2 * This file is part of the Palacios Virtual Machine Monitor developed
3 * by the V3VEE Project with funding from the United States National
4 * Science Foundation and the Department of Energy.
6 * The V3VEE Project is a joint project between Northwestern University
7 * and the University of New Mexico. You can find out more at
10 * Copyright (c) 2008, Jack Lange <jarusl@cs.northwestern.edu>
11 * Copyright (c) 2008, The V3VEE Project <http://www.v3vee.org>
12 * All rights reserved.
14 * Author: Jack Lange <jarusl@cs.northwestern.edu>
16 * This is free software. You are permitted to use,
17 * redistribute, and modify it as specified in the file "V3VEE_LICENSE".
20 #include <palacios/vmm_types.h>
22 /* .... Giant fucking switch tables */
137 static int get_addr_width(struct guest_info * info, struct x86_instr * instr) {
139 switch (v3_get_vm_cpu_mode(info)) {
141 return (instr->prefixes.addr_size) ? 4 : 2;
147 if (info->segments.cs.db) {
148 return (instr->prefixes.addr_size) ? 2 : 4;
150 return (instr->prefixes.addr_size) ? 4 : 2;
153 PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
158 static int get_operand_width(struct guest_info * info, struct x86_instr * instr,
258 switch (v3_get_vm_cpu_mode(info)) {
260 return (instr->prefixes.op_size) ? 4 : 2;
262 if (instr->prefixes.rex_op_size) {
270 if (info->segments.cs.db) {
272 return (instr->prefixes.op_size) ? 2 : 4;
274 return (instr->prefixes.op_size) ? 4 : 2;
277 PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
282 switch (v3_get_vm_cpu_mode(info)) {
284 PrintError("Invalid instruction given operating mode (%d)\n", form);
293 PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
299 switch (v3_get_vm_cpu_mode(info)) {
309 PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
317 switch (v3_get_vm_cpu_mode(info)) {
327 PrintError("Unsupported CPU mode: %d\n", info->cpu_mode);
334 PrintError("Unsupported instruction form %d\n", form);
344 typedef enum {INVALID_ADDR_TYPE, REG, DISP0, DISP8, DISP16, DISP32} modrm_mode_t;
345 typedef enum {INVALID_REG_SIZE, REG64, REG32, REG16, REG8} reg_size_t;
352 } __attribute__((packed));
359 } __attribute__((packed));
366 static inline int decode_gpr(struct guest_info * core,
368 struct x86_operand * reg) {
370 struct v3_gprs * gprs = &(core->vm_regs);
374 reg->operand = (addr_t)&(gprs->rax);
377 reg->operand = (addr_t)&(gprs->rcx);
380 reg->operand = (addr_t)&(gprs->rdx);
383 reg->operand = (addr_t)&(gprs->rbx);
386 if (reg->size == 1) {
387 reg->operand = (addr_t)&(gprs->rax) + 1;
389 reg->operand = (addr_t)&(gprs->rsp);
393 if (reg->size == 1) {
394 reg->operand = (addr_t)&(gprs->rcx) + 1;
396 reg->operand = (addr_t)&(gprs->rbp);
400 if (reg->size == 1) {
401 reg->operand = (addr_t)&(gprs->rdx) + 1;
403 reg->operand = (addr_t)&(gprs->rsi);
407 if (reg->size == 1) {
408 reg->operand = (addr_t)&(gprs->rbx) + 1;
410 reg->operand = (addr_t)&(gprs->rdi);
414 reg->operand = (addr_t)&(gprs->r8);
417 reg->operand = (addr_t)&(gprs->r9);
420 reg->operand = (addr_t)&(gprs->r10);
423 reg->operand = (addr_t)&(gprs->r11);
426 reg->operand = (addr_t)&(gprs->r12);
429 reg->operand = (addr_t)&(gprs->r13);
432 reg->operand = (addr_t)&(gprs->r14);
435 reg->operand = (addr_t)&(gprs->r15);
438 PrintError("Invalid Reg Code (%d)\n", reg_code);
449 static inline int decode_cr(struct guest_info * core,
451 struct x86_operand * reg) {
453 struct v3_ctrl_regs * crs = &(core->ctrl_regs);
455 // PrintDebug("\t Ctrl regs %d\n", reg_code);
459 reg->operand = (addr_t)&(crs->cr0);
462 reg->operand = (addr_t)&(crs->cr2);
465 reg->operand = (addr_t)&(crs->cr3);
468 reg->operand = (addr_t)&(crs->cr4);
472 PrintError("Invalid Reg Code (%d)\n", reg_code);
481 #define ADDR_MASK(val, length) ({ \
482 ullong_t mask = 0x0LL; \
485 mask = 0x00000000000fffffLL; \
488 mask = 0x00000000ffffffffLL; \
491 mask = 0xffffffffffffffffLL; \
499 static int decode_rm_operand16(struct guest_info * core,
500 uint8_t * modrm_instr,
501 struct x86_instr * instr,
502 struct x86_operand * operand,
503 uint8_t * reg_code) {
505 struct v3_gprs * gprs = &(core->vm_regs);
506 struct modrm_byte * modrm = (struct modrm_byte *)modrm_instr;
507 addr_t base_addr = 0;
508 modrm_mode_t mod_mode = 0;
509 uint8_t * instr_cursor = modrm_instr;
511 // PrintDebug("ModRM mod=%d\n", modrm->mod);
513 *reg_code = modrm->reg;
517 if (modrm->mod == 3) {
518 //PrintDebug("first operand = Register (RM=%d)\n",modrm->rm);
519 operand->type = REG_OPERAND;
521 decode_gpr(core, modrm->rm, operand);
524 struct v3_segment * seg = NULL;
526 operand->type = MEM_OPERAND;
528 if (modrm->mod == 0) {
530 } else if (modrm->mod == 1) {
532 } else if (modrm->mod == 2) {
535 PrintError("Instruction format error: Invalid mod_rm mode (%d)\n", modrm->mod);
536 v3_print_instr(instr);
542 base_addr = gprs->rbx + ADDR_MASK(gprs->rsi, 2);
545 base_addr = gprs->rbx + ADDR_MASK(gprs->rdi, 2);
548 base_addr = gprs->rbp + ADDR_MASK(gprs->rsi, 2);
551 base_addr = gprs->rbp + ADDR_MASK(gprs->rdi, 2);
554 base_addr = ADDR_MASK(gprs->rsi, 2);
557 base_addr = ADDR_MASK(gprs->rdi, 2);
560 if (modrm->mod == 0) {
564 base_addr = ADDR_MASK(gprs->rbp, 2);
568 base_addr = ADDR_MASK(gprs->rbx, 2);
574 if (mod_mode == DISP8) {
575 base_addr += *(sint8_t *)instr_cursor;
577 } else if (mod_mode == DISP16) {
578 base_addr += *(sint16_t *)instr_cursor;
583 // get appropriate segment
584 if (instr->prefixes.cs_override) {
585 seg = &(core->segments.cs);
586 } else if (instr->prefixes.es_override) {
587 seg = &(core->segments.es);
588 } else if (instr->prefixes.ss_override) {
589 seg = &(core->segments.ss);
590 } else if (instr->prefixes.fs_override) {
591 seg = &(core->segments.fs);
592 } else if (instr->prefixes.gs_override) {
593 seg = &(core->segments.gs);
595 seg = &(core->segments.ds);
598 operand->operand = ADDR_MASK(get_addr_linear(core, base_addr, seg),
599 get_addr_width(core, instr));
603 return (instr_cursor - modrm_instr);
607 // returns num_bytes parsed
608 static int decode_rm_operand32(struct guest_info * core,
609 uint8_t * modrm_instr,
610 struct x86_instr * instr,
611 struct x86_operand * operand,
612 uint8_t * reg_code) {
614 struct v3_gprs * gprs = &(core->vm_regs);
615 uint8_t * instr_cursor = modrm_instr;
616 struct modrm_byte * modrm = (struct modrm_byte *)modrm_instr;
617 addr_t base_addr = 0;
618 modrm_mode_t mod_mode = 0;
619 uint_t has_sib_byte = 0;
622 *reg_code = modrm->reg;
626 if (modrm->mod == 3) {
627 operand->type = REG_OPERAND;
628 // PrintDebug("first operand = Register (RM=%d)\n",modrm->rm);
630 decode_gpr(core, modrm->rm, operand);
633 struct v3_segment * seg = NULL;
635 operand->type = MEM_OPERAND;
637 if (modrm->mod == 0) {
639 } else if (modrm->mod == 1) {
641 } else if (modrm->mod == 2) {
644 PrintError("Instruction format error: Invalid mod_rm mode (%d)\n", modrm->mod);
645 v3_print_instr(instr);
651 base_addr = gprs->rax;
654 base_addr = gprs->rcx;
657 base_addr = gprs->rdx;
660 base_addr = gprs->rbx;
666 if (modrm->mod == 0) {
670 base_addr = gprs->rbp;
674 base_addr = gprs->rsi;
677 base_addr = gprs->rdi;
683 struct sib_byte * sib = (struct sib_byte *)(instr_cursor);
684 int scale = 0x1 << sib->scale;
688 switch (sib->index) {
690 base_addr = gprs->rax;
693 base_addr = gprs->rcx;
696 base_addr = gprs->rdx;
699 base_addr = gprs->rbx;
705 base_addr = gprs->rbp;
708 base_addr = gprs->rsi;
711 base_addr = gprs->rdi;
720 base_addr += ADDR_MASK(gprs->rax, 4);
723 base_addr += ADDR_MASK(gprs->rcx, 4);
726 base_addr += ADDR_MASK(gprs->rdx, 4);
729 base_addr += ADDR_MASK(gprs->rbx, 4);
732 base_addr += ADDR_MASK(gprs->rsp, 4);
735 if (modrm->mod != 0) {
736 base_addr += ADDR_MASK(gprs->rbp, 4);
740 base_addr += ADDR_MASK(gprs->rsi, 4);
743 base_addr += ADDR_MASK(gprs->rdi, 4);
750 if (mod_mode == DISP8) {
751 base_addr += *(sint8_t *)instr_cursor;
753 } else if (mod_mode == DISP32) {
754 base_addr += *(sint32_t *)instr_cursor;
758 // get appropriate segment
759 if (instr->prefixes.cs_override) {
760 seg = &(core->segments.cs);
761 } else if (instr->prefixes.es_override) {
762 seg = &(core->segments.es);
763 } else if (instr->prefixes.ss_override) {
764 seg = &(core->segments.ss);
765 } else if (instr->prefixes.fs_override) {
766 seg = &(core->segments.fs);
767 } else if (instr->prefixes.gs_override) {
768 seg = &(core->segments.gs);
770 seg = &(core->segments.ds);
773 operand->operand = ADDR_MASK(get_addr_linear(core, base_addr, seg),
774 get_addr_width(core, instr));
778 return (instr_cursor - modrm_instr);
782 int decode_rm_operand64(struct guest_info * core, uint8_t * modrm_instr,
783 struct x86_instr * instr, struct x86_operand * operand,
784 uint8_t * reg_code) {
786 struct v3_gprs * gprs = &(core->vm_regs);
787 uint8_t * instr_cursor = modrm_instr;
788 struct modrm_byte * modrm = (struct modrm_byte *)modrm_instr;
789 addr_t base_addr = 0;
790 modrm_mode_t mod_mode = 0;
791 uint_t has_sib_byte = 0;
796 *reg_code = modrm->reg;
797 *reg_code |= (instr->prefixes.rex_reg << 3);
799 if (modrm->mod == 3) {
800 uint8_t rm_val = modrm->rm;
802 rm_val |= (instr->prefixes.rex_rm << 3);
804 operand->type = REG_OPERAND;
805 // PrintDebug("first operand = Register (RM=%d)\n",modrm->rm);
807 decode_gpr(core, rm_val, operand);
809 struct v3_segment * seg = NULL;
810 uint8_t rm_val = modrm->rm;
812 operand->type = MEM_OPERAND;
815 if (modrm->mod == 0) {
817 } else if (modrm->mod == 1) {
819 } else if (modrm->mod == 2) {
822 PrintError("Instruction format error: Invalid mod_rm mode (%d)\n", modrm->mod);
823 v3_print_instr(instr);
830 rm_val |= (instr->prefixes.rex_rm << 3);
834 base_addr = gprs->rax;
837 base_addr = gprs->rcx;
840 base_addr = gprs->rdx;
843 base_addr = gprs->rbx;
846 if (modrm->mod == 0) {
850 base_addr = gprs->rbp;
854 base_addr = gprs->rsi;
857 base_addr = gprs->rdi;
860 base_addr = gprs->r8;
863 base_addr = gprs->r9;
866 base_addr = gprs->r10;
869 base_addr = gprs->r11;
872 base_addr = gprs->r12;
875 base_addr = gprs->r13;
878 base_addr = gprs->r14;
881 base_addr = gprs->r15;
890 struct sib_byte * sib = (struct sib_byte *)(instr_cursor);
891 int scale = 0x1 << sib->scale;
892 uint8_t index_val = sib->index;
893 uint8_t base_val = sib->base;
895 index_val |= (instr->prefixes.rex_sib_idx << 3);
896 base_val |= (instr->prefixes.rex_rm << 3);
902 base_addr = gprs->rax;
905 base_addr = gprs->rcx;
908 base_addr = gprs->rdx;
911 base_addr = gprs->rbx;
917 base_addr = gprs->rbp;
920 base_addr = gprs->rsi;
923 base_addr = gprs->rdi;
926 base_addr = gprs->r8;
929 base_addr = gprs->r9;
932 base_addr = gprs->r10;
935 base_addr = gprs->r11;
938 base_addr = gprs->r12;
941 base_addr = gprs->r13;
944 base_addr = gprs->r14;
947 base_addr = gprs->r15;
956 base_addr += gprs->rax
959 base_addr += gprs->rcx
962 base_addr += gprs->rdx
965 base_addr += gprs->rbx
968 base_addr += gprs->rsp
971 if (modrm->mod != 0) {
972 base_addr += gprs->rbp
976 base_addr += gprs->rsi
979 base_addr += gprs->rdi
982 base_addr += gprs->r8
985 base_addr += gprs->r9
988 base_addr += gprs->r10
991 base_addr += gprs->r11
994 base_addr += gprs->r12
997 base_addr += gprs->r13
1000 base_addr += gprs->r14
1003 base_addr += gprs->r15;
1010 if (mod_mode == DISP8) {
1011 base_addr += *(sint8_t *)instr_cursor;
1013 } else if (mod_mode == DISP32) {
1014 base_addr += *(sint32_t *)instr_cursor;
1020 Segments should be ignored
1021 // get appropriate segment
1022 if (instr->prefixes.cs_override) {
1023 seg = &(core->segments.cs);
1024 } else if (instr->prefixes.es_override) {
1025 seg = &(core->segments.es);
1026 } else if (instr->prefixes.ss_override) {
1027 seg = &(core->segments.ss);
1028 } else if (instr->prefixes.fs_override) {
1029 seg = &(core->segments.fs);
1030 } else if (instr->prefixes.gs_override) {
1031 seg = &(core->segments.gs);
1033 seg = &(core->segments.ds);
1037 operand->operand = ADDR_MASK(get_addr_linear(core, base_addr, seg),
1038 get_addr_width(core, instr));
1042 return (instr_cursor - modrm_instr);
1048 static int decode_rm_operand(struct guest_info * core,
1049 uint8_t * instr_ptr, // input
1051 struct x86_instr * instr,
1052 struct x86_operand * operand,
1053 uint8_t * reg_code) {
1055 v3_cpu_mode_t mode = v3_get_vm_cpu_mode(core);
1057 operand->size = get_operand_width(core, instr, form);
1061 return decode_rm_operand16(core, instr_ptr, instr, operand, reg_code);
1063 if (instr->prefixes.rex_op_size) {
1064 return decode_rm_operand64(core, instr_ptr, instr, operand, reg_code);
1068 case LONG_32_COMPAT:
1069 return decode_rm_operand32(core, instr_ptr, instr, operand, reg_code);
1071 PrintError("Invalid CPU_MODE (%d)\n", mode);
1078 static inline op_form_t op_code_to_form_0f(uint8_t * instr, int * length) {
1083 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[2]);
1085 switch (modrm->reg) {
1093 return INVALID_INSTR;
1154 return INVALID_INSTR;
1159 static op_form_t op_code_to_form(uint8_t * instr, int * length) {
1183 return op_code_to_form_0f(instr, length);
1223 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1225 switch (modrm->reg) {
1239 return INVALID_INSTR;
1243 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1245 switch (modrm->reg) {
1259 return INVALID_INSTR;
1263 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1265 switch (modrm->reg) {
1267 return ADD_IMM2SX_8;
1271 return ADC_IMM2SX_8;
1273 return AND_IMM2SX_8;
1275 return SUB_IMM2SX_8;
1277 return XOR_IMM2SX_8;
1279 return INVALID_INSTR;
1308 return MOV_MEM2AL_8;
1312 return MOV_AL2MEM_8;
1336 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1338 switch (modrm->reg) {
1344 return INVALID_INSTR;
1348 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1350 switch (modrm->reg) {
1356 return INVALID_INSTR;
1362 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1364 switch (modrm->reg) {
1370 return INVALID_INSTR;
1375 struct modrm_byte * modrm = (struct modrm_byte *)&(instr[1]);
1377 switch (modrm->reg) {
1383 return INVALID_INSTR;
1388 return INVALID_INSTR;
1394 static char * op_form_to_str(op_form_t form) {
1397 case LMSW: return "LMSW";
1398 case SMSW: return "SMSW";
1399 case CLTS: return "CLTS";
1400 case INVLPG: return "INVLPG";
1401 case MOV_CR2: return "MOV_CR2";
1402 case MOV_2CR: return "MOV_2CR";
1403 case MOV_DR2: return "MOV_DR2";
1404 case MOV_2DR: return "MOV_2DR";
1405 case MOV_SR2: return "MOV_SR2";
1406 case MOV_2SR: return "MOV_2SR";
1407 case MOV_MEM2_8: return "MOV_MEM2_8";
1408 case MOV_MEM2: return "MOV_MEM2";
1409 case MOV_2MEM_8: return "MOV_2MEM_8";
1410 case MOV_2MEM: return "MOV_2MEM";
1411 case MOV_MEM2AL_8: return "MOV_MEM2AL_8";
1412 case MOV_MEM2AX: return "MOV_MEM2AX";
1413 case MOV_AL2MEM_8: return "MOV_AL2MEM_8";
1414 case MOV_AX2MEM: return "MOV_AX2MEM";
1415 case MOV_IMM2_8: return "MOV_IMM2_8";
1416 case MOV_IMM2: return "MOV_IMM2";
1417 case MOVS_8: return "MOVS_8";
1418 case MOVS: return "MOVS";
1419 case MOVSX_8: return "MOVSX_8";
1420 case MOVSX: return "MOVSX";
1421 case MOVZX_8: return "MOVZX_8";
1422 case MOVZX: return "MOVZX";
1423 case HLT: return "HLT";
1424 case PUSHF: return "PUSHF";
1425 case POPF: return "POPF";
1426 case ADC_2MEM_8: return "ADC_2MEM_8";
1427 case ADC_2MEM: return "ADC_2MEM";
1428 case ADC_MEM2_8: return "ADC_MEM2_8";
1429 case ADC_MEM2: return "ADC_MEM2";
1430 case ADC_IMM2_8: return "ADC_IMM2_8";
1431 case ADC_IMM2: return "ADC_IMM2";
1432 case ADC_IMM2SX_8: return "ADC_IMM2SX_8";
1433 case ADD_IMM2_8: return "ADD_IMM2_8";
1434 case ADD_IMM2: return "ADD_IMM2";
1435 case ADD_IMM2SX_8: return "ADD_IMM2SX_8";
1436 case ADD_2MEM_8: return "ADD_2MEM_8";
1437 case ADD_2MEM: return "ADD_2MEM";
1438 case ADD_MEM2_8: return "ADD_MEM2_8";
1439 case ADD_MEM2: return "ADD_MEM2";
1440 case AND_MEM2_8: return "AND_MEM2_8";
1441 case AND_MEM2: return "AND_MEM2";
1442 case AND_2MEM_8: return "AND_2MEM_8";
1443 case AND_2MEM: return "AND_2MEM";
1444 case AND_IMM2_8: return "AND_IMM2_8";
1445 case AND_IMM2: return "AND_IMM2";
1446 case AND_IMM2SX_8: return "AND_IMM2SX_8";
1447 case OR_2MEM_8: return "OR_2MEM_8";
1448 case OR_2MEM: return "OR_2MEM";
1449 case OR_MEM2_8: return "OR_MEM2_8";
1450 case OR_MEM2: return "OR_MEM2";
1451 case OR_IMM2_8: return "OR_IMM2_8";
1452 case OR_IMM2: return "OR_IMM2";
1453 case OR_IMM2SX_8: return "OR_IMM2SX_8";
1454 case SUB_2MEM_8: return "SUB_2MEM_8";
1455 case SUB_2MEM: return "SUB_2MEM";
1456 case SUB_MEM2_8: return "SUB_MEM2_8";
1457 case SUB_MEM2: return "SUB_MEM2";
1458 case SUB_IMM2_8: return "SUB_IMM2_8";
1459 case SUB_IMM2: return "SUB_IMM2";
1460 case SUB_IMM2SX_8: return "SUB_IMM2SX_8";
1461 case XOR_2MEM_8: return "XOR_2MEM_8";
1462 case XOR_2MEM: return "XOR_2MEM";
1463 case XOR_MEM2_8: return "XOR_MEM2_8";
1464 case XOR_MEM2: return "XOR_MEM2";
1465 case XOR_IMM2_8: return "XOR_IMM2_8";
1466 case XOR_IMM2: return "XOR_IMM2";
1467 case XOR_IMM2SX_8: return "XOR_IMM2SX_8";
1468 case INC_8: return "INC_8";
1469 case INC: return "INC";
1470 case DEC_8: return "DEC_8";
1471 case DEC: return "DEC";
1472 case NEG_8: return "NEG_8";
1473 case NEG: return "NEG";
1474 case NOT_8: return "NOT_8";
1475 case NOT: return "NOT";
1476 case XCHG_8: return "XCHG_8";
1477 case XCHG: return "XCHG";
1478 case SETB: return "SETB";
1479 case SETBE: return "SETBE";
1480 case SETL: return "SETL";
1481 case SETLE: return "SETLE";
1482 case SETNB: return "SETNB";
1483 case SETNBE: return "SETNBE";
1484 case SETNL: return "SETNL";
1485 case SETNLE: return "SETNLE";
1486 case SETNO: return "SETNO";
1487 case SETNP: return "SETNP";
1488 case SETNS: return "SETNS";
1489 case SETNZ: return "SETNZ";
1490 case SETP: return "SETP";
1491 case SETS: return "SETS";
1492 case SETZ: return "SETZ";
1493 case SETO: return "SETO";
1494 case STOS_8: return "STOS_8";
1495 case STOS: return "STOS";
1499 return "INVALID_INSTR";
