2 * This file is part of the Palacios Virtual Machine Monitor developed
3 * by the V3VEE Project with funding from the United States National
4 * Science Foundation and the Department of Energy.
6 * The V3VEE Project is a joint project between Northwestern University
7 * and the University of New Mexico. You can find out more at
10 * Copyright (c) 2008, Peter Dinda <pdinda@northwestern.edu>
11 * Copyright (c) 2008, Jack Lange <jarusl@cs.northwestern.edu>
12 * Copyright (c) 2008, The V3VEE Project <http://www.v3vee.org>
13 * All rights reserved.
15 * Author: Peter Dinda <pdinda@northwestern.edu>
16 * Jack Lange <jarusl@cs.northwestern.edu>
18 * This is free software. You are permitted to use,
19 * redistribute, and modify it as specified in the file "V3VEE_LICENSE".
29 #include <palacios/vmm_types.h>
32 /* 16 bit guest state */
33 #define VMCS_GUEST_ES_SELECTOR 0x00000800
34 #define VMCS_GUEST_CS_SELECTOR 0x00000802
35 #define VMCS_GUEST_SS_SELECTOR 0x00000804
36 #define VMCS_GUEST_DS_SELECTOR 0x00000806
37 #define VMCS_GUEST_FS_SELECTOR 0x00000808
38 #define VMCS_GUEST_GS_SELECTOR 0x0000080A
39 #define VMCS_GUEST_LDTR_SELECTOR 0x0000080C
40 #define VMCS_GUEST_TR_SELECTOR 0x0000080E
42 /* 16 bit host state */
43 #define VMCS_HOST_ES_SELECTOR 0x00000C00
44 #define VMCS_HOST_CS_SELECTOR 0x00000C02
45 #define VMCS_HOST_SS_SELECTOR 0x00000C04
46 #define VMCS_HOST_DS_SELECTOR 0x00000C06
47 #define VMCS_HOST_FS_SELECTOR 0x00000C08
48 #define VMCS_HOST_GS_SELECTOR 0x00000C0A
49 #define VMCS_HOST_TR_SELECTOR 0x00000C0C
51 /* 64 bit control fields */
52 #define IO_BITMAP_A_ADDR 0x00002000
53 #define IO_BITMAP_A_ADDR_HIGH 0x00002001
54 #define IO_BITMAP_B_ADDR 0x00002002
55 #define IO_BITMAP_B_ADDR_HIGH 0x00002003
56 // Only with "Use MSR Bitmaps" enabled
57 #define MSR_BITMAPS 0x00002004
58 #define MSR_BITMAPS_HIGH 0x00002005
60 #define VM_EXIT_MSR_STORE_ADDR 0x00002006
61 #define VM_EXIT_MSR_STORE_ADDR_HIGH 0x00002007
62 #define VM_EXIT_MSR_LOAD_ADDR 0x00002008
63 #define VM_EXIT_MSR_LOAD_ADDR_HIGH 0x00002009
64 #define VM_ENTRY_MSR_LOAD_ADDR 0x0000200A
65 #define VM_ENTRY_MSR_LOAD_ADDR_HIGH 0x0000200B
66 #define VMCS_EXEC_PTR 0x0000200C
67 #define VMCS_EXEC_PTR_HIGH 0x0000200D
68 #define TSC_OFFSET 0x00002010
69 #define TSC_OFFSET_HIGH 0x00002011
70 // Only with "Use TPR Shadow" enabled
71 #define VIRT_APIC_PAGE_ADDR 0x00002012
72 #define VIRT_APIC_PAGE_ADDR_HIGH 0x00002013
76 /* 64 bit guest state fields */
77 #define VMCS_LINK_PTR 0x00002800
78 #define VMCS_LINK_PTR_HIGH 0x00002801
79 #define GUEST_IA32_DEBUGCTL 0x00002802
80 #define GUEST_IA32_DEBUGCTL_HIGH 0x00002803
81 #define GUEST_IA32_PERF_GLOBAL_CTRL 0x00002808
82 #define GUEST_IA32_PERF_GLOBAL_CTRL_HIGH 0x00002809
84 /* 32 bit control fields */
85 #define PIN_VM_EXEC_CTRLS 0x00004000
86 #define PROC_VM_EXEC_CTRLS 0x00004002
87 #define EXCEPTION_BITMAP 0x00004004
88 #define PAGE_FAULT_ERROR_MASK 0x00004006
89 #define PAGE_FAULT_ERROR_MATCH 0x00004008
90 #define CR3_TARGET_COUNT 0x0000400A
91 #define VM_EXIT_CTRLS 0x0000400C
92 #define VM_EXIT_MSR_STORE_COUNT 0x0000400E
93 #define VM_EXIT_MSR_LOAD_COUNT 0x00004010
94 #define VM_ENTRY_CTRLS 0x00004012
95 #define VM_ENTRY_MSR_LOAD_COUNT 0x00004014
96 #define VM_ENTRY_INT_INFO_FIELD 0x00004016
97 #define VM_ENTRY_EXCEPTION_ERROR 0x00004018
98 #define VM_ENTRY_INSTR_LENGTH 0x0000401A
99 // Only with "Use TPR Shadow" Enabled
100 #define TPR_THRESHOLD 0x0000401C
106 /* 32 bit Read Only data fields */
107 #define VM_INSTR_ERROR 0x00004400
108 #define EXIT_REASON 0x00004402
109 #define VM_EXIT_INT_INFO 0x00004404
110 #define VM_EXIT_INT_ERROR 0x00004406
111 #define IDT_VECTOR_INFO 0x00004408
112 #define IDT_VECTOR_ERROR 0x0000440A
113 #define VM_EXIT_INSTR_LENGTH 0x0000440C
114 #define VMX_INSTR_INFO 0x0000440E
116 /* 32 bit Guest state fields */
117 #define GUEST_ES_LIMIT 0x00004800
118 #define GUEST_CS_LIMIT 0x00004802
119 #define GUEST_SS_LIMIT 0x00004804
120 #define GUEST_DS_LIMIT 0x00004806
121 #define GUEST_FS_LIMIT 0x00004808
122 #define GUEST_GS_LIMIT 0x0000480A
123 #define GUEST_LDTR_LIMIT 0x0000480C
124 #define GUEST_TR_LIMIT 0x0000480E
125 #define GUEST_GDTR_LIMIT 0x00004810
126 #define GUEST_IDTR_LIMIT 0x00004812
127 #define GUEST_ES_ACCESS 0x00004814
128 #define GUEST_CS_ACCESS 0x00004816
129 #define GUEST_SS_ACCESS 0x00004818
130 #define GUEST_DS_ACCESS 0x0000481A
131 #define GUEST_FS_ACCESS 0x0000481C
132 #define GUEST_GS_ACCESS 0x0000481E
133 #define GUEST_LDTR_ACCESS 0x00004820
134 #define GUEST_TR_ACCESS 0x00004822
135 #define GUEST_INT_STATE 0x00004824
136 #define GUEST_ACTIVITY_STATE 0x00004826
137 #define GUEST_SMBASE 0x00004828
138 #define GUEST_IA32_SYSENTER_CS 0x0000482A
141 /* 32 bit host state field */
142 #define HOST_IA32_SYSENTER_CS 0x00004C00
144 /* Natural Width Control Fields */
145 #define CR0_GUEST_HOST_MASK 0x00006000
146 #define CR4_GUEST_HOST_MASK 0x00006002
147 #define CR0_READ_SHADOW 0x00006004
148 #define CR4_READ_SHADOW 0x00006006
149 #define CR3_TARGET_VALUE_0 0x00006008
150 #define CR3_TARGET_VALUE_1 0x0000600A
151 #define CR3_TARGET_VALUE_2 0x0000600C
152 #define CR3_TARGET_VALUE_3 0x0000600E
155 /* Natural Width Read Only Fields */
156 #define EXIT_QUALIFICATION 0x00006400
157 #define IO_RCX 0x00006402
158 #define IO_RSI 0x00006404
159 #define IO_RDI 0x00006406
160 #define IO_RIP 0x00006408
161 #define GUEST_LINEAR_ADDR 0x0000640A
163 /* Natural Width Guest State Fields */
164 #define GUEST_CR0 0x00006800
165 #define GUEST_CR3 0x00006802
166 #define GUEST_CR4 0x00006804
167 #define GUEST_ES_BASE 0x00006806
168 #define GUEST_CS_BASE 0x00006808
169 #define GUEST_SS_BASE 0x0000680A
170 #define GUEST_DS_BASE 0x0000680C
171 #define GUEST_FS_BASE 0x0000680E
172 #define GUEST_GS_BASE 0x00006810
173 #define GUEST_LDTR_BASE 0x00006812
174 #define GUEST_TR_BASE 0x00006814
175 #define GUEST_GDTR_BASE 0x00006816
176 #define GUEST_IDTR_BASE 0x00006818
177 #define GUEST_DR7 0x0000681A
178 #define GUEST_RSP 0x0000681C
179 #define GUEST_RIP 0x0000681E
180 #define GUEST_RFLAGS 0x00006820
181 #define GUEST_PENDING_DEBUG_EXCS 0x00006822
182 #define GUEST_IA32_SYSENTER_ESP 0x00006824
183 #define GUEST_IA32_SYSENTER_EIP 0x00006826
186 /* Natural Width Host State Fields */
187 #define HOST_CR0 0x00006C00
188 #define HOST_CR3 0x00006C02
189 #define HOST_CR4 0x00006C04
190 #define HOST_FS_BASE 0x00006C06
191 #define HOST_GS_BASE 0x00006C08
192 #define HOST_TR_BASE 0x00006C0A
193 #define HOST_GDTR_BASE 0x00006C0C
194 #define HOST_IDTR_BASE 0x00006C0E
195 #define HOST_IA32_SYSENTER_ESP 0x00006C10
196 #define HOST_IA32_SYSENTER_EIP 0x00006C12
197 #define HOST_RSP 0x00006C14
198 #define HOST_RIP 0x00006C16
200 /* Pin Based VM Execution Controls */
201 /* INTEL MANUAL: 20-10 vol 3B */
202 #define EXTERNAL_INTERRUPT_EXITING 0x00000001
203 #define NMI_EXITING 0x00000008
204 #define VIRTUAL_NMIS 0x00000020
207 /* Processor Based VM Execution Controls */
208 /* INTEL MANUAL: 20-11 vol. 3B */
209 #define INTERRUPT_WINDOWS_EXIT 0x00000004
210 #define USE_TSC_OFFSETTING 0x00000008
211 #define HLT_EXITING 0x00000080
212 #define INVLPG_EXITING 0x00000200
213 #define MWAIT_EXITING 0x00000400
214 #define RDPMC_EXITING 0x00000800
215 #define RDTSC_EXITING 0x00001000
216 #define CR8_LOAD_EXITING 0x00080000
217 #define CR8_STORE_EXITING 0x00100000
218 #define USE_TPR_SHADOW 0x00200000
219 #define NMI_WINDOW_EXITING 0x00400000
220 #define MOVDR_EXITING 0x00800000
221 #define UNCONDITION_IO_EXITING 0x01000000
222 #define USE_IO_BITMAPS 0x02000000
223 #define USE_MSR_BITMAPS 0x10000000
224 #define MONITOR_EXITING 0x20000000
225 #define PAUSE_EXITING 0x40000000
227 /* VM-Exit Controls */
228 /* INTEL MANUAL: 20-16 vol. 3B */
229 #define HOST_ADDR_SPACE_SIZE 0x00000200
230 #define ACK_IRQ_ON_EXIT 0x00008000
236 /* VMCS Exit QUALIFICATIONs */
237 struct VMExitIOQual {
238 uint32_t accessSize : 3; // (0: 1 Byte ;; 1: 2 Bytes ;; 3: 4 Bytes)
239 uint32_t dir : 1; // (0: Out ;; 1: In)
240 uint32_t string : 1; // (0: not string ;; 1: string)
241 uint32_t REP : 1; // (0: not REP ;; 1: REP)
242 uint32_t opEnc : 1; // (0: DX ;; 1: immediate)
243 uint32_t rsvd : 9; // Set to 0
244 uint32_t port : 16; // IO Port Number
245 } __attribute__((packed));
249 struct VMExitDBGQual {
250 uint32_t B0 : 1; // Breakpoint 0 condition met
251 uint32_t B1 : 1; // Breakpoint 1 condition met
252 uint32_t B2 : 1; // Breakpoint 2 condition met
253 uint32_t B3 : 1; // Breakpoint 3 condition met
254 uint32_t rsvd : 9; // reserved to 0
255 uint32_t BD : 1; // detected DBG reg access
256 uint32_t BS : 1; // cause either single instr or taken branch
257 } __attribute__((packed));
260 struct VMExitTSQual {
261 uint32_t selector : 16; // selector of destination TSS
262 uint32_t rsvd : 14; // reserved to 0
263 uint32_t src : 2; // (0: CALL ; 1: IRET ; 2: JMP ; 3: Task gate in IDT)
264 } __attribute__((packed));
266 struct VMExitCRQual {
267 uint32_t crID : 4; // cr number (0 for CLTS and LMSW) (bit 3 always 0, on 32bit)
268 uint32_t accessType : 2; // (0: MOV to CR ; 1: MOV from CR ; 2: CLTS ; 3: LMSW)
269 uint32_t lmswOpType : 1; // (0: register ; 1: memory)
270 uint32_t rsvd1 : 1; // reserved to 0
271 uint32_t gpr : 4; // (0:RAX+[CLTS/LMSW], 1:RCX, 2:RDX, 3:RBX, 4:RSP, 5:RBP, 6:RSI, 6:RDI, 8-15:64bit regs)
272 uint32_t rsvd2 : 4; // reserved to 0
273 uint32_t lmswSrc : 16; // src data for lmsw
274 } __attribute__((packed));
276 struct VMExitMovDRQual {
277 uint32_t regID : 3; // debug register number
278 uint32_t rsvd1 : 1; // reserved to 0
279 uint32_t dir : 1; // (0: MOV to DR , 1: MOV from DR)
280 uint32_t rsvd2 : 3; // reserved to 0
281 uint32_t gpr : 4; // (0:RAX, 1:RCX, 2:RDX, 3:RBX, 4:RSP, 5:RBP, 6:RSI, 6:RDI, 8-15:64bit regs)
282 } __attribute__((packed));
284 /* End Exit Qualifications */
286 /* Exit Vector Info */
287 struct VMExitIntInfo {
288 uint32_t nr : 8; // IRQ number, exception vector, NMI = 2
289 uint32_t type : 3; // (0: ext. IRQ , 2: NMI , 3: hw exception , 6: sw exception
290 uint32_t errorCode : 1; // 1: error Code present
291 uint32_t iret : 1; // something to do with NMIs and IRETs (Intel 3B, sec. 23.2.2)
292 uint32_t rsvd : 18; // always 0
293 uint32_t valid : 1; // always 1 if valid
294 } __attribute__((packed));
299 /* End Exit Vector Info */
304 /* Segment Selector Access Rights (32 bits) */
305 /* INTEL Manual: 20-4 vol 3B */
308 struct vmcs_segment_access {
313 uint32_t desc_type : 1;
315 uint32_t present : 1;
318 uint32_t long_mode : 1; // CS only (64 bit active), reserved otherwise
320 uint32_t granularity : 1;
321 uint32_t unusable : 1;
323 } __attribute__((packed));
324 } __attribute__((packed));
325 }__attribute__((packed);;
328 struct vmcs_interrupt_state {
329 uint32_t sti_blocking : 1;
330 uint32_t mov_ss_blocking : 1;
331 uint32_t smi_blocking : 1;
332 uint32_t nmi_blocking : 1;
334 } __attribute__((packed));
336 struct vmcs_pending_debug {
342 uint32_t break_enabled : 1;
346 } __attribute__((packed));
349 struct VMCSExecCtrlFields {
350 uint32_t pinCtrls ; // Table 20-5, Vol 3B. (pg. 20-10)
351 uint32_t procCtrls ; // Table 20-6, Vol 3B. (pg. 20-11)
352 uint32_t execBitmap ;
353 uint32_t pageFaultErrorMask ;
354 uint32_t pageFaultErrorMatch ;
358 uint32_t cr0GuestHostMask ; // Should be 64 bits?
359 uint32_t cr0ReadShadow ; // Should be 64 bits?
360 uint32_t cr4GuestHostMask ; // Should be 64 bits?
361 uint32_t cr4ReadShadow ; // Should be 64 bits?
362 uint32_t cr3TargetValue0 ; // should be 64 bits?
363 uint32_t cr3TargetValue1 ; // should be 64 bits?
364 uint32_t cr3TargetValue2 ; // should be 64 bits?
365 uint32_t cr3TargetValue3 ; // should be 64 bits?
366 uint32_t cr3TargetCount ;
370 /* these fields enabled if "use TPR shadow"==1 */
371 /* may not need them */
372 uint64_t virtApicPageAddr ;
373 // uint32_t virtApicPageAddrHigh
374 uint32_t tprThreshold ;
377 uint64_t MSRBitmapsBaseAddr;
379 uint64_t vmcsExecPtr ;
382 int CopyOutVMCSExecCtrlFields(struct VMCSExecCtrlFields *p);
383 int CopyInVMCSExecCtrlFields(struct VMCSExecCtrlFields *p);
388 struct VMCSExitCtrlFields {
389 uint32_t exitCtrls ; // Table 20-7, Vol. 3B (pg. 20-16)
390 uint32_t msrStoreCount ;
391 uint64_t msrStoreAddr ;
392 uint32_t msrLoadCount ;
393 uint64_t msrLoadAddr ;
396 int CopyOutVMCSExitCtrlFields(struct VMCSExitCtrlFields *p);
397 int CopyInVMCSExitCtrlFields(struct VMCSExitCtrlFields *p);
401 struct VMCSEntryCtrlFields {
402 uint32_t entryCtrls ; // Table 20-9, Vol. 3B (pg. 20-18)
403 uint32_t msrLoadCount ;
404 uint64_t msrLoadAddr ;
405 uint32_t intInfo ; // Table 20-10, Vol. 3B (pg. 20-19)
406 uint32_t exceptionErrorCode ;
407 uint32_t instrLength ;
411 int CopyOutVMCSEntryCtrlFields(struct VMCSEntryCtrlFields *p);
412 int CopyInVMCSEntryCtrlFields(struct VMCSEntryCtrlFields *p);
415 struct VMCSExitInfoFields {
416 uint32_t reason; // Table 20-11, Vol. 3B (pg. 20-20)
417 uint32_t qualification ; // Should be 64 bits?
419 uint32_t intErrorCode ;
420 uint32_t idtVectorInfo ;
421 uint32_t idtVectorErrorCode ;
422 uint32_t instrLength ;
423 uint64_t guestLinearAddr ; // Should be 64 bits?
425 uint64_t ioRCX ; // Should be 64 bits?
426 uint64_t ioRSI ; // Should be 64 bits?
427 uint64_t ioRDI ; // Should be 64 bits?
428 uint64_t ioRIP ; // Should be 64 bits?
429 uint32_t instrErrorField ;
434 int CopyOutVMCSExitInfoFields(struct VMCSExitInfoFields *p);
438 typedef struct vmcs_data {
441 } __attribute__((packed)) vmcs_data_t;
444 int CopyOutVMCSData(struct VMCSData *p);
445 int CopyInVMCSData(struct VMCSData *p);
458 void PrintTrace_VMX_Regs(struct VMXRegs *regs);
459 void PrintTrace_VMCSData(struct VMCSData * vmcs);
460 void PrintTrace_VMCSGuestStateArea(struct VMCSGuestStateArea * guestState);
461 void PrintTrace_VMCSHostStateArea(struct VMCSHostStateArea * hostState);
462 void PrintTrace_VMCSExecCtrlFields(struct VMCSExecCtrlFields * execCtrls);
463 void PrintTrace_VMCSExitCtrlFields(struct VMCSExitCtrlFields * exitCtrls);
464 void PrintTrace_VMCSEntryCtrlFields(struct VMCSEntryCtrlFields * entryCtrls);
465 void PrintTrace_VMCSExitInfoFields(struct VMCSExitInfoFields * exitInfo);
466 void PrintTrace_VMCSSegment(char * segname, struct VMCSSegment * seg, int abbr);
469 //uint_t VMCSRead(uint_t tag, void * val);
472 #endif // ! __V3VEE__
