While the page table walker correctly generates a guest page fault
if a guest tries to execute a non-executable page, the shadow code does
not mark it non-executable.  This means that if a guest accesses an nx
page first with a read access, then subsequent code fetch accesses will
succeed.

Fix by setting the nx bit on shadow ptes.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

The nx bit is awkwardly placed in the 63rd bit position; furthermore it
has a reversed meaning compared to the other bits, which means we can't use
a bitwise and to calculate compounded access masks.

So, we simplify things by creating a new 3-bit exec/write/user access word,
and doing all calculations in that.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

In preparation for multi-threaded guest pte walking, use cmpxchg()
when updating guest pte's. This guarantees that the assignment of the
dirty bit can't be lost if two CPU's are faulting the same address
simultaneously.

[avi: fix kunmap_atomic() parameters]
Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Later we may be able to use the virtual tpr feature, but for now,
just trap it.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Stack instructions are always 64-bit on 64-bit mode; many of the
emulated stack instructions did not take that into account.  Fix by
adding a 'Stack' bitflag and setting the operand size appropriately
during the decode stage (except for 'push r/m', which is in a group
with a few other instructions, so it gets its own treatment).

This fixes random crashes on Vista x64.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

This patch adds code to emulate the access to the cr8 register to the x86
instruction emulator in kvm.  This is needed on svm, where there is no
hardware decode for control register access.
Signed-off-by: NJoerg Roedel <joerg.roedel@amd.com>
Signed-off-by: NMarkus Rechberger <markus.rechberger@amd.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

With apic in userspace, we must exit to userspace after a cr8 write in order
to update the tpr.  But if the apic is in the kernel, the exit is unnecessary.

Noticed by Joerg Roedel.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

We prepare eflags for the emulated instruction, then clobber it with an 'andl'.
Fix by popping eflags as the last thing in the sequence.

Patch taken from Xen (16143:959b4b92b6bf)
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NAvi Kivity <avi@qumranet.com>

Instead of each subarch doing its own thing, add an API for queuing an
injection, and manage failed exception injection centerally (i.e., if
an inject failed due to a shadow page fault, we need to requeue it).
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NNick Piggin <npiggin@suse.de>
Cc: kvm-devel@lists.sourceforge.net
Cc: avi@qumranet.com
Cc: linux-kernel@vger.kernel.org
Signed-off-by: NAvi Kivity <avi@qumranet.com>

This abstracts the detail of x86 hlt and INIT modes into a function.
Signed-off-by: NHollis Blanchard <hollisb@us.ibm.com>
Acked-by: NCarsten Otte <cotte@de.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NHollis Blanchard <hollisb@us.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NHollis Blanchard <hollisb@us.ibm.com>
Acked-by: NCarsten Otte <cotte@de.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NHollis Blanchard <hollisb@us.ibm.com>
Acked-by: NCarsten Otte <cotte@de.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

iosapic supports an additional mmio EOI register compared to ioapic.
Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Change
  dest_Loest_Prio -> IOAPIC_LOWEST_PRIORITY
  dest_Fixed -> IOAPIC_FIXED

the original names are x86 specific, while the ioapic code will be reused
for ia64.
Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

This patch replaces lapic structure with kvm_vcpu in ioapic.c, making ioapic
independent of the local apic, as required by ia64.
Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

This patch removes the KVM specific defines for MSR_EFER that were being used
in the svm support file and migrates all references to use instead the ones
from the kernel headers that are used everywhere else and that have the same
values.
Signed-off-by: NCarlo Marcelo Arenas Belon <carenas@sajinet.com.pe>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Currently, make headers_check barfs due to <asm/kvm.h>, which <linux/kvm.h>
includes, not existing.  Rather than add a zillion <asm/kvm.h>s, export kvm.h
only if the arch actually supports it.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Other archs doesn't need it.
Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Unify the special instruction switch with the regular instruction switch,
and the two byte special instruction switch with the regular two byte
instruction switch.  That makes it much easier to find an instruction or
the place an instruction needs to be added in.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

The rep prefix cleanup left two switch () statements next to each other.
Unify them.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Currently rep processing is handled somewhere in the middle of instruction
processing.  Move it to a sensible place.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

This patch fixes a small issue where sturctures:
	kvm_pic_state
	kvm_ioapic_state

are defined inside x86 specific code and may or may not
be defined in anyway for other architectures. The problem
caused is one cannot compile userspace apps (ex. libkvm)
for other archs since a size cannot be determined for these
structures.
Signed-off-by: NJerone Young <jyoung5@us.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Add emulation for the cmps instruction.  This lets OpenBSD boot on kvm.
Signed-off-by: NGuillaume Thouvenin <guillaume.thouvenin@ext.bull.net>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Previous patches have removed the dependency on cr2; we can now stop passing
it to the emulator and rename uses to 'memop'.
Signed-off-by: NSheng Yang <sheng.yang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Mark guest pages as accessed when removed from the shadow page tables for
better lru processing.
Signed-off-by: NIzik Eidus <izike@qumranet.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

mmio was already handled in kvm_arch_vcpu_ioctl_run(), so no need to check
again.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Current implementation is to toggle, which is incorrect.  Patch ported from
corresponding Xen code.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

cmps and scas instructions accept repeat prefixes F3 and F2. So in
order to emulate those prefixed instructions we need to be able to know
if prefixes are REP/REPE/REPZ or REPNE/REPNZ. Currently kvm doesn't make
this distinction. This patch introduces this distinction.
Signed-off-by: NGuillaume Thouvenin <guillaume.thouvenin@ext.bull.net>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Non-x86 archs don't need this mechanism. Move it to arch, and
keep its interface in common.
Signed-off-by: NZhang Xiantao <xiantao.zhang@intel.com>
Acked-by: NCarsten Otte <cotte@de.ibm.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

The state of SECONDARY_VM_EXEC_CONTROL shouldn't depend on in-kernel IRQ chip,
this patch fix this.
Signed-off-by: NSheng Yang <sheng.yang@intel.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

The current cpuid management suffers from several problems, which inhibit
passing through the host feature set to the guest:

 - No way to tell which features the host supports

  While some features can be supported with no changes to kvm, others
  need explicit support.  That means kvm needs to vet the feature set
  before it is passed to the guest.

 - No support for indexed or stateful cpuid entries

  Some cpuid entries depend on ecx as well as on eax, or on internal
  state in the processor (running cpuid multiple times with the same
  input returns different output).  The current cpuid machinery only
  supports keying on eax.

 - No support for save/restore/migrate

  The internal state above needs to be exposed to userspace so it can
  be saved or migrated.

This patch adds extended cpuid support by means of three new ioctls:

 - KVM_GET_SUPPORTED_CPUID: get all cpuid entries the host (and kvm)
   supports

 - KVM_SET_CPUID2: sets the vcpu's cpuid table

 - KVM_GET_CPUID2: gets the vcpu's cpuid table, including hidden state

[avi: fix original KVM_SET_CPUID not removing nx on non-nx hosts as it did
      before]
Signed-off-by: NDan Kenigsberg <danken@qumranet.com>
Signed-off-by: NAvi Kivity <avi@qumranet.com>

We don't want the meaning of guest userspace changing under our feet.
Signed-off-by: NAvi Kivity <avi@qumranet.com>

Rename the awkwardly named variable.
Signed-off-by: NAvi Kivity <avi@qumranet.com>