VirtualBox

儲存庫 vbox 的更動 75821


忽略:
時間撮記:
2018-11-29 下午04:43:40 (6 年 以前)
作者:
vboxsync
訊息:

HMVMX,ConsoleImpl: Workaround for incorrect assumptions in mesa vmsvga 3d driver. VT-x only.

位置:
trunk/src/VBox
檔案:
修改 5 筆資料

圖例:

未更動
新增
刪除

  • trunk/src/VBox/Main/src-client/ConsoleImpl2.cpp

    r75737 r75821  
    16641664            case GraphicsControllerType_Null:
    16651665                break;
    1666             case GraphicsControllerType_VBoxVGA:
    16671666#ifdef VBOX_WITH_VMSVGA
    16681667            case GraphicsControllerType_VMSVGA:
     1668                InsertConfigInteger(pHM, "LovelyMesaDrvWorkaround", 1); /* hits someone else logging backdoor. */
    16691669            case GraphicsControllerType_VBoxSVGA:
    16701670#endif
     1671            case GraphicsControllerType_VBoxVGA:
    16711672                rc = i_configGraphicsController(pDevices, enmGraphicsController, pBusMgr, pMachine, biosSettings,
    16721673                                                RT_BOOL(fHMEnabled));

  • trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

    r75810 r75821  
    37463746        uXcptBitmap |= RT_BIT(X86_XCPT_PF);
    37473747#endif
     3748        if (pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv)
     3749            uXcptBitmap |= RT_BIT(X86_XCPT_GP);
    37483750        Assert(pVM->hm.s.fNestedPaging || (uXcptBitmap & RT_BIT(X86_XCPT_PF)));
    37493751
     
    1316513167
    1316613168/**
     13169 * Hacks its way around the lovely mesa driver's backdoor accesses.
     13170 */
     13171static int hmR0VmxHandleMesaDrvGp(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient, PCPUMCTX pCtx)
     13172{
     13173    Log(("hmR0VmxHandleMesaDrvGp: at %04x:%08RX64 rcx=%RX64 rbx=%RX64\n", pCtx->cs.Sel, pCtx->rip, pCtx->rcx, pCtx->rbx));
     13174    RT_NOREF(pCtx);
     13175
     13176    /* For now we'll just skip the instruction. */
     13177    return hmR0VmxAdvanceGuestRip(pVCpu, pVmxTransient);
     13178}
     13179
     13180
     13181/**
     13182 * Checks if the \#GP'ing instruction is the mesa driver doing it's lovely
     13183 * backdoor logging w/o checking what it is running inside.
     13184 *
     13185 * This recognizes an "IN EAX,DX" instruction executed in flat ring-3, with the
     13186 * backdoor port and magic numbers loaded in registers.
     13187 *
     13188 * @returns true if it is, false if it isn't.
     13189 */
     13190DECLINLINE(bool) hmR0VmxIsMesaDrvGp(PVMCPU pVCpu, PVMXTRANSIENT pVmxTransient, PCPUMCTX pCtx)
     13191{
     13192    /* 0xed:  IN eAX,dx */
     13193    uint8_t abInstr[1];
     13194    if (pVmxTransient->cbInstr != sizeof(abInstr))
     13195        return false;
     13196
     13197    /* Check that it is #GP(0). */
     13198    if (pVmxTransient->uExitIntErrorCode != 0)
     13199        return false;
     13200
     13201    /* Check magic and port. */
     13202    Assert(!(pCtx->fExtrn & (CPUMCTX_EXTRN_RAX | CPUMCTX_EXTRN_RDX | CPUMCTX_EXTRN_RCX)));
     13203    /*Log(("hmR0VmxIsMesaDrvGp: rax=%RX64 rdx=%RX64\n", pCtx->rax, pCtx->rdx));*/
     13204    if (pCtx->rax != UINT32_C(0x564d5868))
     13205        return false;
     13206    if (pCtx->dx != UINT32_C(0x5658))
     13207        return false;
     13208
     13209    /* Flat ring-3 CS. */
     13210    AssertCompile(HMVMX_CPUMCTX_EXTRN_ALL & CPUMCTX_EXTRN_CS);
     13211    Assert(!(pCtx->fExtrn & CPUMCTX_EXTRN_CS));
     13212    /*Log(("hmR0VmxIsMesaDrvGp: cs.Attr.n.u2Dpl=%d base=%Rx64\n", pCtx->cs.Attr.n.u2Dpl, pCtx->cs.u64Base));*/
     13213    if (pCtx->cs.Attr.n.u2Dpl != 3)
     13214        return false;
     13215    if (pCtx->cs.u64Base != 0)
     13216        return false;
     13217
     13218    /* Check opcode. */
     13219    AssertCompile(HMVMX_CPUMCTX_EXTRN_ALL & CPUMCTX_EXTRN_RIP);
     13220    Assert(!(pCtx->fExtrn & CPUMCTX_EXTRN_RIP));
     13221    int rc = PGMPhysSimpleReadGCPtr(pVCpu, abInstr, pCtx->rip, sizeof(abInstr));
     13222    /*Log(("hmR0VmxIsMesaDrvGp: PGMPhysSimpleReadGCPtr -> %Rrc %#x\n", rc, abInstr[0]));*/
     13223    if (RT_FAILURE(rc))
     13224        return false;
     13225    if (abInstr[0] != 0xed)
     13226        return false;
     13227
     13228    return true;
     13229}
     13230
     13231
     13232/**
    1316713233 * VM-exit exception handler for \#GP (General-protection exception).
    1316813234 *
     
    1318013246    {
    1318113247#ifndef HMVMX_ALWAYS_TRAP_ALL_XCPTS
    13182         Assert(pVCpu->hm.s.fUsingDebugLoop);
     13248        Assert(pVCpu->hm.s.fUsingDebugLoop || pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv);
    1318313249#endif
    1318413250        /* If the guest is not in real-mode or we have unrestricted execution support, reflect #GP to the guest. */
     
    1319013256        Log4Func(("Gst: CS:RIP %04x:%08RX64 ErrorCode=%#x CR0=%#RX64 CPL=%u TR=%#04x\n", pCtx->cs.Sel, pCtx->rip,
    1319113257                  pVmxTransient->uExitIntErrorCode, pCtx->cr0, CPUMGetGuestCPL(pVCpu), pCtx->tr.Sel));
    13192         hmR0VmxSetPendingEvent(pVCpu, VMX_ENTRY_INT_INFO_FROM_EXIT_INT_INFO(pVmxTransient->uExitIntInfo), pVmxTransient->cbInstr,
    13193                                pVmxTransient->uExitIntErrorCode, 0 /* GCPtrFaultAddress */);
     13258
     13259        if (   !pVCpu->hm.s.fTrapXcptGpForLovelyMesaDrv
     13260            || !hmR0VmxIsMesaDrvGp(pVCpu, pVmxTransient, pCtx))
     13261            hmR0VmxSetPendingEvent(pVCpu, VMX_ENTRY_INT_INFO_FROM_EXIT_INT_INFO(pVmxTransient->uExitIntInfo), pVmxTransient->cbInstr,
     13262                                   pVmxTransient->uExitIntErrorCode, 0 /* GCPtrFaultAddress */);
     13263        else
     13264            rc = hmR0VmxHandleMesaDrvGp(pVCpu, pVmxTransient, pCtx);
    1319413265        return rc;
    1319513266    }

  • trunk/src/VBox/VMM/VMMR3/HM.cpp

    r74648 r75821  
    494494                              "|SvmPauseFilterThreshold"
    495495                              "|SvmVirtVmsaveVmload"
    496                               "|SvmVGif",
     496                              "|SvmVGif"
     497                              "|LovelyMesaDrvWorkaround",
    497498                              "" /* pszValidNodes */, "HM" /* pszWho */, 0 /* uInstance */);
    498499    if (RT_FAILURE(rc))
     
    678679    rc = CFGMR3QueryBoolDef(pCfgHm, "SpecCtrlByHost", &pVM->hm.s.fSpecCtrlByHost, false);
    679680    AssertLogRelRCReturn(rc, rc);
     681
     682    /** @cfgm{/HM/LovelyMesaDrvWorkaround,bool}
     683     * Workaround for mesa vmsvga 3d driver making incorrect assumptions about
     684     * the hypervisor it is running under. */
     685    bool f;
     686    rc = CFGMR3QueryBoolDef(pCfgHm, "LovelyMesaDrvWorkaround", &f, false);
     687    AssertLogRelRCReturn(rc, rc);
     688    for (VMCPUID i = 0; i < pVM->cCpus; i++)
     689        pVM->aCpus[i].hm.s.fTrapXcptGpForLovelyMesaDrv = f;
    680690
    681691    /*

  • trunk/src/VBox/VMM/include/HMInternal.h

    r74457 r75821  
    699699    /** Whether \#UD needs to be intercepted (required by certain GIM providers). */
    700700    bool                        fGIMTrapXcptUD;
    701     uint8_t                     u8Alignment0[4];
     701    /** Whether \#GP needs to be intercept for mesa driver workaround. */
     702    bool                        fTrapXcptGpForLovelyMesaDrv;
     703    uint8_t                     u8Alignment0[3];
    702704
    703705    /** World switch exit counter. */

  • trunk/src/VBox/VMM/include/HMInternal.mac

    r72744 r75821  
    7777
    7878    .fGIMTrapXcptUD         resb    1
     79    .fTrapXcptGpForLovelyMesaDrv resb 1
    7980    alignb 8
    8081
注意: 瀏覽 TracChangeset 來幫助您使用更動檢視器

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette