1 /*
2 * i386 helpers (without register variable usage)
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA
19 */
20 #include <stdarg.h>
21 #include <stdlib.h>
22 #include <stdio.h>
23 #include <string.h>
24 #include <inttypes.h>
25 #include <signal.h>
26
27 #include "cpu.h"
28 #include "qemu-common.h"
29 #include "sysemu/kvm.h"
30 #include "exec/hax.h"
31
32 //#define DEBUG_MMU
33
34 /* feature flags taken from "Intel Processor Identification and the CPUID
35 * Instruction" and AMD's "CPUID Specification". In cases of disagreement
36 * about feature names, the Linux name is used. */
37 static const char *feature_name[] = {
38 "fpu", "vme", "de", "pse", "tsc", "msr", "pae", "mce",
39 "cx8", "apic", NULL, "sep", "mtrr", "pge", "mca", "cmov",
40 "pat", "pse36", "pn" /* Intel psn */, "clflush" /* Intel clfsh */, NULL, "ds" /* Intel dts */, "acpi", "mmx",
41 "fxsr", "sse", "sse2", "ss", "ht" /* Intel htt */, "tm", "ia64", "pbe",
42 };
43 static const char *ext_feature_name[] = {
44 "pni" /* Intel,AMD sse3 */, NULL, NULL, "monitor", "ds_cpl", "vmx", NULL /* Linux smx */, "est",
45 "tm2", "ssse3", "cid", NULL, NULL, "cx16", "xtpr", NULL,
46 NULL, NULL, "dca", NULL, NULL, NULL, NULL, "popcnt",
47 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
48 };
49 static const char *ext2_feature_name[] = {
50 "fpu", "vme", "de", "pse", "tsc", "msr", "pae", "mce",
51 "cx8" /* AMD CMPXCHG8B */, "apic", NULL, "syscall", "mtrr", "pge", "mca", "cmov",
52 "pat", "pse36", NULL, NULL /* Linux mp */, "nx" /* Intel xd */, NULL, "mmxext", "mmx",
53 "fxsr", "fxsr_opt" /* AMD ffxsr */, "pdpe1gb" /* AMD Page1GB */, "rdtscp", NULL, "lm" /* Intel 64 */, "3dnowext", "3dnow",
54 };
55 static const char *ext3_feature_name[] = {
56 "lahf_lm" /* AMD LahfSahf */, "cmp_legacy", "svm", "extapic" /* AMD ExtApicSpace */, "cr8legacy" /* AMD AltMovCr8 */, "abm", "sse4a", "misalignsse",
57 "3dnowprefetch", "osvw", NULL /* Linux ibs */, NULL, "skinit", "wdt", NULL, NULL,
58 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
59 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
60 };
61
add_flagname_to_bitmaps(char * flagname,uint32_t * features,uint32_t * ext_features,uint32_t * ext2_features,uint32_t * ext3_features)62 static void add_flagname_to_bitmaps(char *flagname, uint32_t *features,
63 uint32_t *ext_features,
64 uint32_t *ext2_features,
65 uint32_t *ext3_features)
66 {
67 int i;
68 int found = 0;
69
70 for ( i = 0 ; i < 32 ; i++ )
71 if (feature_name[i] && !strcmp (flagname, feature_name[i])) {
72 *features |= 1 << i;
73 found = 1;
74 }
75 for ( i = 0 ; i < 32 ; i++ )
76 if (ext_feature_name[i] && !strcmp (flagname, ext_feature_name[i])) {
77 *ext_features |= 1 << i;
78 found = 1;
79 }
80 for ( i = 0 ; i < 32 ; i++ )
81 if (ext2_feature_name[i] && !strcmp (flagname, ext2_feature_name[i])) {
82 *ext2_features |= 1 << i;
83 found = 1;
84 }
85 for ( i = 0 ; i < 32 ; i++ )
86 if (ext3_feature_name[i] && !strcmp (flagname, ext3_feature_name[i])) {
87 *ext3_features |= 1 << i;
88 found = 1;
89 }
90 if (!found) {
91 fprintf(stderr, "CPU feature %s not found\n", flagname);
92 }
93 }
94
kvm_trim_features(uint32_t * features,uint32_t supported,const char * names[])95 static void kvm_trim_features(uint32_t *features, uint32_t supported,
96 const char *names[])
97 {
98 int i;
99 uint32_t mask;
100
101 for (i = 0; i < 32; ++i) {
102 mask = 1U << i;
103 if ((*features & mask) && !(supported & mask)) {
104 *features &= ~mask;
105 }
106 }
107 }
108
109 typedef struct x86_def_t {
110 const char *name;
111 uint32_t level;
112 uint32_t vendor1, vendor2, vendor3;
113 int family;
114 int model;
115 int stepping;
116 uint32_t features, ext_features, ext2_features, ext3_features;
117 uint32_t xlevel;
118 char model_id[48];
119 int vendor_override;
120 } x86_def_t;
121
122 #define I486_FEATURES (CPUID_FP87 | CPUID_VME | CPUID_PSE)
123 #define PENTIUM_FEATURES (I486_FEATURES | CPUID_DE | CPUID_TSC | \
124 CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_MMX)
125 #define PENTIUM2_FEATURES (PENTIUM_FEATURES | CPUID_PAE | CPUID_SEP | \
126 CPUID_MTRR | CPUID_PGE | CPUID_MCA | CPUID_CMOV | CPUID_PAT | \
127 CPUID_PSE36 | CPUID_FXSR)
128 #define PENTIUM3_FEATURES (PENTIUM2_FEATURES | CPUID_SSE)
129 #define PPRO_FEATURES (CPUID_FP87 | CPUID_DE | CPUID_PSE | CPUID_TSC | \
130 CPUID_MSR | CPUID_MCE | CPUID_CX8 | CPUID_PGE | CPUID_CMOV | \
131 CPUID_PAT | CPUID_FXSR | CPUID_MMX | CPUID_SSE | CPUID_SSE2 | \
132 CPUID_PAE | CPUID_SEP | CPUID_APIC)
133 static x86_def_t x86_defs[] = {
134 #ifdef TARGET_X86_64
135 {
136 .name = "qemu64",
137 .level = 2,
138 .vendor1 = CPUID_VENDOR_AMD_1,
139 .vendor2 = CPUID_VENDOR_AMD_2,
140 .vendor3 = CPUID_VENDOR_AMD_3,
141 .family = 6,
142 .model = 2,
143 .stepping = 3,
144 .features = PPRO_FEATURES |
145 /* these features are needed for Win64 and aren't fully implemented */
146 CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
147 /* this feature is needed for Solaris and isn't fully implemented */
148 CPUID_PSE36,
149 .ext_features = CPUID_EXT_SSE3,
150 .ext2_features = (PPRO_FEATURES & 0x0183F3FF) |
151 CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
152 CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
153 .ext3_features = CPUID_EXT3_SVM,
154 .xlevel = 0x8000000A,
155 .model_id = "QEMU Virtual CPU version " QEMU_VERSION,
156 },
157 {
158 .name = "phenom",
159 .level = 5,
160 .vendor1 = CPUID_VENDOR_AMD_1,
161 .vendor2 = CPUID_VENDOR_AMD_2,
162 .vendor3 = CPUID_VENDOR_AMD_3,
163 .family = 16,
164 .model = 2,
165 .stepping = 3,
166 /* Missing: CPUID_VME, CPUID_HT */
167 .features = PPRO_FEATURES |
168 CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
169 CPUID_PSE36,
170 /* Missing: CPUID_EXT_CX16, CPUID_EXT_POPCNT */
171 .ext_features = CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
172 /* Missing: CPUID_EXT2_PDPE1GB, CPUID_EXT2_RDTSCP */
173 .ext2_features = (PPRO_FEATURES & 0x0183F3FF) |
174 CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX |
175 CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT | CPUID_EXT2_MMXEXT |
176 CPUID_EXT2_FFXSR,
177 /* Missing: CPUID_EXT3_LAHF_LM, CPUID_EXT3_CMP_LEG, CPUID_EXT3_EXTAPIC,
178 CPUID_EXT3_CR8LEG, CPUID_EXT3_ABM, CPUID_EXT3_SSE4A,
179 CPUID_EXT3_MISALIGNSSE, CPUID_EXT3_3DNOWPREFETCH,
180 CPUID_EXT3_OSVW, CPUID_EXT3_IBS */
181 .ext3_features = CPUID_EXT3_SVM,
182 .xlevel = 0x8000001A,
183 .model_id = "AMD Phenom(tm) 9550 Quad-Core Processor"
184 },
185 {
186 .name = "core2duo",
187 .level = 10,
188 .family = 6,
189 .model = 15,
190 .stepping = 11,
191 /* The original CPU also implements these features:
192 CPUID_VME, CPUID_DTS, CPUID_ACPI, CPUID_SS, CPUID_HT,
193 CPUID_TM, CPUID_PBE */
194 .features = PPRO_FEATURES |
195 CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA |
196 CPUID_PSE36,
197 /* The original CPU also implements these ext features:
198 CPUID_EXT_DTES64, CPUID_EXT_DSCPL, CPUID_EXT_VMX, CPUID_EXT_EST,
199 CPUID_EXT_TM2, CPUID_EXT_CX16, CPUID_EXT_XTPR, CPUID_EXT_PDCM */
200 .ext_features = CPUID_EXT_SSE3 | CPUID_EXT_MONITOR | CPUID_EXT_SSSE3,
201 .ext2_features = CPUID_EXT2_LM | CPUID_EXT2_SYSCALL | CPUID_EXT2_NX,
202 /* Missing: .ext3_features = CPUID_EXT3_LAHF_LM */
203 .xlevel = 0x80000008,
204 .model_id = "Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz",
205 },
206 #endif
207 {
208 .name = "qemu32",
209 .level = 2,
210 .family = 6,
211 .model = 3,
212 .stepping = 3,
213 .features = PPRO_FEATURES,
214 .ext_features = CPUID_EXT_SSE3 | CPUID_EXT_SSSE3,
215 .xlevel = 0,
216 .model_id = "QEMU Virtual CPU version " QEMU_VERSION,
217 },
218 {
219 .name = "coreduo",
220 .level = 10,
221 .family = 6,
222 .model = 14,
223 .stepping = 8,
224 /* The original CPU also implements these features:
225 CPUID_DTS, CPUID_ACPI, CPUID_SS, CPUID_HT,
226 CPUID_TM, CPUID_PBE */
227 .features = PPRO_FEATURES | CPUID_VME |
228 CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA,
229 /* The original CPU also implements these ext features:
230 CPUID_EXT_VMX, CPUID_EXT_EST, CPUID_EXT_TM2, CPUID_EXT_XTPR,
231 CPUID_EXT_PDCM */
232 .ext_features = CPUID_EXT_SSE3 | CPUID_EXT_MONITOR,
233 .ext2_features = CPUID_EXT2_NX,
234 .xlevel = 0x80000008,
235 .model_id = "Genuine Intel(R) CPU T2600 @ 2.16GHz",
236 },
237 {
238 .name = "486",
239 .level = 0,
240 .family = 4,
241 .model = 0,
242 .stepping = 0,
243 .features = I486_FEATURES,
244 .xlevel = 0,
245 },
246 {
247 .name = "pentium",
248 .level = 1,
249 .family = 5,
250 .model = 4,
251 .stepping = 3,
252 .features = PENTIUM_FEATURES,
253 .xlevel = 0,
254 },
255 {
256 .name = "pentium2",
257 .level = 2,
258 .family = 6,
259 .model = 5,
260 .stepping = 2,
261 .features = PENTIUM2_FEATURES,
262 .xlevel = 0,
263 },
264 {
265 .name = "pentium3",
266 .level = 2,
267 .family = 6,
268 .model = 7,
269 .stepping = 3,
270 .features = PENTIUM3_FEATURES,
271 .xlevel = 0,
272 },
273 {
274 .name = "athlon",
275 .level = 2,
276 .vendor1 = 0x68747541, /* "Auth" */
277 .vendor2 = 0x69746e65, /* "enti" */
278 .vendor3 = 0x444d4163, /* "cAMD" */
279 .family = 6,
280 .model = 2,
281 .stepping = 3,
282 .features = PPRO_FEATURES | CPUID_PSE36 | CPUID_VME | CPUID_MTRR | CPUID_MCA,
283 .ext2_features = (PPRO_FEATURES & 0x0183F3FF) | CPUID_EXT2_MMXEXT | CPUID_EXT2_3DNOW | CPUID_EXT2_3DNOWEXT,
284 .xlevel = 0x80000008,
285 /* XXX: put another string ? */
286 .model_id = "QEMU Virtual CPU version " QEMU_VERSION,
287 },
288 {
289 .name = "n270",
290 /* original is on level 10 */
291 .level = 5,
292 .family = 6,
293 .model = 28,
294 .stepping = 2,
295 .features = PPRO_FEATURES |
296 CPUID_MTRR | CPUID_CLFLUSH | CPUID_MCA | CPUID_VME,
297 /* Missing: CPUID_DTS | CPUID_ACPI | CPUID_SS |
298 * CPUID_HT | CPUID_TM | CPUID_PBE */
299 /* Some CPUs got no CPUID_SEP */
300 .ext_features = CPUID_EXT_MONITOR |
301 CPUID_EXT_SSE3 /* PNI */ | CPUID_EXT_SSSE3,
302 /* Missing: CPUID_EXT_DSCPL | CPUID_EXT_EST |
303 * CPUID_EXT_TM2 | CPUID_EXT_XTPR */
304 .ext2_features = (PPRO_FEATURES & 0x0183F3FF) | CPUID_EXT2_NX,
305 /* Missing: .ext3_features = CPUID_EXT3_LAHF_LM */
306 .xlevel = 0x8000000A,
307 .model_id = "Intel(R) Atom(TM) CPU N270 @ 1.60GHz",
308 },
309 };
310
cpu_x86_find_by_name(x86_def_t * x86_cpu_def,const char * cpu_model)311 static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, const char *cpu_model)
312 {
313 unsigned int i;
314 x86_def_t *def;
315
316 char *s = strdup(cpu_model);
317 char *featurestr, *name = strtok(s, ",");
318 uint32_t plus_features = 0, plus_ext_features = 0, plus_ext2_features = 0, plus_ext3_features = 0;
319 uint32_t minus_features = 0, minus_ext_features = 0, minus_ext2_features = 0, minus_ext3_features = 0;
320 int family = -1, model = -1, stepping = -1;
321
322 def = NULL;
323 for (i = 0; i < ARRAY_SIZE(x86_defs); i++) {
324 if (strcmp(name, x86_defs[i].name) == 0) {
325 def = &x86_defs[i];
326 break;
327 }
328 }
329 if (!def)
330 goto error;
331 memcpy(x86_cpu_def, def, sizeof(*def));
332
333 featurestr = strtok(NULL, ",");
334
335 while (featurestr) {
336 char *val;
337 if (featurestr[0] == '+') {
338 add_flagname_to_bitmaps(featurestr + 1, &plus_features, &plus_ext_features, &plus_ext2_features, &plus_ext3_features);
339 } else if (featurestr[0] == '-') {
340 add_flagname_to_bitmaps(featurestr + 1, &minus_features, &minus_ext_features, &minus_ext2_features, &minus_ext3_features);
341 } else if ((val = strchr(featurestr, '='))) {
342 *val = 0; val++;
343 if (!strcmp(featurestr, "family")) {
344 char *err;
345 family = strtol(val, &err, 10);
346 if (!*val || *err || family < 0) {
347 fprintf(stderr, "bad numerical value %s\n", val);
348 goto error;
349 }
350 x86_cpu_def->family = family;
351 } else if (!strcmp(featurestr, "model")) {
352 char *err;
353 model = strtol(val, &err, 10);
354 if (!*val || *err || model < 0 || model > 0xff) {
355 fprintf(stderr, "bad numerical value %s\n", val);
356 goto error;
357 }
358 x86_cpu_def->model = model;
359 } else if (!strcmp(featurestr, "stepping")) {
360 char *err;
361 stepping = strtol(val, &err, 10);
362 if (!*val || *err || stepping < 0 || stepping > 0xf) {
363 fprintf(stderr, "bad numerical value %s\n", val);
364 goto error;
365 }
366 x86_cpu_def->stepping = stepping;
367 } else if (!strcmp(featurestr, "vendor")) {
368 if (strlen(val) != 12) {
369 fprintf(stderr, "vendor string must be 12 chars long\n");
370 goto error;
371 }
372 x86_cpu_def->vendor1 = 0;
373 x86_cpu_def->vendor2 = 0;
374 x86_cpu_def->vendor3 = 0;
375 for(i = 0; i < 4; i++) {
376 x86_cpu_def->vendor1 |= ((uint8_t)val[i ]) << (8 * i);
377 x86_cpu_def->vendor2 |= ((uint8_t)val[i + 4]) << (8 * i);
378 x86_cpu_def->vendor3 |= ((uint8_t)val[i + 8]) << (8 * i);
379 }
380 x86_cpu_def->vendor_override = 1;
381 } else if (!strcmp(featurestr, "model_id")) {
382 pstrcpy(x86_cpu_def->model_id, sizeof(x86_cpu_def->model_id),
383 val);
384 } else {
385 fprintf(stderr, "unrecognized feature %s\n", featurestr);
386 goto error;
387 }
388 } else {
389 fprintf(stderr, "feature string `%s' not in format (+feature|-feature|feature=xyz)\n", featurestr);
390 goto error;
391 }
392 featurestr = strtok(NULL, ",");
393 }
394 x86_cpu_def->features |= plus_features;
395 x86_cpu_def->ext_features |= plus_ext_features;
396 x86_cpu_def->ext2_features |= plus_ext2_features;
397 x86_cpu_def->ext3_features |= plus_ext3_features;
398 x86_cpu_def->features &= ~minus_features;
399 x86_cpu_def->ext_features &= ~minus_ext_features;
400 x86_cpu_def->ext2_features &= ~minus_ext2_features;
401 x86_cpu_def->ext3_features &= ~minus_ext3_features;
402 free(s);
403 return 0;
404
405 error:
406 free(s);
407 return -1;
408 }
409
x86_cpu_list(FILE * f,int (* cpu_fprintf)(FILE * f,const char * fmt,...))410 void x86_cpu_list (FILE *f, int (*cpu_fprintf)(FILE *f, const char *fmt, ...))
411 {
412 unsigned int i;
413
414 for (i = 0; i < ARRAY_SIZE(x86_defs); i++)
415 (*cpu_fprintf)(f, "x86 %16s\n", x86_defs[i].name);
416 }
417
cpu_x86_register(CPUX86State * env,const char * cpu_model)418 static int cpu_x86_register (CPUX86State *env, const char *cpu_model)
419 {
420 x86_def_t def1, *def = &def1;
421
422 if (cpu_x86_find_by_name(def, cpu_model) < 0)
423 return -1;
424 if (def->vendor1) {
425 env->cpuid_vendor1 = def->vendor1;
426 env->cpuid_vendor2 = def->vendor2;
427 env->cpuid_vendor3 = def->vendor3;
428 } else {
429 env->cpuid_vendor1 = CPUID_VENDOR_INTEL_1;
430 env->cpuid_vendor2 = CPUID_VENDOR_INTEL_2;
431 env->cpuid_vendor3 = CPUID_VENDOR_INTEL_3;
432 }
433 env->cpuid_vendor_override = def->vendor_override;
434 env->cpuid_level = def->level;
435 if (def->family > 0x0f)
436 env->cpuid_version = 0xf00 | ((def->family - 0x0f) << 20);
437 else
438 env->cpuid_version = def->family << 8;
439 env->cpuid_version |= ((def->model & 0xf) << 4) | ((def->model >> 4) << 16);
440 env->cpuid_version |= def->stepping;
441 env->cpuid_features = def->features;
442 env->pat = 0x0007040600070406ULL;
443 env->cpuid_ext_features = def->ext_features;
444 env->cpuid_ext2_features = def->ext2_features;
445 env->cpuid_xlevel = def->xlevel;
446 env->cpuid_ext3_features = def->ext3_features;
447 {
448 const char *model_id = def->model_id;
449 int c, len, i;
450 if (!model_id)
451 model_id = "";
452 len = strlen(model_id);
453 for(i = 0; i < 48; i++) {
454 if (i >= len)
455 c = '\0';
456 else
457 c = (uint8_t)model_id[i];
458 env->cpuid_model[i >> 2] |= c << (8 * (i & 3));
459 }
460 }
461 return 0;
462 }
463
464 /* NOTE: must be called outside the CPU execute loop */
cpu_reset(CPUState * cpu)465 void cpu_reset(CPUState *cpu)
466 {
467 CPUX86State *env = cpu->env_ptr;
468 int i;
469
470 if (qemu_loglevel_mask(CPU_LOG_RESET)) {
471 qemu_log("CPU Reset (CPU %d)\n", cpu->cpu_index);
472 log_cpu_state(cpu, X86_DUMP_FPU | X86_DUMP_CCOP);
473 }
474
475 memset(env, 0, offsetof(CPUX86State, breakpoints));
476
477 tlb_flush(env, 1);
478
479 env->old_exception = -1;
480
481 /* init to reset state */
482
483 #ifdef CONFIG_SOFTMMU
484 env->hflags |= HF_SOFTMMU_MASK;
485 #endif
486 env->hflags2 |= HF2_GIF_MASK;
487
488 cpu_x86_update_cr0(env, 0x60000010);
489 env->a20_mask = ~0x0;
490 env->smbase = 0x30000;
491
492 env->idt.limit = 0xffff;
493 env->gdt.limit = 0xffff;
494 env->ldt.limit = 0xffff;
495 env->ldt.flags = DESC_P_MASK | (2 << DESC_TYPE_SHIFT);
496 env->tr.limit = 0xffff;
497 env->tr.flags = DESC_P_MASK | (11 << DESC_TYPE_SHIFT);
498
499 cpu_x86_load_seg_cache(env, R_CS, 0xf000, 0xffff0000, 0xffff,
500 DESC_P_MASK | DESC_S_MASK | DESC_CS_MASK |
501 DESC_R_MASK | DESC_A_MASK);
502 cpu_x86_load_seg_cache(env, R_DS, 0, 0, 0xffff,
503 DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
504 DESC_A_MASK);
505 cpu_x86_load_seg_cache(env, R_ES, 0, 0, 0xffff,
506 DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
507 DESC_A_MASK);
508 cpu_x86_load_seg_cache(env, R_SS, 0, 0, 0xffff,
509 DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
510 DESC_A_MASK);
511 cpu_x86_load_seg_cache(env, R_FS, 0, 0, 0xffff,
512 DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
513 DESC_A_MASK);
514 cpu_x86_load_seg_cache(env, R_GS, 0, 0, 0xffff,
515 DESC_P_MASK | DESC_S_MASK | DESC_W_MASK |
516 DESC_A_MASK);
517
518 env->eip = 0xfff0;
519 env->regs[R_EDX] = env->cpuid_version;
520
521 env->eflags = 0x2;
522
523 /* FPU init */
524 for(i = 0;i < 8; i++)
525 env->fptags[i] = 1;
526 env->fpuc = 0x37f;
527
528 env->mxcsr = 0x1f80;
529
530 memset(env->dr, 0, sizeof(env->dr));
531 env->dr[6] = DR6_FIXED_1;
532 env->dr[7] = DR7_FIXED_1;
533 cpu_breakpoint_remove_all(env, BP_CPU);
534 cpu_watchpoint_remove_all(env, BP_CPU);
535 }
536
cpu_x86_close(CPUX86State * env)537 void cpu_x86_close(CPUX86State *env)
538 {
539 g_free(env);
540 }
541
542 /***********************************************************/
543 /* x86 debug */
544
545 static const char *cc_op_str[] = {
546 "DYNAMIC",
547 "EFLAGS",
548
549 "MULB",
550 "MULW",
551 "MULL",
552 "MULQ",
553
554 "ADDB",
555 "ADDW",
556 "ADDL",
557 "ADDQ",
558
559 "ADCB",
560 "ADCW",
561 "ADCL",
562 "ADCQ",
563
564 "SUBB",
565 "SUBW",
566 "SUBL",
567 "SUBQ",
568
569 "SBBB",
570 "SBBW",
571 "SBBL",
572 "SBBQ",
573
574 "LOGICB",
575 "LOGICW",
576 "LOGICL",
577 "LOGICQ",
578
579 "INCB",
580 "INCW",
581 "INCL",
582 "INCQ",
583
584 "DECB",
585 "DECW",
586 "DECL",
587 "DECQ",
588
589 "SHLB",
590 "SHLW",
591 "SHLL",
592 "SHLQ",
593
594 "SARB",
595 "SARW",
596 "SARL",
597 "SARQ",
598 };
599
600 static void
cpu_x86_dump_seg_cache(CPUX86State * env,FILE * f,int (* cpu_fprintf)(FILE * f,const char * fmt,...),const char * name,struct SegmentCache * sc)601 cpu_x86_dump_seg_cache(CPUX86State *env, FILE *f,
602 int (*cpu_fprintf)(FILE *f, const char *fmt, ...),
603 const char *name, struct SegmentCache *sc)
604 {
605 #ifdef TARGET_X86_64
606 if (env->hflags & HF_CS64_MASK) {
607 cpu_fprintf(f, "%-3s=%04x %016" PRIx64 " %08x %08x", name,
608 sc->selector, sc->base, sc->limit, sc->flags);
609 } else
610 #endif
611 {
612 cpu_fprintf(f, "%-3s=%04x %08x %08x %08x", name, sc->selector,
613 (uint32_t)sc->base, sc->limit, sc->flags);
614 }
615
616 if (!(env->hflags & HF_PE_MASK) || !(sc->flags & DESC_P_MASK))
617 goto done;
618
619 cpu_fprintf(f, " DPL=%d ", (sc->flags & DESC_DPL_MASK) >> DESC_DPL_SHIFT);
620 if (sc->flags & DESC_S_MASK) {
621 if (sc->flags & DESC_CS_MASK) {
622 cpu_fprintf(f, (sc->flags & DESC_L_MASK) ? "CS64" :
623 ((sc->flags & DESC_B_MASK) ? "CS32" : "CS16"));
624 cpu_fprintf(f, " [%c%c", (sc->flags & DESC_C_MASK) ? 'C' : '-',
625 (sc->flags & DESC_R_MASK) ? 'R' : '-');
626 } else {
627 cpu_fprintf(f, (sc->flags & DESC_B_MASK) ? "DS " : "DS16");
628 cpu_fprintf(f, " [%c%c", (sc->flags & DESC_E_MASK) ? 'E' : '-',
629 (sc->flags & DESC_W_MASK) ? 'W' : '-');
630 }
631 cpu_fprintf(f, "%c]", (sc->flags & DESC_A_MASK) ? 'A' : '-');
632 } else {
633 static const char *sys_type_name[2][16] = {
634 { /* 32 bit mode */
635 "Reserved", "TSS16-avl", "LDT", "TSS16-busy",
636 "CallGate16", "TaskGate", "IntGate16", "TrapGate16",
637 "Reserved", "TSS32-avl", "Reserved", "TSS32-busy",
638 "CallGate32", "Reserved", "IntGate32", "TrapGate32"
639 },
640 { /* 64 bit mode */
641 "<hiword>", "Reserved", "LDT", "Reserved", "Reserved",
642 "Reserved", "Reserved", "Reserved", "Reserved",
643 "TSS64-avl", "Reserved", "TSS64-busy", "CallGate64",
644 "Reserved", "IntGate64", "TrapGate64"
645 }
646 };
647 cpu_fprintf(f, sys_type_name[(env->hflags & HF_LMA_MASK) ? 1 : 0]
648 [(sc->flags & DESC_TYPE_MASK)
649 >> DESC_TYPE_SHIFT]);
650 }
651 done:
652 cpu_fprintf(f, "\n");
653 }
654
cpu_dump_state(CPUState * cpu,FILE * f,int (* cpu_fprintf)(FILE * f,const char * fmt,...),int flags)655 void cpu_dump_state(CPUState *cpu, FILE *f,
656 int (*cpu_fprintf)(FILE *f, const char *fmt, ...),
657 int flags)
658 {
659 CPUX86State *env = cpu->env_ptr;
660 int eflags, i, nb;
661 char cc_op_name[32];
662 static const char *seg_name[6] = { "ES", "CS", "SS", "DS", "FS", "GS" };
663
664 if (kvm_enabled())
665 kvm_arch_get_registers(cpu);
666
667 #ifdef CONFIG_HAX
668 if (hax_enabled())
669 hax_arch_get_registers(cpu);
670 #endif
671
672 eflags = env->eflags;
673 #ifdef TARGET_X86_64
674 if (env->hflags & HF_CS64_MASK) {
675 cpu_fprintf(f,
676 "RAX=%016" PRIx64 " RBX=%016" PRIx64 " RCX=%016" PRIx64 " RDX=%016" PRIx64 "\n"
677 "RSI=%016" PRIx64 " RDI=%016" PRIx64 " RBP=%016" PRIx64 " RSP=%016" PRIx64 "\n"
678 "R8 =%016" PRIx64 " R9 =%016" PRIx64 " R10=%016" PRIx64 " R11=%016" PRIx64 "\n"
679 "R12=%016" PRIx64 " R13=%016" PRIx64 " R14=%016" PRIx64 " R15=%016" PRIx64 "\n"
680 "RIP=%016" PRIx64 " RFL=%08x [%c%c%c%c%c%c%c] CPL=%d II=%d A20=%d SMM=%d HLT=%d\n",
681 env->regs[R_EAX],
682 env->regs[R_EBX],
683 env->regs[R_ECX],
684 env->regs[R_EDX],
685 env->regs[R_ESI],
686 env->regs[R_EDI],
687 env->regs[R_EBP],
688 env->regs[R_ESP],
689 env->regs[8],
690 env->regs[9],
691 env->regs[10],
692 env->regs[11],
693 env->regs[12],
694 env->regs[13],
695 env->regs[14],
696 env->regs[15],
697 env->eip, eflags,
698 eflags & DF_MASK ? 'D' : '-',
699 eflags & CC_O ? 'O' : '-',
700 eflags & CC_S ? 'S' : '-',
701 eflags & CC_Z ? 'Z' : '-',
702 eflags & CC_A ? 'A' : '-',
703 eflags & CC_P ? 'P' : '-',
704 eflags & CC_C ? 'C' : '-',
705 env->hflags & HF_CPL_MASK,
706 (env->hflags >> HF_INHIBIT_IRQ_SHIFT) & 1,
707 (int)(env->a20_mask >> 20) & 1,
708 (env->hflags >> HF_SMM_SHIFT) & 1,
709 cpu->halted);
710 } else
711 #endif
712 {
713 cpu_fprintf(f, "EAX=%08x EBX=%08x ECX=%08x EDX=%08x\n"
714 "ESI=%08x EDI=%08x EBP=%08x ESP=%08x\n"
715 "EIP=%08x EFL=%08x [%c%c%c%c%c%c%c] CPL=%d II=%d A20=%d SMM=%d HLT=%d\n",
716 (uint32_t)env->regs[R_EAX],
717 (uint32_t)env->regs[R_EBX],
718 (uint32_t)env->regs[R_ECX],
719 (uint32_t)env->regs[R_EDX],
720 (uint32_t)env->regs[R_ESI],
721 (uint32_t)env->regs[R_EDI],
722 (uint32_t)env->regs[R_EBP],
723 (uint32_t)env->regs[R_ESP],
724 (uint32_t)env->eip, eflags,
725 eflags & DF_MASK ? 'D' : '-',
726 eflags & CC_O ? 'O' : '-',
727 eflags & CC_S ? 'S' : '-',
728 eflags & CC_Z ? 'Z' : '-',
729 eflags & CC_A ? 'A' : '-',
730 eflags & CC_P ? 'P' : '-',
731 eflags & CC_C ? 'C' : '-',
732 env->hflags & HF_CPL_MASK,
733 (env->hflags >> HF_INHIBIT_IRQ_SHIFT) & 1,
734 (int)(env->a20_mask >> 20) & 1,
735 (env->hflags >> HF_SMM_SHIFT) & 1,
736 cpu->halted);
737 }
738
739 for(i = 0; i < 6; i++) {
740 cpu_x86_dump_seg_cache(env, f, cpu_fprintf, seg_name[i],
741 &env->segs[i]);
742 }
743 cpu_x86_dump_seg_cache(env, f, cpu_fprintf, "LDT", &env->ldt);
744 cpu_x86_dump_seg_cache(env, f, cpu_fprintf, "TR", &env->tr);
745
746 #ifdef TARGET_X86_64
747 if (env->hflags & HF_LMA_MASK) {
748 cpu_fprintf(f, "GDT= %016" PRIx64 " %08x\n",
749 env->gdt.base, env->gdt.limit);
750 cpu_fprintf(f, "IDT= %016" PRIx64 " %08x\n",
751 env->idt.base, env->idt.limit);
752 cpu_fprintf(f, "CR0=%08x CR2=%016" PRIx64 " CR3=%016" PRIx64 " CR4=%08x\n",
753 (uint32_t)env->cr[0],
754 env->cr[2],
755 env->cr[3],
756 (uint32_t)env->cr[4]);
757 for(i = 0; i < 4; i++)
758 cpu_fprintf(f, "DR%d=%016" PRIx64 " ", i, env->dr[i]);
759 cpu_fprintf(f, "\nDR6=%016" PRIx64 " DR7=%016" PRIx64 "\n",
760 env->dr[6], env->dr[7]);
761 } else
762 #endif
763 {
764 cpu_fprintf(f, "GDT= %08x %08x\n",
765 (uint32_t)env->gdt.base, env->gdt.limit);
766 cpu_fprintf(f, "IDT= %08x %08x\n",
767 (uint32_t)env->idt.base, env->idt.limit);
768 cpu_fprintf(f, "CR0=%08x CR2=%08x CR3=%08x CR4=%08x\n",
769 (uint32_t)env->cr[0],
770 (uint32_t)env->cr[2],
771 (uint32_t)env->cr[3],
772 (uint32_t)env->cr[4]);
773 for(i = 0; i < 4; i++)
774 cpu_fprintf(f, "DR%d=%08x ", i, env->dr[i]);
775 cpu_fprintf(f, "\nDR6=%08x DR7=%08x\n", env->dr[6], env->dr[7]);
776 }
777 if (flags & X86_DUMP_CCOP) {
778 if ((unsigned)env->cc_op < CC_OP_NB)
779 snprintf(cc_op_name, sizeof(cc_op_name), "%s", cc_op_str[env->cc_op]);
780 else
781 snprintf(cc_op_name, sizeof(cc_op_name), "[%d]", env->cc_op);
782 #ifdef TARGET_X86_64
783 if (env->hflags & HF_CS64_MASK) {
784 cpu_fprintf(f, "CCS=%016" PRIx64 " CCD=%016" PRIx64 " CCO=%-8s\n",
785 env->cc_src, env->cc_dst,
786 cc_op_name);
787 } else
788 #endif
789 {
790 cpu_fprintf(f, "CCS=%08x CCD=%08x CCO=%-8s\n",
791 (uint32_t)env->cc_src, (uint32_t)env->cc_dst,
792 cc_op_name);
793 }
794 }
795 if (flags & X86_DUMP_FPU) {
796 int fptag;
797 fptag = 0;
798 for(i = 0; i < 8; i++) {
799 fptag |= ((!env->fptags[i]) << i);
800 }
801 cpu_fprintf(f, "FCW=%04x FSW=%04x [ST=%d] FTW=%02x MXCSR=%08x\n",
802 env->fpuc,
803 (env->fpus & ~0x3800) | (env->fpstt & 0x7) << 11,
804 env->fpstt,
805 fptag,
806 env->mxcsr);
807 for(i=0;i<8;i++) {
808 cpu_fprintf(f, "FPR%d=%016" PRIx64,
809 i, env->fpregs[i].mmx.q);
810 if ((i & 1) == 1)
811 cpu_fprintf(f, "\n");
812 else
813 cpu_fprintf(f, " ");
814 }
815 if (env->hflags & HF_CS64_MASK)
816 nb = 16;
817 else
818 nb = 8;
819 for(i=0;i<nb;i++) {
820 cpu_fprintf(f, "XMM%02d=%08x%08x%08x%08x",
821 i,
822 env->xmm_regs[i].XMM_L(3),
823 env->xmm_regs[i].XMM_L(2),
824 env->xmm_regs[i].XMM_L(1),
825 env->xmm_regs[i].XMM_L(0));
826 if ((i & 1) == 1)
827 cpu_fprintf(f, "\n");
828 else
829 cpu_fprintf(f, " ");
830 }
831 }
832 }
833
834 /***********************************************************/
835 /* x86 mmu */
836 /* XXX: add PGE support */
837
cpu_x86_set_a20(CPUX86State * env,int a20_state)838 void cpu_x86_set_a20(CPUX86State *env, int a20_state)
839 {
840 a20_state = (a20_state != 0);
841 if (a20_state != ((env->a20_mask >> 20) & 1)) {
842 #if defined(DEBUG_MMU)
843 printf("A20 update: a20=%d\n", a20_state);
844 #endif
845 /* if the cpu is currently executing code, we must unlink it and
846 all the potentially executing TB */
847 cpu_interrupt(ENV_GET_CPU(env), CPU_INTERRUPT_EXITTB);
848
849 /* when a20 is changed, all the MMU mappings are invalid, so
850 we must flush everything */
851 tlb_flush(env, 1);
852 env->a20_mask = (~0x100000) | (a20_state << 20);
853 }
854 }
855
cpu_x86_update_cr0(CPUX86State * env,uint32_t new_cr0)856 void cpu_x86_update_cr0(CPUX86State *env, uint32_t new_cr0)
857 {
858 int pe_state;
859
860 #if defined(DEBUG_MMU)
861 printf("CR0 update: CR0=0x%08x\n", new_cr0);
862 #endif
863 if ((new_cr0 & (CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK)) !=
864 (env->cr[0] & (CR0_PG_MASK | CR0_WP_MASK | CR0_PE_MASK))) {
865 tlb_flush(env, 1);
866 }
867
868 #ifdef TARGET_X86_64
869 if (!(env->cr[0] & CR0_PG_MASK) && (new_cr0 & CR0_PG_MASK) &&
870 (env->efer & MSR_EFER_LME)) {
871 /* enter in long mode */
872 /* XXX: generate an exception */
873 if (!(env->cr[4] & CR4_PAE_MASK))
874 return;
875 env->efer |= MSR_EFER_LMA;
876 env->hflags |= HF_LMA_MASK;
877 } else if ((env->cr[0] & CR0_PG_MASK) && !(new_cr0 & CR0_PG_MASK) &&
878 (env->efer & MSR_EFER_LMA)) {
879 /* exit long mode */
880 env->efer &= ~MSR_EFER_LMA;
881 env->hflags &= ~(HF_LMA_MASK | HF_CS64_MASK);
882 env->eip &= 0xffffffff;
883 }
884 #endif
885 env->cr[0] = new_cr0 | CR0_ET_MASK;
886
887 /* update PE flag in hidden flags */
888 pe_state = (env->cr[0] & CR0_PE_MASK);
889 env->hflags = (env->hflags & ~HF_PE_MASK) | (pe_state << HF_PE_SHIFT);
890 /* ensure that ADDSEG is always set in real mode */
891 env->hflags |= ((pe_state ^ 1) << HF_ADDSEG_SHIFT);
892 /* update FPU flags */
893 env->hflags = (env->hflags & ~(HF_MP_MASK | HF_EM_MASK | HF_TS_MASK)) |
894 ((new_cr0 << (HF_MP_SHIFT - 1)) & (HF_MP_MASK | HF_EM_MASK | HF_TS_MASK));
895 }
896
897 /* XXX: in legacy PAE mode, generate a GPF if reserved bits are set in
898 the PDPT */
cpu_x86_update_cr3(CPUX86State * env,target_ulong new_cr3)899 void cpu_x86_update_cr3(CPUX86State *env, target_ulong new_cr3)
900 {
901 env->cr[3] = new_cr3;
902 if (env->cr[0] & CR0_PG_MASK) {
903 #if defined(DEBUG_MMU)
904 printf("CR3 update: CR3=" TARGET_FMT_lx "\n", new_cr3);
905 #endif
906 tlb_flush(env, 0);
907 }
908 }
909
cpu_x86_update_cr4(CPUX86State * env,uint32_t new_cr4)910 void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4)
911 {
912 #if defined(DEBUG_MMU)
913 printf("CR4 update: CR4=%08x\n", (uint32_t)env->cr[4]);
914 #endif
915 if ((new_cr4 & (CR4_PGE_MASK | CR4_PAE_MASK | CR4_PSE_MASK)) !=
916 (env->cr[4] & (CR4_PGE_MASK | CR4_PAE_MASK | CR4_PSE_MASK))) {
917 tlb_flush(env, 1);
918 }
919 /* SSE handling */
920 if (!(env->cpuid_features & CPUID_SSE))
921 new_cr4 &= ~CR4_OSFXSR_MASK;
922 if (new_cr4 & CR4_OSFXSR_MASK)
923 env->hflags |= HF_OSFXSR_MASK;
924 else
925 env->hflags &= ~HF_OSFXSR_MASK;
926
927 env->cr[4] = new_cr4;
928 }
929
930 #if defined(CONFIG_USER_ONLY)
931
cpu_x86_handle_mmu_fault(CPUX86State * env,target_ulong addr,int is_write,int mmu_idx)932 int cpu_x86_handle_mmu_fault(CPUX86State *env, target_ulong addr,
933 int is_write, int mmu_idx)
934 {
935 /* user mode only emulation */
936 is_write &= 1;
937 env->cr[2] = addr;
938 env->error_code = (is_write << PG_ERROR_W_BIT);
939 env->error_code |= PG_ERROR_U_MASK;
940 env->exception_index = EXCP0E_PAGE;
941 return 1;
942 }
943
cpu_get_phys_page_debug(CPUX86State * env,target_ulong addr)944 hwaddr cpu_get_phys_page_debug(CPUX86State *env, target_ulong addr)
945 {
946 return addr;
947 }
948
949 #else
950
951 /* XXX: This value should match the one returned by CPUID
952 * and in exec.c */
953 #if defined(TARGET_X86_64)
954 # define PHYS_ADDR_MASK 0xfffffff000LL
955 #else
956 # define PHYS_ADDR_MASK 0xffffff000LL
957 #endif
958
959 /* return value:
960 -1 = cannot handle fault
961 0 = nothing more to do
962 1 = generate PF fault
963 */
cpu_x86_handle_mmu_fault(CPUX86State * env,target_ulong addr,int is_write1,int mmu_idx)964 int cpu_x86_handle_mmu_fault(CPUX86State *env, target_ulong addr,
965 int is_write1, int mmu_idx)
966 {
967 uint64_t ptep, pte;
968 target_ulong pde_addr, pte_addr;
969 int error_code, is_dirty, prot, page_size, is_write, is_user;
970 hwaddr paddr;
971 uint32_t page_offset;
972 target_ulong vaddr, virt_addr;
973
974 is_user = mmu_idx == MMU_USER_IDX;
975 #if defined(DEBUG_MMU)
976 printf("MMU fault: addr=" TARGET_FMT_lx " w=%d u=%d eip=" TARGET_FMT_lx "\n",
977 addr, is_write1, is_user, env->eip);
978 #endif
979 is_write = is_write1 & 1;
980
981 if (!(env->cr[0] & CR0_PG_MASK)) {
982 pte = addr;
983 virt_addr = addr & TARGET_PAGE_MASK;
984 prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
985 page_size = 4096;
986 goto do_mapping;
987 }
988
989 if (env->cr[4] & CR4_PAE_MASK) {
990 uint64_t pde, pdpe;
991 target_ulong pdpe_addr;
992
993 #ifdef TARGET_X86_64
994 if (env->hflags & HF_LMA_MASK) {
995 uint64_t pml4e_addr, pml4e;
996 int32_t sext;
997
998 /* test virtual address sign extension */
999 sext = (int64_t)addr >> 47;
1000 if (sext != 0 && sext != -1) {
1001 env->error_code = 0;
1002 env->exception_index = EXCP0D_GPF;
1003 return 1;
1004 }
1005
1006 pml4e_addr = ((env->cr[3] & ~0xfff) + (((addr >> 39) & 0x1ff) << 3)) &
1007 env->a20_mask;
1008 pml4e = ldq_phys(pml4e_addr);
1009 if (!(pml4e & PG_PRESENT_MASK)) {
1010 error_code = 0;
1011 goto do_fault;
1012 }
1013 if (!(env->efer & MSR_EFER_NXE) && (pml4e & PG_NX_MASK)) {
1014 error_code = PG_ERROR_RSVD_MASK;
1015 goto do_fault;
1016 }
1017 if (!(pml4e & PG_ACCESSED_MASK)) {
1018 pml4e |= PG_ACCESSED_MASK;
1019 stl_phys_notdirty(pml4e_addr, pml4e);
1020 }
1021 ptep = pml4e ^ PG_NX_MASK;
1022 pdpe_addr = ((pml4e & PHYS_ADDR_MASK) + (((addr >> 30) & 0x1ff) << 3)) &
1023 env->a20_mask;
1024 pdpe = ldq_phys(pdpe_addr);
1025 if (!(pdpe & PG_PRESENT_MASK)) {
1026 error_code = 0;
1027 goto do_fault;
1028 }
1029 if (!(env->efer & MSR_EFER_NXE) && (pdpe & PG_NX_MASK)) {
1030 error_code = PG_ERROR_RSVD_MASK;
1031 goto do_fault;
1032 }
1033 ptep &= pdpe ^ PG_NX_MASK;
1034 if (!(pdpe & PG_ACCESSED_MASK)) {
1035 pdpe |= PG_ACCESSED_MASK;
1036 stl_phys_notdirty(pdpe_addr, pdpe);
1037 }
1038 } else
1039 #endif
1040 {
1041 /* XXX: load them when cr3 is loaded ? */
1042 pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
1043 env->a20_mask;
1044 pdpe = ldq_phys(pdpe_addr);
1045 if (!(pdpe & PG_PRESENT_MASK)) {
1046 error_code = 0;
1047 goto do_fault;
1048 }
1049 ptep = PG_NX_MASK | PG_USER_MASK | PG_RW_MASK;
1050 }
1051
1052 pde_addr = ((pdpe & PHYS_ADDR_MASK) + (((addr >> 21) & 0x1ff) << 3)) &
1053 env->a20_mask;
1054 pde = ldq_phys(pde_addr);
1055 if (!(pde & PG_PRESENT_MASK)) {
1056 error_code = 0;
1057 goto do_fault;
1058 }
1059 if (!(env->efer & MSR_EFER_NXE) && (pde & PG_NX_MASK)) {
1060 error_code = PG_ERROR_RSVD_MASK;
1061 goto do_fault;
1062 }
1063 ptep &= pde ^ PG_NX_MASK;
1064 if (pde & PG_PSE_MASK) {
1065 /* 2 MB page */
1066 page_size = 2048 * 1024;
1067 ptep ^= PG_NX_MASK;
1068 if ((ptep & PG_NX_MASK) && is_write1 == 2)
1069 goto do_fault_protect;
1070 if (is_user) {
1071 if (!(ptep & PG_USER_MASK))
1072 goto do_fault_protect;
1073 if (is_write && !(ptep & PG_RW_MASK))
1074 goto do_fault_protect;
1075 } else {
1076 if ((env->cr[0] & CR0_WP_MASK) &&
1077 is_write && !(ptep & PG_RW_MASK))
1078 goto do_fault_protect;
1079 }
1080 is_dirty = is_write && !(pde & PG_DIRTY_MASK);
1081 if (!(pde & PG_ACCESSED_MASK) || is_dirty) {
1082 pde |= PG_ACCESSED_MASK;
1083 if (is_dirty)
1084 pde |= PG_DIRTY_MASK;
1085 stl_phys_notdirty(pde_addr, pde);
1086 }
1087 /* align to page_size */
1088 pte = pde & ((PHYS_ADDR_MASK & ~(page_size - 1)) | 0xfff);
1089 virt_addr = addr & ~(page_size - 1);
1090 } else {
1091 /* 4 KB page */
1092 if (!(pde & PG_ACCESSED_MASK)) {
1093 pde |= PG_ACCESSED_MASK;
1094 stl_phys_notdirty(pde_addr, pde);
1095 }
1096 pte_addr = ((pde & PHYS_ADDR_MASK) + (((addr >> 12) & 0x1ff) << 3)) &
1097 env->a20_mask;
1098 pte = ldq_phys(pte_addr);
1099 if (!(pte & PG_PRESENT_MASK)) {
1100 error_code = 0;
1101 goto do_fault;
1102 }
1103 if (!(env->efer & MSR_EFER_NXE) && (pte & PG_NX_MASK)) {
1104 error_code = PG_ERROR_RSVD_MASK;
1105 goto do_fault;
1106 }
1107 /* combine pde and pte nx, user and rw protections */
1108 ptep &= pte ^ PG_NX_MASK;
1109 ptep ^= PG_NX_MASK;
1110 if ((ptep & PG_NX_MASK) && is_write1 == 2)
1111 goto do_fault_protect;
1112 if (is_user) {
1113 if (!(ptep & PG_USER_MASK))
1114 goto do_fault_protect;
1115 if (is_write && !(ptep & PG_RW_MASK))
1116 goto do_fault_protect;
1117 } else {
1118 if ((env->cr[0] & CR0_WP_MASK) &&
1119 is_write && !(ptep & PG_RW_MASK))
1120 goto do_fault_protect;
1121 }
1122 is_dirty = is_write && !(pte & PG_DIRTY_MASK);
1123 if (!(pte & PG_ACCESSED_MASK) || is_dirty) {
1124 pte |= PG_ACCESSED_MASK;
1125 if (is_dirty)
1126 pte |= PG_DIRTY_MASK;
1127 stl_phys_notdirty(pte_addr, pte);
1128 }
1129 page_size = 4096;
1130 virt_addr = addr & ~0xfff;
1131 pte = pte & (PHYS_ADDR_MASK | 0xfff);
1132 }
1133 } else {
1134 uint32_t pde;
1135
1136 /* page directory entry */
1137 pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) &
1138 env->a20_mask;
1139 pde = ldl_phys(pde_addr);
1140 if (!(pde & PG_PRESENT_MASK)) {
1141 error_code = 0;
1142 goto do_fault;
1143 }
1144 /* if PSE bit is set, then we use a 4MB page */
1145 if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
1146 page_size = 4096 * 1024;
1147 if (is_user) {
1148 if (!(pde & PG_USER_MASK))
1149 goto do_fault_protect;
1150 if (is_write && !(pde & PG_RW_MASK))
1151 goto do_fault_protect;
1152 } else {
1153 if ((env->cr[0] & CR0_WP_MASK) &&
1154 is_write && !(pde & PG_RW_MASK))
1155 goto do_fault_protect;
1156 }
1157 is_dirty = is_write && !(pde & PG_DIRTY_MASK);
1158 if (!(pde & PG_ACCESSED_MASK) || is_dirty) {
1159 pde |= PG_ACCESSED_MASK;
1160 if (is_dirty)
1161 pde |= PG_DIRTY_MASK;
1162 stl_phys_notdirty(pde_addr, pde);
1163 }
1164
1165 pte = pde & ~( (page_size - 1) & ~0xfff); /* align to page_size */
1166 ptep = pte;
1167 virt_addr = addr & ~(page_size - 1);
1168 } else {
1169 if (!(pde & PG_ACCESSED_MASK)) {
1170 pde |= PG_ACCESSED_MASK;
1171 stl_phys_notdirty(pde_addr, pde);
1172 }
1173
1174 /* page directory entry */
1175 pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) &
1176 env->a20_mask;
1177 pte = ldl_phys(pte_addr);
1178 if (!(pte & PG_PRESENT_MASK)) {
1179 error_code = 0;
1180 goto do_fault;
1181 }
1182 /* combine pde and pte user and rw protections */
1183 ptep = pte & pde;
1184 if (is_user) {
1185 if (!(ptep & PG_USER_MASK))
1186 goto do_fault_protect;
1187 if (is_write && !(ptep & PG_RW_MASK))
1188 goto do_fault_protect;
1189 } else {
1190 if ((env->cr[0] & CR0_WP_MASK) &&
1191 is_write && !(ptep & PG_RW_MASK))
1192 goto do_fault_protect;
1193 }
1194 is_dirty = is_write && !(pte & PG_DIRTY_MASK);
1195 if (!(pte & PG_ACCESSED_MASK) || is_dirty) {
1196 pte |= PG_ACCESSED_MASK;
1197 if (is_dirty)
1198 pte |= PG_DIRTY_MASK;
1199 stl_phys_notdirty(pte_addr, pte);
1200 }
1201 page_size = 4096;
1202 virt_addr = addr & ~0xfff;
1203 }
1204 }
1205 /* the page can be put in the TLB */
1206 prot = PAGE_READ;
1207 if (!(ptep & PG_NX_MASK))
1208 prot |= PAGE_EXEC;
1209 if (pte & PG_DIRTY_MASK) {
1210 /* only set write access if already dirty... otherwise wait
1211 for dirty access */
1212 if (is_user) {
1213 if (ptep & PG_RW_MASK)
1214 prot |= PAGE_WRITE;
1215 } else {
1216 if (!(env->cr[0] & CR0_WP_MASK) ||
1217 (ptep & PG_RW_MASK))
1218 prot |= PAGE_WRITE;
1219 }
1220 }
1221 do_mapping:
1222 pte = pte & env->a20_mask;
1223
1224 /* Even if 4MB pages, we map only one 4KB page in the cache to
1225 avoid filling it too fast */
1226 page_offset = (addr & TARGET_PAGE_MASK) & (page_size - 1);
1227 paddr = (pte & TARGET_PAGE_MASK) + page_offset;
1228 vaddr = virt_addr + page_offset;
1229
1230 tlb_set_page(env, vaddr, paddr, prot, mmu_idx, page_size);
1231 return 0;
1232 do_fault_protect:
1233 error_code = PG_ERROR_P_MASK;
1234 do_fault:
1235 error_code |= (is_write << PG_ERROR_W_BIT);
1236 if (is_user)
1237 error_code |= PG_ERROR_U_MASK;
1238 if (is_write1 == 2 &&
1239 (env->efer & MSR_EFER_NXE) &&
1240 (env->cr[4] & CR4_PAE_MASK))
1241 error_code |= PG_ERROR_I_D_MASK;
1242 if (env->intercept_exceptions & (1 << EXCP0E_PAGE)) {
1243 /* cr2 is not modified in case of exceptions */
1244 stq_phys(env->vm_vmcb + offsetof(struct vmcb, control.exit_info_2),
1245 addr);
1246 } else {
1247 env->cr[2] = addr;
1248 }
1249 env->error_code = error_code;
1250 env->exception_index = EXCP0E_PAGE;
1251 return 1;
1252 }
1253
cpu_get_phys_page_debug(CPUX86State * env,target_ulong addr)1254 hwaddr cpu_get_phys_page_debug(CPUX86State *env, target_ulong addr)
1255 {
1256 target_ulong pde_addr, pte_addr;
1257 uint64_t pte;
1258 hwaddr paddr;
1259 uint32_t page_offset;
1260 int page_size;
1261
1262 if (env->cr[4] & CR4_PAE_MASK) {
1263 target_ulong pdpe_addr;
1264 uint64_t pde, pdpe;
1265
1266 #ifdef TARGET_X86_64
1267 if (env->hflags & HF_LMA_MASK) {
1268 uint64_t pml4e_addr, pml4e;
1269 int32_t sext;
1270
1271 /* test virtual address sign extension */
1272 sext = (int64_t)addr >> 47;
1273 if (sext != 0 && sext != -1)
1274 return -1;
1275
1276 pml4e_addr = ((env->cr[3] & ~0xfff) + (((addr >> 39) & 0x1ff) << 3)) &
1277 env->a20_mask;
1278 pml4e = ldq_phys(pml4e_addr);
1279 if (!(pml4e & PG_PRESENT_MASK))
1280 return -1;
1281
1282 pdpe_addr = ((pml4e & ~0xfff) + (((addr >> 30) & 0x1ff) << 3)) &
1283 env->a20_mask;
1284 pdpe = ldq_phys(pdpe_addr);
1285 if (!(pdpe & PG_PRESENT_MASK))
1286 return -1;
1287 } else
1288 #endif
1289 {
1290 pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
1291 env->a20_mask;
1292 pdpe = ldq_phys(pdpe_addr);
1293 if (!(pdpe & PG_PRESENT_MASK))
1294 return -1;
1295 }
1296
1297 pde_addr = ((pdpe & ~0xfff) + (((addr >> 21) & 0x1ff) << 3)) &
1298 env->a20_mask;
1299 pde = ldq_phys(pde_addr);
1300 if (!(pde & PG_PRESENT_MASK)) {
1301 return -1;
1302 }
1303 if (pde & PG_PSE_MASK) {
1304 /* 2 MB page */
1305 page_size = 2048 * 1024;
1306 pte = pde & ~( (page_size - 1) & ~0xfff); /* align to page_size */
1307 } else {
1308 /* 4 KB page */
1309 pte_addr = ((pde & ~0xfff) + (((addr >> 12) & 0x1ff) << 3)) &
1310 env->a20_mask;
1311 page_size = 4096;
1312 pte = ldq_phys(pte_addr);
1313 }
1314 if (!(pte & PG_PRESENT_MASK))
1315 return -1;
1316 } else {
1317 uint32_t pde;
1318
1319 if (!(env->cr[0] & CR0_PG_MASK)) {
1320 pte = addr;
1321 page_size = 4096;
1322 } else {
1323 /* page directory entry */
1324 pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & env->a20_mask;
1325 pde = ldl_phys(pde_addr);
1326 if (!(pde & PG_PRESENT_MASK))
1327 return -1;
1328 if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
1329 pte = pde & ~0x003ff000; /* align to 4MB */
1330 page_size = 4096 * 1024;
1331 } else {
1332 /* page directory entry */
1333 pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & env->a20_mask;
1334 pte = ldl_phys(pte_addr);
1335 if (!(pte & PG_PRESENT_MASK))
1336 return -1;
1337 page_size = 4096;
1338 }
1339 }
1340 pte = pte & env->a20_mask;
1341 }
1342
1343 page_offset = (addr & TARGET_PAGE_MASK) & (page_size - 1);
1344 paddr = (pte & TARGET_PAGE_MASK) + page_offset;
1345 return paddr;
1346 }
1347
hw_breakpoint_insert(CPUX86State * env,int index)1348 void hw_breakpoint_insert(CPUX86State *env, int index)
1349 {
1350 int type, err = 0;
1351
1352 switch (hw_breakpoint_type(env->dr[7], index)) {
1353 case 0:
1354 if (hw_breakpoint_enabled(env->dr[7], index))
1355 err = cpu_breakpoint_insert(env, env->dr[index], BP_CPU,
1356 &env->cpu_breakpoint[index]);
1357 break;
1358 case 1:
1359 type = BP_CPU | BP_MEM_WRITE;
1360 goto insert_wp;
1361 case 2:
1362 /* No support for I/O watchpoints yet */
1363 break;
1364 case 3:
1365 type = BP_CPU | BP_MEM_ACCESS;
1366 insert_wp:
1367 err = cpu_watchpoint_insert(env, env->dr[index],
1368 hw_breakpoint_len(env->dr[7], index),
1369 type, &env->cpu_watchpoint[index]);
1370 break;
1371 }
1372 if (err)
1373 env->cpu_breakpoint[index] = NULL;
1374 }
1375
hw_breakpoint_remove(CPUX86State * env,int index)1376 void hw_breakpoint_remove(CPUX86State *env, int index)
1377 {
1378 if (!env->cpu_breakpoint[index])
1379 return;
1380 switch (hw_breakpoint_type(env->dr[7], index)) {
1381 case 0:
1382 if (hw_breakpoint_enabled(env->dr[7], index))
1383 cpu_breakpoint_remove_by_ref(env, env->cpu_breakpoint[index]);
1384 break;
1385 case 1:
1386 case 3:
1387 cpu_watchpoint_remove_by_ref(env, env->cpu_watchpoint[index]);
1388 break;
1389 case 2:
1390 /* No support for I/O watchpoints yet */
1391 break;
1392 }
1393 }
1394
check_hw_breakpoints(CPUX86State * env,int force_dr6_update)1395 int check_hw_breakpoints(CPUX86State *env, int force_dr6_update)
1396 {
1397 target_ulong dr6;
1398 int reg, type;
1399 int hit_enabled = 0;
1400
1401 dr6 = env->dr[6] & ~0xf;
1402 for (reg = 0; reg < 4; reg++) {
1403 type = hw_breakpoint_type(env->dr[7], reg);
1404 if ((type == 0 && env->dr[reg] == env->eip) ||
1405 ((type & 1) && env->cpu_watchpoint[reg] &&
1406 (env->cpu_watchpoint[reg]->flags & BP_WATCHPOINT_HIT))) {
1407 dr6 |= 1 << reg;
1408 if (hw_breakpoint_enabled(env->dr[7], reg))
1409 hit_enabled = 1;
1410 }
1411 }
1412 if (hit_enabled || force_dr6_update)
1413 env->dr[6] = dr6;
1414 return hit_enabled;
1415 }
1416
breakpoint_handler(CPUX86State * env)1417 static void breakpoint_handler(CPUX86State *env)
1418 {
1419 CPUBreakpoint *bp;
1420
1421 if (env->watchpoint_hit) {
1422 if (env->watchpoint_hit->flags & BP_CPU) {
1423 env->watchpoint_hit = NULL;
1424 if (check_hw_breakpoints(env, 0))
1425 raise_exception(env, EXCP01_DB);
1426 else
1427 cpu_resume_from_signal(env, NULL);
1428 }
1429 } else {
1430 QTAILQ_FOREACH(bp, &env->breakpoints, entry)
1431 if (bp->pc == env->eip) {
1432 if (bp->flags & BP_CPU) {
1433 check_hw_breakpoints(env, 1);
1434 raise_exception(env, EXCP01_DB);
1435 }
1436 break;
1437 }
1438 }
1439 }
1440
1441
1442 /* This should come from sysemu.h - if we could include it here... */
1443 void qemu_system_reset_request(void);
1444
cpu_inject_x86_mce(CPUX86State * cenv,int bank,uint64_t status,uint64_t mcg_status,uint64_t addr,uint64_t misc)1445 void cpu_inject_x86_mce(CPUX86State *cenv, int bank, uint64_t status,
1446 uint64_t mcg_status, uint64_t addr, uint64_t misc)
1447 {
1448 uint64_t mcg_cap = cenv->mcg_cap;
1449 unsigned bank_num = mcg_cap & 0xff;
1450 uint64_t *banks = cenv->mce_banks;
1451
1452 if (bank >= bank_num || !(status & MCI_STATUS_VAL))
1453 return;
1454
1455 /*
1456 * if MSR_MCG_CTL is not all 1s, the uncorrected error
1457 * reporting is disabled
1458 */
1459 if ((status & MCI_STATUS_UC) && (mcg_cap & MCG_CTL_P) &&
1460 cenv->mcg_ctl != ~(uint64_t)0)
1461 return;
1462 banks += 4 * bank;
1463 /*
1464 * if MSR_MCi_CTL is not all 1s, the uncorrected error
1465 * reporting is disabled for the bank
1466 */
1467 if ((status & MCI_STATUS_UC) && banks[0] != ~(uint64_t)0)
1468 return;
1469 if (status & MCI_STATUS_UC) {
1470 if ((cenv->mcg_status & MCG_STATUS_MCIP) ||
1471 !(cenv->cr[4] & CR4_MCE_MASK)) {
1472 fprintf(stderr, "injects mce exception while previous "
1473 "one is in progress!\n");
1474 qemu_log_mask(CPU_LOG_RESET, "Triple fault\n");
1475 qemu_system_reset_request();
1476 return;
1477 }
1478 if (banks[1] & MCI_STATUS_VAL)
1479 status |= MCI_STATUS_OVER;
1480 banks[2] = addr;
1481 banks[3] = misc;
1482 cenv->mcg_status = mcg_status;
1483 banks[1] = status;
1484 cpu_interrupt(ENV_GET_CPU(cenv), CPU_INTERRUPT_MCE);
1485 } else if (!(banks[1] & MCI_STATUS_VAL)
1486 || !(banks[1] & MCI_STATUS_UC)) {
1487 if (banks[1] & MCI_STATUS_VAL)
1488 status |= MCI_STATUS_OVER;
1489 banks[2] = addr;
1490 banks[3] = misc;
1491 banks[1] = status;
1492 } else
1493 banks[1] |= MCI_STATUS_OVER;
1494 }
1495 #endif /* !CONFIG_USER_ONLY */
1496
mce_init(CPUX86State * cenv)1497 static void mce_init(CPUX86State *cenv)
1498 {
1499 unsigned int bank, bank_num;
1500
1501 if (((cenv->cpuid_version >> 8)&0xf) >= 6
1502 && (cenv->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)) {
1503 cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF;
1504 cenv->mcg_ctl = ~(uint64_t)0;
1505 bank_num = cenv->mcg_cap & 0xff;
1506 cenv->mce_banks = g_malloc0(bank_num * sizeof(uint64_t) * 4);
1507 for (bank = 0; bank < bank_num; bank++)
1508 cenv->mce_banks[bank*4] = ~(uint64_t)0;
1509 }
1510 }
1511
host_cpuid(uint32_t function,uint32_t count,uint32_t * eax,uint32_t * ebx,uint32_t * ecx,uint32_t * edx)1512 static void host_cpuid(uint32_t function, uint32_t count,
1513 uint32_t *eax, uint32_t *ebx,
1514 uint32_t *ecx, uint32_t *edx)
1515 {
1516 #if defined(CONFIG_KVM)
1517 uint32_t vec[4];
1518
1519 #ifdef __x86_64__
1520 asm volatile("cpuid"
1521 : "=a"(vec[0]), "=b"(vec[1]),
1522 "=c"(vec[2]), "=d"(vec[3])
1523 : "0"(function), "c"(count) : "cc");
1524 #else
1525 asm volatile("pusha \n\t"
1526 "cpuid \n\t"
1527 "mov %%eax, 0(%2) \n\t"
1528 "mov %%ebx, 4(%2) \n\t"
1529 "mov %%ecx, 8(%2) \n\t"
1530 "mov %%edx, 12(%2) \n\t"
1531 "popa"
1532 : : "a"(function), "c"(count), "S"(vec)
1533 : "memory", "cc");
1534 #endif
1535
1536 if (eax)
1537 *eax = vec[0];
1538 if (ebx)
1539 *ebx = vec[1];
1540 if (ecx)
1541 *ecx = vec[2];
1542 if (edx)
1543 *edx = vec[3];
1544 #endif
1545 }
1546
cpu_x86_cpuid(CPUX86State * env,uint32_t index,uint32_t count,uint32_t * eax,uint32_t * ebx,uint32_t * ecx,uint32_t * edx)1547 void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
1548 uint32_t *eax, uint32_t *ebx,
1549 uint32_t *ecx, uint32_t *edx)
1550 {
1551 /* test if maximum index reached */
1552 if (index & 0x80000000) {
1553 if (index > env->cpuid_xlevel)
1554 index = env->cpuid_level;
1555 } else {
1556 if (index > env->cpuid_level)
1557 index = env->cpuid_level;
1558 }
1559
1560 switch(index) {
1561 case 0:
1562 *eax = env->cpuid_level;
1563 *ebx = env->cpuid_vendor1;
1564 *edx = env->cpuid_vendor2;
1565 *ecx = env->cpuid_vendor3;
1566
1567 /* sysenter isn't supported on compatibility mode on AMD. and syscall
1568 * isn't supported in compatibility mode on Intel. so advertise the
1569 * actuall cpu, and say goodbye to migration between different vendors
1570 * is you use compatibility mode. */
1571 if (kvm_enabled() && !env->cpuid_vendor_override)
1572 host_cpuid(0, 0, NULL, ebx, ecx, edx);
1573 break;
1574 case 1:
1575 *eax = env->cpuid_version;
1576 if (kvm_enabled() && !env->cpuid_vendor_override) {
1577 /* take only subset of ext features which processor can handle */
1578 uint32_t unused;
1579 host_cpuid(1, 0, NULL, &unused, ecx, &unused);
1580 } else {
1581 *ecx = UINT32_MAX;
1582 }
1583 *ebx = (env->cpuid_apic_id << 24) | 8 << 8; /* CLFLUSH size in quad words, Linux wants it. */
1584 *ecx &= env->cpuid_ext_features;
1585 *edx = env->cpuid_features;
1586
1587 /* "Hypervisor present" bit required for Microsoft SVVP */
1588 if (kvm_enabled())
1589 *ecx |= (1 << 31);
1590 break;
1591 case 2:
1592 /* cache info: needed for Pentium Pro compatibility */
1593 *eax = 1;
1594 *ebx = 0;
1595 *ecx = 0;
1596 *edx = 0x2c307d;
1597 break;
1598 case 4:
1599 /* cache info: needed for Core compatibility */
1600 switch (count) {
1601 case 0: /* L1 dcache info */
1602 *eax = 0x0000121;
1603 *ebx = 0x1c0003f;
1604 *ecx = 0x000003f;
1605 *edx = 0x0000001;
1606 break;
1607 case 1: /* L1 icache info */
1608 *eax = 0x0000122;
1609 *ebx = 0x1c0003f;
1610 *ecx = 0x000003f;
1611 *edx = 0x0000001;
1612 break;
1613 case 2: /* L2 cache info */
1614 *eax = 0x0000143;
1615 *ebx = 0x3c0003f;
1616 *ecx = 0x0000fff;
1617 *edx = 0x0000001;
1618 break;
1619 default: /* end of info */
1620 *eax = 0;
1621 *ebx = 0;
1622 *ecx = 0;
1623 *edx = 0;
1624 break;
1625 }
1626 break;
1627 case 5:
1628 /* mwait info: needed for Core compatibility */
1629 *eax = 0; /* Smallest monitor-line size in bytes */
1630 *ebx = 0; /* Largest monitor-line size in bytes */
1631 *ecx = CPUID_MWAIT_EMX | CPUID_MWAIT_IBE;
1632 *edx = 0;
1633 break;
1634 case 6:
1635 /* Thermal and Power Leaf */
1636 *eax = 0;
1637 *ebx = 0;
1638 *ecx = 0;
1639 *edx = 0;
1640 break;
1641 case 9:
1642 /* Direct Cache Access Information Leaf */
1643 *eax = 0; /* Bits 0-31 in DCA_CAP MSR */
1644 *ebx = 0;
1645 *ecx = 0;
1646 *edx = 0;
1647 break;
1648 case 0xA:
1649 /* Architectural Performance Monitoring Leaf */
1650 *eax = 0;
1651 *ebx = 0;
1652 *ecx = 0;
1653 *edx = 0;
1654 break;
1655 case 0x80000000:
1656 *eax = env->cpuid_xlevel;
1657 *ebx = env->cpuid_vendor1;
1658 *edx = env->cpuid_vendor2;
1659 *ecx = env->cpuid_vendor3;
1660 break;
1661 case 0x80000001:
1662 *eax = env->cpuid_features;
1663 *ebx = 0;
1664 *ecx = env->cpuid_ext3_features;
1665 *edx = env->cpuid_ext2_features;
1666
1667 if (kvm_enabled()) {
1668 uint32_t h_eax, h_edx;
1669
1670 host_cpuid(index, 0, &h_eax, NULL, NULL, &h_edx);
1671
1672 /* disable CPU features that the host does not support */
1673
1674 /* long mode */
1675 if ((h_edx & 0x20000000) == 0 /* || !lm_capable_kernel */)
1676 *edx &= ~0x20000000;
1677 /* syscall */
1678 if ((h_edx & 0x00000800) == 0)
1679 *edx &= ~0x00000800;
1680 /* nx */
1681 if ((h_edx & 0x00100000) == 0)
1682 *edx &= ~0x00100000;
1683
1684 /* disable CPU features that KVM cannot support */
1685
1686 /* svm */
1687 *ecx &= ~4UL;
1688 /* 3dnow */
1689 *edx &= ~0xc0000000;
1690 }
1691 break;
1692 case 0x80000002:
1693 case 0x80000003:
1694 case 0x80000004:
1695 *eax = env->cpuid_model[(index - 0x80000002) * 4 + 0];
1696 *ebx = env->cpuid_model[(index - 0x80000002) * 4 + 1];
1697 *ecx = env->cpuid_model[(index - 0x80000002) * 4 + 2];
1698 *edx = env->cpuid_model[(index - 0x80000002) * 4 + 3];
1699 break;
1700 case 0x80000005:
1701 /* cache info (L1 cache) */
1702 *eax = 0x01ff01ff;
1703 *ebx = 0x01ff01ff;
1704 *ecx = 0x40020140;
1705 *edx = 0x40020140;
1706 break;
1707 case 0x80000006:
1708 /* cache info (L2 cache) */
1709 *eax = 0;
1710 *ebx = 0x42004200;
1711 *ecx = 0x02008140;
1712 *edx = 0;
1713 break;
1714 case 0x80000008:
1715 /* virtual & phys address size in low 2 bytes. */
1716 /* XXX: This value must match the one used in the MMU code. */
1717 if (env->cpuid_ext2_features & CPUID_EXT2_LM) {
1718 /* 64 bit processor */
1719 /* XXX: The physical address space is limited to 42 bits in exec.c. */
1720 *eax = 0x00003028; /* 48 bits virtual, 40 bits physical */
1721 } else {
1722 if (env->cpuid_features & CPUID_PSE36)
1723 *eax = 0x00000024; /* 36 bits physical */
1724 else
1725 *eax = 0x00000020; /* 32 bits physical */
1726 }
1727 *ebx = 0;
1728 *ecx = 0;
1729 *edx = 0;
1730 break;
1731 case 0x8000000A:
1732 *eax = 0x00000001; /* SVM Revision */
1733 *ebx = 0x00000010; /* nr of ASIDs */
1734 *ecx = 0;
1735 *edx = 0; /* optional features */
1736 break;
1737 default:
1738 /* reserved values: zero */
1739 *eax = 0;
1740 *ebx = 0;
1741 *ecx = 0;
1742 *edx = 0;
1743 break;
1744 }
1745 }
1746
cpu_x86_init(const char * cpu_model)1747 CPUX86State *cpu_x86_init(const char *cpu_model)
1748 {
1749 X86CPU *x86_cpu;
1750 CPUX86State *env;
1751 static int inited;
1752
1753 x86_cpu = g_malloc0(sizeof(X86CPU));
1754 env = &x86_cpu->env;
1755 ENV_GET_CPU(env)->env_ptr = env;
1756 CPUState *cpu = ENV_GET_CPU(env);
1757
1758 cpu_exec_init(env);
1759 cpu->cpu_model_str = cpu_model;
1760
1761
1762 /* init various static tables */
1763 if (!inited) {
1764 inited = 1;
1765 optimize_flags_init();
1766 #ifndef CONFIG_USER_ONLY
1767 cpu_set_debug_excp_handler(breakpoint_handler);
1768 #endif
1769 }
1770 if (cpu_x86_register(env, cpu_model) < 0) {
1771 cpu_x86_close(env);
1772 return NULL;
1773 }
1774 mce_init(env);
1775 cpu_reset(cpu);
1776
1777 qemu_init_vcpu(cpu);
1778
1779 if (kvm_enabled()) {
1780 kvm_trim_features(&env->cpuid_features,
1781 kvm_arch_get_supported_cpuid(cpu, 1, R_EDX),
1782 feature_name);
1783 kvm_trim_features(&env->cpuid_ext_features,
1784 kvm_arch_get_supported_cpuid(cpu, 1, R_ECX),
1785 ext_feature_name);
1786 kvm_trim_features(&env->cpuid_ext2_features,
1787 kvm_arch_get_supported_cpuid(cpu, 0x80000001, R_EDX),
1788 ext2_feature_name);
1789 kvm_trim_features(&env->cpuid_ext3_features,
1790 kvm_arch_get_supported_cpuid(cpu, 0x80000001, R_ECX),
1791 ext3_feature_name);
1792 }
1793
1794 return env;
1795 }
1796
1797 #if !defined(CONFIG_USER_ONLY)
do_cpu_init(CPUX86State * env)1798 void do_cpu_init(CPUX86State *env)
1799 {
1800 CPUState *cpu = ENV_GET_CPU(env);
1801 int sipi = cpu->interrupt_request & CPU_INTERRUPT_SIPI;
1802 cpu_reset(cpu);
1803 cpu->interrupt_request = sipi;
1804 apic_init_reset(env);
1805 }
1806
do_cpu_sipi(CPUX86State * env)1807 void do_cpu_sipi(CPUX86State *env)
1808 {
1809 apic_sipi(env);
1810 }
1811 #else
do_cpu_init(CPUX86State * env)1812 void do_cpu_init(CPUX86State *env)
1813 {
1814 }
do_cpu_sipi(CPUX86State * env)1815 void do_cpu_sipi(CPUX86State *env)
1816 {
1817 }
1818 #endif
1819