/*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2011 NetApp, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD$ */ /* * This file and its contents are supplied under the terms of the * Common Development and Distribution License ("CDDL"), version 1.0. * You may only use this file in accordance with the terms of version * 1.0 of the CDDL. * * A full copy of the text of the CDDL should have accompanied this * source. A copy of the CDDL is also available via the Internet at * http://www.illumos.org/license/CDDL. * * Copyright 2015 Pluribus Networks Inc. * Copyright 2019 Joyent, Inc. * Copyright 2022 Oxide Computer Company */ #ifndef _VMM_H_ #define _VMM_H_ enum vm_suspend_how { VM_SUSPEND_NONE, VM_SUSPEND_RESET, VM_SUSPEND_POWEROFF, VM_SUSPEND_HALT, VM_SUSPEND_TRIPLEFAULT, VM_SUSPEND_LAST }; /* * Identifiers for architecturally defined registers. */ enum vm_reg_name { VM_REG_GUEST_RAX, VM_REG_GUEST_RBX, VM_REG_GUEST_RCX, VM_REG_GUEST_RDX, VM_REG_GUEST_RSI, VM_REG_GUEST_RDI, VM_REG_GUEST_RBP, VM_REG_GUEST_R8, VM_REG_GUEST_R9, VM_REG_GUEST_R10, VM_REG_GUEST_R11, VM_REG_GUEST_R12, VM_REG_GUEST_R13, VM_REG_GUEST_R14, VM_REG_GUEST_R15, VM_REG_GUEST_CR0, VM_REG_GUEST_CR3, VM_REG_GUEST_CR4, VM_REG_GUEST_DR7, VM_REG_GUEST_RSP, VM_REG_GUEST_RIP, VM_REG_GUEST_RFLAGS, VM_REG_GUEST_ES, VM_REG_GUEST_CS, VM_REG_GUEST_SS, VM_REG_GUEST_DS, VM_REG_GUEST_FS, VM_REG_GUEST_GS, VM_REG_GUEST_LDTR, VM_REG_GUEST_TR, VM_REG_GUEST_IDTR, VM_REG_GUEST_GDTR, VM_REG_GUEST_EFER, VM_REG_GUEST_CR2, VM_REG_GUEST_PDPTE0, VM_REG_GUEST_PDPTE1, VM_REG_GUEST_PDPTE2, VM_REG_GUEST_PDPTE3, VM_REG_GUEST_INTR_SHADOW, VM_REG_GUEST_DR0, VM_REG_GUEST_DR1, VM_REG_GUEST_DR2, VM_REG_GUEST_DR3, VM_REG_GUEST_DR6, VM_REG_GUEST_ENTRY_INST_LENGTH, VM_REG_GUEST_XCR0, VM_REG_LAST }; enum x2apic_state { X2APIC_DISABLED, X2APIC_ENABLED, X2APIC_STATE_LAST }; #define VM_INTINFO_MASK_VECTOR 0xffUL #define VM_INTINFO_MASK_TYPE 0x700UL #define VM_INTINFO_MASK_RSVD 0x7ffff000UL #define VM_INTINFO_SHIFT_ERRCODE 32 #define VM_INTINFO_VECTOR(val) ((val) & VM_INTINFO_MASK_VECTOR) #define VM_INTINFO_TYPE(val) ((val) & VM_INTINFO_MASK_TYPE) #define VM_INTINFO_ERRCODE(val) ((val) >> VM_INTINFO_SHIFT_ERRCODE) #define VM_INTINFO_PENDING(val) (((val) & VM_INTINFO_VALID) != 0) #define VM_INTINFO_HAS_ERRCODE(val) (((val) & VM_INTINFO_DEL_ERRCODE) != 0) #define VM_INTINFO_VALID (1UL << 31) #define VM_INTINFO_DEL_ERRCODE (1UL << 11) #define VM_INTINFO_HWINTR (0 << 8) #define VM_INTINFO_NMI (2 << 8) #define VM_INTINFO_HWEXCP (3 << 8) #define VM_INTINFO_SWINTR (4 << 8) /* Reserved for CPU (read: Intel) specific types */ #define VM_INTINFO_RESV1 (1 << 8) #define VM_INTINFO_RESV5 (5 << 8) #define VM_INTINFO_RESV6 (6 << 8) #define VM_INTINFO_RESV7 (7 << 8) /* * illumos doesn't have a limitation based on SPECNAMELEN like FreeBSD does. * To simplify structure definitions, an arbitrary limit has been chosen. * This same limit is used for memory segment names */ #define VM_MAX_NAMELEN 128 #define VM_MAX_SEG_NAMELEN 128 #ifdef _KERNEL #define VM_MAXCPU 32 /* maximum virtual cpus */ #endif /* * Identifiers for optional vmm capabilities */ enum vm_cap_type { VM_CAP_HALT_EXIT, VM_CAP_MTRAP_EXIT, VM_CAP_PAUSE_EXIT, VM_CAP_ENABLE_INVPCID, VM_CAP_BPT_EXIT, VM_CAP_MAX }; enum vmx_caps { VMX_CAP_NONE = 0, VMX_CAP_TPR_SHADOW = (1UL << 0), VMX_CAP_APICV = (1UL << 1), VMX_CAP_APICV_X2APIC = (1UL << 2), VMX_CAP_APICV_PIR = (1UL << 3), }; enum vm_intr_trigger { EDGE_TRIGGER, LEVEL_TRIGGER }; /* * The 'access' field has the format specified in Table 21-2 of the Intel * Architecture Manual vol 3b. * * XXX The contents of the 'access' field are architecturally defined except * bit 16 - Segment Unusable. */ struct seg_desc { uint64_t base; uint32_t limit; uint32_t access; }; #define SEG_DESC_TYPE(access) ((access) & 0x001f) #define SEG_DESC_DPL_MASK 0x3 #define SEG_DESC_DPL_SHIFT 5 #define SEG_DESC_DPL(access) \ (((access) >> SEG_DESC_DPL_SHIFT) & SEG_DESC_DPL_MASK) #define SEG_DESC_PRESENT(access) (((access) & 0x0080) ? 1 : 0) #define SEG_DESC_DEF32(access) (((access) & 0x4000) ? 1 : 0) #define SEG_DESC_GRANULARITY(access) (((access) & 0x8000) ? 1 : 0) #define SEG_DESC_UNUSABLE(access) (((access) & 0x10000) ? 1 : 0) enum vm_cpu_mode { CPU_MODE_REAL, CPU_MODE_PROTECTED, CPU_MODE_COMPATIBILITY, /* IA-32E mode (CS.L = 0) */ CPU_MODE_64BIT, /* IA-32E mode (CS.L = 1) */ }; enum vm_paging_mode { PAGING_MODE_FLAT, PAGING_MODE_32, PAGING_MODE_PAE, PAGING_MODE_64, }; struct vm_guest_paging { uint64_t cr3; int cpl; enum vm_cpu_mode cpu_mode; enum vm_paging_mode paging_mode; }; enum vm_exitcode { VM_EXITCODE_INOUT, VM_EXITCODE_VMX, VM_EXITCODE_BOGUS, VM_EXITCODE_RDMSR, VM_EXITCODE_WRMSR, VM_EXITCODE_HLT, VM_EXITCODE_MTRAP, VM_EXITCODE_PAUSE, VM_EXITCODE_PAGING, VM_EXITCODE_INST_EMUL, VM_EXITCODE_RUN_STATE, VM_EXITCODE_MMIO_EMUL, VM_EXITCODE_DEPRECATED, /* formerly RUNBLOCK */ VM_EXITCODE_IOAPIC_EOI, VM_EXITCODE_SUSPENDED, VM_EXITCODE_MMIO, VM_EXITCODE_TASK_SWITCH, VM_EXITCODE_MONITOR, VM_EXITCODE_MWAIT, VM_EXITCODE_SVM, VM_EXITCODE_REQIDLE, VM_EXITCODE_DEBUG, VM_EXITCODE_VMINSN, VM_EXITCODE_BPT, VM_EXITCODE_HT, VM_EXITCODE_MAX }; enum inout_flags { INOUT_IN = (1U << 0), /* direction: 'in' when set, else 'out' */ /* * The following flags are used only for in-kernel emulation logic and * are not exposed to userspace. */ INOUT_STR = (1U << 1), /* ins/outs operation */ INOUT_REP = (1U << 2), /* 'rep' prefix present on instruction */ }; struct vm_inout { uint32_t eax; uint16_t port; uint8_t bytes; /* 1 or 2 or 4 */ uint8_t flags; /* see: inout_flags */ /* * The address size and segment are relevant to INS/OUTS operations. * Userspace is not concerned with them since the in-kernel emulation * handles those specific aspects. */ uint8_t addrsize; uint8_t segment; }; struct vm_mmio { uint8_t bytes; /* 1/2/4/8 bytes */ uint8_t read; /* read: 1, write: 0 */ uint16_t _pad[3]; uint64_t gpa; uint64_t data; }; enum task_switch_reason { TSR_CALL, TSR_IRET, TSR_JMP, TSR_IDT_GATE, /* task gate in IDT */ }; struct vm_task_switch { uint16_t tsssel; /* new TSS selector */ int ext; /* task switch due to external event */ uint32_t errcode; int errcode_valid; /* push 'errcode' on the new stack */ enum task_switch_reason reason; struct vm_guest_paging paging; }; enum vcpu_run_state { VRS_HALT = 0, VRS_INIT = (1 << 0), VRS_RUN = (1 << 1), VRS_PEND_INIT = (1 << 14), VRS_PEND_SIPI = (1 << 15), }; #define VRS_MASK_VALID(v) \ ((v) & (VRS_INIT | VRS_RUN | VRS_PEND_SIPI | VRS_PEND_SIPI)) #define VRS_IS_VALID(v) ((v) == VRS_MASK_VALID(v)) struct vm_exit { enum vm_exitcode exitcode; int inst_length; /* 0 means unknown */ uint64_t rip; union { struct vm_inout inout; struct vm_mmio mmio; struct { uint64_t gpa; int fault_type; } paging; /* * Kernel-internal MMIO decoding and emulation. * Userspace should not expect to see this, but rather a * VM_EXITCODE_MMIO with the above 'mmio' context. */ struct { uint64_t gpa; uint64_t gla; uint64_t cs_base; int cs_d; /* CS.D */ } mmio_emul; struct { uint8_t inst[15]; uint8_t num_valid; } inst_emul; /* * VMX specific payload. Used when there is no "better" * exitcode to represent the VM-exit. */ struct { int status; /* vmx inst status */ /* * 'exit_reason' and 'exit_qualification' are valid * only if 'status' is zero. */ uint32_t exit_reason; uint64_t exit_qualification; /* * 'inst_error' and 'inst_type' are valid * only if 'status' is non-zero. */ int inst_type; int inst_error; } vmx; /* * SVM specific payload. */ struct { uint64_t exitcode; uint64_t exitinfo1; uint64_t exitinfo2; } svm; struct { int inst_length; } bpt; struct { uint32_t code; /* ecx value */ uint64_t wval; } msr; struct { uint64_t rflags; } hlt; struct { int vector; } ioapic_eoi; struct { enum vm_suspend_how how; } suspended; struct vm_task_switch task_switch; } u; }; enum vm_entry_cmds { VEC_DEFAULT = 0, VEC_DISCARD_INSTR, /* discard inst emul state */ VEC_FULFILL_MMIO, /* entry includes result for mmio emul */ VEC_FULFILL_INOUT, /* entry includes result for inout emul */ /* Below are flags which can be combined with the above commands: */ /* * Exit to userspace when vCPU is in consistent state: when any pending * instruction emulation tasks have been completed and committed to the * architecturally defined state. */ VEC_FLAG_EXIT_CONSISTENT = 1 << 31, }; struct vm_entry { int cpuid; uint_t cmd; /* see: vm_entry_cmds */ void *exit_data; union { struct vm_inout inout; struct vm_mmio mmio; } u; }; int vm_restart_instruction(void *vm, int vcpuid); enum vm_create_flags { /* * Allocate guest memory segments from existing reservoir capacity, * rather than attempting to create transient allocations. */ VCF_RESERVOIR_MEM = (1 << 0), /* * Enable dirty page tracking for the guest. */ VCF_TRACK_DIRTY = (1 << 1), }; /* * Describes an entry for `cpuid` emulation. * Used internally by bhyve (kernel) in addition to exposed ioctl(2) interface. */ struct vcpu_cpuid_entry { uint32_t vce_function; uint32_t vce_index; uint32_t vce_flags; uint32_t vce_eax; uint32_t vce_ebx; uint32_t vce_ecx; uint32_t vce_edx; uint32_t _pad; }; /* * Defined flags for vcpu_cpuid_entry`vce_flags are below. */ /* Use index (ecx) input value when matching entry */ #define VCE_FLAG_MATCH_INDEX (1 << 0) /* All valid flacts for vcpu_cpuid_entry`vce_flags */ #define VCE_FLAGS_VALID VCE_FLAG_MATCH_INDEX /* * Defined flags for vcpu_cpuid configuration are below. * These are used by both the ioctl(2) interface via vm_vcpu_cpuid_config and * internally in the kernel vmm. */ /* Use legacy hard-coded cpuid masking tables applied to the host CPU */ #define VCC_FLAG_LEGACY_HANDLING (1 << 0) /* * Emulate Intel-style fallback behavior (emit highest "standard" entry) if the * queried function/index do not match. If not set, emulate AMD-style, where * all zeroes are returned in such cases. */ #define VCC_FLAG_INTEL_FALLBACK (1 << 1) /* All valid flacts for vm_vcpu_cpuid_config`vvcc_flags */ #define VCC_FLAGS_VALID \ (VCC_FLAG_LEGACY_HANDLING | VCC_FLAG_INTEL_FALLBACK) /* Maximum vcpu_cpuid_entry records per vCPU */ #define VMM_MAX_CPUID_ENTRIES 256 #endif /* _VMM_H_ */