1 /* 2 * x86 misc helpers - sysemu code 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #include "qemu/osdep.h" 21 #include "qemu/main-loop.h" 22 #include "cpu.h" 23 #include "exec/helper-proto.h" 24 #include "exec/cpu_ldst.h" 25 #include "exec/address-spaces.h" 26 #include "exec/exec-all.h" 27 #include "tcg/helper-tcg.h" 28 #include "hw/i386/apic.h" 29 30 void helper_outb(CPUX86State *env, uint32_t port, uint32_t data) 31 { 32 address_space_stb(&address_space_io, port, data, 33 cpu_get_mem_attrs(env), NULL); 34 } 35 36 target_ulong helper_inb(CPUX86State *env, uint32_t port) 37 { 38 return address_space_ldub(&address_space_io, port, 39 cpu_get_mem_attrs(env), NULL); 40 } 41 42 void helper_outw(CPUX86State *env, uint32_t port, uint32_t data) 43 { 44 address_space_stw(&address_space_io, port, data, 45 cpu_get_mem_attrs(env), NULL); 46 } 47 48 target_ulong helper_inw(CPUX86State *env, uint32_t port) 49 { 50 return address_space_lduw(&address_space_io, port, 51 cpu_get_mem_attrs(env), NULL); 52 } 53 54 void helper_outl(CPUX86State *env, uint32_t port, uint32_t data) 55 { 56 address_space_stl(&address_space_io, port, data, 57 cpu_get_mem_attrs(env), NULL); 58 } 59 60 target_ulong helper_inl(CPUX86State *env, uint32_t port) 61 { 62 return address_space_ldl(&address_space_io, port, 63 cpu_get_mem_attrs(env), NULL); 64 } 65 66 target_ulong helper_read_cr8(CPUX86State *env) 67 { 68 if (!(env->hflags2 & HF2_VINTR_MASK)) { 69 return cpu_get_apic_tpr(env_archcpu(env)->apic_state); 70 } else { 71 return env->int_ctl & V_TPR_MASK; 72 } 73 } 74 75 void helper_write_crN(CPUX86State *env, int reg, target_ulong t0) 76 { 77 switch (reg) { 78 case 0: 79 /* 80 * If we reach this point, the CR0 write intercept is disabled. 81 * But we could still exit if the hypervisor has requested the selective 82 * intercept for bits other than TS and MP 83 */ 84 if (cpu_svm_has_intercept(env, SVM_EXIT_CR0_SEL_WRITE) && 85 ((env->cr[0] ^ t0) & ~(CR0_TS_MASK | CR0_MP_MASK))) { 86 cpu_vmexit(env, SVM_EXIT_CR0_SEL_WRITE, 0, GETPC()); 87 } 88 cpu_x86_update_cr0(env, t0); 89 break; 90 case 3: 91 if ((env->efer & MSR_EFER_LMA) && 92 (t0 & ((~0ULL) << env_archcpu(env)->phys_bits))) { 93 cpu_vmexit(env, SVM_EXIT_ERR, 0, GETPC()); 94 } 95 if (!(env->efer & MSR_EFER_LMA)) { 96 t0 &= 0xffffffffUL; 97 } 98 cpu_x86_update_cr3(env, t0); 99 break; 100 case 4: 101 if (t0 & cr4_reserved_bits(env)) { 102 cpu_vmexit(env, SVM_EXIT_ERR, 0, GETPC()); 103 } 104 if (((t0 ^ env->cr[4]) & CR4_LA57_MASK) && 105 (env->hflags & HF_CS64_MASK)) { 106 raise_exception_ra(env, EXCP0D_GPF, GETPC()); 107 } 108 cpu_x86_update_cr4(env, t0); 109 break; 110 case 8: 111 if (!(env->hflags2 & HF2_VINTR_MASK)) { 112 bql_lock(); 113 cpu_set_apic_tpr(env_archcpu(env)->apic_state, t0); 114 bql_unlock(); 115 } 116 env->int_ctl = (env->int_ctl & ~V_TPR_MASK) | (t0 & V_TPR_MASK); 117 118 CPUState *cs = env_cpu(env); 119 if (ctl_has_irq(env)) { 120 cpu_interrupt(cs, CPU_INTERRUPT_VIRQ); 121 } else { 122 cpu_reset_interrupt(cs, CPU_INTERRUPT_VIRQ); 123 } 124 break; 125 default: 126 env->cr[reg] = t0; 127 break; 128 } 129 } 130 131 void helper_wrmsr(CPUX86State *env) 132 { 133 uint64_t val; 134 CPUState *cs = env_cpu(env); 135 136 cpu_svm_check_intercept_param(env, SVM_EXIT_MSR, 1, GETPC()); 137 138 val = ((uint32_t)env->regs[R_EAX]) | 139 ((uint64_t)((uint32_t)env->regs[R_EDX]) << 32); 140 141 switch ((uint32_t)env->regs[R_ECX]) { 142 case MSR_IA32_SYSENTER_CS: 143 env->sysenter_cs = val & 0xffff; 144 break; 145 case MSR_IA32_SYSENTER_ESP: 146 env->sysenter_esp = val; 147 break; 148 case MSR_IA32_SYSENTER_EIP: 149 env->sysenter_eip = val; 150 break; 151 case MSR_IA32_APICBASE: { 152 int ret; 153 154 if (val & MSR_IA32_APICBASE_RESERVED) { 155 goto error; 156 } 157 158 ret = cpu_set_apic_base(env_archcpu(env)->apic_state, val); 159 if (ret < 0) { 160 goto error; 161 } 162 break; 163 } 164 case MSR_EFER: 165 { 166 uint64_t update_mask; 167 168 update_mask = 0; 169 if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_SYSCALL) { 170 update_mask |= MSR_EFER_SCE; 171 } 172 if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_LM) { 173 update_mask |= MSR_EFER_LME; 174 } 175 if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_FFXSR) { 176 update_mask |= MSR_EFER_FFXSR; 177 } 178 if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_NX) { 179 update_mask |= MSR_EFER_NXE; 180 } 181 if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) { 182 update_mask |= MSR_EFER_SVME; 183 } 184 if (env->features[FEAT_8000_0001_EDX] & CPUID_EXT2_FFXSR) { 185 update_mask |= MSR_EFER_FFXSR; 186 } 187 cpu_load_efer(env, (env->efer & ~update_mask) | 188 (val & update_mask)); 189 } 190 break; 191 case MSR_STAR: 192 env->star = val; 193 break; 194 case MSR_PAT: 195 env->pat = val; 196 break; 197 case MSR_IA32_PKRS: 198 if (val & 0xFFFFFFFF00000000ull) { 199 goto error; 200 } 201 env->pkrs = val; 202 tlb_flush(cs); 203 break; 204 case MSR_VM_HSAVE_PA: 205 if (val & (0xfff | ((~0ULL) << env_archcpu(env)->phys_bits))) { 206 goto error; 207 } 208 env->vm_hsave = val; 209 break; 210 #ifdef TARGET_X86_64 211 case MSR_LSTAR: 212 env->lstar = val; 213 break; 214 case MSR_CSTAR: 215 env->cstar = val; 216 break; 217 case MSR_FMASK: 218 env->fmask = val; 219 break; 220 case MSR_FSBASE: 221 env->segs[R_FS].base = val; 222 break; 223 case MSR_GSBASE: 224 env->segs[R_GS].base = val; 225 break; 226 case MSR_KERNELGSBASE: 227 env->kernelgsbase = val; 228 break; 229 #endif 230 case MSR_MTRRphysBase(0): 231 case MSR_MTRRphysBase(1): 232 case MSR_MTRRphysBase(2): 233 case MSR_MTRRphysBase(3): 234 case MSR_MTRRphysBase(4): 235 case MSR_MTRRphysBase(5): 236 case MSR_MTRRphysBase(6): 237 case MSR_MTRRphysBase(7): 238 env->mtrr_var[((uint32_t)env->regs[R_ECX] - 239 MSR_MTRRphysBase(0)) / 2].base = val; 240 break; 241 case MSR_MTRRphysMask(0): 242 case MSR_MTRRphysMask(1): 243 case MSR_MTRRphysMask(2): 244 case MSR_MTRRphysMask(3): 245 case MSR_MTRRphysMask(4): 246 case MSR_MTRRphysMask(5): 247 case MSR_MTRRphysMask(6): 248 case MSR_MTRRphysMask(7): 249 env->mtrr_var[((uint32_t)env->regs[R_ECX] - 250 MSR_MTRRphysMask(0)) / 2].mask = val; 251 break; 252 case MSR_MTRRfix64K_00000: 253 env->mtrr_fixed[(uint32_t)env->regs[R_ECX] - 254 MSR_MTRRfix64K_00000] = val; 255 break; 256 case MSR_MTRRfix16K_80000: 257 case MSR_MTRRfix16K_A0000: 258 env->mtrr_fixed[(uint32_t)env->regs[R_ECX] - 259 MSR_MTRRfix16K_80000 + 1] = val; 260 break; 261 case MSR_MTRRfix4K_C0000: 262 case MSR_MTRRfix4K_C8000: 263 case MSR_MTRRfix4K_D0000: 264 case MSR_MTRRfix4K_D8000: 265 case MSR_MTRRfix4K_E0000: 266 case MSR_MTRRfix4K_E8000: 267 case MSR_MTRRfix4K_F0000: 268 case MSR_MTRRfix4K_F8000: 269 env->mtrr_fixed[(uint32_t)env->regs[R_ECX] - 270 MSR_MTRRfix4K_C0000 + 3] = val; 271 break; 272 case MSR_MTRRdefType: 273 env->mtrr_deftype = val; 274 break; 275 case MSR_MCG_STATUS: 276 env->mcg_status = val; 277 break; 278 case MSR_MCG_CTL: 279 if ((env->mcg_cap & MCG_CTL_P) 280 && (val == 0 || val == ~(uint64_t)0)) { 281 env->mcg_ctl = val; 282 } 283 break; 284 case MSR_TSC_AUX: 285 env->tsc_aux = val; 286 break; 287 case MSR_IA32_MISC_ENABLE: 288 env->msr_ia32_misc_enable = val; 289 break; 290 case MSR_IA32_BNDCFGS: 291 /* FIXME: #GP if reserved bits are set. */ 292 /* FIXME: Extend highest implemented bit of linear address. */ 293 env->msr_bndcfgs = val; 294 cpu_sync_bndcs_hflags(env); 295 break; 296 case MSR_APIC_START ... MSR_APIC_END: { 297 int ret; 298 int index = (uint32_t)env->regs[R_ECX] - MSR_APIC_START; 299 300 bql_lock(); 301 ret = apic_msr_write(index, val); 302 bql_unlock(); 303 if (ret < 0) { 304 goto error; 305 } 306 307 break; 308 } 309 default: 310 if ((uint32_t)env->regs[R_ECX] >= MSR_MC0_CTL 311 && (uint32_t)env->regs[R_ECX] < MSR_MC0_CTL + 312 (4 * env->mcg_cap & 0xff)) { 313 uint32_t offset = (uint32_t)env->regs[R_ECX] - MSR_MC0_CTL; 314 if ((offset & 0x3) != 0 315 || (val == 0 || val == ~(uint64_t)0)) { 316 env->mce_banks[offset] = val; 317 } 318 break; 319 } 320 /* XXX: exception? */ 321 break; 322 } 323 return; 324 error: 325 raise_exception_err_ra(env, EXCP0D_GPF, 0, GETPC()); 326 } 327 328 void helper_rdmsr(CPUX86State *env) 329 { 330 X86CPU *x86_cpu = env_archcpu(env); 331 uint64_t val; 332 333 cpu_svm_check_intercept_param(env, SVM_EXIT_MSR, 0, GETPC()); 334 335 switch ((uint32_t)env->regs[R_ECX]) { 336 case MSR_IA32_SYSENTER_CS: 337 val = env->sysenter_cs; 338 break; 339 case MSR_IA32_SYSENTER_ESP: 340 val = env->sysenter_esp; 341 break; 342 case MSR_IA32_SYSENTER_EIP: 343 val = env->sysenter_eip; 344 break; 345 case MSR_IA32_APICBASE: 346 val = cpu_get_apic_base(env_archcpu(env)->apic_state); 347 break; 348 case MSR_EFER: 349 val = env->efer; 350 break; 351 case MSR_STAR: 352 val = env->star; 353 break; 354 case MSR_PAT: 355 val = env->pat; 356 break; 357 case MSR_IA32_PKRS: 358 val = env->pkrs; 359 break; 360 case MSR_VM_HSAVE_PA: 361 val = env->vm_hsave; 362 break; 363 case MSR_IA32_PERF_STATUS: 364 /* tsc_increment_by_tick */ 365 val = 1000ULL; 366 /* CPU multiplier */ 367 val |= (((uint64_t)4ULL) << 40); 368 break; 369 #ifdef TARGET_X86_64 370 case MSR_LSTAR: 371 val = env->lstar; 372 break; 373 case MSR_CSTAR: 374 val = env->cstar; 375 break; 376 case MSR_FMASK: 377 val = env->fmask; 378 break; 379 case MSR_FSBASE: 380 val = env->segs[R_FS].base; 381 break; 382 case MSR_GSBASE: 383 val = env->segs[R_GS].base; 384 break; 385 case MSR_KERNELGSBASE: 386 val = env->kernelgsbase; 387 break; 388 case MSR_TSC_AUX: 389 val = env->tsc_aux; 390 break; 391 #endif 392 case MSR_SMI_COUNT: 393 val = env->msr_smi_count; 394 break; 395 case MSR_MTRRphysBase(0): 396 case MSR_MTRRphysBase(1): 397 case MSR_MTRRphysBase(2): 398 case MSR_MTRRphysBase(3): 399 case MSR_MTRRphysBase(4): 400 case MSR_MTRRphysBase(5): 401 case MSR_MTRRphysBase(6): 402 case MSR_MTRRphysBase(7): 403 val = env->mtrr_var[((uint32_t)env->regs[R_ECX] - 404 MSR_MTRRphysBase(0)) / 2].base; 405 break; 406 case MSR_MTRRphysMask(0): 407 case MSR_MTRRphysMask(1): 408 case MSR_MTRRphysMask(2): 409 case MSR_MTRRphysMask(3): 410 case MSR_MTRRphysMask(4): 411 case MSR_MTRRphysMask(5): 412 case MSR_MTRRphysMask(6): 413 case MSR_MTRRphysMask(7): 414 val = env->mtrr_var[((uint32_t)env->regs[R_ECX] - 415 MSR_MTRRphysMask(0)) / 2].mask; 416 break; 417 case MSR_MTRRfix64K_00000: 418 val = env->mtrr_fixed[0]; 419 break; 420 case MSR_MTRRfix16K_80000: 421 case MSR_MTRRfix16K_A0000: 422 val = env->mtrr_fixed[(uint32_t)env->regs[R_ECX] - 423 MSR_MTRRfix16K_80000 + 1]; 424 break; 425 case MSR_MTRRfix4K_C0000: 426 case MSR_MTRRfix4K_C8000: 427 case MSR_MTRRfix4K_D0000: 428 case MSR_MTRRfix4K_D8000: 429 case MSR_MTRRfix4K_E0000: 430 case MSR_MTRRfix4K_E8000: 431 case MSR_MTRRfix4K_F0000: 432 case MSR_MTRRfix4K_F8000: 433 val = env->mtrr_fixed[(uint32_t)env->regs[R_ECX] - 434 MSR_MTRRfix4K_C0000 + 3]; 435 break; 436 case MSR_MTRRdefType: 437 val = env->mtrr_deftype; 438 break; 439 case MSR_MTRRcap: 440 if (env->features[FEAT_1_EDX] & CPUID_MTRR) { 441 val = MSR_MTRRcap_VCNT | MSR_MTRRcap_FIXRANGE_SUPPORT | 442 MSR_MTRRcap_WC_SUPPORTED; 443 } else { 444 /* XXX: exception? */ 445 val = 0; 446 } 447 break; 448 case MSR_MCG_CAP: 449 val = env->mcg_cap; 450 break; 451 case MSR_MCG_CTL: 452 if (env->mcg_cap & MCG_CTL_P) { 453 val = env->mcg_ctl; 454 } else { 455 val = 0; 456 } 457 break; 458 case MSR_MCG_STATUS: 459 val = env->mcg_status; 460 break; 461 case MSR_IA32_MISC_ENABLE: 462 val = env->msr_ia32_misc_enable; 463 break; 464 case MSR_IA32_BNDCFGS: 465 val = env->msr_bndcfgs; 466 break; 467 case MSR_IA32_UCODE_REV: 468 val = x86_cpu->ucode_rev; 469 break; 470 case MSR_CORE_THREAD_COUNT: { 471 CPUState *cs = CPU(x86_cpu); 472 val = (cs->nr_threads * cs->nr_cores) | (cs->nr_cores << 16); 473 break; 474 } 475 case MSR_APIC_START ... MSR_APIC_END: { 476 int ret; 477 int index = (uint32_t)env->regs[R_ECX] - MSR_APIC_START; 478 479 bql_lock(); 480 ret = apic_msr_read(index, &val); 481 bql_unlock(); 482 if (ret < 0) { 483 raise_exception_err_ra(env, EXCP0D_GPF, 0, GETPC()); 484 } 485 486 break; 487 } 488 default: 489 if ((uint32_t)env->regs[R_ECX] >= MSR_MC0_CTL 490 && (uint32_t)env->regs[R_ECX] < MSR_MC0_CTL + 491 (4 * env->mcg_cap & 0xff)) { 492 uint32_t offset = (uint32_t)env->regs[R_ECX] - MSR_MC0_CTL; 493 val = env->mce_banks[offset]; 494 break; 495 } 496 /* XXX: exception? */ 497 val = 0; 498 break; 499 } 500 env->regs[R_EAX] = (uint32_t)(val); 501 env->regs[R_EDX] = (uint32_t)(val >> 32); 502 } 503 504 void helper_flush_page(CPUX86State *env, target_ulong addr) 505 { 506 tlb_flush_page(env_cpu(env), addr); 507 } 508 509 G_NORETURN void helper_hlt(CPUX86State *env) 510 { 511 CPUState *cs = env_cpu(env); 512 513 do_end_instruction(env); 514 cs->halted = 1; 515 cs->exception_index = EXCP_HLT; 516 cpu_loop_exit(cs); 517 } 518 519 void helper_monitor(CPUX86State *env, target_ulong ptr) 520 { 521 if ((uint32_t)env->regs[R_ECX] != 0) { 522 raise_exception_ra(env, EXCP0D_GPF, GETPC()); 523 } 524 /* XXX: store address? */ 525 cpu_svm_check_intercept_param(env, SVM_EXIT_MONITOR, 0, GETPC()); 526 } 527 528 G_NORETURN void helper_mwait(CPUX86State *env, int next_eip_addend) 529 { 530 CPUState *cs = env_cpu(env); 531 532 if ((uint32_t)env->regs[R_ECX] != 0) { 533 raise_exception_ra(env, EXCP0D_GPF, GETPC()); 534 } 535 cpu_svm_check_intercept_param(env, SVM_EXIT_MWAIT, 0, GETPC()); 536 env->eip += next_eip_addend; 537 538 /* XXX: not complete but not completely erroneous */ 539 if (cs->cpu_index != 0 || CPU_NEXT(cs) != NULL) { 540 helper_pause(env); 541 } else { 542 helper_hlt(env); 543 } 544 } 545