Changeset 55290 in vbox for trunk/src/VBox

Timestamp:

Apr 15, 2015 3:04:30 PM (10 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

99609

Message:

HM: Save/Load/Restore XCR0 handling during world switching. Implemented XSETBV for VT-x.

Location:

trunk/src/VBox/VMM

Files:

• VMMR0/HMR0A.asm (modified) (10 diffs)
• VMMR0/HMR0Mixed.mac (modified) (19 diffs)
• VMMR0/HMSVMR0.cpp (modified) (3 diffs)
• VMMR0/HMVMXR0.cpp (modified) (13 diffs)
• VMMSwitcher/LegacyandAMD64.mac (modified) (9 diffs)
• include/HMInternal.h (modified) (2 diffs)
• include/HMInternal.mac (modified) (1 diff)
• testcase/Makefile.kmk (modified) (1 diff)

trunk/src/VBox/VMM/VMMR0/HMR0A.asm

@@ -5 +5 @@
 
 ;
-; Copyright (C) 2006-2013 Oracle Corporation
+; Copyright (C) 2006-2015 Oracle Corporation
 ;
 ; This file is part of VirtualBox Open Source Edition (OSE), as
@@ -23 +23 @@
 %include "VBox/vmm/hm_vmx.mac"
 %include "VBox/vmm/cpum.mac"
+%include "VBox/vmm/vm.mac"
 %include "iprt/x86.mac"
 %include "HMInternal.mac"
@@ -1410 +1411 @@
  ;
 
-; DECLASM(int) VMXR0StartVM32(RTHCUINT fResume, PCPUMCTX pCtx, PVMCSCACHE pCache /*, PVM pVM, PVMCPU pVCpu*/);
+; DECLASM(int) VMXR0StartVM32(RTHCUINT fResume, PCPUMCTX pCtx, PVMCSCACHE pCache, PVM pVM, PVMCPU pVCpu);
 ALIGNCODE(16)
 BEGINPROC VMXR0StartVM32
@@ -1433 +1434 @@
     mov     esi, [rsp + 20h + 18h]      ; pCtx
     mov     edx, [rsp + 20h + 1Ch]      ; pCache
+    mov     ecx, [rsp + 20h + 20h]      ; pVM
+    mov     r8,  [rsp + 20h + 24h]      ; pVCpu
     call    NAME(VMXR0StartVM32_64)
     add     esp, 20h
@@ -1450 +1453 @@
 
 
-; DECLASM(int) VMXR0StartVM64(RTHCUINT fResume, PCPUMCTX pCtx, PVMCSCACHE pCache /*, PVM pVM, PVMCPU pVCpu*/);
+; DECLASM(int) VMXR0StartVM64(RTHCUINT fResume, PCPUMCTX pCtx, PVMCSCACHE pCache, PVM pVM, PVMCPU pVCpu);
 ALIGNCODE(16)
 BEGINPROC VMXR0StartVM64
@@ -1473 +1476 @@
     mov     esi, [rsp + 20h + 18h]      ; pCtx
     mov     edx, [rsp + 20h + 1Ch]      ; pCache
+    mov     ecx, [rsp + 20h + 20h]      ; pVM
+    mov     r8,  [rsp + 20h + 24h]      ; pVCpu
     call    NAME(VMXR0StartVM64_64)
     add     esp, 20h
@@ -1493 +1498 @@
 ENDPROC   VMXR0StartVM64
 
-;DECLASM(int) SVMR0VMRun(RTHCPHYS pVMCBHostPhys, RTHCPHYS pVMCBPhys, PCPUMCTX pCtx /*, PVM pVM, PVMCPU pVCpu*/);
+;DECLASM(int) SVMR0VMRun(RTHCPHYS pVMCBHostPhys, RTHCPHYS pVMCBPhys, PCPUMCTX pCtx, PVM pVM, PVMCPU pVCpu);
 ALIGNCODE(16)
 BEGINPROC SVMR0VMRun
@@ -1516 +1521 @@
     mov     rsi, [rsp + 20h + 1Ch]      ; pVMCBPhys
     mov     edx, [rsp + 20h + 24h]      ; pCtx
+    mov     ecx, [rsp + 20h + 20h]      ; pVM
+    mov     r8,  [rsp + 20h + 24h]      ; pVCpu
     call    NAME(SVMR0VMRun_64)
     add     esp, 20h
@@ -1533 +1540 @@
 
 
-; DECLASM(int) SVMR0VMRun64(RTHCPHYS pVMCBHostPhys, RTHCPHYS pVMCBPhys, PCPUMCTX pCtx /*, PVM pVM, PVMCPU pVCpu*/);
+; DECLASM(int) SVMR0VMRun64(RTHCPHYS pVMCBHostPhys, RTHCPHYS pVMCBPhys, PCPUMCTX pCtx, PVM pVM, PVMCPU pVCpu);
 ALIGNCODE(16)
 BEGINPROC SVMR0VMRun64
@@ -1556 +1563 @@
     mov     rsi, [rbp + 20h + 1Ch]      ; pVMCBPhys
     mov     edx, [rbp + 20h + 24h]      ; pCtx
+    mov     ecx, [rsp + 20h + 20h]      ; pVM
+    mov     r8,  [rsp + 20h + 24h]      ; pVCpu
     call    NAME(SVMR0VMRun64_64)
     add     esp, 20h

trunk/src/VBox/VMM/VMMR0/HMR0Mixed.mac

@@ -124 +124 @@
     MYPOPSEGS xAX, ax
 
+    ; Restore the host XCR0 if necessary.
+    pop     xCX
+    test    ecx, ecx
+    jnz     %%xcr0_after_skip
+    pop     xAX
+    pop     xDX
+    xsetbv                              ; ecx is already zero.
+%%xcr0_after_skip:
+
     ; Restore general purpose registers.
     MYPOPAD
@@ -129 +138 @@
 
 
-;/**
-; * Prepares for and executes VMLAUNCH/VMRESUME (32 bits guest mode)
-; *
-; * @returns VBox status code
-; * @param   fResume    x86:[ebp+8], msc:rcx,gcc:rdi     Whether to use vmlauch/vmresume.
-; * @param   pCtx       x86:[ebp+c], msc:rdx,gcc:rsi     Pointer to the guest-CPU context.
-; * @param   pCache     x86:[esp+10],msc:r8, gcc:rdx     Pointer to the VMCS cache.
-; */
+;;
+; Prepares for and executes VMLAUNCH/VMRESUME (32 bits guest mode)
+;
+; @returns VBox status code
+; @param    fResume    x86:[ebp+8], msc:rcx,gcc:rdi     Whether to use vmlauch/vmresume.
+; @param    pCtx       x86:[ebp+c], msc:rdx,gcc:rsi     Pointer to the guest-CPU context.
+; @param    pCache     x86:[ebp+10],msc:r8, gcc:rdx     Pointer to the VMCS cache.
+; @param    pVM        x86:[ebp+14],msc:r9, gcc:rcx     Pointer to the cross context VM structure.
+; @param    pVCpu      x86:[ebp+18],msc:[ebp+30],gcc:r8 Pointer to the cross context VMCPU structure.
+;
 ALIGNCODE(16)
 BEGINPROC MY_NAME(VMXR0StartVM32)
@@ -145 +156 @@
     cli
 
+    ;
     ; Save all general purpose host registers.
+    ;
     MYPUSHAD
 
-    ; First we have to save some final CPU context registers.
+    ;
+    ; First we have to write some final guest CPU context registers.
+    ;
     mov     eax, VMX_VMCS_HOST_RIP
 %ifdef RT_ARCH_AMD64
@@ -159 +174 @@
     ; Note: assumes success!
 
-    ; Save guest-CPU context pointer.
+    ;
+    ; Unify input parameter registers.
+    ;
 %ifdef RT_ARCH_AMD64
  %ifdef ASM_CALL64_GCC
@@ -176 +193 @@
 %endif
 
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ; Note! Trashes rdx and rcx.
+    ;
+%ifdef ASM_CALL64_MSC
+    mov     rax, [xBP + 30h]            ; pVCpu
+%elifdef ASM_CALL64_GCC
+    mov     rax, r8                     ; pVCpu
+%else
+    mov     eax, [xBP + 18h]            ; pVCpu
+%endif
+    test    byte [xAX + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    xDX
+    push    xAX
+
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
+
+    ;
     ; Save segment registers.
-    ; Note: MYPUSHSEGS trashes rdx & rcx, so we moved it here (msvc amd64 case).
+    ; Note! Trashes rdx & rcx, so we moved it here (amd64 case).
+    ;
     MYPUSHSEGS xAX, ax
 
@@ -382 +432 @@
     MYPOPSEGS xAX, ax
 
+    ; Restore the host XCR0 if necessary.
+    pop     xCX
+    test    ecx, ecx
+    jnz     %%xcr0_after_skip
+    pop     xAX
+    pop     xDX
+    xsetbv                              ; ecx is already zero.
+%%xcr0_after_skip:
+
     ; Restore general purpose registers.
     MYPOPAD
@@ -387 +446 @@
 
 
-;/**
-; * Prepares for and executes VMLAUNCH/VMRESUME (64 bits guest mode)
-; *
-; * @returns VBox status code
-; * @param   fResume    msc:rcx, gcc:rdi     Whether to use vmlauch/vmresume.
-; * @param   pCtx       msc:rdx, gcc:rsi     Pointer to the guest-CPU context.
-; * @param   pCache     msc:r8,  gcc:rdx     Pointer to the VMCS cache.
-; */
+;;
+; Prepares for and executes VMLAUNCH/VMRESUME (64 bits guest mode)
+;
+; @returns VBox status code
+; @param    fResume    msc:rcx, gcc:rdi     Whether to use vmlauch/vmresume.
+; @param    pCtx       msc:rdx, gcc:rsi     Pointer to the guest-CPU context.
+; @param    pCache     msc:r8,  gcc:rdx     Pointer to the VMCS cache.
+; @param    pVM        msc:r9,  gcc:rcx     Pointer to the cross context VM structure.
+; @param    pVCpu      msc:[ebp+30], gcc:r8 Pointer to the cross context VMCPU structure.
+;
 ALIGNCODE(16)
 BEGINPROC MY_NAME(VMXR0StartVM64)
@@ -412 +473 @@
     ; Note: assumes success!
 
-    ; Save guest-CPU context pointer.
+    ;
+    ; Unify the input parameter registers.
+    ;
 %ifdef ASM_CALL64_GCC
     ; fResume already in rdi
@@ -423 +486 @@
 %endif
 
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ; Note! Trashes rdx and rcx.
+    ;
+%ifdef ASM_CALL64_MSC
+    mov     rax, [xBP + 30h]            ; pVCpu
+%else
+    mov     rax, r8                     ; pVCpu
+%endif
+    test    byte [xAX + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    xDX
+    push    xAX
+
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
+
+    ;
     ; Save segment registers.
-    ; Note: MYPUSHSEGS trashes rdx & rcx, so we moved it here (msvc amd64 case).
+    ; Note! Trashes rdx & rcx, so we moved it here (amd64 case).
+    ;
     MYPUSHSEGS xAX, ax
 
@@ -547 +641 @@
 
 
-;/**
-; * Prepares for and executes VMRUN (32 bits guests)
-; *
-; * @returns VBox status code
-; * @param   HCPhysVMCB     Physical address of host VMCB.
-; * @param   HCPhysVMCB     Physical address of guest VMCB.
-; * @param   pCtx           Pointer to the guest CPU-context.
-; */
+;;
+; Prepares for and executes VMRUN (32 bits guests)
+;
+; @returns  VBox status code
+; @param    HCPhysVMCB      Physical address of host VMCB.
+; @param    HCPhysVMCB      Physical address of guest VMCB.
+; @param    pCtx            Pointer to the guest CPU-context.
+; @param    pVM             msc:r9, gcc:rcx     Pointer to the cross context VM structure.
+; @param    pVCpu           msc:[rsp+28],gcc:r8 Pointer to the cross context VMCPU structure.
+;
 ALIGNCODE(16)
 BEGINPROC MY_NAME(SVMR0VMRun)
 %ifdef RT_ARCH_AMD64 ; fake a cdecl stack frame
  %ifdef ASM_CALL64_GCC
+    push    r8
+    push    rcx
     push    rdx
     push    rsi
     push    rdi
  %else
-    push    r8
-    push    rdx
-    push    rcx
+    mov     rax, [rsp + 28h]
+    push    rax                         ; pVCpu
+    push    r9                          ; pVM
+    push    r8                          ; pCtx
+    push    rdx                         ; HCPHYSGuestVMCB
+    push    rcx                         ; HCPhysHostVMCB
  %endif
     push    0
@@ -573 +674 @@
     pushf
 
+    ;
     ; Save all general purpose host registers.
+    ;
     MYPUSHAD
 
-    ; Save guest CPU-context pointer.
+    ;
+    ; Load pCtx into xSI.
+    ;
     mov     xSI, [xBP + xCB * 2 + RTHCPHYS_CB * 2]  ; pCtx
-    push    xSI                                     ; push for saving the state at the end
+
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ;
+    mov     xAX, [xBP + xCB * 2 + RTHCPHYS_CB * 2 + xCB * 2] ; pVCpu
+    test    byte [xAX + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    xDX
+    push    xAX
+
+    mov     xSI, [xBP + xCB * 2 + RTHCPHYS_CB * 2]  ; pCtx
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
+
+    ;
+    ; Save guest CPU-context pointer for simplifying saving of the GPRs afterwards.
+    ;
+    push    xSI
 
     ; Save host fs, gs, sysenter msr etc.
@@ -619 +753 @@
     stgi
 
-    pop     xAX                     ; pCtx
+    ;
+    ; Pop the context pointer (pushed above) and save the guest GPRs (sans RSP and RAX).
+    ;
+    pop     xAX
 
     mov     [ss:xAX + CPUMCTX.ebx], ebx
@@ -628 +765 @@
     mov     [ss:xAX + CPUMCTX.ebp], ebp
 
+    ;
+    ; Restore the host xcr0 if necessary.
+    ;
+    pop     xCX
+    test    ecx, ecx
+    jnz     .xcr0_after_skip
+    pop     xAX
+    pop     xDX
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip:
+
+    ;
     ; Restore host general purpose registers.
+    ;
     MYPOPAD
 
@@ -636 +786 @@
     pop     xBP
 %ifdef RT_ARCH_AMD64
-    add     xSP, 4*xCB
+    add     xSP, 6*xCB
 %endif
     ret
@@ -642 +792 @@
 
 %ifdef RT_ARCH_AMD64
-;/**
-; * Prepares for and executes VMRUN (64 bits guests)
-; *
-; * @returns VBox status code
-; * @param   HCPhysVMCB     Physical address of host VMCB.
-; * @param   HCPhysVMCB     Physical address of guest VMCB.
-; * @param   pCtx           Pointer to the guest-CPU context.
-; */
+;;
+; Prepares for and executes VMRUN (64 bits guests)
+;
+; @returns  VBox status code
+; @param    HCPhysVMCB      Physical address of host VMCB.
+; @param    HCPhysVMCB      Physical address of guest VMCB.
+; @param    pCtx            Pointer to the guest-CPU context.
+; @param    pVM             msc:r9, gcc:rcx     Pointer to the cross context VM structure.
+; @param    pVCpu           msc:[rsp+28],gcc:r8 Pointer to the cross context VMCPU structure.
+;
 ALIGNCODE(16)
 BEGINPROC MY_NAME(SVMR0VMRun64)
     ; Fake a cdecl stack frame
  %ifdef ASM_CALL64_GCC
+    push    r8
+    push    rcx
     push    rdx
     push    rsi
     push    rdi
  %else
-    push    r8
-    push    rdx
-    push    rcx
- %endif
-    push    0
-    push    rbp
+    mov     rax, [rsp + 28h]
+    push    rax                         ; rbp + 30h pVCpu
+    push    r9                          ; rbp + 28h pVM
+    push    r8                          ; rbp + 20h pCtx
+    push    rdx                         ; rbp + 18h HCPHYSGuestVMCB
+    push    rcx                         ; rbp + 10h HCPhysHostVMCB
+ %endif
+    push    0                           ; rbp + 08h "fake ret addr"
+    push    rbp                         ; rbp + 00h
     mov     rbp, rsp
     pushf
@@ -677 +834 @@
     ;
 
+    ;
     ; Save all general purpose host registers.
+    ;
     MYPUSHAD
 
-    ; Save guest CPU-context pointer.
-    mov     rsi, [rbp + xCB * 2 + RTHCPHYS_CB * 2]  ; pCtx
-    push    rsi                                     ; push for saving the state at the end
-
+    ;
+    ; Load pCtx into xSI.
+    ;
+    mov     xSI, [rbp + xCB * 2 + RTHCPHYS_CB * 2]
+
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ;
+    mov     rax, [xBP + 30h]            ; pVCpu
+    test    byte [xAX + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    xDX
+    push    xAX
+
+    mov     xSI, [xBP + xCB * 2 + RTHCPHYS_CB * 2]  ; pCtx
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
+
+    ;
+    ; Save guest CPU-context pointer for simplifying saving of the GPRs afterwards.
+    ;
+    push    rsi
+
+    ;
     ; Save host fs, gs, sysenter msr etc.
+    ;
     mov     rax, [rbp + xCB * 2]                    ; pVMCBHostPhys (64 bits physical address; x86: take low dword only)
     push    rax                                     ; Save for the vmload after vmrun
@@ -723 +915 @@
     vmsave
 
+    ;
     ; Load host fs, gs, sysenter msr etc.
+    ;
     pop     rax                     ; pushed above
     vmload
 
+    ;
     ; Set the global interrupt flag again, but execute cli to make sure IF=0.
+    ;
     cli
     stgi
 
-    pop     rax                     ; pCtx
+    ;
+    ; Pop the context pointer (pushed above) and save the guest GPRs (sans RSP and RAX).
+    ;
+    pop     rax
 
     mov     qword [rax + CPUMCTX.ebx], rbx
@@ -748 +947 @@
     mov     qword [rax + CPUMCTX.r15], r15
 
+    ;
+    ; Restore the host xcr0 if necessary.
+    ;
+    pop     xCX
+    test    ecx, ecx
+    jnz     .xcr0_after_skip
+    pop     xAX
+    pop     xDX
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip:
+
+    ;
     ; Restore host general purpose registers.
+    ;
     MYPOPAD
 
@@ -755 +967 @@
     popf
     pop     rbp
-    add     rsp, 4 * xCB
+    add     rsp, 6 * xCB
     ret
 ENDPROC MY_NAME(SVMR0VMRun64)

trunk/src/VBox/VMM/VMMR0/HMSVMR0.cpp

@@ -1026 +1026 @@
 DECLASM(int) SVMR0VMSwitcherRun64(RTHCPHYS HCPhysVmcbHost, RTHCPHYS HCPhysVmcb, PCPUMCTX pCtx, PVM pVM, PVMCPU pVCpu)
 {
-    uint32_t aParam[4];
+    uint32_t aParam[8];
     aParam[0] = (uint32_t)(HCPhysVmcbHost);             /* Param 1: HCPhysVmcbHost - Lo. */
     aParam[1] = (uint32_t)(HCPhysVmcbHost >> 32);       /* Param 1: HCPhysVmcbHost - Hi. */
     aParam[2] = (uint32_t)(HCPhysVmcb);                 /* Param 2: HCPhysVmcb - Lo. */
     aParam[3] = (uint32_t)(HCPhysVmcb >> 32);           /* Param 2: HCPhysVmcb - Hi. */
-
-    return SVMR0Execute64BitsHandler(pVM, pVCpu, pCtx, HM64ON32OP_SVMRCVMRun64, 4, &aParam[0]);
+    aParam[4] = VM_RC_ADDR(pVM, pVM);
+    aParam[5] = 0;
+    aParam[6] = VM_RC_ADDR(pVM, pVCpu);
+    aParam[7] = 0;
+
+    return SVMR0Execute64BitsHandler(pVM, pVCpu, pCtx, HM64ON32OP_SVMRCVMRun64, RT_ELEMENTS(aParam), &aParam[0]);
 }
 
@@ -1044 +1048 @@
  * @param   pCtx        Pointer to the guest-CPU context.
  * @param   enmOp       The operation to perform.
- * @param   cbParam     Number of parameters.
+ * @param   cParams     Number of parameters.
  * @param   paParam     Array of 32-bit parameters.
  */
-VMMR0DECL(int) SVMR0Execute64BitsHandler(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx, HM64ON32OP enmOp, uint32_t cbParam,
-                                         uint32_t *paParam)
+VMMR0DECL(int) SVMR0Execute64BitsHandler(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx, HM64ON32OP enmOp,
+                                         uint32_t cParams, uint32_t *paParam)
 {
     AssertReturn(pVM->hm.s.pfnHost32ToGuest64R0, VERR_HM_NO_32_TO_64_SWITCHER);
@@ -1063 +1067 @@
     CPUMSetHyperESP(pVCpu, VMMGetStackRC(pVCpu));
     CPUMSetHyperEIP(pVCpu, enmOp);
-    for (int i = (int)cbParam - 1; i >= 0; i--)
+    for (int i = (int)cParams - 1; i >= 0; i--)
         CPUMPushHyper(pVCpu, paParam[i]);
 

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -5216 +5216 @@
  * @param   pCtx        Pointer to the guest CPU context.
  * @param   enmOp       The operation to perform.
- * @param   cbParam     Number of parameters.
+ * @param   cParams     Number of parameters.
  * @param   paParam     Array of 32-bit parameters.
  */
-VMMR0DECL(int) VMXR0Execute64BitsHandler(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx, HM64ON32OP enmOp, uint32_t cbParam,
-                                         uint32_t *paParam)
+VMMR0DECL(int) VMXR0Execute64BitsHandler(PVM pVM, PVMCPU pVCpu, PCPUMCTX pCtx, HM64ON32OP enmOp,
+                                         uint32_t cParams, uint32_t *paParam)
 {
     int             rc, rc2;
@@ -5261 +5261 @@
     CPUMSetHyperESP(pVCpu, VMMGetStackRC(pVCpu));
     CPUMSetHyperEIP(pVCpu, enmOp);
-    for (int i = (int)cbParam - 1; i >= 0; i--)
+    for (int i = (int)cParams - 1; i >= 0; i--)
         CPUMPushHyper(pVCpu, paParam[i]);
 
@@ -5304 +5304 @@
 DECLASM(int) VMXR0SwitcherStartVM64(RTHCUINT fResume, PCPUMCTX pCtx, PVMCSCACHE pCache, PVM pVM, PVMCPU pVCpu)
 {
-    uint32_t         aParam[6];
     PHMGLOBALCPUINFO pCpu          = NULL;
     RTHCPHYS         HCPhysCpuPage = 0;
@@ -5328 +5327 @@
 #endif
 
+    uint32_t aParam[10];
     aParam[0] = (uint32_t)(HCPhysCpuPage);                              /* Param 1: VMXON physical address - Lo. */
     aParam[1] = (uint32_t)(HCPhysCpuPage >> 32);                        /* Param 1: VMXON physical address - Hi. */
@@ -5334 +5334 @@
     aParam[4] = VM_RC_ADDR(pVM, &pVM->aCpus[pVCpu->idCpu].hm.s.vmx.VMCSCache);
     aParam[5] = 0;
+    aParam[6] = VM_RC_ADDR(pVM, pVM);
+    aParam[7] = 0;
+    aParam[8] = VM_RC_ADDR(pVM, pVCpu);
+    aParam[9] = 0;
 
 #ifdef VBOX_WITH_CRASHDUMP_MAGIC
@@ -5339 +5343 @@
     *(uint32_t *)(pVM->hm.s.vmx.pScratch + 16 + 8) = 1;
 #endif
-    rc = VMXR0Execute64BitsHandler(pVM, pVCpu, pCtx, HM64ON32OP_VMXRCStartVM64, 6, &aParam[0]);
+    rc = VMXR0Execute64BitsHandler(pVM, pVCpu, pCtx, HM64ON32OP_VMXRCStartVM64, RT_ELEMENTS(aParam), &aParam[0]);
 
 #ifdef VBOX_WITH_CRASHDUMP_MAGIC
@@ -6694 +6698 @@
 /**
  * Saves the entire guest state from the currently active VMCS into the
- * guest-CPU context. This essentially VMREADs all guest-data.
+ * guest-CPU context.
+ *
+ * This essentially VMREADs all guest-data.
  *
  * @returns VBox status code.
@@ -6754 +6760 @@
         VMMR0LogFlushEnable(pVCpu);
 
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Saves basic guest registers needed for IEM instruction execution.
+ *
+ * @returns VBox status code (OR-able).
+ * @param   pVCpu       Pointer to the cross context CPU data for the calling
+ *                      EMT.
+ * @param   pMixedCtx   Pointer to the CPU context of the guest.
+ * @param   fMemory     Whether the instruction being executed operates on
+ *                      memory or not.  Only CR0 is synced up if clear.
+ * @param   fNeedRsp    Need RSP (any instruction working on GPRs or stack).
+ */
+static int hmR0VmxSaveGuestRegsForIemExec(PVMCPU pVCpu, PCPUMCTX pMixedCtx, bool fMemory, bool fNeedRsp)
+{
+    /*
+     * We assume all general purpose registers other than RSP are available.
+     *
+     * RIP is a must as it will be incremented or otherwise changed.
+     *
+     * RFLAGS are always required to figure the CPL.
+     *
+     * RSP isn't always required, however it's a GPR so frequently required.
+     *
+     * SS and CS are the only segment register needed if IEM doesn't do memory
+     * access (CPL + 16/32/64-bit mode), but we can only get all segment registers.
+     *
+     * CR0 is always required by IEM for the CPL, while CR3 and CR4 will only
+     * be required for memory accesses.
+     *
+     * Note! Before IEM dispatches an exception, it will call us to sync in everything.
+     */
+    int rc  = hmR0VmxSaveGuestRip(pVCpu, pMixedCtx);
+    rc     |= hmR0VmxSaveGuestRflags(pVCpu, pMixedCtx);
+    if (fNeedRsp)
+        rc |= hmR0VmxSaveGuestRsp(pVCpu, pMixedCtx);
+    rc     |= hmR0VmxSaveGuestSegmentRegs(pVCpu, pMixedCtx);
+    if (!fMemory)
+        rc |= hmR0VmxSaveGuestCR0(pVCpu, pMixedCtx);
+    else
+        rc |= hmR0VmxSaveGuestControlRegs(pVCpu, pMixedCtx);
     return rc;
 }
@@ -10593 +10642 @@
     HMVMX_VALIDATE_EXIT_HANDLER_PARAMS();
 
-    /* We expose XSETBV to the guest, fallback to the interpreter for emulation. */
-    /** @todo check if XSETBV is supported by the recompiler. */
-    return VERR_EM_INTERPRETER;
+    int rc = hmR0VmxReadEntryInstrLenVmcs(pVmxTransient);
+    rc |= hmR0VmxSaveGuestRegsForIemExec(pVCpu, pMixedCtx, false /*fMemory*/, false /*fNeedRsp*/);
+    rc |= hmR0VmxSaveGuestCR4(pVCpu, pMixedCtx);
+    AssertRCReturn(rc, rc);
+
+    VBOXSTRICTRC rcStrict = IEMExecDecodedXsetbv(pVCpu, pVmxTransient->cbInstr);
+    HMCPU_CF_SET(pVCpu, rcStrict != VINF_IEM_RAISED_XCPT ? HM_CHANGED_GUEST_RIP | HM_CHANGED_GUEST_RFLAGS : HM_CHANGED_ALL_GUEST);
+
+    pVCpu->hm.s.fLoadSaveGuestXcr0 = (pMixedCtx->cr4 & X86_CR4_OSXSAVE) && pMixedCtx->aXcr[0] != ASMGetXcr0();
+
+    return VBOXSTRICTRC_VAL(rcStrict);
 }
 
@@ -10967 +11024 @@
     PVM pVM                              = pVCpu->CTX_SUFF(pVM);
     VBOXSTRICTRC rcStrict;
-    rc  = hmR0VmxSaveGuestRipRspRflags(pVCpu, pMixedCtx);
-    rc |= hmR0VmxSaveGuestSegmentRegs(pVCpu, pMixedCtx); /* Only really need CS+SS. */
+    rc  = hmR0VmxSaveGuestRegsForIemExec(pVCpu, pMixedCtx, false /*fMemory*/, true /*fNeedRsp*/);
     switch (uAccessType)
     {
@@ -10996 +11052 @@
                     break;
                 case 4: /* CR4 */
+                    pVCpu->hm.s.fLoadSaveGuestXcr0 = (pMixedCtx->cr4 & X86_CR4_OSXSAVE) && pMixedCtx->aXcr[0] != ASMGetXcr0();
                     HMCPU_CF_SET(pVCpu, HM_CHANGED_GUEST_CR4);
-                    Log4(("CRX CR4 write rc=%Rrc CR4=%#RX64\n", VBOXSTRICTRC_VAL(rcStrict), pMixedCtx->cr4));
+                    Log4(("CRX CR4 write rc=%Rrc CR4=%#RX64 fLoadSaveGuestXcr0=%u\n",
+                          VBOXSTRICTRC_VAL(rcStrict), pMixedCtx->cr4, pVCpu->hm.s.fLoadSaveGuestXcr0));
                     break;
                 case 8: /* CR8 */
@@ -11038 +11096 @@
         case VMX_EXIT_QUALIFICATION_CRX_ACCESS_CLTS:        /* CLTS (Clear Task-Switch Flag in CR0) */
         {
-            rc |= hmR0VmxSaveGuestCR0(pVCpu, pMixedCtx);
             AssertRCReturn(rc, rc);
             rcStrict = IEMExecDecodedClts(pVCpu, pVmxTransient->cbInstr);
@@ -11050 +11107 @@
         case VMX_EXIT_QUALIFICATION_CRX_ACCESS_LMSW:        /* LMSW (Load Machine-Status Word into CR0) */
         {
-            rc |= hmR0VmxSaveGuestCR0(pVCpu, pMixedCtx);
             AssertRCReturn(rc, rc);
             rcStrict = IEMExecDecodedLmsw(pVCpu, pVmxTransient->cbInstr,

trunk/src/VBox/VMM/VMMSwitcher/LegacyandAMD64.mac

@@ -809 +809 @@
 ; * @param   HCPhysVmcs     VMCS physical address   [rsp+16]
 ; * @param   pCache         VMCS cache              [rsp+24]
+; * @param   pVM            The VM handle           [rbp+28h]
+; * @param   pVM            The VMCPU handle.       [rbp+30h]
 ; * @param   pCtx           Guest context (rsi)
 ; */
@@ -953 +955 @@
     ; Manual save and restore:
     ;  - General purpose registers except RIP, RSP
+    ;  - XCR0
     ;
     ; Trashed:
@@ -964 +967 @@
     mov     qword [rbx + VMCSCACHE.uPos], 5
 %endif
+
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ; Note! Trashes rdx and rcx.
+    ;
+    mov     rax, [rbp + 30h]            ; pVCpu
+    test    byte [rax + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    rdx
+    push    rax
+
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
 
     ; Save the pCtx pointer
@@ -1039 +1067 @@
     pop     rsi         ; pCtx (needed in rsi by the macros below)
 
+    ; Restore the host xcr0 if necessary.
+    pop     rcx
+    test    ecx, ecx
+    jnz     .xcr0_after_skip
+    pop     rax
+    pop     rdx
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip:
+
 %ifdef VMX_USE_CACHED_VMCS_ACCESSES
     pop     rdi         ; Saved pCache
@@ -1116 +1153 @@
     pop     rsi         ; pCtx (needed in rsi by the macros below)
 
+    ; Restore the host xcr0 if necessary.
+    pop     rcx
+    test    ecx, ecx
+    jnz     .xcr0_after_skip2
+    pop     rax
+    pop     rdx
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip2:
+
 %ifdef VMX_USE_CACHED_VMCS_ACCESSES
     pop     rdi         ; pCache
@@ -1137 +1183 @@
 .vmstart64_start_failed:
     pop     rsi         ; pCtx (needed in rsi by the macros below)
+
+    ; Restore the host xcr0 if necessary.
+    pop     rcx
+    test    ecx, ecx
+    jnz     .xcr0_after_skip3
+    pop     rax
+    pop     rdx
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip3:
 
 %ifdef VMX_USE_CACHED_VMCS_ACCESSES
@@ -1165 +1220 @@
 ; * @param   HCPhysVMCB     Physical address of host VMCB       (rsp+8)
 ; * @param   HCPhysVMCB     Physical address of guest VMCB      (rsp+16)
+; * @param   pVM            The VM handle                       (rbp+18h)
+; * @param   pVM            The VMCPU handle.                   (rbp+20h)
 ; * @param   pCtx           Guest context                       (rsi)
 ; */
@@ -1184 +1241 @@
     ; Save the Guest CPU context pointer.
     push    rsi                             ; Push for saving the state at the end
+
+    ;
+    ; Save the host XCR0 and load the guest one if necessary.
+    ;
+    mov     rax, [rbx + 20h]            ; pVCpu
+    test    byte [rax + VMCPU.hm + HMCPU.fLoadSaveGuestXcr0], 1
+    jz      .xcr0_before_skip
+
+    xor     ecx, ecx
+    xgetbv                              ; Save the host one on the stack.
+    push    rdx
+    push    rax
+
+    mov     eax, [xSI + CPUMCTX.aXcr]   ; Load the guest one.
+    mov     edx, [xSI + CPUMCTX.aXcr + 4]
+    xor     ecx, ecx                    ; paranoia
+    xsetbv
+
+    push    0                           ; Indicate that we must restore XCR0 (popped into ecx, thus 0).
+    jmp     .xcr0_before_done
+
+.xcr0_before_skip:
+    push    3fh                         ; indicate that we need not.
+.xcr0_before_done:
 
     ; Save host fs, gs, sysenter msr etc
@@ -1248 +1329 @@
     mov     qword [rax + CPUMCTX.r14], r14
     mov     qword [rax + CPUMCTX.r15], r15
+
+    ;
+    ; Restore the host xcr0 if necessary.
+    ;
+    pop     rcx
+    test    ecx, ecx
+    jnz     .xcr0_after_skip
+    pop     rax
+    pop     rdx
+    xsetbv                              ; ecx is already zero.
+.xcr0_after_skip:
 
     mov     eax, VINF_SUCCESS

trunk/src/VBox/VMM/include/HMInternal.h

@@ -582 +582 @@
     /** Whether to preload the guest-FPU state to avoid #NM VM-exit overhead. */
     bool                        fPreloadGuestFpu;
+    /** Set if XCR0 needs to be loaded and saved when entering and exiting guest
+     * code execution. */
+    bool                        fLoadSaveGuestXcr0;
 
     /** Whether #UD needs to be intercepted (required by certain GIM providers). */
@@ -587 +590 @@
     /** Whether paravirt. hypercalls are enabled. */
     bool                        fHypercallsEnabled;
-    uint8_t                     u8Alignment0[6];
+    uint8_t                     u8Alignment0[5];
 
     /** World switch exit counter. */

trunk/src/VBox/VMM/include/HMInternal.mac

@@ -63 +63 @@
 endstruc
 
+
+struc HMCPU
+        .fForceTLBFlush         resb    1
+        .fActive                resb    1
+        .fCheckedTLBFlush       resb    1
+        .fSingleInstruction     resb    1
+        .fClearTrapFlag         resb    1
+        .fLeaveDone             resb    1
+        .fUsingHyperDR7         resb    1
+        .fPreloadGuestFpu       resb    1
+        .fLoadSaveGuestXcr0     resb    1
+        .fGIMTrapXcptUD         resb    1
+        .fHypercallsEnabled     resb    1
+        alignb 8
+        .cWorldSwitchExits      resd    1
+        .fContextUseFlags       resd    1
+        .idLastCpu              resd    1
+        .cTlbFlushes            resd    1
+        .uCurrentAsid           resd    1
+        .u32HMError             resd    1
+        alignb 8
+        .u64HostTscAux          resq    1
+
+        ; incomplete to save unnecessary pain...
+endstruc

trunk/src/VBox/VMM/testcase/Makefile.kmk

@@ -612 +612 @@
                 -e '/VMMCPU_size$$/d' \
                 -e '/SUPDRVTRACERUSRCTX32_size$$/d' \
+                -e '/HMCPU_size$$/d' \
                 \
                 -e '/00[0-9a-fA-F]* [aA] [^_.]*_size$$/!d' \