4 * Copyright (C) 2006-2008 Qumranet Technologies
5 * Copyright IBM, Corp. 2008
10 * This work is licensed under the terms of the GNU GPL, version 2 or later.
11 * See the COPYING file in the top-level directory.
15 #include <sys/types.h>
16 #include <sys/ioctl.h>
18 #include <sys/utsname.h>
20 #include <linux/kvm.h>
21 #include <linux/kvm_para.h>
23 #include "qemu-common.h"
29 #include "host-utils.h"
30 #include "qemu-config.h"
35 #include "hw/pci/pci.h"
40 #define DPRINTF(fmt, ...) \
41 do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
43 #define DPRINTF(fmt, ...) \
47 #define MSR_KVM_WALL_CLOCK 0x11
48 #define MSR_KVM_SYSTEM_TIME 0x12
51 #define BUS_MCEERR_AR 4
54 #define BUS_MCEERR_AO 5
57 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
58 KVM_CAP_INFO(SET_TSS_ADDR),
59 KVM_CAP_INFO(EXT_CPUID),
60 KVM_CAP_INFO(MP_STATE),
64 static bool has_msr_star;
65 static bool has_msr_hsave_pa;
66 static bool has_msr_tsc_deadline;
67 static bool has_msr_async_pf_en;
68 static bool has_msr_pv_eoi_en;
69 static bool has_msr_misc_enable;
70 static int lm_capable_kernel;
72 bool kvm_allows_irq0_override(void)
74 return !kvm_irqchip_in_kernel() || kvm_has_gsi_routing();
77 static struct kvm_cpuid2 *try_get_cpuid(KVMState *s, int max)
79 struct kvm_cpuid2 *cpuid;
82 size = sizeof(*cpuid) + max * sizeof(*cpuid->entries);
83 cpuid = (struct kvm_cpuid2 *)g_malloc0(size);
85 r = kvm_ioctl(s, KVM_GET_SUPPORTED_CPUID, cpuid);
86 if (r == 0 && cpuid->nent >= max) {
94 fprintf(stderr, "KVM_GET_SUPPORTED_CPUID failed: %s\n",
102 /* Run KVM_GET_SUPPORTED_CPUID ioctl(), allocating a buffer large enough
105 static struct kvm_cpuid2 *get_supported_cpuid(KVMState *s)
107 struct kvm_cpuid2 *cpuid;
109 while ((cpuid = try_get_cpuid(s, max)) == NULL) {
115 struct kvm_para_features {
118 } para_features[] = {
119 { KVM_CAP_CLOCKSOURCE, KVM_FEATURE_CLOCKSOURCE },
120 { KVM_CAP_NOP_IO_DELAY, KVM_FEATURE_NOP_IO_DELAY },
121 { KVM_CAP_PV_MMU, KVM_FEATURE_MMU_OP },
122 { KVM_CAP_ASYNC_PF, KVM_FEATURE_ASYNC_PF },
126 static int get_para_features(KVMState *s)
130 for (i = 0; i < ARRAY_SIZE(para_features) - 1; i++) {
131 if (kvm_check_extension(s, para_features[i].cap)) {
132 features |= (1 << para_features[i].feature);
140 /* Returns the value for a specific register on the cpuid entry
142 static uint32_t cpuid_entry_get_reg(struct kvm_cpuid_entry2 *entry, int reg)
162 /* Find matching entry for function/index on kvm_cpuid2 struct
164 static struct kvm_cpuid_entry2 *cpuid_find_entry(struct kvm_cpuid2 *cpuid,
169 for (i = 0; i < cpuid->nent; ++i) {
170 if (cpuid->entries[i].function == function &&
171 cpuid->entries[i].index == index) {
172 return &cpuid->entries[i];
179 uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
180 uint32_t index, int reg)
182 struct kvm_cpuid2 *cpuid;
184 uint32_t cpuid_1_edx;
187 cpuid = get_supported_cpuid(s);
189 struct kvm_cpuid_entry2 *entry = cpuid_find_entry(cpuid, function, index);
192 ret = cpuid_entry_get_reg(entry, reg);
195 /* Fixups for the data returned by KVM, below */
197 if (function == 1 && reg == R_EDX) {
198 /* KVM before 2.6.30 misreports the following features */
199 ret |= CPUID_MTRR | CPUID_PAT | CPUID_MCE | CPUID_MCA;
200 } else if (function == 1 && reg == R_ECX) {
201 /* We can set the hypervisor flag, even if KVM does not return it on
202 * GET_SUPPORTED_CPUID
204 ret |= CPUID_EXT_HYPERVISOR;
205 /* tsc-deadline flag is not returned by GET_SUPPORTED_CPUID, but it
206 * can be enabled if the kernel has KVM_CAP_TSC_DEADLINE_TIMER,
207 * and the irqchip is in the kernel.
209 if (kvm_irqchip_in_kernel() &&
210 kvm_check_extension(s, KVM_CAP_TSC_DEADLINE_TIMER)) {
211 ret |= CPUID_EXT_TSC_DEADLINE_TIMER;
214 /* x2apic is reported by GET_SUPPORTED_CPUID, but it can't be enabled
215 * without the in-kernel irqchip
217 if (!kvm_irqchip_in_kernel()) {
218 ret &= ~CPUID_EXT_X2APIC;
220 } else if (function == 0x80000001 && reg == R_EDX) {
221 /* On Intel, kvm returns cpuid according to the Intel spec,
222 * so add missing bits according to the AMD spec:
224 cpuid_1_edx = kvm_arch_get_supported_cpuid(s, 1, 0, R_EDX);
225 ret |= cpuid_1_edx & CPUID_EXT2_AMD_ALIASES;
230 /* fallback for older kernels */
231 if ((function == KVM_CPUID_FEATURES) && !found) {
232 ret = get_para_features(s);
238 typedef struct HWPoisonPage {
240 QLIST_ENTRY(HWPoisonPage) list;
243 static QLIST_HEAD(, HWPoisonPage) hwpoison_page_list =
244 QLIST_HEAD_INITIALIZER(hwpoison_page_list);
246 static void kvm_unpoison_all(void *param)
248 HWPoisonPage *page, *next_page;
250 QLIST_FOREACH_SAFE(page, &hwpoison_page_list, list, next_page) {
251 QLIST_REMOVE(page, list);
252 qemu_ram_remap(page->ram_addr, TARGET_PAGE_SIZE);
257 static void kvm_hwpoison_page_add(ram_addr_t ram_addr)
261 QLIST_FOREACH(page, &hwpoison_page_list, list) {
262 if (page->ram_addr == ram_addr) {
266 page = g_malloc(sizeof(HWPoisonPage));
267 page->ram_addr = ram_addr;
268 QLIST_INSERT_HEAD(&hwpoison_page_list, page, list);
271 static int kvm_get_mce_cap_supported(KVMState *s, uint64_t *mce_cap,
276 r = kvm_check_extension(s, KVM_CAP_MCE);
279 return kvm_ioctl(s, KVM_X86_GET_MCE_CAP_SUPPORTED, mce_cap);
284 static void kvm_mce_inject(X86CPU *cpu, hwaddr paddr, int code)
286 CPUX86State *env = &cpu->env;
287 uint64_t status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN |
288 MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S;
289 uint64_t mcg_status = MCG_STATUS_MCIP;
291 if (code == BUS_MCEERR_AR) {
292 status |= MCI_STATUS_AR | 0x134;
293 mcg_status |= MCG_STATUS_EIPV;
296 mcg_status |= MCG_STATUS_RIPV;
298 cpu_x86_inject_mce(NULL, cpu, 9, status, mcg_status, paddr,
299 (MCM_ADDR_PHYS << 6) | 0xc,
300 cpu_x86_support_mca_broadcast(env) ?
301 MCE_INJECT_BROADCAST : 0);
304 static void hardware_memory_error(void)
306 fprintf(stderr, "Hardware memory error!\n");
310 int kvm_arch_on_sigbus_vcpu(CPUX86State *env, int code, void *addr)
312 X86CPU *cpu = x86_env_get_cpu(env);
316 if ((env->mcg_cap & MCG_SER_P) && addr
317 && (code == BUS_MCEERR_AR || code == BUS_MCEERR_AO)) {
318 if (qemu_ram_addr_from_host(addr, &ram_addr) ||
319 !kvm_physical_memory_addr_from_host(env->kvm_state, addr, &paddr)) {
320 fprintf(stderr, "Hardware memory error for memory used by "
321 "QEMU itself instead of guest system!\n");
322 /* Hope we are lucky for AO MCE */
323 if (code == BUS_MCEERR_AO) {
326 hardware_memory_error();
329 kvm_hwpoison_page_add(ram_addr);
330 kvm_mce_inject(cpu, paddr, code);
332 if (code == BUS_MCEERR_AO) {
334 } else if (code == BUS_MCEERR_AR) {
335 hardware_memory_error();
343 int kvm_arch_on_sigbus(int code, void *addr)
345 if ((first_cpu->mcg_cap & MCG_SER_P) && addr && code == BUS_MCEERR_AO) {
349 /* Hope we are lucky for AO MCE */
350 if (qemu_ram_addr_from_host(addr, &ram_addr) ||
351 !kvm_physical_memory_addr_from_host(first_cpu->kvm_state, addr,
353 fprintf(stderr, "Hardware memory error for memory used by "
354 "QEMU itself instead of guest system!: %p\n", addr);
357 kvm_hwpoison_page_add(ram_addr);
358 kvm_mce_inject(x86_env_get_cpu(first_cpu), paddr, code);
360 if (code == BUS_MCEERR_AO) {
362 } else if (code == BUS_MCEERR_AR) {
363 hardware_memory_error();
371 static int kvm_inject_mce_oldstyle(CPUX86State *env)
373 if (!kvm_has_vcpu_events() && env->exception_injected == EXCP12_MCHK) {
374 unsigned int bank, bank_num = env->mcg_cap & 0xff;
375 struct kvm_x86_mce mce;
377 env->exception_injected = -1;
380 * There must be at least one bank in use if an MCE is pending.
381 * Find it and use its values for the event injection.
383 for (bank = 0; bank < bank_num; bank++) {
384 if (env->mce_banks[bank * 4 + 1] & MCI_STATUS_VAL) {
388 assert(bank < bank_num);
391 mce.status = env->mce_banks[bank * 4 + 1];
392 mce.mcg_status = env->mcg_status;
393 mce.addr = env->mce_banks[bank * 4 + 2];
394 mce.misc = env->mce_banks[bank * 4 + 3];
396 return kvm_vcpu_ioctl(env, KVM_X86_SET_MCE, &mce);
401 static void cpu_update_state(void *opaque, int running, RunState state)
403 CPUX86State *env = opaque;
406 env->tsc_valid = false;
410 int kvm_arch_init_vcpu(CPUX86State *env)
413 struct kvm_cpuid2 cpuid;
414 struct kvm_cpuid_entry2 entries[100];
415 } QEMU_PACKED cpuid_data;
416 uint32_t limit, i, j, cpuid_i;
418 struct kvm_cpuid_entry2 *c;
419 uint32_t signature[3];
424 /* Paravirtualization CPUIDs */
425 c = &cpuid_data.entries[cpuid_i++];
426 memset(c, 0, sizeof(*c));
427 c->function = KVM_CPUID_SIGNATURE;
428 if (!hyperv_enabled()) {
429 memcpy(signature, "KVMKVMKVM\0\0\0", 12);
432 memcpy(signature, "Microsoft Hv", 12);
433 c->eax = HYPERV_CPUID_MIN;
435 c->ebx = signature[0];
436 c->ecx = signature[1];
437 c->edx = signature[2];
439 c = &cpuid_data.entries[cpuid_i++];
440 memset(c, 0, sizeof(*c));
441 c->function = KVM_CPUID_FEATURES;
442 c->eax = env->cpuid_kvm_features;
444 if (hyperv_enabled()) {
445 memcpy(signature, "Hv#1\0\0\0\0\0\0\0\0", 12);
446 c->eax = signature[0];
448 c = &cpuid_data.entries[cpuid_i++];
449 memset(c, 0, sizeof(*c));
450 c->function = HYPERV_CPUID_VERSION;
454 c = &cpuid_data.entries[cpuid_i++];
455 memset(c, 0, sizeof(*c));
456 c->function = HYPERV_CPUID_FEATURES;
457 if (hyperv_relaxed_timing_enabled()) {
458 c->eax |= HV_X64_MSR_HYPERCALL_AVAILABLE;
460 if (hyperv_vapic_recommended()) {
461 c->eax |= HV_X64_MSR_HYPERCALL_AVAILABLE;
462 c->eax |= HV_X64_MSR_APIC_ACCESS_AVAILABLE;
465 c = &cpuid_data.entries[cpuid_i++];
466 memset(c, 0, sizeof(*c));
467 c->function = HYPERV_CPUID_ENLIGHTMENT_INFO;
468 if (hyperv_relaxed_timing_enabled()) {
469 c->eax |= HV_X64_RELAXED_TIMING_RECOMMENDED;
471 if (hyperv_vapic_recommended()) {
472 c->eax |= HV_X64_APIC_ACCESS_RECOMMENDED;
474 c->ebx = hyperv_get_spinlock_retries();
476 c = &cpuid_data.entries[cpuid_i++];
477 memset(c, 0, sizeof(*c));
478 c->function = HYPERV_CPUID_IMPLEMENT_LIMITS;
482 c = &cpuid_data.entries[cpuid_i++];
483 memset(c, 0, sizeof(*c));
484 c->function = KVM_CPUID_SIGNATURE_NEXT;
485 memcpy(signature, "KVMKVMKVM\0\0\0", 12);
487 c->ebx = signature[0];
488 c->ecx = signature[1];
489 c->edx = signature[2];
492 has_msr_async_pf_en = c->eax & (1 << KVM_FEATURE_ASYNC_PF);
494 has_msr_pv_eoi_en = c->eax & (1 << KVM_FEATURE_PV_EOI);
496 cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused);
498 for (i = 0; i <= limit; i++) {
499 c = &cpuid_data.entries[cpuid_i++];
503 /* Keep reading function 2 till all the input is received */
507 c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC |
508 KVM_CPUID_FLAG_STATE_READ_NEXT;
509 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
510 times = c->eax & 0xff;
512 for (j = 1; j < times; ++j) {
513 c = &cpuid_data.entries[cpuid_i++];
515 c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC;
516 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
524 if (i == 0xd && j == 64) {
528 c->flags = KVM_CPUID_FLAG_SIGNIFCANT_INDEX;
530 cpu_x86_cpuid(env, i, j, &c->eax, &c->ebx, &c->ecx, &c->edx);
532 if (i == 4 && c->eax == 0) {
535 if (i == 0xb && !(c->ecx & 0xff00)) {
538 if (i == 0xd && c->eax == 0) {
541 c = &cpuid_data.entries[cpuid_i++];
547 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
551 cpu_x86_cpuid(env, 0x80000000, 0, &limit, &unused, &unused, &unused);
553 for (i = 0x80000000; i <= limit; i++) {
554 c = &cpuid_data.entries[cpuid_i++];
558 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
561 /* Call Centaur's CPUID instructions they are supported. */
562 if (env->cpuid_xlevel2 > 0) {
563 cpu_x86_cpuid(env, 0xC0000000, 0, &limit, &unused, &unused, &unused);
565 for (i = 0xC0000000; i <= limit; i++) {
566 c = &cpuid_data.entries[cpuid_i++];
570 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
574 cpuid_data.cpuid.nent = cpuid_i;
576 if (((env->cpuid_version >> 8)&0xF) >= 6
577 && (env->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)
578 && kvm_check_extension(env->kvm_state, KVM_CAP_MCE) > 0) {
583 ret = kvm_get_mce_cap_supported(env->kvm_state, &mcg_cap, &banks);
585 fprintf(stderr, "kvm_get_mce_cap_supported: %s", strerror(-ret));
589 if (banks > MCE_BANKS_DEF) {
590 banks = MCE_BANKS_DEF;
592 mcg_cap &= MCE_CAP_DEF;
594 ret = kvm_vcpu_ioctl(env, KVM_X86_SETUP_MCE, &mcg_cap);
596 fprintf(stderr, "KVM_X86_SETUP_MCE: %s", strerror(-ret));
600 env->mcg_cap = mcg_cap;
603 qemu_add_vm_change_state_handler(cpu_update_state, env);
605 cpuid_data.cpuid.padding = 0;
606 r = kvm_vcpu_ioctl(env, KVM_SET_CPUID2, &cpuid_data);
611 r = kvm_check_extension(env->kvm_state, KVM_CAP_TSC_CONTROL);
612 if (r && env->tsc_khz) {
613 r = kvm_vcpu_ioctl(env, KVM_SET_TSC_KHZ, env->tsc_khz);
615 fprintf(stderr, "KVM_SET_TSC_KHZ failed\n");
620 if (kvm_has_xsave()) {
621 env->kvm_xsave_buf = qemu_memalign(4096, sizeof(struct kvm_xsave));
627 void kvm_arch_reset_vcpu(CPUX86State *env)
629 X86CPU *cpu = x86_env_get_cpu(env);
631 env->exception_injected = -1;
632 env->interrupt_injected = -1;
634 if (kvm_irqchip_in_kernel()) {
635 env->mp_state = cpu_is_bsp(cpu) ? KVM_MP_STATE_RUNNABLE :
636 KVM_MP_STATE_UNINITIALIZED;
638 env->mp_state = KVM_MP_STATE_RUNNABLE;
642 static int kvm_get_supported_msrs(KVMState *s)
644 static int kvm_supported_msrs;
648 if (kvm_supported_msrs == 0) {
649 struct kvm_msr_list msr_list, *kvm_msr_list;
651 kvm_supported_msrs = -1;
653 /* Obtain MSR list from KVM. These are the MSRs that we must
656 ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, &msr_list);
657 if (ret < 0 && ret != -E2BIG) {
660 /* Old kernel modules had a bug and could write beyond the provided
661 memory. Allocate at least a safe amount of 1K. */
662 kvm_msr_list = g_malloc0(MAX(1024, sizeof(msr_list) +
664 sizeof(msr_list.indices[0])));
666 kvm_msr_list->nmsrs = msr_list.nmsrs;
667 ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, kvm_msr_list);
671 for (i = 0; i < kvm_msr_list->nmsrs; i++) {
672 if (kvm_msr_list->indices[i] == MSR_STAR) {
676 if (kvm_msr_list->indices[i] == MSR_VM_HSAVE_PA) {
677 has_msr_hsave_pa = true;
680 if (kvm_msr_list->indices[i] == MSR_IA32_TSCDEADLINE) {
681 has_msr_tsc_deadline = true;
684 if (kvm_msr_list->indices[i] == MSR_IA32_MISC_ENABLE) {
685 has_msr_misc_enable = true;
691 g_free(kvm_msr_list);
697 int kvm_arch_init(KVMState *s)
699 QemuOptsList *list = qemu_find_opts("machine");
700 uint64_t identity_base = 0xfffbc000;
703 struct utsname utsname;
705 ret = kvm_get_supported_msrs(s);
711 lm_capable_kernel = strcmp(utsname.machine, "x86_64") == 0;
714 * On older Intel CPUs, KVM uses vm86 mode to emulate 16-bit code directly.
715 * In order to use vm86 mode, an EPT identity map and a TSS are needed.
716 * Since these must be part of guest physical memory, we need to allocate
717 * them, both by setting their start addresses in the kernel and by
718 * creating a corresponding e820 entry. We need 4 pages before the BIOS.
720 * Older KVM versions may not support setting the identity map base. In
721 * that case we need to stick with the default, i.e. a 256K maximum BIOS
724 if (kvm_check_extension(s, KVM_CAP_SET_IDENTITY_MAP_ADDR)) {
725 /* Allows up to 16M BIOSes. */
726 identity_base = 0xfeffc000;
728 ret = kvm_vm_ioctl(s, KVM_SET_IDENTITY_MAP_ADDR, &identity_base);
734 /* Set TSS base one page after EPT identity map. */
735 ret = kvm_vm_ioctl(s, KVM_SET_TSS_ADDR, identity_base + 0x1000);
740 /* Tell fw_cfg to notify the BIOS to reserve the range. */
741 ret = e820_add_entry(identity_base, 0x4000, E820_RESERVED);
743 fprintf(stderr, "e820_add_entry() table is full\n");
746 qemu_register_reset(kvm_unpoison_all, NULL);
748 if (!QTAILQ_EMPTY(&list->head)) {
749 shadow_mem = qemu_opt_get_size(QTAILQ_FIRST(&list->head),
750 "kvm_shadow_mem", -1);
751 if (shadow_mem != -1) {
753 ret = kvm_vm_ioctl(s, KVM_SET_NR_MMU_PAGES, shadow_mem);
762 static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
764 lhs->selector = rhs->selector;
765 lhs->base = rhs->base;
766 lhs->limit = rhs->limit;
778 static void set_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
780 unsigned flags = rhs->flags;
781 lhs->selector = rhs->selector;
782 lhs->base = rhs->base;
783 lhs->limit = rhs->limit;
784 lhs->type = (flags >> DESC_TYPE_SHIFT) & 15;
785 lhs->present = (flags & DESC_P_MASK) != 0;
786 lhs->dpl = (flags >> DESC_DPL_SHIFT) & 3;
787 lhs->db = (flags >> DESC_B_SHIFT) & 1;
788 lhs->s = (flags & DESC_S_MASK) != 0;
789 lhs->l = (flags >> DESC_L_SHIFT) & 1;
790 lhs->g = (flags & DESC_G_MASK) != 0;
791 lhs->avl = (flags & DESC_AVL_MASK) != 0;
796 static void get_seg(SegmentCache *lhs, const struct kvm_segment *rhs)
798 lhs->selector = rhs->selector;
799 lhs->base = rhs->base;
800 lhs->limit = rhs->limit;
801 lhs->flags = (rhs->type << DESC_TYPE_SHIFT) |
802 (rhs->present * DESC_P_MASK) |
803 (rhs->dpl << DESC_DPL_SHIFT) |
804 (rhs->db << DESC_B_SHIFT) |
805 (rhs->s * DESC_S_MASK) |
806 (rhs->l << DESC_L_SHIFT) |
807 (rhs->g * DESC_G_MASK) |
808 (rhs->avl * DESC_AVL_MASK);
811 static void kvm_getput_reg(__u64 *kvm_reg, target_ulong *qemu_reg, int set)
814 *kvm_reg = *qemu_reg;
816 *qemu_reg = *kvm_reg;
820 static int kvm_getput_regs(CPUX86State *env, int set)
822 struct kvm_regs regs;
826 ret = kvm_vcpu_ioctl(env, KVM_GET_REGS, ®s);
832 kvm_getput_reg(®s.rax, &env->regs[R_EAX], set);
833 kvm_getput_reg(®s.rbx, &env->regs[R_EBX], set);
834 kvm_getput_reg(®s.rcx, &env->regs[R_ECX], set);
835 kvm_getput_reg(®s.rdx, &env->regs[R_EDX], set);
836 kvm_getput_reg(®s.rsi, &env->regs[R_ESI], set);
837 kvm_getput_reg(®s.rdi, &env->regs[R_EDI], set);
838 kvm_getput_reg(®s.rsp, &env->regs[R_ESP], set);
839 kvm_getput_reg(®s.rbp, &env->regs[R_EBP], set);
841 kvm_getput_reg(®s.r8, &env->regs[8], set);
842 kvm_getput_reg(®s.r9, &env->regs[9], set);
843 kvm_getput_reg(®s.r10, &env->regs[10], set);
844 kvm_getput_reg(®s.r11, &env->regs[11], set);
845 kvm_getput_reg(®s.r12, &env->regs[12], set);
846 kvm_getput_reg(®s.r13, &env->regs[13], set);
847 kvm_getput_reg(®s.r14, &env->regs[14], set);
848 kvm_getput_reg(®s.r15, &env->regs[15], set);
851 kvm_getput_reg(®s.rflags, &env->eflags, set);
852 kvm_getput_reg(®s.rip, &env->eip, set);
855 ret = kvm_vcpu_ioctl(env, KVM_SET_REGS, ®s);
861 static int kvm_put_fpu(CPUX86State *env)
866 memset(&fpu, 0, sizeof fpu);
867 fpu.fsw = env->fpus & ~(7 << 11);
868 fpu.fsw |= (env->fpstt & 7) << 11;
870 fpu.last_opcode = env->fpop;
871 fpu.last_ip = env->fpip;
872 fpu.last_dp = env->fpdp;
873 for (i = 0; i < 8; ++i) {
874 fpu.ftwx |= (!env->fptags[i]) << i;
876 memcpy(fpu.fpr, env->fpregs, sizeof env->fpregs);
877 memcpy(fpu.xmm, env->xmm_regs, sizeof env->xmm_regs);
878 fpu.mxcsr = env->mxcsr;
880 return kvm_vcpu_ioctl(env, KVM_SET_FPU, &fpu);
883 #define XSAVE_FCW_FSW 0
884 #define XSAVE_FTW_FOP 1
885 #define XSAVE_CWD_RIP 2
886 #define XSAVE_CWD_RDP 4
887 #define XSAVE_MXCSR 6
888 #define XSAVE_ST_SPACE 8
889 #define XSAVE_XMM_SPACE 40
890 #define XSAVE_XSTATE_BV 128
891 #define XSAVE_YMMH_SPACE 144
893 static int kvm_put_xsave(CPUX86State *env)
895 struct kvm_xsave* xsave = env->kvm_xsave_buf;
896 uint16_t cwd, swd, twd;
899 if (!kvm_has_xsave()) {
900 return kvm_put_fpu(env);
903 memset(xsave, 0, sizeof(struct kvm_xsave));
905 swd = env->fpus & ~(7 << 11);
906 swd |= (env->fpstt & 7) << 11;
908 for (i = 0; i < 8; ++i) {
909 twd |= (!env->fptags[i]) << i;
911 xsave->region[XSAVE_FCW_FSW] = (uint32_t)(swd << 16) + cwd;
912 xsave->region[XSAVE_FTW_FOP] = (uint32_t)(env->fpop << 16) + twd;
913 memcpy(&xsave->region[XSAVE_CWD_RIP], &env->fpip, sizeof(env->fpip));
914 memcpy(&xsave->region[XSAVE_CWD_RDP], &env->fpdp, sizeof(env->fpdp));
915 memcpy(&xsave->region[XSAVE_ST_SPACE], env->fpregs,
917 memcpy(&xsave->region[XSAVE_XMM_SPACE], env->xmm_regs,
918 sizeof env->xmm_regs);
919 xsave->region[XSAVE_MXCSR] = env->mxcsr;
920 *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV] = env->xstate_bv;
921 memcpy(&xsave->region[XSAVE_YMMH_SPACE], env->ymmh_regs,
922 sizeof env->ymmh_regs);
923 r = kvm_vcpu_ioctl(env, KVM_SET_XSAVE, xsave);
927 static int kvm_put_xcrs(CPUX86State *env)
929 struct kvm_xcrs xcrs;
931 if (!kvm_has_xcrs()) {
937 xcrs.xcrs[0].xcr = 0;
938 xcrs.xcrs[0].value = env->xcr0;
939 return kvm_vcpu_ioctl(env, KVM_SET_XCRS, &xcrs);
942 static int kvm_put_sregs(CPUX86State *env)
944 struct kvm_sregs sregs;
946 memset(sregs.interrupt_bitmap, 0, sizeof(sregs.interrupt_bitmap));
947 if (env->interrupt_injected >= 0) {
948 sregs.interrupt_bitmap[env->interrupt_injected / 64] |=
949 (uint64_t)1 << (env->interrupt_injected % 64);
952 if ((env->eflags & VM_MASK)) {
953 set_v8086_seg(&sregs.cs, &env->segs[R_CS]);
954 set_v8086_seg(&sregs.ds, &env->segs[R_DS]);
955 set_v8086_seg(&sregs.es, &env->segs[R_ES]);
956 set_v8086_seg(&sregs.fs, &env->segs[R_FS]);
957 set_v8086_seg(&sregs.gs, &env->segs[R_GS]);
958 set_v8086_seg(&sregs.ss, &env->segs[R_SS]);
960 set_seg(&sregs.cs, &env->segs[R_CS]);
961 set_seg(&sregs.ds, &env->segs[R_DS]);
962 set_seg(&sregs.es, &env->segs[R_ES]);
963 set_seg(&sregs.fs, &env->segs[R_FS]);
964 set_seg(&sregs.gs, &env->segs[R_GS]);
965 set_seg(&sregs.ss, &env->segs[R_SS]);
968 set_seg(&sregs.tr, &env->tr);
969 set_seg(&sregs.ldt, &env->ldt);
971 sregs.idt.limit = env->idt.limit;
972 sregs.idt.base = env->idt.base;
973 memset(sregs.idt.padding, 0, sizeof sregs.idt.padding);
974 sregs.gdt.limit = env->gdt.limit;
975 sregs.gdt.base = env->gdt.base;
976 memset(sregs.gdt.padding, 0, sizeof sregs.gdt.padding);
978 sregs.cr0 = env->cr[0];
979 sregs.cr2 = env->cr[2];
980 sregs.cr3 = env->cr[3];
981 sregs.cr4 = env->cr[4];
983 sregs.cr8 = cpu_get_apic_tpr(env->apic_state);
984 sregs.apic_base = cpu_get_apic_base(env->apic_state);
986 sregs.efer = env->efer;
988 return kvm_vcpu_ioctl(env, KVM_SET_SREGS, &sregs);
991 static void kvm_msr_entry_set(struct kvm_msr_entry *entry,
992 uint32_t index, uint64_t value)
994 entry->index = index;
998 static int kvm_put_msrs(CPUX86State *env, int level)
1001 struct kvm_msrs info;
1002 struct kvm_msr_entry entries[100];
1004 struct kvm_msr_entry *msrs = msr_data.entries;
1007 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
1008 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
1009 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_EIP, env->sysenter_eip);
1010 kvm_msr_entry_set(&msrs[n++], MSR_PAT, env->pat);
1012 kvm_msr_entry_set(&msrs[n++], MSR_STAR, env->star);
1014 if (has_msr_hsave_pa) {
1015 kvm_msr_entry_set(&msrs[n++], MSR_VM_HSAVE_PA, env->vm_hsave);
1017 if (has_msr_tsc_deadline) {
1018 kvm_msr_entry_set(&msrs[n++], MSR_IA32_TSCDEADLINE, env->tsc_deadline);
1020 if (has_msr_misc_enable) {
1021 kvm_msr_entry_set(&msrs[n++], MSR_IA32_MISC_ENABLE,
1022 env->msr_ia32_misc_enable);
1024 #ifdef TARGET_X86_64
1025 if (lm_capable_kernel) {
1026 kvm_msr_entry_set(&msrs[n++], MSR_CSTAR, env->cstar);
1027 kvm_msr_entry_set(&msrs[n++], MSR_KERNELGSBASE, env->kernelgsbase);
1028 kvm_msr_entry_set(&msrs[n++], MSR_FMASK, env->fmask);
1029 kvm_msr_entry_set(&msrs[n++], MSR_LSTAR, env->lstar);
1032 if (level == KVM_PUT_FULL_STATE) {
1034 * KVM is yet unable to synchronize TSC values of multiple VCPUs on
1035 * writeback. Until this is fixed, we only write the offset to SMP
1036 * guests after migration, desynchronizing the VCPUs, but avoiding
1037 * huge jump-backs that would occur without any writeback at all.
1039 if (smp_cpus == 1 || env->tsc != 0) {
1040 kvm_msr_entry_set(&msrs[n++], MSR_IA32_TSC, env->tsc);
1044 * The following paravirtual MSRs have side effects on the guest or are
1045 * too heavy for normal writeback. Limit them to reset or full state
1048 if (level >= KVM_PUT_RESET_STATE) {
1049 kvm_msr_entry_set(&msrs[n++], MSR_KVM_SYSTEM_TIME,
1050 env->system_time_msr);
1051 kvm_msr_entry_set(&msrs[n++], MSR_KVM_WALL_CLOCK, env->wall_clock_msr);
1052 if (has_msr_async_pf_en) {
1053 kvm_msr_entry_set(&msrs[n++], MSR_KVM_ASYNC_PF_EN,
1054 env->async_pf_en_msr);
1056 if (has_msr_pv_eoi_en) {
1057 kvm_msr_entry_set(&msrs[n++], MSR_KVM_PV_EOI_EN,
1058 env->pv_eoi_en_msr);
1060 if (hyperv_hypercall_available()) {
1061 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_GUEST_OS_ID, 0);
1062 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_HYPERCALL, 0);
1064 if (hyperv_vapic_recommended()) {
1065 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_APIC_ASSIST_PAGE, 0);
1071 kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
1072 kvm_msr_entry_set(&msrs[n++], MSR_MCG_CTL, env->mcg_ctl);
1073 for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++) {
1074 kvm_msr_entry_set(&msrs[n++], MSR_MC0_CTL + i, env->mce_banks[i]);
1078 msr_data.info.nmsrs = n;
1080 return kvm_vcpu_ioctl(env, KVM_SET_MSRS, &msr_data);
1085 static int kvm_get_fpu(CPUX86State *env)
1090 ret = kvm_vcpu_ioctl(env, KVM_GET_FPU, &fpu);
1095 env->fpstt = (fpu.fsw >> 11) & 7;
1096 env->fpus = fpu.fsw;
1097 env->fpuc = fpu.fcw;
1098 env->fpop = fpu.last_opcode;
1099 env->fpip = fpu.last_ip;
1100 env->fpdp = fpu.last_dp;
1101 for (i = 0; i < 8; ++i) {
1102 env->fptags[i] = !((fpu.ftwx >> i) & 1);
1104 memcpy(env->fpregs, fpu.fpr, sizeof env->fpregs);
1105 memcpy(env->xmm_regs, fpu.xmm, sizeof env->xmm_regs);
1106 env->mxcsr = fpu.mxcsr;
1111 static int kvm_get_xsave(CPUX86State *env)
1113 struct kvm_xsave* xsave = env->kvm_xsave_buf;
1115 uint16_t cwd, swd, twd;
1117 if (!kvm_has_xsave()) {
1118 return kvm_get_fpu(env);
1121 ret = kvm_vcpu_ioctl(env, KVM_GET_XSAVE, xsave);
1126 cwd = (uint16_t)xsave->region[XSAVE_FCW_FSW];
1127 swd = (uint16_t)(xsave->region[XSAVE_FCW_FSW] >> 16);
1128 twd = (uint16_t)xsave->region[XSAVE_FTW_FOP];
1129 env->fpop = (uint16_t)(xsave->region[XSAVE_FTW_FOP] >> 16);
1130 env->fpstt = (swd >> 11) & 7;
1133 for (i = 0; i < 8; ++i) {
1134 env->fptags[i] = !((twd >> i) & 1);
1136 memcpy(&env->fpip, &xsave->region[XSAVE_CWD_RIP], sizeof(env->fpip));
1137 memcpy(&env->fpdp, &xsave->region[XSAVE_CWD_RDP], sizeof(env->fpdp));
1138 env->mxcsr = xsave->region[XSAVE_MXCSR];
1139 memcpy(env->fpregs, &xsave->region[XSAVE_ST_SPACE],
1140 sizeof env->fpregs);
1141 memcpy(env->xmm_regs, &xsave->region[XSAVE_XMM_SPACE],
1142 sizeof env->xmm_regs);
1143 env->xstate_bv = *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV];
1144 memcpy(env->ymmh_regs, &xsave->region[XSAVE_YMMH_SPACE],
1145 sizeof env->ymmh_regs);
1149 static int kvm_get_xcrs(CPUX86State *env)
1152 struct kvm_xcrs xcrs;
1154 if (!kvm_has_xcrs()) {
1158 ret = kvm_vcpu_ioctl(env, KVM_GET_XCRS, &xcrs);
1163 for (i = 0; i < xcrs.nr_xcrs; i++) {
1164 /* Only support xcr0 now */
1165 if (xcrs.xcrs[0].xcr == 0) {
1166 env->xcr0 = xcrs.xcrs[0].value;
1173 static int kvm_get_sregs(CPUX86State *env)
1175 struct kvm_sregs sregs;
1179 ret = kvm_vcpu_ioctl(env, KVM_GET_SREGS, &sregs);
1184 /* There can only be one pending IRQ set in the bitmap at a time, so try
1185 to find it and save its number instead (-1 for none). */
1186 env->interrupt_injected = -1;
1187 for (i = 0; i < ARRAY_SIZE(sregs.interrupt_bitmap); i++) {
1188 if (sregs.interrupt_bitmap[i]) {
1189 bit = ctz64(sregs.interrupt_bitmap[i]);
1190 env->interrupt_injected = i * 64 + bit;
1195 get_seg(&env->segs[R_CS], &sregs.cs);
1196 get_seg(&env->segs[R_DS], &sregs.ds);
1197 get_seg(&env->segs[R_ES], &sregs.es);
1198 get_seg(&env->segs[R_FS], &sregs.fs);
1199 get_seg(&env->segs[R_GS], &sregs.gs);
1200 get_seg(&env->segs[R_SS], &sregs.ss);
1202 get_seg(&env->tr, &sregs.tr);
1203 get_seg(&env->ldt, &sregs.ldt);
1205 env->idt.limit = sregs.idt.limit;
1206 env->idt.base = sregs.idt.base;
1207 env->gdt.limit = sregs.gdt.limit;
1208 env->gdt.base = sregs.gdt.base;
1210 env->cr[0] = sregs.cr0;
1211 env->cr[2] = sregs.cr2;
1212 env->cr[3] = sregs.cr3;
1213 env->cr[4] = sregs.cr4;
1215 env->efer = sregs.efer;
1217 /* changes to apic base and cr8/tpr are read back via kvm_arch_post_run */
1219 #define HFLAG_COPY_MASK \
1220 ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
1221 HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
1222 HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
1223 HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
1225 hflags = (env->segs[R_CS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
1226 hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
1227 hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
1228 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
1229 hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
1230 hflags |= (env->cr[4] & CR4_OSFXSR_MASK) <<
1231 (HF_OSFXSR_SHIFT - CR4_OSFXSR_SHIFT);
1233 if (env->efer & MSR_EFER_LMA) {
1234 hflags |= HF_LMA_MASK;
1237 if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
1238 hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
1240 hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
1241 (DESC_B_SHIFT - HF_CS32_SHIFT);
1242 hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
1243 (DESC_B_SHIFT - HF_SS32_SHIFT);
1244 if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
1245 !(hflags & HF_CS32_MASK)) {
1246 hflags |= HF_ADDSEG_MASK;
1248 hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
1249 env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
1252 env->hflags = (env->hflags & HFLAG_COPY_MASK) | hflags;
1257 static int kvm_get_msrs(CPUX86State *env)
1260 struct kvm_msrs info;
1261 struct kvm_msr_entry entries[100];
1263 struct kvm_msr_entry *msrs = msr_data.entries;
1267 msrs[n++].index = MSR_IA32_SYSENTER_CS;
1268 msrs[n++].index = MSR_IA32_SYSENTER_ESP;
1269 msrs[n++].index = MSR_IA32_SYSENTER_EIP;
1270 msrs[n++].index = MSR_PAT;
1272 msrs[n++].index = MSR_STAR;
1274 if (has_msr_hsave_pa) {
1275 msrs[n++].index = MSR_VM_HSAVE_PA;
1277 if (has_msr_tsc_deadline) {
1278 msrs[n++].index = MSR_IA32_TSCDEADLINE;
1280 if (has_msr_misc_enable) {
1281 msrs[n++].index = MSR_IA32_MISC_ENABLE;
1284 if (!env->tsc_valid) {
1285 msrs[n++].index = MSR_IA32_TSC;
1286 env->tsc_valid = !runstate_is_running();
1289 #ifdef TARGET_X86_64
1290 if (lm_capable_kernel) {
1291 msrs[n++].index = MSR_CSTAR;
1292 msrs[n++].index = MSR_KERNELGSBASE;
1293 msrs[n++].index = MSR_FMASK;
1294 msrs[n++].index = MSR_LSTAR;
1297 msrs[n++].index = MSR_KVM_SYSTEM_TIME;
1298 msrs[n++].index = MSR_KVM_WALL_CLOCK;
1299 if (has_msr_async_pf_en) {
1300 msrs[n++].index = MSR_KVM_ASYNC_PF_EN;
1302 if (has_msr_pv_eoi_en) {
1303 msrs[n++].index = MSR_KVM_PV_EOI_EN;
1307 msrs[n++].index = MSR_MCG_STATUS;
1308 msrs[n++].index = MSR_MCG_CTL;
1309 for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++) {
1310 msrs[n++].index = MSR_MC0_CTL + i;
1314 msr_data.info.nmsrs = n;
1315 ret = kvm_vcpu_ioctl(env, KVM_GET_MSRS, &msr_data);
1320 for (i = 0; i < ret; i++) {
1321 switch (msrs[i].index) {
1322 case MSR_IA32_SYSENTER_CS:
1323 env->sysenter_cs = msrs[i].data;
1325 case MSR_IA32_SYSENTER_ESP:
1326 env->sysenter_esp = msrs[i].data;
1328 case MSR_IA32_SYSENTER_EIP:
1329 env->sysenter_eip = msrs[i].data;
1332 env->pat = msrs[i].data;
1335 env->star = msrs[i].data;
1337 #ifdef TARGET_X86_64
1339 env->cstar = msrs[i].data;
1341 case MSR_KERNELGSBASE:
1342 env->kernelgsbase = msrs[i].data;
1345 env->fmask = msrs[i].data;
1348 env->lstar = msrs[i].data;
1352 env->tsc = msrs[i].data;
1354 case MSR_IA32_TSCDEADLINE:
1355 env->tsc_deadline = msrs[i].data;
1357 case MSR_VM_HSAVE_PA:
1358 env->vm_hsave = msrs[i].data;
1360 case MSR_KVM_SYSTEM_TIME:
1361 env->system_time_msr = msrs[i].data;
1363 case MSR_KVM_WALL_CLOCK:
1364 env->wall_clock_msr = msrs[i].data;
1366 case MSR_MCG_STATUS:
1367 env->mcg_status = msrs[i].data;
1370 env->mcg_ctl = msrs[i].data;
1372 case MSR_IA32_MISC_ENABLE:
1373 env->msr_ia32_misc_enable = msrs[i].data;
1376 if (msrs[i].index >= MSR_MC0_CTL &&
1377 msrs[i].index < MSR_MC0_CTL + (env->mcg_cap & 0xff) * 4) {
1378 env->mce_banks[msrs[i].index - MSR_MC0_CTL] = msrs[i].data;
1381 case MSR_KVM_ASYNC_PF_EN:
1382 env->async_pf_en_msr = msrs[i].data;
1384 case MSR_KVM_PV_EOI_EN:
1385 env->pv_eoi_en_msr = msrs[i].data;
1393 static int kvm_put_mp_state(CPUX86State *env)
1395 struct kvm_mp_state mp_state = { .mp_state = env->mp_state };
1397 return kvm_vcpu_ioctl(env, KVM_SET_MP_STATE, &mp_state);
1400 static int kvm_get_mp_state(X86CPU *cpu)
1402 CPUX86State *env = &cpu->env;
1403 struct kvm_mp_state mp_state;
1406 ret = kvm_vcpu_ioctl(env, KVM_GET_MP_STATE, &mp_state);
1410 env->mp_state = mp_state.mp_state;
1411 if (kvm_irqchip_in_kernel()) {
1412 env->halted = (mp_state.mp_state == KVM_MP_STATE_HALTED);
1417 static int kvm_get_apic(CPUX86State *env)
1419 DeviceState *apic = env->apic_state;
1420 struct kvm_lapic_state kapic;
1423 if (apic && kvm_irqchip_in_kernel()) {
1424 ret = kvm_vcpu_ioctl(env, KVM_GET_LAPIC, &kapic);
1429 kvm_get_apic_state(apic, &kapic);
1434 static int kvm_put_apic(CPUX86State *env)
1436 DeviceState *apic = env->apic_state;
1437 struct kvm_lapic_state kapic;
1439 if (apic && kvm_irqchip_in_kernel()) {
1440 kvm_put_apic_state(apic, &kapic);
1442 return kvm_vcpu_ioctl(env, KVM_SET_LAPIC, &kapic);
1447 static int kvm_put_vcpu_events(CPUX86State *env, int level)
1449 struct kvm_vcpu_events events;
1451 if (!kvm_has_vcpu_events()) {
1455 events.exception.injected = (env->exception_injected >= 0);
1456 events.exception.nr = env->exception_injected;
1457 events.exception.has_error_code = env->has_error_code;
1458 events.exception.error_code = env->error_code;
1459 events.exception.pad = 0;
1461 events.interrupt.injected = (env->interrupt_injected >= 0);
1462 events.interrupt.nr = env->interrupt_injected;
1463 events.interrupt.soft = env->soft_interrupt;
1465 events.nmi.injected = env->nmi_injected;
1466 events.nmi.pending = env->nmi_pending;
1467 events.nmi.masked = !!(env->hflags2 & HF2_NMI_MASK);
1470 events.sipi_vector = env->sipi_vector;
1473 if (level >= KVM_PUT_RESET_STATE) {
1475 KVM_VCPUEVENT_VALID_NMI_PENDING | KVM_VCPUEVENT_VALID_SIPI_VECTOR;
1478 return kvm_vcpu_ioctl(env, KVM_SET_VCPU_EVENTS, &events);
1481 static int kvm_get_vcpu_events(CPUX86State *env)
1483 struct kvm_vcpu_events events;
1486 if (!kvm_has_vcpu_events()) {
1490 ret = kvm_vcpu_ioctl(env, KVM_GET_VCPU_EVENTS, &events);
1494 env->exception_injected =
1495 events.exception.injected ? events.exception.nr : -1;
1496 env->has_error_code = events.exception.has_error_code;
1497 env->error_code = events.exception.error_code;
1499 env->interrupt_injected =
1500 events.interrupt.injected ? events.interrupt.nr : -1;
1501 env->soft_interrupt = events.interrupt.soft;
1503 env->nmi_injected = events.nmi.injected;
1504 env->nmi_pending = events.nmi.pending;
1505 if (events.nmi.masked) {
1506 env->hflags2 |= HF2_NMI_MASK;
1508 env->hflags2 &= ~HF2_NMI_MASK;
1511 env->sipi_vector = events.sipi_vector;
1516 static int kvm_guest_debug_workarounds(CPUX86State *env)
1519 unsigned long reinject_trap = 0;
1521 if (!kvm_has_vcpu_events()) {
1522 if (env->exception_injected == 1) {
1523 reinject_trap = KVM_GUESTDBG_INJECT_DB;
1524 } else if (env->exception_injected == 3) {
1525 reinject_trap = KVM_GUESTDBG_INJECT_BP;
1527 env->exception_injected = -1;
1531 * Kernels before KVM_CAP_X86_ROBUST_SINGLESTEP overwrote flags.TF
1532 * injected via SET_GUEST_DEBUG while updating GP regs. Work around this
1533 * by updating the debug state once again if single-stepping is on.
1534 * Another reason to call kvm_update_guest_debug here is a pending debug
1535 * trap raise by the guest. On kernels without SET_VCPU_EVENTS we have to
1536 * reinject them via SET_GUEST_DEBUG.
1538 if (reinject_trap ||
1539 (!kvm_has_robust_singlestep() && env->singlestep_enabled)) {
1540 ret = kvm_update_guest_debug(env, reinject_trap);
1545 static int kvm_put_debugregs(CPUX86State *env)
1547 struct kvm_debugregs dbgregs;
1550 if (!kvm_has_debugregs()) {
1554 for (i = 0; i < 4; i++) {
1555 dbgregs.db[i] = env->dr[i];
1557 dbgregs.dr6 = env->dr[6];
1558 dbgregs.dr7 = env->dr[7];
1561 return kvm_vcpu_ioctl(env, KVM_SET_DEBUGREGS, &dbgregs);
1564 static int kvm_get_debugregs(CPUX86State *env)
1566 struct kvm_debugregs dbgregs;
1569 if (!kvm_has_debugregs()) {
1573 ret = kvm_vcpu_ioctl(env, KVM_GET_DEBUGREGS, &dbgregs);
1577 for (i = 0; i < 4; i++) {
1578 env->dr[i] = dbgregs.db[i];
1580 env->dr[4] = env->dr[6] = dbgregs.dr6;
1581 env->dr[5] = env->dr[7] = dbgregs.dr7;
1586 int kvm_arch_put_registers(CPUX86State *env, int level)
1588 CPUState *cpu = ENV_GET_CPU(env);
1591 assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu));
1593 ret = kvm_getput_regs(env, 1);
1597 ret = kvm_put_xsave(env);
1601 ret = kvm_put_xcrs(env);
1605 ret = kvm_put_sregs(env);
1609 /* must be before kvm_put_msrs */
1610 ret = kvm_inject_mce_oldstyle(env);
1614 ret = kvm_put_msrs(env, level);
1618 if (level >= KVM_PUT_RESET_STATE) {
1619 ret = kvm_put_mp_state(env);
1623 ret = kvm_put_apic(env);
1628 ret = kvm_put_vcpu_events(env, level);
1632 ret = kvm_put_debugregs(env);
1637 ret = kvm_guest_debug_workarounds(env);
1644 int kvm_arch_get_registers(CPUX86State *env)
1646 X86CPU *cpu = x86_env_get_cpu(env);
1649 assert(cpu_is_stopped(CPU(cpu)) || qemu_cpu_is_self(CPU(cpu)));
1651 ret = kvm_getput_regs(env, 0);
1655 ret = kvm_get_xsave(env);
1659 ret = kvm_get_xcrs(env);
1663 ret = kvm_get_sregs(env);
1667 ret = kvm_get_msrs(env);
1671 ret = kvm_get_mp_state(cpu);
1675 ret = kvm_get_apic(env);
1679 ret = kvm_get_vcpu_events(env);
1683 ret = kvm_get_debugregs(env);
1690 void kvm_arch_pre_run(CPUX86State *env, struct kvm_run *run)
1695 if (env->interrupt_request & CPU_INTERRUPT_NMI) {
1696 env->interrupt_request &= ~CPU_INTERRUPT_NMI;
1697 DPRINTF("injected NMI\n");
1698 ret = kvm_vcpu_ioctl(env, KVM_NMI);
1700 fprintf(stderr, "KVM: injection failed, NMI lost (%s)\n",
1705 if (!kvm_irqchip_in_kernel()) {
1706 /* Force the VCPU out of its inner loop to process any INIT requests
1707 * or pending TPR access reports. */
1708 if (env->interrupt_request &
1709 (CPU_INTERRUPT_INIT | CPU_INTERRUPT_TPR)) {
1710 env->exit_request = 1;
1713 /* Try to inject an interrupt if the guest can accept it */
1714 if (run->ready_for_interrupt_injection &&
1715 (env->interrupt_request & CPU_INTERRUPT_HARD) &&
1716 (env->eflags & IF_MASK)) {
1719 env->interrupt_request &= ~CPU_INTERRUPT_HARD;
1720 irq = cpu_get_pic_interrupt(env);
1722 struct kvm_interrupt intr;
1725 DPRINTF("injected interrupt %d\n", irq);
1726 ret = kvm_vcpu_ioctl(env, KVM_INTERRUPT, &intr);
1729 "KVM: injection failed, interrupt lost (%s)\n",
1735 /* If we have an interrupt but the guest is not ready to receive an
1736 * interrupt, request an interrupt window exit. This will
1737 * cause a return to userspace as soon as the guest is ready to
1738 * receive interrupts. */
1739 if ((env->interrupt_request & CPU_INTERRUPT_HARD)) {
1740 run->request_interrupt_window = 1;
1742 run->request_interrupt_window = 0;
1745 DPRINTF("setting tpr\n");
1746 run->cr8 = cpu_get_apic_tpr(env->apic_state);
1750 void kvm_arch_post_run(CPUX86State *env, struct kvm_run *run)
1753 env->eflags |= IF_MASK;
1755 env->eflags &= ~IF_MASK;
1757 cpu_set_apic_tpr(env->apic_state, run->cr8);
1758 cpu_set_apic_base(env->apic_state, run->apic_base);
1761 int kvm_arch_process_async_events(CPUX86State *env)
1763 X86CPU *cpu = x86_env_get_cpu(env);
1765 if (env->interrupt_request & CPU_INTERRUPT_MCE) {
1766 /* We must not raise CPU_INTERRUPT_MCE if it's not supported. */
1767 assert(env->mcg_cap);
1769 env->interrupt_request &= ~CPU_INTERRUPT_MCE;
1771 kvm_cpu_synchronize_state(env);
1773 if (env->exception_injected == EXCP08_DBLE) {
1774 /* this means triple fault */
1775 qemu_system_reset_request();
1776 env->exit_request = 1;
1779 env->exception_injected = EXCP12_MCHK;
1780 env->has_error_code = 0;
1783 if (kvm_irqchip_in_kernel() && env->mp_state == KVM_MP_STATE_HALTED) {
1784 env->mp_state = KVM_MP_STATE_RUNNABLE;
1788 if (kvm_irqchip_in_kernel()) {
1792 if (env->interrupt_request & CPU_INTERRUPT_POLL) {
1793 env->interrupt_request &= ~CPU_INTERRUPT_POLL;
1794 apic_poll_irq(env->apic_state);
1796 if (((env->interrupt_request & CPU_INTERRUPT_HARD) &&
1797 (env->eflags & IF_MASK)) ||
1798 (env->interrupt_request & CPU_INTERRUPT_NMI)) {
1801 if (env->interrupt_request & CPU_INTERRUPT_INIT) {
1802 kvm_cpu_synchronize_state(env);
1805 if (env->interrupt_request & CPU_INTERRUPT_SIPI) {
1806 kvm_cpu_synchronize_state(env);
1809 if (env->interrupt_request & CPU_INTERRUPT_TPR) {
1810 env->interrupt_request &= ~CPU_INTERRUPT_TPR;
1811 kvm_cpu_synchronize_state(env);
1812 apic_handle_tpr_access_report(env->apic_state, env->eip,
1813 env->tpr_access_type);
1819 static int kvm_handle_halt(X86CPU *cpu)
1821 CPUX86State *env = &cpu->env;
1823 if (!((env->interrupt_request & CPU_INTERRUPT_HARD) &&
1824 (env->eflags & IF_MASK)) &&
1825 !(env->interrupt_request & CPU_INTERRUPT_NMI)) {
1833 static int kvm_handle_tpr_access(CPUX86State *env)
1835 struct kvm_run *run = env->kvm_run;
1837 apic_handle_tpr_access_report(env->apic_state, run->tpr_access.rip,
1838 run->tpr_access.is_write ? TPR_ACCESS_WRITE
1843 int kvm_arch_insert_sw_breakpoint(CPUX86State *env, struct kvm_sw_breakpoint *bp)
1845 static const uint8_t int3 = 0xcc;
1847 if (cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&bp->saved_insn, 1, 0) ||
1848 cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&int3, 1, 1)) {
1854 int kvm_arch_remove_sw_breakpoint(CPUX86State *env, struct kvm_sw_breakpoint *bp)
1858 if (cpu_memory_rw_debug(env, bp->pc, &int3, 1, 0) || int3 != 0xcc ||
1859 cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&bp->saved_insn, 1, 1)) {
1871 static int nb_hw_breakpoint;
1873 static int find_hw_breakpoint(target_ulong addr, int len, int type)
1877 for (n = 0; n < nb_hw_breakpoint; n++) {
1878 if (hw_breakpoint[n].addr == addr && hw_breakpoint[n].type == type &&
1879 (hw_breakpoint[n].len == len || len == -1)) {
1886 int kvm_arch_insert_hw_breakpoint(target_ulong addr,
1887 target_ulong len, int type)
1890 case GDB_BREAKPOINT_HW:
1893 case GDB_WATCHPOINT_WRITE:
1894 case GDB_WATCHPOINT_ACCESS:
1901 if (addr & (len - 1)) {
1913 if (nb_hw_breakpoint == 4) {
1916 if (find_hw_breakpoint(addr, len, type) >= 0) {
1919 hw_breakpoint[nb_hw_breakpoint].addr = addr;
1920 hw_breakpoint[nb_hw_breakpoint].len = len;
1921 hw_breakpoint[nb_hw_breakpoint].type = type;
1927 int kvm_arch_remove_hw_breakpoint(target_ulong addr,
1928 target_ulong len, int type)
1932 n = find_hw_breakpoint(addr, (type == GDB_BREAKPOINT_HW) ? 1 : len, type);
1937 hw_breakpoint[n] = hw_breakpoint[nb_hw_breakpoint];
1942 void kvm_arch_remove_all_hw_breakpoints(void)
1944 nb_hw_breakpoint = 0;
1947 static CPUWatchpoint hw_watchpoint;
1949 static int kvm_handle_debug(CPUX86State *env,
1950 struct kvm_debug_exit_arch *arch_info)
1955 if (arch_info->exception == 1) {
1956 if (arch_info->dr6 & (1 << 14)) {
1957 if (env->singlestep_enabled) {
1961 for (n = 0; n < 4; n++) {
1962 if (arch_info->dr6 & (1 << n)) {
1963 switch ((arch_info->dr7 >> (16 + n*4)) & 0x3) {
1969 env->watchpoint_hit = &hw_watchpoint;
1970 hw_watchpoint.vaddr = hw_breakpoint[n].addr;
1971 hw_watchpoint.flags = BP_MEM_WRITE;
1975 env->watchpoint_hit = &hw_watchpoint;
1976 hw_watchpoint.vaddr = hw_breakpoint[n].addr;
1977 hw_watchpoint.flags = BP_MEM_ACCESS;
1983 } else if (kvm_find_sw_breakpoint(env, arch_info->pc)) {
1987 cpu_synchronize_state(env);
1988 assert(env->exception_injected == -1);
1991 env->exception_injected = arch_info->exception;
1992 env->has_error_code = 0;
1998 void kvm_arch_update_guest_debug(CPUX86State *env, struct kvm_guest_debug *dbg)
2000 const uint8_t type_code[] = {
2001 [GDB_BREAKPOINT_HW] = 0x0,
2002 [GDB_WATCHPOINT_WRITE] = 0x1,
2003 [GDB_WATCHPOINT_ACCESS] = 0x3
2005 const uint8_t len_code[] = {
2006 [1] = 0x0, [2] = 0x1, [4] = 0x3, [8] = 0x2
2010 if (kvm_sw_breakpoints_active(env)) {
2011 dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP;
2013 if (nb_hw_breakpoint > 0) {
2014 dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_HW_BP;
2015 dbg->arch.debugreg[7] = 0x0600;
2016 for (n = 0; n < nb_hw_breakpoint; n++) {
2017 dbg->arch.debugreg[n] = hw_breakpoint[n].addr;
2018 dbg->arch.debugreg[7] |= (2 << (n * 2)) |
2019 (type_code[hw_breakpoint[n].type] << (16 + n*4)) |
2020 ((uint32_t)len_code[hw_breakpoint[n].len] << (18 + n*4));
2025 static bool host_supports_vmx(void)
2027 uint32_t ecx, unused;
2029 host_cpuid(1, 0, &unused, &unused, &ecx, &unused);
2030 return ecx & CPUID_EXT_VMX;
2033 #define VMX_INVALID_GUEST_STATE 0x80000021
2035 int kvm_arch_handle_exit(CPUX86State *env, struct kvm_run *run)
2037 X86CPU *cpu = x86_env_get_cpu(env);
2041 switch (run->exit_reason) {
2043 DPRINTF("handle_hlt\n");
2044 ret = kvm_handle_halt(cpu);
2046 case KVM_EXIT_SET_TPR:
2049 case KVM_EXIT_TPR_ACCESS:
2050 ret = kvm_handle_tpr_access(env);
2052 case KVM_EXIT_FAIL_ENTRY:
2053 code = run->fail_entry.hardware_entry_failure_reason;
2054 fprintf(stderr, "KVM: entry failed, hardware error 0x%" PRIx64 "\n",
2056 if (host_supports_vmx() && code == VMX_INVALID_GUEST_STATE) {
2058 "\nIf you're running a guest on an Intel machine without "
2059 "unrestricted mode\n"
2060 "support, the failure can be most likely due to the guest "
2061 "entering an invalid\n"
2062 "state for Intel VT. For example, the guest maybe running "
2063 "in big real mode\n"
2064 "which is not supported on less recent Intel processors."
2069 case KVM_EXIT_EXCEPTION:
2070 fprintf(stderr, "KVM: exception %d exit (error code 0x%x)\n",
2071 run->ex.exception, run->ex.error_code);
2074 case KVM_EXIT_DEBUG:
2075 DPRINTF("kvm_exit_debug\n");
2076 ret = kvm_handle_debug(env, &run->debug.arch);
2079 fprintf(stderr, "KVM: unknown exit reason %d\n", run->exit_reason);
2087 bool kvm_arch_stop_on_emulation_error(CPUX86State *env)
2089 kvm_cpu_synchronize_state(env);
2090 return !(env->cr[0] & CR0_PE_MASK) ||
2091 ((env->segs[R_CS].selector & 3) != 3);
2094 void kvm_arch_init_irq_routing(KVMState *s)
2096 if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
2097 /* If kernel can't do irq routing, interrupt source
2098 * override 0->2 cannot be set up as required by HPET.
2099 * So we have to disable it.
2103 /* We know at this point that we're using the in-kernel
2104 * irqchip, so we can use irqfds, and on x86 we know
2105 * we can use msi via irqfd and GSI routing.
2107 kvm_irqfds_allowed = true;
2108 kvm_msi_via_irqfd_allowed = true;
2109 kvm_gsi_routing_allowed = true;
2112 /* Classic KVM device assignment interface. Will remain x86 only. */
2113 int kvm_device_pci_assign(KVMState *s, PCIHostDeviceAddress *dev_addr,
2114 uint32_t flags, uint32_t *dev_id)
2116 struct kvm_assigned_pci_dev dev_data = {
2117 .segnr = dev_addr->domain,
2118 .busnr = dev_addr->bus,
2119 .devfn = PCI_DEVFN(dev_addr->slot, dev_addr->function),
2124 dev_data.assigned_dev_id =
2125 (dev_addr->domain << 16) | (dev_addr->bus << 8) | dev_data.devfn;
2127 ret = kvm_vm_ioctl(s, KVM_ASSIGN_PCI_DEVICE, &dev_data);
2132 *dev_id = dev_data.assigned_dev_id;
2137 int kvm_device_pci_deassign(KVMState *s, uint32_t dev_id)
2139 struct kvm_assigned_pci_dev dev_data = {
2140 .assigned_dev_id = dev_id,
2143 return kvm_vm_ioctl(s, KVM_DEASSIGN_PCI_DEVICE, &dev_data);
2146 static int kvm_assign_irq_internal(KVMState *s, uint32_t dev_id,
2147 uint32_t irq_type, uint32_t guest_irq)
2149 struct kvm_assigned_irq assigned_irq = {
2150 .assigned_dev_id = dev_id,
2151 .guest_irq = guest_irq,
2155 if (kvm_check_extension(s, KVM_CAP_ASSIGN_DEV_IRQ)) {
2156 return kvm_vm_ioctl(s, KVM_ASSIGN_DEV_IRQ, &assigned_irq);
2158 return kvm_vm_ioctl(s, KVM_ASSIGN_IRQ, &assigned_irq);
2162 int kvm_device_intx_assign(KVMState *s, uint32_t dev_id, bool use_host_msi,
2165 uint32_t irq_type = KVM_DEV_IRQ_GUEST_INTX |
2166 (use_host_msi ? KVM_DEV_IRQ_HOST_MSI : KVM_DEV_IRQ_HOST_INTX);
2168 return kvm_assign_irq_internal(s, dev_id, irq_type, guest_irq);
2171 int kvm_device_intx_set_mask(KVMState *s, uint32_t dev_id, bool masked)
2173 struct kvm_assigned_pci_dev dev_data = {
2174 .assigned_dev_id = dev_id,
2175 .flags = masked ? KVM_DEV_ASSIGN_MASK_INTX : 0,
2178 return kvm_vm_ioctl(s, KVM_ASSIGN_SET_INTX_MASK, &dev_data);
2181 static int kvm_deassign_irq_internal(KVMState *s, uint32_t dev_id,
2184 struct kvm_assigned_irq assigned_irq = {
2185 .assigned_dev_id = dev_id,
2189 return kvm_vm_ioctl(s, KVM_DEASSIGN_DEV_IRQ, &assigned_irq);
2192 int kvm_device_intx_deassign(KVMState *s, uint32_t dev_id, bool use_host_msi)
2194 return kvm_deassign_irq_internal(s, dev_id, KVM_DEV_IRQ_GUEST_INTX |
2195 (use_host_msi ? KVM_DEV_IRQ_HOST_MSI : KVM_DEV_IRQ_HOST_INTX));
2198 int kvm_device_msi_assign(KVMState *s, uint32_t dev_id, int virq)
2200 return kvm_assign_irq_internal(s, dev_id, KVM_DEV_IRQ_HOST_MSI |
2201 KVM_DEV_IRQ_GUEST_MSI, virq);
2204 int kvm_device_msi_deassign(KVMState *s, uint32_t dev_id)
2206 return kvm_deassign_irq_internal(s, dev_id, KVM_DEV_IRQ_GUEST_MSI |
2207 KVM_DEV_IRQ_HOST_MSI);
2210 bool kvm_device_msix_supported(KVMState *s)
2212 /* The kernel lacks a corresponding KVM_CAP, so we probe by calling
2213 * KVM_ASSIGN_SET_MSIX_NR with an invalid parameter. */
2214 return kvm_vm_ioctl(s, KVM_ASSIGN_SET_MSIX_NR, NULL) == -EFAULT;
2217 int kvm_device_msix_init_vectors(KVMState *s, uint32_t dev_id,
2218 uint32_t nr_vectors)
2220 struct kvm_assigned_msix_nr msix_nr = {
2221 .assigned_dev_id = dev_id,
2222 .entry_nr = nr_vectors,
2225 return kvm_vm_ioctl(s, KVM_ASSIGN_SET_MSIX_NR, &msix_nr);
2228 int kvm_device_msix_set_vector(KVMState *s, uint32_t dev_id, uint32_t vector,
2231 struct kvm_assigned_msix_entry msix_entry = {
2232 .assigned_dev_id = dev_id,
2237 return kvm_vm_ioctl(s, KVM_ASSIGN_SET_MSIX_ENTRY, &msix_entry);
2240 int kvm_device_msix_assign(KVMState *s, uint32_t dev_id)
2242 return kvm_assign_irq_internal(s, dev_id, KVM_DEV_IRQ_HOST_MSIX |
2243 KVM_DEV_IRQ_GUEST_MSIX, 0);
2246 int kvm_device_msix_deassign(KVMState *s, uint32_t dev_id)
2248 return kvm_deassign_irq_internal(s, dev_id, KVM_DEV_IRQ_GUEST_MSIX |
2249 KVM_DEV_IRQ_HOST_MSIX);
projects / qemu.git / blob