VirtualBox

source: vbox/trunk/src/VBox/VMM/VMMAll/PGMAllHandler.cpp@ 93628

Last change on this file since 93628 was 93554, checked in by vboxsync, 3 years ago

VMM: Changed PAGE_SIZE -> GUEST_PAGE_SIZE / HOST_PAGE_SIZE, PAGE_SHIFT -> GUEST_PAGE_SHIFT / HOST_PAGE_SHIFT, and PAGE_OFFSET_MASK -> GUEST_PAGE_OFFSET_MASK / HOST_PAGE_OFFSET_MASK. Also removed most usage of ASMMemIsZeroPage and ASMMemZeroPage since the host and guest page size doesn't need to be the same any more. Some work left to do in the page pool code. bugref:9898

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Revision
File size: 73.6 KB
Line 
1/* $Id: PGMAllHandler.cpp 93554 2022-02-02 22:57:02Z vboxsync $ */
2/** @file
3 * PGM - Page Manager / Monitor, Access Handlers.
4 */
5
6/*
7 * Copyright (C) 2006-2022 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Header Files *
21*********************************************************************************************************************************/
22#define LOG_GROUP LOG_GROUP_PGM
23#define VBOX_WITHOUT_PAGING_BIT_FIELDS /* 64-bit bitfields are just asking for trouble. See @bugref{9841} and others. */
24#include <VBox/vmm/dbgf.h>
25#include <VBox/vmm/pgm.h>
26#include <VBox/vmm/iom.h>
27#include <VBox/vmm/mm.h>
28#include <VBox/vmm/em.h>
29#include <VBox/vmm/nem.h>
30#include <VBox/vmm/stam.h>
31#include <VBox/vmm/dbgf.h>
32#ifdef IN_RING0
33# include <VBox/vmm/pdmdev.h>
34#endif
35#include "PGMInternal.h"
36#include <VBox/vmm/vmcc.h>
37#include "PGMInline.h"
38
39#include <VBox/log.h>
40#include <iprt/assert.h>
41#include <iprt/asm-amd64-x86.h>
42#include <iprt/string.h>
43#include <VBox/param.h>
44#include <VBox/err.h>
45#include <VBox/vmm/selm.h>
46
47
48/*********************************************************************************************************************************
49* Internal Functions *
50*********************************************************************************************************************************/
51static int pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(PVMCC pVM, PPGMPHYSHANDLER pCur, PPGMRAMRANGE pRam,
52 void *pvBitmap, uint32_t offBitmap);
53static void pgmHandlerPhysicalDeregisterNotifyNEM(PVMCC pVM, PPGMPHYSHANDLER pCur);
54static void pgmHandlerPhysicalResetRamFlags(PVMCC pVM, PPGMPHYSHANDLER pCur);
55
56
57/**
58 * Internal worker for releasing a physical handler type registration reference.
59 *
60 * @returns New reference count. UINT32_MAX if invalid input (asserted).
61 * @param pVM The cross context VM structure.
62 * @param pType Pointer to the type registration.
63 */
64DECLINLINE(uint32_t) pgmHandlerPhysicalTypeRelease(PVMCC pVM, PPGMPHYSHANDLERTYPEINT pType)
65{
66 AssertMsgReturn(pType->u32Magic == PGMPHYSHANDLERTYPEINT_MAGIC, ("%#x\n", pType->u32Magic), UINT32_MAX);
67 uint32_t cRefs = ASMAtomicDecU32(&pType->cRefs);
68 if (cRefs == 0)
69 {
70 PGM_LOCK_VOID(pVM);
71 pType->u32Magic = PGMPHYSHANDLERTYPEINT_MAGIC_DEAD;
72 RTListOff32NodeRemove(&pType->ListNode);
73 PGM_UNLOCK(pVM);
74 MMHyperFree(pVM, pType);
75 }
76 return cRefs;
77}
78
79
80/**
81 * Internal worker for retaining a physical handler type registration reference.
82 *
83 * @returns New reference count. UINT32_MAX if invalid input (asserted).
84 * @param pVM The cross context VM structure.
85 * @param pType Pointer to the type registration.
86 */
87DECLINLINE(uint32_t) pgmHandlerPhysicalTypeRetain(PVM pVM, PPGMPHYSHANDLERTYPEINT pType)
88{
89 NOREF(pVM);
90 AssertMsgReturn(pType->u32Magic == PGMPHYSHANDLERTYPEINT_MAGIC, ("%#x\n", pType->u32Magic), UINT32_MAX);
91 uint32_t cRefs = ASMAtomicIncU32(&pType->cRefs);
92 Assert(cRefs < _1M && cRefs > 0);
93 return cRefs;
94}
95
96
97/**
98 * Releases a reference to a physical handler type registration.
99 *
100 * @returns New reference count. UINT32_MAX if invalid input (asserted).
101 * @param pVM The cross context VM structure.
102 * @param hType The type regiration handle.
103 */
104VMMDECL(uint32_t) PGMHandlerPhysicalTypeRelease(PVMCC pVM, PGMPHYSHANDLERTYPE hType)
105{
106 if (hType != NIL_PGMPHYSHANDLERTYPE)
107 return pgmHandlerPhysicalTypeRelease(pVM, PGMPHYSHANDLERTYPEINT_FROM_HANDLE(pVM, hType));
108 return 0;
109}
110
111
112/**
113 * Retains a reference to a physical handler type registration.
114 *
115 * @returns New reference count. UINT32_MAX if invalid input (asserted).
116 * @param pVM The cross context VM structure.
117 * @param hType The type regiration handle.
118 */
119VMMDECL(uint32_t) PGMHandlerPhysicalTypeRetain(PVM pVM, PGMPHYSHANDLERTYPE hType)
120{
121 return pgmHandlerPhysicalTypeRetain(pVM, PGMPHYSHANDLERTYPEINT_FROM_HANDLE(pVM, hType));
122}
123
124
125/**
126 * Creates a physical access handler.
127 *
128 * @returns VBox status code.
129 * @retval VINF_SUCCESS when successfully installed.
130 * @retval VINF_PGM_GCPHYS_ALIASED when the shadow PTs could be updated because
131 * the guest page aliased or/and mapped by multiple PTs. A CR3 sync has been
132 * flagged together with a pool clearing.
133 * @retval VERR_PGM_HANDLER_PHYSICAL_CONFLICT if the range conflicts with an existing
134 * one. A debug assertion is raised.
135 *
136 * @param pVM The cross context VM structure.
137 * @param hType The handler type registration handle.
138 * @param pvUserR3 User argument to the R3 handler.
139 * @param pvUserR0 User argument to the R0 handler.
140 * @param pvUserRC User argument to the RC handler. This can be a value
141 * less that 0x10000 or a (non-null) pointer that is
142 * automatically relocated.
143 * @param pszDesc Description of this handler. If NULL, the type
144 * description will be used instead.
145 * @param ppPhysHandler Where to return the access handler structure on
146 * success.
147 */
148int pgmHandlerPhysicalExCreate(PVMCC pVM, PGMPHYSHANDLERTYPE hType, RTR3PTR pvUserR3, RTR0PTR pvUserR0, RTRCPTR pvUserRC,
149 R3PTRTYPE(const char *) pszDesc, PPGMPHYSHANDLER *ppPhysHandler)
150{
151 PPGMPHYSHANDLERTYPEINT pType = PGMPHYSHANDLERTYPEINT_FROM_HANDLE(pVM, hType);
152 Log(("pgmHandlerPhysicalExCreate: pvUserR3=%RHv pvUserR0=%RHv pvUserGC=%RRv hType=%#x (%d, %s) pszDesc=%RHv:%s\n",
153 pvUserR3, pvUserR0, pvUserRC, hType, pType->enmKind, R3STRING(pType->pszDesc), pszDesc, R3STRING(pszDesc)));
154
155 /*
156 * Validate input.
157 */
158 AssertPtr(ppPhysHandler);
159 AssertReturn(pType->u32Magic == PGMPHYSHANDLERTYPEINT_MAGIC, VERR_INVALID_HANDLE);
160#ifdef VBOX_WITH_RAW_MODE_KEEP
161 AssertMsgReturn( (RTRCUINTPTR)pvUserRC < 0x10000
162 || MMHyperR3ToRC(pVM, MMHyperRCToR3(pVM, pvUserRC)) == pvUserRC,
163 ("Not RC pointer! pvUserRC=%RRv\n", pvUserRC),
164 VERR_INVALID_PARAMETER);
165#else
166 RT_NOREF(pvUserRC);
167#endif
168#if 0 /* No longer valid. */
169 AssertMsgReturn( (RTR0UINTPTR)pvUserR0 < 0x10000
170 || MMHyperR3ToR0(pVM, MMHyperR0ToR3(pVM, pvUserR0)) == pvUserR0,
171 ("Not R0 pointer! pvUserR0=%RHv\n", pvUserR0),
172 VERR_INVALID_PARAMETER);
173#endif
174
175 /*
176 * Allocate and initialize the new entry.
177 */
178 PPGMPHYSHANDLER pNew;
179 int rc = MMHyperAlloc(pVM, sizeof(*pNew), 0, MM_TAG_PGM_HANDLERS, (void **)&pNew);
180 if (RT_SUCCESS(rc))
181 {
182 pNew->Core.Key = NIL_RTGCPHYS;
183 pNew->Core.KeyLast = NIL_RTGCPHYS;
184 pNew->cPages = 0;
185 pNew->cAliasedPages = 0;
186 pNew->cTmpOffPages = 0;
187 pNew->pvUserR3 = pvUserR3;
188 pNew->pvUserR0 = pvUserR0;
189 pNew->hType = hType;
190 pNew->pszDesc = pszDesc != NIL_RTR3PTR ? pszDesc : pType->pszDesc;
191 pgmHandlerPhysicalTypeRetain(pVM, pType);
192 *ppPhysHandler = pNew;
193 return VINF_SUCCESS;
194 }
195
196 return rc;
197}
198
199
200/**
201 * Duplicates a physical access handler.
202 *
203 * @returns VBox status code.
204 * @retval VINF_SUCCESS when successfully installed.
205 *
206 * @param pVM The cross context VM structure.
207 * @param pPhysHandlerSrc The source handler to duplicate
208 * @param ppPhysHandler Where to return the access handler structure on
209 * success.
210 */
211int pgmHandlerPhysicalExDup(PVMCC pVM, PPGMPHYSHANDLER pPhysHandlerSrc, PPGMPHYSHANDLER *ppPhysHandler)
212{
213 return pgmHandlerPhysicalExCreate(pVM,
214 pPhysHandlerSrc->hType,
215 pPhysHandlerSrc->pvUserR3,
216 pPhysHandlerSrc->pvUserR0,
217 NIL_RTR0PTR,
218 pPhysHandlerSrc->pszDesc,
219 ppPhysHandler);
220}
221
222
223/**
224 * Register a access handler for a physical range.
225 *
226 * @returns VBox status code.
227 * @retval VINF_SUCCESS when successfully installed.
228 *
229 * @param pVM The cross context VM structure.
230 * @param pPhysHandler The physical handler.
231 * @param GCPhys Start physical address.
232 * @param GCPhysLast Last physical address. (inclusive)
233 */
234int pgmHandlerPhysicalExRegister(PVMCC pVM, PPGMPHYSHANDLER pPhysHandler, RTGCPHYS GCPhys, RTGCPHYS GCPhysLast)
235{
236 /*
237 * Validate input.
238 */
239 AssertPtr(pPhysHandler);
240 PPGMPHYSHANDLERTYPEINT pType = PGMPHYSHANDLERTYPEINT_FROM_HANDLE(pVM, pPhysHandler->hType);
241 Assert(pType->u32Magic == PGMPHYSHANDLERTYPEINT_MAGIC);
242 Log(("pgmHandlerPhysicalExRegister: GCPhys=%RGp GCPhysLast=%RGp hType=%#x (%d, %s) pszDesc=%RHv:%s\n",
243 GCPhys, GCPhysLast, pPhysHandler->hType, pType->enmKind, R3STRING(pType->pszDesc), pPhysHandler->pszDesc, R3STRING(pPhysHandler->pszDesc)));
244 AssertReturn(pPhysHandler->Core.Key == NIL_RTGCPHYS, VERR_WRONG_ORDER);
245
246 AssertMsgReturn(GCPhys < GCPhysLast, ("GCPhys >= GCPhysLast (%#x >= %#x)\n", GCPhys, GCPhysLast), VERR_INVALID_PARAMETER);
247 switch (pType->enmKind)
248 {
249 case PGMPHYSHANDLERKIND_WRITE:
250 break;
251 case PGMPHYSHANDLERKIND_MMIO:
252 case PGMPHYSHANDLERKIND_ALL:
253 /* Simplification for PGMPhysRead, PGMR0Trap0eHandlerNPMisconfig and others: Full pages. */
254 AssertMsgReturn(!(GCPhys & GUEST_PAGE_OFFSET_MASK), ("%RGp\n", GCPhys), VERR_INVALID_PARAMETER);
255 AssertMsgReturn((GCPhysLast & GUEST_PAGE_OFFSET_MASK) == GUEST_PAGE_OFFSET_MASK, ("%RGp\n", GCPhysLast), VERR_INVALID_PARAMETER);
256 break;
257 default:
258 AssertMsgFailed(("Invalid input enmKind=%d!\n", pType->enmKind));
259 return VERR_INVALID_PARAMETER;
260 }
261
262 /*
263 * We require the range to be within registered ram.
264 * There is no apparent need to support ranges which cover more than one ram range.
265 */
266 PPGMRAMRANGE pRam = pgmPhysGetRange(pVM, GCPhys);
267 if ( !pRam
268 || GCPhysLast > pRam->GCPhysLast)
269 {
270#ifdef IN_RING3
271 DBGFR3Info(pVM->pUVM, "phys", NULL, NULL);
272#endif
273 AssertMsgFailed(("No RAM range for %RGp-%RGp\n", GCPhys, GCPhysLast));
274 return VERR_PGM_HANDLER_PHYSICAL_NO_RAM_RANGE;
275 }
276 Assert(GCPhys >= pRam->GCPhys && GCPhys < pRam->GCPhysLast);
277 Assert(GCPhysLast <= pRam->GCPhysLast && GCPhysLast >= pRam->GCPhys);
278
279 /*
280 * Try insert into list.
281 */
282 pPhysHandler->Core.Key = GCPhys;
283 pPhysHandler->Core.KeyLast = GCPhysLast;
284 pPhysHandler->cPages = (GCPhysLast - (GCPhys & X86_PTE_PAE_PG_MASK) + GUEST_PAGE_SIZE) >> GUEST_PAGE_SHIFT;
285
286 PGM_LOCK_VOID(pVM);
287 if (RTAvlroGCPhysInsert(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, &pPhysHandler->Core))
288 {
289 int rc = pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(pVM, pPhysHandler, pRam, NULL /*pvBitmap*/, 0 /*offBitmap*/);
290 if (rc == VINF_PGM_SYNC_CR3)
291 rc = VINF_PGM_GCPHYS_ALIASED;
292
293#if defined(IN_RING3) || defined(IN_RING0)
294 NEMHCNotifyHandlerPhysicalRegister(pVM, pType->enmKind, GCPhys, GCPhysLast - GCPhys + 1);
295#endif
296 PGM_UNLOCK(pVM);
297
298 if (rc != VINF_SUCCESS)
299 Log(("PGMHandlerPhysicalRegisterEx: returns %Rrc (%RGp-%RGp)\n", rc, GCPhys, GCPhysLast));
300 return rc;
301 }
302 PGM_UNLOCK(pVM);
303
304 pPhysHandler->Core.Key = NIL_RTGCPHYS;
305 pPhysHandler->Core.KeyLast = NIL_RTGCPHYS;
306
307#if defined(IN_RING3) && defined(VBOX_STRICT)
308 DBGFR3Info(pVM->pUVM, "handlers", "phys nostats", NULL);
309#endif
310 AssertMsgFailed(("Conflict! GCPhys=%RGp GCPhysLast=%RGp pszDesc=%s/%s\n",
311 GCPhys, GCPhysLast, R3STRING(pPhysHandler->pszDesc), R3STRING(pType->pszDesc)));
312 return VERR_PGM_HANDLER_PHYSICAL_CONFLICT;
313}
314
315
316/**
317 * Register a access handler for a physical range.
318 *
319 * @returns VBox status code.
320 * @retval VINF_SUCCESS when successfully installed.
321 * @retval VINF_PGM_GCPHYS_ALIASED when the shadow PTs could be updated because
322 * the guest page aliased or/and mapped by multiple PTs. A CR3 sync has been
323 * flagged together with a pool clearing.
324 * @retval VERR_PGM_HANDLER_PHYSICAL_CONFLICT if the range conflicts with an existing
325 * one. A debug assertion is raised.
326 *
327 * @param pVM The cross context VM structure.
328 * @param GCPhys Start physical address.
329 * @param GCPhysLast Last physical address. (inclusive)
330 * @param hType The handler type registration handle.
331 * @param pvUserR3 User argument to the R3 handler.
332 * @param pvUserR0 User argument to the R0 handler.
333 * @param pvUserRC User argument to the RC handler. This can be a value
334 * less that 0x10000 or a (non-null) pointer that is
335 * automatically relocated.
336 * @param pszDesc Description of this handler. If NULL, the type
337 * description will be used instead.
338 */
339VMMDECL(int) PGMHandlerPhysicalRegister(PVMCC pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysLast, PGMPHYSHANDLERTYPE hType,
340 RTR3PTR pvUserR3, RTR0PTR pvUserR0, RTRCPTR pvUserRC, R3PTRTYPE(const char *) pszDesc)
341{
342#ifdef LOG_ENABLED
343 PPGMPHYSHANDLERTYPEINT pType = PGMPHYSHANDLERTYPEINT_FROM_HANDLE(pVM, hType);
344 Log(("PGMHandlerPhysicalRegister: GCPhys=%RGp GCPhysLast=%RGp pvUserR3=%RHv pvUserR0=%RHv pvUserGC=%RRv hType=%#x (%d, %s) pszDesc=%RHv:%s\n",
345 GCPhys, GCPhysLast, pvUserR3, pvUserR0, pvUserRC, hType, pType->enmKind, R3STRING(pType->pszDesc), pszDesc, R3STRING(pszDesc)));
346#endif
347
348 PPGMPHYSHANDLER pNew;
349 int rc = pgmHandlerPhysicalExCreate(pVM, hType, pvUserR3, pvUserR0, pvUserRC, pszDesc, &pNew);
350 if (RT_SUCCESS(rc))
351 {
352 rc = pgmHandlerPhysicalExRegister(pVM, pNew, GCPhys, GCPhysLast);
353 if (RT_SUCCESS(rc))
354 return rc;
355 pgmHandlerPhysicalExDestroy(pVM, pNew);
356 }
357 return rc;
358}
359
360
361/**
362 * Sets ram range flags and attempts updating shadow PTs.
363 *
364 * @returns VBox status code.
365 * @retval VINF_SUCCESS when shadow PTs was successfully updated.
366 * @retval VINF_PGM_SYNC_CR3 when the shadow PTs could be updated because
367 * the guest page aliased or/and mapped by multiple PTs. FFs set.
368 * @param pVM The cross context VM structure.
369 * @param pCur The physical handler.
370 * @param pRam The RAM range.
371 * @param pvBitmap Dirty bitmap. Optional.
372 * @param offBitmap Dirty bitmap offset.
373 */
374static int pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(PVMCC pVM, PPGMPHYSHANDLER pCur, PPGMRAMRANGE pRam,
375 void *pvBitmap, uint32_t offBitmap)
376{
377 /*
378 * Iterate the guest ram pages updating the flags and flushing PT entries
379 * mapping the page.
380 */
381 bool fFlushTLBs = false;
382 int rc = VINF_SUCCESS;
383 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
384 const unsigned uState = pCurType->uState;
385 uint32_t cPages = pCur->cPages;
386 uint32_t i = (pCur->Core.Key - pRam->GCPhys) >> GUEST_PAGE_SHIFT;
387 for (;;)
388 {
389 PPGMPAGE pPage = &pRam->aPages[i];
390 AssertMsg(pCurType->enmKind != PGMPHYSHANDLERKIND_MMIO || PGM_PAGE_IS_MMIO(pPage),
391 ("%RGp %R[pgmpage]\n", pRam->GCPhys + (i << GUEST_PAGE_SHIFT), pPage));
392
393 /* Only do upgrades. */
394 if (PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) < uState)
395 {
396 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, uState);
397
398 const RTGCPHYS GCPhysPage = pRam->GCPhys + (i << GUEST_PAGE_SHIFT);
399 int rc2 = pgmPoolTrackUpdateGCPhys(pVM, GCPhysPage, pPage,
400 false /* allow updates of PTEs (instead of flushing) */, &fFlushTLBs);
401 if (rc2 != VINF_SUCCESS && rc == VINF_SUCCESS)
402 rc = rc2;
403
404#ifdef VBOX_WITH_NATIVE_NEM
405 /* Tell NEM about the protection update. */
406 if (VM_IS_NEM_ENABLED(pVM))
407 {
408 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
409 PGMPAGETYPE enmType = (PGMPAGETYPE)PGM_PAGE_GET_TYPE(pPage);
410 NEMHCNotifyPhysPageProtChanged(pVM, GCPhysPage, PGM_PAGE_GET_HCPHYS(pPage),
411 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysPage),
412 pgmPhysPageCalcNemProtection(pPage, enmType), enmType, &u2State);
413 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
414 }
415#endif
416 if (pvBitmap)
417 ASMBitSet(pvBitmap, offBitmap);
418 }
419
420 /* next */
421 if (--cPages == 0)
422 break;
423 i++;
424 offBitmap++;
425 }
426
427 if (fFlushTLBs)
428 {
429 PGM_INVL_ALL_VCPU_TLBS(pVM);
430 Log(("pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs: flushing guest TLBs; rc=%d\n", rc));
431 }
432 else
433 Log(("pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs: doesn't flush guest TLBs. rc=%Rrc; sync flags=%x VMCPU_FF_PGM_SYNC_CR3=%d\n", rc, VMMGetCpu(pVM)->pgm.s.fSyncFlags, VMCPU_FF_IS_SET(VMMGetCpu(pVM), VMCPU_FF_PGM_SYNC_CR3)));
434
435 return rc;
436}
437
438
439/**
440 * Deregister a physical page access handler.
441 *
442 * @returns VBox status code.
443 * @param pVM The cross context VM structure.
444 * @param pPhysHandler The handler to deregister (but not free).
445 */
446int pgmHandlerPhysicalExDeregister(PVMCC pVM, PPGMPHYSHANDLER pPhysHandler)
447{
448 LogFlow(("pgmHandlerPhysicalExDeregister: Removing Range %RGp-%RGp %s\n",
449 pPhysHandler->Core.Key, pPhysHandler->Core.KeyLast, R3STRING(pPhysHandler->pszDesc)));
450 AssertReturn(pPhysHandler->Core.Key != NIL_RTGCPHYS, VERR_PGM_HANDLER_NOT_FOUND);
451
452 /*
453 * Remove the handler from the tree.
454 */
455 PGM_LOCK_VOID(pVM);
456 PPGMPHYSHANDLER pRemoved = (PPGMPHYSHANDLER)RTAvlroGCPhysRemove(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers,
457 pPhysHandler->Core.Key);
458 if (pRemoved == pPhysHandler)
459 {
460 /*
461 * Clear the page bits, notify the REM about this change and clear
462 * the cache.
463 */
464 pgmHandlerPhysicalResetRamFlags(pVM, pPhysHandler);
465 if (VM_IS_NEM_ENABLED(pVM))
466 pgmHandlerPhysicalDeregisterNotifyNEM(pVM, pPhysHandler);
467 pVM->pgm.s.pLastPhysHandlerR0 = 0;
468 pVM->pgm.s.pLastPhysHandlerR3 = 0;
469
470 pPhysHandler->Core.Key = NIL_RTGCPHYS;
471 pPhysHandler->Core.KeyLast = NIL_RTGCPHYS;
472
473 PGM_UNLOCK(pVM);
474
475 return VINF_SUCCESS;
476 }
477
478 /*
479 * Both of the failure conditions here are considered internal processing
480 * errors because they can only be caused by race conditions or corruption.
481 * If we ever need to handle concurrent deregistration, we have to move
482 * the NIL_RTGCPHYS check inside the PGM lock.
483 */
484 if (pRemoved)
485 RTAvlroGCPhysInsert(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, &pRemoved->Core);
486
487 PGM_UNLOCK(pVM);
488
489 if (!pRemoved)
490 AssertMsgFailed(("Didn't find range starting at %RGp in the tree!\n", pPhysHandler->Core.Key));
491 else
492 AssertMsgFailed(("Found different handle at %RGp in the tree: got %p insteaded of %p\n",
493 pPhysHandler->Core.Key, pRemoved, pPhysHandler));
494 return VERR_PGM_HANDLER_IPE_1;
495}
496
497
498/**
499 * Destroys (frees) a physical handler.
500 *
501 * The caller must deregister it before destroying it!
502 *
503 * @returns VBox status code.
504 * @param pVM The cross context VM structure.
505 * @param pHandler The handler to free. NULL if ignored.
506 */
507int pgmHandlerPhysicalExDestroy(PVMCC pVM, PPGMPHYSHANDLER pHandler)
508{
509 if (pHandler)
510 {
511 AssertPtr(pHandler);
512 AssertReturn(pHandler->Core.Key == NIL_RTGCPHYS, VERR_WRONG_ORDER);
513 PGMHandlerPhysicalTypeRelease(pVM, pHandler->hType);
514 MMHyperFree(pVM, pHandler);
515 }
516 return VINF_SUCCESS;
517}
518
519
520/**
521 * Deregister a physical page access handler.
522 *
523 * @returns VBox status code.
524 * @param pVM The cross context VM structure.
525 * @param GCPhys Start physical address.
526 */
527VMMDECL(int) PGMHandlerPhysicalDeregister(PVMCC pVM, RTGCPHYS GCPhys)
528{
529 /*
530 * Find the handler.
531 */
532 PGM_LOCK_VOID(pVM);
533 PPGMPHYSHANDLER pRemoved = (PPGMPHYSHANDLER)RTAvlroGCPhysRemove(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
534 if (pRemoved)
535 {
536 LogFlow(("PGMHandlerPhysicalDeregister: Removing Range %RGp-%RGp %s\n",
537 pRemoved->Core.Key, pRemoved->Core.KeyLast, R3STRING(pRemoved->pszDesc)));
538
539 /*
540 * Clear the page bits, notify the REM about this change and clear
541 * the cache.
542 */
543 pgmHandlerPhysicalResetRamFlags(pVM, pRemoved);
544 if (VM_IS_NEM_ENABLED(pVM))
545 pgmHandlerPhysicalDeregisterNotifyNEM(pVM, pRemoved);
546 pVM->pgm.s.pLastPhysHandlerR0 = 0;
547 pVM->pgm.s.pLastPhysHandlerR3 = 0;
548
549 PGM_UNLOCK(pVM);
550
551 pRemoved->Core.Key = NIL_RTGCPHYS;
552 pgmHandlerPhysicalExDestroy(pVM, pRemoved);
553 return VINF_SUCCESS;
554 }
555
556 PGM_UNLOCK(pVM);
557
558 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhys));
559 return VERR_PGM_HANDLER_NOT_FOUND;
560}
561
562
563/**
564 * Shared code with modify.
565 */
566static void pgmHandlerPhysicalDeregisterNotifyNEM(PVMCC pVM, PPGMPHYSHANDLER pCur)
567{
568#ifdef VBOX_WITH_NATIVE_NEM
569 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
570 RTGCPHYS GCPhysStart = pCur->Core.Key;
571 RTGCPHYS GCPhysLast = pCur->Core.KeyLast;
572
573 /*
574 * Page align the range.
575 *
576 * Since we've reset (recalculated) the physical handler state of all pages
577 * we can make use of the page states to figure out whether a page should be
578 * included in the REM notification or not.
579 */
580 if ( (pCur->Core.Key & GUEST_PAGE_OFFSET_MASK)
581 || ((pCur->Core.KeyLast + 1) & GUEST_PAGE_OFFSET_MASK))
582 {
583 Assert(pCurType->enmKind != PGMPHYSHANDLERKIND_MMIO);
584
585 if (GCPhysStart & GUEST_PAGE_OFFSET_MASK)
586 {
587 PPGMPAGE pPage = pgmPhysGetPage(pVM, GCPhysStart);
588 if ( pPage
589 && PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) != PGM_PAGE_HNDL_PHYS_STATE_NONE)
590 {
591 RTGCPHYS GCPhys = (GCPhysStart + (GUEST_PAGE_SIZE - 1)) & X86_PTE_PAE_PG_MASK;
592 if ( GCPhys > GCPhysLast
593 || GCPhys < GCPhysStart)
594 return;
595 GCPhysStart = GCPhys;
596 }
597 else
598 GCPhysStart &= X86_PTE_PAE_PG_MASK;
599 Assert(!pPage || PGM_PAGE_GET_TYPE(pPage) != PGMPAGETYPE_MMIO); /* these are page aligned atm! */
600 }
601
602 if (GCPhysLast & GUEST_PAGE_OFFSET_MASK)
603 {
604 PPGMPAGE pPage = pgmPhysGetPage(pVM, GCPhysLast);
605 if ( pPage
606 && PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) != PGM_PAGE_HNDL_PHYS_STATE_NONE)
607 {
608 RTGCPHYS GCPhys = (GCPhysLast & X86_PTE_PAE_PG_MASK) - 1;
609 if ( GCPhys < GCPhysStart
610 || GCPhys > GCPhysLast)
611 return;
612 GCPhysLast = GCPhys;
613 }
614 else
615 GCPhysLast |= GUEST_PAGE_OFFSET_MASK;
616 Assert(!pPage || PGM_PAGE_GET_TYPE(pPage) != PGMPAGETYPE_MMIO); /* these are page aligned atm! */
617 }
618 }
619
620 /*
621 * Tell NEM.
622 */
623 PPGMRAMRANGE const pRam = pgmPhysGetRange(pVM, GCPhysStart);
624 RTGCPHYS const cb = GCPhysLast - GCPhysStart + 1;
625 uint8_t u2State = UINT8_MAX;
626 NEMHCNotifyHandlerPhysicalDeregister(pVM, pCurType->enmKind, GCPhysStart, cb,
627 pRam ? PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysStart) : NULL, &u2State);
628 if (u2State != UINT8_MAX && pRam)
629 pgmPhysSetNemStateForPages(&pRam->aPages[(GCPhysStart - pRam->GCPhys) >> GUEST_PAGE_SHIFT],
630 cb >> GUEST_PAGE_SHIFT, u2State);
631#else
632 RT_NOREF(pVM, pCur);
633#endif
634}
635
636
637/**
638 * pgmHandlerPhysicalResetRamFlags helper that checks for other handlers on
639 * edge pages.
640 */
641DECLINLINE(void) pgmHandlerPhysicalRecalcPageState(PVMCC pVM, RTGCPHYS GCPhys, bool fAbove, PPGMRAMRANGE *ppRamHint)
642{
643 /*
644 * Look for other handlers.
645 */
646 unsigned uState = PGM_PAGE_HNDL_PHYS_STATE_NONE;
647 for (;;)
648 {
649 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGetBestFit(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys, fAbove);
650 if ( !pCur
651 || ((fAbove ? pCur->Core.Key : pCur->Core.KeyLast) >> GUEST_PAGE_SHIFT) != (GCPhys >> GUEST_PAGE_SHIFT))
652 break;
653 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
654 uState = RT_MAX(uState, pCurType->uState);
655
656 /* next? */
657 RTGCPHYS GCPhysNext = fAbove
658 ? pCur->Core.KeyLast + 1
659 : pCur->Core.Key - 1;
660 if ((GCPhysNext >> GUEST_PAGE_SHIFT) != (GCPhys >> GUEST_PAGE_SHIFT))
661 break;
662 GCPhys = GCPhysNext;
663 }
664
665 /*
666 * Update if we found something that is a higher priority
667 * state than the current.
668 */
669 if (uState != PGM_PAGE_HNDL_PHYS_STATE_NONE)
670 {
671 PPGMPAGE pPage;
672 int rc = pgmPhysGetPageWithHintEx(pVM, GCPhys, &pPage, ppRamHint);
673 if ( RT_SUCCESS(rc)
674 && PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) < uState)
675 {
676 /* This should normally not be necessary. */
677 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, uState);
678 bool fFlushTLBs ;
679 rc = pgmPoolTrackUpdateGCPhys(pVM, GCPhys, pPage, false /*fFlushPTEs*/, &fFlushTLBs);
680 if (RT_SUCCESS(rc) && fFlushTLBs)
681 PGM_INVL_ALL_VCPU_TLBS(pVM);
682 else
683 AssertRC(rc);
684
685#ifdef VBOX_WITH_NATIVE_NEM
686 /* Tell NEM about the protection update. */
687 if (VM_IS_NEM_ENABLED(pVM))
688 {
689 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
690 PGMPAGETYPE enmType = (PGMPAGETYPE)PGM_PAGE_GET_TYPE(pPage);
691 NEMHCNotifyPhysPageProtChanged(pVM, GCPhys, PGM_PAGE_GET_HCPHYS(pPage),
692 PGM_RAMRANGE_CALC_PAGE_R3PTR(*ppRamHint, GCPhys),
693 pgmPhysPageCalcNemProtection(pPage, enmType), enmType, &u2State);
694 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
695 }
696#endif
697 }
698 else
699 AssertRC(rc);
700 }
701}
702
703
704/**
705 * Resets an aliased page.
706 *
707 * @param pVM The cross context VM structure.
708 * @param pPage The page.
709 * @param GCPhysPage The page address in case it comes in handy.
710 * @param pRam The RAM range the page is associated with (for NEM
711 * notifications).
712 * @param fDoAccounting Whether to perform accounting. (Only set during
713 * reset where pgmR3PhysRamReset doesn't have the
714 * handler structure handy.)
715 */
716void pgmHandlerPhysicalResetAliasedPage(PVMCC pVM, PPGMPAGE pPage, RTGCPHYS GCPhysPage, PPGMRAMRANGE pRam, bool fDoAccounting)
717{
718 Assert( PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_MMIO2_ALIAS_MMIO
719 || PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_SPECIAL_ALIAS_MMIO);
720 Assert(PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) == PGM_PAGE_HNDL_PHYS_STATE_DISABLED);
721#ifdef VBOX_WITH_NATIVE_NEM
722 RTHCPHYS const HCPhysPrev = PGM_PAGE_GET_HCPHYS(pPage);
723#endif
724
725 /*
726 * Flush any shadow page table references *first*.
727 */
728 bool fFlushTLBs = false;
729 int rc = pgmPoolTrackUpdateGCPhys(pVM, GCPhysPage, pPage, true /*fFlushPTEs*/, &fFlushTLBs);
730 AssertLogRelRCReturnVoid(rc);
731 HMFlushTlbOnAllVCpus(pVM);
732
733 /*
734 * Make it an MMIO/Zero page.
735 */
736 PGM_PAGE_SET_HCPHYS(pVM, pPage, pVM->pgm.s.HCPhysZeroPg);
737 PGM_PAGE_SET_TYPE(pVM, pPage, PGMPAGETYPE_MMIO);
738 PGM_PAGE_SET_STATE(pVM, pPage, PGM_PAGE_STATE_ZERO);
739 PGM_PAGE_SET_PAGEID(pVM, pPage, NIL_GMM_PAGEID);
740 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, PGM_PAGE_HNDL_PHYS_STATE_ALL);
741
742 /* Flush its TLB entry. */
743 pgmPhysInvalidatePageMapTLBEntry(pVM, GCPhysPage);
744
745 /*
746 * Do accounting for pgmR3PhysRamReset.
747 */
748 if (fDoAccounting)
749 {
750 PPGMPHYSHANDLER pHandler = pgmHandlerPhysicalLookup(pVM, GCPhysPage);
751 if (RT_LIKELY(pHandler))
752 {
753 Assert(pHandler->cAliasedPages > 0);
754 pHandler->cAliasedPages--;
755 }
756 else
757 AssertFailed();
758 }
759
760#ifdef VBOX_WITH_NATIVE_NEM
761 /*
762 * Tell NEM about the protection change.
763 */
764 if (VM_IS_NEM_ENABLED(pVM))
765 {
766 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
767 NEMHCNotifyPhysPageChanged(pVM, GCPhysPage, HCPhysPrev, pVM->pgm.s.HCPhysZeroPg,
768 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysPage),
769 NEM_PAGE_PROT_NONE, PGMPAGETYPE_MMIO, &u2State);
770 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
771 }
772#else
773 RT_NOREF(pRam);
774#endif
775}
776
777
778/**
779 * Resets ram range flags.
780 *
781 * @returns VBox status code.
782 * @retval VINF_SUCCESS when shadow PTs was successfully updated.
783 * @param pVM The cross context VM structure.
784 * @param pCur The physical handler.
785 *
786 * @remark We don't start messing with the shadow page tables, as we've
787 * already got code in Trap0e which deals with out of sync handler
788 * flags (originally conceived for global pages).
789 */
790static void pgmHandlerPhysicalResetRamFlags(PVMCC pVM, PPGMPHYSHANDLER pCur)
791{
792 /*
793 * Iterate the guest ram pages updating the state.
794 */
795 RTUINT cPages = pCur->cPages;
796 RTGCPHYS GCPhys = pCur->Core.Key;
797 PPGMRAMRANGE pRamHint = NULL;
798 for (;;)
799 {
800 PPGMPAGE pPage;
801 int rc = pgmPhysGetPageWithHintEx(pVM, GCPhys, &pPage, &pRamHint);
802 if (RT_SUCCESS(rc))
803 {
804 /* Reset aliased MMIO pages to MMIO, since this aliasing is our business.
805 (We don't flip MMIO to RAM though, that's PGMPhys.cpp's job.) */
806 bool fNemNotifiedAlready = false;
807 if ( PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_MMIO2_ALIAS_MMIO
808 || PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_SPECIAL_ALIAS_MMIO)
809 {
810 Assert(pCur->cAliasedPages > 0);
811 pgmHandlerPhysicalResetAliasedPage(pVM, pPage, GCPhys, pRamHint, false /*fDoAccounting*/);
812 pCur->cAliasedPages--;
813 fNemNotifiedAlready = true;
814 }
815#ifdef VBOX_STRICT
816 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
817 AssertMsg(pCurType->enmKind != PGMPHYSHANDLERKIND_MMIO || PGM_PAGE_IS_MMIO(pPage), ("%RGp %R[pgmpage]\n", GCPhys, pPage));
818#endif
819 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, PGM_PAGE_HNDL_PHYS_STATE_NONE);
820
821#ifdef VBOX_WITH_NATIVE_NEM
822 /* Tell NEM about the protection change. */
823 if (VM_IS_NEM_ENABLED(pVM) && !fNemNotifiedAlready)
824 {
825 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
826 PGMPAGETYPE enmType = (PGMPAGETYPE)PGM_PAGE_GET_TYPE(pPage);
827 NEMHCNotifyPhysPageProtChanged(pVM, GCPhys, PGM_PAGE_GET_HCPHYS(pPage),
828 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRamHint, GCPhys),
829 pgmPhysPageCalcNemProtection(pPage, enmType), enmType, &u2State);
830 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
831 }
832#endif
833 RT_NOREF(fNemNotifiedAlready);
834 }
835 else
836 AssertRC(rc);
837
838 /* next */
839 if (--cPages == 0)
840 break;
841 GCPhys += GUEST_PAGE_SIZE;
842 }
843
844 pCur->cAliasedPages = 0;
845 pCur->cTmpOffPages = 0;
846
847 /*
848 * Check for partial start and end pages.
849 */
850 if (pCur->Core.Key & GUEST_PAGE_OFFSET_MASK)
851 pgmHandlerPhysicalRecalcPageState(pVM, pCur->Core.Key - 1, false /* fAbove */, &pRamHint);
852 if ((pCur->Core.KeyLast & GUEST_PAGE_OFFSET_MASK) != GUEST_PAGE_OFFSET_MASK)
853 pgmHandlerPhysicalRecalcPageState(pVM, pCur->Core.KeyLast + 1, true /* fAbove */, &pRamHint);
854}
855
856
857#if 0 /* unused */
858/**
859 * Modify a physical page access handler.
860 *
861 * Modification can only be done to the range it self, not the type or anything else.
862 *
863 * @returns VBox status code.
864 * For all return codes other than VERR_PGM_HANDLER_NOT_FOUND and VINF_SUCCESS the range is deregistered
865 * and a new registration must be performed!
866 * @param pVM The cross context VM structure.
867 * @param GCPhysCurrent Current location.
868 * @param GCPhys New location.
869 * @param GCPhysLast New last location.
870 */
871VMMDECL(int) PGMHandlerPhysicalModify(PVMCC pVM, RTGCPHYS GCPhysCurrent, RTGCPHYS GCPhys, RTGCPHYS GCPhysLast)
872{
873 /*
874 * Remove it.
875 */
876 int rc;
877 PGM_LOCK_VOID(pVM);
878 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysRemove(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhysCurrent);
879 if (pCur)
880 {
881 /*
882 * Clear the ram flags. (We're gonna move or free it!)
883 */
884 pgmHandlerPhysicalResetRamFlags(pVM, pCur);
885 PPGMPHYSHANDLERTYPEINT const pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
886 bool const fRestoreAsRAM = pCurType->pfnHandlerR3 /** @todo this isn't entirely correct. */
887 && pCurType->enmKind != PGMPHYSHANDLERKIND_MMIO;
888
889 /*
890 * Validate the new range, modify and reinsert.
891 */
892 if (GCPhysLast >= GCPhys)
893 {
894 /*
895 * We require the range to be within registered ram.
896 * There is no apparent need to support ranges which cover more than one ram range.
897 */
898 PPGMRAMRANGE pRam = pgmPhysGetRange(pVM, GCPhys);
899 if ( pRam
900 && GCPhys <= pRam->GCPhysLast
901 && GCPhysLast >= pRam->GCPhys)
902 {
903 pCur->Core.Key = GCPhys;
904 pCur->Core.KeyLast = GCPhysLast;
905 pCur->cPages = (GCPhysLast - (GCPhys & X86_PTE_PAE_PG_MASK) + 1) >> GUEST_PAGE_SHIFT;
906
907 if (RTAvlroGCPhysInsert(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, &pCur->Core))
908 {
909 RTGCPHYS const cb = GCPhysLast - GCPhys + 1;
910 PGMPHYSHANDLERKIND const enmKind = pCurType->enmKind;
911
912 /*
913 * Set ram flags, flush shadow PT entries and finally tell REM about this.
914 */
915 rc = pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(pVM, pCur, pRam, NULL, 0);
916
917 /** @todo NEM: not sure we need this notification... */
918 NEMHCNotifyHandlerPhysicalModify(pVM, enmKind, GCPhysCurrent, GCPhys, cb, fRestoreAsRAM);
919
920 PGM_UNLOCK(pVM);
921
922 PGM_INVL_ALL_VCPU_TLBS(pVM);
923 Log(("PGMHandlerPhysicalModify: GCPhysCurrent=%RGp -> GCPhys=%RGp GCPhysLast=%RGp\n",
924 GCPhysCurrent, GCPhys, GCPhysLast));
925 return VINF_SUCCESS;
926 }
927
928 AssertMsgFailed(("Conflict! GCPhys=%RGp GCPhysLast=%RGp\n", GCPhys, GCPhysLast));
929 rc = VERR_PGM_HANDLER_PHYSICAL_CONFLICT;
930 }
931 else
932 {
933 AssertMsgFailed(("No RAM range for %RGp-%RGp\n", GCPhys, GCPhysLast));
934 rc = VERR_PGM_HANDLER_PHYSICAL_NO_RAM_RANGE;
935 }
936 }
937 else
938 {
939 AssertMsgFailed(("Invalid range %RGp-%RGp\n", GCPhys, GCPhysLast));
940 rc = VERR_INVALID_PARAMETER;
941 }
942
943 /*
944 * Invalid new location, flush the cache and free it.
945 * We've only gotta notify REM and free the memory.
946 */
947 if (VM_IS_NEM_ENABLED(pVM))
948 pgmHandlerPhysicalDeregisterNotifyNEM(pVM, pCur);
949 pVM->pgm.s.pLastPhysHandlerR0 = 0;
950 pVM->pgm.s.pLastPhysHandlerR3 = 0;
951 PGMHandlerPhysicalTypeRelease(pVM, pCur->hType);
952 MMHyperFree(pVM, pCur);
953 }
954 else
955 {
956 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhysCurrent));
957 rc = VERR_PGM_HANDLER_NOT_FOUND;
958 }
959
960 PGM_UNLOCK(pVM);
961 return rc;
962}
963#endif /* unused */
964
965
966/**
967 * Changes the user callback arguments associated with a physical access handler.
968 *
969 * @returns VBox status code.
970 * @param pVM The cross context VM structure.
971 * @param GCPhys Start physical address of the handler.
972 * @param pvUserR3 User argument to the R3 handler.
973 * @param pvUserR0 User argument to the R0 handler.
974 */
975VMMDECL(int) PGMHandlerPhysicalChangeUserArgs(PVMCC pVM, RTGCPHYS GCPhys, RTR3PTR pvUserR3, RTR0PTR pvUserR0)
976{
977 /*
978 * Find the handler.
979 */
980 int rc = VINF_SUCCESS;
981 PGM_LOCK_VOID(pVM);
982 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
983 if (pCur)
984 {
985 /*
986 * Change arguments.
987 */
988 pCur->pvUserR3 = pvUserR3;
989 pCur->pvUserR0 = pvUserR0;
990 }
991 else
992 {
993 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhys));
994 rc = VERR_PGM_HANDLER_NOT_FOUND;
995 }
996
997 PGM_UNLOCK(pVM);
998 return rc;
999}
1000
1001#if 0 /* unused */
1002
1003/**
1004 * Splits a physical access handler in two.
1005 *
1006 * @returns VBox status code.
1007 * @param pVM The cross context VM structure.
1008 * @param GCPhys Start physical address of the handler.
1009 * @param GCPhysSplit The split address.
1010 */
1011VMMDECL(int) PGMHandlerPhysicalSplit(PVMCC pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysSplit)
1012{
1013 AssertReturn(GCPhys < GCPhysSplit, VERR_INVALID_PARAMETER);
1014
1015 /*
1016 * Do the allocation without owning the lock.
1017 */
1018 PPGMPHYSHANDLER pNew;
1019 int rc = MMHyperAlloc(pVM, sizeof(*pNew), 0, MM_TAG_PGM_HANDLERS, (void **)&pNew);
1020 if (RT_FAILURE(rc))
1021 return rc;
1022
1023 /*
1024 * Get the handler.
1025 */
1026 PGM_LOCK_VOID(pVM);
1027 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1028 if (RT_LIKELY(pCur))
1029 {
1030 if (RT_LIKELY(GCPhysSplit <= pCur->Core.KeyLast))
1031 {
1032 /*
1033 * Create new handler node for the 2nd half.
1034 */
1035 *pNew = *pCur;
1036 pNew->Core.Key = GCPhysSplit;
1037 pNew->cPages = (pNew->Core.KeyLast - (pNew->Core.Key & X86_PTE_PAE_PG_MASK) + GUEST_PAGE_SIZE) >> GUEST_PAGE_SHIFT;
1038
1039 pCur->Core.KeyLast = GCPhysSplit - 1;
1040 pCur->cPages = (pCur->Core.KeyLast - (pCur->Core.Key & X86_PTE_PAE_PG_MASK) + GUEST_PAGE_SIZE) >> GUEST_PAGE_SHIFT;
1041
1042 if (RT_LIKELY(RTAvlroGCPhysInsert(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, &pNew->Core)))
1043 {
1044 LogFlow(("PGMHandlerPhysicalSplit: %RGp-%RGp and %RGp-%RGp\n",
1045 pCur->Core.Key, pCur->Core.KeyLast, pNew->Core.Key, pNew->Core.KeyLast));
1046 PGM_UNLOCK(pVM);
1047 return VINF_SUCCESS;
1048 }
1049 AssertMsgFailed(("whu?\n"));
1050 rc = VERR_PGM_PHYS_HANDLER_IPE;
1051 }
1052 else
1053 {
1054 AssertMsgFailed(("outside range: %RGp-%RGp split %RGp\n", pCur->Core.Key, pCur->Core.KeyLast, GCPhysSplit));
1055 rc = VERR_INVALID_PARAMETER;
1056 }
1057 }
1058 else
1059 {
1060 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhys));
1061 rc = VERR_PGM_HANDLER_NOT_FOUND;
1062 }
1063 PGM_UNLOCK(pVM);
1064 MMHyperFree(pVM, pNew);
1065 return rc;
1066}
1067
1068
1069/**
1070 * Joins up two adjacent physical access handlers which has the same callbacks.
1071 *
1072 * @returns VBox status code.
1073 * @param pVM The cross context VM structure.
1074 * @param GCPhys1 Start physical address of the first handler.
1075 * @param GCPhys2 Start physical address of the second handler.
1076 */
1077VMMDECL(int) PGMHandlerPhysicalJoin(PVMCC pVM, RTGCPHYS GCPhys1, RTGCPHYS GCPhys2)
1078{
1079 /*
1080 * Get the handlers.
1081 */
1082 int rc;
1083 PGM_LOCK_VOID(pVM);
1084 PPGMPHYSHANDLER pCur1 = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys1);
1085 if (RT_LIKELY(pCur1))
1086 {
1087 PPGMPHYSHANDLER pCur2 = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys2);
1088 if (RT_LIKELY(pCur2))
1089 {
1090 /*
1091 * Make sure that they are adjacent, and that they've got the same callbacks.
1092 */
1093 if (RT_LIKELY(pCur1->Core.KeyLast + 1 == pCur2->Core.Key))
1094 {
1095 if (RT_LIKELY(pCur1->hType == pCur2->hType))
1096 {
1097 PPGMPHYSHANDLER pCur3 = (PPGMPHYSHANDLER)RTAvlroGCPhysRemove(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys2);
1098 if (RT_LIKELY(pCur3 == pCur2))
1099 {
1100 pCur1->Core.KeyLast = pCur2->Core.KeyLast;
1101 pCur1->cPages = (pCur1->Core.KeyLast - (pCur1->Core.Key & X86_PTE_PAE_PG_MASK) + GUEST_PAGE_SIZE) >> GUEST_PAGE_SHIFT;
1102 LogFlow(("PGMHandlerPhysicalJoin: %RGp-%RGp %RGp-%RGp\n",
1103 pCur1->Core.Key, pCur1->Core.KeyLast, pCur2->Core.Key, pCur2->Core.KeyLast));
1104 pVM->pgm.s.pLastPhysHandlerR0 = 0;
1105 pVM->pgm.s.pLastPhysHandlerR3 = 0;
1106 PGMHandlerPhysicalTypeRelease(pVM, pCur2->hType);
1107 MMHyperFree(pVM, pCur2);
1108 PGM_UNLOCK(pVM);
1109 return VINF_SUCCESS;
1110 }
1111
1112 Assert(pCur3 == pCur2);
1113 rc = VERR_PGM_PHYS_HANDLER_IPE;
1114 }
1115 else
1116 {
1117 AssertMsgFailed(("mismatching handlers\n"));
1118 rc = VERR_ACCESS_DENIED;
1119 }
1120 }
1121 else
1122 {
1123 AssertMsgFailed(("not adjacent: %RGp-%RGp %RGp-%RGp\n",
1124 pCur1->Core.Key, pCur1->Core.KeyLast, pCur2->Core.Key, pCur2->Core.KeyLast));
1125 rc = VERR_INVALID_PARAMETER;
1126 }
1127 }
1128 else
1129 {
1130 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhys2));
1131 rc = VERR_PGM_HANDLER_NOT_FOUND;
1132 }
1133 }
1134 else
1135 {
1136 AssertMsgFailed(("Didn't find range starting at %RGp\n", GCPhys1));
1137 rc = VERR_PGM_HANDLER_NOT_FOUND;
1138 }
1139 PGM_UNLOCK(pVM);
1140 return rc;
1141
1142}
1143
1144#endif /* unused */
1145
1146/**
1147 * Resets any modifications to individual pages in a physical page access
1148 * handler region.
1149 *
1150 * This is used in pair with PGMHandlerPhysicalPageTempOff(),
1151 * PGMHandlerPhysicalPageAliasMmio2() or PGMHandlerPhysicalPageAliasHC().
1152 *
1153 * @returns VBox status code.
1154 * @param pVM The cross context VM structure.
1155 * @param GCPhys The start address of the handler regions, i.e. what you
1156 * passed to PGMR3HandlerPhysicalRegister(),
1157 * PGMHandlerPhysicalRegisterEx() or
1158 * PGMHandlerPhysicalModify().
1159 */
1160VMMDECL(int) PGMHandlerPhysicalReset(PVMCC pVM, RTGCPHYS GCPhys)
1161{
1162 LogFlow(("PGMHandlerPhysicalReset GCPhys=%RGp\n", GCPhys));
1163 PGM_LOCK_VOID(pVM);
1164
1165 /*
1166 * Find the handler.
1167 */
1168 int rc;
1169 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1170 if (RT_LIKELY(pCur))
1171 {
1172 /*
1173 * Validate kind.
1174 */
1175 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1176 switch (pCurType->enmKind)
1177 {
1178 case PGMPHYSHANDLERKIND_WRITE:
1179 case PGMPHYSHANDLERKIND_ALL:
1180 case PGMPHYSHANDLERKIND_MMIO: /* NOTE: Only use when clearing MMIO ranges with aliased MMIO2 pages! */
1181 {
1182 STAM_COUNTER_INC(&pVM->pgm.s.Stats.CTX_MID_Z(Stat,PhysHandlerReset)); /** @todo move out of switch */
1183 PPGMRAMRANGE pRam = pgmPhysGetRange(pVM, GCPhys);
1184 Assert(pRam);
1185 Assert(pRam->GCPhys <= pCur->Core.Key);
1186 Assert(pRam->GCPhysLast >= pCur->Core.KeyLast);
1187
1188 if (pCurType->enmKind == PGMPHYSHANDLERKIND_MMIO)
1189 {
1190 /*
1191 * Reset all the PGMPAGETYPE_MMIO2_ALIAS_MMIO pages first and that's it.
1192 * This could probably be optimized a bit wrt to flushing, but I'm too lazy
1193 * to do that now...
1194 */
1195 if (pCur->cAliasedPages)
1196 {
1197 PPGMPAGE pPage = &pRam->aPages[(pCur->Core.Key - pRam->GCPhys) >> GUEST_PAGE_SHIFT];
1198 RTGCPHYS GCPhysPage = pCur->Core.Key;
1199 uint32_t cLeft = pCur->cPages;
1200 while (cLeft-- > 0)
1201 {
1202 if ( PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_MMIO2_ALIAS_MMIO
1203 || PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_SPECIAL_ALIAS_MMIO)
1204 {
1205 Assert(pCur->cAliasedPages > 0);
1206 pgmHandlerPhysicalResetAliasedPage(pVM, pPage, GCPhysPage, pRam, false /*fDoAccounting*/);
1207 --pCur->cAliasedPages;
1208#ifndef VBOX_STRICT
1209 if (pCur->cAliasedPages == 0)
1210 break;
1211#endif
1212 }
1213 Assert(PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_MMIO);
1214 GCPhysPage += GUEST_PAGE_SIZE;
1215 pPage++;
1216 }
1217 Assert(pCur->cAliasedPages == 0);
1218 }
1219 }
1220 else if (pCur->cTmpOffPages > 0)
1221 {
1222 /*
1223 * Set the flags and flush shadow PT entries.
1224 */
1225 rc = pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(pVM, pCur, pRam, NULL /*pvBitmap*/, 0 /*offBitmap*/);
1226 }
1227
1228 pCur->cAliasedPages = 0;
1229 pCur->cTmpOffPages = 0;
1230
1231 rc = VINF_SUCCESS;
1232 break;
1233 }
1234
1235 /*
1236 * Invalid.
1237 */
1238 default:
1239 AssertMsgFailed(("Invalid type %d! Corruption!\n", pCurType->enmKind));
1240 rc = VERR_PGM_PHYS_HANDLER_IPE;
1241 break;
1242 }
1243 }
1244 else
1245 {
1246 AssertMsgFailed(("Didn't find MMIO Range starting at %#x\n", GCPhys));
1247 rc = VERR_PGM_HANDLER_NOT_FOUND;
1248 }
1249
1250 PGM_UNLOCK(pVM);
1251 return rc;
1252}
1253
1254
1255/**
1256 * Special version of PGMHandlerPhysicalReset used by MMIO2 w/ dirty page
1257 * tracking.
1258 *
1259 * @returns VBox status code.
1260 * @param pVM The cross context VM structure.
1261 * @param GCPhys The start address of the handler region.
1262 * @param pvBitmap Dirty bitmap. Caller has cleared this already, only
1263 * dirty bits will be set. Caller also made sure it's big
1264 * enough.
1265 * @param offBitmap Dirty bitmap offset.
1266 * @remarks Caller must own the PGM critical section.
1267 */
1268DECLHIDDEN(int) pgmHandlerPhysicalResetMmio2WithBitmap(PVMCC pVM, RTGCPHYS GCPhys, void *pvBitmap, uint32_t offBitmap)
1269{
1270 LogFlow(("pgmHandlerPhysicalResetMmio2WithBitmap GCPhys=%RGp\n", GCPhys));
1271 PGM_LOCK_ASSERT_OWNER(pVM);
1272
1273 /*
1274 * Find the handler.
1275 */
1276 int rc;
1277 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1278 if (RT_LIKELY(pCur))
1279 {
1280 /*
1281 * Validate kind.
1282 */
1283 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1284 if (pCurType->enmKind == PGMPHYSHANDLERKIND_WRITE)
1285 {
1286 STAM_COUNTER_INC(&pVM->pgm.s.Stats.CTX_MID_Z(Stat,PhysHandlerReset));
1287
1288 PPGMRAMRANGE pRam = pgmPhysGetRange(pVM, GCPhys);
1289 Assert(pRam);
1290 Assert(pRam->GCPhys <= pCur->Core.Key);
1291 Assert(pRam->GCPhysLast >= pCur->Core.KeyLast);
1292
1293 /*
1294 * Set the flags and flush shadow PT entries.
1295 */
1296 if (pCur->cTmpOffPages > 0)
1297 {
1298 rc = pgmHandlerPhysicalSetRamFlagsAndFlushShadowPTs(pVM, pCur, pRam, pvBitmap, offBitmap);
1299 pCur->cTmpOffPages = 0;
1300 }
1301 else
1302 rc = VINF_SUCCESS;
1303 }
1304 else
1305 {
1306 AssertFailed();
1307 rc = VERR_WRONG_TYPE;
1308 }
1309 }
1310 else
1311 {
1312 AssertMsgFailed(("Didn't find MMIO Range starting at %#x\n", GCPhys));
1313 rc = VERR_PGM_HANDLER_NOT_FOUND;
1314 }
1315
1316 return rc;
1317}
1318
1319
1320/**
1321 * Temporarily turns off the access monitoring of a page within a monitored
1322 * physical write/all page access handler region.
1323 *
1324 * Use this when no further \#PFs are required for that page. Be aware that
1325 * a page directory sync might reset the flags, and turn on access monitoring
1326 * for the page.
1327 *
1328 * The caller must do required page table modifications.
1329 *
1330 * @returns VBox status code.
1331 * @param pVM The cross context VM structure.
1332 * @param GCPhys The start address of the access handler. This
1333 * must be a fully page aligned range or we risk
1334 * messing up other handlers installed for the
1335 * start and end pages.
1336 * @param GCPhysPage The physical address of the page to turn off
1337 * access monitoring for.
1338 */
1339VMMDECL(int) PGMHandlerPhysicalPageTempOff(PVMCC pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysPage)
1340{
1341 LogFlow(("PGMHandlerPhysicalPageTempOff GCPhysPage=%RGp\n", GCPhysPage));
1342 PGM_LOCK_VOID(pVM);
1343
1344 /*
1345 * Validate the range.
1346 */
1347 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1348 if (RT_LIKELY(pCur))
1349 {
1350 if (RT_LIKELY( GCPhysPage >= pCur->Core.Key
1351 && GCPhysPage <= pCur->Core.KeyLast))
1352 {
1353 Assert(!(pCur->Core.Key & GUEST_PAGE_OFFSET_MASK));
1354 Assert((pCur->Core.KeyLast & GUEST_PAGE_OFFSET_MASK) == GUEST_PAGE_OFFSET_MASK);
1355
1356 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1357 AssertReturnStmt( pCurType->enmKind == PGMPHYSHANDLERKIND_WRITE
1358 || pCurType->enmKind == PGMPHYSHANDLERKIND_ALL,
1359 PGM_UNLOCK(pVM), VERR_ACCESS_DENIED);
1360
1361 /*
1362 * Change the page status.
1363 */
1364 PPGMPAGE pPage;
1365 PPGMRAMRANGE pRam;
1366 int rc = pgmPhysGetPageAndRangeEx(pVM, GCPhysPage, &pPage, &pRam);
1367 AssertReturnStmt(RT_SUCCESS_NP(rc), PGM_UNLOCK(pVM), rc);
1368 if (PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) != PGM_PAGE_HNDL_PHYS_STATE_DISABLED)
1369 {
1370 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, PGM_PAGE_HNDL_PHYS_STATE_DISABLED);
1371 pCur->cTmpOffPages++;
1372
1373#ifdef VBOX_WITH_NATIVE_NEM
1374 /* Tell NEM about the protection change (VGA is using this to track dirty pages). */
1375 if (VM_IS_NEM_ENABLED(pVM))
1376 {
1377 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
1378 PGMPAGETYPE enmType = (PGMPAGETYPE)PGM_PAGE_GET_TYPE(pPage);
1379 NEMHCNotifyPhysPageProtChanged(pVM, GCPhysPage, PGM_PAGE_GET_HCPHYS(pPage),
1380 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysPage),
1381 pgmPhysPageCalcNemProtection(pPage, enmType), enmType, &u2State);
1382 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
1383 }
1384#endif
1385 }
1386 PGM_UNLOCK(pVM);
1387 return VINF_SUCCESS;
1388 }
1389 PGM_UNLOCK(pVM);
1390 AssertMsgFailed(("The page %#x is outside the range %#x-%#x\n",
1391 GCPhysPage, pCur->Core.Key, pCur->Core.KeyLast));
1392 return VERR_INVALID_PARAMETER;
1393 }
1394 PGM_UNLOCK(pVM);
1395 AssertMsgFailed(("Specified physical handler start address %#x is invalid.\n", GCPhys));
1396 return VERR_PGM_HANDLER_NOT_FOUND;
1397}
1398
1399
1400/**
1401 * Resolves an MMIO2 page.
1402 *
1403 * Caller as taken the PGM lock.
1404 *
1405 * @returns Pointer to the page if valid, NULL otherwise
1406 * @param pVM The cross context VM structure.
1407 * @param pDevIns The device owning it.
1408 * @param hMmio2 The MMIO2 region.
1409 * @param offMmio2Page The offset into the region.
1410 */
1411static PPGMPAGE pgmPhysResolveMmio2PageLocked(PVMCC pVM, PPDMDEVINS pDevIns, PGMMMIO2HANDLE hMmio2, RTGCPHYS offMmio2Page)
1412{
1413 /* Only works if the handle is in the handle table! */
1414 AssertReturn(hMmio2 != 0, NULL);
1415 hMmio2--;
1416
1417 /* Must check the first one for PGMREGMMIO2RANGE_F_FIRST_CHUNK. */
1418 AssertReturn(hMmio2 < RT_ELEMENTS(pVM->pgm.s.apMmio2RangesR3), NULL);
1419 PPGMREGMMIO2RANGE pCur = pVM->pgm.s.CTX_SUFF(apMmio2Ranges)[hMmio2];
1420 AssertReturn(pCur, NULL);
1421 AssertReturn(pCur->fFlags & PGMREGMMIO2RANGE_F_FIRST_CHUNK, NULL);
1422
1423 /* Loop thru the sub-ranges till we find the one covering offMmio2. */
1424 for (;;)
1425 {
1426#ifdef IN_RING3
1427 AssertReturn(pCur->pDevInsR3 == pDevIns, NULL);
1428#else
1429 AssertReturn(pCur->pDevInsR3 == pDevIns->pDevInsForR3, NULL);
1430#endif
1431
1432 /* Does it match the offset? */
1433 if (offMmio2Page < pCur->cbReal)
1434 return &pCur->RamRange.aPages[offMmio2Page >> GUEST_PAGE_SHIFT];
1435
1436 /* Advance if we can. */
1437 AssertReturn(!(pCur->fFlags & PGMREGMMIO2RANGE_F_LAST_CHUNK), NULL);
1438 offMmio2Page -= pCur->cbReal;
1439 hMmio2++;
1440 AssertReturn(hMmio2 < RT_ELEMENTS(pVM->pgm.s.apMmio2RangesR3), NULL);
1441 pCur = pVM->pgm.s.CTX_SUFF(apMmio2Ranges)[hMmio2];
1442 AssertReturn(pCur, NULL);
1443 }
1444}
1445
1446
1447/**
1448 * Replaces an MMIO page with an MMIO2 page.
1449 *
1450 * This is a worker for IOMMMIOMapMMIO2Page that works in a similar way to
1451 * PGMHandlerPhysicalPageTempOff but for an MMIO page. Since an MMIO page has no
1452 * backing, the caller must provide a replacement page. For various reasons the
1453 * replacement page must be an MMIO2 page.
1454 *
1455 * The caller must do required page table modifications. You can get away
1456 * without making any modifications since it's an MMIO page, the cost is an extra
1457 * \#PF which will the resync the page.
1458 *
1459 * Call PGMHandlerPhysicalReset() to restore the MMIO page.
1460 *
1461 * The caller may still get handler callback even after this call and must be
1462 * able to deal correctly with such calls. The reason for these callbacks are
1463 * either that we're executing in the recompiler (which doesn't know about this
1464 * arrangement) or that we've been restored from saved state (where we won't
1465 * save the change).
1466 *
1467 * @returns VBox status code.
1468 * @param pVM The cross context VM structure.
1469 * @param GCPhys The start address of the access handler. This
1470 * must be a fully page aligned range or we risk
1471 * messing up other handlers installed for the
1472 * start and end pages.
1473 * @param GCPhysPage The physical address of the page to turn off
1474 * access monitoring for and replace with the MMIO2
1475 * page.
1476 * @param pDevIns The device instance owning @a hMmio2.
1477 * @param hMmio2 Handle to the MMIO2 region containing the page
1478 * to remap in the the MMIO page at @a GCPhys.
1479 * @param offMmio2PageRemap The offset into @a hMmio2 of the MMIO2 page that
1480 * should serve as backing memory.
1481 *
1482 * @remark May cause a page pool flush if used on a page that is already
1483 * aliased.
1484 *
1485 * @note This trick does only work reliably if the two pages are never ever
1486 * mapped in the same page table. If they are the page pool code will
1487 * be confused should either of them be flushed. See the special case
1488 * of zero page aliasing mentioned in #3170.
1489 *
1490 */
1491VMMDECL(int) PGMHandlerPhysicalPageAliasMmio2(PVMCC pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysPage,
1492 PPDMDEVINS pDevIns, PGMMMIO2HANDLE hMmio2, RTGCPHYS offMmio2PageRemap)
1493{
1494#ifdef VBOX_WITH_PGM_NEM_MODE
1495 AssertReturn(!VM_IS_NEM_ENABLED(pVM) || !pVM->pgm.s.fNemMode, VERR_PGM_NOT_SUPPORTED_FOR_NEM_MODE);
1496#endif
1497 PGM_LOCK_VOID(pVM);
1498
1499 /*
1500 * Resolve the MMIO2 reference.
1501 */
1502 PPGMPAGE pPageRemap = pgmPhysResolveMmio2PageLocked(pVM, pDevIns, hMmio2, offMmio2PageRemap);
1503 if (RT_LIKELY(pPageRemap))
1504 AssertMsgReturnStmt(PGM_PAGE_GET_TYPE(pPageRemap) == PGMPAGETYPE_MMIO2,
1505 ("hMmio2=%RU64 offMmio2PageRemap=%RGp %R[pgmpage]\n", hMmio2, offMmio2PageRemap, pPageRemap),
1506 PGM_UNLOCK(pVM), VERR_PGM_PHYS_NOT_MMIO2);
1507 else
1508 {
1509 PGM_UNLOCK(pVM);
1510 return VERR_OUT_OF_RANGE;
1511 }
1512
1513 /*
1514 * Lookup and validate the range.
1515 */
1516 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1517 if (RT_LIKELY(pCur))
1518 {
1519 if (RT_LIKELY( GCPhysPage >= pCur->Core.Key
1520 && GCPhysPage <= pCur->Core.KeyLast))
1521 {
1522 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1523 AssertReturnStmt(pCurType->enmKind == PGMPHYSHANDLERKIND_MMIO, PGM_UNLOCK(pVM), VERR_ACCESS_DENIED);
1524 AssertReturnStmt(!(pCur->Core.Key & GUEST_PAGE_OFFSET_MASK), PGM_UNLOCK(pVM), VERR_INVALID_PARAMETER);
1525 AssertReturnStmt((pCur->Core.KeyLast & GUEST_PAGE_OFFSET_MASK) == GUEST_PAGE_OFFSET_MASK,
1526 PGM_UNLOCK(pVM), VERR_INVALID_PARAMETER);
1527
1528 /*
1529 * Validate the page.
1530 */
1531 PPGMPAGE pPage;
1532 PPGMRAMRANGE pRam;
1533 int rc = pgmPhysGetPageAndRangeEx(pVM, GCPhysPage, &pPage, &pRam);
1534 AssertReturnStmt(RT_SUCCESS_NP(rc), PGM_UNLOCK(pVM), rc);
1535 if (PGM_PAGE_GET_TYPE(pPage) != PGMPAGETYPE_MMIO)
1536 {
1537 AssertMsgReturn(PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_MMIO2_ALIAS_MMIO,
1538 ("GCPhysPage=%RGp %R[pgmpage]\n", GCPhysPage, pPage),
1539 VERR_PGM_PHYS_NOT_MMIO2);
1540 if (PGM_PAGE_GET_HCPHYS(pPage) == PGM_PAGE_GET_HCPHYS(pPageRemap))
1541 {
1542 PGM_UNLOCK(pVM);
1543 return VINF_PGM_HANDLER_ALREADY_ALIASED;
1544 }
1545
1546 /*
1547 * The page is already mapped as some other page, reset it
1548 * to an MMIO/ZERO page before doing the new mapping.
1549 */
1550 Log(("PGMHandlerPhysicalPageAliasMmio2: GCPhysPage=%RGp (%R[pgmpage]; %RHp -> %RHp\n",
1551 GCPhysPage, pPage, PGM_PAGE_GET_HCPHYS(pPage), PGM_PAGE_GET_HCPHYS(pPageRemap)));
1552 pgmHandlerPhysicalResetAliasedPage(pVM, pPage, GCPhysPage, pRam, false /*fDoAccounting*/);
1553 pCur->cAliasedPages--;
1554 }
1555 Assert(PGM_PAGE_IS_ZERO(pPage));
1556
1557 /*
1558 * Do the actual remapping here.
1559 * This page now serves as an alias for the backing memory specified.
1560 */
1561 LogFlow(("PGMHandlerPhysicalPageAliasMmio2: %RGp (%R[pgmpage]) alias for %RU64/%RGp (%R[pgmpage])\n",
1562 GCPhysPage, pPage, hMmio2, offMmio2PageRemap, pPageRemap ));
1563 PGM_PAGE_SET_HCPHYS(pVM, pPage, PGM_PAGE_GET_HCPHYS(pPageRemap));
1564 PGM_PAGE_SET_TYPE(pVM, pPage, PGMPAGETYPE_MMIO2_ALIAS_MMIO);
1565 PGM_PAGE_SET_STATE(pVM, pPage, PGM_PAGE_STATE_ALLOCATED);
1566 PGM_PAGE_SET_PAGEID(pVM, pPage, PGM_PAGE_GET_PAGEID(pPageRemap));
1567 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, PGM_PAGE_HNDL_PHYS_STATE_DISABLED);
1568 pCur->cAliasedPages++;
1569 Assert(pCur->cAliasedPages <= pCur->cPages);
1570
1571 /* Flush its TLB entry. */
1572 pgmPhysInvalidatePageMapTLBEntry(pVM, GCPhysPage);
1573
1574#ifdef VBOX_WITH_NATIVE_NEM
1575 /* Tell NEM about the backing and protection change. */
1576 if (VM_IS_NEM_ENABLED(pVM))
1577 {
1578 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
1579 NEMHCNotifyPhysPageChanged(pVM, GCPhysPage, pVM->pgm.s.HCPhysZeroPg, PGM_PAGE_GET_HCPHYS(pPage),
1580 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysPage),
1581 pgmPhysPageCalcNemProtection(pPage, PGMPAGETYPE_MMIO2_ALIAS_MMIO),
1582 PGMPAGETYPE_MMIO2_ALIAS_MMIO, &u2State);
1583 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
1584 }
1585#endif
1586 LogFlow(("PGMHandlerPhysicalPageAliasMmio2: => %R[pgmpage]\n", pPage));
1587 PGM_UNLOCK(pVM);
1588 return VINF_SUCCESS;
1589 }
1590
1591 PGM_UNLOCK(pVM);
1592 AssertMsgFailed(("The page %#x is outside the range %#x-%#x\n",
1593 GCPhysPage, pCur->Core.Key, pCur->Core.KeyLast));
1594 return VERR_INVALID_PARAMETER;
1595 }
1596
1597 PGM_UNLOCK(pVM);
1598 AssertMsgFailed(("Specified physical handler start address %#x is invalid.\n", GCPhys));
1599 return VERR_PGM_HANDLER_NOT_FOUND;
1600}
1601
1602
1603/**
1604 * Replaces an MMIO page with an arbitrary HC page in the shadow page tables.
1605 *
1606 * This differs from PGMHandlerPhysicalPageAliasMmio2 in that the page doesn't
1607 * need to be a known MMIO2 page and that only shadow paging may access the
1608 * page. The latter distinction is important because the only use for this
1609 * feature is for mapping the special APIC access page that VT-x uses to detect
1610 * APIC MMIO operations, the page is shared between all guest CPUs and actually
1611 * not written to. At least at the moment.
1612 *
1613 * The caller must do required page table modifications. You can get away
1614 * without making any modifications since it's an MMIO page, the cost is an extra
1615 * \#PF which will the resync the page.
1616 *
1617 * Call PGMHandlerPhysicalReset() to restore the MMIO page.
1618 *
1619 *
1620 * @returns VBox status code.
1621 * @param pVM The cross context VM structure.
1622 * @param GCPhys The start address of the access handler. This
1623 * must be a fully page aligned range or we risk
1624 * messing up other handlers installed for the
1625 * start and end pages.
1626 * @param GCPhysPage The physical address of the page to turn off
1627 * access monitoring for.
1628 * @param HCPhysPageRemap The physical address of the HC page that
1629 * serves as backing memory.
1630 *
1631 * @remark May cause a page pool flush if used on a page that is already
1632 * aliased.
1633 */
1634VMMDECL(int) PGMHandlerPhysicalPageAliasHC(PVMCC pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysPage, RTHCPHYS HCPhysPageRemap)
1635{
1636/// Assert(!IOMIsLockOwner(pVM)); /* We mustn't own any other locks when calling this */
1637#ifdef VBOX_WITH_PGM_NEM_MODE
1638 AssertReturn(!VM_IS_NEM_ENABLED(pVM) || !pVM->pgm.s.fNemMode, VERR_PGM_NOT_SUPPORTED_FOR_NEM_MODE);
1639#endif
1640 PGM_LOCK_VOID(pVM);
1641
1642 /*
1643 * Lookup and validate the range.
1644 */
1645 PPGMPHYSHANDLER pCur = (PPGMPHYSHANDLER)RTAvlroGCPhysGet(&pVM->pgm.s.CTX_SUFF(pTrees)->PhysHandlers, GCPhys);
1646 if (RT_LIKELY(pCur))
1647 {
1648 if (RT_LIKELY( GCPhysPage >= pCur->Core.Key
1649 && GCPhysPage <= pCur->Core.KeyLast))
1650 {
1651 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1652 AssertReturnStmt(pCurType->enmKind == PGMPHYSHANDLERKIND_MMIO, PGM_UNLOCK(pVM), VERR_ACCESS_DENIED);
1653 AssertReturnStmt(!(pCur->Core.Key & GUEST_PAGE_OFFSET_MASK), PGM_UNLOCK(pVM), VERR_INVALID_PARAMETER);
1654 AssertReturnStmt((pCur->Core.KeyLast & GUEST_PAGE_OFFSET_MASK) == GUEST_PAGE_OFFSET_MASK,
1655 PGM_UNLOCK(pVM), VERR_INVALID_PARAMETER);
1656
1657 /*
1658 * Get and validate the pages.
1659 */
1660 PPGMPAGE pPage;
1661 int rc = pgmPhysGetPageEx(pVM, GCPhysPage, &pPage);
1662 AssertReturnStmt(RT_SUCCESS_NP(rc), PGM_UNLOCK(pVM), rc);
1663 if (PGM_PAGE_GET_TYPE(pPage) != PGMPAGETYPE_MMIO)
1664 {
1665 PGM_UNLOCK(pVM);
1666 AssertMsgReturn(PGM_PAGE_GET_TYPE(pPage) == PGMPAGETYPE_SPECIAL_ALIAS_MMIO,
1667 ("GCPhysPage=%RGp %R[pgmpage]\n", GCPhysPage, pPage),
1668 VERR_PGM_PHYS_NOT_MMIO2);
1669 return VINF_PGM_HANDLER_ALREADY_ALIASED;
1670 }
1671 Assert(PGM_PAGE_IS_ZERO(pPage));
1672
1673 /*
1674 * Do the actual remapping here.
1675 * This page now serves as an alias for the backing memory
1676 * specified as far as shadow paging is concerned.
1677 */
1678 LogFlow(("PGMHandlerPhysicalPageAliasHC: %RGp (%R[pgmpage]) alias for %RHp\n",
1679 GCPhysPage, pPage, HCPhysPageRemap));
1680 PGM_PAGE_SET_HCPHYS(pVM, pPage, HCPhysPageRemap);
1681 PGM_PAGE_SET_TYPE(pVM, pPage, PGMPAGETYPE_SPECIAL_ALIAS_MMIO);
1682 PGM_PAGE_SET_STATE(pVM, pPage, PGM_PAGE_STATE_ALLOCATED);
1683 PGM_PAGE_SET_PAGEID(pVM, pPage, NIL_GMM_PAGEID);
1684 PGM_PAGE_SET_HNDL_PHYS_STATE(pPage, PGM_PAGE_HNDL_PHYS_STATE_DISABLED);
1685 pCur->cAliasedPages++;
1686 Assert(pCur->cAliasedPages <= pCur->cPages);
1687
1688 /* Flush its TLB entry. */
1689 pgmPhysInvalidatePageMapTLBEntry(pVM, GCPhysPage);
1690
1691#ifdef VBOX_WITH_NATIVE_NEM
1692 /* Tell NEM about the backing and protection change. */
1693 if (VM_IS_NEM_ENABLED(pVM))
1694 {
1695 PPGMRAMRANGE pRam = pgmPhysGetRange(pVM, GCPhysPage);
1696 uint8_t u2State = PGM_PAGE_GET_NEM_STATE(pPage);
1697 NEMHCNotifyPhysPageChanged(pVM, GCPhysPage, pVM->pgm.s.HCPhysZeroPg, PGM_PAGE_GET_HCPHYS(pPage),
1698 PGM_RAMRANGE_CALC_PAGE_R3PTR(pRam, GCPhysPage),
1699 pgmPhysPageCalcNemProtection(pPage, PGMPAGETYPE_SPECIAL_ALIAS_MMIO),
1700 PGMPAGETYPE_SPECIAL_ALIAS_MMIO, &u2State);
1701 PGM_PAGE_SET_NEM_STATE(pPage, u2State);
1702 }
1703#endif
1704 LogFlow(("PGMHandlerPhysicalPageAliasHC: => %R[pgmpage]\n", pPage));
1705 PGM_UNLOCK(pVM);
1706 return VINF_SUCCESS;
1707 }
1708 PGM_UNLOCK(pVM);
1709 AssertMsgFailed(("The page %#x is outside the range %#x-%#x\n",
1710 GCPhysPage, pCur->Core.Key, pCur->Core.KeyLast));
1711 return VERR_INVALID_PARAMETER;
1712 }
1713 PGM_UNLOCK(pVM);
1714
1715 AssertMsgFailed(("Specified physical handler start address %#x is invalid.\n", GCPhys));
1716 return VERR_PGM_HANDLER_NOT_FOUND;
1717}
1718
1719
1720/**
1721 * Checks if a physical range is handled
1722 *
1723 * @returns boolean
1724 * @param pVM The cross context VM structure.
1725 * @param GCPhys Start physical address earlier passed to PGMR3HandlerPhysicalRegister().
1726 * @remarks Caller must take the PGM lock...
1727 * @thread EMT.
1728 */
1729VMMDECL(bool) PGMHandlerPhysicalIsRegistered(PVMCC pVM, RTGCPHYS GCPhys)
1730{
1731 /*
1732 * Find the handler.
1733 */
1734 PGM_LOCK_VOID(pVM);
1735 PPGMPHYSHANDLER pCur = pgmHandlerPhysicalLookup(pVM, GCPhys);
1736 if (pCur)
1737 {
1738#ifdef VBOX_STRICT
1739 Assert(GCPhys >= pCur->Core.Key && GCPhys <= pCur->Core.KeyLast);
1740 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1741 Assert( pCurType->enmKind == PGMPHYSHANDLERKIND_WRITE
1742 || pCurType->enmKind == PGMPHYSHANDLERKIND_ALL
1743 || pCurType->enmKind == PGMPHYSHANDLERKIND_MMIO);
1744#endif
1745 PGM_UNLOCK(pVM);
1746 return true;
1747 }
1748 PGM_UNLOCK(pVM);
1749 return false;
1750}
1751
1752
1753/**
1754 * Checks if it's an disabled all access handler or write access handler at the
1755 * given address.
1756 *
1757 * @returns true if it's an all access handler, false if it's a write access
1758 * handler.
1759 * @param pVM The cross context VM structure.
1760 * @param GCPhys The address of the page with a disabled handler.
1761 *
1762 * @remarks The caller, PGMR3PhysTlbGCPhys2Ptr, must hold the PGM lock.
1763 */
1764bool pgmHandlerPhysicalIsAll(PVMCC pVM, RTGCPHYS GCPhys)
1765{
1766 PGM_LOCK_VOID(pVM);
1767 PPGMPHYSHANDLER pCur = pgmHandlerPhysicalLookup(pVM, GCPhys);
1768 if (!pCur)
1769 {
1770 PGM_UNLOCK(pVM);
1771 AssertFailed();
1772 return true;
1773 }
1774 PPGMPHYSHANDLERTYPEINT pCurType = PGMPHYSHANDLER_GET_TYPE(pVM, pCur);
1775 Assert( pCurType->enmKind == PGMPHYSHANDLERKIND_WRITE
1776 || pCurType->enmKind == PGMPHYSHANDLERKIND_ALL
1777 || pCurType->enmKind == PGMPHYSHANDLERKIND_MMIO); /* sanity */
1778 /* Only whole pages can be disabled. */
1779 Assert( pCur->Core.Key <= (GCPhys & ~(RTGCPHYS)GUEST_PAGE_OFFSET_MASK)
1780 && pCur->Core.KeyLast >= (GCPhys | GUEST_PAGE_OFFSET_MASK));
1781
1782 bool bRet = pCurType->enmKind != PGMPHYSHANDLERKIND_WRITE;
1783 PGM_UNLOCK(pVM);
1784 return bRet;
1785}
1786
1787#ifdef VBOX_STRICT
1788
1789/**
1790 * State structure used by the PGMAssertHandlerAndFlagsInSync() function
1791 * and its AVL enumerators.
1792 */
1793typedef struct PGMAHAFIS
1794{
1795 /** The current physical address. */
1796 RTGCPHYS GCPhys;
1797 /** Number of errors. */
1798 unsigned cErrors;
1799 /** Pointer to the VM. */
1800 PVM pVM;
1801} PGMAHAFIS, *PPGMAHAFIS;
1802
1803
1804/**
1805 * Asserts that the handlers+guest-page-tables == ramrange-flags and
1806 * that the physical addresses associated with virtual handlers are correct.
1807 *
1808 * @returns Number of mismatches.
1809 * @param pVM The cross context VM structure.
1810 */
1811VMMDECL(unsigned) PGMAssertHandlerAndFlagsInSync(PVMCC pVM)
1812{
1813 PPGM pPGM = &pVM->pgm.s;
1814 PGMAHAFIS State;
1815 State.GCPhys = 0;
1816 State.cErrors = 0;
1817 State.pVM = pVM;
1818
1819 PGM_LOCK_ASSERT_OWNER(pVM);
1820
1821 /*
1822 * Check the RAM flags against the handlers.
1823 */
1824 for (PPGMRAMRANGE pRam = pPGM->CTX_SUFF(pRamRangesX); pRam; pRam = pRam->CTX_SUFF(pNext))
1825 {
1826 const uint32_t cPages = pRam->cb >> GUEST_PAGE_SHIFT;
1827 for (uint32_t iPage = 0; iPage < cPages; iPage++)
1828 {
1829 PGMPAGE const *pPage = &pRam->aPages[iPage];
1830 if (PGM_PAGE_HAS_ANY_HANDLERS(pPage))
1831 {
1832 State.GCPhys = pRam->GCPhys + (iPage << GUEST_PAGE_SHIFT);
1833
1834 /*
1835 * Physical first - calculate the state based on the handlers
1836 * active on the page, then compare.
1837 */
1838 if (PGM_PAGE_HAS_ANY_PHYSICAL_HANDLERS(pPage))
1839 {
1840 /* the first */
1841 PPGMPHYSHANDLER pPhys = (PPGMPHYSHANDLER)RTAvlroGCPhysRangeGet(&pPGM->CTX_SUFF(pTrees)->PhysHandlers, State.GCPhys);
1842 if (!pPhys)
1843 {
1844 pPhys = (PPGMPHYSHANDLER)RTAvlroGCPhysGetBestFit(&pPGM->CTX_SUFF(pTrees)->PhysHandlers, State.GCPhys, true);
1845 if ( pPhys
1846 && pPhys->Core.Key > (State.GCPhys + GUEST_PAGE_SIZE - 1))
1847 pPhys = NULL;
1848 Assert(!pPhys || pPhys->Core.Key >= State.GCPhys);
1849 }
1850 if (pPhys)
1851 {
1852 PPGMPHYSHANDLERTYPEINT pPhysType = (PPGMPHYSHANDLERTYPEINT)MMHyperHeapOffsetToPtr(pVM, pPhys->hType);
1853 unsigned uState = pPhysType->uState;
1854
1855 /* more? */
1856 while (pPhys->Core.KeyLast < (State.GCPhys | GUEST_PAGE_OFFSET_MASK))
1857 {
1858 PPGMPHYSHANDLER pPhys2 = (PPGMPHYSHANDLER)RTAvlroGCPhysGetBestFit(&pPGM->CTX_SUFF(pTrees)->PhysHandlers,
1859 pPhys->Core.KeyLast + 1, true);
1860 if ( !pPhys2
1861 || pPhys2->Core.Key > (State.GCPhys | GUEST_PAGE_OFFSET_MASK))
1862 break;
1863 PPGMPHYSHANDLERTYPEINT pPhysType2 = (PPGMPHYSHANDLERTYPEINT)MMHyperHeapOffsetToPtr(pVM, pPhys2->hType);
1864 uState = RT_MAX(uState, pPhysType2->uState);
1865 pPhys = pPhys2;
1866 }
1867
1868 /* compare.*/
1869 if ( PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) != uState
1870 && PGM_PAGE_GET_HNDL_PHYS_STATE(pPage) != PGM_PAGE_HNDL_PHYS_STATE_DISABLED)
1871 {
1872 AssertMsgFailed(("ram range vs phys handler flags mismatch. GCPhys=%RGp state=%d expected=%d %s\n",
1873 State.GCPhys, PGM_PAGE_GET_HNDL_PHYS_STATE(pPage), uState, pPhysType->pszDesc));
1874 State.cErrors++;
1875 }
1876 }
1877 else
1878 {
1879 AssertMsgFailed(("ram range vs phys handler mismatch. no handler for GCPhys=%RGp\n", State.GCPhys));
1880 State.cErrors++;
1881 }
1882 }
1883 }
1884 } /* foreach page in ram range. */
1885 } /* foreach ram range. */
1886
1887 /*
1888 * Do the reverse check for physical handlers.
1889 */
1890 /** @todo */
1891
1892 return State.cErrors;
1893}
1894
1895#endif /* VBOX_STRICT */
1896
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette