Changeset 21679 in vbox for trunk/src/VBox/VMM
- Timestamp:
- Jul 17, 2009 1:00:04 PM (16 years ago)
- svn:sync-xref-src-repo-rev:
- 50228
- File:
-
- 1 edited
-
trunk/src/VBox/VMM/HWACCM.cpp (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/VMM/HWACCM.cpp
r21666 r21679 1634 1634 { 1635 1635 PCPUMCTX pCtx = (PCPUMCTX)pvUser; 1636 RTGCPTR oldrip = pCtx->rip;1637 1636 PDISCPUSTATE pDis = &pVCpu->hwaccm.s.DisState; 1638 1637 unsigned cbOp; 1638 int rc; 1639 #ifdef LOG_ENABLED 1640 RTGCPTR pInstr; 1641 char szOutput[256]; 1642 #endif 1639 1643 1640 1644 Log(("Patch TPR access at %RGv\n", pCtx->rip)); 1641 1645 1642 intrc = EMInterpretDisasOne(pVM, pVCpu, CPUMCTX2CORE(pCtx), pDis, &cbOp);1646 rc = EMInterpretDisasOne(pVM, pVCpu, CPUMCTX2CORE(pCtx), pDis, &cbOp); 1643 1647 AssertRC(rc); 1644 1648 if ( rc == VINF_SUCCESS … … 1649 1653 uint32_t idx = pVM->hwaccm.s.svm.cPatches; 1650 1654 PHWACCMTPRPATCH pPatch = &pVM->hwaccm.s.svm.aPatches[idx]; 1655 uint8_t aPatch[64]; 1656 uint32_t off = 0; 1657 1658 #ifdef LOG_ENABLED 1659 rc = DBGFR3DisasInstrEx(pVM, pVCpu->idCpu, pCtx->cs, pCtx->rip, 0, szOutput, sizeof(szOutput), 0); 1660 if (VBOX_SUCCESS(rc)) 1661 Log(("Original instr: %s\n", szOutput)); 1662 #endif 1651 1663 1652 1664 rc = PGMPhysSimpleReadGCPtr(pVCpu, pPatch->aOpcode, pCtx->rip, cbOp); 1653 1665 AssertRC(rc); 1654 1666 1655 pPatch->cbOp = cbOp; 1667 pPatch->cbOp = cbOp; 1668 pPatch->enmType = HWACCMTPRINSTR_JUMP_REPLACEMENT; 1656 1669 1657 1670 if (pDis->param1.flags == USE_DISPLACEMENT32) … … 1660 1673 * TPR write: 1661 1674 * 1662 * push ecx 1663 * push edx 1664 * push eax 1665 * xor edx, edx 1666 * mov eax, src_reg 1667 * mov ecx, MSR_K8_LSTAR (0xc0000082) 1668 * rdmsr 1669 * pop eax 1670 * pop edx 1671 * pop ecx 1675 * push ECX [51] 1676 * push EDX [52] 1677 * push EAX [50] 1678 * xor EDX,EDX [31 D2] 1679 * mov EAX,EAX [89 C0] 1680 * or 1681 * mov EAX,0000000CCh [B8 CC 00 00 00] 1682 * mov ECX,0C0000082h [B9 82 00 00 C0] 1683 * wrmsr [0F 30] 1684 * pop EAX [58] 1685 * pop EDX [5A] 1686 * pop ECX [59] 1687 * jmp return_address [E9 return_address] 1672 1688 * 1673 1689 */ 1690 aPatch[off++] = 0x51; /* push ecx */ 1691 aPatch[off++] = 0x52; /* push edx */ 1692 aPatch[off++] = 0x50; /* push eax */ 1693 aPatch[off++] = 0x31; /* xor edx, edx */ 1694 aPatch[off++] = 0xD2; 1674 1695 if (pDis->param2.flags == USE_REG_GEN32) 1675 1696 { 1676 pPatch->enmType = HWACCMTPRINSTR_WRITE_REG;1677 pPatch->uSrcOperand = pDis->param2.base.reg_gen;1697 aPatch[off++] = 0x89; /* mov eax, src_reg */ 1698 aPatch[off++] = MAKE_MODRM(3, pDis->param2.base.reg_gen, USE_REG_EAX); 1678 1699 } 1679 1700 else 1680 1701 { 1681 1702 Assert(pDis->param2.flags == USE_IMMEDIATE32); 1682 pPatch->enmType = HWACCMTPRINSTR_WRITE_IMM; 1683 pPatch->uSrcOperand = pDis->param2.parval; 1703 aPatch[off++] = 0xB8; /* mov eax, immediate */ 1704 *(uint32_t *)&aPatch[off] = pDis->param2.parval; 1705 off += sizeof(uint32_t); 1684 1706 } 1685 // rc = PGMPhysSimpleWriteGCPtr(pVCpu, pCtx->rip, aVMMCall, sizeof(aVMMCall)); 1686 // AssertRC(rc); 1687 1688 // memcpy(pPatch->aNewOpcode, aVMMCall, sizeof(aVMMCall)); 1689 // pPatch->cbNewOp = sizeof(aVMMCall); 1707 aPatch[off++] = 0xB9; /* mov ecx, 0xc0000082 */ 1708 *(uint32_t *)&aPatch[off] = MSR_K8_LSTAR; 1709 off += sizeof(uint32_t); 1710 1711 aPatch[off++] = 0x0F; /* wrmsr */ 1712 aPatch[off++] = 0x30; 1713 aPatch[off++] = 0x58; /* pop eax */ 1714 aPatch[off++] = 0x5A; /* pop edx */ 1715 aPatch[off++] = 0x59; /* pop ecx */ 1690 1716 } 1691 1717 else … … 1694 1720 * TPR read: 1695 1721 * 1696 * push ecx 1697 * push edx 1698 * push eax 1699 * mov ecx, MSR_K8_LSTAR (0xc0000082) 1700 * rdmsr 1701 * mov target_reg, eax 1702 * pop eax 1703 * pop edx 1704 * pop ecx 1722 * push ECX [51] 1723 * push EDX [52] 1724 * push EAX [50] 1725 * mov ECX,0C0000082h [B9 82 00 00 C0] 1726 * rdmsr [0F 32] 1727 * mov EAX,EAX [89 C0] 1728 * pop EAX [58] 1729 * pop EDX [5A] 1730 * pop ECX [59] 1731 * jmp return_address [E9 return_address] 1705 1732 * 1706 1733 */ 1707 1734 Assert(pDis->param1.flags == USE_REG_GEN32); 1708 1735 1709 pPatch->enmType = HWACCMTPRINSTR_READ; 1710 pPatch->uDstOperand = pDis->param1.base.reg_gen; 1711 1712 // rc = PGMPhysSimpleWriteGCPtr(pVCpu, pCtx->rip, aVMMCall, sizeof(aVMMCall)); 1713 // AssertRC(rc); 1714 1715 // memcpy(pPatch->aNewOpcode, aVMMCall, sizeof(aVMMCall)); 1716 // pPatch->cbNewOp = sizeof(aVMMCall); 1736 if (pDis->param1.base.reg_gen != USE_REG_ECX) 1737 aPatch[off++] = 0x51; /* push ecx */ 1738 if (pDis->param1.base.reg_gen != USE_REG_EDX) 1739 aPatch[off++] = 0x52; /* push edx */ 1740 if (pDis->param1.base.reg_gen != USE_REG_EAX) 1741 aPatch[off++] = 0x50; /* push eax */ 1742 1743 aPatch[off++] = 0x31; /* xor edx, edx */ 1744 aPatch[off++] = 0xD2; 1745 1746 aPatch[off++] = 0xB9; /* mov ecx, 0xc0000082 */ 1747 *(uint32_t *)&aPatch[off] = MSR_K8_LSTAR; 1748 off += sizeof(uint32_t); 1749 1750 aPatch[off++] = 0x0F; /* rdmsr */ 1751 aPatch[off++] = 0x32; 1752 1753 aPatch[off++] = 0x89; /* mov dst_reg, eax */ 1754 aPatch[off++] = MAKE_MODRM(3, USE_REG_EAX, pDis->param1.base.reg_gen); 1755 1756 if (pDis->param1.base.reg_gen != USE_REG_EAX) 1757 aPatch[off++] = 0x58; /* pop eax */ 1758 if (pDis->param1.base.reg_gen != USE_REG_EDX) 1759 aPatch[off++] = 0x5A; /* pop edx */ 1760 if (pDis->param1.base.reg_gen != USE_REG_ECX) 1761 aPatch[off++] = 0x59; /* pop ecx */ 1717 1762 } 1718 1719 pPatch->Core.Key = pCtx->eip; 1720 rc = RTAvloU32Insert(&pVM->hwaccm.s.svm.PatchTree, &pPatch->Core); 1721 AssertRC(rc); 1722 1723 pVM->hwaccm.s.svm.cPatches++; 1724 return VINF_SUCCESS; 1763 aPatch[off++] = 0xE9; /* jmp return_address */ 1764 *(RTRCUINTPTR *)&aPatch[off] = ((RTRCUINTPTR)pCtx->eip + cbOp) - ((RTRCUINTPTR)pVM->hwaccm.s.pFreeGuestPatchMem + off + 4); 1765 off += sizeof(RTRCUINTPTR); 1766 1767 if (pVM->hwaccm.s.pFreeGuestPatchMem + off <= pVM->hwaccm.s.pGuestPatchMem + pVM->hwaccm.s.cbGuestPatchMem) 1768 { 1769 /* Write new code to the patch buffer. */ 1770 rc = PGMPhysSimpleWriteGCPtr(pVCpu, pVM->hwaccm.s.pFreeGuestPatchMem, aPatch, off); 1771 AssertRC(rc); 1772 1773 #ifdef LOG_ENABLED 1774 pInstr = pVM->hwaccm.s.pFreeGuestPatchMem; 1775 while (true) 1776 { 1777 uint32_t cb; 1778 1779 rc = DBGFR3DisasInstrEx(pVM, pVCpu->idCpu, pCtx->cs, pInstr, 0, szOutput, sizeof(szOutput), &cb); 1780 if (VBOX_SUCCESS(rc)) 1781 Log(("Patch instr %RGv: %s\n", pInstr, szOutput)); 1782 1783 pInstr += cb; 1784 1785 if (pInstr > pVM->hwaccm.s.pFreeGuestPatchMem + off) 1786 break; 1787 } 1788 #endif 1789 1790 pPatch->aNewOpcode[0] = 0xE9; 1791 *(RTRCUINTPTR *)&pPatch->aNewOpcode[1] = ((RTRCUINTPTR)pVM->hwaccm.s.pFreeGuestPatchMem) - ((RTRCUINTPTR)pCtx->eip + 5); 1792 1793 /* Overwrite the TPR instruction with a jump. */ 1794 rc = PGMPhysSimpleWriteGCPtr(pVCpu, pCtx->eip, pPatch->aNewOpcode, 5); 1795 AssertRC(rc); 1796 1797 #ifdef LOG_ENABLED 1798 rc = DBGFR3DisasInstrEx(pVM, pVCpu->idCpu, pCtx->cs, pCtx->rip, 0, szOutput, sizeof(szOutput), 0); 1799 if (VBOX_SUCCESS(rc)) 1800 Log(("Jump: %s\n", szOutput)); 1801 #endif 1802 pVM->hwaccm.s.pFreeGuestPatchMem += off; 1803 pPatch->cbNewOp = 5; 1804 1805 pPatch->Core.Key = pCtx->eip; 1806 rc = RTAvloU32Insert(&pVM->hwaccm.s.svm.PatchTree, &pPatch->Core); 1807 AssertRC(rc); 1808 1809 pVM->hwaccm.s.svm.cPatches++; 1810 return VINF_SUCCESS; 1811 } 1812 else 1813 Log(("Ran out of space in our patch buffer!\n")); 1725 1814 } 1726 1815 return hwaccmR0EmulateTprMov(pVCpu, pDis, pCtx, cbOp);
Note:
See TracChangeset
for help on using the changeset viewer.
