Changeset 47205 in vbox

Timestamp:

Jul 16, 2013 5:54:56 PM (12 years ago)

Author:

vboxsync

Message:

IEM: Got further in the long mode interrupt dispatching code.

File:

• trunk/src/VBox/VMM/VMMAll/IEMAll.cpp (modified) (7 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAll.cpp

@@ -2184 +2184 @@
         return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
     }
-    /** @todo is the RPL of the interrupt/trap gate descriptor checked? */
+
+    /* Make sure the selector is present. */
+    if (!DescCS.Legacy.Gen.u1Present)
+    {
+        Log(("RaiseXcptOrIntInProtMode %#x - CS=%#x - segment not present -> #NP\n", u8Vector, NewCS));
+        return iemRaiseSelectorNotPresentBySelector(pIemCpu, NewCS);
+    }
 
     /* Check the new EIP against the new CS limit. */
@@ -2197 +2203 @@
              u8Vector, NewCS, DescCS.Legacy.Gen.u2Dpl, pIemCpu->uCpl));
         return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
-    }
-
-    /* Make sure the selector is present. */
-    if (!DescCS.Legacy.Gen.u1Present)
-    {
-        Log(("RaiseXcptOrIntInProtMode %#x - CS=%#x - segment not present -> #NP\n", u8Vector, NewCS));
-        return iemRaiseSelectorNotPresentBySelector(pIemCpu, NewCS);
     }
 
@@ -2409 +2408 @@
 {
     NOREF(cbInstr);
-#if 0
+
     /*
      * Read the IDT entry.
@@ -2450 +2449 @@
             Log(("iemRaiseXcptOrIntInLongMode %#x - invalid type (%#x) -> #GP\n", u8Vector, Idte.Gate.u4Type));
             return iemRaiseGeneralProtectionFault(pIemCpu, X86_TRAP_ERR_IDT | ((uint16_t)u8Vector << X86_TRAP_ERR_SEL_SHIFT));
-
-        IEM_NOT_REACHED_DEFAULT_CASE_RET();
     }
 
@@ -2494 +2491 @@
         return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
     }
-    /** @todo what do we check here?  */
-    if (!DescCS.Long.Gen.u1Long || DescCS.Long.Gen.u1DefBig)
-    {
-        Log(("iemRaiseXcptOrIntInLongMode %#x - CS=%#x -  (%#x) -> #GP\n", u8Vector, NewCS, DescCS.Legacy.Gen.u4Type));
+    if (   !DescCS.Long.Gen.u1Long
+        || DescCS.Long.Gen.u1DefBig
+        || (DescCS.Long.Gen.u4Type & X86_SEL_TYPE_CODE) )
+    {
+        Log(("iemRaiseXcptOrIntInLongMode %#x - CS=%#x - not 64-bit code selector (%#x, L=%u, D=%u) -> #GP\n",
+             u8Vector, NewCS, DescCS.Legacy.Gen.u4Type, DescCS.Long.Gen.u1Long, DescCS.Long.Gen.u1DefBig));
         return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
     }
@@ -2512 +2511 @@
         return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
     }
-    /** @todo is the RPL of the interrupt/trap gate descriptor checked? */
-
-    /* Check the new EIP against the new CS limit. */
-    uint32_t const uNewEip =    Idte.Gate.u4Type == X86_SEL_TYPE_SYS_286_INT_GATE
-                             || Idte.Gate.u4Type == X86_SEL_TYPE_SYS_286_TRAP_GATE
-                           ? Idte.Gate.u16OffsetLow
-                           : Idte.Gate.u16OffsetLow | ((uint32_t)Idte.Gate.u16OffsetHigh << 16);
-    uint32_t cbLimitCS = X86DESC_LIMIT_G(&DescCS.Legacy);
-    if (uNewEip > cbLimitCS)
-    {
-        Log(("iemRaiseXcptOrIntInLongMode %#x - CS=%#x - DPL (%d) > CPL (%d) -> #GP\n",
-             u8Vector, NewCS, DescCS.Legacy.Gen.u2Dpl, pIemCpu->uCpl));
-        return iemRaiseGeneralProtectionFault(pIemCpu, NewCS & X86_SEL_MASK_OFF_RPL);
-    }
 
     /* Make sure the selector is present. */
@@ -2534 +2519 @@
     }
 
+    /* Check that the new RIP is canonical. */
+    uint64_t const uNewRip = Idte.Gate.u16OffsetLow
+                           | ((uint32_t)Idte.Gate.u16OffsetHigh << 16)
+                           | ((uint64_t)Idte.Gate.u32OffsetTop  << 32);
+    if (IEM_IS_CANONICAL(uNewRip))
+    {
+        Log(("iemRaiseXcptOrIntInLongMode %#x - RIP=%#x - Not canonical -> #GP(0)\n", u8Vector, uNewRip));
+        return iemRaiseGeneralProtectionFault0(pIemCpu);
+    }
+
+#if 0
     /*
      * If the privilege level changes, we need to get a new stack from the TSS.