direct-io.hg

view xen/arch/x86/vmx.c @ 7567:a663683fe8cb

Remove trace compile option from Xen.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@firebug.cl.cam.ac.uk
date Sun Oct 30 22:35:06 2005 +0100 (2005-10-30)
parents cc23d4236b20
children 65c3b9382caa
line source
1 /*
2 * vmx.c: handling VMX architecture-related VM exits
3 * Copyright (c) 2004, Intel Corporation.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
16 * Place - Suite 330, Boston, MA 02111-1307 USA.
17 *
18 */
20 #include <xen/config.h>
21 #include <xen/init.h>
22 #include <xen/lib.h>
23 #include <xen/trace.h>
24 #include <xen/sched.h>
25 #include <xen/irq.h>
26 #include <xen/softirq.h>
27 #include <xen/domain_page.h>
28 #include <asm/current.h>
29 #include <asm/io.h>
30 #include <asm/shadow.h>
31 #include <asm/regs.h>
32 #include <asm/cpufeature.h>
33 #include <asm/processor.h>
34 #include <asm/types.h>
35 #include <asm/msr.h>
36 #include <asm/spinlock.h>
37 #include <asm/vmx.h>
38 #include <asm/vmx_vmcs.h>
39 #include <asm/vmx_intercept.h>
40 #include <asm/shadow.h>
41 #if CONFIG_PAGING_LEVELS >= 3
42 #include <asm/shadow_64.h>
43 #endif
44 #include <public/sched.h>
45 #include <public/io/ioreq.h>
47 int hvm_enabled;
49 #ifdef CONFIG_VMX
50 unsigned int opt_vmx_debug_level = 0;
51 integer_param("vmx_debug", opt_vmx_debug_level);
53 static unsigned long trace_values[NR_CPUS][4];
54 #define TRACE_VMEXIT(index,value) trace_values[current->processor][index]=value
56 static int vmx_switch_on;
58 void vmx_final_setup_guest(struct vcpu *v)
59 {
60 v->arch.schedule_tail = arch_vmx_do_launch;
62 if ( v == v->domain->vcpu[0] )
63 {
64 v->domain->arch.vmx_platform.lapic_enable =
65 v->arch.guest_context.user_regs.ecx;
66 v->arch.guest_context.user_regs.ecx = 0;
67 VMX_DBG_LOG(DBG_LEVEL_VLAPIC, "lapic enable is %d.\n",
68 v->domain->arch.vmx_platform.lapic_enable);
69 /*
70 * Required to do this once per domain
71 * XXX todo: add a seperate function to do these.
72 */
73 memset(&v->domain->shared_info->evtchn_mask[0], 0xff,
74 sizeof(v->domain->shared_info->evtchn_mask));
76 /* Put the domain in shadow mode even though we're going to be using
77 * the shared 1:1 page table initially. It shouldn't hurt */
78 shadow_mode_enable(v->domain,
79 SHM_enable|SHM_refcounts|
80 SHM_translate|SHM_external);
81 }
83 vmx_switch_on = 1;
84 }
86 void vmx_relinquish_resources(struct vcpu *v)
87 {
88 if ( !VMX_DOMAIN(v) )
89 return;
91 if (v->vcpu_id == 0) {
92 /* unmap IO shared page */
93 struct domain *d = v->domain;
94 unmap_domain_page((void *)d->arch.vmx_platform.shared_page_va);
95 }
97 destroy_vmcs(&v->arch.arch_vmx);
98 free_monitor_pagetable(v);
99 rem_ac_timer(&v->domain->arch.vmx_platform.vmx_pit.pit_timer);
100 if ( vmx_apic_support(v->domain) ) {
101 rem_ac_timer( &(VLAPIC(v)->vlapic_timer) );
102 xfree( VLAPIC(v) );
103 }
104 }
106 #ifdef __x86_64__
107 static struct msr_state percpu_msr[NR_CPUS];
109 static u32 msr_data_index[VMX_MSR_COUNT] =
110 {
111 MSR_LSTAR, MSR_STAR, MSR_CSTAR,
112 MSR_SYSCALL_MASK, MSR_EFER,
113 };
115 /*
116 * To avoid MSR save/restore at every VM exit/entry time, we restore
117 * the x86_64 specific MSRs at domain switch time. Since those MSRs are
118 * are not modified once set for generic domains, we don't save them,
119 * but simply reset them to the values set at percpu_traps_init().
120 */
121 void vmx_load_msrs(struct vcpu *n)
122 {
123 struct msr_state *host_state;
124 host_state = &percpu_msr[smp_processor_id()];
126 if ( !vmx_switch_on )
127 return;
129 while (host_state->flags){
130 int i;
132 i = find_first_set_bit(host_state->flags);
133 wrmsrl(msr_data_index[i], host_state->msr_items[i]);
134 clear_bit(i, &host_state->flags);
135 }
136 }
138 static void vmx_save_init_msrs(void)
139 {
140 struct msr_state *host_state;
141 host_state = &percpu_msr[smp_processor_id()];
142 int i;
144 for (i = 0; i < VMX_MSR_COUNT; i++)
145 rdmsrl(msr_data_index[i], host_state->msr_items[i]);
146 }
148 #define CASE_READ_MSR(address) \
149 case MSR_ ## address: \
150 msr_content = msr->msr_items[VMX_INDEX_MSR_ ## address]; \
151 break
153 #define CASE_WRITE_MSR(address) \
154 case MSR_ ## address: \
155 { \
156 msr->msr_items[VMX_INDEX_MSR_ ## address] = msr_content; \
157 if (!test_bit(VMX_INDEX_MSR_ ## address, &msr->flags)) { \
158 set_bit(VMX_INDEX_MSR_ ## address, &msr->flags); \
159 } \
160 wrmsrl(MSR_ ## address, msr_content); \
161 set_bit(VMX_INDEX_MSR_ ## address, &host_state->flags); \
162 } \
163 break
165 #define IS_CANO_ADDRESS(add) 1
166 static inline int long_mode_do_msr_read(struct cpu_user_regs *regs)
167 {
168 u64 msr_content = 0;
169 struct vcpu *vc = current;
170 struct msr_state * msr = &vc->arch.arch_vmx.msr_content;
171 switch(regs->ecx){
172 case MSR_EFER:
173 msr_content = msr->msr_items[VMX_INDEX_MSR_EFER];
174 VMX_DBG_LOG(DBG_LEVEL_2, "EFER msr_content %llx\n", (unsigned long long)msr_content);
175 if (test_bit(VMX_CPU_STATE_LME_ENABLED,
176 &vc->arch.arch_vmx.cpu_state))
177 msr_content |= 1 << _EFER_LME;
179 if (VMX_LONG_GUEST(vc))
180 msr_content |= 1 << _EFER_LMA;
181 break;
182 case MSR_FS_BASE:
183 if (!(VMX_LONG_GUEST(vc)))
184 /* XXX should it be GP fault */
185 domain_crash();
186 __vmread(GUEST_FS_BASE, &msr_content);
187 break;
188 case MSR_GS_BASE:
189 if (!(VMX_LONG_GUEST(vc)))
190 domain_crash();
191 __vmread(GUEST_GS_BASE, &msr_content);
192 break;
193 case MSR_SHADOW_GS_BASE:
194 msr_content = msr->shadow_gs;
195 break;
197 CASE_READ_MSR(STAR);
198 CASE_READ_MSR(LSTAR);
199 CASE_READ_MSR(CSTAR);
200 CASE_READ_MSR(SYSCALL_MASK);
201 default:
202 return 0;
203 }
204 VMX_DBG_LOG(DBG_LEVEL_2, "mode_do_msr_read: msr_content: %lx\n", msr_content);
205 regs->eax = msr_content & 0xffffffff;
206 regs->edx = msr_content >> 32;
207 return 1;
208 }
210 static inline int long_mode_do_msr_write(struct cpu_user_regs *regs)
211 {
212 u64 msr_content = regs->eax | ((u64)regs->edx << 32);
213 struct vcpu *vc = current;
214 struct msr_state * msr = &vc->arch.arch_vmx.msr_content;
215 struct msr_state * host_state =
216 &percpu_msr[smp_processor_id()];
218 VMX_DBG_LOG(DBG_LEVEL_1, " mode_do_msr_write msr %lx msr_content %lx\n",
219 regs->ecx, msr_content);
221 switch (regs->ecx){
222 case MSR_EFER:
223 if ((msr_content & EFER_LME) ^
224 test_bit(VMX_CPU_STATE_LME_ENABLED,
225 &vc->arch.arch_vmx.cpu_state)){
226 if (test_bit(VMX_CPU_STATE_PG_ENABLED,
227 &vc->arch.arch_vmx.cpu_state) ||
228 !test_bit(VMX_CPU_STATE_PAE_ENABLED,
229 &vc->arch.arch_vmx.cpu_state)){
230 vmx_inject_exception(vc, TRAP_gp_fault, 0);
231 }
232 }
233 if (msr_content & EFER_LME)
234 set_bit(VMX_CPU_STATE_LME_ENABLED,
235 &vc->arch.arch_vmx.cpu_state);
236 /* No update for LME/LMA since it have no effect */
237 msr->msr_items[VMX_INDEX_MSR_EFER] =
238 msr_content;
239 if (msr_content & ~(EFER_LME | EFER_LMA)){
240 msr->msr_items[VMX_INDEX_MSR_EFER] = msr_content;
241 if (!test_bit(VMX_INDEX_MSR_EFER, &msr->flags)){
242 rdmsrl(MSR_EFER,
243 host_state->msr_items[VMX_INDEX_MSR_EFER]);
244 set_bit(VMX_INDEX_MSR_EFER, &host_state->flags);
245 set_bit(VMX_INDEX_MSR_EFER, &msr->flags);
246 wrmsrl(MSR_EFER, msr_content);
247 }
248 }
249 break;
251 case MSR_FS_BASE:
252 case MSR_GS_BASE:
253 if (!(VMX_LONG_GUEST(vc)))
254 domain_crash();
255 if (!IS_CANO_ADDRESS(msr_content)){
256 VMX_DBG_LOG(DBG_LEVEL_1, "Not cano address of msr write\n");
257 vmx_inject_exception(vc, TRAP_gp_fault, 0);
258 }
259 if (regs->ecx == MSR_FS_BASE)
260 __vmwrite(GUEST_FS_BASE, msr_content);
261 else
262 __vmwrite(GUEST_GS_BASE, msr_content);
263 break;
265 case MSR_SHADOW_GS_BASE:
266 if (!(VMX_LONG_GUEST(vc)))
267 domain_crash();
268 vc->arch.arch_vmx.msr_content.shadow_gs = msr_content;
269 wrmsrl(MSR_SHADOW_GS_BASE, msr_content);
270 break;
272 CASE_WRITE_MSR(STAR);
273 CASE_WRITE_MSR(LSTAR);
274 CASE_WRITE_MSR(CSTAR);
275 CASE_WRITE_MSR(SYSCALL_MASK);
276 default:
277 return 0;
278 }
279 return 1;
280 }
282 void
283 vmx_restore_msrs(struct vcpu *v)
284 {
285 int i = 0;
286 struct msr_state *guest_state;
287 struct msr_state *host_state;
288 unsigned long guest_flags ;
290 guest_state = &v->arch.arch_vmx.msr_content;;
291 host_state = &percpu_msr[smp_processor_id()];
293 wrmsrl(MSR_SHADOW_GS_BASE, guest_state->shadow_gs);
294 guest_flags = guest_state->flags;
295 if (!guest_flags)
296 return;
298 while (guest_flags){
299 i = find_first_set_bit(guest_flags);
301 VMX_DBG_LOG(DBG_LEVEL_2,
302 "restore guest's index %d msr %lx with %lx\n",
303 i, (unsigned long) msr_data_index[i], (unsigned long) guest_state->msr_items[i]);
304 set_bit(i, &host_state->flags);
305 wrmsrl(msr_data_index[i], guest_state->msr_items[i]);
306 clear_bit(i, &guest_flags);
307 }
308 }
310 #else /* __i386__ */
311 #define vmx_save_init_msrs() ((void)0)
313 static inline int long_mode_do_msr_read(struct cpu_user_regs *regs){
314 return 0;
315 }
316 static inline int long_mode_do_msr_write(struct cpu_user_regs *regs){
317 return 0;
318 }
319 #endif
321 extern long evtchn_send(int lport);
322 extern long do_block(void);
323 void do_nmi(struct cpu_user_regs *, unsigned long);
325 static int check_vmx_controls(ctrls, msr)
326 {
327 u32 vmx_msr_low, vmx_msr_high;
329 rdmsr(msr, vmx_msr_low, vmx_msr_high);
330 if (ctrls < vmx_msr_low || ctrls > vmx_msr_high) {
331 printk("Insufficient VMX capability 0x%x, "
332 "msr=0x%x,low=0x%8x,high=0x%x\n",
333 ctrls, msr, vmx_msr_low, vmx_msr_high);
334 return 0;
335 }
336 return 1;
337 }
339 int start_vmx(void)
340 {
341 struct vmcs_struct *vmcs;
342 u32 ecx;
343 u32 eax, edx;
344 u64 phys_vmcs; /* debugging */
346 /*
347 * Xen does not fill x86_capability words except 0.
348 */
349 ecx = cpuid_ecx(1);
350 boot_cpu_data.x86_capability[4] = ecx;
352 if (!(test_bit(X86_FEATURE_VMXE, &boot_cpu_data.x86_capability)))
353 return 0;
355 rdmsr(IA32_FEATURE_CONTROL_MSR, eax, edx);
357 if (eax & IA32_FEATURE_CONTROL_MSR_LOCK) {
358 if ((eax & IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON) == 0x0) {
359 printk("VMX disabled by Feature Control MSR.\n");
360 return 0;
361 }
362 }
363 else {
364 wrmsr(IA32_FEATURE_CONTROL_MSR,
365 IA32_FEATURE_CONTROL_MSR_LOCK |
366 IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON, 0);
367 }
369 if (!check_vmx_controls(MONITOR_PIN_BASED_EXEC_CONTROLS,
370 MSR_IA32_VMX_PINBASED_CTLS_MSR))
371 return 0;
372 if (!check_vmx_controls(MONITOR_CPU_BASED_EXEC_CONTROLS,
373 MSR_IA32_VMX_PROCBASED_CTLS_MSR))
374 return 0;
375 if (!check_vmx_controls(MONITOR_VM_EXIT_CONTROLS,
376 MSR_IA32_VMX_EXIT_CTLS_MSR))
377 return 0;
378 if (!check_vmx_controls(MONITOR_VM_ENTRY_CONTROLS,
379 MSR_IA32_VMX_ENTRY_CTLS_MSR))
380 return 0;
382 set_in_cr4(X86_CR4_VMXE); /* Enable VMXE */
384 if (!(vmcs = alloc_vmcs())) {
385 printk("Failed to allocate VMCS\n");
386 return 0;
387 }
389 phys_vmcs = (u64) virt_to_phys(vmcs);
391 if (!(__vmxon(phys_vmcs))) {
392 printk("VMXON is done\n");
393 }
395 vmx_save_init_msrs();
397 hvm_enabled = 1;
399 return 1;
400 }
402 void stop_vmx(void)
403 {
404 if (read_cr4() & X86_CR4_VMXE)
405 __vmxoff();
406 }
408 /*
409 * Not all cases receive valid value in the VM-exit instruction length field.
410 */
411 #define __get_instruction_length(len) \
412 __vmread(VM_EXIT_INSTRUCTION_LEN, &(len)); \
413 if ((len) < 1 || (len) > 15) \
414 __vmx_bug(&regs);
416 static void inline __update_guest_eip(unsigned long inst_len)
417 {
418 unsigned long current_eip;
420 __vmread(GUEST_RIP, &current_eip);
421 __vmwrite(GUEST_RIP, current_eip + inst_len);
422 }
425 static int vmx_do_page_fault(unsigned long va, struct cpu_user_regs *regs)
426 {
427 unsigned long gpa; /* FIXME: PAE */
428 int result;
430 #if 0 /* keep for debugging */
431 {
432 unsigned long eip;
434 __vmread(GUEST_RIP, &eip);
435 VMX_DBG_LOG(DBG_LEVEL_VMMU,
436 "vmx_do_page_fault = 0x%lx, eip = %lx, error_code = %lx",
437 va, eip, (unsigned long)regs->error_code);
438 }
439 #endif
441 if (!vmx_paging_enabled(current)){
442 handle_mmio(va, va);
443 TRACE_VMEXIT (2,2);
444 return 1;
445 }
446 gpa = gva_to_gpa(va);
448 /* Use 1:1 page table to identify MMIO address space */
449 if ( mmio_space(gpa) ){
450 struct vcpu *v = current;
451 /* No support for APIC */
452 if (!vmx_apic_support(v->domain) && gpa >= 0xFEC00000) {
453 u32 inst_len;
454 __vmread(VM_EXIT_INSTRUCTION_LEN, &(inst_len));
455 __update_guest_eip(inst_len);
456 return 1;
457 }
458 TRACE_VMEXIT (2,2);
459 handle_mmio(va, gpa);
460 return 1;
461 }
463 result = shadow_fault(va, regs);
464 TRACE_VMEXIT (2,result);
465 #if 0
466 if ( !result )
467 {
468 __vmread(GUEST_RIP, &eip);
469 printk("vmx pgfault to guest va=%lx eip=%lx\n", va, eip);
470 }
471 #endif
473 return result;
474 }
476 static void vmx_do_no_device_fault(void)
477 {
478 unsigned long cr0;
479 struct vcpu *v = current;
481 clts();
482 setup_fpu(current);
483 __vmread_vcpu(v, CR0_READ_SHADOW, &cr0);
484 if (!(cr0 & X86_CR0_TS)) {
485 __vmread_vcpu(v, GUEST_CR0, &cr0);
486 cr0 &= ~X86_CR0_TS;
487 __vmwrite(GUEST_CR0, cr0);
488 }
489 __vm_clear_bit(EXCEPTION_BITMAP, EXCEPTION_BITMAP_NM);
490 }
493 static void vmx_vmexit_do_cpuid(unsigned long input, struct cpu_user_regs *regs)
494 {
495 unsigned int eax, ebx, ecx, edx;
496 unsigned long eip;
497 struct vcpu *v = current;
499 __vmread(GUEST_RIP, &eip);
501 VMX_DBG_LOG(DBG_LEVEL_1,
502 "do_cpuid: (eax) %lx, (ebx) %lx, (ecx) %lx, (edx) %lx,"
503 " (esi) %lx, (edi) %lx",
504 (unsigned long)regs->eax, (unsigned long)regs->ebx,
505 (unsigned long)regs->ecx, (unsigned long)regs->edx,
506 (unsigned long)regs->esi, (unsigned long)regs->edi);
508 cpuid(input, &eax, &ebx, &ecx, &edx);
510 if (input == 1) {
511 if ( vmx_apic_support(v->domain) &&
512 !vlapic_global_enabled((VLAPIC(v))) )
513 clear_bit(X86_FEATURE_APIC, &edx);
514 #ifdef __i386__
515 clear_bit(X86_FEATURE_PSE, &edx);
516 clear_bit(X86_FEATURE_PAE, &edx);
517 clear_bit(X86_FEATURE_PSE36, &edx);
518 #else
519 struct vcpu *v = current;
520 if (v->domain->arch.ops->guest_paging_levels == PAGING_L2)
521 {
522 clear_bit(X86_FEATURE_PSE, &edx);
523 clear_bit(X86_FEATURE_PAE, &edx);
524 clear_bit(X86_FEATURE_PSE36, &edx);
525 }
526 #endif
528 /* Unsupportable for virtualised CPUs. */
529 clear_bit(X86_FEATURE_VMXE & 31, &ecx);
530 clear_bit(X86_FEATURE_MWAIT & 31, &ecx);
531 }
533 regs->eax = (unsigned long) eax;
534 regs->ebx = (unsigned long) ebx;
535 regs->ecx = (unsigned long) ecx;
536 regs->edx = (unsigned long) edx;
538 VMX_DBG_LOG(DBG_LEVEL_1,
539 "vmx_vmexit_do_cpuid: eip: %lx, input: %lx, out:eax=%x, ebx=%x, ecx=%x, edx=%x",
540 eip, input, eax, ebx, ecx, edx);
542 }
544 #define CASE_GET_REG_P(REG, reg) \
545 case REG_ ## REG: reg_p = (unsigned long *)&(regs->reg); break
547 static void vmx_dr_access (unsigned long exit_qualification, struct cpu_user_regs *regs)
548 {
549 unsigned int reg;
550 unsigned long *reg_p = 0;
551 struct vcpu *v = current;
552 unsigned long eip;
554 __vmread(GUEST_RIP, &eip);
556 reg = exit_qualification & DEBUG_REG_ACCESS_NUM;
558 VMX_DBG_LOG(DBG_LEVEL_1,
559 "vmx_dr_access : eip=%lx, reg=%d, exit_qualification = %lx",
560 eip, reg, exit_qualification);
562 switch(exit_qualification & DEBUG_REG_ACCESS_REG) {
563 CASE_GET_REG_P(EAX, eax);
564 CASE_GET_REG_P(ECX, ecx);
565 CASE_GET_REG_P(EDX, edx);
566 CASE_GET_REG_P(EBX, ebx);
567 CASE_GET_REG_P(EBP, ebp);
568 CASE_GET_REG_P(ESI, esi);
569 CASE_GET_REG_P(EDI, edi);
570 case REG_ESP:
571 break;
572 default:
573 __vmx_bug(regs);
574 }
576 switch (exit_qualification & DEBUG_REG_ACCESS_TYPE) {
577 case TYPE_MOV_TO_DR:
578 /* don't need to check the range */
579 if (reg != REG_ESP)
580 v->arch.guest_context.debugreg[reg] = *reg_p;
581 else {
582 unsigned long value;
583 __vmread(GUEST_RSP, &value);
584 v->arch.guest_context.debugreg[reg] = value;
585 }
586 break;
587 case TYPE_MOV_FROM_DR:
588 if (reg != REG_ESP)
589 *reg_p = v->arch.guest_context.debugreg[reg];
590 else {
591 __vmwrite(GUEST_RSP, v->arch.guest_context.debugreg[reg]);
592 }
593 break;
594 }
595 }
597 /*
598 * Invalidate the TLB for va. Invalidate the shadow page corresponding
599 * the address va.
600 */
601 static void vmx_vmexit_do_invlpg(unsigned long va)
602 {
603 unsigned long eip;
604 struct vcpu *v = current;
606 __vmread(GUEST_RIP, &eip);
608 VMX_DBG_LOG(DBG_LEVEL_VMMU, "vmx_vmexit_do_invlpg: eip=%lx, va=%lx",
609 eip, va);
611 /*
612 * We do the safest things first, then try to update the shadow
613 * copying from guest
614 */
615 shadow_invlpg(v, va);
616 }
618 static int check_for_null_selector(unsigned long eip)
619 {
620 unsigned char inst[MAX_INST_LEN];
621 unsigned long sel;
622 int i, inst_len;
623 int inst_copy_from_guest(unsigned char *, unsigned long, int);
625 __vmread(VM_EXIT_INSTRUCTION_LEN, &inst_len);
626 memset(inst, 0, MAX_INST_LEN);
627 if (inst_copy_from_guest(inst, eip, inst_len) != inst_len) {
628 printf("check_for_null_selector: get guest instruction failed\n");
629 domain_crash_synchronous();
630 }
632 for (i = 0; i < inst_len; i++) {
633 switch (inst[i]) {
634 case 0xf3: /* REPZ */
635 case 0xf2: /* REPNZ */
636 case 0xf0: /* LOCK */
637 case 0x66: /* data32 */
638 case 0x67: /* addr32 */
639 continue;
640 case 0x2e: /* CS */
641 __vmread(GUEST_CS_SELECTOR, &sel);
642 break;
643 case 0x36: /* SS */
644 __vmread(GUEST_SS_SELECTOR, &sel);
645 break;
646 case 0x26: /* ES */
647 __vmread(GUEST_ES_SELECTOR, &sel);
648 break;
649 case 0x64: /* FS */
650 __vmread(GUEST_FS_SELECTOR, &sel);
651 break;
652 case 0x65: /* GS */
653 __vmread(GUEST_GS_SELECTOR, &sel);
654 break;
655 case 0x3e: /* DS */
656 /* FALLTHROUGH */
657 default:
658 /* DS is the default */
659 __vmread(GUEST_DS_SELECTOR, &sel);
660 }
661 return sel == 0 ? 1 : 0;
662 }
664 return 0;
665 }
667 void send_pio_req(struct cpu_user_regs *regs, unsigned long port,
668 unsigned long count, int size, long value, int dir, int pvalid)
669 {
670 struct vcpu *v = current;
671 vcpu_iodata_t *vio;
672 ioreq_t *p;
674 vio = get_vio(v->domain, v->vcpu_id);
675 if (vio == NULL) {
676 printk("bad shared page: %lx\n", (unsigned long) vio);
677 domain_crash_synchronous();
678 }
680 if (test_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags)) {
681 printf("VMX I/O has not yet completed\n");
682 domain_crash_synchronous();
683 }
684 set_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags);
686 p = &vio->vp_ioreq;
687 p->dir = dir;
688 p->pdata_valid = pvalid;
690 p->type = IOREQ_TYPE_PIO;
691 p->size = size;
692 p->addr = port;
693 p->count = count;
694 p->df = regs->eflags & EF_DF ? 1 : 0;
696 if (pvalid) {
697 if (vmx_paging_enabled(current))
698 p->u.pdata = (void *) gva_to_gpa(value);
699 else
700 p->u.pdata = (void *) value; /* guest VA == guest PA */
701 } else
702 p->u.data = value;
704 if (vmx_portio_intercept(p)) {
705 p->state = STATE_IORESP_READY;
706 vmx_io_assist(v);
707 return;
708 }
710 p->state = STATE_IOREQ_READY;
712 evtchn_send(iopacket_port(v->domain));
713 vmx_wait_io();
714 }
716 static void vmx_io_instruction(struct cpu_user_regs *regs,
717 unsigned long exit_qualification, unsigned long inst_len)
718 {
719 struct mmio_op *mmio_opp;
720 unsigned long eip, cs, eflags;
721 unsigned long port, size, dir;
722 int vm86;
724 mmio_opp = &current->arch.arch_vmx.mmio_op;
725 mmio_opp->instr = INSTR_PIO;
726 mmio_opp->flags = 0;
728 __vmread(GUEST_RIP, &eip);
729 __vmread(GUEST_CS_SELECTOR, &cs);
730 __vmread(GUEST_RFLAGS, &eflags);
731 vm86 = eflags & X86_EFLAGS_VM ? 1 : 0;
733 VMX_DBG_LOG(DBG_LEVEL_1,
734 "vmx_io_instruction: vm86 %d, eip=%lx:%lx, "
735 "exit_qualification = %lx",
736 vm86, cs, eip, exit_qualification);
738 if (test_bit(6, &exit_qualification))
739 port = (exit_qualification >> 16) & 0xFFFF;
740 else
741 port = regs->edx & 0xffff;
742 TRACE_VMEXIT(2, port);
743 size = (exit_qualification & 7) + 1;
744 dir = test_bit(3, &exit_qualification); /* direction */
746 if (test_bit(4, &exit_qualification)) { /* string instruction */
747 unsigned long addr, count = 1;
748 int sign = regs->eflags & EF_DF ? -1 : 1;
750 __vmread(GUEST_LINEAR_ADDRESS, &addr);
752 /*
753 * In protected mode, guest linear address is invalid if the
754 * selector is null.
755 */
756 if (!vm86 && check_for_null_selector(eip))
757 addr = dir == IOREQ_WRITE ? regs->esi : regs->edi;
759 if (test_bit(5, &exit_qualification)) { /* "rep" prefix */
760 mmio_opp->flags |= REPZ;
761 count = vm86 ? regs->ecx & 0xFFFF : regs->ecx;
762 }
764 /*
765 * Handle string pio instructions that cross pages or that
766 * are unaligned. See the comments in vmx_platform.c/handle_mmio()
767 */
768 if ((addr & PAGE_MASK) != ((addr + size - 1) & PAGE_MASK)) {
769 unsigned long value = 0;
771 mmio_opp->flags |= OVERLAP;
772 if (dir == IOREQ_WRITE)
773 vmx_copy(&value, addr, size, VMX_COPY_IN);
774 send_pio_req(regs, port, 1, size, value, dir, 0);
775 } else {
776 if ((addr & PAGE_MASK) != ((addr + count * size - 1) & PAGE_MASK)) {
777 if (sign > 0)
778 count = (PAGE_SIZE - (addr & ~PAGE_MASK)) / size;
779 else
780 count = (addr & ~PAGE_MASK) / size;
781 } else
782 __update_guest_eip(inst_len);
784 send_pio_req(regs, port, count, size, addr, dir, 1);
785 }
786 } else {
787 __update_guest_eip(inst_len);
788 send_pio_req(regs, port, 1, size, regs->eax, dir, 0);
789 }
790 }
792 int
793 vmx_copy(void *buf, unsigned long laddr, int size, int dir)
794 {
795 unsigned long gpa, mfn;
796 char *addr;
797 int count;
799 while (size > 0) {
800 count = PAGE_SIZE - (laddr & ~PAGE_MASK);
801 if (count > size)
802 count = size;
804 if (vmx_paging_enabled(current)) {
805 gpa = gva_to_gpa(laddr);
806 mfn = get_mfn_from_pfn(gpa >> PAGE_SHIFT);
807 } else
808 mfn = get_mfn_from_pfn(laddr >> PAGE_SHIFT);
809 if (mfn == INVALID_MFN)
810 return 0;
812 addr = (char *)map_domain_page(mfn) + (laddr & ~PAGE_MASK);
814 if (dir == VMX_COPY_IN)
815 memcpy(buf, addr, count);
816 else
817 memcpy(addr, buf, count);
819 unmap_domain_page(addr);
821 laddr += count;
822 buf += count;
823 size -= count;
824 }
826 return 1;
827 }
829 int
830 vmx_world_save(struct vcpu *v, struct vmx_assist_context *c)
831 {
832 unsigned long inst_len;
833 int error = 0;
835 error |= __vmread(VM_EXIT_INSTRUCTION_LEN, &inst_len);
836 error |= __vmread(GUEST_RIP, &c->eip);
837 c->eip += inst_len; /* skip transition instruction */
838 error |= __vmread(GUEST_RSP, &c->esp);
839 error |= __vmread(GUEST_RFLAGS, &c->eflags);
841 error |= __vmread(CR0_READ_SHADOW, &c->cr0);
842 c->cr3 = v->arch.arch_vmx.cpu_cr3;
843 error |= __vmread(CR4_READ_SHADOW, &c->cr4);
845 error |= __vmread(GUEST_IDTR_LIMIT, &c->idtr_limit);
846 error |= __vmread(GUEST_IDTR_BASE, &c->idtr_base);
848 error |= __vmread(GUEST_GDTR_LIMIT, &c->gdtr_limit);
849 error |= __vmread(GUEST_GDTR_BASE, &c->gdtr_base);
851 error |= __vmread(GUEST_CS_SELECTOR, &c->cs_sel);
852 error |= __vmread(GUEST_CS_LIMIT, &c->cs_limit);
853 error |= __vmread(GUEST_CS_BASE, &c->cs_base);
854 error |= __vmread(GUEST_CS_AR_BYTES, &c->cs_arbytes.bytes);
856 error |= __vmread(GUEST_DS_SELECTOR, &c->ds_sel);
857 error |= __vmread(GUEST_DS_LIMIT, &c->ds_limit);
858 error |= __vmread(GUEST_DS_BASE, &c->ds_base);
859 error |= __vmread(GUEST_DS_AR_BYTES, &c->ds_arbytes.bytes);
861 error |= __vmread(GUEST_ES_SELECTOR, &c->es_sel);
862 error |= __vmread(GUEST_ES_LIMIT, &c->es_limit);
863 error |= __vmread(GUEST_ES_BASE, &c->es_base);
864 error |= __vmread(GUEST_ES_AR_BYTES, &c->es_arbytes.bytes);
866 error |= __vmread(GUEST_SS_SELECTOR, &c->ss_sel);
867 error |= __vmread(GUEST_SS_LIMIT, &c->ss_limit);
868 error |= __vmread(GUEST_SS_BASE, &c->ss_base);
869 error |= __vmread(GUEST_SS_AR_BYTES, &c->ss_arbytes.bytes);
871 error |= __vmread(GUEST_FS_SELECTOR, &c->fs_sel);
872 error |= __vmread(GUEST_FS_LIMIT, &c->fs_limit);
873 error |= __vmread(GUEST_FS_BASE, &c->fs_base);
874 error |= __vmread(GUEST_FS_AR_BYTES, &c->fs_arbytes.bytes);
876 error |= __vmread(GUEST_GS_SELECTOR, &c->gs_sel);
877 error |= __vmread(GUEST_GS_LIMIT, &c->gs_limit);
878 error |= __vmread(GUEST_GS_BASE, &c->gs_base);
879 error |= __vmread(GUEST_GS_AR_BYTES, &c->gs_arbytes.bytes);
881 error |= __vmread(GUEST_TR_SELECTOR, &c->tr_sel);
882 error |= __vmread(GUEST_TR_LIMIT, &c->tr_limit);
883 error |= __vmread(GUEST_TR_BASE, &c->tr_base);
884 error |= __vmread(GUEST_TR_AR_BYTES, &c->tr_arbytes.bytes);
886 error |= __vmread(GUEST_LDTR_SELECTOR, &c->ldtr_sel);
887 error |= __vmread(GUEST_LDTR_LIMIT, &c->ldtr_limit);
888 error |= __vmread(GUEST_LDTR_BASE, &c->ldtr_base);
889 error |= __vmread(GUEST_LDTR_AR_BYTES, &c->ldtr_arbytes.bytes);
891 return !error;
892 }
894 int
895 vmx_world_restore(struct vcpu *v, struct vmx_assist_context *c)
896 {
897 unsigned long mfn, old_cr4;
898 int error = 0;
900 error |= __vmwrite(GUEST_RIP, c->eip);
901 error |= __vmwrite(GUEST_RSP, c->esp);
902 error |= __vmwrite(GUEST_RFLAGS, c->eflags);
904 error |= __vmwrite(CR0_READ_SHADOW, c->cr0);
906 if (!vmx_paging_enabled(v)) {
907 VMX_DBG_LOG(DBG_LEVEL_VMMU, "switching to vmxassist. use phys table");
908 __vmwrite(GUEST_CR3, pagetable_get_paddr(v->domain->arch.phys_table));
909 goto skip_cr3;
910 }
912 if (c->cr3 == v->arch.arch_vmx.cpu_cr3) {
913 /*
914 * This is simple TLB flush, implying the guest has
915 * removed some translation or changed page attributes.
916 * We simply invalidate the shadow.
917 */
918 mfn = get_mfn_from_pfn(c->cr3 >> PAGE_SHIFT);
919 if (mfn != pagetable_get_pfn(v->arch.guest_table)) {
920 printk("Invalid CR3 value=%x", c->cr3);
921 domain_crash_synchronous();
922 return 0;
923 }
924 shadow_sync_all(v->domain);
925 } else {
926 /*
927 * If different, make a shadow. Check if the PDBR is valid
928 * first.
929 */
930 VMX_DBG_LOG(DBG_LEVEL_VMMU, "CR3 c->cr3 = %x", c->cr3);
931 if ((c->cr3 >> PAGE_SHIFT) > v->domain->max_pages) {
932 printk("Invalid CR3 value=%x", c->cr3);
933 domain_crash_synchronous();
934 return 0;
935 }
936 mfn = get_mfn_from_pfn(c->cr3 >> PAGE_SHIFT);
937 v->arch.guest_table = mk_pagetable(mfn << PAGE_SHIFT);
938 update_pagetables(v);
939 /*
940 * arch.shadow_table should now hold the next CR3 for shadow
941 */
942 v->arch.arch_vmx.cpu_cr3 = c->cr3;
943 VMX_DBG_LOG(DBG_LEVEL_VMMU, "Update CR3 value = %x", c->cr3);
944 __vmwrite(GUEST_CR3, pagetable_get_paddr(v->arch.shadow_table));
945 }
947 skip_cr3:
949 error |= __vmread(CR4_READ_SHADOW, &old_cr4);
950 error |= __vmwrite(GUEST_CR4, (c->cr4 | VMX_CR4_HOST_MASK));
951 error |= __vmwrite(CR4_READ_SHADOW, c->cr4);
953 error |= __vmwrite(GUEST_IDTR_LIMIT, c->idtr_limit);
954 error |= __vmwrite(GUEST_IDTR_BASE, c->idtr_base);
956 error |= __vmwrite(GUEST_GDTR_LIMIT, c->gdtr_limit);
957 error |= __vmwrite(GUEST_GDTR_BASE, c->gdtr_base);
959 error |= __vmwrite(GUEST_CS_SELECTOR, c->cs_sel);
960 error |= __vmwrite(GUEST_CS_LIMIT, c->cs_limit);
961 error |= __vmwrite(GUEST_CS_BASE, c->cs_base);
962 error |= __vmwrite(GUEST_CS_AR_BYTES, c->cs_arbytes.bytes);
964 error |= __vmwrite(GUEST_DS_SELECTOR, c->ds_sel);
965 error |= __vmwrite(GUEST_DS_LIMIT, c->ds_limit);
966 error |= __vmwrite(GUEST_DS_BASE, c->ds_base);
967 error |= __vmwrite(GUEST_DS_AR_BYTES, c->ds_arbytes.bytes);
969 error |= __vmwrite(GUEST_ES_SELECTOR, c->es_sel);
970 error |= __vmwrite(GUEST_ES_LIMIT, c->es_limit);
971 error |= __vmwrite(GUEST_ES_BASE, c->es_base);
972 error |= __vmwrite(GUEST_ES_AR_BYTES, c->es_arbytes.bytes);
974 error |= __vmwrite(GUEST_SS_SELECTOR, c->ss_sel);
975 error |= __vmwrite(GUEST_SS_LIMIT, c->ss_limit);
976 error |= __vmwrite(GUEST_SS_BASE, c->ss_base);
977 error |= __vmwrite(GUEST_SS_AR_BYTES, c->ss_arbytes.bytes);
979 error |= __vmwrite(GUEST_FS_SELECTOR, c->fs_sel);
980 error |= __vmwrite(GUEST_FS_LIMIT, c->fs_limit);
981 error |= __vmwrite(GUEST_FS_BASE, c->fs_base);
982 error |= __vmwrite(GUEST_FS_AR_BYTES, c->fs_arbytes.bytes);
984 error |= __vmwrite(GUEST_GS_SELECTOR, c->gs_sel);
985 error |= __vmwrite(GUEST_GS_LIMIT, c->gs_limit);
986 error |= __vmwrite(GUEST_GS_BASE, c->gs_base);
987 error |= __vmwrite(GUEST_GS_AR_BYTES, c->gs_arbytes.bytes);
989 error |= __vmwrite(GUEST_TR_SELECTOR, c->tr_sel);
990 error |= __vmwrite(GUEST_TR_LIMIT, c->tr_limit);
991 error |= __vmwrite(GUEST_TR_BASE, c->tr_base);
992 error |= __vmwrite(GUEST_TR_AR_BYTES, c->tr_arbytes.bytes);
994 error |= __vmwrite(GUEST_LDTR_SELECTOR, c->ldtr_sel);
995 error |= __vmwrite(GUEST_LDTR_LIMIT, c->ldtr_limit);
996 error |= __vmwrite(GUEST_LDTR_BASE, c->ldtr_base);
997 error |= __vmwrite(GUEST_LDTR_AR_BYTES, c->ldtr_arbytes.bytes);
999 return !error;
1002 enum { VMX_ASSIST_INVOKE = 0, VMX_ASSIST_RESTORE };
1004 int
1005 vmx_assist(struct vcpu *v, int mode)
1007 struct vmx_assist_context c;
1008 u32 magic;
1009 u32 cp;
1011 /* make sure vmxassist exists (this is not an error) */
1012 if (!vmx_copy(&magic, VMXASSIST_MAGIC_OFFSET, sizeof(magic), VMX_COPY_IN))
1013 return 0;
1014 if (magic != VMXASSIST_MAGIC)
1015 return 0;
1017 switch (mode) {
1018 /*
1019 * Transfer control to vmxassist.
1020 * Store the current context in VMXASSIST_OLD_CONTEXT and load
1021 * the new VMXASSIST_NEW_CONTEXT context. This context was created
1022 * by vmxassist and will transfer control to it.
1023 */
1024 case VMX_ASSIST_INVOKE:
1025 /* save the old context */
1026 if (!vmx_copy(&cp, VMXASSIST_OLD_CONTEXT, sizeof(cp), VMX_COPY_IN))
1027 goto error;
1028 if (cp != 0) {
1029 if (!vmx_world_save(v, &c))
1030 goto error;
1031 if (!vmx_copy(&c, cp, sizeof(c), VMX_COPY_OUT))
1032 goto error;
1035 /* restore the new context, this should activate vmxassist */
1036 if (!vmx_copy(&cp, VMXASSIST_NEW_CONTEXT, sizeof(cp), VMX_COPY_IN))
1037 goto error;
1038 if (cp != 0) {
1039 if (!vmx_copy(&c, cp, sizeof(c), VMX_COPY_IN))
1040 goto error;
1041 if (!vmx_world_restore(v, &c))
1042 goto error;
1043 return 1;
1045 break;
1047 /*
1048 * Restore the VMXASSIST_OLD_CONTEXT that was saved by VMX_ASSIST_INVOKE
1049 * above.
1050 */
1051 case VMX_ASSIST_RESTORE:
1052 /* save the old context */
1053 if (!vmx_copy(&cp, VMXASSIST_OLD_CONTEXT, sizeof(cp), VMX_COPY_IN))
1054 goto error;
1055 if (cp != 0) {
1056 if (!vmx_copy(&c, cp, sizeof(c), VMX_COPY_IN))
1057 goto error;
1058 if (!vmx_world_restore(v, &c))
1059 goto error;
1060 return 1;
1062 break;
1065 error:
1066 printf("Failed to transfer to vmxassist\n");
1067 domain_crash_synchronous();
1068 return 0;
1071 static int vmx_set_cr0(unsigned long value)
1073 struct vcpu *v = current;
1074 unsigned long mfn;
1075 unsigned long eip;
1076 int paging_enabled;
1077 unsigned long vm_entry_value;
1078 /*
1079 * CR0: We don't want to lose PE and PG.
1080 */
1081 paging_enabled = vmx_paging_enabled(v);
1082 __vmwrite(GUEST_CR0, value | X86_CR0_PE | X86_CR0_PG | X86_CR0_NE);
1083 __vmwrite(CR0_READ_SHADOW, value);
1085 VMX_DBG_LOG(DBG_LEVEL_VMMU, "Update CR0 value = %lx\n", value);
1087 if ((value & X86_CR0_PE) && (value & X86_CR0_PG) && !paging_enabled) {
1088 /*
1089 * The guest CR3 must be pointing to the guest physical.
1090 */
1091 if ( !VALID_MFN(mfn = get_mfn_from_pfn(
1092 v->arch.arch_vmx.cpu_cr3 >> PAGE_SHIFT)) ||
1093 !get_page(pfn_to_page(mfn), v->domain) )
1095 printk("Invalid CR3 value = %lx", v->arch.arch_vmx.cpu_cr3);
1096 domain_crash_synchronous(); /* need to take a clean path */
1099 #if defined(__x86_64__)
1100 if (test_bit(VMX_CPU_STATE_LME_ENABLED,
1101 &v->arch.arch_vmx.cpu_state) &&
1102 !test_bit(VMX_CPU_STATE_PAE_ENABLED,
1103 &v->arch.arch_vmx.cpu_state)){
1104 VMX_DBG_LOG(DBG_LEVEL_1, "Enable paging before PAE enable\n");
1105 vmx_inject_exception(v, TRAP_gp_fault, 0);
1107 if (test_bit(VMX_CPU_STATE_LME_ENABLED,
1108 &v->arch.arch_vmx.cpu_state)){
1109 /* Here the PAE is should to be opened */
1110 VMX_DBG_LOG(DBG_LEVEL_1, "Enable the Long mode\n");
1111 set_bit(VMX_CPU_STATE_LMA_ENABLED,
1112 &v->arch.arch_vmx.cpu_state);
1113 __vmread(VM_ENTRY_CONTROLS, &vm_entry_value);
1114 vm_entry_value |= VM_ENTRY_CONTROLS_IA32E_MODE;
1115 __vmwrite(VM_ENTRY_CONTROLS, vm_entry_value);
1117 #if CONFIG_PAGING_LEVELS >= 4
1118 if(!shadow_set_guest_paging_levels(v->domain, 4)) {
1119 printk("Unsupported guest paging levels\n");
1120 domain_crash_synchronous(); /* need to take a clean path */
1122 #endif
1124 else
1126 #if CONFIG_PAGING_LEVELS >= 4
1127 if(!shadow_set_guest_paging_levels(v->domain, 2)) {
1128 printk("Unsupported guest paging levels\n");
1129 domain_crash_synchronous(); /* need to take a clean path */
1131 #endif
1134 unsigned long crn;
1135 /* update CR4's PAE if needed */
1136 __vmread(GUEST_CR4, &crn);
1137 if ( (!(crn & X86_CR4_PAE)) &&
1138 test_bit(VMX_CPU_STATE_PAE_ENABLED,
1139 &v->arch.arch_vmx.cpu_state)){
1140 VMX_DBG_LOG(DBG_LEVEL_1, "enable PAE on cr4\n");
1141 __vmwrite(GUEST_CR4, crn | X86_CR4_PAE);
1143 #endif
1144 /*
1145 * Now arch.guest_table points to machine physical.
1146 */
1147 v->arch.guest_table = mk_pagetable(mfn << PAGE_SHIFT);
1148 update_pagetables(v);
1150 VMX_DBG_LOG(DBG_LEVEL_VMMU, "New arch.guest_table = %lx",
1151 (unsigned long) (mfn << PAGE_SHIFT));
1153 __vmwrite(GUEST_CR3, pagetable_get_paddr(v->arch.shadow_table));
1154 /*
1155 * arch->shadow_table should hold the next CR3 for shadow
1156 */
1157 VMX_DBG_LOG(DBG_LEVEL_VMMU, "Update CR3 value = %lx, mfn = %lx",
1158 v->arch.arch_vmx.cpu_cr3, mfn);
1161 if(!((value & X86_CR0_PE) && (value & X86_CR0_PG)) && paging_enabled)
1162 if(v->arch.arch_vmx.cpu_cr3)
1163 put_page(pfn_to_page(get_mfn_from_pfn(
1164 v->arch.arch_vmx.cpu_cr3 >> PAGE_SHIFT)));
1166 /*
1167 * VMX does not implement real-mode virtualization. We emulate
1168 * real-mode by performing a world switch to VMXAssist whenever
1169 * a partition disables the CR0.PE bit.
1170 */
1171 if ((value & X86_CR0_PE) == 0) {
1172 if ( value & X86_CR0_PG ) {
1173 /* inject GP here */
1174 vmx_inject_exception(v, TRAP_gp_fault, 0);
1175 return 0;
1176 } else {
1177 /*
1178 * Disable paging here.
1179 * Same to PE == 1 && PG == 0
1180 */
1181 if (test_bit(VMX_CPU_STATE_LMA_ENABLED,
1182 &v->arch.arch_vmx.cpu_state)){
1183 clear_bit(VMX_CPU_STATE_LMA_ENABLED,
1184 &v->arch.arch_vmx.cpu_state);
1185 __vmread(VM_ENTRY_CONTROLS, &vm_entry_value);
1186 vm_entry_value &= ~VM_ENTRY_CONTROLS_IA32E_MODE;
1187 __vmwrite(VM_ENTRY_CONTROLS, vm_entry_value);
1191 if (vmx_assist(v, VMX_ASSIST_INVOKE)) {
1192 set_bit(VMX_CPU_STATE_ASSIST_ENABLED, &v->arch.arch_vmx.cpu_state);
1193 __vmread(GUEST_RIP, &eip);
1194 VMX_DBG_LOG(DBG_LEVEL_1,
1195 "Transfering control to vmxassist %%eip 0x%lx\n", eip);
1196 return 0; /* do not update eip! */
1198 } else if (test_bit(VMX_CPU_STATE_ASSIST_ENABLED,
1199 &v->arch.arch_vmx.cpu_state)) {
1200 __vmread(GUEST_RIP, &eip);
1201 VMX_DBG_LOG(DBG_LEVEL_1,
1202 "Enabling CR0.PE at %%eip 0x%lx\n", eip);
1203 if (vmx_assist(v, VMX_ASSIST_RESTORE)) {
1204 clear_bit(VMX_CPU_STATE_ASSIST_ENABLED,
1205 &v->arch.arch_vmx.cpu_state);
1206 __vmread(GUEST_RIP, &eip);
1207 VMX_DBG_LOG(DBG_LEVEL_1,
1208 "Restoring to %%eip 0x%lx\n", eip);
1209 return 0; /* do not update eip! */
1213 return 1;
1216 #define CASE_GET_REG(REG, reg) \
1217 case REG_ ## REG: value = regs->reg; break
1219 #define CASE_EXTEND_SET_REG \
1220 CASE_EXTEND_REG(S)
1221 #define CASE_EXTEND_GET_REG \
1222 CASE_EXTEND_REG(G)
1224 #ifdef __i386__
1225 #define CASE_EXTEND_REG(T)
1226 #else
1227 #define CASE_EXTEND_REG(T) \
1228 CASE_ ## T ## ET_REG(R8, r8); \
1229 CASE_ ## T ## ET_REG(R9, r9); \
1230 CASE_ ## T ## ET_REG(R10, r10); \
1231 CASE_ ## T ## ET_REG(R11, r11); \
1232 CASE_ ## T ## ET_REG(R12, r12); \
1233 CASE_ ## T ## ET_REG(R13, r13); \
1234 CASE_ ## T ## ET_REG(R14, r14); \
1235 CASE_ ## T ## ET_REG(R15, r15);
1236 #endif
1239 /*
1240 * Write to control registers
1241 */
1242 static int mov_to_cr(int gp, int cr, struct cpu_user_regs *regs)
1244 unsigned long value;
1245 unsigned long old_cr;
1246 struct vcpu *v = current;
1248 switch (gp) {
1249 CASE_GET_REG(EAX, eax);
1250 CASE_GET_REG(ECX, ecx);
1251 CASE_GET_REG(EDX, edx);
1252 CASE_GET_REG(EBX, ebx);
1253 CASE_GET_REG(EBP, ebp);
1254 CASE_GET_REG(ESI, esi);
1255 CASE_GET_REG(EDI, edi);
1256 CASE_EXTEND_GET_REG
1257 case REG_ESP:
1258 __vmread(GUEST_RSP, &value);
1259 break;
1260 default:
1261 printk("invalid gp: %d\n", gp);
1262 __vmx_bug(regs);
1265 VMX_DBG_LOG(DBG_LEVEL_1, "mov_to_cr: CR%d, value = %lx,", cr, value);
1266 VMX_DBG_LOG(DBG_LEVEL_1, "current = %lx,", (unsigned long) current);
1268 switch(cr) {
1269 case 0:
1271 return vmx_set_cr0(value);
1273 case 3:
1275 unsigned long old_base_mfn, mfn;
1277 /*
1278 * If paging is not enabled yet, simply copy the value to CR3.
1279 */
1280 if (!vmx_paging_enabled(v)) {
1281 v->arch.arch_vmx.cpu_cr3 = value;
1282 break;
1285 /*
1286 * We make a new one if the shadow does not exist.
1287 */
1288 if (value == v->arch.arch_vmx.cpu_cr3) {
1289 /*
1290 * This is simple TLB flush, implying the guest has
1291 * removed some translation or changed page attributes.
1292 * We simply invalidate the shadow.
1293 */
1294 mfn = get_mfn_from_pfn(value >> PAGE_SHIFT);
1295 if (mfn != pagetable_get_pfn(v->arch.guest_table))
1296 __vmx_bug(regs);
1297 shadow_sync_all(v->domain);
1298 } else {
1299 /*
1300 * If different, make a shadow. Check if the PDBR is valid
1301 * first.
1302 */
1303 VMX_DBG_LOG(DBG_LEVEL_VMMU, "CR3 value = %lx", value);
1304 if ( ((value >> PAGE_SHIFT) > v->domain->max_pages ) ||
1305 !VALID_MFN(mfn = get_mfn_from_pfn(value >> PAGE_SHIFT)) ||
1306 !get_page(pfn_to_page(mfn), v->domain) )
1308 printk("Invalid CR3 value=%lx", value);
1309 domain_crash_synchronous(); /* need to take a clean path */
1311 old_base_mfn = pagetable_get_pfn(v->arch.guest_table);
1312 v->arch.guest_table = mk_pagetable(mfn << PAGE_SHIFT);
1313 if (old_base_mfn)
1314 put_page(pfn_to_page(old_base_mfn));
1315 update_pagetables(v);
1316 /*
1317 * arch.shadow_table should now hold the next CR3 for shadow
1318 */
1319 v->arch.arch_vmx.cpu_cr3 = value;
1320 VMX_DBG_LOG(DBG_LEVEL_VMMU, "Update CR3 value = %lx",
1321 value);
1322 __vmwrite(GUEST_CR3, pagetable_get_paddr(v->arch.shadow_table));
1324 break;
1326 case 4:
1328 /* CR4 */
1329 unsigned long old_guest_cr;
1331 __vmread(GUEST_CR4, &old_guest_cr);
1332 if (value & X86_CR4_PAE){
1333 set_bit(VMX_CPU_STATE_PAE_ENABLED, &v->arch.arch_vmx.cpu_state);
1334 } else {
1335 if (test_bit(VMX_CPU_STATE_LMA_ENABLED,
1336 &v->arch.arch_vmx.cpu_state)){
1337 vmx_inject_exception(v, TRAP_gp_fault, 0);
1339 clear_bit(VMX_CPU_STATE_PAE_ENABLED, &v->arch.arch_vmx.cpu_state);
1342 __vmread(CR4_READ_SHADOW, &old_cr);
1344 __vmwrite(GUEST_CR4, value| VMX_CR4_HOST_MASK);
1345 __vmwrite(CR4_READ_SHADOW, value);
1347 /*
1348 * Writing to CR4 to modify the PSE, PGE, or PAE flag invalidates
1349 * all TLB entries except global entries.
1350 */
1351 if ((old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | X86_CR4_PAE)) {
1352 shadow_sync_all(v->domain);
1354 break;
1356 default:
1357 printk("invalid cr: %d\n", gp);
1358 __vmx_bug(regs);
1361 return 1;
1364 #define CASE_SET_REG(REG, reg) \
1365 case REG_ ## REG: \
1366 regs->reg = value; \
1367 break
1369 /*
1370 * Read from control registers. CR0 and CR4 are read from the shadow.
1371 */
1372 static void mov_from_cr(int cr, int gp, struct cpu_user_regs *regs)
1374 unsigned long value;
1375 struct vcpu *v = current;
1377 if (cr != 3)
1378 __vmx_bug(regs);
1380 value = (unsigned long) v->arch.arch_vmx.cpu_cr3;
1382 switch (gp) {
1383 CASE_SET_REG(EAX, eax);
1384 CASE_SET_REG(ECX, ecx);
1385 CASE_SET_REG(EDX, edx);
1386 CASE_SET_REG(EBX, ebx);
1387 CASE_SET_REG(EBP, ebp);
1388 CASE_SET_REG(ESI, esi);
1389 CASE_SET_REG(EDI, edi);
1390 CASE_EXTEND_SET_REG
1391 case REG_ESP:
1392 __vmwrite(GUEST_RSP, value);
1393 regs->esp = value;
1394 break;
1395 default:
1396 printk("invalid gp: %d\n", gp);
1397 __vmx_bug(regs);
1400 VMX_DBG_LOG(DBG_LEVEL_VMMU, "mov_from_cr: CR%d, value = %lx,", cr, value);
1403 static int vmx_cr_access(unsigned long exit_qualification, struct cpu_user_regs *regs)
1405 unsigned int gp, cr;
1406 unsigned long value;
1407 struct vcpu *v = current;
1409 switch (exit_qualification & CONTROL_REG_ACCESS_TYPE) {
1410 case TYPE_MOV_TO_CR:
1411 gp = exit_qualification & CONTROL_REG_ACCESS_REG;
1412 cr = exit_qualification & CONTROL_REG_ACCESS_NUM;
1413 TRACE_VMEXIT(1,TYPE_MOV_TO_CR);
1414 TRACE_VMEXIT(2,cr);
1415 TRACE_VMEXIT(3,gp);
1416 return mov_to_cr(gp, cr, regs);
1417 case TYPE_MOV_FROM_CR:
1418 gp = exit_qualification & CONTROL_REG_ACCESS_REG;
1419 cr = exit_qualification & CONTROL_REG_ACCESS_NUM;
1420 TRACE_VMEXIT(1,TYPE_MOV_FROM_CR);
1421 TRACE_VMEXIT(2,cr);
1422 TRACE_VMEXIT(3,gp);
1423 mov_from_cr(cr, gp, regs);
1424 break;
1425 case TYPE_CLTS:
1426 TRACE_VMEXIT(1,TYPE_CLTS);
1427 clts();
1428 setup_fpu(current);
1430 __vmread_vcpu(v, GUEST_CR0, &value);
1431 value &= ~X86_CR0_TS; /* clear TS */
1432 __vmwrite(GUEST_CR0, value);
1434 __vmread_vcpu(v, CR0_READ_SHADOW, &value);
1435 value &= ~X86_CR0_TS; /* clear TS */
1436 __vmwrite(CR0_READ_SHADOW, value);
1437 break;
1438 case TYPE_LMSW:
1439 TRACE_VMEXIT(1,TYPE_LMSW);
1440 __vmread_vcpu(v, CR0_READ_SHADOW, &value);
1441 value = (value & ~0xF) |
1442 (((exit_qualification & LMSW_SOURCE_DATA) >> 16) & 0xF);
1443 return vmx_set_cr0(value);
1444 break;
1445 default:
1446 __vmx_bug(regs);
1447 break;
1449 return 1;
1452 static inline void vmx_do_msr_read(struct cpu_user_regs *regs)
1454 u64 msr_content = 0;
1455 struct vcpu *v = current;
1457 VMX_DBG_LOG(DBG_LEVEL_1, "vmx_do_msr_read: ecx=%lx, eax=%lx, edx=%lx",
1458 (unsigned long)regs->ecx, (unsigned long)regs->eax,
1459 (unsigned long)regs->edx);
1460 switch (regs->ecx) {
1461 case MSR_IA32_SYSENTER_CS:
1462 __vmread(GUEST_SYSENTER_CS, (u32 *)&msr_content);
1463 break;
1464 case MSR_IA32_SYSENTER_ESP:
1465 __vmread(GUEST_SYSENTER_ESP, &msr_content);
1466 break;
1467 case MSR_IA32_SYSENTER_EIP:
1468 __vmread(GUEST_SYSENTER_EIP, &msr_content);
1469 break;
1470 case MSR_IA32_APICBASE:
1471 msr_content = VLAPIC(v) ? VLAPIC(v)->apic_base_msr : 0;
1472 break;
1473 default:
1474 if(long_mode_do_msr_read(regs))
1475 return;
1476 rdmsr_user(regs->ecx, regs->eax, regs->edx);
1477 break;
1480 regs->eax = msr_content & 0xFFFFFFFF;
1481 regs->edx = msr_content >> 32;
1483 VMX_DBG_LOG(DBG_LEVEL_1, "vmx_do_msr_read returns: "
1484 "ecx=%lx, eax=%lx, edx=%lx",
1485 (unsigned long)regs->ecx, (unsigned long)regs->eax,
1486 (unsigned long)regs->edx);
1489 static inline void vmx_do_msr_write(struct cpu_user_regs *regs)
1491 u64 msr_content;
1492 struct vcpu *v = current;
1494 VMX_DBG_LOG(DBG_LEVEL_1, "vmx_do_msr_write: ecx=%lx, eax=%lx, edx=%lx",
1495 (unsigned long)regs->ecx, (unsigned long)regs->eax,
1496 (unsigned long)regs->edx);
1498 msr_content = (regs->eax & 0xFFFFFFFF) | ((u64)regs->edx << 32);
1500 switch (regs->ecx) {
1501 case MSR_IA32_SYSENTER_CS:
1502 __vmwrite(GUEST_SYSENTER_CS, msr_content);
1503 break;
1504 case MSR_IA32_SYSENTER_ESP:
1505 __vmwrite(GUEST_SYSENTER_ESP, msr_content);
1506 break;
1507 case MSR_IA32_SYSENTER_EIP:
1508 __vmwrite(GUEST_SYSENTER_EIP, msr_content);
1509 break;
1510 case MSR_IA32_APICBASE:
1511 vlapic_msr_set(VLAPIC(v), msr_content);
1512 break;
1513 default:
1514 long_mode_do_msr_write(regs);
1515 break;
1518 VMX_DBG_LOG(DBG_LEVEL_1, "vmx_do_msr_write returns: "
1519 "ecx=%lx, eax=%lx, edx=%lx",
1520 (unsigned long)regs->ecx, (unsigned long)regs->eax,
1521 (unsigned long)regs->edx);
1524 volatile unsigned long do_hlt_count;
1525 /*
1526 * Need to use this exit to reschedule
1527 */
1528 void vmx_vmexit_do_hlt(void)
1530 do_block();
1533 static inline void vmx_vmexit_do_extint(struct cpu_user_regs *regs)
1535 unsigned int vector;
1536 int error;
1538 asmlinkage void do_IRQ(struct cpu_user_regs *);
1539 void smp_apic_timer_interrupt(struct cpu_user_regs *);
1540 void timer_interrupt(int, void *, struct cpu_user_regs *);
1541 void smp_event_check_interrupt(void);
1542 void smp_invalidate_interrupt(void);
1543 void smp_call_function_interrupt(void);
1544 void smp_spurious_interrupt(struct cpu_user_regs *regs);
1545 void smp_error_interrupt(struct cpu_user_regs *regs);
1547 if ((error = __vmread(VM_EXIT_INTR_INFO, &vector))
1548 && !(vector & INTR_INFO_VALID_MASK))
1549 __vmx_bug(regs);
1551 vector &= 0xff;
1552 local_irq_disable();
1554 switch(vector) {
1555 case LOCAL_TIMER_VECTOR:
1556 smp_apic_timer_interrupt(regs);
1557 break;
1558 case EVENT_CHECK_VECTOR:
1559 smp_event_check_interrupt();
1560 break;
1561 case INVALIDATE_TLB_VECTOR:
1562 smp_invalidate_interrupt();
1563 break;
1564 case CALL_FUNCTION_VECTOR:
1565 smp_call_function_interrupt();
1566 break;
1567 case SPURIOUS_APIC_VECTOR:
1568 smp_spurious_interrupt(regs);
1569 break;
1570 case ERROR_APIC_VECTOR:
1571 smp_error_interrupt(regs);
1572 break;
1573 default:
1574 regs->entry_vector = vector;
1575 do_IRQ(regs);
1576 break;
1580 #define BUF_SIZ 256
1581 #define MAX_LINE 80
1582 char print_buf[BUF_SIZ];
1583 static int index;
1585 static void vmx_print_line(const char c, struct vcpu *v)
1588 if (index == MAX_LINE || c == '\n') {
1589 if (index == MAX_LINE) {
1590 print_buf[index++] = c;
1592 print_buf[index] = '\0';
1593 printk("(GUEST: %u) %s\n", v->domain->domain_id, (char *) &print_buf);
1594 index = 0;
1596 else
1597 print_buf[index++] = c;
1600 void save_vmx_cpu_user_regs(struct cpu_user_regs *ctxt)
1602 __vmread(GUEST_SS_SELECTOR, &ctxt->ss);
1603 __vmread(GUEST_RSP, &ctxt->esp);
1604 __vmread(GUEST_RFLAGS, &ctxt->eflags);
1605 __vmread(GUEST_CS_SELECTOR, &ctxt->cs);
1606 __vmread(GUEST_RIP, &ctxt->eip);
1608 __vmread(GUEST_GS_SELECTOR, &ctxt->gs);
1609 __vmread(GUEST_FS_SELECTOR, &ctxt->fs);
1610 __vmread(GUEST_ES_SELECTOR, &ctxt->es);
1611 __vmread(GUEST_DS_SELECTOR, &ctxt->ds);
1614 #ifdef XEN_DEBUGGER
1615 void save_cpu_user_regs(struct cpu_user_regs *regs)
1617 __vmread(GUEST_SS_SELECTOR, &regs->xss);
1618 __vmread(GUEST_RSP, &regs->esp);
1619 __vmread(GUEST_RFLAGS, &regs->eflags);
1620 __vmread(GUEST_CS_SELECTOR, &regs->xcs);
1621 __vmread(GUEST_RIP, &regs->eip);
1623 __vmread(GUEST_GS_SELECTOR, &regs->xgs);
1624 __vmread(GUEST_FS_SELECTOR, &regs->xfs);
1625 __vmread(GUEST_ES_SELECTOR, &regs->xes);
1626 __vmread(GUEST_DS_SELECTOR, &regs->xds);
1629 void restore_cpu_user_regs(struct cpu_user_regs *regs)
1631 __vmwrite(GUEST_SS_SELECTOR, regs->xss);
1632 __vmwrite(GUEST_RSP, regs->esp);
1633 __vmwrite(GUEST_RFLAGS, regs->eflags);
1634 __vmwrite(GUEST_CS_SELECTOR, regs->xcs);
1635 __vmwrite(GUEST_RIP, regs->eip);
1637 __vmwrite(GUEST_GS_SELECTOR, regs->xgs);
1638 __vmwrite(GUEST_FS_SELECTOR, regs->xfs);
1639 __vmwrite(GUEST_ES_SELECTOR, regs->xes);
1640 __vmwrite(GUEST_DS_SELECTOR, regs->xds);
1642 #endif
1644 asmlinkage void vmx_vmexit_handler(struct cpu_user_regs regs)
1646 unsigned int exit_reason, idtv_info_field;
1647 unsigned long exit_qualification, eip, inst_len = 0;
1648 struct vcpu *v = current;
1649 int error;
1651 if ((error = __vmread(VM_EXIT_REASON, &exit_reason)))
1652 __vmx_bug(&regs);
1654 perfc_incra(vmexits, exit_reason);
1656 __vmread(IDT_VECTORING_INFO_FIELD, &idtv_info_field);
1657 if (idtv_info_field & INTR_INFO_VALID_MASK) {
1658 __vmwrite(VM_ENTRY_INTR_INFO_FIELD, idtv_info_field);
1660 __vmread(VM_EXIT_INSTRUCTION_LEN, &inst_len);
1661 if (inst_len >= 1 && inst_len <= 15)
1662 __vmwrite(VM_ENTRY_INSTRUCTION_LEN, inst_len);
1664 if (idtv_info_field & 0x800) { /* valid error code */
1665 unsigned long error_code;
1666 __vmread(IDT_VECTORING_ERROR_CODE, &error_code);
1667 __vmwrite(VM_ENTRY_EXCEPTION_ERROR_CODE, error_code);
1670 VMX_DBG_LOG(DBG_LEVEL_1, "idtv_info_field=%x", idtv_info_field);
1673 /* don't bother H/W interrutps */
1674 if (exit_reason != EXIT_REASON_EXTERNAL_INTERRUPT &&
1675 exit_reason != EXIT_REASON_VMCALL &&
1676 exit_reason != EXIT_REASON_IO_INSTRUCTION)
1677 VMX_DBG_LOG(DBG_LEVEL_0, "exit reason = %x", exit_reason);
1679 if (exit_reason & VMX_EXIT_REASONS_FAILED_VMENTRY) {
1680 printk("Failed vm entry\n");
1681 domain_crash_synchronous();
1682 return;
1686 __vmread(GUEST_RIP, &eip);
1687 TRACE_3D(TRC_VMX_VMEXIT, v->domain->domain_id, eip, exit_reason);
1688 TRACE_VMEXIT(0,exit_reason);
1691 switch (exit_reason) {
1692 case EXIT_REASON_EXCEPTION_NMI:
1694 /*
1695 * We don't set the software-interrupt exiting (INT n).
1696 * (1) We can get an exception (e.g. #PG) in the guest, or
1697 * (2) NMI
1698 */
1699 int error;
1700 unsigned int vector;
1701 unsigned long va;
1703 if ((error = __vmread(VM_EXIT_INTR_INFO, &vector))
1704 || !(vector & INTR_INFO_VALID_MASK))
1705 __vmx_bug(&regs);
1706 vector &= 0xff;
1708 TRACE_VMEXIT(1,vector);
1709 perfc_incra(cause_vector, vector);
1711 TRACE_3D(TRC_VMX_VECTOR, v->domain->domain_id, eip, vector);
1712 switch (vector) {
1713 #ifdef XEN_DEBUGGER
1714 case TRAP_debug:
1716 save_cpu_user_regs(&regs);
1717 pdb_handle_exception(1, &regs, 1);
1718 restore_cpu_user_regs(&regs);
1719 break;
1721 case TRAP_int3:
1723 save_cpu_user_regs(&regs);
1724 pdb_handle_exception(3, &regs, 1);
1725 restore_cpu_user_regs(&regs);
1726 break;
1728 #else
1729 case TRAP_debug:
1731 void store_cpu_user_regs(struct cpu_user_regs *regs);
1732 long do_sched_op(unsigned long op);
1735 store_cpu_user_regs(&regs);
1736 __vm_clear_bit(GUEST_PENDING_DBG_EXCEPTIONS, PENDING_DEBUG_EXC_BS);
1738 domain_pause_for_debugger();
1739 do_sched_op(SCHEDOP_yield);
1741 break;
1743 #endif
1744 case TRAP_no_device:
1746 vmx_do_no_device_fault();
1747 break;
1749 case TRAP_page_fault:
1751 __vmread(EXIT_QUALIFICATION, &va);
1752 __vmread(VM_EXIT_INTR_ERROR_CODE, &regs.error_code);
1754 TRACE_VMEXIT(3,regs.error_code);
1755 TRACE_VMEXIT(4,va);
1757 VMX_DBG_LOG(DBG_LEVEL_VMMU,
1758 "eax=%lx, ebx=%lx, ecx=%lx, edx=%lx, esi=%lx, edi=%lx",
1759 (unsigned long)regs.eax, (unsigned long)regs.ebx,
1760 (unsigned long)regs.ecx, (unsigned long)regs.edx,
1761 (unsigned long)regs.esi, (unsigned long)regs.edi);
1762 v->arch.arch_vmx.mmio_op.inst_decoder_regs = &regs;
1764 if (!(error = vmx_do_page_fault(va, &regs))) {
1765 /*
1766 * Inject #PG using Interruption-Information Fields
1767 */
1768 vmx_inject_exception(v, TRAP_page_fault, regs.error_code);
1769 v->arch.arch_vmx.cpu_cr2 = va;
1770 TRACE_3D(TRC_VMX_INT, v->domain->domain_id, TRAP_page_fault, va);
1772 break;
1774 case TRAP_nmi:
1775 do_nmi(&regs, 0);
1776 break;
1777 default:
1778 vmx_reflect_exception(v);
1779 break;
1781 break;
1783 case EXIT_REASON_EXTERNAL_INTERRUPT:
1784 vmx_vmexit_do_extint(&regs);
1785 break;
1786 case EXIT_REASON_PENDING_INTERRUPT:
1787 __vmwrite(CPU_BASED_VM_EXEC_CONTROL,
1788 MONITOR_CPU_BASED_EXEC_CONTROLS);
1789 break;
1790 case EXIT_REASON_TASK_SWITCH:
1791 __vmx_bug(&regs);
1792 break;
1793 case EXIT_REASON_CPUID:
1794 __get_instruction_length(inst_len);
1795 vmx_vmexit_do_cpuid(regs.eax, &regs);
1796 __update_guest_eip(inst_len);
1797 break;
1798 case EXIT_REASON_HLT:
1799 __get_instruction_length(inst_len);
1800 __update_guest_eip(inst_len);
1801 vmx_vmexit_do_hlt();
1802 break;
1803 case EXIT_REASON_INVLPG:
1805 unsigned long va;
1807 __vmread(EXIT_QUALIFICATION, &va);
1808 vmx_vmexit_do_invlpg(va);
1809 __get_instruction_length(inst_len);
1810 __update_guest_eip(inst_len);
1811 break;
1813 case EXIT_REASON_VMCALL:
1814 __get_instruction_length(inst_len);
1815 __vmread(GUEST_RIP, &eip);
1816 __vmread(EXIT_QUALIFICATION, &exit_qualification);
1818 vmx_print_line(regs.eax, v); /* provides the current domain */
1819 __update_guest_eip(inst_len);
1820 break;
1821 case EXIT_REASON_CR_ACCESS:
1823 __vmread(GUEST_RIP, &eip);
1824 __get_instruction_length(inst_len);
1825 __vmread(EXIT_QUALIFICATION, &exit_qualification);
1827 VMX_DBG_LOG(DBG_LEVEL_1, "eip = %lx, inst_len =%lx, exit_qualification = %lx",
1828 eip, inst_len, exit_qualification);
1829 if (vmx_cr_access(exit_qualification, &regs))
1830 __update_guest_eip(inst_len);
1831 TRACE_VMEXIT(3,regs.error_code);
1832 TRACE_VMEXIT(4,exit_qualification);
1833 break;
1835 case EXIT_REASON_DR_ACCESS:
1836 __vmread(EXIT_QUALIFICATION, &exit_qualification);
1837 vmx_dr_access(exit_qualification, &regs);
1838 __get_instruction_length(inst_len);
1839 __update_guest_eip(inst_len);
1840 break;
1841 case EXIT_REASON_IO_INSTRUCTION:
1842 __vmread(EXIT_QUALIFICATION, &exit_qualification);
1843 __get_instruction_length(inst_len);
1844 vmx_io_instruction(&regs, exit_qualification, inst_len);
1845 TRACE_VMEXIT(4,exit_qualification);
1846 break;
1847 case EXIT_REASON_MSR_READ:
1848 __get_instruction_length(inst_len);
1849 vmx_do_msr_read(&regs);
1850 __update_guest_eip(inst_len);
1851 break;
1852 case EXIT_REASON_MSR_WRITE:
1853 __vmread(GUEST_RIP, &eip);
1854 vmx_do_msr_write(&regs);
1855 __get_instruction_length(inst_len);
1856 __update_guest_eip(inst_len);
1857 break;
1858 case EXIT_REASON_MWAIT_INSTRUCTION:
1859 __vmx_bug(&regs);
1860 break;
1861 default:
1862 __vmx_bug(&regs); /* should not happen */
1866 asmlinkage void load_cr2(void)
1868 struct vcpu *v = current;
1870 local_irq_disable();
1871 #ifdef __i386__
1872 asm volatile("movl %0,%%cr2": :"r" (v->arch.arch_vmx.cpu_cr2));
1873 #else
1874 asm volatile("movq %0,%%cr2": :"r" (v->arch.arch_vmx.cpu_cr2));
1875 #endif
1878 asmlinkage void trace_vmentry (void)
1880 TRACE_5D(TRC_VMENTRY,trace_values[current->processor][0],
1881 trace_values[current->processor][1],trace_values[current->processor][2],
1882 trace_values[current->processor][3],trace_values[current->processor][4]);
1883 TRACE_VMEXIT(0,9);
1884 TRACE_VMEXIT(1,9);
1885 TRACE_VMEXIT(2,9);
1886 TRACE_VMEXIT(3,9);
1887 TRACE_VMEXIT(4,9);
1888 return;
1890 asmlinkage void trace_vmexit (void)
1892 TRACE_3D(TRC_VMEXIT,0,0,0);
1893 return;
1895 #endif /* CONFIG_VMX */
1897 /*
1898 * Local variables:
1899 * mode: C
1900 * c-set-style: "BSD"
1901 * c-basic-offset: 4
1902 * tab-width: 4
1903 * indent-tabs-mode: nil
1904 * End:
1905 */