ia64/xen-unstable

view xen/arch/x86/hvm/svm/emulate.c @ 11687:792fb641ea7b

[HVM][SVM] Obtaining instruction address needs to mask to 32 bits
if not running in 64-bit mode.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kfraser@localhost.localdomain
date Fri Sep 29 11:50:51 2006 +0100 (2006-09-29)
parents d20e1835c24b
children 84c0f49de1b1
line source
1 /*
2 * emulate.c: handling SVM emulate instructions help.
3 * Copyright (c) 2005 AMD Corporation.
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms and conditions of the GNU General Public License,
7 * version 2, as published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
16 * Place - Suite 330, Boston, MA 02111-1307 USA.
17 *
18 */
20 #include <xen/config.h>
21 #include <xen/init.h>
22 #include <xen/lib.h>
23 #include <xen/trace.h>
24 #include <asm/msr.h>
25 #include <asm/hvm/hvm.h>
26 #include <asm/hvm/support.h>
27 #include <asm/hvm/svm/vmcb.h>
28 #include <asm/hvm/svm/emulate.h>
30 extern int inst_copy_from_guest(unsigned char *buf, unsigned long guest_eip,
31 int inst_len);
33 #define REX_PREFIX_BASE 0x40
34 #define REX_X 0x02
35 #define REX_W 0x08
36 #define REX_R 0x04
37 #define REX_B 0x01
39 #define IS_REX_PREFIX(prefix) ((prefix & 0xf0) == REX_PREFIX_BASE)
41 #define DECODE_MODRM_MOD(modrm) ((modrm & 0xC0) >> 6)
43 #define DECODE_MODRM_REG(prefix, modrm) \
44 ((prefix & REX_R) && IS_REX_PREFIX(prefix)) \
45 ? (0x08 | ((modrm >> 3) & 0x07)) : ((modrm >> 3) & 0x07)
47 #define DECODE_MODRM_RM(prefix, modrm) \
48 ((prefix & REX_B) && IS_REX_PREFIX(prefix)) \
49 ? (0x08 | (modrm & 0x07)) : (modrm & 0x07)
51 #define DECODE_SIB_SCALE(sib) DECODE_MODRM_MOD(sib)
53 #define DECODE_SIB_INDEX(prefix, sib) \
54 ((prefix & REX_X) && IS_REX_PREFIX(prefix)) \
55 ? (0x08 | ((sib >> 3) & 0x07)) : ((sib >> 3) & 0x07)
57 #define DECODE_SIB_BASE(prefix, sib) DECODE_MODRM_RM(prefix, sib)
60 static inline unsigned long DECODE_GPR_VALUE(struct vmcb_struct *vmcb,
61 struct cpu_user_regs *regs, u8 gpr_rm)
62 {
63 unsigned long value;
64 switch (gpr_rm)
65 {
66 case 0x0:
67 value = regs->eax;
68 break;
69 case 0x1:
70 value = regs->ecx;
71 break;
72 case 0x2:
73 value = regs->edx;
74 break;
75 case 0x3:
76 value = regs->ebx;
77 break;
78 case 0x4:
79 value = (unsigned long)vmcb->rsp;
80 case 0x5:
81 value = regs->ebp;
82 break;
83 case 0x6:
84 value = regs->esi;
85 break;
86 case 0x7:
87 value = regs->edi;
88 break;
89 #if __x86_64__
90 case 0x8:
91 value = regs->r8;
92 break;
93 case 0x9:
94 value = regs->r9;
95 break;
96 case 0xA:
97 value = regs->r10;
98 break;
99 case 0xB:
100 value = regs->r11;
101 break;
102 case 0xC:
103 value = regs->r12;
104 break;
105 case 0xD:
106 value = regs->r13;
107 break;
108 case 0xE:
109 value = regs->r14;
110 break;
111 case 0xF:
112 value = regs->r15;
113 break;
114 #endif
115 default:
116 printk("Invlaid gpr_rm = %d\n", gpr_rm);
117 ASSERT(0);
118 value = (unsigned long)-1; /* error retrun */
119 }
120 return value;
121 }
124 #define CHECK_LENGTH64(num) \
125 if (num > length) \
126 { \
127 *size = 0; \
128 return (unsigned long) -1; \
129 }
131 #if 0
132 /*
133 * hv_is_canonical - checks if the given address is canonical
134 */
135 static inline u64 hv_is_canonical(u64 addr)
136 {
137 u64 bits = addr & (u64)0xffff800000000000;
138 return (u64)((bits == (u64)0xffff800000000000) || (bits == (u64)0x0));
139 }
140 #endif
142 #define modrm operand [0]
144 #define sib operand [1]
147 unsigned long get_effective_addr_modrm64(struct vmcb_struct *vmcb,
148 struct cpu_user_regs *regs, const u8 prefix, const u8 *operand,
149 u8 *size)
150 {
151 unsigned long effective_addr = (unsigned long) -1;
152 u8 length, modrm_mod, modrm_rm;
153 u32 disp = 0;
155 HVM_DBG_LOG(DBG_LEVEL_1, "get_effective_addr_modrm64(): prefix = %x, "
156 "length = %d, operand[0,1] = %x %x.\n", prefix, *size, operand [0],
157 operand [1]);
159 if ((NULL == size) || (NULL == operand) || (1 > *size))
160 {
161 *size = 0;
162 return effective_addr;
163 }
165 modrm_mod = DECODE_MODRM_MOD(modrm);
166 modrm_rm = DECODE_MODRM_RM(prefix, modrm);
168 length = *size;
169 *size = 1;
170 switch (modrm_rm)
171 {
172 case 0x4:
173 #if __x86_64__
174 case 0xC:
175 #endif
176 if (modrm_mod < 3)
177 {
178 *size = length;
179 effective_addr = get_effective_addr_sib(vmcb, regs, prefix, operand, size);
180 }
181 else
182 {
183 effective_addr = DECODE_GPR_VALUE(vmcb, regs, modrm_rm);
184 }
185 break;
187 case 0x5:
188 if (0 < modrm_mod)
189 {
190 effective_addr = regs->ebp;
191 *size = 1;
192 break;
193 }
195 CHECK_LENGTH64(*size + (u8)sizeof(u32));
197 memcpy (&disp, operand + 1, sizeof (u32));
198 *size += sizeof (u32);
199 if (vmcb->cs.attributes.fields.l) // 64-bit mode
200 return vmcb->rip + disp;
201 else
202 return disp;
204 #if __x86_64__
205 case 0xD:
206 if (0 < modrm_mod)
207 {
208 *size = 1;
209 effective_addr = regs->r13;
210 break;
211 }
213 CHECK_LENGTH64(*size + (u8)sizeof(u32));
215 memcpy (&disp, operand + 1, sizeof (u32));
216 *size += sizeof (u32);
218 /* 64-bit mode */
219 if (vmcb->cs.attributes.fields.l)
220 return vmcb->rip + disp;
221 else
222 return disp;
224 #endif
225 default:
226 effective_addr = DECODE_GPR_VALUE(vmcb, regs, modrm_rm);
228 }
230 if (3 > modrm_mod)
231 {
232 if (1 == modrm_mod )
233 {
234 CHECK_LENGTH64(*size + (u8)sizeof(u8));
235 disp = sib;
236 *size += sizeof (u8);
237 }
238 else if (2 == modrm_mod )
239 {
240 CHECK_LENGTH64(*size + sizeof (u32));
241 memcpy (&disp, operand + 1, sizeof (u32));
242 *size += sizeof (u32);
243 }
245 effective_addr += disp;
246 }
248 return effective_addr;
249 }
252 unsigned long get_effective_addr_sib(struct vmcb_struct *vmcb,
253 struct cpu_user_regs *regs, const u8 prefix, const u8 *operand,
254 u8 *size)
255 {
256 unsigned long base, effective_addr = (unsigned long)-1;
257 u8 sib_scale, sib_idx, sib_base, length;
258 u32 disp = 0;
260 if (NULL == size || NULL == operand || 2 > *size)
261 {
262 *size = 0;
263 return effective_addr;
264 }
266 sib_scale = DECODE_SIB_SCALE(sib);
267 sib_idx = DECODE_SIB_INDEX(prefix, sib);
268 sib_base = DECODE_SIB_BASE(prefix, sib);
270 base = DECODE_GPR_VALUE(vmcb, regs, sib_base);
272 if ((unsigned long)-1 == base)
273 {
274 /*
275 * Surely this is wrong. base should be allowed to be -1, even if
276 * it's not the usual case...
277 */
278 *size = 0;
279 return base;
280 }
282 length = *size;
283 *size = 2;
284 if (0x5 == (sib_base & 0x5))
285 {
286 switch (DECODE_MODRM_MOD(modrm))
287 {
288 case 0:
289 CHECK_LENGTH64(*size + (u8)sizeof(u32));
290 memcpy (&disp, operand + 2, sizeof(u32));
291 *size += sizeof(u32);
292 base = disp;
293 break;
295 case 1:
296 CHECK_LENGTH64(*size + (u8)sizeof (u8));
297 *size += sizeof(u8);
298 base += operand [2];
299 break;
301 case 2:
302 CHECK_LENGTH64(*size + (u8)sizeof (u32));
303 memcpy(&disp, operand + 2, sizeof(u32));
304 *size += sizeof(u32);
305 base += disp;
306 }
307 }
309 if (4 == sib_idx)
310 return base;
312 effective_addr = DECODE_GPR_VALUE(vmcb, regs, sib_idx);
314 effective_addr <<= sib_scale;
316 return (effective_addr + base);
317 }
320 /* Get the register/mode number of src register in ModRM register. */
321 unsigned int decode_dest_reg(u8 prefix, u8 m)
322 {
323 return DECODE_MODRM_REG(prefix, m);
324 }
326 unsigned int decode_src_reg(u8 prefix, u8 m)
327 {
328 return DECODE_MODRM_RM(prefix, m);
329 }
332 unsigned long svm_rip2pointer(struct vmcb_struct *vmcb)
333 {
334 /*
335 * The following is subtle. Intuitively this code would be something like:
336 *
337 * if (16bit) addr = (cs << 4) + rip; else addr = rip;
338 *
339 * However, this code doesn't work for code executing after CR0.PE=0,
340 * but before the %cs has been updated. We don't get signalled when
341 * %cs is update, but fortunately, base contain the valid base address
342 * no matter what kind of addressing is used.
343 */
344 unsigned long p = vmcb->cs.base + vmcb->rip;
345 if (!(vmcb->cs.attributes.fields.l && vmcb->efer & EFER_LMA))
346 return (u32)p; /* mask to 32 bits */
347 /* NB. Should mask to 16 bits if in real mode or 16-bit protected mode. */
348 return p;
349 }
352 #define MAKE_INSTR(nm, ...) static const u8 OPCODE_##nm[] = { __VA_ARGS__ }
354 /*
355 * Here's how it works:
356 * First byte: Length.
357 * Following bytes: Opcode bytes.
358 * Special case: Last byte, if zero, doesn't need to match.
359 */
360 MAKE_INSTR(INVD, 2, 0x0f, 0x08);
361 MAKE_INSTR(CPUID, 2, 0x0f, 0xa2);
362 MAKE_INSTR(RDMSR, 2, 0x0f, 0x32);
363 MAKE_INSTR(WRMSR, 2, 0x0f, 0x30);
364 MAKE_INSTR(RDTSC, 2, 0x0f, 0x31);
365 MAKE_INSTR(RDTSCP, 3, 0x0f, 0x01, 0xf9);
366 MAKE_INSTR(CLI, 1, 0xfa);
367 MAKE_INSTR(STI, 1, 0xfb);
368 MAKE_INSTR(RDPMC, 2, 0x0f, 0x33);
369 MAKE_INSTR(CLGI, 3, 0x0f, 0x01, 0xdd);
370 MAKE_INSTR(STGI, 3, 0x0f, 0x01, 0xdc);
371 MAKE_INSTR(VMRUN, 3, 0x0f, 0x01, 0xd8);
372 MAKE_INSTR(VMLOAD, 3, 0x0f, 0x01, 0xda);
373 MAKE_INSTR(VMSAVE, 3, 0x0f, 0x01, 0xdb);
374 MAKE_INSTR(VMCALL, 3, 0x0f, 0x01, 0xd9);
375 MAKE_INSTR(PAUSE, 2, 0xf3, 0x90);
376 MAKE_INSTR(SKINIT, 3, 0x0f, 0x01, 0xde);
377 MAKE_INSTR(MOV2CR, 3, 0x0f, 0x22, 0x00);
378 MAKE_INSTR(MOVCR2, 3, 0x0f, 0x20, 0x00);
379 MAKE_INSTR(MOV2DR, 3, 0x0f, 0x23, 0x00);
380 MAKE_INSTR(MOVDR2, 3, 0x0f, 0x21, 0x00);
381 MAKE_INSTR(PUSHF, 1, 0x9c);
382 MAKE_INSTR(POPF, 1, 0x9d);
383 MAKE_INSTR(RSM, 2, 0x0f, 0xaa);
384 MAKE_INSTR(INVLPG, 3, 0x0f, 0x01, 0x00);
385 MAKE_INSTR(INVLPGA,3, 0x0f, 0x01, 0xdf);
386 MAKE_INSTR(HLT, 1, 0xf4);
387 MAKE_INSTR(CLTS, 2, 0x0f, 0x06);
388 MAKE_INSTR(LMSW, 3, 0x0f, 0x01, 0x00);
389 MAKE_INSTR(SMSW, 3, 0x0f, 0x01, 0x00);
391 static const u8 *opc_bytes[INSTR_MAX_COUNT] =
392 {
393 [INSTR_INVD] = OPCODE_INVD,
394 [INSTR_CPUID] = OPCODE_CPUID,
395 [INSTR_RDMSR] = OPCODE_RDMSR,
396 [INSTR_WRMSR] = OPCODE_WRMSR,
397 [INSTR_RDTSC] = OPCODE_RDTSC,
398 [INSTR_RDTSCP] = OPCODE_RDTSCP,
399 [INSTR_CLI] = OPCODE_CLI,
400 [INSTR_STI] = OPCODE_STI,
401 [INSTR_RDPMC] = OPCODE_RDPMC,
402 [INSTR_CLGI] = OPCODE_CLGI,
403 [INSTR_STGI] = OPCODE_STGI,
404 [INSTR_VMRUN] = OPCODE_VMRUN,
405 [INSTR_VMLOAD] = OPCODE_VMLOAD,
406 [INSTR_VMSAVE] = OPCODE_VMSAVE,
407 [INSTR_VMCALL] = OPCODE_VMCALL,
408 [INSTR_PAUSE] = OPCODE_PAUSE,
409 [INSTR_SKINIT] = OPCODE_SKINIT,
410 [INSTR_MOV2CR] = OPCODE_MOV2CR,
411 [INSTR_MOVCR2] = OPCODE_MOVCR2,
412 [INSTR_MOV2DR] = OPCODE_MOV2DR,
413 [INSTR_MOVDR2] = OPCODE_MOVDR2,
414 [INSTR_PUSHF] = OPCODE_PUSHF,
415 [INSTR_POPF] = OPCODE_POPF,
416 [INSTR_RSM] = OPCODE_RSM,
417 [INSTR_INVLPG] = OPCODE_INVLPG,
418 [INSTR_INVLPGA]= OPCODE_INVLPGA,
419 [INSTR_CLTS] = OPCODE_CLTS,
420 [INSTR_HLT] = OPCODE_HLT,
421 [INSTR_LMSW] = OPCODE_LMSW,
422 [INSTR_SMSW] = OPCODE_SMSW
423 };
425 /*
426 * Intel has a vmcs entry to give the instruction length. AMD doesn't. So we
427 * have to do a little bit of work to find out...
428 *
429 * The caller can either pass a NULL pointer to the guest_eip_buf, or a pointer
430 * to enough bytes to satisfy the instruction including prefix bytes.
431 */
432 int __get_instruction_length_from_list(struct vmcb_struct *vmcb,
433 enum instruction_index *list, unsigned int list_count,
434 u8 *guest_eip_buf, enum instruction_index *match)
435 {
436 unsigned int inst_len = 0;
437 unsigned int i;
438 unsigned int j;
439 int found = 0;
440 enum instruction_index instr = 0;
441 u8 buffer[MAX_INST_LEN];
442 u8 *buf;
443 const u8 *opcode = NULL;
445 if (guest_eip_buf)
446 {
447 buf = guest_eip_buf;
448 }
449 else
450 {
451 inst_copy_from_guest(buffer, svm_rip2pointer(vmcb), MAX_INST_LEN);
452 buf = buffer;
453 }
455 for (j = 0; j < list_count; j++)
456 {
457 instr = list[j];
458 opcode = opc_bytes[instr];
459 ASSERT(opcode);
461 while (inst_len < MAX_INST_LEN &&
462 is_prefix(buf[inst_len]) &&
463 !is_prefix(opcode[1]))
464 inst_len++;
466 ASSERT(opcode[0] <= 15); /* Make sure the table is correct. */
467 found = 1;
469 for (i = 0; i < opcode[0]; i++)
470 {
471 /* If the last byte is zero, we just accept it without checking */
472 if (i == opcode[0]-1 && opcode[i+1] == 0)
473 break;
475 if (buf[inst_len+i] != opcode[i+1])
476 {
477 found = 0;
478 break;
479 }
480 }
482 if (found)
483 break;
484 }
486 /* It's a match */
487 if (found)
488 {
489 inst_len += opcode[0];
491 ASSERT(inst_len <= MAX_INST_LEN);
493 if (match)
494 *match = instr;
496 return inst_len;
497 }
499 printk("%s: Mismatch between expected and actual instruction bytes: "
500 "eip = %lx\n", __func__, (unsigned long)vmcb->rip);
501 return 0;
502 }
504 /*
505 * Local variables:
506 * mode: C
507 * c-set-style: "BSD"
508 * c-basic-offset: 4
509 * tab-width: 4
510 * indent-tabs-mode: nil
511 * End:
512 */