vmcb.h revision 259579
1/*- 2 * Copyright (c) 2013 Anish Gupta (akgupt3@gmail.com) 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice unmodified, this list of conditions, and the following 10 * disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * 26 * $FreeBSD: projects/bhyve_svm/sys/amd64/vmm/amd/vmcb.h 259579 2013-12-18 23:39:42Z grehan $ 27 */ 28 29#ifndef _VMCB_H_ 30#define _VMCB_H_ 31 32/* 33 * Secure Virtual Machine: AMD64 Programmer's Manual Vol2, Chapter 15 34 * Layout of VMCB: AMD64 Programmer's Manual Vol2, Appendix B 35 */ 36 37/* VMCB Control offset 0xC */ 38#define VMCB_INTCPT_INTR BIT(0) 39#define VMCB_INTCPT_NMI BIT(1) 40#define VMCB_INTCPT_SMI BIT(2) 41#define VMCB_INTCPT_INIT BIT(3) 42#define VMCB_INTCPT_VINTR BIT(4) 43#define VMCB_INTCPT_CR0_WRITE BIT(5) 44#define VMCB_INTCPT_IDTR_READ BIT(6) 45#define VMCB_INTCPT_GDTR_READ BIT(7) 46#define VMCB_INTCPT_LDTR_READ BIT(8) 47#define VMCB_INTCPT_TR_READ BIT(9) 48#define VMCB_INTCPT_IDTR_WRITE BIT(10) 49#define VMCB_INTCPT_GDTR_WRITE BIT(11) 50#define VMCB_INTCPT_LDTR_WRITE BIT(12) 51#define VMCB_INTCPT_TR_WRITE BIT(13) 52#define VMCB_INTCPT_RDTSC BIT(14) 53#define VMCB_INTCPT_RDPMC BIT(15) 54#define VMCB_INTCPT_PUSHF BIT(16) 55#define VMCB_INTCPT_POPF BIT(17) 56#define VMCB_INTCPT_CPUID BIT(18) 57#define VMCB_INTCPT_RSM BIT(19) 58#define VMCB_INTCPT_IRET BIT(20) 59#define VMCB_INTCPT_INTn BIT(21) 60#define VMCB_INTCPT_INVD BIT(22) 61#define VMCB_INTCPT_PAUSE BIT(23) 62#define VMCB_INTCPT_HLT BIT(24) 63#define VMCB_INTCPT_INVPG BIT(25) 64#define VMCB_INTCPT_INVPGA BIT(26) 65#define VMCB_INTCPT_IO BIT(27) 66#define VMCB_INTCPT_MSR BIT(28) 67#define VMCB_INTCPT_TASK_SWITCH BIT(29) 68#define VMCB_INTCPT_FERR_FREEZE BIT(30) 69#define VMCB_INTCPT_SHUTDOWN BIT(31) 70 71/* VMCB Control offset 0x10 */ 72#define VMCB_INTCPT_VMRUN BIT(0) 73#define VMCB_INTCPT_VMMCALL BIT(1) 74#define VMCB_INTCPT_VMLOAD BIT(2) 75#define VMCB_INTCPT_VMSAVE BIT(3) 76#define VMCB_INTCPT_STGI BIT(4) 77#define VMCB_INTCPT_CLGI BIT(5) 78#define VMCB_INTCPT_SKINIT BIT(6) 79#define VMCB_INTCPT_RDTSCP BIT(7) 80#define VMCB_INTCPT_ICEBP BIT(8) 81#define VMCB_INTCPT_WBINVD BIT(9) 82#define VMCB_INTCPT_MONITOR BIT(10) 83#define VMCB_INTCPT_MWAIT BIT(11) 84#define VMCB_INTCPT_MWAIT_ARMED BIT(12) 85#define VMCB_INTCPT_XSETBV BIT(13) 86 87/* VMCB TLB control */ 88#define VMCB_TLB_FLUSH_NOTHING 0 /* Flush nothing */ 89#define VMCB_TLB_FLUSH_ALL 1 /* Flush entire TLB */ 90#define VMCB_TLB_FLUSH_GUEST 3 /* Flush all guest entries */ 91#define VMCB_TLB_FLUSH_GUEST_NONGLOBAL 7 /* Flush guest non-PG entries */ 92 93/* VMCB state caching */ 94#define VMCB_CACHE_NONE 0 /* No caching */ 95#define VMCB_CACHE_I BIT(0) /* Cache vectors, TSC offset */ 96#define VMCB_CACHE_IOPM BIT(1) /* I/O and MSR permission */ 97#define VMCB_CACHE_ASID BIT(2) /* ASID */ 98#define VMCB_CACHE_TPR BIT(3) /* V_TPR to V_INTR_VECTOR */ 99#define VMCB_CACHE_NP BIT(4) /* Nested Paging */ 100#define VMCB_CACHE_CR BIT(5) /* CR0, CR3, CR4 & EFER */ 101#define VMCB_CACHE_DR BIT(6) /* Debug registers */ 102#define VMCB_CACHE_DT BIT(7) /* GDT/IDT */ 103#define VMCB_CACHE_SEG BIT(8) /* User segments, CPL */ 104#define VMCB_CACHE_CR2 BIT(9) /* page fault address */ 105#define VMCB_CACHE_LBR BIT(10) /* Last branch */ 106 107 108/* VMCB control event injection */ 109#define VMCB_EVENTINJ_EC_VALID BIT(11) /* Error Code valid */ 110#define VMCB_EVENTINJ_VALID BIT(31) /* Event valid */ 111 112#define VMCB_EVENTINJ_VECTOR_MASK 0xFF 113#define VMCB_EVENTINJ_INTR_TYPE_SHIFT 8 114#define VMCB_EVENTINJ_ERRCODE_SHIFT 32 115 116/* Event types that can be injected */ 117#define VMCB_EVENTINJ_TYPE_INTR 0 118#define VMCB_EVENTINJ_TYPE_NMI 2 119#define VMCB_EVENTINJ_TYPE_EXCEPTION 3 120#define VMCB_EVENTINJ_TYPE_INTn 4 121 122/* VMCB exit code, APM vol2 Appendix C */ 123#define VMCB_EXIT_MC 0x52 124#define VMCB_EXIT_INTR 0x60 125#define VMCB_EXIT_PUSHF 0x70 126#define VMCB_EXIT_POPF 0x71 127#define VMCB_EXIT_CPUID 0x72 128#define VMCB_EXIT_IRET 0x74 129#define VMCB_EXIT_PAUSE 0x77 130#define VMCB_EXIT_HLT 0x78 131#define VMCB_EXIT_IO 0x7B 132#define VMCB_EXIT_MSR 0x7C 133#define VMCB_EXIT_SHUTDOWN 0x7F 134#define VMCB_EXIT_VMSAVE 0x83 135#define VMCB_EXIT_NPF 0x400 136#define VMCB_EXIT_INVALID -1 137 138/* 139 * Nested page fault. 140 * Bit definitions to decode EXITINFO1. 141 */ 142#define VMCB_NPF_INFO1_P BIT(0) /* Nested page present. */ 143#define VMCB_NPF_INFO1_W BIT(1) /* Access was write. */ 144#define VMCB_NPF_INFO1_U BIT(2) /* Access was user access. */ 145#define VMCB_NPF_INFO1_RSV BIT(3) /* Reserved bits present. */ 146#define VMCB_NPF_INFO1_ID BIT(4) /* Code read. */ 147 148#define VMCB_NPF_INFO1_GPA BIT(32) /* Guest physical address. */ 149#define VMCB_NPF_INFO1_GPT BIT(33) /* Guest page table. */ 150 151/* 152 * EXITINTINFO, Interrupt exit info for all intrecepts. 153 * Section 15.7.2, Intercepts during IDT Interrupt Delivery. 154 */ 155#define VMCB_EXITINTINFO_VECTOR(x) (x & 0xFF) 156#define VMCB_EXITINTINFO_TYPE(x) ((x & 0x7) >> 8) 157#define VMCB_EXITINTINFO_EC_VALID BIT(11) 158#define VMCB_EXITINTINFO_VALID BIT(31) 159#define VMCB_EXITINTINFO_EC(x) ((x & 0xFFFFFFFF) >> 32) 160 161/* VMCB save state area segment format */ 162struct vmcb_segment { 163 uint16_t selector; 164 uint16_t attrib; 165 uint32_t limit; 166 uint64_t base; 167} __attribute__ ((__packed__)); 168CTASSERT(sizeof(struct vmcb_segment) == 16); 169 170/* 171 * The VMCB is divided into two areas - the first one contains various 172 * control bits including the intercept vector and the second one contains 173 * the guest state. 174 */ 175 176/* VMCB control area - padded up to 1024 bytes */ 177struct vmcb_ctrl { 178 uint16_t cr_read; /* Offset 0, CR0-15 read/write */ 179 uint16_t cr_write; 180 uint16_t dr_read; /* Offset 4, DR0-DR15 */ 181 uint16_t dr_write; 182 uint32_t exception; /* Offset 8, bit mask for exceptions. */ 183 uint32_t ctrl1; /* Offset 0xC, intercept events1 */ 184 uint32_t ctrl2; /* Offset 0x10, intercept event2 */ 185 uint8_t pad1[0x28]; /* Offsets 0x14-0x3B are reserved. */ 186 uint16_t pause_filthresh; /* Offset 0x3C, PAUSE filter threshold */ 187 uint16_t pause_filcnt; /* Offset 0x3E, PAUSE filter count */ 188 uint64_t iopm_base_pa; /* 0x40: IOPM_BASE_PA */ 189 uint64_t msrpm_base_pa; /* 0x48: MSRPM_BASE_PA */ 190 uint64_t tsc_offset; /* 0x50: TSC_OFFSET */ 191 uint32_t asid; /* 0x58: Guest ASID */ 192 uint8_t tlb_ctrl; /* 0x5C: TLB_CONTROL */ 193 uint8_t pad2[3]; /* 0x5D-0x5F: Reserved. */ 194 uint8_t v_tpr; /* 0x60: V_TPR, guest CR8 */ 195 uint8_t v_irq:1; /* Is virtual interrupt pending? */ 196 uint8_t :7; /* Padding */ 197 uint8_t v_intr_prio:4; /* 0x62: Priority for virtual interrupt. */ 198 uint8_t v_ign_tpr:1; 199 uint8_t :3; 200 uint8_t v_intr_masking:1; /* Guest and host sharing of RFLAGS. */ 201 uint8_t :7; 202 uint8_t v_intr_vector; /* 0x65: Vector for virtual interrupt. */ 203 uint8_t pad3[3]; /* Bit64-40 Reserved. */ 204 uint64_t intr_shadow:1; /* 0x68: Interrupt shadow, section15.2.1 APM2 */ 205 uint64_t :63; 206 uint64_t exitcode; /* 0x70, Exitcode */ 207 uint64_t exitinfo1; /* 0x78, EXITINFO1 */ 208 uint64_t exitinfo2; /* 0x80, EXITINFO2 */ 209 uint64_t exitintinfo; /* 0x88, Interrupt exit value. */ 210 uint64_t np_enable:1; /* 0x90, Nested paging enable. */ 211 uint64_t :63; 212 uint8_t pad4[0x10]; /* 0x98-0xA7 reserved. */ 213 uint64_t eventinj; /* 0xA8, Event injection. */ 214 uint64_t n_cr3; /* B0, Nested page table. */ 215 uint64_t lbr_virt_en:1; /* Enable LBR virtualization. */ 216 uint64_t :63; 217 uint32_t vmcb_clean; /* 0xC0: VMCB clean bits for caching */ 218 uint32_t :32; /* 0xC4: Reserved */ 219 uint64_t nrip; /* 0xC8: Guest next nRIP. */ 220 uint8_t inst_decode_size; /* 0xD0: Instruction decode */ 221 uint8_t inst_decode_bytes[15]; 222 uint8_t padd6[0x320]; 223} __attribute__ ((__packed__)); 224CTASSERT(sizeof(struct vmcb_ctrl) == 1024); 225 226struct vmcb_state { 227 struct vmcb_segment es; 228 struct vmcb_segment cs; 229 struct vmcb_segment ss; 230 struct vmcb_segment ds; 231 struct vmcb_segment fs; 232 struct vmcb_segment gs; 233 struct vmcb_segment gdt; 234 struct vmcb_segment ldt; 235 struct vmcb_segment idt; 236 struct vmcb_segment tr; 237 uint8_t pad1[0x2b]; /* Reserved: 0xA0-0xCA */ 238 uint8_t cpl; 239 uint8_t pad2[4]; 240 uint64_t efer; 241 uint8_t pad3[0x70]; /* Reserved: 0xd8-0x147 */ 242 uint64_t cr4; 243 uint64_t cr3; /* Guest CR3 */ 244 uint64_t cr0; 245 uint64_t dr7; 246 uint64_t dr6; 247 uint64_t rflags; 248 uint64_t rip; 249 uint8_t pad4[0x58]; /* Reserved: 0x180-0x1D7 */ 250 uint64_t rsp; 251 uint8_t pad5[0x18]; /* Reserved 0x1E0-0x1F7 */ 252 uint64_t rax; 253 uint64_t star; 254 uint64_t lstar; 255 uint64_t cstar; 256 uint64_t sfmask; 257 uint64_t kernelgsbase; 258 uint64_t sysenter_cs; 259 uint64_t sysenter_esp; 260 uint64_t sysenter_eip; 261 uint64_t cr2; 262 uint8_t pad6[0x20]; 263 uint64_t g_pat; 264 uint64_t dbgctl; 265 uint64_t br_from; 266 uint64_t br_to; 267 uint64_t int_from; 268 uint64_t int_to; 269 uint8_t pad7[0x968]; /* Reserved upto end of VMCB */ 270} __attribute__ ((__packed__)); 271CTASSERT(sizeof(struct vmcb_state) == 0xC00); 272 273struct vmcb { 274 struct vmcb_ctrl ctrl; 275 struct vmcb_state state; 276} __attribute__ ((__packed__)); 277CTASSERT(sizeof(struct vmcb) == PAGE_SIZE); 278CTASSERT(offsetof(struct vmcb, state) == 0x400); 279 280int svm_init_vmcb(struct vmcb *vmcb, uint64_t iopm_base_pa, 281 uint64_t msrpm_base_pa, uint64_t np_pml4); 282int svm_set_vmcb(struct vmcb *vmcb, uint8_t asid); 283int vmcb_read(struct vmcb *vmcb, int ident, uint64_t *retval); 284int vmcb_write(struct vmcb *vmcb, int ident, uint64_t val); 285struct vmcb_segment *vmcb_seg(struct vmcb *vmcb, int type); 286int vmcb_eventinject(struct vmcb_ctrl *ctrl, int type, int vector, 287 uint32_t error, bool ec_valid); 288 289#endif /* _VMCB_H_ */ 290