Changeset 33935 in vbox for trunk/src/VBox/VMM

Timestamp:

Nov 10, 2010 3:37:02 PM (15 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

67595

Message:

VMM: mask all Local APIC interrupt vectors which are set up to NMI mode during world switch (raw mode only)

Location:

trunk/src/VBox/VMM

Files:

• CPUMInternal.h (modified) (1 diff)
• CPUMInternal.mac (modified) (2 diffs)
• Makefile.kmk (modified) (1 diff)
• VMMR0/CPUMR0.cpp (modified) (3 diffs)
• VMMR0/VMMR0.cpp (modified) (4 diffs)
• VMMSwitcher/AMD64andLegacy.mac (modified) (3 diffs)
• VMMSwitcher/LegacyandAMD64.mac (modified) (7 diffs)
• VMMSwitcher/PAEand32Bit.mac (modified) (3 diffs)
• testcase/Makefile.kmk (modified) (5 diffs)
• testcase/tstVMStructSize.cpp (modified) (1 diff)

trunk/src/VBox/VMM/CPUMInternal.h

@@ -313 +313 @@
 
 #if HC_ARCH_BITS == 32
-    /** Align the next member, and thereby the structure, on a 64-byte boundary. */
     uint8_t                 abPadding2[4];
 #endif
 
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    RTHCPTR                 pvApicBase;
+    uint32_t                fApicDisVectors;
+    uint8_t                 abPadding3[HC_ARCH_BITS == 32 ? 56 : 52];
+#endif
+
     /**
-     * Guest context on raw mode entry.
+     * Guest context on raw mode entry. 64-byte aligned!
      * This a debug feature, see CPUMR3SaveEntryCtx.
      */

trunk/src/VBox/VMM/CPUMInternal.mac

@@ -81 +81 @@
     .aGuestCpuIdCentaur   resb    16*4
     .GuestCpuIdDef        resb    16
+
+%if HC_ARCH_BITS == 32
+    .abPadding2           resb    4
+%endif
+
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+ %if HC_ARCH_BITS == 32
+    .pvApicBase           resd    1
+    .fApicDisVectors      resd    1
+ %else
+    .pvApicBase           resq    1
+    .fApicDisVectors      resd    1
+ %endif
+%endif
 
     alignb 64
@@ -450 +464 @@
     sub     %1, dword [%1 + CPUMCPU.offCPUM]
 %endmacro
+
+;;
+; Converts the CPUMCPU pointer to CPUM
+; @param   %1   register name (PVM)
+; @param   %2   register name (CPUMCPU offset)
+%macro CPUM_FROM_CPUMCPU_WITH_OFFSET 2
+    sub     %1, %2
+%endmacro

trunk/src/VBox/VMM/Makefile.kmk

@@ -38 +38 @@
 ifdef VBOX_WITH_R0_LOGGING
  VMM_COMMON_DEFS += VBOX_WITH_R0_LOGGING
+endif
+ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+ VMM_COMMON_DEFS += VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
 endif
 # VMM_COMMON_DEFS += VBOX_WITH_NS_ACCOUNTING_STATS

trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp

@@ -30 +30 @@
 #include <iprt/assert.h>
 #include <iprt/asm-amd64-x86.h>
-
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+# include <iprt/mem.h>
+# include <iprt/memobj.h>
+# include <VBox/apic.h>
+#endif
+
+
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+/** Local APIC mappings */
+typedef struct
+{
+    bool        fEnabled;
+    uint64_t    PhysBase;
+    RTR0MEMOBJ  hMemObj;
+    RTR0MEMOBJ  hMapObj;
+    void        *pv;
+    uint32_t    fHasThermal;
+} CPUMHOSTLAPIC;
+
+static CPUMHOSTLAPIC g_aLApics[RTCPUSET_MAX_CPUS];
+static int  cpumR0MapLocalApics(void);
+static void cpumR0UnmapLocalApics(void);
+#endif
+
+
+/**
+ * Does the Ring-0 CPU initialization once during module load.
+ * XXX Host-CPU hot-plugging?
+ */
+VMMR0DECL(int) CPUMR0ModuleInit(void)
+{
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    return cpumR0MapLocalApics();
+#endif
+}
+
+
+/**
+ * Terminate the module.
+ */
+VMMR0DECL(int) CPUMR0ModuleTerm(void)
+{
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    cpumR0UnmapLocalApics();
+#endif
+    return VINF_SUCCESS;
+}
 
 
@@ -45 +91 @@
 {
     LogFlow(("CPUMR0Init: %p\n", pVM));
+
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    for (unsigned i = 0; i < RT_ELEMENTS(g_aLApics); i++)
+        if (g_aLApics[i].pv)
+            SUPR0Printf(" CPU%d: %llx => %llx\n", i, g_aLApics[i].PhysBase, (uint64_t)g_aLApics[i].pv);
+#endif
 
     /*
@@ -590 +642 @@
 }
 
+
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+/**
+ * Worker for cpumR0MapLocalApics. Check each CPU for a present Local APIC.
+ * Play safe and treat each CPU separate.
+ */
+static void cpumR0MapLocalApicWorker(RTCPUID idCpu, void *pvUser1, void *pvUser2)
+{
+    uint32_t u32MaxIdx;
+    uint32_t u32EBX, u32ECX, u32EDX;
+    int iCpu = RTMpCpuIdToSetIndex(idCpu);
+    Assert(iCpu < RTCPUSET_MAX_CPUS);
+    ASMCpuId(0, &u32MaxIdx, &u32EBX, &u32ECX, &u32EDX);
+    if (   (   (   u32EBX == X86_CPUID_VENDOR_INTEL_EBX
+                && u32ECX == X86_CPUID_VENDOR_INTEL_ECX
+                && u32EDX == X86_CPUID_VENDOR_INTEL_EDX)
+           ||  (   u32EBX == X86_CPUID_VENDOR_AMD_EBX
+                && u32ECX == X86_CPUID_VENDOR_AMD_ECX
+                && u32EDX == X86_CPUID_VENDOR_AMD_EDX))
+        && u32MaxIdx >= 1)
+    {
+        ASMCpuId(1, &u32MaxIdx, &u32EBX, &u32ECX, &u32EDX);
+        if (    (u32EDX & X86_CPUID_FEATURE_EDX_APIC)
+            &&  (u32EDX & X86_CPUID_FEATURE_EDX_MSR))
+        {
+            uint64_t u64ApicBase = ASMRdMsr(MSR_IA32_APICBASE);
+            uint32_t u32MaxExtIdx;
+            /* see Intel Manual: Local APIC Status and Location: MAXPHYADDR default is bit 36 */
+            uint64_t u64Mask = UINT64_C(0x0000000ffffff000);
+            ASMCpuId(0x80000000, &u32MaxExtIdx, &u32EBX, &u32ECX, &u32EDX);
+            if (   u32MaxExtIdx >= 0x80000008
+                && u32MaxExtIdx <  0x8000ffff)
+            {
+                uint32_t u32PhysBits;
+                ASMCpuId(0x80000008, &u32PhysBits, &u32EBX, &u32ECX, &u32EDX);
+                u32PhysBits &= 0xff;
+                u64Mask = ((UINT64_C(1) << u32PhysBits) - 1) & UINT64_C(0xfffffffffffff000);
+            }
+            g_aLApics[iCpu].fEnabled = true;
+            g_aLApics[iCpu].PhysBase = u64ApicBase & u64Mask;
+        }
+    }
+}
+
+
+/**
+ * Map the MMIO page of each local APIC in the system.
+ */
+static int cpumR0MapLocalApics(void)
+{
+    int rc = RTMpOnAll(cpumR0MapLocalApicWorker, NULL, NULL);
+    for (unsigned iCpu = 0; RT_SUCCESS(rc) && iCpu < RT_ELEMENTS(g_aLApics); iCpu++)
+    {
+        if (g_aLApics[iCpu].fEnabled)
+        {
+            rc = RTR0MemObjEnterPhys(&g_aLApics[iCpu].hMemObj, g_aLApics[iCpu].PhysBase,
+                                     PAGE_SIZE, RTMEM_CACHE_POLICY_MMIO);
+            if (RT_SUCCESS(rc))
+                rc = RTR0MemObjMapKernel(&g_aLApics[iCpu].hMapObj, g_aLApics[iCpu].hMemObj, (void*)-1,
+                                         PAGE_SIZE, RTMEM_PROT_READ | RTMEM_PROT_WRITE);
+            if (RT_SUCCESS(rc))
+            {
+                void *pApicBase = RTR0MemObjAddress(g_aLApics[iCpu].hMapObj);
+                uint32_t ApicVersion = ApicRegRead(pApicBase, APIC_REG_VERSION);
+                /*
+                 * 0x0X       82489 external APIC
+                 * 0x1X       Local APIC
+                 * 0x2X..0xFF reserved
+                 */
+                if ((APIC_REG_VERSION_GET_VER(ApicVersion) & 0xF0) != 0x10)
+                {
+                    RTR0MemObjFree(g_aLApics[iCpu].hMapObj, true /* fFreeMappings */);
+                    RTR0MemObjFree(g_aLApics[iCpu].hMemObj, true /* fFreeMappings */);
+                    g_aLApics[iCpu].fEnabled = false;
+                    continue;
+                }
+                g_aLApics[iCpu].fHasThermal = APIC_REG_VERSION_GET_MAX_LVT(ApicVersion) >= 5;
+                g_aLApics[iCpu].pv = pApicBase;
+            }
+        }
+    }
+    if (RT_FAILURE(rc))
+    {
+        cpumR0UnmapLocalApics();
+        return rc;
+    }
+
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Unmap the Local APIC of all host CPUs.
+ */
+static void cpumR0UnmapLocalApics(void)
+{
+    for (unsigned iCpu = RT_ELEMENTS(g_aLApics); iCpu-- > 0;)
+    {
+        if (g_aLApics[iCpu].pv)
+        {
+            RTR0MemObjFree(g_aLApics[iCpu].hMapObj, true /* fFreeMappings */);
+            RTR0MemObjFree(g_aLApics[iCpu].hMemObj, true /* fFreeMappings */);
+            g_aLApics[iCpu].fEnabled = false;
+            g_aLApics[iCpu].pv = NULL;
+        }
+    }
+}
+
+
+/**
+ * Write the Local APIC mapping address of the current host CPU to CPUM to be
+ * able to access the APIC registers in the raw mode switcher for disabling/
+ * re-enabling the NMI. Must be called with disabled preemption or disabled
+ * interrupts!
+ *
+ * @param   pVM         VM handle.
+ * @param   idHostCpu   The ID of the current host CPU.
+ */
+VMMR0DECL(void) CPUMR0SetLApic(PVM pVM, RTCPUID idHostCpu)
+{
+    pVM->cpum.s.pvApicBase = g_aLApics[RTMpCpuIdToSetIndex(idHostCpu)].pv;
+}
+
+#endif /* VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI */

trunk/src/VBox/VMM/VMMR0/VMMR0.cpp

@@ -117 +117 @@
                         if (RT_SUCCESS(rc))
                         {
-                            LogFlow(("ModuleInit: returns success.\n"));
-                            return VINF_SUCCESS;
+                            rc = CPUMR0ModuleInit();
+                            if (RT_SUCCESS(rc))
+                            {
+                                LogFlow(("ModuleInit: returns success.\n"));
+                                return VINF_SUCCESS;
+                            }
                         }
 
@@ -148 +152 @@
 {
     LogFlow(("ModuleTerm:\n"));
+
+    /*
+     * Terminate the CPUM module (Local APIC cleanup).
+     */
+    CPUMR0ModuleTerm();
 
     /*
@@ -574 +583 @@
                 RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER;
                 RTThreadPreemptDisable(&PreemptState);
-                ASMAtomicWriteU32(&pVCpu->idHostCpu, RTMpCpuId());
+                RTCPUID idHostCpu = RTMpCpuId();
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+                CPUMR0SetLApic(pVM, idHostCpu);
+#endif
+                ASMAtomicWriteU32(&pVCpu->idHostCpu, idHostCpu);
                 if (pVM->vmm.s.fUsePeriodicPreemptionTimers)
                     GVMMR0SchedUpdatePeriodicPreemptionTimer(pVM, pVCpu->idHostCpu, TMCalcHostTimerFrequency(pVM, pVCpu));
@@ -887 +900 @@
             RTCCUINTREG fFlags = ASMIntDisableFlags();
 
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+            RTCPUID idHostCpu = RTMpCpuId();
+            CPUMR0SetLApic(pVM, idHostCpu);
+#endif
+
             /* We might need to disable VT-x if the active switcher turns off paging. */
             rc = HWACCMR0EnterSwitcher(pVM, &fVTxDisabled);

trunk/src/VBox/VMM/VMMSwitcher/AMD64andLegacy.mac

@@ -23 +23 @@
 ;*******************************************************************************
 %include "VBox/asmdefs.mac"
+%include "VBox/apic.mac"
 %include "VBox/x86.mac"
 %include "VBox/cpum.mac"
@@ -250 +251 @@
     pop     qword [rdx + r8 + CPUMCPU.Host.rflags]
 
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    ; Block Local APIC NMI vectors
+    mov     rbx, [rdx + CPUM.pvApicBase]
+    or      rbx, rbx
+    jz      htg_noapic
+    xor     edi, edi
+    mov     eax, [rbx + APIC_REG_LVT_LINT0]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint0
+    or      edi, 0x01
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [rbx + APIC_REG_LVT_LINT0], eax
+    mov     eax, [rbx + APIC_REG_LVT_LINT0] ; write completion
+htg_nolint0:
+    mov     eax, [rbx + APIC_REG_LVT_LINT1]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint1
+    or      edi, 0x02
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [rbx + APIC_REG_LVT_LINT1], eax
+    mov     eax, [rbx + APIC_REG_LVT_LINT1] ; write completion
+htg_nolint1:
+    mov     eax, [rbx + APIC_REG_LVT_PC]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nopc
+    or      edi, 0x04
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [rbx + APIC_REG_LVT_PC], eax
+    mov     eax, [rbx + APIC_REG_LVT_PC] ; write completion
+htg_nopc:
+    mov     eax, [rbx + APIC_REG_VERSION]
+    shr     eax, 16
+    cmp     al, 5
+    jb      htg_notherm
+    mov     eax, [rbx + APIC_REG_LVT_THMR]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_notherm
+    or      edi, 0x08
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [rbx + APIC_REG_LVT_THMR], eax
+    mov     eax, [rbx + APIC_REG_LVT_THMR] ; write completion
+htg_notherm:
+    mov     [rdx + CPUM.fApicDisVectors], edi
+htg_noapic:
+%endif
+
     FIXUP FIX_NO_SYSENTER_JMP, 0, htg_no_sysenter - NAME(Start) ; this will insert a jmp htg_no_sysenter if host doesn't use sysenter.
     ; save MSR_IA32_SYSENTER_CS register.
@@ -1049 +1104 @@
     mov     rdx, rbx
 
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    ;Unblock Local APIC NMI vectors
+    mov     ecx, [rdx + CPUM.fApicDisVectors]
+    mov     rbx, [rdx + CPUM.pvApicBase]
+    shr     ecx, 1
+    jnc     gth_nolint0
+    and     dword [rbx + APIC_REG_LVT_LINT0], ~APIC_REG_LVT_MASKED
+gth_nolint0:
+    shr     ecx, 1
+    jnc     gth_nolint1
+    and     dword [rbx + APIC_REG_LVT_LINT1], ~APIC_REG_LVT_MASKED
+gth_nolint1:
+    shr     ecx, 1
+    jnc     gth_nopc
+    and     dword [rbx + APIC_REG_LVT_PC], ~APIC_REG_LVT_MASKED
+gth_nopc:
+    shr     ecx, 1
+    jnc     gth_notherm
+    and     dword [rbx + APIC_REG_LVT_THMR], ~APIC_REG_LVT_MASKED
+gth_notherm:
+%endif
 
     ; restore general registers.

trunk/src/VBox/VMM/VMMSwitcher/LegacyandAMD64.mac

@@ -26 +26 @@
 ;*******************************************************************************
 %include "VBox/asmdefs.mac"
+%include "VBox/apic.mac"
 %include "VBox/x86.mac"
 %include "VBox/cpum.mac"
@@ -155 +156 @@
 %endif
 
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    CPUM_FROM_CPUMCPU_WITH_OFFSET edx, ebp
+    mov     ebx, [edx + CPUM.pvApicBase]
+    or      ebx, ebx
+    jz      htg_noapic
+    mov     eax, [ebx + APIC_REG_LVT_LINT0]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint0
+    or      edi, 0x01
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_LINT0], eax
+    mov     eax, [ebx + APIC_REG_LVT_LINT0] ; write completion
+htg_nolint0:
+    mov     eax, [ebx + APIC_REG_LVT_LINT1]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint1
+    or      edi, 0x02
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_LINT1], eax
+    mov     eax, [ebx + APIC_REG_LVT_LINT1] ; write completion
+htg_nolint1:
+    mov     eax, [ebx + APIC_REG_LVT_PC]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nopc
+    or      edi, 0x04
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_PC], eax
+    mov     eax, [ebx + APIC_REG_LVT_PC] ; write completion
+htg_nopc:
+    mov     eax, [ebx + APIC_REG_VERSION]
+    shr     eax, 16
+    cmp     al, 5
+    jb      htg_notherm
+    mov     eax, [ebx + APIC_REG_LVT_THMR]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_notherm
+    or      edi, 0x08
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_THMR], eax
+    mov     eax, [ebx + APIC_REG_LVT_THMR] ; write completion
+htg_notherm:
+    mov     [edx + CPUM.fApicDisVectors], edi
+htg_noapic:
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
+%endif
+
     ; control registers.
     mov     eax, cr0
@@ -287 +342 @@
     ; Load CPUM pointer into rdx
     mov     rdx, [NAME(pCpumIC) wrt rip]
-    CPUMCPU_FROM_CPUM_WITH_OFFSET    edx, ebp
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
 
     mov     rax, cs
@@ -369 +424 @@
     ; Load CPUM pointer into rdx
     mov     rdx, [NAME(pCpumIC) wrt rip]
-    CPUMCPU_FROM_CPUM_WITH_OFFSET    edx, ebp
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
 
 %ifdef VBOX_WITH_CRASHDUMP_MAGIC
@@ -516 +571 @@
     FIXUP FIX_GC_CPUM_OFF, 1, 0
     mov     edx, 0ffffffffh
-    CPUMCPU_FROM_CPUM_WITH_OFFSET    edx, ebp
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
     mov     esi, [edx + CPUMCPU.Host.cr3]
     mov     cr3, esi
@@ -523 +578 @@
     FIXUP FIX_HC_CPUM_OFF, 1, 0
     mov     edx, 0ffffffffh
-    CPUMCPU_FROM_CPUM_WITH_OFFSET    edx, ebp
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
 
     ; restore the host EFER
@@ -570 +625 @@
     ;mov     ecx, [edx + CPUMCPU.Host.cr2] ; assumes this is waste of time.
     ;mov     cr2, ecx
+
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    ; Restore blocked Local APIC NMI vectors
+    CPUM_FROM_CPUMCPU_WITH_OFFSET edx, ebp
+    mov     ebx, [edx + CPUM.pvApicBase]
+    mov     ecx, [edx + CPUM.fApicDisVectors]
+    CPUMCPU_FROM_CPUM_WITH_OFFSET edx, ebp
+    shr     ecx, 1
+    jnc     gth_nolint0
+    and     dword [ebx + APIC_REG_LVT_LINT0], ~APIC_REG_LVT_MASKED
+gth_nolint0:
+    shr     ecx, 1
+    jnc     gth_nolint1
+    and     dword [ebx + APIC_REG_LVT_LINT1], ~APIC_REG_LVT_MASKED
+gth_nolint1:
+    shr     ecx, 1
+    jnc     gth_nopc
+    and     dword [ebx + APIC_REG_LVT_PC], ~APIC_REG_LVT_MASKED
+gth_nopc:
+    shr     ecx, 1
+    jnc     gth_notherm
+    and     dword [ebx + APIC_REG_LVT_THMR], ~APIC_REG_LVT_MASKED
+gth_notherm:
+%endif
 
     ; restore general registers.

trunk/src/VBox/VMM/VMMSwitcher/PAEand32Bit.mac

@@ -22 +22 @@
 ;*******************************************************************************
 %include "VBox/asmdefs.mac"
+%include "VBox/apic.mac"
 %include "VBox/x86.mac"
 %include "VBox/cpum.mac"
@@ -136 +137 @@
     pushfd
     pop     dword [edx + CPUMCPU.Host.eflags]
+
+    ; Block Local APIC NMI vectors
+    xor     edi, edi
+
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    mov     esi, edx
+    CPUM_FROM_CPUMCPU(edx)
+    mov     ebx, [edx + CPUM.pvApicBase]
+    or      ebx, ebx
+    jz      htg_noapic
+    mov     eax, [ebx + APIC_REG_LVT_LINT0]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint0
+    or      edi, 0x01
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_LINT0], eax
+    mov     eax, [ebx + APIC_REG_LVT_LINT0] ; write completion
+htg_nolint0:
+    mov     eax, [ebx + APIC_REG_LVT_LINT1]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nolint1
+    or      edi, 0x02
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_LINT1], eax
+    mov     eax, [ebx + APIC_REG_LVT_LINT1] ; write completion
+htg_nolint1:
+    mov     eax, [ebx + APIC_REG_LVT_PC]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_nopc
+    or      edi, 0x04
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_PC], eax
+    mov     eax, [ebx + APIC_REG_LVT_PC] ; write completion
+htg_nopc:
+    mov     eax, [ebx + APIC_REG_VERSION]
+    shr     eax, 16
+    cmp     al, 5
+    jb      htg_notherm
+    mov     eax, [ebx + APIC_REG_LVT_THMR]
+    mov     ecx, eax
+    and     ecx, (APIC_REG_LVT_MASKED | APIC_REG_LVT_MODE_MASK)
+    cmp     ecx, APIC_REG_LVT_MODE_NMI
+    jne     htg_notherm
+    or      edi, 0x08
+    or      eax, APIC_REG_LVT_MASKED
+    mov     [ebx + APIC_REG_LVT_THMR], eax
+    mov     eax, [ebx + APIC_REG_LVT_THMR] ; write completion
+htg_notherm:
+    mov     [edx + CPUM.fApicDisVectors], edi
+htg_noapic:
+    mov     edx, esi
+%endif
 
     FIXUP FIX_NO_SYSENTER_JMP, 0, htg_no_sysenter - NAME(Start) ; this will insert a jmp htg_no_sysenter if host doesn't use sysenter.
@@ -935 +994 @@
 gth_debug_regs_no:
 
+%ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    mov     esi, edx
+    CPUM_FROM_CPUMCPU(edx)
+    ; Restore blocked Local APIC NMI vectors
+    mov     ebx, [edx + CPUM.pvApicBase]
+    mov     ecx, [edx + CPUM.fApicDisVectors]
+    mov     edx, esi
+    shr     ecx, 1
+    jnc     gth_nolint0
+    and     dword [ebx + APIC_REG_LVT_LINT0], ~APIC_REG_LVT_MASKED
+gth_nolint0:
+    shr     ecx, 1
+    jnc     gth_nolint1
+    and     dword [ebx + APIC_REG_LVT_LINT1], ~APIC_REG_LVT_MASKED
+gth_nolint1:
+    shr     ecx, 1
+    jnc     gth_nopc
+    and     dword [ebx + APIC_REG_LVT_PC], ~APIC_REG_LVT_MASKED
+gth_nopc:
+    shr     ecx, 1
+    jnc     gth_notherm
+    and     dword [ebx + APIC_REG_LVT_THMR], ~APIC_REG_LVT_MASKED
+gth_notherm:
+%endif
+
     ; restore general registers.
     mov     eax, edi                    ; restore return code. eax = return code !!

trunk/src/VBox/VMM/testcase/Makefile.kmk

@@ -107 +107 @@
   tstVMStructRC_DEFS    += VBOX_WITH_R0_LOGGING
  endif
+ ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+  tstVMStructRC_DEFS    += VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+ endif
  tstVMStructRC_SOURCES   = tstVMStructRC.cpp
  tstVMStructRC_INCS      = $(VBOX_PATH_VMM_SRC) $(VBOX_PATH_VMM_SRC)/PATM
@@ -129 +132 @@
  tstVMStructSize_DEFS  += VBOX_WITH_R0_LOGGING
 endif
+ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+ tstVMStructSize_DEFS  += VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+endif
 
 tstAsmStructs_TEMPLATE  = VBOXR3AUTOTST
@@ -137 +143 @@
 ifdef VBOX_WITH_R0_LOGGING
  tstAsmStructs_DEFS    += VBOX_WITH_R0_LOGGING
+endif
+ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+ tstAsmStructs_DEFS    += VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
 endif
 tstAsmStructs_INCS      = $(VBOX_PATH_VMM_SRC) $(VBOX_VMM_TESTCASE_OUT_DIR)
@@ -147 +156 @@
  ifdef VBOX_WITH_R0_LOGGING
   tstAsmStructsRC_DEFS  += VBOX_WITH_R0_LOGGING
+ endif
+ ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+  tstAsmStructsRC_DEFS  += VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
  endif
  tstAsmStructsRC_INCS    = $(VBOX_PATH_VMM_SRC) $(VBOX_VMM_TESTCASE_OUT_DIR)
@@ -286 +298 @@
                         $(DEFS.$(KBUILD_TARGET_ARCH)) \
                         $(DEFS.$(KBUILD_TARGET).$(KBUILD_TARGET_ARCH)) \
+                        $(if $(VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI),VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI,) \
                 ) \
                 -f $(if $(eq $(KBUILD_TARGET),darwin),macho,elf) \

trunk/src/VBox/VMM/testcase/tstVMStructSize.cpp

@@ -260 +260 @@
     CHECK_MEMBER_ALIGNMENT(VM, aCpus[0].cpum.s.Hyper, 64);
     CHECK_MEMBER_ALIGNMENT(VM, aCpus[1].cpum.s.Hyper, 64);
+#ifdef VBOX_WITH_VMMR0_DISABLE_LAPIC_NMI
+    CHECK_MEMBER_ALIGNMENT(VM, cpum.s.pvApicBase, 8);
+#endif
     CHECK_MEMBER_ALIGNMENT(VM, cpum.s.GuestEntry, 64);