Changeset 74303 in vbox

Timestamp:

Sep 17, 2018 9:33:58 AM (7 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

125109

Message:

VMM/CPUM, IEM: Nested VMX: bugref:9180 vmlaunch/vmresume bits.

Location:

trunk

Files:

• include/VBox/vmm/cpum.mac (modified) (1 diff)
• include/VBox/vmm/cpumctx.h (modified) (2 diffs)
• include/VBox/vmm/hm_vmx.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (6 diffs)
• src/VBox/VMM/include/CPUMInternal.mac (modified) (2 diffs)
• src/VBox/VMM/testcase/tstVMStruct.h (modified) (1 diff)

trunk/include/VBox/vmm/cpum.mac

@@ -280 +280 @@
     alignb 8
     .hwvirt.svm.HCPhysVmcb             RTHCPHYS_RES  1
+    .hwvirt.uInhibitRip                resq          1
     .hwvirt.fLocalForcedActions        resd          1
     .hwvirt.fGif                       resb          1

trunk/include/VBox/vmm/cpumctx.h

@@ -618 +618 @@
         } CPUM_UNION_NM(s);
 
-        /** 0x3f0 - A subset of force flags that are preserved while running the nested-guest. */
+        /** 0x3f0 - Saved guest's interrupt-inhibited RIP (if any) - Intel only. */
+        uint64_t                uInhibitRip;
+        /** 0x3f8 - A subset of guest force flags that are saved while running the
+         *  nested-guest. */
         uint32_t                fLocalForcedActions;
-        /** 0x3f4 - Global interrupt flag (always true on nested VMX). */
+        /** 0x3fc - Global interrupt flag - AMD only (always true on Intel). */
         bool                    fGif;
-        /** 0x3f5 - Padding. */
-        uint8_t                 abPadding1[11];
+        /** 0x3fd - Padding. */
+        uint8_t                 abPadding1[3];
     } hwvirt;
     /** @} */
@@ -687 +690 @@
 AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) svm.pvIoBitmapR3,           0x3e0);
 AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) svm.HCPhysVmcb,             0x3e8);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.fLocalForcedActions, 0x3f0);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.uInhibitRip,         0x3f0);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.fLocalForcedActions, 0x3f8);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.fGif,                0x3fc);
 AssertCompileMemberAlignment(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) svm.pVmcbR0,       8);
 AssertCompileMemberAlignment(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) svm.pvMsrBitmapR0, 8);

trunk/include/VBox/vmm/hm_vmx.h

@@ -2440 +2440 @@
 #define VMX_IDT_VECTORING_INFO_IS_VALID(a)                      (((a) >> 31) & 1)
 
+/** Construct an IDT-vectoring information field from an VM-entry interruption
+ *  information field (same except that bit 12 is reserved). */
+#define VMX_EXIT_IDT_INFO_FROM_ENTRY_INT_INFO(a)                ((a) & ~RT_BIT(12))
+
 /** Bit fields for IDT-vectoring information. */
 /** The IDT-vectoring info vector. */
@@ -2795 +2799 @@
 /** @name Format of Pending-Debug-Exceptions.
  * Bits 4-11, 13, 15 and 17-63 are reserved.
+ * Similar to DR6 except bit 12 (breakpoint enabled) and bit 16 (RTM) are both
+ * possibly valid here but not in DR6.
  * @{
  */

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -4070 +4070 @@
 
 /**
+ * Loads the guest-state non-register state as part of VM-entry.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ *
+ * @remarks This must be called only after loading the nested-guest register state
+ *          (especially nested-guest RIP).
+ */
+IEM_STATIC void iemVmxVmentryLoadGuestNonRegState(PVMCPU pVCpu)
+{
+    /*
+     * Load guest non-register state.
+     * See Intel spec. 26.6 "Special Features of VM Entry"
+     */
+    PCVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+    uint32_t const uEntryIntInfo = pVmcs->u32EntryIntInfo;
+    if (VMX_ENTRY_INT_INFO_IS_VALID(uEntryIntInfo))
+    {
+        /** @todo NSTVMX: Pending debug exceptions. */
+        Assert(!(pVmcs->u64GuestPendingDbgXcpt.u));
+
+        if (pVmcs->u32GuestIntrState == VMX_VMCS_GUEST_INT_STATE_BLOCK_NMI)
+        {
+            /** @todo NSTVMX: Virtual-NMIs doesn't affect NMI blocking in the normal sense.
+             *        We probably need a different force flag for virtual-NMI
+             *        pending/blocking. */
+            Assert(!(pVmcs->u32PinCtls & VMX_PIN_CTLS_VIRT_NMI));
+            VMCPU_FF_SET(pVCpu, VMCPU_FF_BLOCK_NMIS);
+        }
+        else if (   pVmcs->u32GuestIntrState == VMX_VMCS_GUEST_INT_STATE_BLOCK_STI
+                 || pVmcs->u32GuestIntrState == VMX_VMCS_GUEST_INT_STATE_BLOCK_MOVSS)
+        {
+            EMSetInhibitInterruptsPC(pVCpu, pVCpu->cpum.GstCtx.rip);
+        }
+
+        /* SMI blocking is irrelevant. We don't support SMIs yet. */
+    }
+
+    /* Loading PDPTEs will be taken care when we switch modes. We don't support EPT yet. */
+    Assert(!(pVmcs->u32ProcCtls2 & VMX_PROC_CTLS2_EPT));
+
+    /* VPID is irrelevant. We don't support VPID yet. */
+
+    /* Clear address-range monitoring. */
+    EMMonitorWaitClear(pVCpu);
+}
+
+
+/**
+ * Saves the guest force-flags in prepartion of entering the nested-guest.
+ *
+ * @param   pVCpu       The cross context virtual CPU structure.
+ */
+IEM_STATIC void iemVmxVmentrySaveForceFlags(PVMCPU pVCpu)
+{
+    /* Assert that we are not called multiple times during VM-entry. */
+    Assert(pVCpu->cpum.GstCtx.hwvirt.fLocalForcedActions == 0);
+
+    /*
+     * Preserve the required force-flags.
+     *
+     * We only preserve the force-flags that would affect the execution of the
+     * nested-guest (or the guest).
+     *
+     *   - VMCPU_FF_INHIBIT_INTERRUPTS and RIP needs be preserved as there is no
+     *     implicit Global Interrupt Flag (GIF) handling as with AMD-V's VMRUN
+     *     instruction and the interrupt inhibition is in effect until the
+     *     completion of this VMLAUNCH/VMRESUME instruction.
+     *
+     *   - VMCPU_FF_BLOCK_NMIS needs to be preserved as it blocks NMI until the
+     *     execution of a subsequent IRET instruction in the guest.
+     *
+     *   - MTF needs to be preserved as it's for a single instruction boundary
+     *     which follows the return from VMLAUNCH/VMRESUME instruction.
+     *
+     * The remaining FFs (e.g. timers) can stay in place so that we will be able to
+     * generate interrupts that should cause #VMEXITs for the nested-guest.
+     */
+    if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS))
+        pVCpu->cpum.GstCtx.hwvirt.uInhibitRip = EMGetInhibitInterruptsPC(pVCpu);
+
+    uint32_t const fGuestFFMask = VMCPU_FF_INHIBIT_INTERRUPTS | VMCPU_FF_BLOCK_NMIS | VMCPU_FF_MTF;
+    pVCpu->cpum.GstCtx.hwvirt.fLocalForcedActions = pVCpu->fLocalForcedActions & fGuestFFMask;
+    VMCPU_FF_CLEAR(pVCpu, fGuestFFMask);
+}
+
+
+#if 0
+/**
+ * Restores the guest force-flags in prepartion of exiting the nested-guest.
+ *
+ * @param   pVCpu       The cross context virtual CPU structure.
+ */
+IEM_STATIC void iemVmxVmexitRestoreForceFlags(PVMCPU pVCpu)
+{
+    if (pVCpu->cpum.GstCtx.hwvirt.fLocalForcedActions)
+    {
+        VMCPU_FF_SET(pVCpu, pVCpu->cpum.GstCtx.hwvirt.fLocalForcedActions);
+        pVCpu->cpum.GstCtx.hwvirt.fLocalForcedActions = 0;
+    }
+}
+#endif
+
+
+/**
  * Loads the guest-state as part of VM-entry.
  *
@@ -4096 +4201 @@
     pVCpu->cpum.GstCtx.rflags.u = pVmcs->u64GuestRFlags.u;
 
-    /* Loading PDPTEs will be taken care when we switch modes. We don't support EPT yet. */
-    Assert(!(pVmcs->u32ProcCtls2 & VMX_PROC_CTLS2_EPT));
-
-    /* Nothing to do for VPID. */
-
-    /* Clear address-range monitoring. */
-    EMMonitorWaitClear(pVCpu);
+    /* Load guest non-register state. */
+    iemVmxVmentryLoadGuestNonRegState(pVCpu);
 
     NOREF(pszInstr);
@@ -4125 +4225 @@
     if (VMX_ENTRY_INT_INFO_IS_VALID(uEntryIntInfo))
     {
+        /*
+         * The event that is going to be made pending for injection is not subject to VMX intercepts,
+         * thus we flag ignoring of intercepts. However, recursive exceptions if any during delivery
+         * of the current event -are- subject to intercepts, hence this flag will be flipped during
+         * the actually delivery of this event.
+         */
+        pVCpu->cpum.GstCtx.hwvirt.vmx.fInterceptEvents = false;
+
         uint8_t const uType = VMX_ENTRY_INT_INFO_TYPE(uEntryIntInfo);
         if (uType == VMX_ENTRY_INT_INFO_TYPE_OTHER_EVENT)
@@ -4133 +4241 @@
         }
 
-        /** @todo NSTVMX: Is it safe to update IDT-vectoring information in the VMCS
-         *        here? */
-
-        pVCpu->cpum.GstCtx.hwvirt.vmx.fInterceptEvents = false;
         int rc = HMVmxEntryIntInfoInjectTrpmEvent(pVCpu, uEntryIntInfo, pVmcs->u32EntryXcptErrCode, pVmcs->u32EntryInstrLen,
                                                   pVCpu->cpum.GstCtx.cr2);
@@ -4298 +4402 @@
                 if (RT_SUCCESS(rc))
                 {
+                    /* Save the (outer) guest force-flags as VM-exits can occur from this point on. */
+                    iemVmxVmentrySaveForceFlags(pVCpu);
+
                     /* Check guest-state fields. */
                     rc = iemVmxVmentryCheckGuestState(pVCpu, pszInstr);
@@ -4342 +4449 @@
                                 return VINF_SUCCESS;
                             }
-
                             /** @todo NSTVMX: VMExit with VMX_EXIT_ERR_MSR_LOAD and set
                              *        VMX_BF_EXIT_REASON_ENTRY_FAILED. */

trunk/src/VBox/VMM/include/CPUMInternal.mac

@@ -253 +253 @@
     alignb 8
     .Guest.hwvirt.svm.HCPhysVmcb             RTHCPHYS_RES 1
+    .Guest.hwvirt.uInhibitRip                resq         1
     .Guest.hwvirt.fLocalForcedActions        resd         1
     .Guest.hwvirt.fGif                       resb         1
@@ -540 +541 @@
     alignb 8
     .Hyper.hwvirt.svm.HCPhysVmcb             RTHCPHYS_RES 1
+    .Hyper.hwvirt.uInhibitRip                resq         1
     .Hyper.hwvirt.fLocalForcedActions        resd         1
     .Hyper.hwvirt.fGif                       resb         1

trunk/src/VBox/VMM/testcase/tstVMStruct.h

@@ -164 +164 @@
     GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pAutoMsrAreaR0);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.vmx.pAutoMsrAreaR3);
+    GEN_CHECK_OFF(CPUMCTX, hwvirt.uInhibitRip);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.fLocalForcedActions);
     GEN_CHECK_OFF(CPUMCTX, hwvirt.fGif);
-    /** @todo add rest of hwvirt fields when code is more
+    /** @todo NSTVMX: add rest of hwvirt fields when code is more
      *        finalized. */
     GEN_CHECK_OFF(CPUMCTX, pXStateR0);