IOMAllMMIO.cpp revision ae9ec50c70638edbb5128ccc1577e568f3fa3982
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/* $Id$ */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/** @file
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * IOM - Input / Output Monitor - Any Context, MMIO & String I/O.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Copyright (C) 2006-2007 Sun Microsystems, Inc.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * This file is part of VirtualBox Open Source Edition (OSE), as
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * available from http://www.virtualbox.org. This file is free software;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * you can redistribute it and/or modify it under the terms of the GNU
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * General Public License (GPL) as published by the Free Software
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Foundation, in version 2 as it comes in the "COPYING" file of the
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Clara, CA 95054 USA or visit http://www.sun.com if you need
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * additional information or have any questions.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync/*******************************************************************************
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync* Header Files *
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync*******************************************************************************/
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#define LOG_GROUP LOG_GROUP_IOM
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/iom.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/cpum.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/pgm.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/selm.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/mm.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/em.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/pgm.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/trpm.h>
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include "IOMInternal.h"
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#include <VBox/vm.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/hwaccm.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/dis.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/disopcode.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/param.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/err.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <iprt/assert.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <VBox/log.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <iprt/asm.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#include <iprt/string.h>
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/*******************************************************************************
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync* Global Variables *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync*******************************************************************************/
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/**
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Array for fast recode of the operand size (1/2/4/8 bytes) to bit shift value.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncstatic const unsigned g_aSize2Shift[] =
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync{
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync ~0, /* 0 - invalid */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync 0, /* *1 == 2^0 */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync 1, /* *2 == 2^1 */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync ~0, /* 3 - invalid */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync 2, /* *4 == 2^2 */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync ~0, /* 5 - invalid */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync ~0, /* 6 - invalid */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync ~0, /* 7 - invalid */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync 3 /* *8 == 2^3 */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync};
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/**
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Macro for fast recode of the operand size (1/2/4/8 bytes) to bit shift value.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#define SIZE_2_SHIFT(cb) (g_aSize2Shift[cb])
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/**
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Wrapper which does the write and updates range statistics when such are enabled.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @warning RT_SUCCESS(rc=VINF_IOM_HC_MMIO_WRITE) is TRUE!
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncDECLINLINE(int) iomMMIODoWrite(PVM pVM, PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault, const void *pvData, unsigned cb)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync{
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#ifdef VBOX_WITH_STATISTICS
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync PIOMMMIOSTATS pStats = iomMMIOGetStats(&pVM->iom.s, GCPhysFault, pRange);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync Assert(pStats);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync int rc;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (RT_LIKELY(pRange->CTX_SUFF(pfnWriteCallback)))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = pRange->CTX_SUFF(pfnWriteCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), GCPhysFault, (void *)pvData, cb); /* @todo fix const!! */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync else
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = VINF_SUCCESS;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_IOM_HC_MMIO_WRITE)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Write));
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return rc;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync}
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/**
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Wrapper which does the read and updates range statistics when such are enabled.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncDECLINLINE(int) iomMMIODoRead(PVM pVM, PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault, void *pvData, unsigned cb)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync{
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef VBOX_WITH_STATISTICS
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync PIOMMMIOSTATS pStats = iomMMIOGetStats(&pVM->iom.s, GCPhysFault, pRange);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync Assert(pStats);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync int rc;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (RT_LIKELY(pRange->CTX_SUFF(pfnReadCallback)))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = pRange->CTX_SUFF(pfnReadCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), GCPhysFault, pvData, cb);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync else
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync/** @todo r=bird: this is (probably) wrong, all bits should be set here I
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * think. */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync switch (cb)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 1: *(uint8_t *)pvData = 0; break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 2: *(uint16_t *)pvData = 0; break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 4: *(uint32_t *)pvData = 0; break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 8: *(uint64_t *)pvData = 0; break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync default:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync memset(pvData, 0, cb);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
8bce22f6f04047918df71d70b614262e1d08dc61vboxsync }
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync rc = VINF_SUCCESS;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync }
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync if (rc != VINF_IOM_HC_MMIO_READ)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Read));
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync return rc;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync}
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync/**
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * Internal - statistics only.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsyncDECLINLINE(void) iomMMIOStatLength(PVM pVM, unsigned cb)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync{
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#ifdef VBOX_WITH_STATISTICS
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync switch (cb)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 1:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIO1Byte);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 2:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIO2Bytes);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 4:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIO4Bytes);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync case 8:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIO8Bytes);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync default:
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /* No way. */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync AssertMsgFailed(("Invalid data length %d\n", cb));
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync break;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync }
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#else
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync NOREF(pVM); NOREF(cb);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync#endif
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync}
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync/**
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * MOV reg, mem (read)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * MOVZX reg, mem (read)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * MOVSX reg, mem (read)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync *
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @returns VBox status code.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync *
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pVM The virtual machine.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pCpu Disassembler CPU state.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pRange Pointer MMIO range.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param GCPhysFault The GC physical address corresponding to pvFault.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsyncstatic int iomInterpretMOVxXRead(PVM pVM, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync{
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /*
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * Get the data size from parameter 2,
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * and call the handler function to get the data.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync unsigned cb = DISGetParamSize(pCpu, &pCpu->param2);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync uint64_t u64Data = 0;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync int rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &u64Data, cb);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync if (rc == VINF_SUCCESS)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /*
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * Do sign extension for MOVSX.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /** @todo checkup MOVSX implementation! */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync if (pCpu->pCurInstr->opcode == OP_MOVSX)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync if (cb == 1)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /* DWORD <- BYTE */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync int64_t iData = (int8_t)u64Data;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync u64Data = (uint64_t)iData;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync }
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync else
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync {
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /* DWORD <- WORD */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync int64_t iData = (int16_t)u64Data;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync u64Data = (uint64_t)iData;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Store the result to register (parameter 1).
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync bool fRc = iomSaveDataToReg(pCpu, &pCpu->param1, pRegFrame, u64Data);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync }
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync if (rc == VINF_SUCCESS)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync iomMMIOStatLength(pVM, cb);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync return rc;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync}
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync/**
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * MOV mem, reg|imm (write)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync *
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @returns VBox status code.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync *
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pVM The virtual machine.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pCpu Disassembler CPU state.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param pRange Pointer MMIO range.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * @param GCPhysFault The GC physical address corresponding to pvFault.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsyncstatic int iomInterpretMOVxXWrite(PVM pVM, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange, RTGCPHYS GCPhysFault)
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync{
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync Assert(pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3);
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync /*
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * Get data to write from second parameter,
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync * and call the callback to write it.
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync */
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync unsigned cb = 0;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync uint64_t u64Data = 0;
212ccded142c57ca5b0ce90d5b116d2e5e4c0195vboxsync bool fRc = iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &u64Data, &cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync AssertMsg(fRc, ("Failed to get reg/imm port number!\n")); NOREF(fRc);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync int rc = iomMMIODoWrite(pVM, pRange, GCPhysFault, &u64Data, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc == VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync iomMMIOStatLength(pVM, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return rc;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync}
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/** Wrapper for reading virtual memory. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncDECLINLINE(int) iomRamRead(PVM pVM, void *pDest, RTGCPTR GCSrc, uint32_t cb)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync{
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef IN_GC
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return MMGCRamReadNoTrapHandler(pDest, (void *)GCSrc, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#else
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return PGMPhysReadGCPtr(pVM, pDest, GCSrc, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync}
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/** Wrapper for writing virtual memory. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncDECLINLINE(int) iomRamWrite(PVM pVM, RTGCPTR GCDest, void *pSrc, uint32_t cb)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync{
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef IN_GC
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return MMGCRamWriteNoTrapHandler((void *)GCDest, pSrc, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#else
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return PGMPhysWriteGCPtr(pVM, GCDest, pSrc, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync}
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef IOM_WITH_MOVS_SUPPORT
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/**
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * [REP] MOVSB
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * [REP] MOVSW
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * [REP] MOVSD
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Restricted implementation.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @returns VBox status code.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync *
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param pVM The virtual machine.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param uErrorCode CPU Error code.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param pRegFrame Trap register frame.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param GCPhysFault The GC physical address corresponding to pvFault.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param pCpu Disassembler CPU state.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param pRange Pointer MMIO range.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * @param ppStat Which sub-sample to attribute this call to.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsyncstatic int iomInterpretMOVS(PVM pVM, RTGCUINT uErrorCode, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange, PSTAMPROFILE *ppStat)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync{
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * We do not support segment prefixes or REPNE.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (pCpu->prefix & (PREFIX_SEG | PREFIX_REPNE))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_IOM_HC_MMIO_READ_WRITE; /** @todo -> interpret whatever. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Get bytes/words/dwords/qword count to copy.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync uint32_t cTransfers = 1;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (pCpu->prefix & PREFIX_REP)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifndef IN_GC
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if ( CPUMIsGuestIn64BitCode(pVM, pRegFrame)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync && pRegFrame->rcx >= _4G)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_EM_RAW_EMULATE_INSTR;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync cTransfers = pRegFrame->ecx;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (SELMGetCpuModeFromSelector(pVM, pRegFrame->eflags, pRegFrame->cs, &pRegFrame->csHid) == CPUMODE_16BIT)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync cTransfers &= 0xffff;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (!cTransfers)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_SUCCESS;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Get the current privilege level. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync uint32_t cpl = CPUMGetGuestCPL(pVM, pRegFrame);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Get data size.
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync unsigned cb = DISGetParamSize(pCpu, &pCpu->param1);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync AssertMsg(cb > 0 && cb <= sizeof(uint32_t), ("cb=%d\n", cb));
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync int offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef VBOX_WITH_STATISTICS
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (pVM->iom.s.cMovsMaxBytes < (cTransfers << SIZE_2_SHIFT(cb)))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync pVM->iom.s.cMovsMaxBytes = cTransfers << SIZE_2_SHIFT(cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync/** @todo re-evaluate on page boundraries. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync RTGCPHYS Phys = GCPhysFault;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync int rc;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (uErrorCode & X86_TRAP_PF_RW)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Write operation: [Mem] -> [MMIO]
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * ds:esi (Virt Src) -> es:edi (Phys Dst)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsToMMIO; });
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Check callback. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (!pRange->CTX_SUFF(pfnWriteCallback))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_IOM_HC_MMIO_WRITE;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Convert source address ds:esi. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync RTGCUINTPTR pu8Virt;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = SELMToFlatEx(pVM, DIS_SELREG_DS, pRegFrame, (RTGCPTR)pRegFrame->rsi,
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync (PRTGCPTR)&pu8Virt);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (RT_SUCCESS(rc))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
8bce22f6f04047918df71d70b614262e1d08dc61vboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Access verification first; we currently can't recover properly from traps inside this instruction */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = PGMVerifyAccess(pVM, pu8Virt, cTransfers * cb, (cpl == 3) ? X86_PTE_US : 0);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync Log(("MOVS will generate a trap -> recompiler, rc=%d\n", rc));
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_EM_RAW_EMULATE_INSTR;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef IN_GC
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync MMGCRamRegisterTrapHandler(pVM);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* copy loop. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync while (cTransfers)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync uint32_t u32Data = 0;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = iomRamRead(pVM, &u32Data, (RTGCPTR)pu8Virt, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync break;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = iomMMIODoWrite(pVM, pRange, Phys, &u32Data, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync break;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync pu8Virt += offIncrement;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync Phys += offIncrement;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync pRegFrame->rsi += offIncrement;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync pRegFrame->rdi += offIncrement;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync cTransfers--;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#ifdef IN_GC
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync MMGCRamDeregisterTrapHandler(pVM);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync#endif
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Update ecx. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (pCpu->prefix & PREFIX_REP)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync pRegFrame->ecx = cTransfers;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync else
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = VINF_IOM_HC_MMIO_READ_WRITE;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync }
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync else
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Read operation: [MMIO] -> [mem] or [MMIO] -> [MMIO]
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * ds:[eSI] (Phys Src) -> es:[eDI] (Virt Dst)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsFromMMIO; });
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Check callback. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (!pRange->CTX_SUFF(pfnReadCallback))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_IOM_HC_MMIO_READ;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Convert destination address. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync RTGCUINTPTR pu8Virt;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = SELMToFlatEx(pVM, DIS_SELREG_ES, pRegFrame, (RTGCPTR)pRegFrame->rdi,
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync (RTGCPTR *)&pu8Virt);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (RT_FAILURE(rc))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_EM_RAW_GUEST_TRAP;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* Check if destination address is MMIO. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync PIOMMMIORANGE pMMIODst;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync RTGCPHYS PhysDst;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = PGMGstGetPage(pVM, (RTGCPTR)pu8Virt, NULL, &PhysDst);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync PhysDst |= (RTGCUINTPTR)pu8Virt & PAGE_OFFSET_MASK;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if ( RT_SUCCESS(rc)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync && (pMMIODst = iomMMIOGetRange(&pVM->iom.s, PhysDst)))
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /*
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync * Extra: [MMIO] -> [MMIO]
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync STAM_STATS({ *ppStat = &pVM->iom.s.StatRZInstMovsMMIO; });
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (!pMMIODst->CTX_SUFF(pfnWriteCallback) && pMMIODst->pfnWriteCallbackR3)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync return VINF_IOM_HC_MMIO_READ_WRITE;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync /* copy loop. */
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync while (cTransfers)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync {
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync uint32_t u32Data;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = iomMMIODoRead(pVM, pRange, Phys, &u32Data, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync break;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync rc = iomMMIODoWrite(pVM, pMMIODst, PhysDst, &u32Data, cb);
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync if (rc != VINF_SUCCESS)
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync break;
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync
db453c26f429ba8057ea92644ddd59279b9a918dvboxsync Phys += offIncrement;
PhysDst += offIncrement;
pRegFrame->rsi += offIncrement;
pRegFrame->rdi += offIncrement;
cTransfers--;
}
}
else
{
/*
* Normal: [MMIO] -> [Mem]
*/
/* Access verification first; we currently can't recover properly from traps inside this instruction */
rc = PGMVerifyAccess(pVM, pu8Virt, cTransfers * cb, X86_PTE_RW | ((cpl == 3) ? X86_PTE_US : 0));
if (rc != VINF_SUCCESS)
{
Log(("MOVS will generate a trap -> recompiler, rc=%d\n", rc));
return VINF_EM_RAW_EMULATE_INSTR;
}
/* copy loop. */
#ifdef IN_GC
MMGCRamRegisterTrapHandler(pVM);
#endif
while (cTransfers)
{
uint32_t u32Data;
rc = iomMMIODoRead(pVM, pRange, Phys, &u32Data, cb);
if (rc != VINF_SUCCESS)
break;
rc = iomRamWrite(pVM, (RTGCPTR)pu8Virt, &u32Data, cb);
if (rc != VINF_SUCCESS)
{
Log(("iomRamWrite %08X size=%d failed with %d\n", pu8Virt, cb, rc));
break;
}
pu8Virt += offIncrement;
Phys += offIncrement;
pRegFrame->rsi += offIncrement;
pRegFrame->rdi += offIncrement;
cTransfers--;
}
#ifdef IN_GC
MMGCRamDeregisterTrapHandler(pVM);
#endif
}
/* Update ecx on exit. */
if (pCpu->prefix & PREFIX_REP)
pRegFrame->ecx = cTransfers;
}
/* work statistics. */
if (rc == VINF_SUCCESS)
iomMMIOStatLength(pVM, cb);
NOREF(ppStat);
return rc;
}
#endif /* IOM_WITH_MOVS_SUPPORT */
/**
* [REP] STOSB
* [REP] STOSW
* [REP] STOSD
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine .
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretSTOS(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
/*
* We do not support segment prefixes or REPNE..
*/
if (pCpu->prefix & (PREFIX_SEG | PREFIX_REPNE))
return VINF_IOM_HC_MMIO_READ_WRITE; /** @todo -> REM instead of HC */
/*
* Get bytes/words/dwords count to copy.
*/
uint32_t cTransfers = 1;
if (pCpu->prefix & PREFIX_REP)
{
#ifndef IN_GC
if ( CPUMIsGuestIn64BitCode(pVM, pRegFrame)
&& pRegFrame->rcx >= _4G)
return VINF_EM_RAW_EMULATE_INSTR;
#endif
cTransfers = pRegFrame->ecx;
if (SELMGetCpuModeFromSelector(pVM, pRegFrame->eflags, pRegFrame->cs, &pRegFrame->csHid) == CPUMODE_16BIT)
cTransfers &= 0xffff;
if (!cTransfers)
return VINF_SUCCESS;
}
/** @todo r=bird: bounds checks! */
/*
* Get data size.
*/
unsigned cb = DISGetParamSize(pCpu, &pCpu->param1);
AssertMsg(cb > 0 && cb <= sizeof(uint32_t), ("cb=%d\n", cb));
int offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
#ifdef VBOX_WITH_STATISTICS
if (pVM->iom.s.cStosMaxBytes < (cTransfers << SIZE_2_SHIFT(cb)))
pVM->iom.s.cStosMaxBytes = cTransfers << SIZE_2_SHIFT(cb);
#endif
RTGCPHYS Phys = GCPhysFault;
uint32_t u32Data = pRegFrame->eax;
int rc;
if (pRange->CTX_SUFF(pfnFillCallback))
{
/*
* Use the fill callback.
*/
/** @todo pfnFillCallback must return number of bytes successfully written!!! */
if (offIncrement > 0)
{
/* addr++ variant. */
rc = pRange->CTX_SUFF(pfnFillCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), Phys, u32Data, cb, cTransfers);
if (rc == VINF_SUCCESS)
{
/* Update registers. */
pRegFrame->rdi += cTransfers << SIZE_2_SHIFT(cb);
if (pCpu->prefix & PREFIX_REP)
pRegFrame->ecx = 0;
}
}
else
{
/* addr-- variant. */
rc = pRange->CTX_SUFF(pfnFillCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), (Phys - (cTransfers - 1)) << SIZE_2_SHIFT(cb), u32Data, cb, cTransfers);
if (rc == VINF_SUCCESS)
{
/* Update registers. */
pRegFrame->rdi -= cTransfers << SIZE_2_SHIFT(cb);
if (pCpu->prefix & PREFIX_REP)
pRegFrame->ecx = 0;
}
}
}
else
{
/*
* Use the write callback.
*/
Assert(pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3);
/* fill loop. */
do
{
rc = iomMMIODoWrite(pVM, pRange, Phys, &u32Data, cb);
if (rc != VINF_SUCCESS)
break;
Phys += offIncrement;
pRegFrame->rdi += offIncrement;
cTransfers--;
} while (cTransfers);
/* Update ecx on exit. */
if (pCpu->prefix & PREFIX_REP)
pRegFrame->ecx = cTransfers;
}
/*
* Work statistics and return.
*/
if (rc == VINF_SUCCESS)
iomMMIOStatLength(pVM, cb);
return rc;
}
/**
* [REP] LODSB
* [REP] LODSW
* [REP] LODSD
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretLODS(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
/*
* We do not support segment prefixes or REP*.
*/
if (pCpu->prefix & (PREFIX_SEG | PREFIX_REP | PREFIX_REPNE))
return VINF_IOM_HC_MMIO_READ_WRITE; /** @todo -> REM instead of HC */
/*
* Get data size.
*/
unsigned cb = DISGetParamSize(pCpu, &pCpu->param2);
AssertMsg(cb > 0 && cb <= sizeof(uint64_t), ("cb=%d\n", cb));
int offIncrement = pRegFrame->eflags.Bits.u1DF ? -(signed)cb : (signed)cb;
/*
* Perform read.
*/
int rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &pRegFrame->rax, cb);
if (rc == VINF_SUCCESS)
pRegFrame->rsi += offIncrement;
/*
* Work statistics and return.
*/
if (rc == VINF_SUCCESS)
iomMMIOStatLength(pVM, cb);
return rc;
}
/**
* CMP [MMIO], reg|imm
* CMP reg|imm, [MMIO]
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretCMP(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
/*
* Get the operands.
*/
unsigned cb = 0;
uint64_t uData1 = 0;
uint64_t uData2 = 0;
int rc;
if (iomGetRegImmData(pCpu, &pCpu->param1, pRegFrame, &uData1, &cb))
/* cmp reg, [MMIO]. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData2, cb);
else if (iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &uData2, &cb))
/* cmp [MMIO], reg|imm. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData1, cb);
else
{
AssertMsgFailed(("Disassember CMP problem..\n"));
rc = VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
}
if (rc == VINF_SUCCESS)
{
/* Emulate CMP and update guest flags. */
uint32_t eflags = EMEmulateCmp(uData1, uData2, cb);
pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
| (eflags & (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
iomMMIOStatLength(pVM, cb);
}
return rc;
}
/**
* AND [MMIO], reg|imm
* AND reg, [MMIO]
* OR [MMIO], reg|imm
* OR reg, [MMIO]
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
* @param pfnEmulate Instruction emulation function.
*/
static int iomInterpretOrXorAnd(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange, PFNEMULATEPARAM3 pfnEmulate)
{
unsigned cb = 0;
uint64_t uData1 = 0;
uint64_t uData2 = 0;
bool fAndWrite;
int rc;
#ifdef LOG_ENABLED
const char *pszInstr;
if (pCpu->pCurInstr->opcode == OP_XOR)
pszInstr = "Xor";
else if (pCpu->pCurInstr->opcode == OP_OR)
pszInstr = "Or";
else if (pCpu->pCurInstr->opcode == OP_AND)
pszInstr = "And";
else
pszInstr = "OrXorAnd??";
#endif
if (iomGetRegImmData(pCpu, &pCpu->param1, pRegFrame, &uData1, &cb))
{
/* and reg, [MMIO]. */
Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
fAndWrite = false;
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData2, cb);
}
else if (iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &uData2, &cb))
{
/* and [MMIO], reg|imm. */
fAndWrite = true;
if ( (pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3)
&& (pRange->CTX_SUFF(pfnWriteCallback) || !pRange->pfnWriteCallbackR3))
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData1, cb);
else
rc = VINF_IOM_HC_MMIO_READ_WRITE;
}
else
{
AssertMsgFailed(("Disassember AND problem..\n"));
return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
}
if (rc == VINF_SUCCESS)
{
/* Emulate AND and update guest flags. */
uint32_t eflags = pfnEmulate((uint32_t *)&uData1, uData2, cb);
LogFlow(("iomInterpretOrXorAnd %s result %RX64\n", pszInstr, uData1));
if (fAndWrite)
/* Store result to MMIO. */
rc = iomMMIODoWrite(pVM, pRange, GCPhysFault, &uData1, cb);
else
{
/* Store result to register. */
bool fRc = iomSaveDataToReg(pCpu, &pCpu->param1, pRegFrame, uData1);
AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
}
if (rc == VINF_SUCCESS)
{
/* Update guest's eflags and finish. */
pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
| (eflags & (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
iomMMIOStatLength(pVM, cb);
}
}
return rc;
}
/**
* TEST [MMIO], reg|imm
* TEST reg, [MMIO]
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretTEST(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
unsigned cb = 0;
uint64_t uData1 = 0;
uint64_t uData2 = 0;
int rc;
if (iomGetRegImmData(pCpu, &pCpu->param1, pRegFrame, &uData1, &cb))
{
/* and test, [MMIO]. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData2, cb);
}
else if (iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &uData2, &cb))
{
/* test [MMIO], reg|imm. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData1, cb);
}
else
{
AssertMsgFailed(("Disassember TEST problem..\n"));
return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
}
if (rc == VINF_SUCCESS)
{
/* Emulate TEST (=AND without write back) and update guest EFLAGS. */
uint32_t eflags = EMEmulateAnd((uint32_t *)&uData1, uData2, cb);
pRegFrame->eflags.u32 = (pRegFrame->eflags.u32 & ~(X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF))
| (eflags & (X86_EFL_CF | X86_EFL_PF | X86_EFL_AF | X86_EFL_ZF | X86_EFL_SF | X86_EFL_OF));
iomMMIOStatLength(pVM, cb);
}
return rc;
}
/**
* BT [MMIO], reg|imm
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretBT(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
Assert(pRange->CTX_SUFF(pfnReadCallback) || !pRange->pfnReadCallbackR3);
uint64_t uBit = 0;
uint64_t uData1 = 0;
unsigned cb = 0;
int rc;
if (iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &uBit, &cb))
{
/* bt [MMIO], reg|imm. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData1, cb);
}
else
{
AssertMsgFailed(("Disassember BT problem..\n"));
return VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
}
if (rc == VINF_SUCCESS)
{
/* The size of the memory operand only matters here. */
cb = DISGetParamSize(pCpu, &pCpu->param1);
/* Find the bit inside the faulting address */
uBit &= (cb*8 - 1);
pRegFrame->eflags.Bits.u1CF = (uData1 >> uBit);
iomMMIOStatLength(pVM, cb);
}
return rc;
}
/**
* XCHG [MMIO], reg
* XCHG reg, [MMIO]
*
* Restricted implementation.
*
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param pRegFrame Trap register frame.
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pCpu Disassembler CPU state.
* @param pRange Pointer MMIO range.
*/
static int iomInterpretXCHG(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, PDISCPUSTATE pCpu, PIOMMMIORANGE pRange)
{
/* Check for read & write handlers since IOMMMIOHandler doesn't cover this. */
if ( (!pRange->CTX_SUFF(pfnReadCallback) && pRange->pfnReadCallbackR3)
|| (!pRange->CTX_SUFF(pfnWriteCallback) && pRange->pfnWriteCallbackR3))
return VINF_IOM_HC_MMIO_READ_WRITE;
int rc;
unsigned cb = 0;
uint64_t uData1 = 0;
uint64_t uData2 = 0;
if (iomGetRegImmData(pCpu, &pCpu->param1, pRegFrame, &uData1, &cb))
{
/* xchg reg, [MMIO]. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData2, cb);
if (rc == VINF_SUCCESS)
{
/* Store result to MMIO. */
rc = iomMMIODoWrite(pVM, pRange, GCPhysFault, &uData1, cb);
if (rc == VINF_SUCCESS)
{
/* Store result to register. */
bool fRc = iomSaveDataToReg(pCpu, &pCpu->param1, pRegFrame, uData2);
AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
}
else
Assert(rc == VINF_IOM_HC_MMIO_WRITE || rc == VINF_PATM_HC_MMIO_PATCH_WRITE);
}
else
Assert(rc == VINF_IOM_HC_MMIO_READ || rc == VINF_PATM_HC_MMIO_PATCH_READ);
}
else if (iomGetRegImmData(pCpu, &pCpu->param2, pRegFrame, &uData2, &cb))
{
/* xchg [MMIO], reg. */
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, &uData1, cb);
if (rc == VINF_SUCCESS)
{
/* Store result to MMIO. */
rc = iomMMIODoWrite(pVM, pRange, GCPhysFault, &uData2, cb);
if (rc == VINF_SUCCESS)
{
/* Store result to register. */
bool fRc = iomSaveDataToReg(pCpu, &pCpu->param2, pRegFrame, uData1);
AssertMsg(fRc, ("Failed to store register value!\n")); NOREF(fRc);
}
else
Assert(rc == VINF_IOM_HC_MMIO_WRITE || rc == VINF_PATM_HC_MMIO_PATCH_WRITE);
}
else
Assert(rc == VINF_IOM_HC_MMIO_READ || rc == VINF_PATM_HC_MMIO_PATCH_READ);
}
else
{
AssertMsgFailed(("Disassember XCHG problem..\n"));
rc = VERR_IOM_MMIO_HANDLER_DISASM_ERROR;
}
return rc;
}
/**
* \#PF Handler callback for MMIO ranges.
*
* @returns VBox status code (appropriate for GC return).
* @param pVM VM Handle.
* @param uErrorCode CPU Error code.
* @param pCtxCore Trap register frame.
* @param pvFault The fault address (cr2).
* @param GCPhysFault The GC physical address corresponding to pvFault.
* @param pvUser Pointer to the MMIO ring-3 range entry.
*/
VMMDECL(int) IOMMMIOHandler(PVM pVM, RTGCUINT uErrorCode, PCPUMCTXCORE pCtxCore, RTGCPTR pvFault, RTGCPHYS GCPhysFault, void *pvUser)
{
STAM_PROFILE_START(&pVM->iom.s.StatRZMMIOHandler, a);
Log(("IOMMMIOHandler: GCPhys=%RGp uErr=%#x pvFault=%VGv eip=%VGv\n",
GCPhysFault, (uint32_t)uErrorCode, pvFault, pCtxCore->rip));
PIOMMMIORANGE pRange = (PIOMMMIORANGE)pvUser;
Assert(pRange);
Assert(pRange == iomMMIOGetRange(&pVM->iom.s, GCPhysFault));
#ifdef VBOX_WITH_STATISTICS
/*
* Locate the statistics, if > PAGE_SIZE we'll use the first byte for everything.
*/
PIOMMMIOSTATS pStats = iomMMIOGetStats(&pVM->iom.s, GCPhysFault, pRange);
if (!pStats)
{
# ifdef IN_RING3
return VERR_NO_MEMORY;
# else
STAM_PROFILE_STOP(&pVM->iom.s.StatRZMMIOHandler, a);
STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIOFailures);
return uErrorCode & X86_TRAP_PF_RW ? VINF_IOM_HC_MMIO_WRITE : VINF_IOM_HC_MMIO_READ;
# endif
}
#endif
#ifndef IN_RING3
/*
* Should we defer the request right away?
*/
if (uErrorCode & X86_TRAP_PF_RW
? !pRange->CTX_SUFF(pfnWriteCallback) && pRange->pfnWriteCallbackR3
: !pRange->CTX_SUFF(pfnReadCallback) && pRange->pfnReadCallbackR3)
{
# ifdef VBOX_WITH_STATISTICS
if (uErrorCode & X86_TRAP_PF_RW)
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Write,ToR3));
else
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Read,ToR3));
# endif
STAM_PROFILE_STOP(&pVM->iom.s.StatRZMMIOHandler, a);
STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIOFailures);
return uErrorCode & X86_TRAP_PF_RW ? VINF_IOM_HC_MMIO_WRITE : VINF_IOM_HC_MMIO_READ;
}
#endif /* !IN_RING3 */
/*
* Disassemble the instruction and interprete it.
*/
DISCPUSTATE Cpu;
unsigned cbOp;
int rc = EMInterpretDisasOne(pVM, pCtxCore, &Cpu, &cbOp);
AssertRCReturn(rc, rc);
switch (Cpu.pCurInstr->opcode)
{
case OP_MOV:
case OP_MOVZX:
case OP_MOVSX:
{
STAM_PROFILE_START(&pVM->iom.s.StatRZInstMov, b);
if (uErrorCode & X86_TRAP_PF_RW)
rc = iomInterpretMOVxXWrite(pVM, pCtxCore, &Cpu, pRange, GCPhysFault);
else
rc = iomInterpretMOVxXRead(pVM, pCtxCore, &Cpu, pRange, GCPhysFault);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstMov, b);
break;
}
#ifdef IOM_WITH_MOVS_SUPPORT
case OP_MOVSB:
case OP_MOVSWD:
{
STAM_PROFILE_ADV_START(&pVM->iom.s.StatRZInstMovs, c);
PSTAMPROFILE pStat = NULL;
rc = iomInterpretMOVS(pVM, uErrorCode, pCtxCore, GCPhysFault, &Cpu, pRange, &pStat);
STAM_PROFILE_ADV_STOP_EX(&pVM->iom.s.StatRZInstMovs, pStat, c);
break;
}
#endif
case OP_STOSB:
case OP_STOSWD:
Assert(uErrorCode & X86_TRAP_PF_RW);
STAM_PROFILE_START(&pVM->iom.s.StatRZInstStos, d);
rc = iomInterpretSTOS(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstStos, d);
break;
case OP_LODSB:
case OP_LODSWD:
Assert(!(uErrorCode & X86_TRAP_PF_RW));
STAM_PROFILE_START(&pVM->iom.s.StatRZInstLods, e);
rc = iomInterpretLODS(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstLods, e);
break;
case OP_CMP:
Assert(!(uErrorCode & X86_TRAP_PF_RW));
STAM_PROFILE_START(&pVM->iom.s.StatRZInstCmp, f);
rc = iomInterpretCMP(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstCmp, f);
break;
case OP_AND:
STAM_PROFILE_START(&pVM->iom.s.StatRZInstAnd, g);
rc = iomInterpretOrXorAnd(pVM, pCtxCore, GCPhysFault, &Cpu, pRange, EMEmulateAnd);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstAnd, g);
break;
case OP_OR:
STAM_PROFILE_START(&pVM->iom.s.StatRZInstOr, k);
rc = iomInterpretOrXorAnd(pVM, pCtxCore, GCPhysFault, &Cpu, pRange, EMEmulateOr);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstOr, k);
break;
case OP_XOR:
STAM_PROFILE_START(&pVM->iom.s.StatRZInstXor, m);
rc = iomInterpretOrXorAnd(pVM, pCtxCore, GCPhysFault, &Cpu, pRange, EMEmulateXor);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstXor, m);
break;
case OP_TEST:
Assert(!(uErrorCode & X86_TRAP_PF_RW));
STAM_PROFILE_START(&pVM->iom.s.StatRZInstTest, h);
rc = iomInterpretTEST(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstTest, h);
break;
case OP_BT:
Assert(!(uErrorCode & X86_TRAP_PF_RW));
STAM_PROFILE_START(&pVM->iom.s.StatRZInstBt, l);
rc = iomInterpretBT(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstBt, l);
break;
case OP_XCHG:
STAM_PROFILE_START(&pVM->iom.s.StatRZInstXchg, i);
rc = iomInterpretXCHG(pVM, pCtxCore, GCPhysFault, &Cpu, pRange);
STAM_PROFILE_STOP(&pVM->iom.s.StatRZInstXchg, i);
break;
/*
* The instruction isn't supported. Hand it on to ring-3.
*/
default:
STAM_COUNTER_INC(&pVM->iom.s.StatRZInstOther);
rc = (uErrorCode & X86_TRAP_PF_RW) ? VINF_IOM_HC_MMIO_WRITE : VINF_IOM_HC_MMIO_READ;
break;
}
/*
* On success advance EIP.
*/
if (rc == VINF_SUCCESS)
pCtxCore->rip += cbOp;
else
{
STAM_COUNTER_INC(&pVM->iom.s.StatRZMMIOFailures);
#if defined(VBOX_WITH_STATISTICS) && !defined(IN_RING3)
switch (rc)
{
case VINF_IOM_HC_MMIO_READ:
case VINF_IOM_HC_MMIO_READ_WRITE:
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Read,ToR3));
break;
case VINF_IOM_HC_MMIO_WRITE:
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Write,ToR3));
break;
}
#endif
}
STAM_PROFILE_STOP(&pVM->iom.s.StatRZMMIOHandler, a);
return rc;
}
#ifdef IN_RING3
/**
* \#PF Handler callback for MMIO ranges.
*
* @returns VINF_SUCCESS if the handler have carried out the operation.
* @returns VINF_PGM_HANDLER_DO_DEFAULT if the caller should carry out the access operation.
* @param pVM VM Handle.
* @param GCPhys The physical address the guest is writing to.
* @param pvPhys The HC mapping of that address.
* @param pvBuf What the guest is reading/writing.
* @param cbBuf How much it's reading/writing.
* @param enmAccessType The access type.
* @param pvUser Pointer to the MMIO range entry.
*/
DECLCALLBACK(int) IOMR3MMIOHandler(PVM pVM, RTGCPHYS GCPhysFault, void *pvPhys, void *pvBuf, size_t cbBuf, PGMACCESSTYPE enmAccessType, void *pvUser)
{
int rc;
PIOMMMIORANGE pRange = (PIOMMMIORANGE)pvUser;
STAM_COUNTER_INC(&pVM->iom.s.StatR3MMIOHandler);
AssertMsg(cbBuf == 1 || cbBuf == 2 || cbBuf == 4 || cbBuf == 8, ("%zu\n", cbBuf));
Assert(pRange);
Assert(pRange == iomMMIOGetRange(&pVM->iom.s, GCPhysFault));
if (enmAccessType == PGMACCESSTYPE_READ)
rc = iomMMIODoRead(pVM, pRange, GCPhysFault, pvBuf, cbBuf);
else
rc = iomMMIODoWrite(pVM, pRange, GCPhysFault, pvBuf, cbBuf);
AssertRC(rc);
return rc;
}
#endif /* IN_RING3 */
/**
* Reads a MMIO register.
*
* @returns VBox status code.
*
* @param pVM VM handle.
* @param GCPhys The physical address to read.
* @param pu32Value Where to store the value read.
* @param cbValue The size of the register to read in bytes. 1, 2 or 4 bytes.
*/
VMMDECL(int) IOMMMIORead(PVM pVM, RTGCPHYS GCPhys, uint32_t *pu32Value, size_t cbValue)
{
/*
* Lookup the current context range node and statistics.
*/
PIOMMMIORANGE pRange = iomMMIOGetRange(&pVM->iom.s, GCPhys);
AssertMsgReturn(pRange,
("Handlers and page tables are out of sync or something! GCPhys=%VGp cbValue=%d\n", GCPhys, cbValue),
VERR_INTERNAL_ERROR);
#ifdef VBOX_WITH_STATISTICS
PIOMMMIOSTATS pStats = iomMMIOGetStats(&pVM->iom.s, GCPhys, pRange);
if (!pStats)
# ifdef IN_RING3
return VERR_NO_MEMORY;
# else
return VINF_IOM_HC_MMIO_READ;
# endif
#endif /* VBOX_WITH_STATISTICS */
if (pRange->CTX_SUFF(pfnReadCallback))
{
/*
* Perform the read and deal with the result.
*/
#ifdef VBOX_WITH_STATISTICS
STAM_PROFILE_ADV_START(&pStats->CTX_SUFF_Z(ProfRead), a);
#endif
int rc = pRange->CTX_SUFF(pfnReadCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), GCPhys, pu32Value, cbValue);
#ifdef VBOX_WITH_STATISTICS
STAM_PROFILE_ADV_STOP(&pStats->CTX_SUFF_Z(ProfRead), a);
if (rc != VINF_IOM_HC_MMIO_READ)
STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Read));
#endif
switch (rc)
{
case VINF_SUCCESS:
default:
Log4(("IOMMMIORead: GCPhys=%RGp *pu32=%08RX32 cb=%d rc=%Vrc\n", GCPhys, *pu32Value, cbValue, rc));
return rc;
case VINF_IOM_MMIO_UNUSED_00:
switch (cbValue)
{
case 1: *(uint8_t *)pu32Value = UINT8_C(0x00); break;
case 2: *(uint16_t *)pu32Value = UINT16_C(0x0000); break;
case 4: *(uint32_t *)pu32Value = UINT32_C(0x00000000); break;
case 8: *(uint64_t *)pu32Value = UINT64_C(0x0000000000000000); break;
default: AssertReleaseMsgFailed(("cbValue=%d GCPhys=%VGp\n", cbValue, GCPhys)); break;
}
Log4(("IOMMMIORead: GCPhys=%RGp *pu32=%08RX32 cb=%d rc=%Vrc\n", GCPhys, *pu32Value, cbValue, rc));
return VINF_SUCCESS;
case VINF_IOM_MMIO_UNUSED_FF:
switch (cbValue)
{
case 1: *(uint8_t *)pu32Value = UINT8_C(0xff); break;
case 2: *(uint16_t *)pu32Value = UINT16_C(0xffff); break;
case 4: *(uint32_t *)pu32Value = UINT32_C(0xffffffff); break;
case 8: *(uint64_t *)pu32Value = UINT64_C(0xffffffffffffffff); break;
default: AssertReleaseMsgFailed(("cbValue=%d GCPhys=%VGp\n", cbValue, GCPhys)); break;
}
Log4(("IOMMMIORead: GCPhys=%RGp *pu32=%08RX32 cb=%d rc=%Vrc\n", GCPhys, *pu32Value, cbValue, rc));
return VINF_SUCCESS;
}
}
#ifndef IN_RING3
if (pRange->pfnReadCallbackR3)
{
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Read,ToR3));
return VINF_IOM_HC_MMIO_READ;
}
#endif
/*
* Lookup the ring-3 range.
*/
#ifdef VBOX_WITH_STATISTICS
STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Read));
#endif
/* Unassigned memory; this is actually not supposed to happen. */
switch (cbValue)
{
case 1: *(uint8_t *)pu32Value = UINT8_C(0xff); break;
case 2: *(uint16_t *)pu32Value = UINT16_C(0xffff); break;
case 4: *(uint32_t *)pu32Value = UINT32_C(0xffffffff); break;
case 8: *(uint64_t *)pu32Value = UINT64_C(0xffffffffffffffff); break;
default: AssertReleaseMsgFailed(("cbValue=%d GCPhys=%VGp\n", cbValue, GCPhys)); break;
}
Log4(("IOMMMIORead: GCPhys=%RGp *pu32=%08RX32 cb=%d rc=VINF_SUCCESS\n", GCPhys, *pu32Value, cbValue));
return VINF_SUCCESS;
}
/**
* Writes to a MMIO register.
*
* @returns VBox status code.
*
* @param pVM VM handle.
* @param GCPhys The physical address to write to.
* @param u32Value The value to write.
* @param cbValue The size of the register to read in bytes. 1, 2 or 4 bytes.
*/
VMMDECL(int) IOMMMIOWrite(PVM pVM, RTGCPHYS GCPhys, uint32_t u32Value, size_t cbValue)
{
/*
* Lookup the current context range node.
*/
PIOMMMIORANGE pRange = iomMMIOGetRange(&pVM->iom.s, GCPhys);
AssertMsgReturn(pRange,
("Handlers and page tables are out of sync or something! GCPhys=%VGp cbValue=%d\n", GCPhys, cbValue),
VERR_INTERNAL_ERROR);
#ifdef VBOX_WITH_STATISTICS
PIOMMMIOSTATS pStats = iomMMIOGetStats(&pVM->iom.s, GCPhys, pRange);
if (!pStats)
# ifdef IN_RING3
return VERR_NO_MEMORY;
# else
return VINF_IOM_HC_MMIO_WRITE;
# endif
#endif /* VBOX_WITH_STATISTICS */
/*
* Perform the write if there's a write handler. R0/GC may have
* to defer it to ring-3.
*/
if (pRange->CTX_SUFF(pfnWriteCallback))
{
#ifdef VBOX_WITH_STATISTICS
STAM_PROFILE_ADV_START(&pStats->CTX_SUFF_Z(ProfWrite), a);
#endif
int rc = pRange->CTX_SUFF(pfnWriteCallback)(pRange->CTX_SUFF(pDevIns), pRange->CTX_SUFF(pvUser), GCPhys, &u32Value, cbValue);
#ifdef VBOX_WITH_STATISTICS
STAM_PROFILE_ADV_STOP(&pStats->CTX_SUFF_Z(ProfWrite), a);
if (rc != VINF_IOM_HC_MMIO_WRITE)
STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Write));
#endif
Log4(("IOMMMIOWrite: GCPhys=%RGp u32=%08RX32 cb=%d rc=%Vrc\n", GCPhys, u32Value, cbValue, rc));
return rc;
}
#ifndef IN_RING3
if (pRange->pfnWriteCallbackR3)
{
STAM_COUNTER_INC(&pStats->CTX_MID_Z(Write,ToR3));
return VINF_IOM_HC_MMIO_WRITE;
}
#endif
/*
* No write handler, nothing to do.
*/
#ifdef VBOX_WITH_STATISTICS
STAM_COUNTER_INC(&pStats->CTX_SUFF_Z(Write));
#endif
Log4(("IOMMMIOWrite: GCPhys=%RGp u32=%08RX32 cb=%d rc=%Vrc\n", GCPhys, u32Value, cbValue, VINF_SUCCESS));
return VINF_SUCCESS;
}
/**
* [REP*] INSB/INSW/INSD
* ES:EDI,DX[,ECX]
*
* @remark Assumes caller checked the access privileges (IOMInterpretCheckPortIOAccess)
*
* @returns Strict VBox status code. Informational status codes other than the one documented
* here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
* @retval VINF_SUCCESS Success.
* @retval VINF_EM_FIRST-VINF_EM_LAST Success with some exceptions (see IOM_SUCCESS()), the
* status code must be passed on to EM.
* @retval VINF_IOM_HC_IOPORT_READ Defer the read to ring-3. (R0/GC only)
* @retval VINF_EM_RAW_EMULATE_INSTR Defer the read to the REM.
* @retval VINF_EM_RAW_GUEST_TRAP The exception was left pending. (TRPMRaiseXcptErr)
* @retval VINF_TRPM_XCPT_DISPATCHED The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
* @retval VINF_EM_RESCHEDULE_REM The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
*
* @param pVM The virtual machine.
* @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
* @param uPort IO Port
* @param uPrefix IO instruction prefix
* @param cbTransfer Size of transfer unit
*/
VMMDECL(int) IOMInterpretINSEx(PVM pVM, PCPUMCTXCORE pRegFrame, uint32_t uPort, uint32_t uPrefix, uint32_t cbTransfer)
{
#ifdef VBOX_WITH_STATISTICS
STAM_COUNTER_INC(&pVM->iom.s.StatInstIns);
#endif
/*
* We do not support REPNE or decrementing destination
* pointer. Segment prefixes are deliberately ignored, as per the instruction specification.
*/
if ( (uPrefix & PREFIX_REPNE)
|| pRegFrame->eflags.Bits.u1DF)
return VINF_EM_RAW_EMULATE_INSTR;
/*
* Get bytes/words/dwords count to transfer.
*/
RTGCUINTREG cTransfers = 1;
if (uPrefix & PREFIX_REP)
{
#ifndef IN_GC
if ( CPUMIsGuestIn64BitCode(pVM, pRegFrame)
&& pRegFrame->rcx >= _4G)
return VINF_EM_RAW_EMULATE_INSTR;
#endif
cTransfers = pRegFrame->ecx;
if (SELMGetCpuModeFromSelector(pVM, pRegFrame->eflags, pRegFrame->cs, &pRegFrame->csHid) == CPUMODE_16BIT)
cTransfers &= 0xffff;
if (!cTransfers)
return VINF_SUCCESS;
}
/* Convert destination address es:edi. */
RTGCPTR GCPtrDst;
int rc = SELMToFlatEx(pVM, DIS_SELREG_ES, pRegFrame, (RTGCPTR)pRegFrame->rdi,
SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
&GCPtrDst);
if (RT_FAILURE(rc))
{
Log(("INS destination address conversion failed -> fallback, rc=%d\n", rc));
return VINF_EM_RAW_EMULATE_INSTR;
}
/* Access verification first; we can't recover from traps inside this instruction, as the port read cannot be repeated. */
uint32_t cpl = CPUMGetGuestCPL(pVM, pRegFrame);
rc = PGMVerifyAccess(pVM, (RTGCUINTPTR)GCPtrDst, cTransfers * cbTransfer,
X86_PTE_RW | ((cpl == 3) ? X86_PTE_US : 0));
if (rc != VINF_SUCCESS)
{
Log(("INS will generate a trap -> fallback, rc=%d\n", rc));
return VINF_EM_RAW_EMULATE_INSTR;
}
Log(("IOM: rep ins%d port %#x count %d\n", cbTransfer * 8, uPort, cTransfers));
if (cTransfers > 1)
{
/* If the device supports string transfers, ask it to do as
* much as it wants. The rest is done with single-word transfers. */
const RTGCUINTREG cTransfersOrg = cTransfers;
rc = IOMIOPortReadString(pVM, uPort, &GCPtrDst, &cTransfers, cbTransfer);
AssertRC(rc); Assert(cTransfers <= cTransfersOrg);
pRegFrame->rdi += (cTransfersOrg - cTransfers) * cbTransfer;
}
#ifdef IN_GC
MMGCRamRegisterTrapHandler(pVM);
#endif
while (cTransfers && rc == VINF_SUCCESS)
{
uint32_t u32Value;
rc = IOMIOPortRead(pVM, uPort, &u32Value, cbTransfer);
if (!IOM_SUCCESS(rc))
break;
int rc2 = iomRamWrite(pVM, GCPtrDst, &u32Value, cbTransfer);
Assert(rc2 == VINF_SUCCESS); NOREF(rc2);
GCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCPtrDst + cbTransfer);
pRegFrame->rdi += cbTransfer;
cTransfers--;
}
#ifdef IN_GC
MMGCRamDeregisterTrapHandler(pVM);
#endif
/* Update ecx on exit. */
if (uPrefix & PREFIX_REP)
pRegFrame->ecx = cTransfers;
AssertMsg(rc == VINF_SUCCESS || rc == VINF_IOM_HC_IOPORT_READ || (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST) || RT_FAILURE(rc), ("%Vrc\n", rc));
return rc;
}
/**
* [REP*] INSB/INSW/INSD
* ES:EDI,DX[,ECX]
*
* @returns Strict VBox status code. Informational status codes other than the one documented
* here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
* @retval VINF_SUCCESS Success.
* @retval VINF_EM_FIRST-VINF_EM_LAST Success with some exceptions (see IOM_SUCCESS()), the
* status code must be passed on to EM.
* @retval VINF_IOM_HC_IOPORT_READ Defer the read to ring-3. (R0/GC only)
* @retval VINF_EM_RAW_EMULATE_INSTR Defer the read to the REM.
* @retval VINF_EM_RAW_GUEST_TRAP The exception was left pending. (TRPMRaiseXcptErr)
* @retval VINF_TRPM_XCPT_DISPATCHED The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
* @retval VINF_EM_RESCHEDULE_REM The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
*
* @param pVM The virtual machine.
* @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
* @param pCpu Disassembler CPU state.
*/
VMMDECL(int) IOMInterpretINS(PVM pVM, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu)
{
/*
* Get port number directly from the register (no need to bother the
* disassembler). And get the I/O register size from the opcode / prefix.
*/
RTIOPORT Port = pRegFrame->edx & 0xffff;
unsigned cb = 0;
if (pCpu->pCurInstr->opcode == OP_INSB)
cb = 1;
else
cb = (pCpu->opmode == CPUMODE_16BIT) ? 2 : 4; /* dword in both 32 & 64 bits mode */
int rc = IOMInterpretCheckPortIOAccess(pVM, pRegFrame, Port, cb);
if (RT_UNLIKELY(rc != VINF_SUCCESS))
{
AssertMsg(rc == VINF_EM_RAW_GUEST_TRAP || rc == VINF_TRPM_XCPT_DISPATCHED || rc == VINF_TRPM_XCPT_DISPATCHED || RT_FAILURE(rc), ("%Vrc\n", rc));
return rc;
}
return IOMInterpretINSEx(pVM, pRegFrame, Port, pCpu->prefix, cb);
}
/**
* [REP*] OUTSB/OUTSW/OUTSD
* DS:ESI,DX[,ECX]
*
* @remark Assumes caller checked the access privileges (IOMInterpretCheckPortIOAccess)
*
* @returns Strict VBox status code. Informational status codes other than the one documented
* here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
* @retval VINF_SUCCESS Success.
* @retval VINF_EM_FIRST-VINF_EM_LAST Success with some exceptions (see IOM_SUCCESS()), the
* status code must be passed on to EM.
* @retval VINF_IOM_HC_IOPORT_WRITE Defer the write to ring-3. (R0/GC only)
* @retval VINF_EM_RAW_GUEST_TRAP The exception was left pending. (TRPMRaiseXcptErr)
* @retval VINF_TRPM_XCPT_DISPATCHED The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
* @retval VINF_EM_RESCHEDULE_REM The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
*
* @param pVM The virtual machine.
* @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
* @param uPort IO Port
* @param uPrefix IO instruction prefix
* @param cbTransfer Size of transfer unit
*/
VMMDECL(int) IOMInterpretOUTSEx(PVM pVM, PCPUMCTXCORE pRegFrame, uint32_t uPort, uint32_t uPrefix, uint32_t cbTransfer)
{
#ifdef VBOX_WITH_STATISTICS
STAM_COUNTER_INC(&pVM->iom.s.StatInstOuts);
#endif
/*
* We do not support segment prefixes, REPNE or
* decrementing source pointer.
*/
if ( (uPrefix & (PREFIX_SEG | PREFIX_REPNE))
|| pRegFrame->eflags.Bits.u1DF)
return VINF_EM_RAW_EMULATE_INSTR;
/*
* Get bytes/words/dwords count to transfer.
*/
RTGCUINTREG cTransfers = 1;
if (uPrefix & PREFIX_REP)
{
#ifndef IN_GC
if ( CPUMIsGuestIn64BitCode(pVM, pRegFrame)
&& pRegFrame->rcx >= _4G)
return VINF_EM_RAW_EMULATE_INSTR;
#endif
cTransfers = pRegFrame->ecx;
if (SELMGetCpuModeFromSelector(pVM, pRegFrame->eflags, pRegFrame->cs, &pRegFrame->csHid) == CPUMODE_16BIT)
cTransfers &= 0xffff;
if (!cTransfers)
return VINF_SUCCESS;
}
/* Convert source address ds:esi. */
RTGCPTR GCPtrSrc;
int rc = SELMToFlatEx(pVM, DIS_SELREG_DS, pRegFrame, (RTGCPTR)pRegFrame->rsi,
SELMTOFLAT_FLAGS_HYPER | SELMTOFLAT_FLAGS_NO_PL,
&GCPtrSrc);
if (RT_FAILURE(rc))
{
Log(("OUTS source address conversion failed -> fallback, rc=%Vrc\n", rc));
return VINF_EM_RAW_EMULATE_INSTR;
}
/* Access verification first; we currently can't recover properly from traps inside this instruction */
uint32_t cpl = CPUMGetGuestCPL(pVM, pRegFrame);
rc = PGMVerifyAccess(pVM, (RTGCUINTPTR)GCPtrSrc, cTransfers * cbTransfer,
(cpl == 3) ? X86_PTE_US : 0);
if (rc != VINF_SUCCESS)
{
Log(("OUTS will generate a trap -> fallback, rc=%Vrc\n", rc));
return VINF_EM_RAW_EMULATE_INSTR;
}
Log(("IOM: rep outs%d port %#x count %d\n", cbTransfer * 8, uPort, cTransfers));
if (cTransfers > 1)
{
/*
* If the device supports string transfers, ask it to do as
* much as it wants. The rest is done with single-word transfers.
*/
const RTGCUINTREG cTransfersOrg = cTransfers;
rc = IOMIOPortWriteString(pVM, uPort, &GCPtrSrc, &cTransfers, cbTransfer);
AssertRC(rc); Assert(cTransfers <= cTransfersOrg);
pRegFrame->rsi += (cTransfersOrg - cTransfers) * cbTransfer;
}
#ifdef IN_GC
MMGCRamRegisterTrapHandler(pVM);
#endif
while (cTransfers && rc == VINF_SUCCESS)
{
uint32_t u32Value;
rc = iomRamRead(pVM, &u32Value, GCPtrSrc, cbTransfer);
if (rc != VINF_SUCCESS)
break;
rc = IOMIOPortWrite(pVM, uPort, u32Value, cbTransfer);
if (!IOM_SUCCESS(rc))
break;
GCPtrSrc = (RTGCPTR)((RTUINTPTR)GCPtrSrc + cbTransfer);
pRegFrame->rsi += cbTransfer;
cTransfers--;
}
#ifdef IN_GC
MMGCRamDeregisterTrapHandler(pVM);
#endif
/* Update ecx on exit. */
if (uPrefix & PREFIX_REP)
pRegFrame->ecx = cTransfers;
AssertMsg(rc == VINF_SUCCESS || rc == VINF_IOM_HC_IOPORT_WRITE || (rc >= VINF_EM_FIRST && rc <= VINF_EM_LAST) || RT_FAILURE(rc), ("%Vrc\n", rc));
return rc;
}
/**
* [REP*] OUTSB/OUTSW/OUTSD
* DS:ESI,DX[,ECX]
*
* @returns Strict VBox status code. Informational status codes other than the one documented
* here are to be treated as internal failure. Use IOM_SUCCESS() to check for success.
* @retval VINF_SUCCESS Success.
* @retval VINF_EM_FIRST-VINF_EM_LAST Success with some exceptions (see IOM_SUCCESS()), the
* status code must be passed on to EM.
* @retval VINF_IOM_HC_IOPORT_WRITE Defer the write to ring-3. (R0/GC only)
* @retval VINF_EM_RAW_EMULATE_INSTR Defer the write to the REM.
* @retval VINF_EM_RAW_GUEST_TRAP The exception was left pending. (TRPMRaiseXcptErr)
* @retval VINF_TRPM_XCPT_DISPATCHED The exception was raised and dispatched for raw-mode execution. (TRPMRaiseXcptErr)
* @retval VINF_EM_RESCHEDULE_REM The exception was dispatched and cannot be executed in raw-mode. (TRPMRaiseXcptErr)
*
* @param pVM The virtual machine.
* @param pRegFrame Pointer to CPUMCTXCORE guest registers structure.
* @param pCpu Disassembler CPU state.
*/
VMMDECL(int) IOMInterpretOUTS(PVM pVM, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu)
{
/*
* Get port number from the first parameter.
* And get the I/O register size from the opcode / prefix.
*/
uint64_t Port = 0;
unsigned cb = 0;
bool fRc = iomGetRegImmData(pCpu, &pCpu->param1, pRegFrame, &Port, &cb);
AssertMsg(fRc, ("Failed to get reg/imm port number!\n")); NOREF(fRc);
if (pCpu->pCurInstr->opcode == OP_OUTSB)
cb = 1;
else
cb = (pCpu->opmode == CPUMODE_16BIT) ? 2 : 4; /* dword in both 32 & 64 bits mode */
int rc = IOMInterpretCheckPortIOAccess(pVM, pRegFrame, Port, cb);
if (RT_UNLIKELY(rc != VINF_SUCCESS))
{
AssertMsg(rc == VINF_EM_RAW_GUEST_TRAP || rc == VINF_TRPM_XCPT_DISPATCHED || rc == VINF_TRPM_XCPT_DISPATCHED || RT_FAILURE(rc), ("%Vrc\n", rc));
return rc;
}
return IOMInterpretOUTSEx(pVM, pRegFrame, Port, pCpu->prefix, cb);
}
#ifndef IN_GC
/**
* Modify an existing MMIO region page; map to another guest physical region and change the access flags
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param GCPhys Physical address that's part of the MMIO region to be changed.
* @param GCPhysRemapped Remapped address.
* @param fPageFlags Page flags to set (typically X86_PTE_RW).
*/
VMMDECL(int) IOMMMIOModifyPage(PVM pVM, RTGCPHYS GCPhys, RTGCPHYS GCPhysRemapped, uint64_t fPageFlags)
{
Assert(fPageFlags == (X86_PTE_RW|X86_PTE_P));
Log(("IOMMMIOModifyPage %VGp -> %VGp flags=%RX64\n", GCPhys, GCPhysRemapped, fPageFlags));
/*
* Lookup the current context range node and statistics.
*/
PIOMMMIORANGE pRange = iomMMIOGetRange(&pVM->iom.s, GCPhys);
AssertMsgReturn(pRange,
("Handlers and page tables are out of sync or something! GCPhys=%VGp\n", GCPhys),
VERR_INTERNAL_ERROR);
GCPhys &= ~0xfff;
GCPhysRemapped &= ~0xfff;
/* This currently only works in real mode, protected mode without paging or with nested paging. */
if ( CPUMIsGuestInPagedProtectedMode(pVM)
&& !HWACCMIsNestedPagingActive(pVM))
return VINF_SUCCESS; /* ignore */
int rc = PGMHandlerPhysicalPageAlias(pVM, pRange->GCPhys, GCPhys, GCPhysRemapped);
AssertRCReturn(rc, rc);
/* Prefetch it as it's now marked as not present and our trap handler will
* still call the access handler.
*/
rc = PGMPrefetchPage(pVM, (RTGCPTR)GCPhys);
AssertRC(rc);
/* Mark it as writable and present so reads and writes no longer fault. */
rc = PGMShwModifyPage(pVM, (RTGCPTR)GCPhys, 1, fPageFlags, ~fPageFlags);
AssertRC(rc);
return VINF_SUCCESS;
}
/**
* Reset a previously modified MMIO region; restore the access flags.
*
* @returns VBox status code.
*
* @param pVM The virtual machine.
* @param GCPhys Physical address that's part of the MMIO region to be reset.
*/
VMMDECL(int) IOMMMIOResetRegion(PVM pVM, RTGCPHYS GCPhys)
{
unsigned cb;
Log(("IOMMMIOResetRegion %VGp\n", GCPhys));
/*
* Lookup the current context range node and statistics.
*/
PIOMMMIORANGE pRange = iomMMIOGetRange(&pVM->iom.s, GCPhys);
AssertMsgReturn(pRange,
("Handlers and page tables are out of sync or something! GCPhys=%VGp\n", GCPhys),
VERR_INTERNAL_ERROR);
/* This currently only works in real mode, protected mode without paging or with nested paging. */
if ( CPUMIsGuestInPagedProtectedMode(pVM)
&& !HWACCMIsNestedPagingActive(pVM))
return VINF_SUCCESS; /* ignore */
cb = pRange->cb;
GCPhys = pRange->GCPhys;
while(cb)
{
int rc = PGMHandlerPhysicalPageReset(pVM, pRange->GCPhys, GCPhys);
AssertRC(rc);
/* Mark it as not present again to intercept all read and write access. */
rc = PGMShwModifyPage(pVM, (RTGCPTR)GCPhys, 1, 0, ~(uint64_t)(X86_PTE_RW|X86_PTE_P));
AssertRC(rc);
cb -= PAGE_SIZE;
GCPhys += PAGE_SIZE;
}
return VINF_SUCCESS;
}
#endif /* !IN_GC */