2 * This file is part of the Palacios Virtual Machine Monitor developed
3 * by the V3VEE Project with funding from the United States National
4 * Science Foundation and the Department of Energy.
6 * The V3VEE Project is a joint project between Northwestern University
7 * and the University of New Mexico. You can find out more at
10 * Copyright (c) 2008, Jack Lange <jarusl@cs.northwestern.edu>
11 * Copyright (c) 2008, The V3VEE Project <http://www.v3vee.org>
12 * All rights reserved.
14 * Author: Jack Lange <jarusl@cs.northwestern.edu>
16 * This is free software. You are permitted to use,
17 * redistribute, and modify it as specified in the file "V3VEE_LICENSE".
20 #ifndef __VMM_DECODER_H
21 #define __VMM_DECODER_H
25 #include <palacios/vm_guest.h>
26 #include <palacios/vmm.h>
29 typedef enum { V3_INVALID_OP,
30 V3_OP_MOVCR2, V3_OP_MOV2CR, V3_OP_SMSW, V3_OP_LMSW, V3_OP_CLTS,
32 V3_OP_ADC, V3_OP_ADD, V3_OP_AND, V3_OP_OR, V3_OP_XOR, V3_OP_SUB,
33 V3_OP_INC, V3_OP_DEC, V3_OP_NEG, V3_OP_MOV, V3_OP_NOT, V3_OP_XCHG,
34 V3_OP_SETB, V3_OP_SETBE, V3_OP_SETL, V3_OP_SETLE, V3_OP_SETNB,
35 V3_OP_SETNBE, V3_OP_SETNL, V3_OP_SETNLE, V3_OP_SETNO, V3_OP_SETNP,
36 V3_OP_SETNS, V3_OP_SETNZ, V3_OP_SETO, V3_OP_SETP, V3_OP_SETS,
37 V3_OP_SETZ, V3_OP_MOVS, V3_OP_STOS, V3_OP_MOVZX, V3_OP_MOVSX} v3_op_type_t;
40 typedef enum {INVALID_OPERAND, REG_OPERAND, MEM_OPERAND, IMM_OPERAND} v3_operand_type_t;
45 v3_operand_type_t type;
49 uint_t lock : 1; // 0xF0
50 uint_t repne : 1; // 0xF2
51 uint_t repnz : 1; // 0xF2
52 uint_t rep : 1; // 0xF3
53 uint_t repe : 1; // 0xF3
54 uint_t repz : 1; // 0xF3
55 uint_t cs_override : 1; // 0x2E
56 uint_t ss_override : 1; // 0x36
57 uint_t ds_override : 1; // 0x3E
58 uint_t es_override : 1; // 0x26
59 uint_t fs_override : 1; // 0x64
60 uint_t gs_override : 1; // 0x65
61 uint_t br_not_taken : 1; // 0x2E
62 uint_t br_taken : 1; // 0x3E
63 uint_t op_size : 1; // 0x66
64 uint_t addr_size : 1; // 0x67
69 struct x86_prefixes prefixes;
73 struct x86_operand dst_operand;
74 struct x86_operand src_operand;
75 struct x86_operand third_operand;
82 struct basic_instr_info {
91 /************************/
92 /* EXTERNAL DECODER API */
93 /************************/
95 This is an External API definition that must be implemented by a decoder
100 * Initializes a decoder
102 int v3_init_decoder();
105 * Decodes an instruction
106 * All addresses in arguments are in the host address space
107 * instr_ptr is the host address of the instruction
108 * IMPORTANT: make sure the instr_ptr is in contiguous host memory
109 * ie. Copy it to a buffer before the call
111 int v3_decode(struct guest_info * info, addr_t instr_ptr, struct x86_instr * instr);
114 * Encodes an instruction
115 * All addresses in arguments are in the host address space
116 * The instruction is encoded from the struct, and copied into a 15 byte host buffer
117 * referenced by instr_buf
118 * any unused bytes at the end of instr_buf will be filled with nops
119 * IMPORTANT: instr_buf must be allocated and 15 bytes long
121 int v3_encode(struct guest_info * info, struct x86_instr * instr, char * instr_buf);
125 * Gets the operand size for a memory operation
128 int v3_basic_mem_decode(struct guest_info * info, addr_t instr_ptr, struct basic_instr_info * instr_info);
132 /* Removes a rep prefix in place */
133 void v3_strip_rep_prefix(uchar_t * instr, int length);
134 void v3_get_prefixes(uchar_t * instr, struct x86_prefixes * prefixes);
138 * JRL: Some of this was taken from the Xen sources...
141 #define PACKED __attribute__((packed))
143 #define MODRM_MOD(x) ((x >> 6) & 0x3)
144 #define MODRM_REG(x) ((x >> 3) & 0x7)
145 #define MODRM_RM(x) (x & 0x7)
148 uint_t rm : 3 PACKED;
149 uint_t reg : 3 PACKED;
150 uint_t mod : 2 PACKED;
154 #define SIB_BASE(x) ((x >> 6) & 0x3)
155 #define SIB_INDEX(x) ((x >> 3) & 0x7)
156 #define SIB_SCALE(x) (x & 0x7)
159 uint_t base : 3 PACKED;
160 uint_t index : 3 PACKED;
161 uint_t scale : 2 PACKED;
166 #define MAKE_INSTR(nm, ...) static const uchar_t V3_OPCODE_##nm[] = { __VA_ARGS__ }
169 * Here's how it works:
170 * First byte: Length.
171 * Following bytes: Opcode bytes.
172 * Special case: Last byte, if zero, doesn't need to match.
174 MAKE_INSTR(INVD, 2, 0x0f, 0x08);
175 MAKE_INSTR(CPUID, 2, 0x0f, 0xa2);
176 MAKE_INSTR(RDMSR, 2, 0x0f, 0x32);
177 MAKE_INSTR(WRMSR, 2, 0x0f, 0x30);
178 MAKE_INSTR(RDTSC, 2, 0x0f, 0x31);
179 MAKE_INSTR(RDTSCP, 3, 0x0f, 0x01, 0xf9);
180 MAKE_INSTR(CLI, 1, 0xfa);
181 MAKE_INSTR(STI, 1, 0xfb);
182 MAKE_INSTR(RDPMC, 2, 0x0f, 0x33);
183 MAKE_INSTR(CLGI, 3, 0x0f, 0x01, 0xdd);
184 MAKE_INSTR(STGI, 3, 0x0f, 0x01, 0xdc);
185 MAKE_INSTR(VMRUN, 3, 0x0f, 0x01, 0xd8);
186 MAKE_INSTR(VMLOAD, 3, 0x0f, 0x01, 0xda);
187 MAKE_INSTR(VMSAVE, 3, 0x0f, 0x01, 0xdb);
188 MAKE_INSTR(VMCALL, 3, 0x0f, 0x01, 0xd9);
189 MAKE_INSTR(PAUSE, 2, 0xf3, 0x90);
190 MAKE_INSTR(SKINIT, 3, 0x0f, 0x01, 0xde);
191 MAKE_INSTR(MOV2CR, 3, 0x0f, 0x22, 0x00);
192 MAKE_INSTR(MOVCR2, 3, 0x0f, 0x20, 0x00);
193 MAKE_INSTR(MOV2DR, 3, 0x0f, 0x23, 0x00);
194 MAKE_INSTR(MOVDR2, 3, 0x0f, 0x21, 0x00);
195 MAKE_INSTR(PUSHF, 1, 0x9c);
196 MAKE_INSTR(POPF, 1, 0x9d);
197 MAKE_INSTR(RSM, 2, 0x0f, 0xaa);
198 MAKE_INSTR(INVLPG, 3, 0x0f, 0x01, 0x00);
199 MAKE_INSTR(INVLPGA,3, 0x0f, 0x01, 0xdf);
200 MAKE_INSTR(HLT, 1, 0xf4);
201 MAKE_INSTR(CLTS, 2, 0x0f, 0x06);
202 MAKE_INSTR(LMSW, 3, 0x0f, 0x01, 0x00);
203 MAKE_INSTR(SMSW, 3, 0x0f, 0x01, 0x00);
206 #define PREFIX_LOCK 0xF0
207 #define PREFIX_REPNE 0xF2
208 #define PREFIX_REPNZ 0xF2
209 #define PREFIX_REP 0xF3
210 #define PREFIX_REPE 0xF3
211 #define PREFIX_REPZ 0xF3
212 #define PREFIX_CS_OVERRIDE 0x2E
213 #define PREFIX_SS_OVERRIDE 0x36
214 #define PREFIX_DS_OVERRIDE 0x3E
215 #define PREFIX_ES_OVERRIDE 0x26
216 #define PREFIX_FS_OVERRIDE 0x64
217 #define PREFIX_GS_OVERRIDE 0x65
218 #define PREFIX_BR_NOT_TAKEN 0x2E
219 #define PREFIX_BR_TAKEN 0x3E
220 #define PREFIX_OP_SIZE 0x66
221 #define PREFIX_ADDR_SIZE 0x67
223 int v3_opcode_cmp(const uchar_t * op1, const uchar_t * op2);
226 static inline int is_prefix_byte(uchar_t byte) {
229 case 0xF2: // REPNE/REPNZ
230 case 0xF3: // REP or REPE/REPZ
231 case 0x2E: // CS override or Branch hint not taken (with Jcc instrs)
232 case 0x36: // SS override
233 case 0x3E: // DS override or Branch hint taken (with Jcc instrs)
234 case 0x26: // ES override
235 case 0x64: // FS override
236 case 0x65: // GS override
237 //case 0x2E: // branch not taken hint
238 // case 0x3E: // branch taken hint
239 case 0x66: // operand size override
240 case 0x67: // address size override
250 static inline v3_reg_t get_gpr_mask(struct guest_info * info) {
251 switch (info->cpu_mode) {
262 PrintError("Unsupported Address Mode\n");
268 static inline addr_t get_addr_linear(struct guest_info * info, addr_t addr, struct v3_segment * seg) {
269 switch (info->cpu_mode) {
271 // It appears that the segment values are computed and cached in the vmcb structure
272 // We Need to check this for Intel
273 /* return addr + (seg->selector << 4);
279 return addr + seg->base;
283 // In long mode the segment bases are disregarded (forced to 0), unless using
284 // FS or GS, then the base addresses are added
285 return addr + seg->base;
289 PrintError("Unsupported CPU Mode: %d\n", info->cpu_mode);
295 typedef enum {INVALID_ADDR_TYPE, REG, DISP0, DISP8, DISP16, DISP32} modrm_mode_t;
296 typedef enum {INVALID_REG_SIZE, REG64, REG32, REG16, REG8} reg_size_t;
305 static inline addr_t decode_register(struct v3_gprs * gprs, char reg_code, reg_size_t reg_size) {
310 reg_addr = (addr_t)&(gprs->rax);
313 reg_addr = (addr_t)&(gprs->rcx);
316 reg_addr = (addr_t)&(gprs->rdx);
319 reg_addr = (addr_t)&(gprs->rbx);
322 if (reg_size == REG8) {
323 reg_addr = (addr_t)&(gprs->rax) + 1;
325 reg_addr = (addr_t)&(gprs->rsp);
329 if (reg_size == REG8) {
330 reg_addr = (addr_t)&(gprs->rcx) + 1;
332 reg_addr = (addr_t)&(gprs->rbp);
336 if (reg_size == REG8) {
337 reg_addr = (addr_t)&(gprs->rdx) + 1;
339 reg_addr = (addr_t)&(gprs->rsi);
343 if (reg_size == REG8) {
344 reg_addr = (addr_t)&(gprs->rbx) + 1;
346 reg_addr = (addr_t)&(gprs->rdi);
359 static inline v3_operand_type_t decode_operands16(struct v3_gprs * gprs, // input/output
360 char * modrm_instr, // input
361 int * offset, // output
362 addr_t * first_operand, // output
363 addr_t * second_operand, // output
364 reg_size_t reg_size) { // input
366 struct modrm_byte * modrm = (struct modrm_byte *)modrm_instr;
367 addr_t base_addr = 0;
368 modrm_mode_t mod_mode = 0;
369 v3_operand_type_t addr_type = INVALID_OPERAND;
370 char * instr_cursor = modrm_instr;
372 // PrintDebug("ModRM mod=%d\n", modrm->mod);
376 if (modrm->mod == 3) {
378 addr_type = REG_OPERAND;
379 //PrintDebug("first operand = Register (RM=%d)\n",modrm->rm);
381 *first_operand = decode_register(gprs, modrm->rm, reg_size);
385 addr_type = MEM_OPERAND;
387 if (modrm->mod == 0) {
389 } else if (modrm->mod == 1) {
391 } else if (modrm->mod == 2) {
397 base_addr = gprs->rbx + gprs->rsi;
400 base_addr = gprs->rbx + gprs->rdi;
403 base_addr = gprs->rbp + gprs->rsi;
406 base_addr = gprs->rbp + gprs->rdi;
409 base_addr = gprs->rsi;
412 base_addr = gprs->rdi;
415 if (modrm->mod == 0) {
419 base_addr = gprs->rbp;
423 base_addr = gprs->rbx;
429 if (mod_mode == DISP8) {
430 base_addr += (uchar_t)*(instr_cursor);
432 } else if (mod_mode == DISP16) {
433 base_addr += (ushort_t)*(instr_cursor);
437 *first_operand = base_addr;
440 *offset += (instr_cursor - modrm_instr);
441 *second_operand = decode_register(gprs, modrm->reg, reg_size);
448 static inline v3_operand_type_t decode_operands32(struct v3_gprs * gprs, // input/output
449 uchar_t * modrm_instr, // input
450 int * offset, // output
451 addr_t * first_operand, // output
452 addr_t * second_operand, // output
453 reg_size_t reg_size) { // input
455 uchar_t * instr_cursor = modrm_instr;
456 struct modrm_byte * modrm = (struct modrm_byte *)modrm_instr;
457 addr_t base_addr = 0;
458 modrm_mode_t mod_mode = 0;
459 uint_t has_sib_byte = 0;
460 v3_operand_type_t addr_type = INVALID_OPERAND;
466 if (modrm->mod == 3) {
468 addr_type = REG_OPERAND;
470 // PrintDebug("first operand = Register (RM=%d)\n",modrm->rm);
472 *first_operand = decode_register(gprs, modrm->rm, reg_size);
476 addr_type = MEM_OPERAND;
478 if (modrm->mod == 0) {
480 } else if (modrm->mod == 1) {
482 } else if (modrm->mod == 2) {
488 base_addr = gprs->rax;
491 base_addr = gprs->rcx;
494 base_addr = gprs->rdx;
497 base_addr = gprs->rbx;
503 if (modrm->mod == 0) {
507 base_addr = gprs->rbp;
511 base_addr = gprs->rsi;
514 base_addr = gprs->rdi;
520 struct sib_byte * sib = (struct sib_byte *)(instr_cursor);
526 if (sib->scale == 1) {
528 } else if (sib->scale == 2) {
530 } else if (sib->scale == 3) {
535 switch (sib->index) {
537 base_addr = gprs->rax;
540 base_addr = gprs->rcx;
543 base_addr = gprs->rdx;
546 base_addr = gprs->rbx;
552 base_addr = gprs->rbp;
555 base_addr = gprs->rsi;
558 base_addr = gprs->rdi;
567 base_addr += gprs->rax;
570 base_addr += gprs->rcx;
573 base_addr += gprs->rdx;
576 base_addr += gprs->rbx;
579 base_addr += gprs->rsp;
582 if (modrm->mod != 0) {
583 base_addr += gprs->rbp;
587 base_addr += gprs->rsi;
590 base_addr += gprs->rdi;
597 if (mod_mode == DISP8) {
598 base_addr += (uchar_t)*(instr_cursor);
600 } else if (mod_mode == DISP32) {
601 base_addr += (uint_t)*(instr_cursor);
606 *first_operand = base_addr;
609 *offset += (instr_cursor - modrm_instr);
611 *second_operand = decode_register(gprs, modrm->reg, reg_size);
