Changeset 79100 in vbox

Timestamp:

Jun 12, 2019 8:17:21 AM (6 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

131262

Message:

VMM/HMVMXR0: Nested VMX: bugref:9180 Add hmR0VmxIs[Pin|Proc|Proc2|Entry|Exit]CtlsSet for use in VM-exit handlers to get the nested-guest controls (rather than the merged ones).
Fix places that need to set/clear virtual-NMI blocking rather than guest physical NMI blocking.
Adjusted some assertions for use with nested-guest execution.
Add const VMXTRANSIENT pointer and use it in places where it's possible.
Fix when when merging MSR bitmaps and the nested-guest does not specify use of MSR bitmap, comment clarifies.

File:

• trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp (modified) (26 diffs)

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -291 +291 @@
 /** Pointer to VMX transient state. */
 typedef VMXTRANSIENT *PVMXTRANSIENT;
+/** Pointer to a const VMX transient state. */
+typedef const VMXTRANSIENT *PCVMXTRANSIENT;
+
 
 /**
@@ -743 +746 @@
 
 /**
+ * Checks whether one of the given Pin-based VM-execution controls are set.
+ *
+ * @returns @c true if set, @c false otherwise.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   uPinCtls        The Pin-based VM-execution controls to check.
+ *
+ * @remarks This will not check merged controls when executing a nested-guest
+ *          but the original control specified by the guest hypervisor.
+ */
+static bool hmR0VmxIsPinCtlsSet(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, uint32_t uPinCtls)
+{
+    if (!pVmxTransient->fIsNestedGuest)
+    {
+        PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
+        return RT_BOOL(pVmcsInfo->u32PinCtls & uPinCtls);
+    }
+    return CPUMIsGuestVmxPinCtlsSet(pVCpu, &pVCpu->cpum.GstCtx, uPinCtls);
+}
+
+
+/**
+ * Checks whether one of the given Processor-based VM-execution controls are set.
+ *
+ * @returns @c true if set, @c false otherwise.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   uPinCtls        The Processor-based VM-execution controls to check.
+ *
+ * @remarks This will not check merged controls when executing a nested-guest
+ *          but the original control specified by the guest hypervisor.
+ */
+static bool hmR0VmxIsProcCtlsSet(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, uint32_t uProcCtls)
+{
+    if (!pVmxTransient->fIsNestedGuest)
+    {
+        PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
+        return RT_BOOL(pVmcsInfo->u32ProcCtls & uProcCtls);
+    }
+    return CPUMIsGuestVmxProcCtlsSet(pVCpu, &pVCpu->cpum.GstCtx, uProcCtls);
+}
+
+
+/**
+ * Checks whether one of the given Secondary Processor-based VM-execution controls
+ * are set.
+ *
+ * @returns @c true if set, @c false otherwise.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   uPinCtls        The Secondary Processor-based VM-execution controls to
+ *                          check.
+ *
+ * @remarks This will not check merged controls when executing a nested-guest
+ *          but the original control specified by the guest hypervisor.
+ */
+static bool hmR0VmxIsProcCtls2Set(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, uint32_t uProcCtls2)
+{
+    if (!pVmxTransient->fIsNestedGuest)
+    {
+        PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
+        return RT_BOOL(pVmcsInfo->u32ProcCtls2 & uProcCtls2);
+    }
+    return CPUMIsGuestVmxProcCtls2Set(pVCpu, &pVCpu->cpum.GstCtx, uProcCtls2);
+}
+
+
+#if 0
+/**
+ * Checks whether one of the given VM-entry controls are set.
+ *
+ * @returns @c true if set, @c false otherwise.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   uPinCtls        The VM-entry controls to check.
+ *
+ * @remarks This will not check merged controls when executing a nested-guest
+ *          but the original control specified by the guest hypervisor.
+ */
+static bool hmR0VmxIsEntryCtlsSet(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, uint32_t uEntryCtls)
+{
+    if (!pVmxTransient->fIsNestedGuest)
+    {
+        PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
+        return RT_BOOL(pVmcsInfo->u32EntryCtls & uEntryCtls);
+    }
+    return CPUMIsGuestVmxEntryCtlsSet(pVCpu, &pVCpu->cpum.GstCtx, uEntryCtls);
+}
+
+
+/**
+ * Checks whether one of the given VM-exit controls are set.
+ *
+ * @returns @c true if set, @c false otherwise.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
+ * @param   uPinCtls        The VM-exit controls to check.
+ *
+ * @remarks This will not check merged controls when executing a nested-guest
+ *          but the original control specified by the guest hypervisor.
+ */
+static bool hmR0VmxIsExitCtlsSet(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, uint32_t uExitCtls)
+{
+    if (!pVmxTransient->fIsNestedGuest)
+    {
+        PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
+        return RT_BOOL(pVmcsInfo->u32ExitCtls & uExitCtls);
+    }
+    return CPUMIsGuestVmxExitCtlsSet(pVCpu, &pVCpu->cpum.GstCtx, uExitCtls);
+}
+#endif
+
+
+/**
  * Adds one or more exceptions to the exception bitmap and commits it to the current
  * VMCS.
@@ -4557 +4674 @@
  *
  * @returns Guest's interruptibility-state.
- * @param   pVCpu       The cross context virtual CPU structure.
- * @param   pVmcsInfo   The VMCS info. object.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   pVmxTransient   The VMX-transient structure.
  *
  * @remarks No-long-jump zone!!!
  */
-static uint32_t hmR0VmxGetGuestIntrState(PVMCPU pVCpu, PCVMXVMCSINFO pVmcsInfo)
+static uint32_t hmR0VmxGetGuestIntrState(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient)
 {
     /*
@@ -4605 +4722 @@
      * See Intel spec. 26.6.1 "Interruptibility state". See @bugref{7445}.
      */
-    if (   (pVmcsInfo->u32PinCtls & VMX_PIN_CTLS_VIRT_NMI)
+    if (   hmR0VmxIsPinCtlsSet(pVCpu, pVmxTransient, VMX_PIN_CTLS_VIRT_NMI)
         && CPUMIsGuestNmiBlocking(pVCpu))
         fIntrState |= VMX_VMCS_GUEST_INT_STATE_BLOCK_NMI;
@@ -6101 +6218 @@
  * @remarks No-long-jump zone!!!
  */
-DECLINLINE(int) hmR0VmxRunGuest(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient)
+DECLINLINE(int) hmR0VmxRunGuest(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient)
 {
     /* Mark that HM is the keeper of all guest-CPU registers now that we're going to execute guest code. */
@@ -7347 +7464 @@
                 VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
 
-            if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
-                VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_BLOCK_NMIS);
+            CPUMSetGuestNmiBlocking(pVCpu, false);
         }
         else
@@ -7366 +7482 @@
                     VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
 
-                if (u32Val & VMX_VMCS_GUEST_INT_STATE_BLOCK_NMI)
-                {
-                    if (!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
-                        VMCPU_FF_SET(pVCpu, VMCPU_FF_BLOCK_NMIS);
-                }
-                else if (VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
-                    VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_BLOCK_NMIS);
+                bool const fNmiBlocking = RT_BOOL(u32Val & VMX_VMCS_GUEST_INT_STATE_BLOCK_NMI);
+                CPUMSetGuestNmiBlocking(pVCpu, fNmiBlocking);
             }
         }
@@ -8768 +8879 @@
 
     /* Get the current interruptibility-state of the guest and then figure out what can be injected. */
-    uint32_t const fIntrState = hmR0VmxGetGuestIntrState(pVCpu, pVmcsInfo);
+    uint32_t const fIntrState = hmR0VmxGetGuestIntrState(pVCpu, pVmxTransient);
     bool const fBlockMovSS    = RT_BOOL(fIntrState & VMX_VMCS_GUEST_INT_STATE_BLOCK_MOVSS);
     bool const fBlockSti      = RT_BOOL(fIntrState & VMX_VMCS_GUEST_INT_STATE_BLOCK_STI);
@@ -10024 +10135 @@
 static void hmR0VmxMergeMsrBitmapNested(PCVMCPU pVCpu, PVMXVMCSINFO pVmcsInfoNstGst, PCVMXVMCSINFO pVmcsInfoGst)
 {
-    uint64_t const *pu64MsrBitmapNstGst = (uint64_t const *)pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pvMsrBitmap);
-    uint64_t const *pu64MsrBitmapGst    = (uint64_t const *)pVmcsInfoGst->pvMsrBitmap;
-    uint64_t       *pu64MsrBitmap       = (uint64_t *)pVmcsInfoNstGst->pvMsrBitmap;
-    Assert(pu64MsrBitmapNstGst);
-    Assert(pu64MsrBitmapGst);
+    uint32_t const cbMsrBitmap    = X86_PAGE_4K_SIZE;
+    uint64_t       *pu64MsrBitmap = (uint64_t *)pVmcsInfoNstGst->pvMsrBitmap;
     Assert(pu64MsrBitmap);
 
@@ -10035 +10143 @@
      * MSR that is intercepted by the guest is also intercepted while executing the
      * nested-guest using hardware-assisted VMX.
+     *
+     * Note! If the nested-guest is not using an MSR bitmap, ever MSR must cause a
+     *       nested-guest VM-exit even if the outer guest is not intercepting some
+     *       MSRs. We cannot assume the caller has initialized the nested-guest
+     *       MSR bitmap in this case.
+     *
+     *       The guest hypervisor may also switch whether it uses MSR bitmaps for
+     *       each VM-entry, hence initializing it once per-VM while setting up the
+     *       nested-guest VMCS is not sufficient.
      */
-    uint32_t const cFrags = X86_PAGE_4K_SIZE / sizeof(uint64_t);
-    for (uint32_t i = 0; i < cFrags; i++)
-        pu64MsrBitmap[i] = pu64MsrBitmapNstGst[i] | pu64MsrBitmapGst[i];
+    PCVMXVVMCS pVmcsNstGst = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+    if (pVmcsNstGst->u32ProcCtls & VMX_PROC_CTLS_USE_MSR_BITMAPS)
+    {
+        uint64_t const *pu64MsrBitmapNstGst = (uint64_t const *)pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pvMsrBitmap);
+        uint64_t const *pu64MsrBitmapGst    = (uint64_t const *)pVmcsInfoGst->pvMsrBitmap;
+        Assert(pu64MsrBitmapNstGst);
+        Assert(pu64MsrBitmapGst);
+
+        uint32_t const cFrags = cbMsrBitmap / sizeof(uint64_t);
+        for (uint32_t i = 0; i < cFrags; i++)
+            pu64MsrBitmap[i] = pu64MsrBitmapNstGst[i] | pu64MsrBitmapGst[i];
+    }
+    else
+        ASMMemFill32(pu64MsrBitmap, cbMsrBitmap, UINT32_C(0xffffffff));
 }
 
@@ -10417 +10545 @@
     /*
      * Virtualize memory-mapped accesses to the physical APIC (may take locks).
-     * We look at the guest VMCS control here as we always set it when supported by
-     * the physical CPU. Looking at the nested-guest control here would not be
-     * possible because they are not merged yet.
      */
     PVM pVM = pVCpu->CTX_SUFF(pVM);
@@ -10425 +10550 @@
     Assert(pVmcsInfo);
     if (   !pVCpu->hm.s.vmx.u64GstMsrApicBase
-        && (pVmcsInfo->u32ProcCtls2 & VMX_PROC_CTLS2_VIRT_APIC_ACCESS)
+        && hmR0VmxIsProcCtls2Set(pVCpu, pVmxTransient, VMX_PROC_CTLS2_VIRT_APIC_ACCESS)
         && PDMHasApic(pVM))
     {
@@ -11152 +11277 @@
  * @param   pDbgState       The debug state to initialize.
  */
-static void hmR0VmxRunDebugStateInit(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient, PVMXRUNDBGSTATE pDbgState)
+static void hmR0VmxRunDebugStateInit(PVMCPU pVCpu, PCVMXTRANSIENT pVmxTransient, PVMXRUNDBGSTATE pDbgState)
 {
     pDbgState->uRipStart            = pVCpu->cpum.GstCtx.rip;
@@ -12827 +12952 @@
 static VBOXSTRICTRC hmR0VmxCheckExitDueToEventDelivery(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient)
 {
-    VBOXSTRICTRC  rcStrict  = VINF_SUCCESS;
-    PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
-
     /* Read the IDT vectoring info. and VM-exit interruption info. */
     {
@@ -12837 +12959 @@
     }
 
+    VBOXSTRICTRC   rcStrict    = VINF_SUCCESS;
     uint32_t const uExitVector = VMX_EXIT_INT_INFO_VECTOR(pVmxTransient->uExitIntInfo);
     if (VMX_IDT_VECTORING_INFO_IS_VALID(pVmxTransient->uIdtVectoringInfo))
@@ -12902 +13025 @@
          * See Intel spec. 30.7.1.2 "Resuming Guest Software after Handling an Exception". See @bugref{7445}.
          */
-        if (   VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS)
-            && uIdtVectorType == VMX_IDT_VECTORING_INFO_TYPE_NMI
+        if (   uIdtVectorType == VMX_IDT_VECTORING_INFO_TYPE_NMI
             && (   enmRaise   == IEMXCPTRAISE_PREV_EVENT
                 || (fRaiseInfo & IEMXCPTRAISEINFO_NMI_PF))
-            && (pVmcsInfo->u32PinCtls & VMX_PIN_CTLS_VIRT_NMI))
-        {
-            VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_BLOCK_NMIS);
+            && hmR0VmxIsPinCtlsSet(pVCpu, pVmxTransient, VMX_PIN_CTLS_VIRT_NMI)
+            && CPUMIsGuestNmiBlocking(pVCpu))
+        {
+            CPUMSetGuestNmiBlocking(pVCpu, false);
         }
 
@@ -12997 +13120 @@
              && VMX_EXIT_INT_INFO_IS_NMI_UNBLOCK_IRET(pVmxTransient->uExitIntInfo)
              && uExitVector != X86_XCPT_DF
-             && (pVmcsInfo->u32PinCtls & VMX_PIN_CTLS_VIRT_NMI))
+             && hmR0VmxIsPinCtlsSet(pVCpu, pVmxTransient, VMX_PIN_CTLS_VIRT_NMI))
     {
         /*
@@ -13004 +13127 @@
          * See Intel spec. 30.7.1.2 "Resuming guest software after handling an exception".
          */
-        if (!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS))
-        {
-            Log4Func(("Setting VMCPU_FF_BLOCK_NMIS. fValid=%RTbool uExitReason=%u\n",
-                      VMX_EXIT_INT_INFO_IS_VALID(pVmxTransient->uExitIntInfo), pVmxTransient->uExitReason));
-            VMCPU_FF_SET(pVCpu, VMCPU_FF_BLOCK_NMIS);
-        }
+        CPUMSetGuestNmiBlocking(pVCpu, true);
+        Log4Func(("Set NMI blocking. fValid=%RTbool uExitReason=%u\n", VMX_EXIT_INT_INFO_IS_VALID(pVmxTransient->uExitIntInfo),
+                  pVmxTransient->uExitReason));
     }
 
@@ -13206 +13326 @@
     }
 
-    Assert(!VMCPU_FF_IS_SET(pVCpu, VMCPU_FF_BLOCK_NMIS));
+    Assert(!CPUMIsGuestNmiBlocking(pVCpu));
 
     /*
@@ -13804 +13924 @@
 
 #ifdef VBOX_STRICT
-    if (pVmcsInfo->u32ProcCtls & VMX_PROC_CTLS_USE_MSR_BITMAPS)
+    if (hmR0VmxIsProcCtlsSet(pVCpu, pVmxTransient, VMX_PROC_CTLS_USE_MSR_BITMAPS))
     {
         if (   hmR0VmxIsAutoLoadGuestMsr(pVmcsInfo, idMsr)
@@ -13907 +14027 @@
 
         /* Update MSRs that are part of the VMCS and auto-load/store area when MSR-bitmaps are not supported. */
-        if (!(pVmcsInfo->u32ProcCtls & VMX_PROC_CTLS_USE_MSR_BITMAPS))
+        if (!hmR0VmxIsProcCtlsSet(pVCpu, pVmxTransient, VMX_PROC_CTLS_USE_MSR_BITMAPS))
         {
             switch (idMsr)
@@ -15065 +15185 @@
     {
 #ifndef HMVMX_ALWAYS_TRAP_ALL_XCPTS
-        Assert(pVCpu->hm.s.fUsingDebugLoop || pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv);
+        Assert(pVCpu->hm.s.fUsingDebugLoop || pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv || pVmxTransient->fIsNestedGuest);
 #endif
         /* If the guest is not in real-mode or we have unrestricted guest execution support, reflect #GP to the guest. */
@@ -15076 +15196 @@
                   pVmxTransient->uExitIntErrorCode, pCtx->cr0, CPUMGetGuestCPL(pVCpu), pCtx->tr.Sel));
 
-        if (   !pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv
+        if (    pVmxTransient->fIsNestedGuest
+            || !pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv
             || !hmR0VmxIsMesaDrvGp(pVCpu, pVmxTransient, pCtx))
             hmR0VmxSetPendingEvent(pVCpu, VMX_ENTRY_INT_INFO_FROM_EXIT_INT_INFO(pVmxTransient->uExitIntInfo),
@@ -15087 +15208 @@
     Assert(CPUMIsGuestInRealModeEx(pCtx));
     Assert(!pVCpu->CTX_SUFF(pVM)->hm.s.vmx.fUnrestrictedGuest);
+    Assert(!pVmxTransient->fIsNestedGuest);
 
     int rc = hmR0VmxImportGuestState(pVCpu, pVmcsInfo, HMVMX_CPUMCTX_EXTRN_ALL);
@@ -15136 +15258 @@
 #ifndef HMVMX_ALWAYS_TRAP_ALL_XCPTS
     PCVMXVMCSINFO pVmcsInfo = pVmxTransient->pVmcsInfo;
-    AssertMsg(pVCpu->hm.s.fUsingDebugLoop || pVmcsInfo->RealMode.fRealOnV86Active,
+    AssertMsg(pVCpu->hm.s.fUsingDebugLoop || pVmcsInfo->RealMode.fRealOnV86Active || pVmxTransient->fIsNestedGuest,
               ("uVector=%#x u32XcptBitmap=%#X32\n",
                VMX_EXIT_INT_INFO_VECTOR(pVmxTransient->uExitIntInfo), pVmcsInfo->u32XcptBitmap));
@@ -15142 +15264 @@
 #endif
 
-    /* Re-inject the exception into the guest. This cannot be a double-fault condition which would have been handled in
-       hmR0VmxCheckExitDueToEventDelivery(). */
+    /*
+     * Re-inject the exception into the guest. This cannot be a double-fault condition which
+     * would have been handled while checking exits due to event delivery.
+     */
     int rc = hmR0VmxReadExitIntErrorCodeVmcs(pVmxTransient);
     rc    |= hmR0VmxReadExitInstrLenVmcs(pVmxTransient);