPORT_CET
|
|
SSP = BX_CPU_THIS_PTR prev_ssp;
|
|
#endif
|
|
}
|
|
BX_CPU_THIS_PTR speculative_rsp = false;
|
|
|
|
if (vector != BX_DB_EXCEPTION) BX_CPU_THIS_PTR assert_RF();
|
|
|
|
if (BX_CPU_THIS_PTR last_exception_type == BX_ET_DOUBLE_FAULT)
|
|
{
|
|
debug(BX_CPU_THIS_PTR prev_rip); // print debug information to the log
|
|
#if BX_SUPPORT_VMX
|
|
VMexit_TripleFault();
|
|
#endif
|
|
#if BX_SUPPORT_SVM
|
|
if (BX_CPU_THIS_PTR in_svm_guest) {
|
|
if (SVM_INTERCEPT(SVM_INTERCEPT0_SHUTDOWN)) Svm_Vmexit(SVM_VMEXIT_SHUTDOWN);
|
|
}
|
|
#endif
|
|
#if BX_DEBUGGER
|
|
// trap into debugger (the same as when a PANIC occurs)
|
|
bx_debug_break();
|
|
#endif
|
|
if (SIM->get_param_bool(BXPN_RESET_ON_TRIPLE_FAULT)->get()) {
|
|
BX_ERROR(("exception(): 3rd (%d) exception with no resolution, shutdown status is %02xh, resetting", vector, DEV_cmos_get_reg(0x0f)));
|
|
bx_pc_system.Reset(BX_RESET_HARDWARE);
|
|
}
|
|
else {
|
|
BX_PANIC(("exception(): 3rd (%d) exception with no resolution", vector));
|
|
BX_ERROR(("WARNING: Any simulation after this point is completely bogus !"));
|
|
shutdown();
|
|
}
|
|
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
|
|
}
|
|
}
|
|
|
|
if (vector == BX_DB_EXCEPTION) {
|
|
// Commit debug events to DR6: preserve DR5.BS and DR6.BD values,
|
|
// only software can clear them
|
|
BX_CPU_THIS_PTR dr6.val32 = (BX_CPU_THIS_PTR dr6.val32 & 0xffff6ff0) |
|
|
(BX_CPU_THIS_PTR debug_trap & 0x0000e00f);
|
|
|
|
// clear GD flag in the DR7 prior entering debug exception handler
|
|
BX_CPU_THIS_PTR dr7.set_GD(0);
|
|
}
|
|
|
|
BX_CPU_THIS_PTR EXT = 1;
|
|
|
|
/* if we've already had 1st exception, see if 2nd causes a
|
|
* Double Fault instead. Otherwise, just record 1st exception.
|
|
*/
|
|
if (exception_type != BX_ET_DOUBLE_FAULT) {
|
|
if (! is_exception_OK[BX_CPU_THIS_PTR last_exception_type][exception_type]) {
|
|
exception(BX_DF_EXCEPTION, 0);
|
|
}
|
|
}
|
|
|
|
BX_CPU_THIS_PTR last_exception_type = exception_type;
|
|
|
|
interrupt(vector, BX_HARDWARE_EXCEPTION, push_error, error_code);
|
|
|
|
BX_CPU_THIS_PTR last_exception_type = 0; // error resolved
|
|
|
|
longjmp(BX_CPU_THIS_PTR jmp_buf_env, 1); // go back to main decode loop
|
|
}
|