Changeset 74389 in vbox

Timestamp:

Sep 20, 2018 4:25:26 PM (6 years ago)

Author:

vboxsync

Message:

VMM/CPUM, IEM, HM: Nested VMX: bugref:9180 VM-exit bits.

Location:

trunk

Files:

• include/VBox/err.h (modified) (1 diff)
• include/VBox/vmm/cpumctx.h (modified) (2 diffs)
• include/VBox/vmm/hm.h (modified) (1 diff)
• include/VBox/vmm/hm_vmx.h (modified) (2 diffs)
• src/VBox/VMM/VMMAll/HMVMXAll.cpp (modified) (2 diffs)
• src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h (modified) (10 diffs)
• src/VBox/VMM/VMMR3/CPUM.cpp (modified) (1 diff)

trunk/include/VBox/err.h

@@ -2102 +2102 @@
 /** Generic VM-entry failure. */
 #define VERR_VMX_VMENTRY_FAILED                     (-4033)
+/** Generic VM-exit failure. */
+#define VERR_VMX_VMEXIT_FAILED                      (-4034)
 /** @} */
 

trunk/include/VBox/vmm/cpumctx.h

@@ -548 +548 @@
                 /** 0x2f8 - Last emulated VMX instruction/VM-exit diagnostic. */
                 VMXVDIAG                enmDiag;
-                /** 0x2fc - Whether the guest is in VMX root mode. */
+                /** 0x2fc - VMX abort reason. */
+                VMXABORT                enmAbort;
+                /** 0x300 - VMX abort auxiliary information field. */
+                uint32_t                uAbortAux;
+                /** 0x304 - Whether the guest is in VMX root mode. */
                 bool                    fInVmxRootMode;
-                /** 0x2fd - Whether the guest is in VMX non-root mode. */
+                /** 0x305 - Whether the guest is in VMX non-root mode. */
                 bool                    fInVmxNonRootMode;
-                /** 0x2fe - Whether the injected events are subjected to event intercepts.  */
+                /** 0x306 - Whether the injected events are subjected to event intercepts.  */
                 bool                    fInterceptEvents;
-                bool                    fPadding0;
-                /** 0x300 - Cache of the nested-guest current VMCS - R0 ptr. */
+                bool                    afPadding0[1];
+                /** 0x308 - Cache of the nested-guest current VMCS - R0 ptr. */
                 R0PTRTYPE(PVMXVVMCS)    pVmcsR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmcsR0Padding;
 #endif
-                /** 0x308 - Cache of the nested-guest curent VMCS - R3 ptr. */
+                /** 0x310 - Cache of the nested-guest curent VMCS - R3 ptr. */
                 R3PTRTYPE(PVMXVVMCS)    pVmcsR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmcsR3Padding;
 #endif
-                /** 0X310 - Cache of the nested-guest shadow VMCS - R0 ptr. */
+                /** 0X318 - Cache of the nested-guest shadow VMCS - R0 ptr. */
                 R0PTRTYPE(PVMXVVMCS)    pShadowVmcsR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uShadowVmcsR0Padding;
 #endif
-                /** 0x318 - Cache of the nested-guest shadow VMCS - R3 ptr. */
+                /** 0x320 - Cache of the nested-guest shadow VMCS - R3 ptr. */
                 R3PTRTYPE(PVMXVVMCS)    pShadowVmcsR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uShadowVmcsR3Padding;
 #endif
-                /** 0x320 - Cache of the nested-guest Virtual-APIC page - R0 ptr. */
+                /** 0x328 - Cache of the nested-guest Virtual-APIC page - R0 ptr. */
                 R0PTRTYPE(void *)       pvVirtApicPageR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVirtApicPageR0Padding;
 #endif
-                /** 0x328 - Cache of the nested-guest Virtual-APIC page - R3 ptr. */
+                /** 0x330 - Cache of the nested-guest Virtual-APIC page - R3 ptr. */
                 R3PTRTYPE(void *)       pvVirtApicPageR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVirtApicPageR3Padding;
 #endif
-                /** 0x330 - Cache of the nested-guest VMREAD-bitmap - R0 ptr. */
+                /** 0x338 - Cache of the nested-guest VMREAD-bitmap - R0 ptr. */
                 R0PTRTYPE(void *)       pvVmreadBitmapR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmreadBitmapR0Padding;
 #endif
-                /** 0x338 - Cache of the nested-guest VMREAD-bitmap - R3 ptr. */
+                /** 0x340 - Cache of the nested-guest VMREAD-bitmap - R3 ptr. */
                 R3PTRTYPE(void *)       pvVmreadBitmapR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmreadBitmapR3Padding;
 #endif
-                /** 0x340 - Cache of the nested-guest VMWRITE-bitmap - R0 ptr. */
+                /** 0x348 - Cache of the nested-guest VMWRITE-bitmap - R0 ptr. */
                 R0PTRTYPE(void *)       pvVmwriteBitmapR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmwriteBitmapR0Padding;
 #endif
-                /** 0x348 - Cache of the nested-guest VMWRITE-bitmap - R3 ptr. */
+                /** 0x350 - Cache of the nested-guest VMWRITE-bitmap - R3 ptr. */
                 R3PTRTYPE(void *)       pvVmwriteBitmapR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uVmwriteBitmapR3Padding;
 #endif
-                /** 0x350 - The MSR auto-load/store area - R0 ptr. */
+                /** 0x358 - The MSR auto-load/store area - R0 ptr. */
                 R0PTRTYPE(PVMXAUTOMSR)  pAutoMsrAreaR0;
 #if HC_ARCH_BITS == 32
                 uint32_t                uAutoMsrAreaR0;
 #endif
-                /** 0x358 - The MSR auto-load/store area - R3 ptr. */
+                /** 0x360 - The MSR auto-load/store area - R3 ptr. */
                 R3PTRTYPE(PVMXAUTOMSR)  pAutoMsrAreaR3;
 #if HC_ARCH_BITS == 32
                 uint32_t                uAutoMsrAreaR3;
 #endif
-                /** 0x360 - Padding. */
-                uint8_t             abPadding[0x3f0 - 0x360];
+                /** 0x368 - Padding. */
+                uint8_t             abPadding[0x3f0 - 0x368];
             } vmx;
         } CPUM_UNION_NM(s);
@@ -699 +703 @@
 AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.GCPhysShadowVmcs,       0x2f0);
 AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.enmDiag,                0x2f8);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInVmxRootMode,         0x2fc);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInVmxNonRootMode,      0x2fd);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInterceptEvents,       0x2fe);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pVmcsR0,                0x300);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pVmcsR3,                0x308);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pShadowVmcsR0,          0x310);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pShadowVmcsR3,          0x318);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVirtApicPageR0,       0x320);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVirtApicPageR3,       0x328);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmreadBitmapR0,       0x330);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmreadBitmapR3,       0x338);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmwriteBitmapR0,      0x340);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmwriteBitmapR3,      0x348);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pAutoMsrAreaR0,         0x350);
-AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pAutoMsrAreaR3,         0x358);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.enmAbort,               0x2fc);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.uAbortAux,              0x300);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInVmxRootMode,         0x304);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInVmxNonRootMode,      0x305);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.fInterceptEvents,       0x306);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pVmcsR0,                0x308);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pVmcsR3,                0x310);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pShadowVmcsR0,          0x318);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pShadowVmcsR3,          0x320);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVirtApicPageR0,       0x328);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVirtApicPageR3,       0x330);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmreadBitmapR0,       0x338);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmreadBitmapR3,       0x340);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmwriteBitmapR0,      0x348);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pvVmwriteBitmapR3,      0x350);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pAutoMsrAreaR0,         0x358);
+AssertCompileMemberOffset(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pAutoMsrAreaR3,         0x360);
 AssertCompileMemberAlignment(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pVmcsR0,           8);
 AssertCompileMemberAlignment(CPUMCTX, hwvirt.CPUM_UNION_NM(s.) vmx.pShadowVmcsR0,     8);

trunk/include/VBox/vmm/hm.h

@@ -136 +136 @@
 VMM_INT_DECL(bool)              HMIsVmxSupported(PVM pVM);
 VMM_INT_DECL(const char *)      HMVmxGetDiagDesc(VMXVDIAG enmDiag);
+VMM_INT_DECL(const char *)      HMVmxGetAbortDesc(VMXABORT enmAbort);
 VMM_INT_DECL(void)              HMHCPagingModeChanged(PVM pVM, PVMCPU pVCpu, PGMMODE enmShadowMode, PGMMODE enmGuestMode);
 /** @} */

trunk/include/VBox/vmm/hm_vmx.h

@@ -1353 +1353 @@
 /** @name VMX abort reasons.
  * See Intel spec. "27.7 VMX Aborts".
+ * Update HMVmxGetAbortDesc() if new reasons are added.
  * @{
  */
 typedef enum
 {
+    /** None - don't use this / uninitialized value. */
+    VMXABORT_NONE                 = 0,
+    /** VMX abort caused during saving of guest MSRs. */
     VMXABORT_SAVE_GUEST_MSRS      = 1,
+    /** VMX abort caused during host PDPTE checks. */
     VMXBOART_HOST_PDPTE           = 2,
+    /** VMX abort caused due to current VMCS being corrupted. */
     VMXABORT_CURRENT_VMCS_CORRUPT = 3,
+    /** VMX abort caused during loading of host MSRs. */
     VMXABORT_LOAD_HOST_MSR        = 4,
+    /** VMX abort caused due to a machine-check exception during VM-exit. */
     VMXABORT_MACHINE_CHECK_XCPT   = 5,
-    VMXABORT_HOST_LONG_MODE       = 6
+    /** VMX abort caused due to invalid return to long mode. */
+    VMXABORT_HOST_LONG_MODE       = 6,
+    /* Type size hack. */
+    VMXABORT_32BIT_HACK           = 0x7fffffff
 } VMXABORT;
+AssertCompileSize(VMXABORT, 4);
 /** @} */
 
@@ -3822 +3834 @@
     kVmxVDiag_Vmentry_VmxRoot,
     kVmxVDiag_Vmentry_Vpid,
+    kVmxVDiag_Vmexit_MsrStore,
+    kVmxVDiag_Vmexit_MsrStoreCount,
+    kVmxVDiag_Vmexit_MsrStorePtrReadPhys,
+    kVmxVDiag_Vmexit_MsrStoreRing3,
+    kVmxVDiag_Vmexit_MsrStoreRsvd,
     /* Last member for determining array index limit. */
     kVmxVDiag_End

trunk/src/VBox/VMM/VMMAll/HMVMXAll.cpp

@@ -336 +336 @@
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_VmwriteBitmapPtrReadPhys , "VmwriteBitmapPtrReadPhys"  ),
     VMXV_DIAG_DESC(kVmxVDiag_Vmentry_VmxRoot                  , "VmxRoot"                   ),
-    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_Vpid                     , "Vpid"                      )
+    VMXV_DIAG_DESC(kVmxVDiag_Vmentry_Vpid                     , "Vpid"                      ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmexit_MsrStore                  , "MsrStore"                  ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmexit_MsrStoreCount             , "MsrStoreCount"             ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmexit_MsrStorePtrReadPhys       , "MsrStorePtrReadPhys"       ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmexit_MsrStoreRing3             , "MsrStoreRing3"             ),
+    VMXV_DIAG_DESC(kVmxVDiag_Vmexit_MsrStoreRsvd              , "MsrStoreRsvd"              )
     /* kVmxVDiag_End */
 };
@@ -432 +437 @@
     if (RT_LIKELY((unsigned)enmDiag < RT_ELEMENTS(g_apszVmxVDiagDesc)))
         return g_apszVmxVDiagDesc[enmDiag];
+    return "Unknown/invalid";
+}
+
+
+/**
+ * Gets the description for a VMX abort reason.
+ *
+ * @returns The descriptive string.
+ * @param   enmAbort    The VMX abort reason.
+ */
+VMM_INT_DECL(const char *) HMVmxGetAbortDesc(VMXABORT enmAbort)
+{
+    switch (enmAbort)
+    {
+        case VMXABORT_NONE:                 return "VMXABORT_NONE";
+        case VMXABORT_SAVE_GUEST_MSRS:      return "VMXABORT_SAVE_GUEST_MSRS";
+        case VMXBOART_HOST_PDPTE:           return "VMXBOART_HOST_PDPTE";
+        case VMXABORT_CURRENT_VMCS_CORRUPT: return "VMXABORT_CURRENT_VMCS_CORRUPT";
+        case VMXABORT_LOAD_HOST_MSR:        return "VMXABORT_LOAD_HOST_MSR";
+        case VMXABORT_MACHINE_CHECK_XCPT:   return "VMXABORT_MACHINE_CHECK_XCPT";
+        case VMXABORT_HOST_LONG_MODE:       return "VMXABORT_HOST_LONG_MODE";
+        default:
+            break;
+    }
     return "Unknown/invalid";
 }

trunk/src/VBox/VMM/VMMAll/IEMAllCImplVmxInstr.cpp.h

@@ -407 +407 @@
 
 /** Marks a VM-entry failure with a diagnostic reason, logs and returns. */
-#define IEM_VMX_VMENTRY_FAILED_RET(a_pVCpu, a_pszInstr, a_pszFailure, a_InsDiag) \
+#define IEM_VMX_VMENTRY_FAILED_RET(a_pVCpu, a_pszInstr, a_pszFailure, a_VmxDiag) \
     do \
     { \
-        Log(("%s: VM-entry failed! enmDiag=%u (%s) -> %s\n", (a_pszInstr), (a_InsDiag), \
-                HMVmxGetDiagDesc(a_InsDiag), (a_pszFailure))); \
-        (a_pVCpu)->cpum.GstCtx.hwvirt.vmx.enmDiag = (a_InsDiag); \
+        Log(("%s: VM-entry failed! enmDiag=%u (%s) -> %s\n", (a_pszInstr), (a_VmxDiag), \
+            HMVmxGetDiagDesc(a_VmxDiag), (a_pszFailure))); \
+        (a_pVCpu)->cpum.GstCtx.hwvirt.vmx.enmDiag = (a_VmxDiag); \
         return VERR_VMX_VMENTRY_FAILED; \
     } while (0)
+
+/** Marks a VM-exit failure with a diagnostic reason, logs and returns. */
+#define IEM_VMX_VMEXIT_FAILED_RET(a_pVCpu, a_uExitReason, a_pszFailure, a_VmxDiag) \
+    do \
+    { \
+        Log(("VM-exit failed! uExitReason=%u enmDiag=%u (%s) -> %s\n", (a_uExitReason), (a_VmxDiag), \
+            HMVmxGetDiagDesc(a_VmxDiag), (a_pszFailure))); \
+        (a_pVCpu)->cpum.GstCtx.hwvirt.vmx.enmDiag = (a_VmxDiag); \
+        return VERR_VMX_VMEXIT_FAILED; \
+    } while (0)
+
 
 
@@ -4076 +4087 @@
     }
 
+    /*
+     * The VM-entry MSR-load area address need not be a valid guest-physical address if the
+     * VM-entry MSR load count is 0. If this is the case, bail early without reading it.
+     * See Intel spec. 24.8.2 "VM-Entry Controls for MSRs".
+     */
+    if (cMsrs == 0)
+        return VINF_SUCCESS;
+
     RTGCPHYS const GCPhysAutoMsrArea = pVmcs->u64AddrEntryMsrLoad.u;
     int rc = PGMPhysSimpleReadGCPhys(pVCpu->CTX_SUFF(pVM), (void *)&pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea),
@@ -4081 +4100 @@
     if (RT_SUCCESS(rc))
     {
-        PVMXAUTOMSR pMsr = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea); NOREF(pMsr);
+        PVMXAUTOMSR pMsr = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea);
+        Assert(pMsr);
         for (uint32_t idxMsr = 0; idxMsr < cMsrs; idxMsr++, pMsr++)
         {
@@ -4097 +4117 @@
                  * If we're in ring-0, we cannot handle returns to ring-3 at this point and continue VM-entry.
                  * If any guest hypervisor loads MSRs that require ring-3 handling, we cause a VM-entry failure
-                 * indicated further with a different diagnostic code. Later, we can try implement handling of
-                 * the MSR in ring-0 if possible, or come up with a better, generic solution.
+                 * recording the MSR index in the VM-exit qualification (as per the Intel spec.) and indicated
+                 * further by our own, specific diagnostic code. Later, we can try implement handling of the
+                 * MSR in ring-0 if possible, or come up with a better, generic solution.
                  */
                 pVmcs->u64ExitQual.u = idxMsr;
@@ -4115 +4136 @@
     else
     {
-        Log(("%s: Failed to read MSR auto-load area at %#RGp, rc=%Rrc\n", pszInstr, GCPhysAutoMsrArea, rc));
-        pVCpu->cpum.GstCtx.hwvirt.vmx.enmDiag = kVmxVDiag_Vmentry_MsrLoadPtrReadPhys;
-        return rc;
+        AssertMsgFailed(("%s: Failed to read MSR auto-load area at %#RGp, rc=%Rrc\n", pszInstr, GCPhysAutoMsrArea, rc));
+        IEM_VMX_VMENTRY_FAILED_RET(pVCpu, pszInstr, pszFailure, kVmxVDiag_Vmentry_MsrLoadPtrReadPhys);
     }
 
@@ -4244 +4264 @@
 {
     /*
-     * Load control, debug, segment, descriptor-table registers and some MSRs.
+     * Load guest control, debug, segment, descriptor-table registers and some MSRs.
      */
     iemVmxVmentryLoadGuestControlRegsMsr(pVCpu);
@@ -4541 +4561 @@
      */
     PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
-    Assert(pVmcs);
 
     /* Save control registers. */
@@ -4676 +4695 @@
 
 /**
+ * Saves guest non-register state as part of VM-exit.
+ *
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   uExitReason     The VM-exit reason.
+ */
+IEM_STATIC void iemVmxVmexitSaveGuestNonRegState(PVMCPU pVCpu, uint32_t uExitReason)
+{
+    /*
+     * Save guest non-register state.
+     * See Intel spec. 27.3.4 "Saving Non-Register State".
+     */
+    PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+
+    /*
+     * Activity-state: VM-exits occur before changing the activity state
+     * of the processor and hence we shouldn't need to change it.
+     */
+
+    /* Interruptibility-state. */
+    pVmcs->u32GuestIntrState = 0;
+    if (pVmcs->u32PinCtls & VMX_PIN_CTLS_VIRT_NMI)
+    { /** @todo NSTVMX: Virtual-NMI blocking. */ }
+    else if (VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_BLOCK_NMIS))
+        pVmcs->u32GuestIntrState |= VMX_VMCS_GUEST_INT_STATE_BLOCK_NMI;
+
+    if (   VMCPU_FF_IS_PENDING(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS)
+        && pVCpu->cpum.GstCtx.rip == EMGetInhibitInterruptsPC(pVCpu))
+    {
+        /** @todo NSTVMX: We can't distinguish between blocking-by-MovSS and blocking-by-STI
+         *        currently. */
+        pVmcs->u32GuestIntrState |= VMX_VMCS_GUEST_INT_STATE_BLOCK_STI;
+        VMCPU_FF_CLEAR(pVCpu, VMCPU_FF_INHIBIT_INTERRUPTS);
+    }
+    /* Nothing to do for SMI/enclave. We don't support enclaves or SMM yet. */
+
+    /* Pending debug exceptions. */
+    if (    uExitReason != VMX_EXIT_INIT_SIGNAL
+        &&  uExitReason != VMX_EXIT_SMI
+        &&  uExitReason != VMX_EXIT_ERR_MACHINE_CHECK
+        && !HMVmxIsTrapLikeVmexit(uExitReason))
+    {
+        /** @todo NSTVMX: also must exclude VM-exits caused by debug exceptions when
+         *        block-by-MovSS is in effect. */
+        pVmcs->u64GuestPendingDbgXcpt.u = 0;
+    }
+
+    /** @todo NSTVMX: Save VMX preemption timer value. */
+
+    /* PDPTEs. */
+    Assert(!(pVmcs->u32ProcCtls2 & VMX_PROC_CTLS2_EPT));    /* We don't support EPT yet. */
+    pVmcs->u64GuestPdpte0.u = 0;
+    pVmcs->u64GuestPdpte1.u = 0;
+    pVmcs->u64GuestPdpte2.u = 0;
+    pVmcs->u64GuestPdpte3.u = 0;
+}
+
+
+/**
  * Saves the guest-state as part of VM-exit.
  *
  * @returns VBox status code.
- * @param   pVCpu       The cross context virtual CPU structure.
- */
-IEM_STATIC void iemVmxVmexitSaveGuestState(PVMCPU pVCpu)
-{
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   uExitReason     The VM-exit reason.
+ */
+IEM_STATIC void iemVmxVmexitSaveGuestState(PVMCPU pVCpu, uint32_t uExitReason)
+{
+    PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+    Assert(pVmcs);
+
     /*
-     * Save control, debug, segment, descriptor-table registers and some MSRs.
+     * Save guest control, debug, segment, descriptor-table registers and some MSRs.
      */
     iemVmxVmexitSaveGuestControlRegsMsrs(pVCpu);
     iemVmxVmexitSaveGuestSegRegs(pVCpu);
 
-    /** @todo NSTVMX: rest of state. */
+    /*
+     * Save guest RIP, RSP and RFLAGS.
+     */
+    /* We don't support enclave mode yet. */
+    pVmcs->u64GuestRip.u    = pVCpu->cpum.GstCtx.rip;
+    pVmcs->u64GuestRsp.u    = pVCpu->cpum.GstCtx.rsp;
+    pVmcs->u64GuestRFlags.u = pVCpu->cpum.GstCtx.rflags.u;  /** @todo NSTVMX: Check RFLAGS.RF handling. */
+
+    /* Save guest non-register state. */
+    iemVmxVmexitSaveGuestNonRegState(pVCpu, uExitReason);
+}
+
+
+/**
+ * Saves the guest MSRs into the VM-exit auto-store MSRs area as part of VM-exit.
+ *
+ * @returns VBox status code.
+ * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   uExitReason     The VM-exit reason (for diagnostic purposes).
+ */
+IEM_STATIC int iemVmxVmexitSaveGuestAutoMsrs(PVMCPU pVCpu, uint32_t uExitReason)
+{
+    /*
+     * Save guest MSRs.
+     * See Intel spec. 27.4 "Saving MSRs".
+     */
+    PVMXVVMCS pVmcs = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pVmcs);
+    const char *const pszFailure = "VMX-abort";
+
+    /*
+     * Verify the MSR auto-store count. Physical CPUs can behave unpredictably if the count
+     * is exceeded including possibly raising #MC exceptions during VMX transition. Our
+     * implementation causes a VMX-abort followed by a triple-fault.
+     */
+    uint64_t const u64GuestVmxMiscMsr = CPUMGetGuestIa32VmxMisc(pVCpu);
+    uint32_t const cMaxSupportedMsrs  = VMX_MISC_MAX_MSRS(u64GuestVmxMiscMsr);
+    uint32_t const cMsrs              = pVmcs->u32ExitMsrStoreCount;
+    Assert(cMaxSupportedMsrs <= VMX_V_AUTOMSR_AREA_SIZE / sizeof(VMXAUTOMSR));
+    if (cMsrs <= cMaxSupportedMsrs)
+    { /* likely */ }
+    else
+        IEM_VMX_VMEXIT_FAILED_RET(pVCpu, uExitReason, pszFailure, kVmxVDiag_Vmexit_MsrStoreCount);
+
+    /*
+     * The VM-exit MSR-store area address need not be a valid guest-physical address if the
+     * VM-exit MSR-store count is 0. If this is the case, bail early without reading it.
+     * See Intel spec. 24.7.2 "VM-Exit Controls for MSRs".
+     */
+    if (cMsrs == 0)
+        return VINF_SUCCESS;
+
+    PVMXAUTOMSR pMsr = pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea);
+    Assert(pMsr);
+    for (uint32_t idxMsr = 0; idxMsr < cMsrs; idxMsr++, pMsr++)
+    {
+        if (   !pMsr->u32Reserved
+            &&  pMsr->u32Msr >> 8 != MSR_IA32_X2APIC_START >> 8
+            &&  pMsr->u32Msr != MSR_IA32_SMBASE)
+        {
+            int rc = CPUMQueryGuestMsr(pVCpu, pMsr->u32Msr, &pMsr->u64Value);
+            if (rc == VINF_SUCCESS)
+                continue;
+
+            /*
+             * If we're in ring-0, we cannot handle returns to ring-3 at this point and continue VM-exit.
+             * If any guest hypervisor loads MSRs that require ring-3 handling, we cause a VMX-abort
+             * recording the MSR index in a VirtualBox specific VMCS field and indicated further by our
+             * own, specific diagnostic code. Later, we can try implement handling of the MSR in ring-0
+             * if possible, or come up with a better, generic solution.
+             */
+            pVCpu->cpum.GstCtx.hwvirt.vmx.uAbortAux = pMsr->u32Msr;
+            VMXVDIAG const enmDiag = rc == VINF_CPUM_R3_MSR_READ
+                                   ? kVmxVDiag_Vmexit_MsrStoreRing3
+                                   : kVmxVDiag_Vmexit_MsrStore;
+            IEM_VMX_VMEXIT_FAILED_RET(pVCpu, uExitReason, pszFailure, enmDiag);
+        }
+        else
+        {
+            pVCpu->cpum.GstCtx.hwvirt.vmx.uAbortAux = pMsr->u32Msr;
+            IEM_VMX_VMEXIT_FAILED_RET(pVCpu, uExitReason, pszFailure, kVmxVDiag_Vmexit_MsrStoreRsvd);
+        }
+    }
+
+    RTGCPHYS const GCPhysAutoMsrArea = pVmcs->u64AddrExitMsrStore.u;
+    int rc = PGMPhysSimpleWriteGCPhys(pVCpu->CTX_SUFF(pVM), GCPhysAutoMsrArea,
+                                      pVCpu->cpum.GstCtx.hwvirt.vmx.CTX_SUFF(pAutoMsrArea), VMX_V_AUTOMSR_AREA_SIZE);
+    if (RT_SUCCESS(rc))
+    { /* likely */ }
+    else
+    {
+        AssertMsgFailed(("VM-exit: Failed to write MSR auto-store area at %#RGp, rc=%Rrc\n", GCPhysAutoMsrArea, rc));
+        IEM_VMX_VMEXIT_FAILED_RET(pVCpu, uExitReason, pszFailure, kVmxVDiag_Vmexit_MsrStorePtrReadPhys);
+    }
+
+    NOREF(uExitReason);
+    NOREF(pszFailure);
+    return VINF_SUCCESS;
+}
+
+
+/**
+ * Performs a VMX abort (due to an fatal error during VM-exit).
+ *
+ * @returns VBox status code.
+ * @param   pVCpu       The cross context virtual CPU structure.
+ * @param   enmAbort    The VMX abort reason.
+ */
+IEM_STATIC int iemVmxAbort(PVMCPU pVCpu, VMXABORT enmAbort)
+{
+    /*
+     * Perform the VMX abort.
+     * See Intel spec. 27.7 "VMX Aborts".
+     */
+    LogFunc(("enmAbort=%u (%s) -> RESET\n", enmAbort, HMVmxGetAbortDesc(enmAbort)));
+
+    /* We don't support SMX yet. */
+    pVCpu->cpum.GstCtx.hwvirt.vmx.enmAbort = enmAbort;
+    ASMWriteFence();
+    if (IEM_VMX_HAS_CURRENT_VMCS(pVCpu))
+    {
+        RTGCPHYS const GCPhysVmcs  = IEM_VMX_GET_CURRENT_VMCS(pVCpu);
+        uint32_t const offVmxAbort = RT_OFFSETOF(VMXVVMCS, u32VmxAbortId);
+        PGMPhysSimpleWriteGCPhys(pVCpu->CTX_SUFF(pVM), GCPhysVmcs + offVmxAbort, &enmAbort, sizeof(enmAbort));
+    }
+
+    return VINF_EM_TRIPLE_FAULT;
 }
 
@@ -4697 +4903 @@
  *
  * @param   pVCpu           The cross context virtual CPU structure.
+ * @param   uExitReason     The VM-exit reason.
  * @param   cbInstr         The instruction length.
  */
@@ -4718 +4925 @@
         && uExitReason != VMX_EXIT_ERR_MSR_LOAD
         && uExitReason != VMX_EXIT_ERR_MACHINE_CHECK)
-        iemVmxVmexitSaveGuestState(pVCpu);
-
+    {
+        iemVmxVmexitSaveGuestState(pVCpu, uExitReason);
+        int rc = iemVmxVmexitSaveGuestAutoMsrs(pVCpu, uExitReason);
+        if (RT_SUCCESS(rc))
+        { /* likely */ }
+        else
+        {
+            LogFunc(("iemVmxVmexitSaveGuestAutoMsrs failed (rc=%Rrc) -> VMX-Abort\n", rc));
+            return iemVmxAbort(pVCpu, VMXABORT_SAVE_GUEST_MSRS);
+        }
+    }
+
+    /** @todo NSTVMX: rest of VM-exit (loading host state etc). */
     return VINF_SUCCESS;
 }

trunk/src/VBox/VMM/VMMR3/CPUM.cpp

@@ -3039 +3039 @@
     if (fDumpState & CPUMHWVIRTDUMP_VMX)
     {
+        pHlp->pfnPrintf(pHlp, "  GCPhysVmxon                = %#RGp\n",     pCtx->hwvirt.vmx.GCPhysVmxon);
+        pHlp->pfnPrintf(pHlp, "  GCPhysVmcs                 = %#RGp\n",     pCtx->hwvirt.vmx.GCPhysVmcs);
+        pHlp->pfnPrintf(pHlp, "  GCPhysShadowVmcs           = %#RGp\n",     pCtx->hwvirt.vmx.GCPhysShadowVmcs);
+        pHlp->pfnPrintf(pHlp, "  enmDiag                    = %u (%s)\n",   pCtx->hwvirt.vmx.enmDiag, HMVmxGetDiagDesc(pCtx->hwvirt.vmx.enmDiag));
+        pHlp->pfnPrintf(pHlp, "  enmAbort                   = %u (%s)\n",   pCtx->hwvirt.vmx.enmAbort, HMVmxGetAbortDesc(pCtx->hwvirt.vmx.enmAbort));
+        pHlp->pfnPrintf(pHlp, "  uAbortAux                  = %u (%#x)\n",  pCtx->hwvirt.vmx.uAbortAux, pCtx->hwvirt.vmx.uAbortAux);
         pHlp->pfnPrintf(pHlp, "  fInVmxRootMode             = %RTbool\n",   pCtx->hwvirt.vmx.fInVmxRootMode);
         pHlp->pfnPrintf(pHlp, "  fInVmxNonRootMode          = %RTbool\n",   pCtx->hwvirt.vmx.fInVmxNonRootMode);
-        pHlp->pfnPrintf(pHlp, "  GCPhysVmxon                = %#RGp\n",     pCtx->hwvirt.vmx.GCPhysVmxon);
-        pHlp->pfnPrintf(pHlp, "  GCPhysVmcs                 = %#RGp\n",     pCtx->hwvirt.vmx.GCPhysVmcs);
-        pHlp->pfnPrintf(pHlp, "  enmDiag                    = %u (%s)\n",   pCtx->hwvirt.vmx.enmDiag,
-                        HMVmxGetDiagDesc(pCtx->hwvirt.vmx.enmDiag));
+        pHlp->pfnPrintf(pHlp, "  fInterceptEvents           = %RTbool\n",   pCtx->hwvirt.vmx.fInterceptEvents);
+
         /** @todo NSTVMX: Dump remaining/new fields. */
     }