Changeset 74065 in vbox for trunk/src/VBox/VMM

Timestamp:

Sep 4, 2018 12:38:25 PM (6 years ago)

Author:

vboxsync

Message:

VMM/IEM, HM: Nested VMX: bugref:9180 vmlaunch/vmresume bits.

Location:

trunk/src/VBox/VMM/VMMAll

Files:

• HMVMXAll.cpp (modified) (2 diffs)
• IEMAllCImplVmxInstr.cpp.h (modified) (7 diffs)

trunk/src/VBox/VMM/VMMAll/HMVMXAll.cpp

@@ -127 +127 @@
     /* VMLAUNCH/VMRESUME. */
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrApicAccess           , "AddrApicAccess"          ),
+    VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrEntryMsrLoad         , "AddrEntryMsrLoad"        ),
+    VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrExitMsrLoad          , "AddrExitMsrLoad"         ),
+    VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrExitMsrStore         , "AddrExitMsrStore"        ),
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrIoBitmapA            , "AddrIoBitmapA"           ),
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_AddrIoBitmapB            , "AddrIoBitmapB"           ),
@@ -137 +140 @@
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_Cpl                      , "Cpl"                     ),
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_Cr3TargetCount           , "Cr3TargetCount"          ),
+    VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_EntryCtlsAllowed1        , "EntryCtlsAllowed1"       ),
+    VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_EntryCtlsDisallowed0     , "EntryCtlsDisallowed0"    ),
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_ExitCtlsAllowed1         , "ExitCtlsAllowed1"        ),
     VMX_INSTR_DIAG_DESC(kVmxVInstrDiag_Vmentry_ExitCtlsDisallowed0      , "ExitCtlsDisallowed0"     ),

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -86 +86 @@
         /*     1 */ RT_OFFSETOF(VMXVVMCS, u64AddrIoBitmapB),
         /*     2 */ RT_OFFSETOF(VMXVVMCS, u64AddrMsrBitmap),
-        /*     3 */ RT_OFFSETOF(VMXVVMCS, u64AddrVmExitMsrStore),
-        /*     4 */ RT_OFFSETOF(VMXVVMCS, u64AddrVmExitMsrLoad),
-        /*     5 */ RT_OFFSETOF(VMXVVMCS, u64AddrVmEntryMsrLoad),
+        /*     3 */ RT_OFFSETOF(VMXVVMCS, u64AddrExitMsrStore),
+        /*     4 */ RT_OFFSETOF(VMXVVMCS, u64AddrExitMsrLoad),
+        /*     5 */ RT_OFFSETOF(VMXVVMCS, u64AddrEntryMsrLoad),
         /*     6 */ RT_OFFSETOF(VMXVVMCS, u64ExecVmcsPtr),
         /*     7 */ RT_OFFSETOF(VMXVVMCS, u64AddrPml),
@@ -167 +167 @@
     {
         /*     0 */ RT_OFFSETOF(VMXVVMCS, u32RoVmInstrError),
-        /*     1 */ RT_OFFSETOF(VMXVVMCS, u32RoVmExitReason),
-        /*     2 */ RT_OFFSETOF(VMXVVMCS, u32RoVmExitIntInfo),
-        /*     3 */ RT_OFFSETOF(VMXVVMCS, u32RoVmExitErrCode),
+        /*     1 */ RT_OFFSETOF(VMXVVMCS, u32RoExitReason),
+        /*     2 */ RT_OFFSETOF(VMXVVMCS, u32RoExitIntInfo),
+        /*     3 */ RT_OFFSETOF(VMXVVMCS, u32RoExitErrCode),
         /*     4 */ RT_OFFSETOF(VMXVVMCS, u32RoIdtVectoringInfo),
         /*     5 */ RT_OFFSETOF(VMXVVMCS, u32RoIdtVectoringErrCode),
-        /*     6 */ RT_OFFSETOF(VMXVVMCS, u32RoVmExitInstrLen),
-        /*     7 */ RT_OFFSETOF(VMXVVMCS, u32RoVmExitInstrInfo),
+        /*     6 */ RT_OFFSETOF(VMXVVMCS, u32RoExitInstrLen),
+        /*     7 */ RT_OFFSETOF(VMXVVMCS, u32RoExitInstrInfo),
         /*  8-15 */ UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX,
         /* 16-23 */ UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX, UINT16_MAX,
@@ -1958 +1958 @@
 
 /**
+ * Checks VM-entry controls fields as part of VM-entry.
+ * See Intel spec. 26.2.1.3 "VM-Entry Control Fields".
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pszInstr        The VMX instruction name (for logging purposes).
+ */
+IEM_STATIC VBOXSTRICTRC iemVmxVmentryCheckEntryCtls(PVMCPU pVCpu, const char *pszInstr)
+{
+    PCVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+
+    /* VM-entry controls. */
+    VMXCTLSMSR EntryCtls;
+    EntryCtls.u = CPUMGetGuestIa32VmxEntryCtls(pVCpu);
+    if (~pVmcs->u32EntryCtls & EntryCtls.n.disallowed0)
+    {
+        Log(("%s: Invalid EntryCtls %#RX32 (disallowed0) -> VMFail\n", pszInstr, pVmcs->u32EntryCtls));
+        pVCpu->cpum.GstCtx.hwvirt.vmx.enmInstrDiag = kVmxVInstrDiag_Vmentry_EntryCtlsDisallowed0;
+        return VERR_VMX_VMENTRY_FAILED;
+    }
+    if (pVmcs->u32EntryCtls & ~EntryCtls.n.allowed1)
+    {
+        Log(("%s: Invalid EntryCtls %#RX32 (allowed1) -> VMFail\n", pszInstr, pVmcs->u32EntryCtls));
+        pVCpu->cpum.GstCtx.hwvirt.vmx.enmInstrDiag = kVmxVInstrDiag_Vmentry_EntryCtlsAllowed1;
+        return VERR_VMX_VMENTRY_FAILED;
+    }
+
+    /** @todo NSTVMX: rest of entry ctls. */
+
+    /* VM-entry MSR-load count and VM-entry MSR-load area address. */
+    uint8_t const cMaxPhysAddrWidth = IEM_GET_GUEST_CPU_FEATURES(pVCpu)->cMaxPhysAddrWidth;
+    if (pVmcs->u32EntryMsrLoadCount)
+    {
+        if (   (pVmcs->u64AddrEntryMsrLoad.u & VMX_AUTOMSR_OFFSET_MASK)
+            || (pVmcs->u64AddrEntryMsrLoad.u >> cMaxPhysAddrWidth)
+            || !PGMPhysIsGCPhysNormal(pVCpu->CTX_SUFF(pVM), pVmcs->u64AddrEntryMsrLoad.u))
+        {
+            Log(("%s: VM-entry MSR-load area address %#RX64 invalid -> VMFail\n", pszInstr, pVmcs->u64AddrEntryMsrLoad.u));
+            pVCpu->cpum.GstCtx.hwvirt.vmx.enmInstrDiag = kVmxVInstrDiag_Vmentry_AddrEntryMsrLoad;
+            return VERR_VMX_VMENTRY_FAILED;
+        }
+    }
+
+    Assert(!(pVmcs->u32EntryCtls & VMX_ENTRY_CTLS_ENTRY_TO_SMM));           /* We don't support SMM yet. */
+    Assert(!(pVmcs->u32EntryCtls & VMX_ENTRY_CTLS_DEACTIVATE_DUAL_MON));    /* We don't support dual-monitor treatment yet. */
+
+    NOREF(pszInstr);
+    return VINF_SUCCESS;
+}
+
+
+/**
  * Checks VM-exit controls fields as part of VM-entry.
  * See Intel spec. 26.2.1.2 "VM-Exit Control Fields".
@@ -1994 +2046 @@
     }
 
-    /** @todo NSTVMX: rest of exit ctls. */
+    /* VM-exit MSR-store count and VM-exit MSR-store area address. */
+    uint8_t const cMaxPhysAddrWidth = IEM_GET_GUEST_CPU_FEATURES(pVCpu)->cMaxPhysAddrWidth;
+    if (pVmcs->u32ExitMsrStoreCount)
+    {
+        if (   (pVmcs->u64AddrExitMsrStore.u & VMX_AUTOMSR_OFFSET_MASK)
+            || (pVmcs->u64AddrExitMsrStore.u >> cMaxPhysAddrWidth)
+            || !PGMPhysIsGCPhysNormal(pVCpu->CTX_SUFF(pVM), pVmcs->u64AddrExitMsrStore.u))
+        {
+            Log(("%s: VM-exit MSR-store area address %#RX64 invalid -> VMFail\n", pszInstr, pVmcs->u64AddrExitMsrStore.u));
+            pVCpu->cpum.GstCtx.hwvirt.vmx.enmInstrDiag = kVmxVInstrDiag_Vmentry_AddrExitMsrStore;
+            return VERR_VMX_VMENTRY_FAILED;
+        }
+    }
+
+    /* VM-exit MSR-load count and VM-exit MSR-load area address. */
+    if (pVmcs->u32ExitMsrLoadCount)
+    {
+        if (   (pVmcs->u64AddrExitMsrLoad.u & VMX_AUTOMSR_OFFSET_MASK)
+            || (pVmcs->u64AddrExitMsrLoad.u >> cMaxPhysAddrWidth)
+            || !PGMPhysIsGCPhysNormal(pVCpu->CTX_SUFF(pVM), pVmcs->u64AddrExitMsrLoad.u))
+        {
+            Log(("%s: VM-exit MSR-store area address %#RX64 invalid -> VMFail\n", pszInstr, pVmcs->u64AddrExitMsrLoad.u));
+            pVCpu->cpum.GstCtx.hwvirt.vmx.enmInstrDiag = kVmxVInstrDiag_Vmentry_AddrExitMsrLoad;
+            return VERR_VMX_VMENTRY_FAILED;
+        }
+    }
 
     NOREF(pszInstr);
@@ -2083 +2160 @@
     {
         if (   (pVmcs->u64AddrIoBitmapA.u & X86_PAGE_4K_OFFSET_MASK)
-            || (pVmcs->u64AddrIoBitmapA.u >> cMaxPhysAddrWidth))
+            || (pVmcs->u64AddrIoBitmapA.u >> cMaxPhysAddrWidth)
+            || !PGMPhysIsGCPhysNormal(pVCpu->CTX_SUFF(pVM), pVmcs->u64AddrIoBitmapA.u))
         {
             Log(("%s: I/O Bitmap A physaddr invalid %#RX64 -> VMFail\n", pszInstr, pVmcs->u64AddrIoBitmapA.u));
@@ -2091 +2169 @@
 
         if (   (pVmcs->u64AddrIoBitmapB.u & X86_PAGE_4K_OFFSET_MASK)
-            || (pVmcs->u64AddrIoBitmapB.u >> cMaxPhysAddrWidth))
+            || (pVmcs->u64AddrIoBitmapB.u >> cMaxPhysAddrWidth)
+            || !PGMPhysIsGCPhysNormal(pVCpu->CTX_SUFF(pVM), pVmcs->u64AddrIoBitmapB.u))
         {
             Log(("%s: I/O Bitmap B physaddr invalid %#RX64 -> VMFail\n", pszInstr, pVmcs->u64AddrIoBitmapB.u));
@@ -2413 +2492 @@
 
     /*
-     * Check VM-exit fields.
+     * Check VM-exit control fields.
      */
     rc = iemVmxVmentryCheckExitCtls(pVCpu, pszInstr);
+    if (rc == VINF_SUCCESS)
+    { /* likely */ }
+    else
+    {
+        iemVmxVmFail(pVCpu, VMXINSTRERR_VMENTRY_INVALID_CTLS);
+        iemRegAddToRipAndClearRF(pVCpu, cbInstr);
+        return VINF_SUCCESS;
+    }
+
+    /*
+     * Check VM-entry control fields.
+     */
+    rc = iemVmxVmentryCheckEntryCtls(pVCpu, pszInstr);
     if (rc == VINF_SUCCESS)
     { /* likely */ }