2 * This file is part of the Palacios Virtual Machine Monitor developed
3 * by the V3VEE Project with funding from the United States National
4 * Science Foundation and the Department of Energy.
6 * The V3VEE Project is a joint project between Northwestern University
7 * and the University of New Mexico. You can find out more at
10 * Copyright (c) 2008, Jack Lange <jarusl@cs.northwestern.edu>
11 * Copyright (c) 2008, The V3VEE Project <http://www.v3vee.org>
12 * All rights reserved.
14 * Author: Jack Lange <jarusl@cs.northwestern.edu>
16 * This is free software. You are permitted to use,
17 * redistribute, and modify it as specified in the file "V3VEE_LICENSE".
21 #include <palacios/svm_io.h>
22 #include <palacios/vmm_io.h>
23 #include <palacios/vmm_ctrl_regs.h>
24 #include <palacios/vmm_decoder.h>
25 #include <palacios/vm_guest_mem.h>
27 #ifndef V3_CONFIG_DEBUG_IO
29 #define PrintDebug(fmt, args...)
33 static int update_map(struct v3_vm_info * vm, uint16_t port, int hook_read, int hook_write) {
34 uchar_t * bitmap = (uint8_t *)(vm->io_map.arch_data);;
38 if ((hook_read == 0) && (hook_write == 0)) {
39 *(bitmap + major) &= ~(0x1 << minor);
41 *(bitmap + major) |= (0x1 << minor);
48 int v3_init_svm_io_map(struct v3_vm_info * vm) {
51 vm->io_map.update_map = update_map;
53 temp = V3_AllocPages(3); // need not be shadow-safe, not exposed to guest
56 PrintError(vm, VCORE_NONE, "Cannot allocate io bitmap\n");
60 vm->io_map.arch_data = V3_VAddr(temp);
62 memset(vm->io_map.arch_data, 0xff, PAGE_SIZE_4KB * 3);
65 v3_refresh_io_map(vm);
70 int v3_deinit_svm_io_map(struct v3_vm_info * vm) {
71 if (vm->io_map.arch_data) {
72 V3_FreePages(V3_PAddr(vm->io_map.arch_data), 3);
79 // This should package up an IO request and call vmm_handle_io
80 int v3_handle_svm_io_in(struct guest_info * core, struct svm_io_info * io_info) {
81 struct v3_io_hook * hook = v3_get_io_hook(core->vm_info, io_info->port);
86 } else if (io_info->sz16) {
88 } else if (io_info->sz32) {
92 PrintDebug(core->vm_info, core, "IN of %d bytes on port %d (0x%x)\n", read_size, io_info->port, io_info->port);
95 PrintDebug(core->vm_info, core, "IN operation on unhooked IO port 0x%x - returning zero\n", io_info->port);
96 core->vm_regs.rax >>= 8*read_size;
97 core->vm_regs.rax <<= 8*read_size;
100 if (hook->read(core, io_info->port, &(core->vm_regs.rax), read_size, hook->priv_data) != read_size) {
101 // not sure how we handle errors.....
102 PrintError(core->vm_info, core, "Read Failure for in on port 0x%x\n", io_info->port);
115 /* We might not handle wrap around of the RDI register correctly...
116 * In that if we do wrap around the effect will manifest in the higher bits of the register
118 int v3_handle_svm_io_ins(struct guest_info * core, struct svm_io_info * io_info) {
119 struct v3_io_hook * hook = v3_get_io_hook(core->vm_info, io_info->port);
124 struct v3_segment * theseg = &(core->segments.es); // default is ES
128 // This is kind of hacky...
129 // direction can equal either 1 or -1
130 // We will multiply the final added offset by this value to go the correct direction
132 struct rflags * flags = (struct rflags *)&(core->ctrl_regs.rflags);
139 if (v3_gva_to_hva(core, get_addr_linear(core, core->rip, &(core->segments.cs)), &inst_ptr) == -1) {
140 PrintError(core->vm_info, core, "Can't access instruction\n");
144 while (is_prefix_byte(*((char *)inst_ptr))) {
145 switch (*((char *)inst_ptr)) {
146 case PREFIX_CS_OVERRIDE:
147 theseg = &(core->segments.cs);
149 case PREFIX_SS_OVERRIDE:
150 theseg = &(core->segments.ss);
152 case PREFIX_DS_OVERRIDE:
153 theseg = &(core->segments.ds);
155 case PREFIX_ES_OVERRIDE:
156 theseg = &(core->segments.es);
158 case PREFIX_FS_OVERRIDE:
159 theseg = &(core->segments.fs);
161 case PREFIX_GS_OVERRIDE:
162 theseg = &(core->segments.gs);
171 PrintDebug(core->vm_info, core, "INS on port %d (0x%x)\n", io_info->port, io_info->port);
175 } else if (io_info->sz16) {
177 } else if (io_info->sz32) {
180 PrintError(core->vm_info, core, "io_info Invalid Size\n");
185 if (io_info->addr16) {
187 } else if (io_info->addr32) {
189 } else if (io_info->addr64) {
190 mask = 0xffffffffffffffffLL;
192 // This value should be set depending on the host register size...
193 mask = get_gpr_mask(core);
195 PrintDebug(core->vm_info, core, "INS io_info invalid address size, mask=0x%p, io_info=0x%p\n",
196 (void *)(addr_t)mask, (void *)(addr_t)(io_info));
197 // PrintDebug(core->vm_info, core, "INS Aborted... Check implementation\n");
202 rep_num = core->vm_regs.rcx & mask;
203 //rep_num = info->vm_regs.rcx;
206 PrintDebug(core->vm_info, core, "INS size=%d for %d steps\n", read_size, rep_num);
208 while (rep_num > 0) {
210 dst_addr = get_addr_linear(core, (core->vm_regs.rdi & mask), theseg);
212 // PrintDebug(core->vm_info, core, "Writing 0x%p\n", (void *)dst_addr);
214 if (v3_gva_to_hva(core, dst_addr, &host_addr) == -1) {
215 // either page fault or gpf...
216 PrintError(core->vm_info, core, "Could not convert Guest VA to host VA\n");
221 PrintDebug(core->vm_info, core, "INS operation on unhooked IO port 0x%x - returning zeros\n", io_info->port);
222 memset((char*)host_addr,0,read_size);
225 if (hook->read(core, io_info->port, (char *)host_addr, read_size, hook->priv_data) != read_size) {
226 // not sure how we handle errors.....
227 PrintError(core->vm_info, core, "Read Failure for ins on port 0x%x\n", io_info->port);
232 core->vm_regs.rdi += (read_size * direction);
244 int v3_handle_svm_io_out(struct guest_info * core, struct svm_io_info * io_info) {
245 struct v3_io_hook * hook = v3_get_io_hook(core->vm_info, io_info->port);
250 } else if (io_info->sz16) {
252 } else if (io_info->sz32) {
256 PrintDebug(core->vm_info, core, "OUT of %d bytes on port %d (0x%x)\n", write_size, io_info->port, io_info->port);
259 PrintDebug(core->vm_info, core, "OUT operation on unhooked IO port 0x%x - ignored\n", io_info->port);
261 if (hook->write(core, io_info->port, &(core->vm_regs.rax), write_size, hook->priv_data) != write_size) {
262 // not sure how we handle errors.....
263 PrintError(core->vm_info, core, "Write Failure for out on port 0x%x\n", io_info->port);
273 /* We might not handle wrap around of the RSI register correctly...
274 * In that if we do wrap around the effect will manifest in the higher bits of the register
277 int v3_handle_svm_io_outs(struct guest_info * core, struct svm_io_info * io_info) {
279 struct v3_io_hook * hook = v3_get_io_hook(core->vm_info, io_info->port);
285 struct v3_segment * theseg = &(core->segments.ds); // default is DS
287 // This is kind of hacky...
288 // direction can equal either 1 or -1
289 // We will multiply the final added offset by this value to go the correct direction
291 struct rflags * flags = (struct rflags *)&(core->ctrl_regs.rflags);
297 PrintDebug(core->vm_info, core, "OUTS on port %d (0x%x)\n", io_info->port, io_info->port);
301 } else if (io_info->sz16) {
303 } else if (io_info->sz32) {
308 if (io_info->addr16) {
310 } else if (io_info->addr32) {
312 } else if (io_info->addr64) {
313 mask = 0xffffffffffffffffLL;
315 // This value should be set depending on the host register size...
316 mask = get_gpr_mask(core);
318 PrintDebug(core->vm_info, core, "OUTS io_info invalid address size, mask=0%p, io_info=0x%p\n",
319 (void *)(addr_t)mask, (void *)(addr_t)io_info);
320 // PrintDebug(core->vm_info, core, "INS Aborted... Check implementation\n");
322 // should never happen
323 //PrintDebug(core->vm_info, core, "Invalid Address length\n");
328 rep_num = core->vm_regs.rcx & mask;
334 if (v3_gva_to_hva(core, get_addr_linear(core, core->rip, &(core->segments.cs)), &inst_ptr) == -1) {
335 PrintError(core->vm_info, core, "Can't access instruction\n");
339 while (is_prefix_byte(*((char *)inst_ptr))) {
340 switch (*((char *)inst_ptr)) {
341 case PREFIX_CS_OVERRIDE:
342 theseg = &(core->segments.cs);
344 case PREFIX_SS_OVERRIDE:
345 theseg = &(core->segments.ss);
347 case PREFIX_DS_OVERRIDE:
348 theseg = &(core->segments.ds);
350 case PREFIX_ES_OVERRIDE:
351 theseg = &(core->segments.es);
353 case PREFIX_FS_OVERRIDE:
354 theseg = &(core->segments.fs);
356 case PREFIX_GS_OVERRIDE:
357 theseg = &(core->segments.gs);
365 PrintDebug(core->vm_info, core, "OUTS size=%d for %d steps\n", write_size, rep_num);
367 while (rep_num > 0) {
368 addr_t host_addr = 0;
370 dst_addr = get_addr_linear(core, (core->vm_regs.rsi & mask), theseg);
372 if (v3_gva_to_hva(core, dst_addr, &host_addr) == -1) {
373 PrintError(core->vm_info, core, "Could not translate outs dest addr, either page fault or gpf...\n");
378 PrintDebug(core->vm_info, core, "OUTS operation on unhooked IO port 0x%x - ignored\n", io_info->port);
380 if (hook->write(core, io_info->port, (char*)host_addr, write_size, hook->priv_data) != write_size) {
381 // not sure how we handle errors.....
382 PrintError(core->vm_info, core, "Write Failure for outs on port 0x%x\n", io_info->port);
388 core->vm_regs.rsi += write_size * direction;