From patchwork Thu Jun  6 15:24:37 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arthur Chunqi Li <yzt356@gmail.com>
X-Patchwork-Id: 2681461
Return-Path: <kvm-owner@vger.kernel.org>
X-Original-To: patchwork-kvm@patchwork.kernel.org
Delivered-To: patchwork-process-083081@patchwork2.kernel.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by patchwork2.kernel.org (Postfix) with ESMTP id E1D89DF23A
	for <patchwork-kvm@patchwork.kernel.org>;
	Thu,  6 Jun 2013 15:24:57 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1750978Ab3FFPYy (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Thu, 6 Jun 2013 11:24:54 -0400
Received: from mail-pa0-f50.google.com ([209.85.220.50]:38601 "EHLO
	mail-pa0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750752Ab3FFPYx (ORCPT <rfc822; kvm@vger.kernel.org>);
	Thu, 6 Jun 2013 11:24:53 -0400
Received: by mail-pa0-f50.google.com with SMTP id fb1so1823828pad.37
	for <kvm@vger.kernel.org>; Thu, 06 Jun 2013 08:24:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id:x-mailer;
	bh=G5wspUdJBzYMDHftK5/LXMF/HQdF9iTz9YhhJycAT9g=;
	b=INbj5AC86j3NgRsOSG7aP5P4rfp44OkGG9X5gimROO2u+TW1hgCmiRFSxLfFBe5e4k
	VYFQJ7WUD2vKX0UQdaGKhAAuMna1IcuLGGMa7qvDsHCzCiTg7lO1FCrT4z3JAmCvQLms
	gZZR4NHPZw3nbnQMtlTgmkpNUeq/sJIlDIevl6C/G+GsQQAVylcHXtmPfijyBV3CY1n+
	1U4H/fjxYwC7tO72vFE4iBa/1g94m7QOZSR+gOzDDjG6vUAG2sxiBQ5vuHvx10zycVqe
	OsXchhxgWk0VvrwXJ0VtdPDhxq1PnAk73oAAjtbN+HHfzyT5LKaFkXrwep5hcpRTHckt
	o/UA==
X-Received: by 10.66.197.165 with SMTP id iv5mr40199854pac.67.1370532293334;
	Thu, 06 Jun 2013 08:24:53 -0700 (PDT)
Received: from Blade1-02.Blade1-02 ([162.105.146.101])
	by mx.google.com with ESMTPSA id
	ag4sm73268869pbc.20.2013.06.06.08.24.49 for <multiple recipients>
	(version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Thu, 06 Jun 2013 08:24:51 -0700 (PDT)
From: Arthur Chunqi Li <yzt356@gmail.com>
To: kvm@vger.kernel.org
Cc: gleb@redhat.com, pbonzini@redhat.com, Arthur Chunqi Li <yzt356@gmail.com>
Subject: [PATCH 1/2] kvm-unit-tests: Add a func to run instruction in
	emulator
Date: Thu,  6 Jun 2013 23:24:37 +0800
Message-Id: <1370532278-22063-1-git-send-email-yzt356@gmail.com>
X-Mailer: git-send-email 1.7.9.5
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

Add a function trap_emulator to run an instruction in emulator.
Set inregs first (%rax is invalid because it is used as return
address), put instruction codec in alt_insn and call func with
alt_insn_length. Get results in outregs.

Signed-off-by: Arthur Chunqi Li <yzt356@gmail.com>
---
 x86/emulator.c |   81 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)

diff --git a/x86/emulator.c b/x86/emulator.c
index 96576e5..8ab9904 100644
--- a/x86/emulator.c
+++ b/x86/emulator.c
@@ -11,6 +11,14 @@ int fails, tests;
 
 static int exceptions;
 
+struct regs {
+	u64 rax, rbx, rcx, rdx;
+	u64 rsi, rdi, rsp, rbp;
+	u64 rip, rflags;
+};
+
+static struct regs inregs, outregs;
+
 void report(const char *name, int result)
 {
 	++tests;
@@ -685,6 +693,79 @@ static void test_shld_shrd(u32 *mem)
     report("shrd (cl)", *mem == ((0x12345678 >> 3) | (5u << 29)));
 }
 
+static void trap_emulator(uint64_t *mem, uint8_t *insn_page,
+			     uint8_t *alt_insn_page, void *insn_ram,
+			     uint8_t *alt_insn, int alt_insn_length)
+{
+	ulong *cr3 = (ulong *)read_cr3();
+	int i;
+
+	// Pad with RET instructions
+	memset(insn_page, 0xc3, 4096);
+	memset(alt_insn_page, 0xc3, 4096);
+
+	// Place a trapping instruction in the page to trigger a VMEXIT
+	insn_page[0] = 0x89; // mov %eax, (%rax)
+	insn_page[1] = 0x00;
+	insn_page[2] = 0x90; // nop
+	insn_page[3] = 0xc3; // ret
+
+	// Place the instruction we want the hypervisor to see in the alternate page
+	for (i=0; i<alt_insn_length; i++)
+		alt_insn_page[i] = alt_insn[i];
+
+	// Save general registers
+	asm volatile(
+		"push %rax\n\r"
+		"push %rbx\n\r"
+		"push %rcx\n\r"
+		"push %rdx\n\r"
+		"push %rsi\n\r"
+		"push %rdi\n\r"
+		);
+	// Load the code TLB with insn_page, but point the page tables at
+	// alt_insn_page (and keep the data TLB clear, for AMD decode assist).
+	// This will make the CPU trap on the insn_page instruction but the
+	// hypervisor will see alt_insn_page.
+	install_page(cr3, virt_to_phys(insn_page), insn_ram);
+	invlpg(insn_ram);
+	// Load code TLB
+	asm volatile("call *%0" : : "r"(insn_ram + 3));
+	install_page(cr3, virt_to_phys(alt_insn_page), insn_ram);
+	// Trap, let hypervisor emulate at alt_insn_page
+	asm volatile(
+		"call *%1\n\r"
+
+		"mov %%rax, 0+%[outregs] \n\t"
+		"mov %%rbx, 8+%[outregs] \n\t"
+		"mov %%rcx, 16+%[outregs] \n\t"
+		"mov %%rdx, 24+%[outregs] \n\t"
+		"mov %%rsi, 32+%[outregs] \n\t"
+		"mov %%rdi, 40+%[outregs] \n\t"
+		"mov %%rsp,48+ %[outregs] \n\t"
+		"mov %%rbp, 56+%[outregs] \n\t"
+
+		/* Save RFLAGS in outregs*/
+		"pushf \n\t"
+		"popq 72+%[outregs] \n\t"
+		: [outregs]"+m"(outregs)
+		: "r"(insn_ram),
+			"a"(mem), "b"(inregs.rbx),
+			"c"(inregs.rcx), "d"(inregs.rdx),
+			"S"(inregs.rsi), "D"(inregs.rdi)
+		: "memory", "cc"
+		);
+	// Restore general registers
+	asm volatile(
+		"pop %rax\n\r"
+		"pop %rbx\n\r"
+		"pop %rcx\n\r"
+		"pop %rdx\n\r"
+		"pop %rsi\n\r"
+		"pop %rdi\n\r"
+		);
+}
+
 static void advance_rip_by_3_and_note_exception(struct ex_regs *regs)
 {
     ++exceptions;