Changeset 74258 in vbox

Timestamp:

Sep 14, 2018 4:20:16 AM (7 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

125057

Message:

VMM/IEM, CPUM: Nested VMX: bugref:9180 vmlaunch/vmresume bits.

Location:

trunk

Files:

• include/VBox/vmm/cpumctx.h (modified) (1 diff)
• include/VBox/vmm/hm_vmx.h (modified) (4 diffs)
• src/VBox/VMM/VMMAll/CPUMAllMsrs.cpp (modified) (1 diff)
• src/VBox/VMM/VMMAll/HMVMXAll.cpp (modified) (1 diff)
• src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (3 diffs)
• src/VBox/VMM/VMMR3/CPUM.cpp (modified) (3 diffs)
• src/VBox/VMM/testcase/tstVMStruct.h (modified) (1 diff)

trunk/include/VBox/vmm/cpumctx.h ¶

@@ -602 +602 @@
                 uint32_t                uVmwriteBitmapR3Padding;
 #endif
-                /** 0x348 - Padding. */
-                uint8_t             abPadding[0x3f0 - 0x348];
+                /** 0x348 - The MSR auto-load/store area - R0 ptr. */
+                R0PTRTYPE(PVMXAUTOMSR)  pAutoMsrAreaR0;
+#if HC_ARCH_BITS == 32
+                uint32_t                uAutoMsrAreaR0;
+#endif
+                /** 0x350 - The MSR auto-load/store area - R3 ptr. */
+                R3PTRTYPE(PVMXAUTOMSR)  pAutoMsrAreaR3;
+#if HC_ARCH_BITS == 32
+                uint32_t                uAutoMsrAreaR3;
+#endif
+                /** 0x358 - Padding. */
+                uint8_t             abPadding[0x3f0 - 0x358];
             } vmx;
         } CPUM_UNION_NM(s);

trunk/include/VBox/vmm/hm_vmx.h ¶

@@ -2922 +2922 @@
  */
 
-/** CR0 bits set here must always be set when in VMX operation. */
-#define VMX_V_CR0_FIXED0                                        (X86_CR0_PE | X86_CR0_NE | X86_CR0_PG)
-/** VMX_V_CR0_FIXED0 when unrestricted-guest execution is supported for the guest. */
-#define VMX_V_CR0_FIXED0_UX                                     (VMX_V_CR0_FIXED0 & ~(X86_CR0_PE | X86_CR0_PG))
-/** CR4 bits set here must always be set when in VMX operation. */
-#define VMX_V_CR4_FIXED0                                        (X86_CR4_VMXE)
-
-/** Virtual VMCS revision ID. Bump this arbitarily chosen identifier if incompatible
- *  changes to the layout of VMXVVMCS is done.  Bit 31 MBZ.  */
-#define VMX_V_VMCS_REVISION_ID                                  UINT32_C(0x1d000001)
-AssertCompile(!(VMX_V_VMCS_REVISION_ID & RT_BIT(31)));
-
-/** The size of the virtual VMCS region (we use the maximum allowed size to avoid
- *  complications when teleporation may be implemented). */
-#define VMX_V_VMCS_SIZE                                         X86_PAGE_4K_SIZE
-/** The size of the virtual VMCS region (in pages). */
-#define VMX_V_VMCS_PAGES                                        1
-
-/** The size of the Virtual-APIC page (in bytes).  */
-#define VMX_V_VIRT_APIC_SIZE                                    X86_PAGE_4K_SIZE
-/** The size of the Virtual-APIC page (in pages). */
-#define VMX_V_VIRT_APIC_PAGES                                   1
-
-/** The size of the VMREAD/VMWRITE bitmap (in bytes). */
-#define VMX_V_VMREAD_VMWRITE_BITMAP_SIZE                        X86_PAGE_4K_SIZE
-/** The size of the VMREAD/VMWRITE-bitmap (in pages). */
-#define VMX_V_VMREAD_VMWRITE_BITMAP_PAGES                       1
-
-/** The highest index value used for supported virtual VMCS field encoding. */
-#define VMX_V_VMCS_MAX_INDEX                                    RT_BF_GET(VMX_VMCS64_CTRL_TSC_MULTIPLIER_HIGH, VMX_BF_VMCS_ENC_INDEX)
-
 /** @name Virtual VMX MSR - Miscellaneous data.
  * @{ */
@@ -2962 +2931 @@
 #define VMX_V_PREEMPT_TIMER_SHIFT                               5
 /** Maximum number of MSRs in the auto-load/store MSR areas, (n+1) * 512. */
-#define VMX_V_MAX_MSRS                                          0
+#define VMX_V_AUTOMSR_COUNT_MAX                                 0
 /** SMM MSEG revision ID. */
 #define VMX_V_MSEG_REV_ID                                       0
@@ -2974 +2943 @@
 #define VMX_V_VMCS_STATE_LAUNCHED       RT_BIT(2)
 /** @} */
+
+/** CR0 bits set here must always be set when in VMX operation. */
+#define VMX_V_CR0_FIXED0                                        (X86_CR0_PE | X86_CR0_NE | X86_CR0_PG)
+/** VMX_V_CR0_FIXED0 when unrestricted-guest execution is supported for the guest. */
+#define VMX_V_CR0_FIXED0_UX                                     (VMX_V_CR0_FIXED0 & ~(X86_CR0_PE | X86_CR0_PG))
+/** CR4 bits set here must always be set when in VMX operation. */
+#define VMX_V_CR4_FIXED0                                        (X86_CR4_VMXE)
+
+/** Virtual VMCS revision ID. Bump this arbitarily chosen identifier if incompatible
+ *  changes to the layout of VMXVVMCS is done.  Bit 31 MBZ.  */
+#define VMX_V_VMCS_REVISION_ID                                  UINT32_C(0x1d000001)
+AssertCompile(!(VMX_V_VMCS_REVISION_ID & RT_BIT(31)));
+
+/** The size of the virtual VMCS region (we use the maximum allowed size to avoid
+ *  complications when teleporation may be implemented). */
+#define VMX_V_VMCS_SIZE                                         X86_PAGE_4K_SIZE
+/** The size of the virtual VMCS region (in pages). */
+#define VMX_V_VMCS_PAGES                                        1
+
+/** The size of the Virtual-APIC page (in bytes).  */
+#define VMX_V_VIRT_APIC_SIZE                                    X86_PAGE_4K_SIZE
+/** The size of the Virtual-APIC page (in pages). */
+#define VMX_V_VIRT_APIC_PAGES                                   1
+
+/** The size of the VMREAD/VMWRITE bitmap (in bytes). */
+#define VMX_V_VMREAD_VMWRITE_BITMAP_SIZE                        X86_PAGE_4K_SIZE
+/** The size of the VMREAD/VMWRITE-bitmap (in pages). */
+#define VMX_V_VMREAD_VMWRITE_BITMAP_PAGES                       1
+
+/** The size of the auto-load/store MSR area (in bytes). */
+#define VMX_V_AUTOMSR_AREA_SIZE                                 ((512 * (VMX_V_AUTOMSR_COUNT_MAX + 1)) * sizeof(VMXAUTOMSR))
+/* Assert that the size is page aligned or adjust the VMX_V_AUTOMSR_AREA_PAGES macro below. */
+AssertCompile(RT_ALIGN_Z(VMX_V_AUTOMSR_AREA_SIZE, X86_PAGE_4K_SIZE) == VMX_V_AUTOMSR_AREA_SIZE);
+/** The size of the auto-load/store MSR area (in pages). */
+#define VMX_V_AUTOMSR_AREA_PAGES                                ((VMX_V_AUTOMSR_AREA_SIZE) >> X86_PAGE_4K_SHIFT)
+
+/** The highest index value used for supported virtual VMCS field encoding. */
+#define VMX_V_VMCS_MAX_INDEX                                    RT_BF_GET(VMX_VMCS64_CTRL_TSC_MULTIPLIER_HIGH, VMX_BF_VMCS_ENC_INDEX)
 
 /**
@@ -3761 +3768 @@
     kVmxVDiag_Vmentry_HostSysenterEspEip,
     kVmxVDiag_Vmentry_LongModeCS,
+    kVmxVDiag_Vmentry_MsrLoad,
+    kVmxVDiag_Vmentry_MsrLoadCount,
+    kVmxVDiag_Vmentry_MsrLoadPtrReadPhys,
+    kVmxVDiag_Vmentry_MsrLoadRing3,
+    kVmxVDiag_Vmentry_MsrLoadRsvd,
     kVmxVDiag_Vmentry_NmiWindowExit,
     kVmxVDiag_Vmentry_PinCtlsAllowed1,

trunk/src/VBox/VMM/VMMAll/CPUMAllMsrs.cpp ¶

@@ -1519 +1519 @@
         int rc = HMVmxGetHostMsr(pVCpu->CTX_SUFF(pVM), MSR_IA32_VMX_MISC, &uHostMsr);
         AssertMsgRC(rc, ("HMVmxGetHostMsr failed. rc=%Rrc\n", rc)); RT_NOREF_PV(rc);
-        uint8_t const cMaxMsrs       = RT_MIN(RT_BF_GET(uHostMsr, VMX_BF_MISC_MAX_MSRS), VMX_V_MAX_MSRS);
+        uint8_t const cMaxMsrs       = RT_MIN(RT_BF_GET(uHostMsr, VMX_BF_MISC_MAX_MSRS), VMX_V_AUTOMSR_COUNT_MAX);
         uint8_t const fActivityState = RT_BF_GET(uHostMsr, VMX_BF_MISC_ACTIVITY_STATES) & VMX_V_GUEST_ACTIVITY_STATE_MASK;
         uVmxMsr = RT_BF_MAKE(VMX_BF_MISC_PREEMPT_TIMER_TSC,       VMX_V_PREEMPT_TIMER_SHIFT            )

trunk/src/VBox/VMM/VMMAll/HMVMXAll.cpp ¶

@@ -308 +308 @@
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_HostSysenterEspEip       , "HostSysenterEspEip"        ),
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_LongModeCS               , "LongModeCS"                ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_MsrLoad                  , "MsrLoad"                   ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_MsrLoadCount             , "MsrLoadCount"              ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_MsrLoadPtrReadPhys       , "MsrLoadPtrReadPhys"        ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_MsrLoadRing3             , "MsrLoadRing3"              ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_MsrLoadRsvd              , "MsrLoadRsvd"               ),
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_NmiWindowExit            , "NmiWindowExit"             ),
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_PinCtlsAllowed1          , "PinCtlsAllowed1"           ),

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h ¶

@@ -3987 +3987 @@
 
 /**
+ * Loads the guest auto-load MSRs area as part of VM-entry.
+ *
+ * @param   pVCpu       The cross context virtual CPU structure.
+ * @param   pszInstr    The VMX instruction name (for logging purposes).
+ */
+IEM_STATIC int iemVmxVmentryLoadGuestAutoMsrs(PVMCPU pVCpu, const char *pszInstr)
+{
+    /*
+     * Load guest MSRs.
+     * See Intel spec. 26.4 "Loading MSRs".
+     */
+    PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+    const char *const pszFailure = "VM-exit";
+
+    /*
+     * Verify the MSR auto-load count. Physical CPUs can behave unpredictably if the count is
+     * exceeded including possibly raising #MC exceptions during VMX transition. Our
+     * implementation shall fail VM-entry with an VMX_EXIT_ERR_MSR_LOAD VM-exit.
+     */
+    uint64_t const u64GuestVmxMiscMsr = CPUMGetGuestIa32VmxMisc(pVCpu);
+    uint32_t const cMaxSupportedMsrs  = VMX_MISC_MAX_MSRS(u64GuestVmxMiscMsr);
+    uint32_t const cMsrs              = pVmcs->u32EntryMsrLoadCount;
+    Assert(cMaxSupportedMsrs <= VMX_V_AUTOMSR_AREA_SIZE / sizeof(VMXAUTOMSR));
+    if (cMsrs <= cMaxSupportedMsrs)
+    { /* likely */ }
+    else
+    {
+        pVmcs->u64ExitQual.u = VMX_V_AUTOMSR_AREA_SIZE / sizeof(VMXAUTOMSR);
+        IEM_VMX_VMENTRY_FAILED_RET(pVCpu, pszInstr, pszFailure, kVmxVDiag_Vmentry_MsrLoadCount);
+    }
+
+    RTGCPHYS const GCPhysAutoMsrArea = pVmcs->u64AddrEntryMsrLoad.u;
+    int rc = PGMPhysSimpleReadGCPhys(pVCpu->CTX_SUFF(pVM), (void *)&pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea),
+                                     GCPhysAutoMsrArea, VMX_V_AUTOMSR_AREA_SIZE);
+    if (RT_SUCCESS(rc))
+    {
+        PVMXAUTOMSR pMsr = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea); NOREF(pMsr);
+        for (uint32_t idxMsr = 0; idxMsr < cMsrs; idxMsr++, pMsr++)
+        {
+            if (   !pMsr->u32Reserved
+                &&  pMsr->u32Msr != MSR_K8_FS_BASE
+                &&  pMsr->u32Msr != MSR_K8_GS_BASE
+                &&  pMsr->u32Msr >> 8 != MSR_IA32_X2APIC_START >> 8
+                &&  pMsr->u32Msr != MSR_IA32_SMM_MONITOR_CTL)
+            {
+                rc = CPUMSetGuestMsr(pVCpu, pMsr->u32Msr, pMsr->u64Value);
+                if (rc == VINF_SUCCESS)
+                    continue;
+
+                /*
+                 * If we're in ring-0, we cannot handle returns to ring-3 at this point and continue VM-entry.
+                 * If any guest hypervisor loads MSRs that require ring-3 handling, we cause a VM-entry failure
+                 * indicated further with a different diagnostic code. Later, we can try implement handling of
+                 * the MSR in ring-0 if possible, or come up with a better, generic solution.
+                 */
+                pVmcs->u64ExitQual.u = idxMsr;
+                VMXVDIAG const enmDiag = rc == VINF_CPUM_R3_MSR_WRITE
+                                       ? kVmxVDiag_Vmentry_MsrLoadRing3
+                                       : kVmxVDiag_Vmentry_MsrLoad;
+                IEM_VMX_VMENTRY_FAILED_RET(pVCpu, pszInstr, pszFailure, enmDiag);
+            }
+            else
+            {
+                pVmcs->u64ExitQual.u = idxMsr;
+                IEM_VMX_VMENTRY_FAILED_RET(pVCpu, pszInstr, pszFailure, kVmxVDiag_Vmentry_MsrLoadRsvd);
+            }
+        }
+    }
+    else
+    {
+        Log(("%s: Failed to read MSR auto-load area at %#RGp, rc=%Rrc\n", pszInstr, GCPhysAutoMsrArea, rc));
+        pVCpu->cpum.GstCtx.hwvirt.vmx.enmDiag = kVmxVDiag_Vmentry_MsrLoadPtrReadPhys;
+        return rc;
+    }
+
+    NOREF(pszInstr);
+    NOREF(pszFailure);
+    return VINF_SUCCESS;
+}
+
+
+/**
  * Loads the guest-state as part of VM-entry.
  *
@@ -4016 +4098 @@
     /* Clear address-range monitoring. */
     EMMonitorWaitClear(pVCpu);
-
-    /* Load MSRs. */
 
     NOREF(pszInstr);
@@ -4142 +4222 @@
                         if (RT_SUCCESS(rc))
                         {
-                            iemVmxVmSucceed(pVCpu);
-                            iemRegAddToRipAndClearRF(pVCpu, cbInstr);
-                            return VINF_SUCCESS;
+                            /* Load MSRs from the VM-entry auto-load MSR area. */
+                            rc = iemVmxVmentryLoadGuestAutoMsrs(pVCpu, pszInstr);
+                            if (RT_SUCCESS(rc))
+                            {
+                                Assert(rc != VINF_CPUM_R3_MSR_WRITE);
+
+                                iemVmxVmSucceed(pVCpu);
+                                iemRegAddToRipAndClearRF(pVCpu, cbInstr);
+                                return VINF_SUCCESS;
+                            }
+
+                            /** @todo NSTVMX: VMExit with VMX_EXIT_ERR_MSR_LOAD and set
+                             *        VMX_BF_EXIT_REASON_ENTRY_FAILED. */
                         }
                     }

trunk/src/VBox/VMM/VMMR3/CPUM.cpp ¶

@@ -931 +931 @@
             pVCpu->cpum.s.Guest.hwvirt.vmx.pvVmwriteBitmapR3 = NULL;
         }
+        if (pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3)
+        {
+            SUPR3PageFreeEx(pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3, VMX_V_AUTOMSR_AREA_PAGES);
+            pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3 = NULL;
+        }
     }
 }
@@ -952 +957 @@
          * Allocate the nested-guest current VMCS.
          */
-        SUPPAGE SupNstGstVmcsPage;
-        RT_ZERO(SupNstGstVmcsPage);
-        SupNstGstVmcsPage.Phys = NIL_RTHCPHYS;
         Assert(VMX_V_VMCS_PAGES == 1);
         Assert(!pVCpu->cpum.s.Guest.hwvirt.vmx.pVmcsR3);
         rc = SUPR3PageAllocEx(VMX_V_VMCS_PAGES, 0 /* fFlags */, (void **)&pVCpu->cpum.s.Guest.hwvirt.vmx.pVmcsR3,
-                              &pVCpu->cpum.s.Guest.hwvirt.vmx.pVmcsR0, &SupNstGstVmcsPage);
+                              &pVCpu->cpum.s.Guest.hwvirt.vmx.pVmcsR0, NULL /* paPages */);
         if (RT_FAILURE(rc))
         {
@@ -1006 +1008 @@
             LogRel(("CPUM%u: Failed to alloc %u pages for the nested-guest's VMWRITE-bitmap\n", pVCpu->idCpu,
                     VMX_V_VMREAD_VMWRITE_BITMAP_PAGES));
+            break;
+        }
+
+        /*
+         * Allocate the MSR auto-load/store area.
+         */
+        Assert(!pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3);
+        rc = SUPR3PageAllocEx(VMX_V_AUTOMSR_AREA_PAGES, 0 /* fFlags */,
+                              (void **)&pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3,
+                              &pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR0, NULL /* paPages */);
+        if (RT_FAILURE(rc))
+        {
+            Assert(!pVCpu->cpum.s.Guest.hwvirt.vmx.pAutoMsrAreaR3);
+            LogRel(("CPUM%u: Failed to alloc %u pages for the nested-guest's auto-load/store MSR area\n", pVCpu->idCpu,
+                    VMX_V_AUTOMSR_AREA_PAGES));
             break;
         }

trunk/src/VBox/VMM/testcase/tstVMStruct.h ¶

@@ -155 +155 @@
     GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pShadowVmcsR0);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pShadowVmcsR3);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVirtApicPageR0);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVirtApicPageR3);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVmreadBitmapR0);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVmreadBitmapR3);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVmwriteBitmapR0);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pvVmwriteBitmapR3);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pAutoMsrAreaR0);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pAutoMsrAreaR3);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.fLocalForcedActions);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.fGif);