Changeset 46655 in vbox

Timestamp:

Jun 19, 2013 12:46:36 PM (11 years ago)

Author:

vboxsync

Message:

VMM/HMVMXR0: Reflect any exception to the guest if event delivery of that exception caused an EPT violation/misconfig. of APIC-access VM-exit.

In this case the VM-exit interruption-information field won't be valid because the resulting VM-exit is -not- an exception.

Location:

trunk

Files:

• include/VBox/err.h (modified) (2 diffs)
• src/VBox/VMM/VMMR0/HMVMXR0.cpp (modified) (12 diffs)

trunk/include/VBox/err.h

@@ -1907 +1907 @@
 /** Undefined VM exit code. */
 #define VERR_VMX_UNDEFINED_EXIT_CODE                (-4019)
-/** Resume guest execution after injecting a double-fault. */
-#define VINF_VMX_DOUBLE_FAULT                       4020
 /** VMPTRLD failed; possibly because of invalid VMCS launch-state. */
 #define VERR_VMX_VMPTRLD_FAILED                     (-4021)
@@ -1979 +1977 @@
 /** Invalid HM64ON32OP value.  */
 #define VERR_HM_INVALID_HM64ON32OP                  (-4116)
+/** Resume guest execution after injecting a double-fault. */
+#define VINF_HM_DOUBLE_FAULT                        4117
 /** @} */
 

trunk/src/VBox/VMM/VMMR0/HMVMXR0.cpp

@@ -4750 +4750 @@
  * @returns VBox status code (informational error codes included).
  * @retval VINF_SUCCESS if we should continue handling the VM-exit.
- * @retval VINF_VMX_DOUBLE_FAULT if a #DF condition was detected and we ought to
+ * @retval VINF_HM_DOUBLE_FAULT if a #DF condition was detected and we ought to
  *         continue execution of the guest which will delivery the #DF.
  * @retval VINF_EM_RESET if we detected a triple-fault condition.
@@ -4785 +4785 @@
         /* See Intel spec. 30.7.1.1 "Reflecting Exceptions to Guest Software". */
         VMXREFLECTXCPT enmReflect = VMXREFLECTXCPT_NONE;
-        if (uIntType == VMX_IDT_VECTORING_INFO_TYPE_HW_XCPT)
-        {
-            enmReflect = VMXREFLECTXCPT_XCPT;
+        if (VMX_EXIT_INTERRUPTION_INFO_IS_VALID(pVmxTransient->uExitIntrInfo))
+        {
+            if (uIntType == VMX_IDT_VECTORING_INFO_TYPE_HW_XCPT)
+            {
+                enmReflect = VMXREFLECTXCPT_XCPT;
 #ifdef VBOX_STRICT
-            if (   hmR0VmxIsContributoryXcpt(uIdtVector)
-                && uExitVector == X86_XCPT_PF)
+                if (   hmR0VmxIsContributoryXcpt(uIdtVector)
+                    && uExitVector == X86_XCPT_PF)
+                {
+                    Log4(("IDT: Contributory #PF uCR2=%#RX64\n", pMixedCtx->cr2));
+                }
+#endif
+                if (   uExitVector == X86_XCPT_PF
+                    && uIdtVector == X86_XCPT_PF)
+                {
+                    pVmxTransient->fVectoringPF = true;
+                    Log4(("IDT: Vectoring #PF uCR2=%#RX64\n", pMixedCtx->cr2));
+                }
+                else if (   (pVCpu->hm.s.vmx.u32XcptBitmap & HMVMX_CONTRIBUTORY_XCPT_MASK)
+                         && hmR0VmxIsContributoryXcpt(uExitVector)
+                         && (   hmR0VmxIsContributoryXcpt(uIdtVector)
+                             || uIdtVector == X86_XCPT_PF))
+                {
+                    enmReflect = VMXREFLECTXCPT_DF;
+                }
+                else if (uIdtVector == X86_XCPT_DF)
+                    enmReflect = VMXREFLECTXCPT_TF;
+            }
+            else if (   uIntType != VMX_IDT_VECTORING_INFO_TYPE_SW_INT
+                     && uIntType != VMX_IDT_VECTORING_INFO_TYPE_SW_XCPT
+                     && uIntType != VMX_IDT_VECTORING_INFO_TYPE_PRIV_SW_XCPT)
             {
-                Log4(("IDT: Contributory #PF uCR2=%#RX64\n", pMixedCtx->cr2));
+                /*
+                 * Ignore software interrupts (INT n), software exceptions (#BP, #OF) and privileged software exception
+                 * (whatever they are) as they reoccur when restarting the instruction.
+                 */
+                enmReflect = VMXREFLECTXCPT_XCPT;
             }
-#endif
-            if (   uExitVector == X86_XCPT_PF
-                && uIdtVector == X86_XCPT_PF)
-            {
-                pVmxTransient->fVectoringPF = true;
-                Log4(("IDT: Vectoring #PF uCR2=%#RX64\n", pMixedCtx->cr2));
-            }
-            else if (   (pVCpu->hm.s.vmx.u32XcptBitmap & HMVMX_CONTRIBUTORY_XCPT_MASK)
-                     && hmR0VmxIsContributoryXcpt(uExitVector)
-                     && (   hmR0VmxIsContributoryXcpt(uIdtVector)
-                         || uIdtVector == X86_XCPT_PF))
-            {
-                enmReflect = VMXREFLECTXCPT_DF;
-            }
-            else if (uIdtVector == X86_XCPT_DF)
-                enmReflect = VMXREFLECTXCPT_TF;
-        }
-        else if (   uIntType != VMX_IDT_VECTORING_INFO_TYPE_SW_INT
-                 && uIntType != VMX_IDT_VECTORING_INFO_TYPE_SW_XCPT
-                 && uIntType != VMX_IDT_VECTORING_INFO_TYPE_PRIV_SW_XCPT)
+        }
+        else
         {
             /*
-             * Ignore software interrupts (INT n), software exceptions (#BP, #OF) and privileged software exception
-             * (whatever they are) as they reoccur when restarting the instruction.
+             * If event delivery caused an EPT violation/misconfig or APIC access VM-exit, then the VM-exit
+             * interruption-information will not be valid and we end up here. In such cases, it is sufficient to reflect the
+             * original exception to the guest after handling the VM-exit.
              */
             enmReflect = VMXREFLECTXCPT_XCPT;
@@ -4839 +4851 @@
                 rc = VINF_SUCCESS;
                 Log4(("IDT: Pending vectoring event %#RX64 Err=%#RX32\n", pVCpu->hm.s.Event.u64IntrInfo,
-                     pVCpu->hm.s.Event.u32ErrCode));
+                      pVCpu->hm.s.Event.u32ErrCode));
                 break;
             }
@@ -4846 +4858 @@
             {
                 hmR0VmxSetPendingXcptDF(pVCpu, pMixedCtx);
-                rc = VINF_VMX_DOUBLE_FAULT;
+                rc = VINF_HM_DOUBLE_FAULT;
                 Log4(("IDT: Pending vectoring #DF %#RX64 uIdtVector=%#x uExitVector=%#x\n", pVCpu->hm.s.Event.u64IntrInfo,
-                     uIdtVector, uExitVector));
+                      uIdtVector, uExitVector));
                 break;
             }
@@ -4854 +4866 @@
             case VMXREFLECTXCPT_TF:
             {
+                rc = VINF_EM_RESET;
                 Log4(("IDT: Pending vectoring triple-fault uIdt=%#x uExit=%#x\n", uIdtVector, uExitVector));
-                rc = VINF_EM_RESET;
                 break;
             }
@@ -4864 +4876 @@
         }
     }
-    Assert(rc == VINF_SUCCESS || rc == VINF_VMX_DOUBLE_FAULT || rc == VINF_EM_RESET);
+    Assert(rc == VINF_SUCCESS || rc == VINF_HM_DOUBLE_FAULT || rc == VINF_EM_RESET);
     return rc;
 }
@@ -7237 +7249 @@
     /* If this VM-exit occurred while delivering an event through the guest IDT, handle it accordingly. */
     rc = hmR0VmxCheckExitDueToEventDelivery(pVCpu, pMixedCtx, pVmxTransient);
-    if (RT_UNLIKELY(rc == VINF_VMX_DOUBLE_FAULT))
+    if (RT_UNLIKELY(rc == VINF_HM_DOUBLE_FAULT))
     {
         STAM_PROFILE_ADV_STOP(&pVCpu->hm.s.StatExitXcptNmi, y3);
@@ -8400 +8412 @@
     /* If this VM-exit occurred while delivering an event through the guest IDT, handle it accordingly. */
     int rc = hmR0VmxCheckExitDueToEventDelivery(pVCpu, pMixedCtx, pVmxTransient);
-    if (RT_UNLIKELY(rc == VINF_VMX_DOUBLE_FAULT))
+    if (RT_UNLIKELY(rc == VINF_HM_DOUBLE_FAULT))
         return VINF_SUCCESS;
     else if (RT_UNLIKELY(rc == VINF_EM_RESET))
@@ -8554 +8566 @@
     /* If this VM-exit occurred while delivering an event through the guest IDT, handle it accordingly. */
     int rc = hmR0VmxCheckExitDueToEventDelivery(pVCpu, pMixedCtx, pVmxTransient);
-    if (RT_UNLIKELY(rc == VINF_VMX_DOUBLE_FAULT))
+    if (RT_UNLIKELY(rc == VINF_HM_DOUBLE_FAULT))
         return VINF_SUCCESS;
     else if (RT_UNLIKELY(rc == VINF_EM_RESET))
@@ -8607 +8619 @@
     /* If this VM-exit occurred while delivering an event through the guest IDT, handle it accordingly. */
     int rc = hmR0VmxCheckExitDueToEventDelivery(pVCpu, pMixedCtx, pVmxTransient);
-    if (RT_UNLIKELY(rc == VINF_VMX_DOUBLE_FAULT))
+    if (RT_UNLIKELY(rc == VINF_HM_DOUBLE_FAULT))
         return VINF_SUCCESS;
     else if (RT_UNLIKELY(rc == VINF_EM_RESET))
@@ -9089 +9101 @@
     if (pVM->hm.s.fNestedPaging)
     {
+        pVCpu->hm.s.Event.fPending = false;                  /* In case it's a contributory or vectoring #PF. */
         if (RT_LIKELY(!pVmxTransient->fVectoringPF))
         {
-            pVCpu->hm.s.Event.fPending = false;                  /* In case it's a contributory #PF. */
             pMixedCtx->cr2 = pVmxTransient->uExitQualification;  /* Update here in case we go back to ring-3 before injection. */
             hmR0VmxSetPendingEvent(pVCpu, VMX_VMCS_CTRL_ENTRY_IRQ_INFO_FROM_EXIT_INT_INFO(pVmxTransient->uExitIntrInfo),
                                    0 /* cbInstr */, pVmxTransient->uExitIntrErrorCode, pVmxTransient->uExitQualification);
-            STAM_COUNTER_INC(&pVCpu->hm.s.StatExitGuestPF);
         }
         else
         {
             /* A guest page-fault occurred during delivery of a page-fault. Inject #DF. */
-            pVCpu->hm.s.Event.fPending = false;     /* A vectoring #PF. */
             hmR0VmxSetPendingXcptDF(pVCpu, pMixedCtx);
             Log4(("Pending #DF due to vectoring #PF. NP\n"));
@@ -9149 +9159 @@
             /* A guest page-fault occurred during delivery of a page-fault. Inject #DF. */
             TRPMResetTrap(pVCpu);
-            pVCpu->hm.s.Event.fPending = false;     /* Clear pending #PF for replace it with #DF. */
+            pVCpu->hm.s.Event.fPending = false;     /* Clear pending #PF to replace it with #DF. */
             hmR0VmxSetPendingXcptDF(pVCpu, pMixedCtx);
             Log4(("#PF: Pending #DF due to vectoring #PF\n"));