Changeset 71686 in vbox
- Timestamp:
- Apr 5, 2018 3:03:53 PM (7 years ago)
- Location:
- trunk/src/VBox/Devices/Graphics
- Files:
-
- 3 edited
-
DevVGA-SVGA.cpp (modified) (37 diffs)
-
DevVGA-SVGA3d-ogl.cpp (modified) (1 diff)
-
DevVGA-SVGA3d-win.cpp (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Devices/Graphics/DevVGA-SVGA.cpp
r69963 r71686 145 145 #endif 146 146 147 #include <VBox/AssertGuest.h> 147 148 #include <VBox/VMMDev.h> 148 149 #include <VBoxVideo.h> … … 212 213 struct 213 214 { 214 SVGAGuestPtr ptr;215 uint32_t bytesPerLine;216 SVGAGMRImageFormat format;215 SVGAGuestPtr RT_UNTRUSTED_GUEST ptr; 216 uint32_t RT_UNTRUSTED_GUEST bytesPerLine; 217 SVGAGMRImageFormat RT_UNTRUSTED_GUEST format; 217 218 } GMRFB; 218 219 struct … … 709 710 *pu32 = 0; 710 711 712 /* Rough index register validation. */ 713 uint32_t idxReg = pThis->svga.u32IndexReg; 714 #if !defined(IN_RING3) && defined(VBOX_STRICT) 715 ASSERT_GUEST_MSG_RETURN(idxReg < SVGA_SCRATCH_BASE + pThis->svga.cScratchRegion, ("idxReg=%#x\n", idxReg), 716 VINF_IOM_R3_IOPORT_READ); 717 #else 718 ASSERT_GUEST_MSG_STMT_RETURN(idxReg < SVGA_SCRATCH_BASE + pThis->svga.cScratchRegion, ("idxReg=%#x\n", idxReg), 719 STAM_REL_COUNTER_INC(&pThis->svga.StatRegUnknownRd), 720 VINF_SUCCESS); 721 #endif 722 RT_UNTRUSTED_VALIDATED_FENCE(); 723 711 724 /* We must adjust the register number if we're in SVGA_ID_0 mode because the PALETTE range moved. */ 712 uint32_t idxReg = pThis->svga.u32IndexReg;713 725 if ( idxReg >= SVGA_REG_CAPABILITIES 714 726 && pThis->svga.u32SVGAId == SVGA_ID_0) … … 1168 1180 if ((offReg = idxReg - SVGA_SCRATCH_BASE) < pThis->svga.cScratchRegion) 1169 1181 { 1182 RT_UNTRUSTED_VALIDATED_FENCE(); 1170 1183 *pu32 = pThis->svga.au32ScratchRegion[offReg]; 1171 1184 STAM_REL_COUNTER_INC(&pThis->svga.StatRegScratchRd); … … 1175 1188 /* Note! Using last_palette rather than palette here to preserve the VGA one. */ 1176 1189 STAM_REL_COUNTER_INC(&pThis->svga.StatRegPaletteRd); 1190 RT_UNTRUSTED_VALIDATED_FENCE(); 1177 1191 uint32_t u32 = pThis->last_palette[offReg / 3]; 1178 1192 switch (offReg % 3) … … 1332 1346 int rc = VINF_SUCCESS; 1333 1347 1348 /* Rough index register validation. */ 1349 uint32_t idxReg = pThis->svga.u32IndexReg; 1350 #if !defined(IN_RING3) && defined(VBOX_STRICT) 1351 ASSERT_GUEST_MSG_RETURN(idxReg < SVGA_SCRATCH_BASE + pThis->svga.cScratchRegion, ("idxReg=%#x\n", idxReg), 1352 VINF_IOM_R3_IOPORT_WRITE); 1353 #else 1354 ASSERT_GUEST_MSG_STMT_RETURN(idxReg < SVGA_SCRATCH_BASE + pThis->svga.cScratchRegion, ("idxReg=%#x\n", idxReg), 1355 STAM_REL_COUNTER_INC(&pThis->svga.StatRegUnknownWr), 1356 VINF_SUCCESS); 1357 #endif 1358 RT_UNTRUSTED_VALIDATED_FENCE(); 1359 1334 1360 /* We must adjust the register number if we're in SVGA_ID_0 mode because the PALETTE range moved. */ 1335 uint32_t idxReg = pThis->svga.u32IndexReg;1336 1361 if ( idxReg >= SVGA_REG_CAPABILITIES 1337 1362 && pThis->svga.u32SVGAId == SVGA_ID_0) … … 1606 1631 uint32_t idGMR = pThis->svga.u32CurrentGMRId; 1607 1632 AssertBreak(idGMR < pThis->svga.cGMR); 1633 RT_UNTRUSTED_VALIDATED_FENCE(); 1608 1634 1609 1635 /* Free the old GMR if present. */ … … 1734 1760 if ((offReg = idxReg - SVGA_SCRATCH_BASE) < pThis->svga.cScratchRegion) 1735 1761 { 1762 RT_UNTRUSTED_VALIDATED_FENCE(); 1736 1763 pThis->svga.au32ScratchRegion[offReg] = u32; 1737 1764 STAM_REL_COUNTER_INC(&pThis->svga.StatRegScratchWr); … … 1743 1770 STAM_REL_COUNTER_INC(&pThis->svga.StatRegPaletteWr); 1744 1771 u32 &= 0xff; 1772 RT_UNTRUSTED_VALIDATED_FENCE(); 1745 1773 uint32_t uRgb = pThis->last_palette[offReg / 3]; 1746 1774 switch (offReg % 3) … … 1811 1839 *pu32 = pThis->svga.u32IrqStatus; 1812 1840 break; 1841 1842 default: 1843 ASSERT_GUEST_MSG_FAILED(("vmsvgaIORead: Unknown register %u (%#x) was read from.\n", uPort - pThis->svga.BasePort, uPort)); 1844 *pu32 = UINT32_MAX; 1845 break; 1813 1846 } 1814 1847 … … 1861 1894 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 0); 1862 1895 } 1896 break; 1897 1898 default: 1899 ASSERT_GUEST_MSG_FAILED(("vmsvgaIOWrite: Unknown register %u (%#x) was written to, value %#x LB %u.\n", 1900 uPort - pThis->svga.BasePort, uPort, u32, cb)); 1863 1901 break; 1864 1902 } … … 2913 2951 * statistics collection. 2914 2952 */ 2915 static void *vmsvgaFIFOGetCmdPayload(uint32_t cbPayloadReq, uint32_t volatile*pFIFO,2953 static void *vmsvgaFIFOGetCmdPayload(uint32_t cbPayloadReq, uint32_t RT_UNTRUSTED_VOLATILE_GUEST *pFIFO, 2916 2954 uint32_t offCurrentCmd, uint32_t offFifoMin, uint32_t offFifoMax, 2917 2955 uint8_t *pbBounceBuf, uint32_t *pcbAlreadyRead, … … 2959 2997 uint32_t cbAfter, cbBefore; 2960 2998 uint32_t offNextCmd = pFIFO[SVGA_FIFO_NEXT_CMD]; 2999 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); 2961 3000 if (offNextCmd >= offCurrentCmd) 2962 3001 { … … 3005 3044 3006 3045 offNextCmd = pFIFO[SVGA_FIFO_NEXT_CMD]; 3046 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); 3007 3047 if (offNextCmd >= offCurrentCmd) 3008 3048 { … … 3044 3084 } 3045 3085 *pcbAlreadyRead = cbPayloadReq; 3086 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); 3046 3087 return pbBounceBuf; 3047 3088 } … … 3106 3147 LogFlow(("vmsvgaFIFOLoop: started loop\n")); 3107 3148 bool fBadOrDisabledFifo = false; 3108 uint32_t volatile* const pFIFO = pThis->svga.pFIFOR3;3149 uint32_t RT_UNTRUSTED_VOLATILE_GUEST * const pFIFO = pThis->svga.pFIFOR3; 3109 3150 while (pThread->enmState == PDMTHREADSTATE_RUNNING) 3110 3151 { … … 3183 3224 uint32_t const offFifoMax = pFIFO[SVGA_FIFO_MAX]; 3184 3225 uint32_t offCurrentCmd = pFIFO[SVGA_FIFO_STOP]; 3226 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); 3185 3227 if (RT_UNLIKELY( !VMSVGA_IS_VALID_FIFO_REG(SVGA_FIFO_STOP, offFifoMin) 3186 3228 || offFifoMax <= offFifoMin … … 3197 3239 continue; 3198 3240 } 3241 RT_UNTRUSTED_VALIDATED_FENCE(); 3199 3242 if (RT_UNLIKELY(offCurrentCmd & 3)) 3200 3243 { … … 3220 3263 pbBounceBuf, &cbPayload, pThread, pThis, pSVGAState); \ 3221 3264 if (RT_UNLIKELY((uintptr_t)(a_PtrVar) < 2)) { if ((uintptr_t)(a_PtrVar) == 1) continue; break; } \ 3265 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); \ 3222 3266 } else do {} while (0) 3223 3267 /** @def VMSVGAFIFO_GET_MORE_CMD_BUFFER_BREAK … … 3273 3317 */ 3274 3318 SVGAFifoCmdId const enmCmdId = (SVGAFifoCmdId)pFIFO[offCurrentCmd / sizeof(uint32_t)]; 3319 RT_UNTRUSTED_NONVOLATILE_COPY_FENCE(); 3275 3320 LogFlow(("vmsvgaFIFOLoop: FIFO command (iCmd=0x%x) %s 0x%x\n", 3276 3321 offCurrentCmd / sizeof(uint32_t), vmsvgaFIFOCmdToString(enmCmdId), enmCmdId)); … … 3337 3382 AssertBreak(pCursor->andMaskDepth <= 32); 3338 3383 AssertBreak(pCursor->xorMaskDepth <= 32); 3384 RT_UNTRUSTED_VALIDATED_FENCE(); 3339 3385 3340 3386 uint32_t cbAndLine = RT_ALIGN_32(pCursor->width * (pCursor->andMaskDepth + (pCursor->andMaskDepth == 15)), 32) / 8; … … 3364 3410 /* Check against a reasonable upper limit to prevent integer overflows in the sanity checks below. */ 3365 3411 AssertBreak(pCursor->height < 2048 && pCursor->width < 2048); 3412 RT_UNTRUSTED_VALIDATED_FENCE(); 3366 3413 3367 3414 /* Refetch the bitmap data as well. */ … … 3397 3444 /* Refetch the command buffer with the variable data; undo size increase (ugly) */ 3398 3445 AssertBreak(pEscape->size < pThis->svga.cbFIFO); 3446 RT_UNTRUSTED_VALIDATED_FENCE(); 3399 3447 uint32_t cbCmd = sizeof(SVGAFifoCmdEscape) + pEscape->size; 3400 3448 VMSVGAFIFO_GET_MORE_CMD_BUFFER_BREAK(pEscape, SVGAFifoCmdEscape, cbCmd); … … 3403 3451 { 3404 3452 AssertBreak(pEscape->size >= sizeof(uint32_t)); 3453 RT_UNTRUSTED_VALIDATED_FENCE(); 3405 3454 uint32_t cmd = *(uint32_t *)(pEscape + 1); 3406 3455 Log(("vmsvgaFIFOLoop: ESCAPE (%x %x) VMWARE cmd=%x\n", pEscape->nsid, pEscape->size, cmd)); … … 3431 3480 break; 3432 3481 } 3482 3483 default: 3484 Log(("SVGA_CMD_ESCAPE: Unknown vmware escape: %x\n", cmd)); 3485 break; 3433 3486 } 3434 3487 } … … 3449 3502 AssertBreak(pCmd->gmrId < pThis->svga.cGMR); 3450 3503 AssertBreak(pCmd->numPages <= VMSVGA_MAX_GMR_PAGES); 3504 RT_UNTRUSTED_VALIDATED_FENCE(); 3451 3505 3452 3506 if (!pCmd->numPages) … … 3482 3536 Log(("vmsvgaFIFOLoop: SVGA_CMD_REMAP_GMR2 id=%x flags=%x offset=%x npages=%x\n", pCmd->gmrId, pCmd->flags, pCmd->offsetPages, pCmd->numPages)); 3483 3537 AssertBreak(pCmd->gmrId < pThis->svga.cGMR); 3538 RT_UNTRUSTED_VALIDATED_FENCE(); 3484 3539 3485 3540 /* Calculate the size of what comes after next and fetch it. */ … … 3505 3560 /* Validate current GMR id and size. */ 3506 3561 AssertBreak(pCmd->gmrId < pThis->svga.cGMR); 3562 RT_UNTRUSTED_VALIDATED_FENCE(); 3507 3563 PGMR pGMR = &pSVGAState->paGMR[pCmd->gmrId]; 3508 3564 AssertBreak( (uint64_t)pCmd->offsetPages + pCmd->numPages … … 3536 3592 paNewPage64[idxPage++] = (pGMR->paDesc[i].GCPhys + j * X86_PAGE_SIZE) >> X86_PAGE_SHIFT; 3537 3593 AssertBreakStmt(idxPage == pGMR->cbTotal >> X86_PAGE_SHIFT, RTMemFree(paNewPage64)); 3594 RT_UNTRUSTED_VALIDATED_FENCE(); 3538 3595 } 3539 3596 … … 3663 3720 AssertBreak(uHeight <= cbVram / cbPitch); 3664 3721 3722 RT_UNTRUSTED_VALIDATED_FENCE(); 3723 3665 3724 /** @todo multi monitor support and screen object capabilities. */ 3666 3725 pThis->svga.uWidth = uWidth; … … 3747 3806 AssertBreak(offsetDest < cbVram); 3748 3807 offsetDest += pThis->svga.uScreenOffset; 3808 3809 RT_UNTRUSTED_VALIDATED_FENCE(); 3749 3810 3750 3811 rc = vmsvgaGMRTransfer(pThis, SVGA3D_WRITE_HOST_VRAM, pThis->CTX_SUFF(vram_ptr) + offsetDest, pThis->svga.cbScanline, pSVGAState->GMRFB.ptr, offsetSource, pSVGAState->GMRFB.bytesPerLine, cbCopyWidth, height); … … 3795 3856 && (int)enmCmdId < SVGA_3D_CMD_MAX) 3796 3857 { 3858 RT_UNTRUSTED_VALIDATED_FENCE(); 3859 3797 3860 /* All 3d commands start with a common header, which defines the size of the command. */ 3798 3861 SVGA3dCmdHeader *pHdr; … … 3807 3870 */ 3808 3871 # define VMSVGAFIFO_CHECK_3D_CMD_MIN_SIZE_BREAK(a_cbMin) \ 3809 AssertMsgBreak((a_cbMin) <= pHdr->size, ("size=%#x a_cbMin=%#zx\n", pHdr->size, (size_t)(a_cbMin))) 3872 do { AssertMsgBreak(pHdr->size >= (a_cbMin), ("size=%#x a_cbMin=%#zx\n", pHdr->size, (size_t)(a_cbMin))); \ 3873 RT_UNTRUSTED_VALIDATED_FENCE(); \ 3874 } while (0) 3810 3875 switch ((int)enmCmdId) 3811 3876 { … … 4027 4092 STAM_REL_COUNTER_INC(&pSVGAState->StatR3Cmd3dClear); 4028 4093 4029 uint32_t cRects; 4030 cRects = (pHdr->size - sizeof(*pCmd)) / sizeof(SVGA3dRect); 4094 uint32_t cRects = (pHdr->size - sizeof(*pCmd)) / sizeof(SVGA3dRect); 4031 4095 rc = vmsvga3dCommandClear(pThis, pCmd->cid, pCmd->clearFlag, pCmd->color, pCmd->depth, pCmd->stencil, cRects, (SVGA3dRect *)(pCmd + 1)); 4032 4096 break; … … 4099 4163 STAM_REL_COUNTER_INC(&pSVGAState->StatR3Cmd3dDrawPrimitives); 4100 4164 4101 uint32_t cVertexDivisor = (pHdr->size - sizeof(*pCmd) - sizeof(SVGA3dVertexDecl) * pCmd->numVertexDecls - sizeof(SVGA3dPrimitiveRange) * pCmd->numRanges) / sizeof(uint32_t); 4102 Assert(pCmd->numRanges <= SVGA3D_MAX_DRAW_PRIMITIVE_RANGES); 4103 Assert(pCmd->numVertexDecls <= SVGA3D_MAX_VERTEX_ARRAYS); 4104 Assert(!cVertexDivisor || cVertexDivisor == pCmd->numVertexDecls); 4165 AssertBreak(pCmd->numRanges <= SVGA3D_MAX_DRAW_PRIMITIVE_RANGES); 4166 AssertBreak(pCmd->numVertexDecls <= SVGA3D_MAX_VERTEX_ARRAYS); 4167 uint32_t const cbRangesAndVertexDecls = pCmd->numVertexDecls * sizeof(SVGA3dVertexDecl) 4168 + pCmd->numRanges * sizeof(SVGA3dPrimitiveRange); 4169 ASSERT_GUEST_BREAK(cbRangesAndVertexDecls <= pHdr->size - sizeof(*pCmd)); 4170 4171 uint32_t cVertexDivisor = (pHdr->size - sizeof(*pCmd) - cbRangesAndVertexDecls) / sizeof(uint32_t); 4172 AssertBreak(!cVertexDivisor || cVertexDivisor == pCmd->numVertexDecls); 4173 4174 RT_UNTRUSTED_VALIDATED_FENCE(); 4105 4175 4106 4176 SVGA3dVertexDecl *pVertexDecl = (SVGA3dVertexDecl *)(pCmd + 1); 4107 SVGA3dPrimitiveRange *pNumRange = (SVGA3dPrimitiveRange *) (&pVertexDecl[pCmd->numVertexDecls]);4108 SVGA3dVertexDivisor *pVertexDivisor = (cVertexDivisor) ? (SVGA3dVertexDivisor *)(&pNumRange[pCmd->numRanges]): NULL;4177 SVGA3dPrimitiveRange *pNumRange = (SVGA3dPrimitiveRange *)&pVertexDecl[pCmd->numVertexDecls]; 4178 SVGA3dVertexDivisor *pVertexDivisor = cVertexDivisor ? (SVGA3dVertexDivisor *)&pNumRange[pCmd->numRanges] : NULL; 4109 4179 4110 4180 STAM_PROFILE_START(&pSVGAState->StatR3Cmd3dDrawPrimitivesProf, a); 4111 rc = vmsvga3dDrawPrimitives(pThis, pCmd->cid, pCmd->numVertexDecls, pVertexDecl, pCmd->numRanges, pNumRange, cVertexDivisor, pVertexDivisor); 4181 rc = vmsvga3dDrawPrimitives(pThis, pCmd->cid, pCmd->numVertexDecls, pVertexDecl, pCmd->numRanges, 4182 pNumRange, cVertexDivisor, pVertexDivisor); 4112 4183 STAM_PROFILE_STOP(&pSVGAState->StatR3Cmd3dDrawPrimitivesProf, a); 4113 4184 break; … … 4313 4384 { 4314 4385 AssertReturn(src.gmrId < pThis->svga.cGMR, VERR_INVALID_PARAMETER); 4386 RT_UNTRUSTED_VALIDATED_FENCE(); 4315 4387 pGMR = &pSVGAState->paGMR[src.gmrId]; 4316 4388 cbGmrTotal = pGMR->cbTotal; … … 4356 4428 src.gmrId, src.offset, offSrc, cbSrcPitch, cHeight, cbWidth, cbGmrTotal), 4357 4429 VERR_INVALID_PARAMETER); 4430 4431 RT_UNTRUSTED_VALIDATED_FENCE(); 4358 4432 4359 4433 /* Shortcut for the framebuffer. */ -
trunk/src/VBox/Devices/Graphics/DevVGA-SVGA3d-ogl.cpp
r69904 r71686 6208 6208 Log(("vmsvga3dDrawPrimitives cid=%x numVertexDecls=%d numRanges=%d, cVertexDivisor=%d\n", cid, numVertexDecls, numRanges, cVertexDivisor)); 6209 6209 6210 /* Caller already check these, but it cannot hurt to check again... */ 6210 6211 AssertReturn(numVertexDecls && numVertexDecls <= SVGA3D_MAX_VERTEX_ARRAYS, VERR_INVALID_PARAMETER); 6211 6212 AssertReturn(numRanges && numRanges <= SVGA3D_MAX_DRAW_PRIMITIVE_RANGES, VERR_INVALID_PARAMETER); 6212 6213 AssertReturn(!cVertexDivisor || cVertexDivisor == numVertexDecls, VERR_INVALID_PARAMETER); 6214 6213 6215 /** @todo Non-zero cVertexDivisor */ 6214 6216 Assert(!cVertexDivisor); -
trunk/src/VBox/Devices/Graphics/DevVGA-SVGA3d-win.cpp
r69965 r71686 5284 5284 LogFunc(("%x numVertexDecls=%d numRanges=%d, cVertexDivisor=%d\n", cid, numVertexDecls, numRanges, cVertexDivisor)); 5285 5285 5286 /* Caller already check these, but it cannot hurt to check again... */ 5286 5287 AssertReturn(numVertexDecls && numVertexDecls <= SVGA3D_MAX_VERTEX_ARRAYS, VERR_INVALID_PARAMETER); 5287 5288 AssertReturn(numRanges && numRanges <= SVGA3D_MAX_DRAW_PRIMITIVE_RANGES, VERR_INVALID_PARAMETER);
Note:
See TracChangeset
for help on using the changeset viewer.
