Changeset 95161 in vbox for trunk/src/VBox

Timestamp:

Jun 1, 2022 11:38:16 AM (3 years ago)

Author:

vboxsync

Message:

VMM: Nested VMX: bugref:10092 Fixes to VMX APIC-access page fault handler.

File:

• trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp (modified) (7 diffs)

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp

@@ -2442 +2442 @@
     pVmcs->u64RoExitQual.u = u64ExitQual;
 
-    LogFlow(("vmexit: reason=%#RX32 qual=%#RX64 cs:rip=%04x:%#RX64 cr0=%#RX64 cr3=%#RX64 cr4=%#RX64\n", uExitReason,
+    LogFlow(("vmexit: reason=%u qual=%#RX64 cs:rip=%04x:%#RX64 cr0=%#RX64 cr3=%#RX64 cr4=%#RX64\n", uExitReason,
              pVmcs->u64RoExitQual.u, pVCpu->cpum.GstCtx.cs.Sel, pVCpu->cpum.GstCtx.rip, pVCpu->cpum.GstCtx.cr0,
              pVCpu->cpum.GstCtx.cr3, pVCpu->cpum.GstCtx.cr4));
@@ -4372 +4372 @@
 static bool iemVmxVirtApicIsMemAccessIntercepted(PVMCPUCC pVCpu, uint16_t offAccess, size_t cbAccess, uint32_t fAccess) RT_NOEXCEPT
 {
+    Assert(cbAccess > 0);
     PCVMXVVMCS const pVmcs = &pVCpu->cpum.GstCtx.hwvirt.vmx.Vmcs;
 
@@ -9896 +9897 @@
 
 {
-    RT_NOREF4(pVM, pRegFrame, pvFault, uUser);
+    RT_NOREF3(pVM, pRegFrame, uUser);
 
     /*
@@ -9903 +9904 @@
      * Failing to do so lands us with endless EPT misconfiguration VM-exits.
      */
-    RTGCPHYS const GCPhysAccessBase = GCPhysFault & ~(RTGCPHYS)GUEST_PAGE_OFFSET_MASK;
+    RTGCPHYS const GCPhysPage = GCPhysFault & ~(RTGCPHYS)GUEST_PAGE_OFFSET_MASK;
     if (CPUMIsGuestInVmxNonRootMode(IEM_GET_CTX(pVCpu)))
     {
         Assert(CPUMIsGuestVmxProcCtls2Set(IEM_GET_CTX(pVCpu), VMX_PROC_CTLS2_VIRT_APIC_ACCESS));
-        Assert(CPUMGetGuestVmxApicAccessPageAddrEx(IEM_GET_CTX(pVCpu)) == GCPhysAccessBase);
+        Assert(CPUMGetGuestVmxApicAccessPageAddrEx(IEM_GET_CTX(pVCpu)) == GCPhysPage);
 
         /*
@@ -9920 +9921 @@
             fAccess = IEM_ACCESS_DATA_R;
 
-        uint16_t const offAccess = GCPhysFault & GUEST_PAGE_OFFSET_MASK;
-        bool const fIntercept = iemVmxVirtApicIsMemAccessIntercepted(pVCpu, offAccess, 0 /* cbAccess */, fAccess);
+        RTGCPHYS const GCPhysNestedFault = (RTGCPHYS)pvFault;
+        uint16_t const offAccess         = GCPhysNestedFault & GUEST_PAGE_OFFSET_MASK;
+        bool const fIntercept = iemVmxVirtApicIsMemAccessIntercepted(pVCpu, offAccess, 1 /* cbAccess */, fAccess);
         if (fIntercept)
         {
@@ -9944 +9946 @@
              */
             AssertLogRelMsgReturn(HmExitAux.Vmx.uReason == VMX_EXIT_EPT_VIOLATION,
-                                  ("Unexpected call to the VMX APIC-access page #PF handler for %#RGp (off=%u) uReason=%#RX32\n",
-                                   GCPhysAccessBase, offAccess, HmExitAux.Vmx.uReason), VERR_IEM_IPE_9);
+                                  ("Unexpected call to the VMX APIC-access page #PF handler for %#RGp (Nested=%#RGp, GCPhysAddr%#RGp) off=%u uReason=%u\n",
+                                   GCPhysPage, GCPhysNestedFault, HmExitAux.Vmx.u64GuestPhysAddr, offAccess, HmExitAux.Vmx.uReason), VERR_IEM_IPE_9);
 
             /*
@@ -10003 +10005 @@
     }
 
-    LogFunc(("Accessed outside VMX non-root mode, deregistering page handler for %#RGp\n", GCPhysAccessBase));
-    int rc = PGMHandlerPhysicalDeregister(pVM, GCPhysAccessBase);
+    LogFunc(("Accessed outside VMX non-root mode, deregistering page handler for %#RGp\n", GCPhysPage));
+    int const rc = PGMHandlerPhysicalDeregister(pVM, GCPhysPage);
     if (RT_FAILURE(rc))
         return rc;