Changeset 80803 in vbox for trunk/src

Timestamp:

Sep 16, 2019 5:33:35 AM (5 years ago)

Author:

vboxsync

Message:

VMM/CPUM: Nested VMX: bugref:9180 Fix I/O bitmap accesses. We need to check 1, 2 or 4 bits depending on the size of the I/O access.

File:

• trunk/src/VBox/VMM/VMMAll/CPUMAllRegs.cpp (modified) (3 diffs)

trunk/src/VBox/VMM/VMMAll/CPUMAllRegs.cpp

@@ -2423 +2423 @@
  *
  * @returns @c true if the I/O port access must cause a VM-exit, @c false otherwise.
- * @param   pvIoBitmapA     Pointer to I/O bitmap A.
- * @param   pvIoBitmapB     Pointer to I/O bitmap B.
+ * @param   pvIoBitmap      Pointer to I/O bitmap.
  * @param   uPort           The I/O port being accessed.
  * @param   cbAccess        The size of the I/O access in bytes (1, 2 or 4 bytes).
  */
-VMM_INT_DECL(bool) CPUMGetVmxIoBitmapPermission(void const *pvIoBitmapA, void const *pvIoBitmapB, uint16_t uPort,
-                                                uint8_t cbAccess)
+static bool cpumGetVmxIoBitmapPermission(void const *pvIoBitmap, uint16_t uPort, uint8_t cbAccess)
 {
     Assert(cbAccess == 1 || cbAccess == 2 || cbAccess == 4);
 
     /*
-     * If the I/O port access wraps around the 16-bit port I/O space,
-     * we must cause a VM-exit.
+     * If the I/O port access wraps around the 16-bit port I/O space, we must cause a
+     * VM-exit.
      *
      * See Intel spec. 25.1.3 "Instructions That Cause VM Exits Conditionally".
@@ -2446 +2444 @@
         return true;
 
-    /* Read the appropriate bit from the corresponding IO bitmap. */
-    void const *pvIoBitmap = uPort < 0x8000 ? pvIoBitmapA : pvIoBitmapB;
-    return ASMBitTest(pvIoBitmap, uPort);
+    /*
+     * If any bit corresponding to the I/O access is set, we must cause a VM-exit.
+     */
+    uint8_t const *pbIoBitmap   = (uint8_t const *)pvIoBitmap;
+    signed int     cBitsToCheck = cbAccess;                     /* Number of permission bits to check for this access. */
+    while (cBitsToCheck > 0)
+    {
+        uint16_t const offPerm    = uPort >> 3;                 /* Byte offset of the port. */
+        uint16_t const idxPermBit = uPort - (offPerm << 3);     /* Bit offset within byte. */
+        Assert(idxPermBit < 8);
+        uint8_t const  fMask = RT_BIT(idxPermBit);              /* Mask of the permission bit to check within the byte. */
+        uint8_t const  bPerm = *(pbIoBitmap + offPerm);         /* The bitmap content at the byte offset of the port. */
+
+        /* If any bit for the access is 1, we must cause a VM-exit. */
+        if (bPerm & fMask)
+            return true;
+
+        /* Move to the next permission bit. */
+        --cBitsToCheck;
+        ++uPort;
+    }
+
+    return false;
 }
 
@@ -2734 +2752 @@
     if (CPUMIsGuestVmxProcCtlsSet(pVCpu, pCtx, VMX_PROC_CTLS_USE_IO_BITMAPS))
     {
-        uint8_t const *pbIoBitmapA = (uint8_t const *)pCtx->hwvirt.vmx.CTX_SUFF(pvIoBitmap);
-        uint8_t const *pbIoBitmapB = (uint8_t const *)pCtx->hwvirt.vmx.CTX_SUFF(pvIoBitmap) + VMX_V_IO_BITMAP_A_SIZE;
-        Assert(pbIoBitmapA);
-        Assert(pbIoBitmapB);
-        return CPUMGetVmxIoBitmapPermission(pbIoBitmapA, pbIoBitmapB, u16Port, cbAccess);
+        uint8_t const *pbIoBitmap = (uint8_t const *)pCtx->hwvirt.vmx.CTX_SUFF(pvIoBitmap);
+        Assert(pbIoBitmap);
+        return cpumGetVmxIoBitmapPermission(pbIoBitmap, u16Port, cbAccess);
     }