4 * Copyright (C) 2006-2008 Qumranet Technologies
5 * Copyright IBM, Corp. 2008
10 * This work is licensed under the terms of the GNU GPL, version 2 or later.
11 * See the COPYING file in the top-level directory.
15 #include <sys/types.h>
16 #include <sys/ioctl.h>
18 #include <sys/utsname.h>
20 #include <linux/kvm.h>
21 #include <linux/kvm_para.h>
23 #include "qemu-common.h"
28 #include "host-utils.h"
37 #define DPRINTF(fmt, ...) \
38 do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
40 #define DPRINTF(fmt, ...) \
44 #define MSR_KVM_WALL_CLOCK 0x11
45 #define MSR_KVM_SYSTEM_TIME 0x12
48 #define BUS_MCEERR_AR 4
51 #define BUS_MCEERR_AO 5
54 const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
55 KVM_CAP_INFO(SET_TSS_ADDR),
56 KVM_CAP_INFO(EXT_CPUID),
57 KVM_CAP_INFO(MP_STATE),
61 static bool has_msr_star;
62 static bool has_msr_hsave_pa;
63 static bool has_msr_tsc_deadline;
64 static bool has_msr_async_pf_en;
65 static bool has_msr_misc_enable;
66 static int lm_capable_kernel;
68 static struct kvm_cpuid2 *try_get_cpuid(KVMState *s, int max)
70 struct kvm_cpuid2 *cpuid;
73 size = sizeof(*cpuid) + max * sizeof(*cpuid->entries);
74 cpuid = (struct kvm_cpuid2 *)g_malloc0(size);
76 r = kvm_ioctl(s, KVM_GET_SUPPORTED_CPUID, cpuid);
77 if (r == 0 && cpuid->nent >= max) {
85 fprintf(stderr, "KVM_GET_SUPPORTED_CPUID failed: %s\n",
93 struct kvm_para_features {
97 { KVM_CAP_CLOCKSOURCE, KVM_FEATURE_CLOCKSOURCE },
98 { KVM_CAP_NOP_IO_DELAY, KVM_FEATURE_NOP_IO_DELAY },
99 { KVM_CAP_PV_MMU, KVM_FEATURE_MMU_OP },
100 { KVM_CAP_ASYNC_PF, KVM_FEATURE_ASYNC_PF },
104 static int get_para_features(KVMState *s)
108 for (i = 0; i < ARRAY_SIZE(para_features) - 1; i++) {
109 if (kvm_check_extension(s, para_features[i].cap)) {
110 features |= (1 << para_features[i].feature);
118 uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
119 uint32_t index, int reg)
121 struct kvm_cpuid2 *cpuid;
124 uint32_t cpuid_1_edx;
125 int has_kvm_features = 0;
128 while ((cpuid = try_get_cpuid(s, max)) == NULL) {
132 for (i = 0; i < cpuid->nent; ++i) {
133 if (cpuid->entries[i].function == function &&
134 cpuid->entries[i].index == index) {
135 if (cpuid->entries[i].function == KVM_CPUID_FEATURES) {
136 has_kvm_features = 1;
140 ret = cpuid->entries[i].eax;
143 ret = cpuid->entries[i].ebx;
146 ret = cpuid->entries[i].ecx;
149 ret = cpuid->entries[i].edx;
152 /* KVM before 2.6.30 misreports the following features */
153 ret |= CPUID_MTRR | CPUID_PAT | CPUID_MCE | CPUID_MCA;
156 /* On Intel, kvm returns cpuid according to the Intel spec,
157 * so add missing bits according to the AMD spec:
159 cpuid_1_edx = kvm_arch_get_supported_cpuid(s, 1, 0, R_EDX);
160 ret |= cpuid_1_edx & 0x183f7ff;
170 /* fallback for older kernels */
171 if (!has_kvm_features && (function == KVM_CPUID_FEATURES)) {
172 ret = get_para_features(s);
178 typedef struct HWPoisonPage {
180 QLIST_ENTRY(HWPoisonPage) list;
183 static QLIST_HEAD(, HWPoisonPage) hwpoison_page_list =
184 QLIST_HEAD_INITIALIZER(hwpoison_page_list);
186 static void kvm_unpoison_all(void *param)
188 HWPoisonPage *page, *next_page;
190 QLIST_FOREACH_SAFE(page, &hwpoison_page_list, list, next_page) {
191 QLIST_REMOVE(page, list);
192 qemu_ram_remap(page->ram_addr, TARGET_PAGE_SIZE);
197 static void kvm_hwpoison_page_add(ram_addr_t ram_addr)
201 QLIST_FOREACH(page, &hwpoison_page_list, list) {
202 if (page->ram_addr == ram_addr) {
206 page = g_malloc(sizeof(HWPoisonPage));
207 page->ram_addr = ram_addr;
208 QLIST_INSERT_HEAD(&hwpoison_page_list, page, list);
211 static int kvm_get_mce_cap_supported(KVMState *s, uint64_t *mce_cap,
216 r = kvm_check_extension(s, KVM_CAP_MCE);
219 return kvm_ioctl(s, KVM_X86_GET_MCE_CAP_SUPPORTED, mce_cap);
224 static void kvm_mce_inject(CPUX86State *env, target_phys_addr_t paddr, int code)
226 uint64_t status = MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN |
227 MCI_STATUS_MISCV | MCI_STATUS_ADDRV | MCI_STATUS_S;
228 uint64_t mcg_status = MCG_STATUS_MCIP;
230 if (code == BUS_MCEERR_AR) {
231 status |= MCI_STATUS_AR | 0x134;
232 mcg_status |= MCG_STATUS_EIPV;
235 mcg_status |= MCG_STATUS_RIPV;
237 cpu_x86_inject_mce(NULL, env, 9, status, mcg_status, paddr,
238 (MCM_ADDR_PHYS << 6) | 0xc,
239 cpu_x86_support_mca_broadcast(env) ?
240 MCE_INJECT_BROADCAST : 0);
243 static void hardware_memory_error(void)
245 fprintf(stderr, "Hardware memory error!\n");
249 int kvm_arch_on_sigbus_vcpu(CPUX86State *env, int code, void *addr)
252 target_phys_addr_t paddr;
254 if ((env->mcg_cap & MCG_SER_P) && addr
255 && (code == BUS_MCEERR_AR || code == BUS_MCEERR_AO)) {
256 if (qemu_ram_addr_from_host(addr, &ram_addr) ||
257 !kvm_physical_memory_addr_from_host(env->kvm_state, addr, &paddr)) {
258 fprintf(stderr, "Hardware memory error for memory used by "
259 "QEMU itself instead of guest system!\n");
260 /* Hope we are lucky for AO MCE */
261 if (code == BUS_MCEERR_AO) {
264 hardware_memory_error();
267 kvm_hwpoison_page_add(ram_addr);
268 kvm_mce_inject(env, paddr, code);
270 if (code == BUS_MCEERR_AO) {
272 } else if (code == BUS_MCEERR_AR) {
273 hardware_memory_error();
281 int kvm_arch_on_sigbus(int code, void *addr)
283 if ((first_cpu->mcg_cap & MCG_SER_P) && addr && code == BUS_MCEERR_AO) {
285 target_phys_addr_t paddr;
287 /* Hope we are lucky for AO MCE */
288 if (qemu_ram_addr_from_host(addr, &ram_addr) ||
289 !kvm_physical_memory_addr_from_host(first_cpu->kvm_state, addr,
291 fprintf(stderr, "Hardware memory error for memory used by "
292 "QEMU itself instead of guest system!: %p\n", addr);
295 kvm_hwpoison_page_add(ram_addr);
296 kvm_mce_inject(first_cpu, paddr, code);
298 if (code == BUS_MCEERR_AO) {
300 } else if (code == BUS_MCEERR_AR) {
301 hardware_memory_error();
309 static int kvm_inject_mce_oldstyle(CPUX86State *env)
311 if (!kvm_has_vcpu_events() && env->exception_injected == EXCP12_MCHK) {
312 unsigned int bank, bank_num = env->mcg_cap & 0xff;
313 struct kvm_x86_mce mce;
315 env->exception_injected = -1;
318 * There must be at least one bank in use if an MCE is pending.
319 * Find it and use its values for the event injection.
321 for (bank = 0; bank < bank_num; bank++) {
322 if (env->mce_banks[bank * 4 + 1] & MCI_STATUS_VAL) {
326 assert(bank < bank_num);
329 mce.status = env->mce_banks[bank * 4 + 1];
330 mce.mcg_status = env->mcg_status;
331 mce.addr = env->mce_banks[bank * 4 + 2];
332 mce.misc = env->mce_banks[bank * 4 + 3];
334 return kvm_vcpu_ioctl(env, KVM_X86_SET_MCE, &mce);
339 static void cpu_update_state(void *opaque, int running, RunState state)
341 CPUX86State *env = opaque;
344 env->tsc_valid = false;
348 int kvm_arch_init_vcpu(CPUX86State *env)
351 struct kvm_cpuid2 cpuid;
352 struct kvm_cpuid_entry2 entries[100];
353 } QEMU_PACKED cpuid_data;
354 KVMState *s = env->kvm_state;
355 uint32_t limit, i, j, cpuid_i;
357 struct kvm_cpuid_entry2 *c;
358 uint32_t signature[3];
361 env->cpuid_features &= kvm_arch_get_supported_cpuid(s, 1, 0, R_EDX);
363 i = env->cpuid_ext_features & CPUID_EXT_HYPERVISOR;
364 j = env->cpuid_ext_features & CPUID_EXT_TSC_DEADLINE_TIMER;
365 env->cpuid_ext_features &= kvm_arch_get_supported_cpuid(s, 1, 0, R_ECX);
366 env->cpuid_ext_features |= i;
367 if (j && kvm_irqchip_in_kernel() &&
368 kvm_check_extension(s, KVM_CAP_TSC_DEADLINE_TIMER)) {
369 env->cpuid_ext_features |= CPUID_EXT_TSC_DEADLINE_TIMER;
372 env->cpuid_ext2_features &= kvm_arch_get_supported_cpuid(s, 0x80000001,
374 env->cpuid_ext3_features &= kvm_arch_get_supported_cpuid(s, 0x80000001,
376 env->cpuid_svm_features &= kvm_arch_get_supported_cpuid(s, 0x8000000A,
381 /* Paravirtualization CPUIDs */
382 c = &cpuid_data.entries[cpuid_i++];
383 memset(c, 0, sizeof(*c));
384 c->function = KVM_CPUID_SIGNATURE;
385 if (!hyperv_enabled()) {
386 memcpy(signature, "KVMKVMKVM\0\0\0", 12);
389 memcpy(signature, "Microsoft Hv", 12);
390 c->eax = HYPERV_CPUID_MIN;
392 c->ebx = signature[0];
393 c->ecx = signature[1];
394 c->edx = signature[2];
396 c = &cpuid_data.entries[cpuid_i++];
397 memset(c, 0, sizeof(*c));
398 c->function = KVM_CPUID_FEATURES;
399 c->eax = env->cpuid_kvm_features &
400 kvm_arch_get_supported_cpuid(s, KVM_CPUID_FEATURES, 0, R_EAX);
402 if (hyperv_enabled()) {
403 memcpy(signature, "Hv#1\0\0\0\0\0\0\0\0", 12);
404 c->eax = signature[0];
406 c = &cpuid_data.entries[cpuid_i++];
407 memset(c, 0, sizeof(*c));
408 c->function = HYPERV_CPUID_VERSION;
412 c = &cpuid_data.entries[cpuid_i++];
413 memset(c, 0, sizeof(*c));
414 c->function = HYPERV_CPUID_FEATURES;
415 if (hyperv_relaxed_timing_enabled()) {
416 c->eax |= HV_X64_MSR_HYPERCALL_AVAILABLE;
418 if (hyperv_vapic_recommended()) {
419 c->eax |= HV_X64_MSR_HYPERCALL_AVAILABLE;
420 c->eax |= HV_X64_MSR_APIC_ACCESS_AVAILABLE;
423 c = &cpuid_data.entries[cpuid_i++];
424 memset(c, 0, sizeof(*c));
425 c->function = HYPERV_CPUID_ENLIGHTMENT_INFO;
426 if (hyperv_relaxed_timing_enabled()) {
427 c->eax |= HV_X64_RELAXED_TIMING_RECOMMENDED;
429 if (hyperv_vapic_recommended()) {
430 c->eax |= HV_X64_APIC_ACCESS_RECOMMENDED;
432 c->ebx = hyperv_get_spinlock_retries();
434 c = &cpuid_data.entries[cpuid_i++];
435 memset(c, 0, sizeof(*c));
436 c->function = HYPERV_CPUID_IMPLEMENT_LIMITS;
440 c = &cpuid_data.entries[cpuid_i++];
441 memset(c, 0, sizeof(*c));
442 c->function = KVM_CPUID_SIGNATURE_NEXT;
443 memcpy(signature, "KVMKVMKVM\0\0\0", 12);
445 c->ebx = signature[0];
446 c->ecx = signature[1];
447 c->edx = signature[2];
450 has_msr_async_pf_en = c->eax & (1 << KVM_FEATURE_ASYNC_PF);
452 cpu_x86_cpuid(env, 0, 0, &limit, &unused, &unused, &unused);
454 for (i = 0; i <= limit; i++) {
455 c = &cpuid_data.entries[cpuid_i++];
459 /* Keep reading function 2 till all the input is received */
463 c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC |
464 KVM_CPUID_FLAG_STATE_READ_NEXT;
465 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
466 times = c->eax & 0xff;
468 for (j = 1; j < times; ++j) {
469 c = &cpuid_data.entries[cpuid_i++];
471 c->flags = KVM_CPUID_FLAG_STATEFUL_FUNC;
472 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
480 if (i == 0xd && j == 64) {
484 c->flags = KVM_CPUID_FLAG_SIGNIFCANT_INDEX;
486 cpu_x86_cpuid(env, i, j, &c->eax, &c->ebx, &c->ecx, &c->edx);
488 if (i == 4 && c->eax == 0) {
491 if (i == 0xb && !(c->ecx & 0xff00)) {
494 if (i == 0xd && c->eax == 0) {
497 c = &cpuid_data.entries[cpuid_i++];
503 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
507 cpu_x86_cpuid(env, 0x80000000, 0, &limit, &unused, &unused, &unused);
509 for (i = 0x80000000; i <= limit; i++) {
510 c = &cpuid_data.entries[cpuid_i++];
514 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
517 /* Call Centaur's CPUID instructions they are supported. */
518 if (env->cpuid_xlevel2 > 0) {
519 env->cpuid_ext4_features &=
520 kvm_arch_get_supported_cpuid(s, 0xC0000001, 0, R_EDX);
521 cpu_x86_cpuid(env, 0xC0000000, 0, &limit, &unused, &unused, &unused);
523 for (i = 0xC0000000; i <= limit; i++) {
524 c = &cpuid_data.entries[cpuid_i++];
528 cpu_x86_cpuid(env, i, 0, &c->eax, &c->ebx, &c->ecx, &c->edx);
532 cpuid_data.cpuid.nent = cpuid_i;
534 if (((env->cpuid_version >> 8)&0xF) >= 6
535 && (env->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)
536 && kvm_check_extension(env->kvm_state, KVM_CAP_MCE) > 0) {
541 ret = kvm_get_mce_cap_supported(env->kvm_state, &mcg_cap, &banks);
543 fprintf(stderr, "kvm_get_mce_cap_supported: %s", strerror(-ret));
547 if (banks > MCE_BANKS_DEF) {
548 banks = MCE_BANKS_DEF;
550 mcg_cap &= MCE_CAP_DEF;
552 ret = kvm_vcpu_ioctl(env, KVM_X86_SETUP_MCE, &mcg_cap);
554 fprintf(stderr, "KVM_X86_SETUP_MCE: %s", strerror(-ret));
558 env->mcg_cap = mcg_cap;
561 qemu_add_vm_change_state_handler(cpu_update_state, env);
563 cpuid_data.cpuid.padding = 0;
564 r = kvm_vcpu_ioctl(env, KVM_SET_CPUID2, &cpuid_data);
569 r = kvm_check_extension(env->kvm_state, KVM_CAP_TSC_CONTROL);
570 if (r && env->tsc_khz) {
571 r = kvm_vcpu_ioctl(env, KVM_SET_TSC_KHZ, env->tsc_khz);
573 fprintf(stderr, "KVM_SET_TSC_KHZ failed\n");
578 if (kvm_has_xsave()) {
579 env->kvm_xsave_buf = qemu_memalign(4096, sizeof(struct kvm_xsave));
585 void kvm_arch_reset_vcpu(CPUX86State *env)
587 env->exception_injected = -1;
588 env->interrupt_injected = -1;
590 if (kvm_irqchip_in_kernel()) {
591 env->mp_state = cpu_is_bsp(env) ? KVM_MP_STATE_RUNNABLE :
592 KVM_MP_STATE_UNINITIALIZED;
594 env->mp_state = KVM_MP_STATE_RUNNABLE;
598 static int kvm_get_supported_msrs(KVMState *s)
600 static int kvm_supported_msrs;
604 if (kvm_supported_msrs == 0) {
605 struct kvm_msr_list msr_list, *kvm_msr_list;
607 kvm_supported_msrs = -1;
609 /* Obtain MSR list from KVM. These are the MSRs that we must
612 ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, &msr_list);
613 if (ret < 0 && ret != -E2BIG) {
616 /* Old kernel modules had a bug and could write beyond the provided
617 memory. Allocate at least a safe amount of 1K. */
618 kvm_msr_list = g_malloc0(MAX(1024, sizeof(msr_list) +
620 sizeof(msr_list.indices[0])));
622 kvm_msr_list->nmsrs = msr_list.nmsrs;
623 ret = kvm_ioctl(s, KVM_GET_MSR_INDEX_LIST, kvm_msr_list);
627 for (i = 0; i < kvm_msr_list->nmsrs; i++) {
628 if (kvm_msr_list->indices[i] == MSR_STAR) {
632 if (kvm_msr_list->indices[i] == MSR_VM_HSAVE_PA) {
633 has_msr_hsave_pa = true;
636 if (kvm_msr_list->indices[i] == MSR_IA32_TSCDEADLINE) {
637 has_msr_tsc_deadline = true;
640 if (kvm_msr_list->indices[i] == MSR_IA32_MISC_ENABLE) {
641 has_msr_misc_enable = true;
647 g_free(kvm_msr_list);
653 int kvm_arch_init(KVMState *s)
655 QemuOptsList *list = qemu_find_opts("machine");
656 uint64_t identity_base = 0xfffbc000;
659 struct utsname utsname;
661 ret = kvm_get_supported_msrs(s);
667 lm_capable_kernel = strcmp(utsname.machine, "x86_64") == 0;
670 * On older Intel CPUs, KVM uses vm86 mode to emulate 16-bit code directly.
671 * In order to use vm86 mode, an EPT identity map and a TSS are needed.
672 * Since these must be part of guest physical memory, we need to allocate
673 * them, both by setting their start addresses in the kernel and by
674 * creating a corresponding e820 entry. We need 4 pages before the BIOS.
676 * Older KVM versions may not support setting the identity map base. In
677 * that case we need to stick with the default, i.e. a 256K maximum BIOS
680 if (kvm_check_extension(s, KVM_CAP_SET_IDENTITY_MAP_ADDR)) {
681 /* Allows up to 16M BIOSes. */
682 identity_base = 0xfeffc000;
684 ret = kvm_vm_ioctl(s, KVM_SET_IDENTITY_MAP_ADDR, &identity_base);
690 /* Set TSS base one page after EPT identity map. */
691 ret = kvm_vm_ioctl(s, KVM_SET_TSS_ADDR, identity_base + 0x1000);
696 /* Tell fw_cfg to notify the BIOS to reserve the range. */
697 ret = e820_add_entry(identity_base, 0x4000, E820_RESERVED);
699 fprintf(stderr, "e820_add_entry() table is full\n");
702 qemu_register_reset(kvm_unpoison_all, NULL);
704 if (!QTAILQ_EMPTY(&list->head)) {
705 shadow_mem = qemu_opt_get_size(QTAILQ_FIRST(&list->head),
706 "kvm_shadow_mem", -1);
707 if (shadow_mem != -1) {
709 ret = kvm_vm_ioctl(s, KVM_SET_NR_MMU_PAGES, shadow_mem);
718 static void set_v8086_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
720 lhs->selector = rhs->selector;
721 lhs->base = rhs->base;
722 lhs->limit = rhs->limit;
734 static void set_seg(struct kvm_segment *lhs, const SegmentCache *rhs)
736 unsigned flags = rhs->flags;
737 lhs->selector = rhs->selector;
738 lhs->base = rhs->base;
739 lhs->limit = rhs->limit;
740 lhs->type = (flags >> DESC_TYPE_SHIFT) & 15;
741 lhs->present = (flags & DESC_P_MASK) != 0;
742 lhs->dpl = (flags >> DESC_DPL_SHIFT) & 3;
743 lhs->db = (flags >> DESC_B_SHIFT) & 1;
744 lhs->s = (flags & DESC_S_MASK) != 0;
745 lhs->l = (flags >> DESC_L_SHIFT) & 1;
746 lhs->g = (flags & DESC_G_MASK) != 0;
747 lhs->avl = (flags & DESC_AVL_MASK) != 0;
752 static void get_seg(SegmentCache *lhs, const struct kvm_segment *rhs)
754 lhs->selector = rhs->selector;
755 lhs->base = rhs->base;
756 lhs->limit = rhs->limit;
757 lhs->flags = (rhs->type << DESC_TYPE_SHIFT) |
758 (rhs->present * DESC_P_MASK) |
759 (rhs->dpl << DESC_DPL_SHIFT) |
760 (rhs->db << DESC_B_SHIFT) |
761 (rhs->s * DESC_S_MASK) |
762 (rhs->l << DESC_L_SHIFT) |
763 (rhs->g * DESC_G_MASK) |
764 (rhs->avl * DESC_AVL_MASK);
767 static void kvm_getput_reg(__u64 *kvm_reg, target_ulong *qemu_reg, int set)
770 *kvm_reg = *qemu_reg;
772 *qemu_reg = *kvm_reg;
776 static int kvm_getput_regs(CPUX86State *env, int set)
778 struct kvm_regs regs;
782 ret = kvm_vcpu_ioctl(env, KVM_GET_REGS, ®s);
788 kvm_getput_reg(®s.rax, &env->regs[R_EAX], set);
789 kvm_getput_reg(®s.rbx, &env->regs[R_EBX], set);
790 kvm_getput_reg(®s.rcx, &env->regs[R_ECX], set);
791 kvm_getput_reg(®s.rdx, &env->regs[R_EDX], set);
792 kvm_getput_reg(®s.rsi, &env->regs[R_ESI], set);
793 kvm_getput_reg(®s.rdi, &env->regs[R_EDI], set);
794 kvm_getput_reg(®s.rsp, &env->regs[R_ESP], set);
795 kvm_getput_reg(®s.rbp, &env->regs[R_EBP], set);
797 kvm_getput_reg(®s.r8, &env->regs[8], set);
798 kvm_getput_reg(®s.r9, &env->regs[9], set);
799 kvm_getput_reg(®s.r10, &env->regs[10], set);
800 kvm_getput_reg(®s.r11, &env->regs[11], set);
801 kvm_getput_reg(®s.r12, &env->regs[12], set);
802 kvm_getput_reg(®s.r13, &env->regs[13], set);
803 kvm_getput_reg(®s.r14, &env->regs[14], set);
804 kvm_getput_reg(®s.r15, &env->regs[15], set);
807 kvm_getput_reg(®s.rflags, &env->eflags, set);
808 kvm_getput_reg(®s.rip, &env->eip, set);
811 ret = kvm_vcpu_ioctl(env, KVM_SET_REGS, ®s);
817 static int kvm_put_fpu(CPUX86State *env)
822 memset(&fpu, 0, sizeof fpu);
823 fpu.fsw = env->fpus & ~(7 << 11);
824 fpu.fsw |= (env->fpstt & 7) << 11;
826 fpu.last_opcode = env->fpop;
827 fpu.last_ip = env->fpip;
828 fpu.last_dp = env->fpdp;
829 for (i = 0; i < 8; ++i) {
830 fpu.ftwx |= (!env->fptags[i]) << i;
832 memcpy(fpu.fpr, env->fpregs, sizeof env->fpregs);
833 memcpy(fpu.xmm, env->xmm_regs, sizeof env->xmm_regs);
834 fpu.mxcsr = env->mxcsr;
836 return kvm_vcpu_ioctl(env, KVM_SET_FPU, &fpu);
839 #define XSAVE_FCW_FSW 0
840 #define XSAVE_FTW_FOP 1
841 #define XSAVE_CWD_RIP 2
842 #define XSAVE_CWD_RDP 4
843 #define XSAVE_MXCSR 6
844 #define XSAVE_ST_SPACE 8
845 #define XSAVE_XMM_SPACE 40
846 #define XSAVE_XSTATE_BV 128
847 #define XSAVE_YMMH_SPACE 144
849 static int kvm_put_xsave(CPUX86State *env)
851 struct kvm_xsave* xsave = env->kvm_xsave_buf;
852 uint16_t cwd, swd, twd;
855 if (!kvm_has_xsave()) {
856 return kvm_put_fpu(env);
859 memset(xsave, 0, sizeof(struct kvm_xsave));
861 swd = env->fpus & ~(7 << 11);
862 swd |= (env->fpstt & 7) << 11;
864 for (i = 0; i < 8; ++i) {
865 twd |= (!env->fptags[i]) << i;
867 xsave->region[XSAVE_FCW_FSW] = (uint32_t)(swd << 16) + cwd;
868 xsave->region[XSAVE_FTW_FOP] = (uint32_t)(env->fpop << 16) + twd;
869 memcpy(&xsave->region[XSAVE_CWD_RIP], &env->fpip, sizeof(env->fpip));
870 memcpy(&xsave->region[XSAVE_CWD_RDP], &env->fpdp, sizeof(env->fpdp));
871 memcpy(&xsave->region[XSAVE_ST_SPACE], env->fpregs,
873 memcpy(&xsave->region[XSAVE_XMM_SPACE], env->xmm_regs,
874 sizeof env->xmm_regs);
875 xsave->region[XSAVE_MXCSR] = env->mxcsr;
876 *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV] = env->xstate_bv;
877 memcpy(&xsave->region[XSAVE_YMMH_SPACE], env->ymmh_regs,
878 sizeof env->ymmh_regs);
879 r = kvm_vcpu_ioctl(env, KVM_SET_XSAVE, xsave);
883 static int kvm_put_xcrs(CPUX86State *env)
885 struct kvm_xcrs xcrs;
887 if (!kvm_has_xcrs()) {
893 xcrs.xcrs[0].xcr = 0;
894 xcrs.xcrs[0].value = env->xcr0;
895 return kvm_vcpu_ioctl(env, KVM_SET_XCRS, &xcrs);
898 static int kvm_put_sregs(CPUX86State *env)
900 struct kvm_sregs sregs;
902 memset(sregs.interrupt_bitmap, 0, sizeof(sregs.interrupt_bitmap));
903 if (env->interrupt_injected >= 0) {
904 sregs.interrupt_bitmap[env->interrupt_injected / 64] |=
905 (uint64_t)1 << (env->interrupt_injected % 64);
908 if ((env->eflags & VM_MASK)) {
909 set_v8086_seg(&sregs.cs, &env->segs[R_CS]);
910 set_v8086_seg(&sregs.ds, &env->segs[R_DS]);
911 set_v8086_seg(&sregs.es, &env->segs[R_ES]);
912 set_v8086_seg(&sregs.fs, &env->segs[R_FS]);
913 set_v8086_seg(&sregs.gs, &env->segs[R_GS]);
914 set_v8086_seg(&sregs.ss, &env->segs[R_SS]);
916 set_seg(&sregs.cs, &env->segs[R_CS]);
917 set_seg(&sregs.ds, &env->segs[R_DS]);
918 set_seg(&sregs.es, &env->segs[R_ES]);
919 set_seg(&sregs.fs, &env->segs[R_FS]);
920 set_seg(&sregs.gs, &env->segs[R_GS]);
921 set_seg(&sregs.ss, &env->segs[R_SS]);
924 set_seg(&sregs.tr, &env->tr);
925 set_seg(&sregs.ldt, &env->ldt);
927 sregs.idt.limit = env->idt.limit;
928 sregs.idt.base = env->idt.base;
929 memset(sregs.idt.padding, 0, sizeof sregs.idt.padding);
930 sregs.gdt.limit = env->gdt.limit;
931 sregs.gdt.base = env->gdt.base;
932 memset(sregs.gdt.padding, 0, sizeof sregs.gdt.padding);
934 sregs.cr0 = env->cr[0];
935 sregs.cr2 = env->cr[2];
936 sregs.cr3 = env->cr[3];
937 sregs.cr4 = env->cr[4];
939 sregs.cr8 = cpu_get_apic_tpr(env->apic_state);
940 sregs.apic_base = cpu_get_apic_base(env->apic_state);
942 sregs.efer = env->efer;
944 return kvm_vcpu_ioctl(env, KVM_SET_SREGS, &sregs);
947 static void kvm_msr_entry_set(struct kvm_msr_entry *entry,
948 uint32_t index, uint64_t value)
950 entry->index = index;
954 static int kvm_put_msrs(CPUX86State *env, int level)
957 struct kvm_msrs info;
958 struct kvm_msr_entry entries[100];
960 struct kvm_msr_entry *msrs = msr_data.entries;
963 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_CS, env->sysenter_cs);
964 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_ESP, env->sysenter_esp);
965 kvm_msr_entry_set(&msrs[n++], MSR_IA32_SYSENTER_EIP, env->sysenter_eip);
966 kvm_msr_entry_set(&msrs[n++], MSR_PAT, env->pat);
968 kvm_msr_entry_set(&msrs[n++], MSR_STAR, env->star);
970 if (has_msr_hsave_pa) {
971 kvm_msr_entry_set(&msrs[n++], MSR_VM_HSAVE_PA, env->vm_hsave);
973 if (has_msr_tsc_deadline) {
974 kvm_msr_entry_set(&msrs[n++], MSR_IA32_TSCDEADLINE, env->tsc_deadline);
976 if (has_msr_misc_enable) {
977 kvm_msr_entry_set(&msrs[n++], MSR_IA32_MISC_ENABLE,
978 env->msr_ia32_misc_enable);
981 if (lm_capable_kernel) {
982 kvm_msr_entry_set(&msrs[n++], MSR_CSTAR, env->cstar);
983 kvm_msr_entry_set(&msrs[n++], MSR_KERNELGSBASE, env->kernelgsbase);
984 kvm_msr_entry_set(&msrs[n++], MSR_FMASK, env->fmask);
985 kvm_msr_entry_set(&msrs[n++], MSR_LSTAR, env->lstar);
988 if (level == KVM_PUT_FULL_STATE) {
990 * KVM is yet unable to synchronize TSC values of multiple VCPUs on
991 * writeback. Until this is fixed, we only write the offset to SMP
992 * guests after migration, desynchronizing the VCPUs, but avoiding
993 * huge jump-backs that would occur without any writeback at all.
995 if (smp_cpus == 1 || env->tsc != 0) {
996 kvm_msr_entry_set(&msrs[n++], MSR_IA32_TSC, env->tsc);
1000 * The following paravirtual MSRs have side effects on the guest or are
1001 * too heavy for normal writeback. Limit them to reset or full state
1004 if (level >= KVM_PUT_RESET_STATE) {
1005 kvm_msr_entry_set(&msrs[n++], MSR_KVM_SYSTEM_TIME,
1006 env->system_time_msr);
1007 kvm_msr_entry_set(&msrs[n++], MSR_KVM_WALL_CLOCK, env->wall_clock_msr);
1008 if (has_msr_async_pf_en) {
1009 kvm_msr_entry_set(&msrs[n++], MSR_KVM_ASYNC_PF_EN,
1010 env->async_pf_en_msr);
1012 if (hyperv_hypercall_available()) {
1013 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_GUEST_OS_ID, 0);
1014 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_HYPERCALL, 0);
1016 if (hyperv_vapic_recommended()) {
1017 kvm_msr_entry_set(&msrs[n++], HV_X64_MSR_APIC_ASSIST_PAGE, 0);
1023 kvm_msr_entry_set(&msrs[n++], MSR_MCG_STATUS, env->mcg_status);
1024 kvm_msr_entry_set(&msrs[n++], MSR_MCG_CTL, env->mcg_ctl);
1025 for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++) {
1026 kvm_msr_entry_set(&msrs[n++], MSR_MC0_CTL + i, env->mce_banks[i]);
1030 msr_data.info.nmsrs = n;
1032 return kvm_vcpu_ioctl(env, KVM_SET_MSRS, &msr_data);
1037 static int kvm_get_fpu(CPUX86State *env)
1042 ret = kvm_vcpu_ioctl(env, KVM_GET_FPU, &fpu);
1047 env->fpstt = (fpu.fsw >> 11) & 7;
1048 env->fpus = fpu.fsw;
1049 env->fpuc = fpu.fcw;
1050 env->fpop = fpu.last_opcode;
1051 env->fpip = fpu.last_ip;
1052 env->fpdp = fpu.last_dp;
1053 for (i = 0; i < 8; ++i) {
1054 env->fptags[i] = !((fpu.ftwx >> i) & 1);
1056 memcpy(env->fpregs, fpu.fpr, sizeof env->fpregs);
1057 memcpy(env->xmm_regs, fpu.xmm, sizeof env->xmm_regs);
1058 env->mxcsr = fpu.mxcsr;
1063 static int kvm_get_xsave(CPUX86State *env)
1065 struct kvm_xsave* xsave = env->kvm_xsave_buf;
1067 uint16_t cwd, swd, twd;
1069 if (!kvm_has_xsave()) {
1070 return kvm_get_fpu(env);
1073 ret = kvm_vcpu_ioctl(env, KVM_GET_XSAVE, xsave);
1078 cwd = (uint16_t)xsave->region[XSAVE_FCW_FSW];
1079 swd = (uint16_t)(xsave->region[XSAVE_FCW_FSW] >> 16);
1080 twd = (uint16_t)xsave->region[XSAVE_FTW_FOP];
1081 env->fpop = (uint16_t)(xsave->region[XSAVE_FTW_FOP] >> 16);
1082 env->fpstt = (swd >> 11) & 7;
1085 for (i = 0; i < 8; ++i) {
1086 env->fptags[i] = !((twd >> i) & 1);
1088 memcpy(&env->fpip, &xsave->region[XSAVE_CWD_RIP], sizeof(env->fpip));
1089 memcpy(&env->fpdp, &xsave->region[XSAVE_CWD_RDP], sizeof(env->fpdp));
1090 env->mxcsr = xsave->region[XSAVE_MXCSR];
1091 memcpy(env->fpregs, &xsave->region[XSAVE_ST_SPACE],
1092 sizeof env->fpregs);
1093 memcpy(env->xmm_regs, &xsave->region[XSAVE_XMM_SPACE],
1094 sizeof env->xmm_regs);
1095 env->xstate_bv = *(uint64_t *)&xsave->region[XSAVE_XSTATE_BV];
1096 memcpy(env->ymmh_regs, &xsave->region[XSAVE_YMMH_SPACE],
1097 sizeof env->ymmh_regs);
1101 static int kvm_get_xcrs(CPUX86State *env)
1104 struct kvm_xcrs xcrs;
1106 if (!kvm_has_xcrs()) {
1110 ret = kvm_vcpu_ioctl(env, KVM_GET_XCRS, &xcrs);
1115 for (i = 0; i < xcrs.nr_xcrs; i++) {
1116 /* Only support xcr0 now */
1117 if (xcrs.xcrs[0].xcr == 0) {
1118 env->xcr0 = xcrs.xcrs[0].value;
1125 static int kvm_get_sregs(CPUX86State *env)
1127 struct kvm_sregs sregs;
1131 ret = kvm_vcpu_ioctl(env, KVM_GET_SREGS, &sregs);
1136 /* There can only be one pending IRQ set in the bitmap at a time, so try
1137 to find it and save its number instead (-1 for none). */
1138 env->interrupt_injected = -1;
1139 for (i = 0; i < ARRAY_SIZE(sregs.interrupt_bitmap); i++) {
1140 if (sregs.interrupt_bitmap[i]) {
1141 bit = ctz64(sregs.interrupt_bitmap[i]);
1142 env->interrupt_injected = i * 64 + bit;
1147 get_seg(&env->segs[R_CS], &sregs.cs);
1148 get_seg(&env->segs[R_DS], &sregs.ds);
1149 get_seg(&env->segs[R_ES], &sregs.es);
1150 get_seg(&env->segs[R_FS], &sregs.fs);
1151 get_seg(&env->segs[R_GS], &sregs.gs);
1152 get_seg(&env->segs[R_SS], &sregs.ss);
1154 get_seg(&env->tr, &sregs.tr);
1155 get_seg(&env->ldt, &sregs.ldt);
1157 env->idt.limit = sregs.idt.limit;
1158 env->idt.base = sregs.idt.base;
1159 env->gdt.limit = sregs.gdt.limit;
1160 env->gdt.base = sregs.gdt.base;
1162 env->cr[0] = sregs.cr0;
1163 env->cr[2] = sregs.cr2;
1164 env->cr[3] = sregs.cr3;
1165 env->cr[4] = sregs.cr4;
1167 env->efer = sregs.efer;
1169 /* changes to apic base and cr8/tpr are read back via kvm_arch_post_run */
1171 #define HFLAG_COPY_MASK \
1172 ~( HF_CPL_MASK | HF_PE_MASK | HF_MP_MASK | HF_EM_MASK | \
1173 HF_TS_MASK | HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK | \
1174 HF_OSFXSR_MASK | HF_LMA_MASK | HF_CS32_MASK | \
1175 HF_SS32_MASK | HF_CS64_MASK | HF_ADDSEG_MASK)
1177 hflags = (env->segs[R_CS].flags >> DESC_DPL_SHIFT) & HF_CPL_MASK;
1178 hflags |= (env->cr[0] & CR0_PE_MASK) << (HF_PE_SHIFT - CR0_PE_SHIFT);
1179 hflags |= (env->cr[0] << (HF_MP_SHIFT - CR0_MP_SHIFT)) &
1180 (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK);
1181 hflags |= (env->eflags & (HF_TF_MASK | HF_VM_MASK | HF_IOPL_MASK));
1182 hflags |= (env->cr[4] & CR4_OSFXSR_MASK) <<
1183 (HF_OSFXSR_SHIFT - CR4_OSFXSR_SHIFT);
1185 if (env->efer & MSR_EFER_LMA) {
1186 hflags |= HF_LMA_MASK;
1189 if ((hflags & HF_LMA_MASK) && (env->segs[R_CS].flags & DESC_L_MASK)) {
1190 hflags |= HF_CS32_MASK | HF_SS32_MASK | HF_CS64_MASK;
1192 hflags |= (env->segs[R_CS].flags & DESC_B_MASK) >>
1193 (DESC_B_SHIFT - HF_CS32_SHIFT);
1194 hflags |= (env->segs[R_SS].flags & DESC_B_MASK) >>
1195 (DESC_B_SHIFT - HF_SS32_SHIFT);
1196 if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK) ||
1197 !(hflags & HF_CS32_MASK)) {
1198 hflags |= HF_ADDSEG_MASK;
1200 hflags |= ((env->segs[R_DS].base | env->segs[R_ES].base |
1201 env->segs[R_SS].base) != 0) << HF_ADDSEG_SHIFT;
1204 env->hflags = (env->hflags & HFLAG_COPY_MASK) | hflags;
1209 static int kvm_get_msrs(CPUX86State *env)
1212 struct kvm_msrs info;
1213 struct kvm_msr_entry entries[100];
1215 struct kvm_msr_entry *msrs = msr_data.entries;
1219 msrs[n++].index = MSR_IA32_SYSENTER_CS;
1220 msrs[n++].index = MSR_IA32_SYSENTER_ESP;
1221 msrs[n++].index = MSR_IA32_SYSENTER_EIP;
1222 msrs[n++].index = MSR_PAT;
1224 msrs[n++].index = MSR_STAR;
1226 if (has_msr_hsave_pa) {
1227 msrs[n++].index = MSR_VM_HSAVE_PA;
1229 if (has_msr_tsc_deadline) {
1230 msrs[n++].index = MSR_IA32_TSCDEADLINE;
1232 if (has_msr_misc_enable) {
1233 msrs[n++].index = MSR_IA32_MISC_ENABLE;
1236 if (!env->tsc_valid) {
1237 msrs[n++].index = MSR_IA32_TSC;
1238 env->tsc_valid = !runstate_is_running();
1241 #ifdef TARGET_X86_64
1242 if (lm_capable_kernel) {
1243 msrs[n++].index = MSR_CSTAR;
1244 msrs[n++].index = MSR_KERNELGSBASE;
1245 msrs[n++].index = MSR_FMASK;
1246 msrs[n++].index = MSR_LSTAR;
1249 msrs[n++].index = MSR_KVM_SYSTEM_TIME;
1250 msrs[n++].index = MSR_KVM_WALL_CLOCK;
1251 if (has_msr_async_pf_en) {
1252 msrs[n++].index = MSR_KVM_ASYNC_PF_EN;
1256 msrs[n++].index = MSR_MCG_STATUS;
1257 msrs[n++].index = MSR_MCG_CTL;
1258 for (i = 0; i < (env->mcg_cap & 0xff) * 4; i++) {
1259 msrs[n++].index = MSR_MC0_CTL + i;
1263 msr_data.info.nmsrs = n;
1264 ret = kvm_vcpu_ioctl(env, KVM_GET_MSRS, &msr_data);
1269 for (i = 0; i < ret; i++) {
1270 switch (msrs[i].index) {
1271 case MSR_IA32_SYSENTER_CS:
1272 env->sysenter_cs = msrs[i].data;
1274 case MSR_IA32_SYSENTER_ESP:
1275 env->sysenter_esp = msrs[i].data;
1277 case MSR_IA32_SYSENTER_EIP:
1278 env->sysenter_eip = msrs[i].data;
1281 env->pat = msrs[i].data;
1284 env->star = msrs[i].data;
1286 #ifdef TARGET_X86_64
1288 env->cstar = msrs[i].data;
1290 case MSR_KERNELGSBASE:
1291 env->kernelgsbase = msrs[i].data;
1294 env->fmask = msrs[i].data;
1297 env->lstar = msrs[i].data;
1301 env->tsc = msrs[i].data;
1303 case MSR_IA32_TSCDEADLINE:
1304 env->tsc_deadline = msrs[i].data;
1306 case MSR_VM_HSAVE_PA:
1307 env->vm_hsave = msrs[i].data;
1309 case MSR_KVM_SYSTEM_TIME:
1310 env->system_time_msr = msrs[i].data;
1312 case MSR_KVM_WALL_CLOCK:
1313 env->wall_clock_msr = msrs[i].data;
1315 case MSR_MCG_STATUS:
1316 env->mcg_status = msrs[i].data;
1319 env->mcg_ctl = msrs[i].data;
1321 case MSR_IA32_MISC_ENABLE:
1322 env->msr_ia32_misc_enable = msrs[i].data;
1325 if (msrs[i].index >= MSR_MC0_CTL &&
1326 msrs[i].index < MSR_MC0_CTL + (env->mcg_cap & 0xff) * 4) {
1327 env->mce_banks[msrs[i].index - MSR_MC0_CTL] = msrs[i].data;
1330 case MSR_KVM_ASYNC_PF_EN:
1331 env->async_pf_en_msr = msrs[i].data;
1339 static int kvm_put_mp_state(CPUX86State *env)
1341 struct kvm_mp_state mp_state = { .mp_state = env->mp_state };
1343 return kvm_vcpu_ioctl(env, KVM_SET_MP_STATE, &mp_state);
1346 static int kvm_get_mp_state(CPUX86State *env)
1348 struct kvm_mp_state mp_state;
1351 ret = kvm_vcpu_ioctl(env, KVM_GET_MP_STATE, &mp_state);
1355 env->mp_state = mp_state.mp_state;
1356 if (kvm_irqchip_in_kernel()) {
1357 env->halted = (mp_state.mp_state == KVM_MP_STATE_HALTED);
1362 static int kvm_get_apic(CPUX86State *env)
1364 DeviceState *apic = env->apic_state;
1365 struct kvm_lapic_state kapic;
1368 if (apic && kvm_irqchip_in_kernel()) {
1369 ret = kvm_vcpu_ioctl(env, KVM_GET_LAPIC, &kapic);
1374 kvm_get_apic_state(apic, &kapic);
1379 static int kvm_put_apic(CPUX86State *env)
1381 DeviceState *apic = env->apic_state;
1382 struct kvm_lapic_state kapic;
1384 if (apic && kvm_irqchip_in_kernel()) {
1385 kvm_put_apic_state(apic, &kapic);
1387 return kvm_vcpu_ioctl(env, KVM_SET_LAPIC, &kapic);
1392 static int kvm_put_vcpu_events(CPUX86State *env, int level)
1394 struct kvm_vcpu_events events;
1396 if (!kvm_has_vcpu_events()) {
1400 events.exception.injected = (env->exception_injected >= 0);
1401 events.exception.nr = env->exception_injected;
1402 events.exception.has_error_code = env->has_error_code;
1403 events.exception.error_code = env->error_code;
1404 events.exception.pad = 0;
1406 events.interrupt.injected = (env->interrupt_injected >= 0);
1407 events.interrupt.nr = env->interrupt_injected;
1408 events.interrupt.soft = env->soft_interrupt;
1410 events.nmi.injected = env->nmi_injected;
1411 events.nmi.pending = env->nmi_pending;
1412 events.nmi.masked = !!(env->hflags2 & HF2_NMI_MASK);
1415 events.sipi_vector = env->sipi_vector;
1418 if (level >= KVM_PUT_RESET_STATE) {
1420 KVM_VCPUEVENT_VALID_NMI_PENDING | KVM_VCPUEVENT_VALID_SIPI_VECTOR;
1423 return kvm_vcpu_ioctl(env, KVM_SET_VCPU_EVENTS, &events);
1426 static int kvm_get_vcpu_events(CPUX86State *env)
1428 struct kvm_vcpu_events events;
1431 if (!kvm_has_vcpu_events()) {
1435 ret = kvm_vcpu_ioctl(env, KVM_GET_VCPU_EVENTS, &events);
1439 env->exception_injected =
1440 events.exception.injected ? events.exception.nr : -1;
1441 env->has_error_code = events.exception.has_error_code;
1442 env->error_code = events.exception.error_code;
1444 env->interrupt_injected =
1445 events.interrupt.injected ? events.interrupt.nr : -1;
1446 env->soft_interrupt = events.interrupt.soft;
1448 env->nmi_injected = events.nmi.injected;
1449 env->nmi_pending = events.nmi.pending;
1450 if (events.nmi.masked) {
1451 env->hflags2 |= HF2_NMI_MASK;
1453 env->hflags2 &= ~HF2_NMI_MASK;
1456 env->sipi_vector = events.sipi_vector;
1461 static int kvm_guest_debug_workarounds(CPUX86State *env)
1464 unsigned long reinject_trap = 0;
1466 if (!kvm_has_vcpu_events()) {
1467 if (env->exception_injected == 1) {
1468 reinject_trap = KVM_GUESTDBG_INJECT_DB;
1469 } else if (env->exception_injected == 3) {
1470 reinject_trap = KVM_GUESTDBG_INJECT_BP;
1472 env->exception_injected = -1;
1476 * Kernels before KVM_CAP_X86_ROBUST_SINGLESTEP overwrote flags.TF
1477 * injected via SET_GUEST_DEBUG while updating GP regs. Work around this
1478 * by updating the debug state once again if single-stepping is on.
1479 * Another reason to call kvm_update_guest_debug here is a pending debug
1480 * trap raise by the guest. On kernels without SET_VCPU_EVENTS we have to
1481 * reinject them via SET_GUEST_DEBUG.
1483 if (reinject_trap ||
1484 (!kvm_has_robust_singlestep() && env->singlestep_enabled)) {
1485 ret = kvm_update_guest_debug(env, reinject_trap);
1490 static int kvm_put_debugregs(CPUX86State *env)
1492 struct kvm_debugregs dbgregs;
1495 if (!kvm_has_debugregs()) {
1499 for (i = 0; i < 4; i++) {
1500 dbgregs.db[i] = env->dr[i];
1502 dbgregs.dr6 = env->dr[6];
1503 dbgregs.dr7 = env->dr[7];
1506 return kvm_vcpu_ioctl(env, KVM_SET_DEBUGREGS, &dbgregs);
1509 static int kvm_get_debugregs(CPUX86State *env)
1511 struct kvm_debugregs dbgregs;
1514 if (!kvm_has_debugregs()) {
1518 ret = kvm_vcpu_ioctl(env, KVM_GET_DEBUGREGS, &dbgregs);
1522 for (i = 0; i < 4; i++) {
1523 env->dr[i] = dbgregs.db[i];
1525 env->dr[4] = env->dr[6] = dbgregs.dr6;
1526 env->dr[5] = env->dr[7] = dbgregs.dr7;
1531 int kvm_arch_put_registers(CPUX86State *env, int level)
1535 assert(cpu_is_stopped(env) || qemu_cpu_is_self(env));
1537 ret = kvm_getput_regs(env, 1);
1541 ret = kvm_put_xsave(env);
1545 ret = kvm_put_xcrs(env);
1549 ret = kvm_put_sregs(env);
1553 /* must be before kvm_put_msrs */
1554 ret = kvm_inject_mce_oldstyle(env);
1558 ret = kvm_put_msrs(env, level);
1562 if (level >= KVM_PUT_RESET_STATE) {
1563 ret = kvm_put_mp_state(env);
1567 ret = kvm_put_apic(env);
1572 ret = kvm_put_vcpu_events(env, level);
1576 ret = kvm_put_debugregs(env);
1581 ret = kvm_guest_debug_workarounds(env);
1588 int kvm_arch_get_registers(CPUX86State *env)
1592 assert(cpu_is_stopped(env) || qemu_cpu_is_self(env));
1594 ret = kvm_getput_regs(env, 0);
1598 ret = kvm_get_xsave(env);
1602 ret = kvm_get_xcrs(env);
1606 ret = kvm_get_sregs(env);
1610 ret = kvm_get_msrs(env);
1614 ret = kvm_get_mp_state(env);
1618 ret = kvm_get_apic(env);
1622 ret = kvm_get_vcpu_events(env);
1626 ret = kvm_get_debugregs(env);
1633 void kvm_arch_pre_run(CPUX86State *env, struct kvm_run *run)
1638 if (env->interrupt_request & CPU_INTERRUPT_NMI) {
1639 env->interrupt_request &= ~CPU_INTERRUPT_NMI;
1640 DPRINTF("injected NMI\n");
1641 ret = kvm_vcpu_ioctl(env, KVM_NMI);
1643 fprintf(stderr, "KVM: injection failed, NMI lost (%s)\n",
1648 if (!kvm_irqchip_in_kernel()) {
1649 /* Force the VCPU out of its inner loop to process any INIT requests
1650 * or pending TPR access reports. */
1651 if (env->interrupt_request &
1652 (CPU_INTERRUPT_INIT | CPU_INTERRUPT_TPR)) {
1653 env->exit_request = 1;
1656 /* Try to inject an interrupt if the guest can accept it */
1657 if (run->ready_for_interrupt_injection &&
1658 (env->interrupt_request & CPU_INTERRUPT_HARD) &&
1659 (env->eflags & IF_MASK)) {
1662 env->interrupt_request &= ~CPU_INTERRUPT_HARD;
1663 irq = cpu_get_pic_interrupt(env);
1665 struct kvm_interrupt intr;
1668 DPRINTF("injected interrupt %d\n", irq);
1669 ret = kvm_vcpu_ioctl(env, KVM_INTERRUPT, &intr);
1672 "KVM: injection failed, interrupt lost (%s)\n",
1678 /* If we have an interrupt but the guest is not ready to receive an
1679 * interrupt, request an interrupt window exit. This will
1680 * cause a return to userspace as soon as the guest is ready to
1681 * receive interrupts. */
1682 if ((env->interrupt_request & CPU_INTERRUPT_HARD)) {
1683 run->request_interrupt_window = 1;
1685 run->request_interrupt_window = 0;
1688 DPRINTF("setting tpr\n");
1689 run->cr8 = cpu_get_apic_tpr(env->apic_state);
1693 void kvm_arch_post_run(CPUX86State *env, struct kvm_run *run)
1696 env->eflags |= IF_MASK;
1698 env->eflags &= ~IF_MASK;
1700 cpu_set_apic_tpr(env->apic_state, run->cr8);
1701 cpu_set_apic_base(env->apic_state, run->apic_base);
1704 int kvm_arch_process_async_events(CPUX86State *env)
1706 X86CPU *cpu = x86_env_get_cpu(env);
1708 if (env->interrupt_request & CPU_INTERRUPT_MCE) {
1709 /* We must not raise CPU_INTERRUPT_MCE if it's not supported. */
1710 assert(env->mcg_cap);
1712 env->interrupt_request &= ~CPU_INTERRUPT_MCE;
1714 kvm_cpu_synchronize_state(env);
1716 if (env->exception_injected == EXCP08_DBLE) {
1717 /* this means triple fault */
1718 qemu_system_reset_request();
1719 env->exit_request = 1;
1722 env->exception_injected = EXCP12_MCHK;
1723 env->has_error_code = 0;
1726 if (kvm_irqchip_in_kernel() && env->mp_state == KVM_MP_STATE_HALTED) {
1727 env->mp_state = KVM_MP_STATE_RUNNABLE;
1731 if (kvm_irqchip_in_kernel()) {
1735 if (((env->interrupt_request & CPU_INTERRUPT_HARD) &&
1736 (env->eflags & IF_MASK)) ||
1737 (env->interrupt_request & CPU_INTERRUPT_NMI)) {
1740 if (env->interrupt_request & CPU_INTERRUPT_INIT) {
1741 kvm_cpu_synchronize_state(env);
1744 if (env->interrupt_request & CPU_INTERRUPT_SIPI) {
1745 kvm_cpu_synchronize_state(env);
1748 if (env->interrupt_request & CPU_INTERRUPT_TPR) {
1749 env->interrupt_request &= ~CPU_INTERRUPT_TPR;
1750 kvm_cpu_synchronize_state(env);
1751 apic_handle_tpr_access_report(env->apic_state, env->eip,
1752 env->tpr_access_type);
1758 static int kvm_handle_halt(CPUX86State *env)
1760 if (!((env->interrupt_request & CPU_INTERRUPT_HARD) &&
1761 (env->eflags & IF_MASK)) &&
1762 !(env->interrupt_request & CPU_INTERRUPT_NMI)) {
1770 static int kvm_handle_tpr_access(CPUX86State *env)
1772 struct kvm_run *run = env->kvm_run;
1774 apic_handle_tpr_access_report(env->apic_state, run->tpr_access.rip,
1775 run->tpr_access.is_write ? TPR_ACCESS_WRITE
1780 int kvm_arch_insert_sw_breakpoint(CPUX86State *env, struct kvm_sw_breakpoint *bp)
1782 static const uint8_t int3 = 0xcc;
1784 if (cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&bp->saved_insn, 1, 0) ||
1785 cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&int3, 1, 1)) {
1791 int kvm_arch_remove_sw_breakpoint(CPUX86State *env, struct kvm_sw_breakpoint *bp)
1795 if (cpu_memory_rw_debug(env, bp->pc, &int3, 1, 0) || int3 != 0xcc ||
1796 cpu_memory_rw_debug(env, bp->pc, (uint8_t *)&bp->saved_insn, 1, 1)) {
1808 static int nb_hw_breakpoint;
1810 static int find_hw_breakpoint(target_ulong addr, int len, int type)
1814 for (n = 0; n < nb_hw_breakpoint; n++) {
1815 if (hw_breakpoint[n].addr == addr && hw_breakpoint[n].type == type &&
1816 (hw_breakpoint[n].len == len || len == -1)) {
1823 int kvm_arch_insert_hw_breakpoint(target_ulong addr,
1824 target_ulong len, int type)
1827 case GDB_BREAKPOINT_HW:
1830 case GDB_WATCHPOINT_WRITE:
1831 case GDB_WATCHPOINT_ACCESS:
1838 if (addr & (len - 1)) {
1850 if (nb_hw_breakpoint == 4) {
1853 if (find_hw_breakpoint(addr, len, type) >= 0) {
1856 hw_breakpoint[nb_hw_breakpoint].addr = addr;
1857 hw_breakpoint[nb_hw_breakpoint].len = len;
1858 hw_breakpoint[nb_hw_breakpoint].type = type;
1864 int kvm_arch_remove_hw_breakpoint(target_ulong addr,
1865 target_ulong len, int type)
1869 n = find_hw_breakpoint(addr, (type == GDB_BREAKPOINT_HW) ? 1 : len, type);
1874 hw_breakpoint[n] = hw_breakpoint[nb_hw_breakpoint];
1879 void kvm_arch_remove_all_hw_breakpoints(void)
1881 nb_hw_breakpoint = 0;
1884 static CPUWatchpoint hw_watchpoint;
1886 static int kvm_handle_debug(struct kvm_debug_exit_arch *arch_info)
1891 if (arch_info->exception == 1) {
1892 if (arch_info->dr6 & (1 << 14)) {
1893 if (cpu_single_env->singlestep_enabled) {
1897 for (n = 0; n < 4; n++) {
1898 if (arch_info->dr6 & (1 << n)) {
1899 switch ((arch_info->dr7 >> (16 + n*4)) & 0x3) {
1905 cpu_single_env->watchpoint_hit = &hw_watchpoint;
1906 hw_watchpoint.vaddr = hw_breakpoint[n].addr;
1907 hw_watchpoint.flags = BP_MEM_WRITE;
1911 cpu_single_env->watchpoint_hit = &hw_watchpoint;
1912 hw_watchpoint.vaddr = hw_breakpoint[n].addr;
1913 hw_watchpoint.flags = BP_MEM_ACCESS;
1919 } else if (kvm_find_sw_breakpoint(cpu_single_env, arch_info->pc)) {
1923 cpu_synchronize_state(cpu_single_env);
1924 assert(cpu_single_env->exception_injected == -1);
1927 cpu_single_env->exception_injected = arch_info->exception;
1928 cpu_single_env->has_error_code = 0;
1934 void kvm_arch_update_guest_debug(CPUX86State *env, struct kvm_guest_debug *dbg)
1936 const uint8_t type_code[] = {
1937 [GDB_BREAKPOINT_HW] = 0x0,
1938 [GDB_WATCHPOINT_WRITE] = 0x1,
1939 [GDB_WATCHPOINT_ACCESS] = 0x3
1941 const uint8_t len_code[] = {
1942 [1] = 0x0, [2] = 0x1, [4] = 0x3, [8] = 0x2
1946 if (kvm_sw_breakpoints_active(env)) {
1947 dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_SW_BP;
1949 if (nb_hw_breakpoint > 0) {
1950 dbg->control |= KVM_GUESTDBG_ENABLE | KVM_GUESTDBG_USE_HW_BP;
1951 dbg->arch.debugreg[7] = 0x0600;
1952 for (n = 0; n < nb_hw_breakpoint; n++) {
1953 dbg->arch.debugreg[n] = hw_breakpoint[n].addr;
1954 dbg->arch.debugreg[7] |= (2 << (n * 2)) |
1955 (type_code[hw_breakpoint[n].type] << (16 + n*4)) |
1956 ((uint32_t)len_code[hw_breakpoint[n].len] << (18 + n*4));
1961 static bool host_supports_vmx(void)
1963 uint32_t ecx, unused;
1965 host_cpuid(1, 0, &unused, &unused, &ecx, &unused);
1966 return ecx & CPUID_EXT_VMX;
1969 #define VMX_INVALID_GUEST_STATE 0x80000021
1971 int kvm_arch_handle_exit(CPUX86State *env, struct kvm_run *run)
1976 switch (run->exit_reason) {
1978 DPRINTF("handle_hlt\n");
1979 ret = kvm_handle_halt(env);
1981 case KVM_EXIT_SET_TPR:
1984 case KVM_EXIT_TPR_ACCESS:
1985 ret = kvm_handle_tpr_access(env);
1987 case KVM_EXIT_FAIL_ENTRY:
1988 code = run->fail_entry.hardware_entry_failure_reason;
1989 fprintf(stderr, "KVM: entry failed, hardware error 0x%" PRIx64 "\n",
1991 if (host_supports_vmx() && code == VMX_INVALID_GUEST_STATE) {
1993 "\nIf you're running a guest on an Intel machine without "
1994 "unrestricted mode\n"
1995 "support, the failure can be most likely due to the guest "
1996 "entering an invalid\n"
1997 "state for Intel VT. For example, the guest maybe running "
1998 "in big real mode\n"
1999 "which is not supported on less recent Intel processors."
2004 case KVM_EXIT_EXCEPTION:
2005 fprintf(stderr, "KVM: exception %d exit (error code 0x%x)\n",
2006 run->ex.exception, run->ex.error_code);
2009 case KVM_EXIT_DEBUG:
2010 DPRINTF("kvm_exit_debug\n");
2011 ret = kvm_handle_debug(&run->debug.arch);
2014 fprintf(stderr, "KVM: unknown exit reason %d\n", run->exit_reason);
2022 bool kvm_arch_stop_on_emulation_error(CPUX86State *env)
2024 kvm_cpu_synchronize_state(env);
2025 return !(env->cr[0] & CR0_PE_MASK) ||
2026 ((env->segs[R_CS].selector & 3) != 3);
2029 void kvm_arch_init_irq_routing(KVMState *s)
2031 if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
2032 /* If kernel can't do irq routing, interrupt source
2033 * override 0->2 cannot be set up as required by HPET.
2034 * So we have to disable it.
projects / qemu.git / blob