LXR linux/arch/x86/include/asm/kvm

   1/******************************************************************************
   2 * x86_emulate.h
   3 *
   4 * Generic x86 (32-bit and 64-bit) instruction decoder and emulator.
   5 *
   6 * Copyright (c) 2005 Keir Fraser
   7 *
   8 * From: xen-unstable 10676:af9809f51f81a3c43f276f00c81a52ef558afda4
   9 */
  10
  11#ifndef _ASM_X86_KVM_X86_EMULATE_H
  12#define _ASM_X86_KVM_X86_EMULATE_H
  13
  14#include <asm/desc_defs.h>
  15
  16struct x86_emulate_ctxt;
  17enum x86_intercept;
  18enum x86_intercept_stage;
  19
  20struct x86_exception {
  21        u8 vector;
  22        bool error_code_valid;
  23        u16 error_code;
  24        bool nested_page_fault;
  25        u64 address; /* cr2 or nested page fault gpa */
  26        u8 async_page_fault;
  27};
  28
  29/*
  30 * This struct is used to carry enough information from the instruction
  31 * decoder to main KVM so that a decision can be made whether the
  32 * instruction needs to be intercepted or not.
  33 */
  34struct x86_instruction_info {
  35        u8  intercept;          /* which intercept                      */
  36        u8  rep_prefix;         /* rep prefix?                          */
  37        u8  modrm_mod;          /* mod part of modrm                    */
  38        u8  modrm_reg;          /* index of register used               */
  39        u8  modrm_rm;           /* rm part of modrm                     */
  40        u64 src_val;            /* value of source operand              */
  41        u64 dst_val;            /* value of destination operand         */
  42        u8  src_bytes;          /* size of source operand               */
  43        u8  dst_bytes;          /* size of destination operand          */
  44        u8  ad_bytes;           /* size of src/dst address              */
  45        u64 next_rip;           /* rip following the instruction        */
  46};
  47
  48/*
  49 * x86_emulate_ops:
  50 *
  51 * These operations represent the instruction emulator's interface to memory.
  52 * There are two categories of operation: those that act on ordinary memory
  53 * regions (*_std), and those that act on memory regions known to require
  54 * special treatment or emulation (*_emulated).
  55 *
  56 * The emulator assumes that an instruction accesses only one 'emulated memory'
  57 * location, that this location is the given linear faulting address (cr2), and
  58 * that this is one of the instruction's data operands. Instruction fetches and
  59 * stack operations are assumed never to access emulated memory. The emulator
  60 * automatically deduces which operand of a string-move operation is accessing
  61 * emulated memory, and assumes that the other operand accesses normal memory.
  62 *
  63 * NOTES:
  64 *  1. The emulator isn't very smart about emulated vs. standard memory.
  65 *     'Emulated memory' access addresses should be checked for sanity.
  66 *     'Normal memory' accesses may fault, and the caller must arrange to
  67 *     detect and handle reentrancy into the emulator via recursive faults.
  68 *     Accesses may be unaligned and may cross page boundaries.
  69 *  2. If the access fails (cannot emulate, or a standard access faults) then
  70 *     it is up to the memop to propagate the fault to the guest VM via
  71 *     some out-of-band mechanism, unknown to the emulator. The memop signals
  72 *     failure by returning X86EMUL_PROPAGATE_FAULT to the emulator, which will
  73 *     then immediately bail.
  74 *  3. Valid access sizes are 1, 2, 4 and 8 bytes. On x86/32 systems only
  75 *     cmpxchg8b_emulated need support 8-byte accesses.
  76 *  4. The emulator cannot handle 64-bit mode emulation on an x86/32 system.
  77 */
  78/* Access completed successfully: continue emulation as normal. */
  79#define X86EMUL_CONTINUE        0
  80/* Access is unhandleable: bail from emulation and return error to caller. */
  81#define X86EMUL_UNHANDLEABLE    1
  82/* Terminate emulation but return success to the caller. */
  83#define X86EMUL_PROPAGATE_FAULT 2 /* propagate a generated fault to guest */
  84#define X86EMUL_RETRY_INSTR     3 /* retry the instruction for some reason */
  85#define X86EMUL_CMPXCHG_FAILED  4 /* cmpxchg did not see expected value */
  86#define X86EMUL_IO_NEEDED       5 /* IO is needed to complete emulation */
  87#define X86EMUL_INTERCEPTED     6 /* Intercepted by nested VMCB/VMCS */
  88
  89struct x86_emulate_ops {
  90        /*
  91         * read_gpr: read a general purpose register (rax - r15)
  92         *
  93         * @reg: gpr number.
  94         */
  95        ulong (*read_gpr)(struct x86_emulate_ctxt *ctxt, unsigned reg);
  96        /*
  97         * write_gpr: write a general purpose register (rax - r15)
  98         *
  99         * @reg: gpr number.
 100         * @val: value to write.
 101         */
 102        void (*write_gpr)(struct x86_emulate_ctxt *ctxt, unsigned reg, ulong val);
 103        /*
 104         * read_std: Read bytes of standard (non-emulated/special) memory.
 105         *           Used for descriptor reading.
 106         *  @addr:  [IN ] Linear address from which to read.
 107         *  @val:   [OUT] Value read from memory, zero-extended to 'u_long'.
 108         *  @bytes: [IN ] Number of bytes to read from memory.
 109         */
 110        int (*read_std)(struct x86_emulate_ctxt *ctxt,
 111                        unsigned long addr, void *val,
 112                        unsigned int bytes,
 113                        struct x86_exception *fault);
 114
 115        /*
 116         * read_phys: Read bytes of standard (non-emulated/special) memory.
 117         *            Used for descriptor reading.
 118         *  @addr:  [IN ] Physical address from which to read.
 119         *  @val:   [OUT] Value read from memory.
 120         *  @bytes: [IN ] Number of bytes to read from memory.
 121         */
 122        int (*read_phys)(struct x86_emulate_ctxt *ctxt, unsigned long addr,
 123                        void *val, unsigned int bytes);
 124
 125        /*
 126         * write_std: Write bytes of standard (non-emulated/special) memory.
 127         *            Used for descriptor writing.
 128         *  @addr:  [IN ] Linear address to which to write.
 129         *  @val:   [OUT] Value write to memory, zero-extended to 'u_long'.
 130         *  @bytes: [IN ] Number of bytes to write to memory.
 131         */
 132        int (*write_std)(struct x86_emulate_ctxt *ctxt,
 133                         unsigned long addr, void *val, unsigned int bytes,
 134                         struct x86_exception *fault);
 135        /*
 136         * fetch: Read bytes of standard (non-emulated/special) memory.
 137         *        Used for instruction fetch.
 138         *  @addr:  [IN ] Linear address from which to read.
 139         *  @val:   [OUT] Value read from memory, zero-extended to 'u_long'.
 140         *  @bytes: [IN ] Number of bytes to read from memory.
 141         */
 142        int (*fetch)(struct x86_emulate_ctxt *ctxt,
 143                     unsigned long addr, void *val, unsigned int bytes,
 144                     struct x86_exception *fault);
 145
 146        /*
 147         * read_emulated: Read bytes from emulated/special memory area.
 148         *  @addr:  [IN ] Linear address from which to read.
 149         *  @val:   [OUT] Value read from memory, zero-extended to 'u_long'.
 150         *  @bytes: [IN ] Number of bytes to read from memory.
 151         */
 152        int (*read_emulated)(struct x86_emulate_ctxt *ctxt,
 153                             unsigned long addr, void *val, unsigned int bytes,
 154                             struct x86_exception *fault);
 155
 156        /*
 157         * write_emulated: Write bytes to emulated/special memory area.
 158         *  @addr:  [IN ] Linear address to which to write.
 159         *  @val:   [IN ] Value to write to memory (low-order bytes used as
 160         *                required).
 161         *  @bytes: [IN ] Number of bytes to write to memory.
 162         */
 163        int (*write_emulated)(struct x86_emulate_ctxt *ctxt,
 164                              unsigned long addr, const void *val,
 165                              unsigned int bytes,
 166                              struct x86_exception *fault);
 167
 168        /*
 169         * cmpxchg_emulated: Emulate an atomic (LOCKed) CMPXCHG operation on an
 170         *                   emulated/special memory area.
 171         *  @addr:  [IN ] Linear address to access.
 172         *  @old:   [IN ] Value expected to be current at @addr.
 173         *  @new:   [IN ] Value to write to @addr.
 174         *  @bytes: [IN ] Number of bytes to access using CMPXCHG.
 175         */
 176        int (*cmpxchg_emulated)(struct x86_emulate_ctxt *ctxt,
 177                                unsigned long addr,
 178                                const void *old,
 179                                const void *new,
 180                                unsigned int bytes,
 181                                struct x86_exception *fault);
 182        void (*invlpg)(struct x86_emulate_ctxt *ctxt, ulong addr);
 183
 184        int (*pio_in_emulated)(struct x86_emulate_ctxt *ctxt,
 185                               int size, unsigned short port, void *val,
 186                               unsigned int count);
 187
 188        int (*pio_out_emulated)(struct x86_emulate_ctxt *ctxt,
 189                                int size, unsigned short port, const void *val,
 190                                unsigned int count);
 191
 192        bool (*get_segment)(struct x86_emulate_ctxt *ctxt, u16 *selector,
 193                            struct desc_struct *desc, u32 *base3, int seg);
 194        void (*set_segment)(struct x86_emulate_ctxt *ctxt, u16 selector,
 195                            struct desc_struct *desc, u32 base3, int seg);
 196        unsigned long (*get_cached_segment_base)(struct x86_emulate_ctxt *ctxt,
 197                                                 int seg);
 198        void (*get_gdt)(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt);
 199        void (*get_idt)(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt);
 200        void (*set_gdt)(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt);
 201        void (*set_idt)(struct x86_emulate_ctxt *ctxt, struct desc_ptr *dt);
 202        ulong (*get_cr)(struct x86_emulate_ctxt *ctxt, int cr);
 203        int (*set_cr)(struct x86_emulate_ctxt *ctxt, int cr, ulong val);
 204        int (*cpl)(struct x86_emulate_ctxt *ctxt);
 205        int (*get_dr)(struct x86_emulate_ctxt *ctxt, int dr, ulong *dest);
 206        int (*set_dr)(struct x86_emulate_ctxt *ctxt, int dr, ulong value);
 207        u64 (*get_smbase)(struct x86_emulate_ctxt *ctxt);
 208        void (*set_smbase)(struct x86_emulate_ctxt *ctxt, u64 smbase);
 209        int (*set_msr)(struct x86_emulate_ctxt *ctxt, u32 msr_index, u64 data);
 210        int (*get_msr)(struct x86_emulate_ctxt *ctxt, u32 msr_index, u64 *pdata);
 211        int (*check_pmc)(struct x86_emulate_ctxt *ctxt, u32 pmc);
 212        int (*read_pmc)(struct x86_emulate_ctxt *ctxt, u32 pmc, u64 *pdata);
 213        void (*halt)(struct x86_emulate_ctxt *ctxt);
 214        void (*wbinvd)(struct x86_emulate_ctxt *ctxt);
 215        int (*fix_hypercall)(struct x86_emulate_ctxt *ctxt);
 216        void (*get_fpu)(struct x86_emulate_ctxt *ctxt); /* disables preempt */
 217        void (*put_fpu)(struct x86_emulate_ctxt *ctxt); /* reenables preempt */
 218        int (*intercept)(struct x86_emulate_ctxt *ctxt,
 219                         struct x86_instruction_info *info,
 220                         enum x86_intercept_stage stage);
 221
 222        void (*get_cpuid)(struct x86_emulate_ctxt *ctxt,
 223                          u32 *eax, u32 *ebx, u32 *ecx, u32 *edx);
 224        void (*set_nmi_mask)(struct x86_emulate_ctxt *ctxt, bool masked);
 225
 226        unsigned (*get_hflags)(struct x86_emulate_ctxt *ctxt);
 227        void (*set_hflags)(struct x86_emulate_ctxt *ctxt, unsigned hflags);
 228};
 229
 230typedef u32 __attribute__((vector_size(16))) sse128_t;
 231
 232/* Type, address-of, and value of an instruction's operand. */
 233struct operand {
 234        enum { OP_REG, OP_MEM, OP_MEM_STR, OP_IMM, OP_XMM, OP_MM, OP_NONE } type;
 235        unsigned int bytes;
 236        unsigned int count;
 237        union {
 238                unsigned long orig_val;
 239                u64 orig_val64;
 240        };
 241        union {
 242                unsigned long *reg;
 243                struct segmented_address {
 244                        ulong ea;
 245                        unsigned seg;
 246                } mem;
 247                unsigned xmm;
 248                unsigned mm;
 249        } addr;
 250        union {
 251                unsigned long val;
 252                u64 val64;
 253                char valptr[sizeof(sse128_t)];
 254                sse128_t vec_val;
 255                u64 mm_val;
 256                void *data;
 257        };
 258};
 259
 260struct fetch_cache {
 261        u8 data[15];
 262        u8 *ptr;
 263        u8 *end;
 264};
 265
 266struct read_cache {
 267        u8 data[1024];
 268        unsigned long pos;
 269        unsigned long end;
 270};
 271
 272/* Execution mode, passed to the emulator. */
 273enum x86emul_mode {
 274        X86EMUL_MODE_REAL,      /* Real mode.             */
 275        X86EMUL_MODE_VM86,      /* Virtual 8086 mode.     */
 276        X86EMUL_MODE_PROT16,    /* 16-bit protected mode. */
 277        X86EMUL_MODE_PROT32,    /* 32-bit protected mode. */
 278        X86EMUL_MODE_PROT64,    /* 64-bit (long) mode.    */
 279};
 280
 281/* These match some of the HF_* flags defined in kvm_host.h  */
 282#define X86EMUL_GUEST_MASK           (1 << 5) /* VCPU is in guest-mode */
 283#define X86EMUL_SMM_MASK             (1 << 6)
 284#define X86EMUL_SMM_INSIDE_NMI_MASK  (1 << 7)
 285
 286struct x86_emulate_ctxt {
 287        const struct x86_emulate_ops *ops;
 288
 289        /* Register state before/after emulation. */
 290        unsigned long eflags;
 291        unsigned long eip; /* eip before instruction emulation */
 292        /* Emulated execution mode, represented by an X86EMUL_MODE value. */
 293        enum x86emul_mode mode;
 294
 295        /* interruptibility state, as a result of execution of STI or MOV SS */
 296        int interruptibility;
 297
 298        bool perm_ok; /* do not check permissions if true */
 299        bool ud;        /* inject an #UD if host doesn't support insn */
 300        bool tf;        /* TF value before instruction (after for syscall/sysret) */
 301
 302        bool have_exception;
 303        struct x86_exception exception;
 304
 305        /*
 306         * decode cache
 307         */
 308
 309        /* current opcode length in bytes */
 310        u8 opcode_len;
 311        u8 b;
 312        u8 intercept;
 313        u8 op_bytes;
 314        u8 ad_bytes;
 315        struct operand src;
 316        struct operand src2;
 317        struct operand dst;
 318        int (*execute)(struct x86_emulate_ctxt *ctxt);
 319        int (*check_perm)(struct x86_emulate_ctxt *ctxt);
 320        /*
 321         * The following six fields are cleared together,
 322         * the rest are initialized unconditionally in x86_decode_insn
 323         * or elsewhere
 324         */
 325        bool rip_relative;
 326        u8 rex_prefix;
 327        u8 lock_prefix;
 328        u8 rep_prefix;
 329        /* bitmaps of registers in _regs[] that can be read */
 330        u32 regs_valid;
 331        /* bitmaps of registers in _regs[] that have been written */
 332        u32 regs_dirty;
 333        /* modrm */
 334        u8 modrm;
 335        u8 modrm_mod;
 336        u8 modrm_reg;
 337        u8 modrm_rm;
 338        u8 modrm_seg;
 339        u8 seg_override;
 340        u64 d;
 341        unsigned long _eip;
 342        struct operand memop;
 343        /* Fields above regs are cleared together. */
 344        unsigned long _regs[NR_VCPU_REGS];
 345        struct operand *memopp;
 346        struct fetch_cache fetch;
 347        struct read_cache io_read;
 348        struct read_cache mem_read;
 349};
 350
 351/* Repeat String Operation Prefix */
 352#define REPE_PREFIX     0xf3
 353#define REPNE_PREFIX    0xf2
 354
 355/* CPUID vendors */
 356#define X86EMUL_CPUID_VENDOR_AuthenticAMD_ebx 0x68747541
 357#define X86EMUL_CPUID_VENDOR_AuthenticAMD_ecx 0x444d4163
 358#define X86EMUL_CPUID_VENDOR_AuthenticAMD_edx 0x69746e65
 359
 360#define X86EMUL_CPUID_VENDOR_AMDisbetterI_ebx 0x69444d41
 361#define X86EMUL_CPUID_VENDOR_AMDisbetterI_ecx 0x21726574
 362#define X86EMUL_CPUID_VENDOR_AMDisbetterI_edx 0x74656273
 363
 364#define X86EMUL_CPUID_VENDOR_GenuineIntel_ebx 0x756e6547
 365#define X86EMUL_CPUID_VENDOR_GenuineIntel_ecx 0x6c65746e
 366#define X86EMUL_CPUID_VENDOR_GenuineIntel_edx 0x49656e69
 367
 368enum x86_intercept_stage {
 369        X86_ICTP_NONE = 0,   /* Allow zero-init to not match anything */
 370        X86_ICPT_PRE_EXCEPT,
 371        X86_ICPT_POST_EXCEPT,
 372        X86_ICPT_POST_MEMACCESS,
 373};
 374
 375enum x86_intercept {
 376        x86_intercept_none,
 377        x86_intercept_cr_read,
 378        x86_intercept_cr_write,
 379        x86_intercept_clts,
 380        x86_intercept_lmsw,
 381        x86_intercept_smsw,
 382        x86_intercept_dr_read,
 383        x86_intercept_dr_write,
 384        x86_intercept_lidt,
 385        x86_intercept_sidt,
 386        x86_intercept_lgdt,
 387        x86_intercept_sgdt,
 388        x86_intercept_lldt,
 389        x86_intercept_sldt,
 390        x86_intercept_ltr,
 391        x86_intercept_str,
 392        x86_intercept_rdtsc,
 393        x86_intercept_rdpmc,
 394        x86_intercept_pushf,
 395        x86_intercept_popf,
 396        x86_intercept_cpuid,
 397        x86_intercept_rsm,
 398        x86_intercept_iret,
 399        x86_intercept_intn,
 400        x86_intercept_invd,
 401        x86_intercept_pause,
 402        x86_intercept_hlt,
 403        x86_intercept_invlpg,
 404        x86_intercept_invlpga,
 405        x86_intercept_vmrun,
 406        x86_intercept_vmload,
 407        x86_intercept_vmsave,
 408        x86_intercept_vmmcall,
 409        x86_intercept_stgi,
 410        x86_intercept_clgi,
 411        x86_intercept_skinit,
 412        x86_intercept_rdtscp,
 413        x86_intercept_icebp,
 414        x86_intercept_wbinvd,
 415        x86_intercept_monitor,
 416        x86_intercept_mwait,
 417        x86_intercept_rdmsr,
 418        x86_intercept_wrmsr,
 419        x86_intercept_in,
 420        x86_intercept_ins,
 421        x86_intercept_out,
 422        x86_intercept_outs,
 423
 424        nr_x86_intercepts
 425};
 426
 427/* Host execution mode. */
 428#if defined(CONFIG_X86_32)
 429#define X86EMUL_MODE_HOST X86EMUL_MODE_PROT32
 430#elif defined(CONFIG_X86_64)
 431#define X86EMUL_MODE_HOST X86EMUL_MODE_PROT64
 432#endif
 433
 434int x86_decode_insn(struct x86_emulate_ctxt *ctxt, void *insn, int insn_len);
 435bool x86_page_table_writing_insn(struct x86_emulate_ctxt *ctxt);
 436#define EMULATION_FAILED -1
 437#define EMULATION_OK 0
 438#define EMULATION_RESTART 1
 439#define EMULATION_INTERCEPTED 2
 440void init_decode_cache(struct x86_emulate_ctxt *ctxt);
 441int x86_emulate_insn(struct x86_emulate_ctxt *ctxt);
 442int emulator_task_switch(struct x86_emulate_ctxt *ctxt,
 443                         u16 tss_selector, int idt_index, int reason,
 444                         bool has_error_code, u32 error_code);
 445int emulate_int_real(struct x86_emulate_ctxt *ctxt, int irq);
 446void emulator_invalidate_register_cache(struct x86_emulate_ctxt *ctxt);
 447void emulator_writeback_register_cache(struct x86_emulate_ctxt *ctxt);
 448bool emulator_can_use_gpa(struct x86_emulate_ctxt *ctxt);
 449
 450#endif /* _ASM_X86_KVM_X86_EMULATE_H */
 451