continue implementation

Author: Stanislav Shwartsman

bochs/cpu/fred.cc

@@ -28,8 +28,6 @@
 
 #if BX_SUPPORT_X86_64 && BX_SUPPORT_FRED
 
-// FIXME: long_mode64 requirement must be handled through opcode tables attributes
-
 void BX_CPU_C::FRED_EventDelivery(Bit8u vector, unsigned type, Bit16u error_code)
 {
 #if BX_SUPPORT_VMX || BX_SUPPORT_SVM
@@ -121,7 +119,7 @@ void BX_CPU_C::FRED_EventDelivery(Bit8u vector, unsigned type, Bit16u error_code
   }
 #endif
 
-  // ESTABLISH NEW CONTEXT — OLD STATE WILL BE RESTORED IF THERE IS A SUBSEQUENT EXCEPTION -> FIXME: HOW ???
+  // ESTABLISH NEW CONTEXT: OLD STATE WILL BE RESTORED IF THERE IS A SUBSEQUENT EXCEPTION -> FIXME: HOW ???
 
   // update segment registers if event occurred in ring 3
   if (CPL == 3) {
@@ -170,22 +168,24 @@ void BX_CPU_C::FRED_EventDelivery(Bit8u vector, unsigned type, Bit16u error_code
   write_new_stack_qword(new_RSP - 64, 0, error_code);
 
 #if BX_SUPPORT_CET
-  if (ShadowStackEnabled(0)) {
-    if (old_CPL == 0) {
-      shadow_stack_write_dword(new_SSP - 4,  CPL, 0); // store 4 bytes of zeros to SSP-4
-      new_SSP &= ~BX_CONST64(0x7);
-      shadow_stack_write_qword(new_SSP - 8,  CPL, old_CS);
-      shadow_stack_write_qword(new_SSP - 16, CPL, old_RIP);
-      shadow_stack_write_qword(new_SSP - 24, CPL, old_SSP);
-      new_SSP -= 24;
+  if (BX_CPU_THIS_PTR cr4.get_CET()) {
+    if (ShadowStackEnabled(0)) {
+      if (old_CPL == 0) {
+        shadow_stack_write_dword(new_SSP - 4,  CPL, 0); // store 4 bytes of zeros to SSP-4
+        new_SSP &= ~BX_CONST64(0x7);
+        shadow_stack_write_qword(new_SSP - 8,  CPL, old_CS);
+        shadow_stack_write_qword(new_SSP - 16, CPL, old_RIP);
+        shadow_stack_write_qword(new_SSP - 24, CPL, old_SSP);
+        new_SSP -= 24;
+      }
+      SSP = new_SSP;
+    }
+
+    if (ShadowStackEnabled(3) && old_CPL == 3) {
+      BX_CPU_THIS_PTR msr.ia32_pl_ssp[3] = CanonicalizeAddress(BX_CPU_THIS_PTR msr.ia32_pl_ssp[3]);
     }
-    SSP = new_SSP;
-  }
 
-  if (ShadowStackEnabled(3) && old_CPL == 3) {
-    BX_CPU_THIS_PTR msr.ia32_pl_ssp[3] = CanonicalizeAddress(BX_CPU_THIS_PTR msr.ia32_pl_ssp[3]);
-    //if IA32_S_CET.ENDBR_EN = 1
-    //    THEN IA32_S_CET[11:10] = 0; // IDLE with SUPPRESS = 0 FIXME
+    reset_endbranch_tracker(0);
   }
 #endif
 

bochs/cpu/init.cc

@@ -1096,13 +1096,15 @@ void BX_CPU_C::reset(unsigned source)
 #endif
 
 #if BX_SUPPORT_FRED
-  BX_CPU_THIS_PTR msr.ia32_fred_cfg = 0;
-  BX_CPU_THIS_PTR msr.ia32_fred_stack_levels = 0;
-  for (n=0;n<4;n++) {
+  if (source == BX_RESET_HARDWARE) {
+    BX_CPU_THIS_PTR msr.ia32_fred_cfg = 0;
+    BX_CPU_THIS_PTR msr.ia32_fred_stack_levels = 0;
+    for (n=0;n<4;n++) {
 #if BX_SUPPORT_CET
-    BX_CPU_THIS_PTR msr.ia32_fred_ssp[n] = 0;
+      BX_CPU_THIS_PTR msr.ia32_fred_ssp[n] = 0;
 #endif
-    BX_CPU_THIS_PTR msr.ia32_fred_rsp[n] = 0;
+      BX_CPU_THIS_PTR msr.ia32_fred_rsp[n] = 0;
+    }
   }
 #endif
 #endif // BX_CPU_LEVEL >= 6

bochs/cpu/vmx.cc

@@ -1021,13 +1021,13 @@ VMX_error_code BX_CPU_C::VMenterLoadCheckVmControls(void)
 
 #if BX_SUPPORT_FRED
      if (is_cpu_extension_supported(BX_ISA_FRED)) {
-        if (vm->vmentry_interr_info & 0x7fffe000) {
+        if (vm->vmentry_interr_info & 0x7fffd000) { // unmask bit [13]
           BX_ERROR(("VMFAIL: VMENTRY broken interruption info field"));
           return VMXERR_VMENTRY_INVALID_VM_CONTROL_FIELD;
         }
 
         // with FRED, allow bit [13] to be set indicating injection of nested hardware exception
-        if ((vm->vmentry_interr_info & 0x00001000) != 0 && event_type != BX_HARDWARE_EXCEPTION) {
+        if ((vm->vmentry_interr_info & 0x00002000) != 0 && event_type != BX_HARDWARE_EXCEPTION) {
           BX_ERROR(("VMFAIL: VMENTRY injecting nested exception for event type != 3"));
           return VMXERR_VMENTRY_INVALID_VM_CONTROL_FIELD;
         }
@@ -1070,9 +1070,10 @@ VMX_error_code BX_CPU_C::VMenterLoadCheckVmControls(void)
          }
          break;
 
-       case BX_EVENT_OTHER: /* MTF or FRED */
+       case BX_EVENT_OTHER: { /* MTF or FRED */
 #if BX_SUPPORT_FRED
-         if (is_cpu_extension_supported(BX_ISA_FRED)) {
+         unsigned fred_guest = VMread_natural(VMCS_GUEST_CR4) & BX_CR4_FRED_MASK;
+         if (fred_guest) {
            if (vector > 1) {
              BX_ERROR(("VMFAIL: VMENTRY FRED SYSCALL/SYSENTER event injection with vector=%d", vector));
              return VMXERR_VMENTRY_INVALID_VM_CONTROL_FIELD;
@@ -1096,7 +1097,7 @@ VMX_error_code BX_CPU_C::VMenterLoadCheckVmControls(void)
            }
          }
          // fall through
-
+       }
        default:
          BX_ERROR(("VMFAIL: VMENTRY bad injected event type %d", event_type));
          return VMXERR_VMENTRY_INVALID_VM_CONTROL_FIELD;
@@ -3084,7 +3085,7 @@ void BX_CPU_C::VMexit(Bit32u reason, Bit64u qualification)
     VMwrite32(VMCS_32BIT_IDT_VECTORING_INFO, vm->idt_vector_info | 0x80000000);
     VMwrite32(VMCS_32BIT_IDT_VECTORING_ERR_CODE, vm->idt_vector_error_code);
 #if BX_SUPPORT_FRED
-    if (is_cpu_extension_supported(BX_ISA_FRED)) {
+    if (BX_CPU_THIS_PTR cr4.get_FRED()) {
       VMwrite64(VMCS_64BIT_ORIGINAL_EVENT_DATA, BX_CPU_THIS_PTR fred_event_data);
     }
 #endif

bochs/cpu/vmx.h

@@ -570,7 +570,7 @@ enum {
     ((VMCS_FIELD_WIDTH(encoding) << 2) + VMCS_FIELD_TYPE(encoding))
 
 #define VMX_HIGHEST_16BIT_VMCS_ENCODING          (0x20)
-#define VMX_HIGHEST_64BIT_VMCS_ENCODING          (0x50)
+#define VMX_HIGHEST_64BIT_VMCS_ENCODING          (0x54)
 #define VMX_HIGHEST_32BIT_VMCS_ENCODING          (0x30)
 #define VMX_HIGHEST_NATURAL_WIDTH_VMCS_ENCODING  (0x30)