Changeset 12121 in vbox

Timestamp:

Sep 5, 2008 9:41:05 AM (16 years ago)

Author:

vboxsync

Message:

Committed hardware breakpoint support for VT-x and AMD-V. Untested and disabled.

Location:

trunk/src/VBox/VMM

Files:

• CPUM.cpp (modified) (1 diff)
• HWACCM.cpp (modified) (1 diff)
• HWACCMInternal.h (modified) (5 diffs)
• VMMAll/EMAll.cpp (modified) (1 diff)
• VMMR0/HWACCMR0.cpp (modified) (3 diffs)
• VMMR0/HWSVMR0.cpp (modified) (5 diffs)
• VMMR0/HWVMXR0.cpp (modified) (3 diffs)

trunk/src/VBox/VMM/CPUM.cpp

@@ -707 +707 @@
     pCtx->trHid.Attr.n.u4Type       = X86_SEL_TYPE_SYS_386_TSS_BUSY;
 
-    pCtx->dr6                       = UINT32_C(0xFFFF0FF0);
+    pCtx->dr6                       = X86_DR6_INIT_VAL;
     pCtx->dr7                       = 0x400;
 

trunk/src/VBox/VMM/HWACCM.cpp

@@ -126 +126 @@
     STAM_REG(pVM, &pVM->hwaccm.s.StatExitGuestMF,   STAMTYPE_COUNTER, "/HWACCM/Exit/Trap/Guest/#MF",    STAMUNIT_OCCURENCES,    "Nr of occurances");
     STAM_REG(pVM, &pVM->hwaccm.s.StatExitGuestDE,   STAMTYPE_COUNTER, "/HWACCM/Exit/Trap/Guest/#DE",    STAMUNIT_OCCURENCES,    "Nr of occurances");
+    STAM_REG(pVM, &pVM->hwaccm.s.StatExitGuestDB,   STAMTYPE_COUNTER, "/HWACCM/Exit/Trap/Guest/#DB",    STAMUNIT_OCCURENCES,    "Nr of occurances");
     STAM_REG(pVM, &pVM->hwaccm.s.StatExitInvpg,     STAMTYPE_COUNTER, "/HWACCM/Exit/Instr/Invlpg",      STAMUNIT_OCCURENCES,    "Nr of occurances");
     STAM_REG(pVM, &pVM->hwaccm.s.StatExitInvd,      STAMTYPE_COUNTER, "/HWACCM/Exit/Instr/Invd",        STAMUNIT_OCCURENCES,    "Nr of occurances");

trunk/src/VBox/VMM/HWACCMInternal.h

@@ -34 +34 @@
 #include <iprt/mp.h>
 
+////#define VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+
 #if HC_ARCH_BITS == 64
 /* Enable 64 bits guest support. */
@@ -110 +112 @@
  */
 #ifdef VBOX_STRICT
-#define HWACCM_VMX_TRAP_MASK                RT_BIT(X86_XCPT_DE) | RT_BIT(X86_XCPT_NM) | RT_BIT(X86_XCPT_PF) | RT_BIT(X86_XCPT_UD) | RT_BIT(X86_XCPT_NP) | RT_BIT(X86_XCPT_SS) | RT_BIT(X86_XCPT_GP) | RT_BIT(X86_XCPT_MF)
+#define HWACCM_VMX_TRAP_MASK                RT_BIT(X86_XCPT_DE) | RT_BIT(X86_XCPT_DB) | RT_BIT(X86_XCPT_NM) | RT_BIT(X86_XCPT_PF) | RT_BIT(X86_XCPT_UD) | RT_BIT(X86_XCPT_NP) | RT_BIT(X86_XCPT_SS) | RT_BIT(X86_XCPT_GP) | RT_BIT(X86_XCPT_MF)
 #define HWACCM_SVM_TRAP_MASK                HWACCM_VMX_TRAP_MASK
 #else
-#define HWACCM_VMX_TRAP_MASK                RT_BIT(X86_XCPT_NM) | RT_BIT(X86_XCPT_PF)
-#define HWACCM_SVM_TRAP_MASK                HWACCM_VMX_TRAP_MASK
+#define HWACCM_VMX_TRAP_MASK                RT_BIT(X86_XCPT_DB) | RT_BIT(X86_XCPT_NM) | RT_BIT(X86_XCPT_PF)
+#define HWACCM_SVM_TRAP_MASK                RT_BIT(X86_XCPT_NM) | RT_BIT(X86_XCPT_PF)
 #endif
 /** @} */
@@ -377 +379 @@
 
 
-#ifdef VBOX_SAVE_HOST_DEBUG_REGISTERS
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
     struct
     {
@@ -383 +385 @@
         uint64_t                dr0, dr1, dr2, dr3, dr6, dr7;
         bool                    fHostDR7Saved;
+        bool                    fHostDebugRegsSaved;
     } savedhoststate;
 #endif
@@ -401 +404 @@
     STAMCOUNTER             StatExitGuestGP;
     STAMCOUNTER             StatExitGuestDE;
+    STAMCOUNTER             StatExitGuestDB;
     STAMCOUNTER             StatExitGuestMF;
     STAMCOUNTER             StatExitInvpg;

trunk/src/VBox/VMM/VMMAll/EMAll.cpp

@@ -2199 +2199 @@
     if (VBOX_SUCCESS(rc))
     {
+        /* @todo: we don't fail if illegal bits are set/cleared for e.g. dr7 */
         rc = CPUMSetGuestDRx(pVM, DestRegDrx, val);
         if (VBOX_SUCCESS(rc))

trunk/src/VBox/VMM/VMMR0/HWACCMR0.cpp

@@ -744 +744 @@
     CPUMDeactivateGuestFPUState(pVM);
 
-#ifdef VBOX_WITH_DEBUG_REGISTER_SUPPORT
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
     /*
      * Check if host debug registers are armed. All context switches set DR7 back to 0x400.
      */
     uint64_t u64DR7 = ASMGetDR7();
-    if (u32DR7 & X86_DR7_ENABLED_MASK)
+    if (u64DR7 & X86_DR7_ENABLED_MASK)
     {
         pVM->hwaccm.s.savedhoststate.dr7  = u64DR7;
@@ -806 +806 @@
     }
 
-#ifdef VBOX_WITH_DEBUG_REGISTER_SUPPORT
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+    /* Restore the host debug registers. First dr0-3, then dr6 and only then dr7! */
+    if (pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved)
+    {
+        ASMSetDR0(pVM->hwaccm.s.savedhoststate.dr0);
+        ASMSetDR1(pVM->hwaccm.s.savedhoststate.dr1);
+        ASMSetDR2(pVM->hwaccm.s.savedhoststate.dr2);
+        ASMSetDR3(pVM->hwaccm.s.savedhoststate.dr3);
+        ASMSetDR6(pVM->hwaccm.s.savedhoststate.dr6);
+        pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved = false;
+    }
     if (pVM->hwaccm.s.savedhoststate.fHostDR7Saved)
     {
@@ -814 +824 @@
 #endif
 
+    /* Resync the debug register on the next entry. */
+    pVM->hwaccm.s.fContextUseFlags |= HWACCM_CHANGED_GUEST_DEBUG;
     return HWACCMR0Globals.pfnLeaveSession(pVM);
 }

trunk/src/VBox/VMM/VMMR0/HWSVMR0.cpp

@@ -276 +276 @@
         pVMCB->ctrl.u16InterceptWrCRx = RT_BIT(0) | RT_BIT(4) | RT_BIT(8);
 
-    /* Intercept all DRx reads and writes. */
-    pVMCB->ctrl.u16InterceptRdDRx = RT_BIT(0) | RT_BIT(1) | RT_BIT(2) | RT_BIT(3) | RT_BIT(4) | RT_BIT(5) | RT_BIT(6) | RT_BIT(7);
-    pVMCB->ctrl.u16InterceptWrDRx = RT_BIT(0) | RT_BIT(1) | RT_BIT(2) | RT_BIT(3) | RT_BIT(4) | RT_BIT(5) | RT_BIT(6) | RT_BIT(7);
+    /* Intercept all DRx reads and writes. (@todo not necessary to intercept all) */
+    pVMCB->ctrl.u16InterceptRdDRx = 0xFFFF;
+    pVMCB->ctrl.u16InterceptWrDRx = 0xFFFF;
 
     /* Currently we don't care about DRx reads or writes. DRx registers are trashed.
@@ -686 +686 @@
     if (pVM->hwaccm.s.fContextUseFlags & HWACCM_CHANGED_GUEST_DEBUG)
     {
-        val  = pCtx->dr7;
-        val &= ~(RT_BIT(11) | RT_BIT(12) | RT_BIT(14) | RT_BIT(15));    /* must be zero */
-        val |= 0x400;                                       /* must be one */
-#ifndef VBOX_WITH_DEBUG_REGISTER_SUPPORT
-        val = 0x400;
-#endif
-        pVMCB->guest.u64DR7 = val;
-
+        pCtx->dr7 &= 0xffffffff;                                              /* upper 32 bits reserved */
+        pCtx->dr7 &= ~(RT_BIT(11) | RT_BIT(12) | RT_BIT(14) | RT_BIT(15));    /* must be zero */
+        pCtx->dr7 |= 0x400;                                                   /* must be one */
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+        pVMCB->guest.u64DR7 = pCtx->dr7;
+#else
+        pVMCB->guest.u64DR7 = 0x400;
+#endif
         pVMCB->guest.u64DR6 = pCtx->dr6;
+
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+        /* Any guest breakpoints enabled? */
+        if (    (pCtx->dr7 & X86_DR7_ENABLED_MASK)
+            &&  !pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved)
+        {
+            /* Save the host debug register; a bit paranoid if the host has no active breakpoints set in dr7, but we
+             * do not want anything from the guest to leak into the host!
+             */
+            pVM->hwaccm.s.savedhoststate.dr0 = ASMGetDR0();
+            pVM->hwaccm.s.savedhoststate.dr1 = ASMGetDR1();
+            pVM->hwaccm.s.savedhoststate.dr2 = ASMGetDR2();
+            pVM->hwaccm.s.savedhoststate.dr3 = ASMGetDR3();
+            pVM->hwaccm.s.savedhoststate.dr6 = ASMGetDR6();
+            pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved = true;
+
+            /* Make sure DR7 is harmless or else we could trigger breakpoints when restoring dr0-3 (!) */
+            ASMSetDR7(0x400);
+        }
+
+        if (pCtx->dr7 & (X86_DR7_L0|X86_DR7_G0))
+        {
+            ASMSetDR0(pCtx->dr0);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L1|X86_DR7_G1))
+        {
+            ASMSetDR1(pCtx->dr1);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L2|X86_DR7_G2))
+        {
+            ASMSetDR2(pCtx->dr2);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L3|X86_DR7_G3))
+        {
+            ASMSetDR3(pCtx->dr3);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+
+        /* No need to sync DR6; all DR6 reads are intercepted. */
+#endif /* VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT */
     }
 
@@ -1200 +1243 @@
     Log2(("exitCode = %x\n", exitCode));
 
-    /* Sync back the debug registers. */
+    /* Sync back DR6 as it could have been changed by hitting breakpoints. */
     pCtx->dr6 = pVMCB->guest.u64DR6;
+    /* DR7.GD can be cleared by debug exceptions, so sync it back as well. */
     pCtx->dr7 = pVMCB->guest.u64DR7;
 
@@ -1265 +1309 @@
 #ifdef DEBUG
         case X86_XCPT_DB:
+        {
+#if 0 /* revisit */
             rc = DBGFR0Trap01Handler(pVM, CPUMCTX2CORE(pCtx), pVMCB->guest.u64DR6);
             Assert(rc != VINF_EM_RAW_GUEST_TRAP);
             break;
+#endif
+            /* @todo we don't really need to intercept this here. It's easy to sync back dr7 & dr6 after each world switch. */
+            /* Sync back DR6 and DR7 here. */
+            pCtx->dr6  = pVMCB->guest.u64DR6;
+            pCtx->dr7  = pVMCB->guest.u64DR7;
+
+            STAM_COUNTER_INC(&pVM->hwaccm.s.StatExitGuestDB);
+            Log(("Trap %x (debug) at %VGv\n", vector, pCtx->rip));
+
+            /* Reinject the exception. */
+            Event.au64[0]    = 0;
+            Event.n.u3Type   = SVM_EVENT_EXCEPTION; /* trap or fault */
+            Event.n.u1Valid  = 1;
+            Event.n.u8Vector = X86_XCPT_DB;
+
+            SVMR0InjectEvent(pVM, pVMCB, pCtx, &Event);
+
+            STAM_PROFILE_ADV_STOP(&pVM->hwaccm.s.StatExit, x);
+            goto ResumeExecution;
+        }
 #endif
 
@@ -1414 +1480 @@
         case X86_XCPT_GP:   /* General protection failure exception.*/
         case X86_XCPT_UD:   /* Unknown opcode exception. */
-        case X86_XCPT_DE:   /* Debug exception. */
+        case X86_XCPT_DE:   /* Divide error. */
         case X86_XCPT_SS:   /* Stack segment exception. */
         case X86_XCPT_NP:   /* Segment not present exception. */

trunk/src/VBox/VMM/VMMR0/HWVMXR0.cpp

@@ -966 +966 @@
     if (pVM->hwaccm.s.fContextUseFlags & HWACCM_CHANGED_GUEST_DEBUG)
     {
-        val  = pCtx->dr7 & 0xffffffff;                                  /* upper 32 bits reserved */
-        val &= ~(RT_BIT(11) | RT_BIT(12) | RT_BIT(14) | RT_BIT(15));    /* must be zero */
-        val |= 0x400;                                                   /* must be one */
-#ifdef VBOX_WITH_DEBUG_REGISTER_SUPPORT
-        rc |= VMXWriteVMCS(VMX_VMCS_GUEST_DR7,              val);
+        pCtx->dr7 &= 0xffffffff;                                              /* upper 32 bits reserved */
+        pCtx->dr7 &= ~(RT_BIT(11) | RT_BIT(12) | RT_BIT(14) | RT_BIT(15));    /* must be zero */
+        pCtx->dr7 |= 0x400;                                                   /* must be one */
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+        rc |= VMXWriteVMCS(VMX_VMCS_GUEST_DR7,  pCtx->dr7);
 #else
-        rc |= VMXWriteVMCS(VMX_VMCS_GUEST_DR7,            0x400);
-#endif
-        AssertRC(rc);
+        rc |= VMXWriteVMCS(VMX_VMCS_GUEST_DR7,  0x400);
+#endif
+        AssertRC(rc);
+
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+        /* Any guest breakpoints enabled? */
+        if (    (pCtx->dr7 & X86_DR7_ENABLED_MASK)
+            &&  !pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved)
+        {
+            /* Save the host debug register; a bit paranoid if the host has no active breakpoints set in dr7, but we
+             * do not want anything from the guest to leak into the host!
+             */
+            pVM->hwaccm.s.savedhoststate.dr0 = ASMGetDR0();
+            pVM->hwaccm.s.savedhoststate.dr1 = ASMGetDR1();
+            pVM->hwaccm.s.savedhoststate.dr2 = ASMGetDR2();
+            pVM->hwaccm.s.savedhoststate.dr3 = ASMGetDR3();
+            pVM->hwaccm.s.savedhoststate.dr6 = ASMGetDR6();
+            pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved = true;
+
+            /* Make sure DR7 is harmless or else we could trigger breakpoints when restoring dr0-3 (!) */
+            ASMSetDR7(0x400);
+        }
+
+        if (pCtx->dr7 & (X86_DR7_L0|X86_DR7_G0))
+        {
+            ASMSetDR0(pCtx->dr0);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L1|X86_DR7_G1))
+        {
+            ASMSetDR1(pCtx->dr1);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L2|X86_DR7_G2))
+        {
+            ASMSetDR2(pCtx->dr2);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+        if (pCtx->dr7 & (X86_DR7_L3|X86_DR7_G3))
+        {
+            ASMSetDR3(pCtx->dr3);
+            Assert(pVM->hwaccm.s.savedhoststate.fHostDebugRegsSaved);
+        }
+
+        /* No need to sync DR6; all DR6 reads are intercepted. */
+#endif /* VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT */
 
         /* IA32_DEBUGCTL MSR. */
@@ -1513 +1556 @@
     CPUMSetGuestCR2(pVM, ASMGetCR2());
 
-    VMXReadVMCS(VMX_VMCS_GUEST_DR7,              &val);
-    CPUMSetGuestDR7(pVM, val);
-
     /* Guest CPU context: ES, CS, SS, DS, FS, GS. */
     VMX_READ_SELREG(ES, es);
@@ -1721 +1761 @@
             }
 
+            case X86_XCPT_DB:   /* Debug exception. */
+            {
+                /* DR6, DR7.GD and IA32_DEBUGCTL.LBR are not updated yet. 
+                 *
+                 * Exit qualification bits:
+                 *  3:0     B0-B3 which breakpoint condition was met
+                 * 12:4     Reserved (0)
+                 * 13       BD - debug register access detected
+                 * 14       BS - single step execution or branch taken
+                 * 63:15    Reserved (0)
+                 */
+
+#ifdef VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT
+                /* Update DR6 here. */
+                pCtx->dr6  = X86_DR6_INIT_VAL;
+                pCtx->dr6 |= (exitQualification & (X86_DR6_B0|X86_DR6_B1|X86_DR6_B2|X86_DR6_B3|X86_DR6_BD|X86_DR6_BS));
+
+                /* X86_DR7_GD will be cleared if drx accesses should be trapped inside the guest. */
+                pCtx->dr7 &= ~X86_DR7_GD;
+
+                /* Paranoia. */
+                pCtx->dr7 &= 0xffffffff;                                              /* upper 32 bits reserved */
+                pCtx->dr7 &= ~(RT_BIT(11) | RT_BIT(12) | RT_BIT(14) | RT_BIT(15));    /* must be zero */
+                pCtx->dr7 |= 0x400;                                                   /* must be one */
+
+                /* Resync DR7 */
+                rc = VMXWriteVMCS(VMX_VMCS_GUEST_DR7, pCtx->dr7);
+                AssertRC(rc);
+#endif /* VBOX_WITH_HWACCM_DEBUG_REGISTER_SUPPORT */
+
+                STAM_COUNTER_INC(&pVM->hwaccm.s.StatExitGuestDB);
+                Log(("Trap %x (debug) at %VGv exit qualification %VX64\n", vector, pCtx->rip, exitQualification));
+                rc = VMXR0InjectEvent(pVM, pCtx, VMX_VMCS_CTRL_ENTRY_IRQ_INFO_FROM_EXIT_INT_INFO(intInfo), cbInstr, errCode);
+                AssertRC(rc);
+
+                STAM_PROFILE_ADV_STOP(&pVM->hwaccm.s.StatExit, x);
+                goto ResumeExecution;
+            }
+
 #ifdef VBOX_STRICT
+            case X86_XCPT_DE:   /* Divide error. */
             case X86_XCPT_GP:   /* General protection failure exception.*/
             case X86_XCPT_UD:   /* Unknown opcode exception. */
-            case X86_XCPT_DE:   /* Debug exception. */
             case X86_XCPT_SS:   /* Stack segment exception. */
             case X86_XCPT_NP:   /* Segment not present exception. */