PGMR0.cpp revision 150283991b1a312acbe86c67d3420f6463b38878
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * PGM - Page Manager and Monitor, Ring-0.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Copyright (C) 2007-2010 Oracle Corporation
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * This file is part of VirtualBox Open Source Edition (OSE), as
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * available from http://www.virtualbox.org. This file is free software;
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * you can redistribute it and/or modify it under the terms of the GNU
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * General Public License (GPL) as published by the Free Software
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Foundation, in version 2 as it comes in the "COPYING" file of the
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync/*******************************************************************************
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync* Header Files *
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync*******************************************************************************/
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync * Instantiate the ring-0 header/code templates.
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync#define PGM_BTH_NAME(name) PGM_BTH_NAME_32BIT_PROT(name)
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync#define PGM_BTH_NAME(name) PGM_BTH_NAME_PAE_PROT(name)
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync#define PGM_BTH_NAME(name) PGM_BTH_NAME_AMD64_PROT(name)
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync#define PGM_BTH_NAME(name) PGM_BTH_NAME_EPT_PROT(name)
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync * Worker function for PGMR3PhysAllocateHandyPages and pgmPhysEnsureHandyPage.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @returns The following VBox status codes.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @retval VINF_SUCCESS on success. FF cleared.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @retval VINF_EM_NO_MEMORY if we're out of memory. The FF is set in this case.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVM The VM handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVCpu The VMCPU handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @remarks Must be called from within the PGM critical section. The caller
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * must clear the new pages.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsyncVMMR0DECL(int) PGMR0PhysAllocateHandyPages(PVM pVM, PVMCPU pVCpu)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(PDMCritSectIsOwnerEx(&pVM->pgm.s.CritSect, pVCpu->idCpu));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Check for error injection.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Try allocate a full set of handy pages.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync AssertReturn(iFirst <= RT_ELEMENTS(pVM->pgm.s.aHandyPages), VERR_INTERNAL_ERROR);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync uint32_t cPages = RT_ELEMENTS(pVM->pgm.s.aHandyPages) - iFirst;
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync int rc = GMMR0AllocateHandyPages(pVM, pVCpu->idCpu, cPages, cPages, &pVM->pgm.s.aHandyPages[iFirst]);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync for (uint32_t i = 0; i < RT_ELEMENTS(pVM->pgm.s.aHandyPages); i++)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage != NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage <= GMM_PAGEID_LAST);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idSharedPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys != NIL_RTHCPHYS);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(!(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys & ~X86_PTE_PAE_PG_MASK));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync pVM->pgm.s.cHandyPages = RT_ELEMENTS(pVM->pgm.s.aHandyPages);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync /* We're ASSUMING that GMM has updated all the entires before failing us. */
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync for (i = iFirst; i < RT_ELEMENTS(pVM->pgm.s.aHandyPages); i++)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idSharedPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys == NIL_RTHCPHYS);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Reduce the number of pages until we hit the minimum limit.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync rc = GMMR0AllocateHandyPages(pVM, pVCpu->idCpu, cPages, cPages, &pVM->pgm.s.aHandyPages[iFirst]);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync while (i-- > 0)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage != NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage <= GMM_PAGEID_LAST);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idSharedPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys != NIL_RTHCPHYS);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(!(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys & ~X86_PTE_PAE_PG_MASK));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync for (i = cPages + iFirst; i < RT_ELEMENTS(pVM->pgm.s.aHandyPages); i++)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].idSharedPage == NIL_GMM_PAGEID);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(pVM->pgm.s.aHandyPages[i].HCPhysGCPhys == NIL_RTHCPHYS);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync LogRel(("PGMR0PhysAllocateHandyPages: rc=%Rrc iFirst=%d cPages=%d\n", rc, iFirst, cPages));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync LogFlow(("PGMR0PhysAllocateHandyPages: cPages=%d rc=%Rrc\n", cPages, rc));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Worker function for PGMR3PhysAllocateLargeHandyPage
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @returns The following VBox status codes.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @retval VINF_SUCCESS on success.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @retval VINF_EM_NO_MEMORY if we're out of memory.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVM The VM handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVCpu The VMCPU handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @remarks Must be called from within the PGM critical section. The caller
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * must clear the new pages.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsyncVMMR0DECL(int) PGMR0PhysAllocateLargeHandyPage(PVM pVM, PVMCPU pVCpu)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Assert(PDMCritSectIsOwnerEx(&pVM->pgm.s.CritSect, pVCpu->idCpu));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync int rc = GMMR0AllocateLargePage(pVM, pVCpu->idCpu, _2M, &pVM->pgm.s.aLargeHandyPage[0].idPage, &pVM->pgm.s.aLargeHandyPage[0].HCPhysGCPhys);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * #PF Handler for nested paging.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @returns VBox status code (appropriate for trap handling and GC return).
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVM VM Handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVCpu VMCPU Handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param enmShwPagingMode Paging mode for the nested page tables.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param uErr The trap error code.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pRegFrame Trap register frame.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param GCPhysFault The fault address.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsyncVMMR0DECL(int) PGMR0Trap0eHandlerNestedPaging(PVM pVM, PVMCPU pVCpu, PGMMODE enmShwPagingMode, RTGCUINT uErr,
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync LogFlow(("PGMTrap0eHandler: uErr=%RGx GCPhysFault=%RGp eip=%RGv\n", uErr, GCPhysFault, (RTGCPTR)pRegFrame->rip));
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync STAM_STATS({ pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = NULL; } );
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync /* AMD uses the host's paging mode; Intel has a single mode (EPT). */
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync AssertMsg( enmShwPagingMode == PGMMODE_32_BIT || enmShwPagingMode == PGMMODE_PAE || enmShwPagingMode == PGMMODE_PAE_NX
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync || enmShwPagingMode == PGMMODE_AMD64 || enmShwPagingMode == PGMMODE_AMD64_NX || enmShwPagingMode == PGMMODE_EPT,
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync /* Reserved shouldn't end up here. */
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync * Error code stats.
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSNotPresentWrite);
916fa1ce1597c87cd10eb4b8077fe31f9089f000vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSNotPresentRead);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSWrite);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSReserved);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSNXE);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eUSRead);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync { /* Supervisor */
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eSVNotPresentWrite);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eSVNotPresentRead);
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eSVWrite);
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eSNXE);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_COUNTER_INC(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eSVReserved);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Call the worker.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Note! We pretend the guest is in protected mode without paging, so we
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * can use existing code to build the nested page tables.
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync bool fLockTaken = false;
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync rc = PGM_BTH_NAME_32BIT_PROT(Trap0eHandler)(pVCpu, uErr, pRegFrame, GCPhysFault, &fLockTaken);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync rc = PGM_BTH_NAME_PAE_PROT(Trap0eHandler)(pVCpu, uErr, pRegFrame, GCPhysFault, &fLockTaken);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync rc = PGM_BTH_NAME_AMD64_PROT(Trap0eHandler)(pVCpu, uErr, pRegFrame, GCPhysFault, &fLockTaken);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync rc = PGM_BTH_NAME_EPT_PROT(Trap0eHandler)(pVCpu, uErr, pRegFrame, GCPhysFault, &fLockTaken);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync /* Note: hack alert for difficult to reproduce problem. */
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync else if ( rc == VERR_PAGE_NOT_PRESENT /* SMP only ; disassembly might fail. */
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync || rc == VERR_PAGE_TABLE_NOT_PRESENT /* seen with UNI & SMP */
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync || rc == VERR_PAGE_DIRECTORY_PTR_NOT_PRESENT /* seen with SMP */
113e32cd5ad8ef067495b103da706e9494d30d37vboxsync || rc == VERR_PAGE_MAP_LEVEL4_NOT_PRESENT) /* precaution */
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync Log(("WARNING: Unexpected VERR_PAGE_TABLE_NOT_PRESENT (%d) for page fault at %RGp error code %x (rip=%RGv)\n", rc, GCPhysFault, uErr, pRegFrame->rip));
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync /* Some kind of inconsistency in the SMP case; it's safe to just execute the instruction again; not sure about
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync single VCPU VMs though. */
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_STATS({ if (!pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution))
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution) = &pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0eTime2Misc; });
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_PROFILE_STOP_EX(&pVCpu->pgm.s.CTX_SUFF(pStats)->StatRZTrap0e, pVCpu->pgm.s.CTX_SUFF(pStatTrap0eAttribution), a);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * #PF Handler for deliberate nested paging misconfiguration (/reserved bit)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * employed for MMIO pages.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @returns VBox status code (appropriate for trap handling and GC return).
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVM The VM Handle.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pVCpu The current CPU.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param enmShwPagingMode Paging mode for the nested page tables.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param pRegFrame Trap register frame.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param GCPhysFault The fault address.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * @param uErr The error code, UINT32_MAX if not available
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsyncVMMR0DECL(VBOXSTRICTRC) PGMR0Trap0eHandlerNPMisconfig(PVM pVM, PVMCPU pVCpu, PGMMODE enmShwPagingMode,
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync PCPUMCTXCORE pRegFrame, RTGCPHYS GCPhysFault, uint32_t uErr)
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync STAM_PROFILE_START(&pVCpu->CTX_SUFF(pStats)->StatR0NpMiscfg, a);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync * Try lookup the all access physical handler for the address.
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync PPGMPHYSHANDLER pHandler = pgmHandlerPhysicalLookup(pVM, GCPhysFault);
e0e0c19eefceaf5d4ec40f9466b58a771f50e799vboxsync if (RT_LIKELY(pHandler && pHandler->enmType != PGMPHYSHANDLERTYPE_PHYSICAL_WRITE))
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync CTX_MID(PFNPGM,PHYSHANDLER) pfnHandler = pHandler->CTX_SUFF(pfnHandler);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync Log6(("PGMR0Trap0eHandlerNPMisconfig: calling %p(,%#x,,%RGp,%p)\n", pfnHandler, uErr, GCPhysFault, pvUser));
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync rc = pfnHandler(pVM, uErr == UINT32_MAX ? RTGCPTR_MAX : uErr, pRegFrame, GCPhysFault, GCPhysFault, pvUser);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync pHandler = pgmHandlerPhysicalLookup(pVM, GCPhysFault);
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync Log(("PGMR0Trap0eHandlerNPMisconfig: %RGp (uErr=%#x) -> R3\n", GCPhysFault, uErr));
236b6e0fdf652661ff4c655314fe488998c5c17dvboxsync * Must be out of sync, so do a SyncPage and restart the instruction.
return rc;
return VERR_INTERNAL_ERROR_4;