cpu/vc: add #VC IOIO handler

Handle the IN and OUT instructions by calling the hypervisor
through the existing GHCB ioio methods.

At this point, IN and OUT instructions with the port given
as immediate value is not supported yet.

INS and OUTS are also not supported yet.

Signed-off-by: Thomas Leroy <[email protected]>

Author: p4zuu

src/cpu/idt/common.rs

@@ -5,7 +5,6 @@
 // Author: Joerg Roedel <[email protected]>
 
 use crate::address::{Address, VirtAddr};
-use crate::cpu::insn::Instruction;
 use crate::cpu::registers::{X86GeneralRegs, X86InterruptFrame};
 use crate::types::SVSM_CS;
 use core::arch::{asm, global_asm};
@@ -45,7 +44,6 @@ pub struct X86ExceptionContext {
     pub vector: usize,
     pub error_code: usize,
     pub frame: X86InterruptFrame,
-    pub insn: Instruction,
 }
 
 #[derive(Copy, Clone, Default, Debug)]
@@ -145,8 +143,6 @@ pub fn triple_fault() {
 #[cfg(feature = "enable-stacktrace")]
 extern "C" {
     static generic_idt_handler_return: u8;
-    pub static stage2_idt_handler_array: u8;
-    pub static svsm_idt_handler_array: u8;
 }
 
 #[cfg(feature = "enable-stacktrace")]
@@ -157,44 +153,6 @@ pub fn is_exception_handler_return_site(rip: VirtAddr) -> bool {
 
 global_asm!(
     r#"
-        /* Stage 2 handler array setup */
-        .text
-    push_regs:
-        pushq   %rax
-        pushq   %rbx
-        pushq   %rcx
-        pushq   %rdx
-        pushq   %rsi
-        pushq   %rdi
-        pushq   %rbp
-        pushq   %r8
-        pushq   %r9
-        pushq   %r10
-        pushq   %r11
-        pushq   %r12
-        pushq   %r13
-        pushq   %r14
-        pushq   %r15
-
-        movq    %rsp, %rdi
-        call    stage2_generic_idt_handler
-
-        jmp generic_idt_handler_return
-        
-        .align 32
-        .globl stage2_idt_handler_array
-    stage2_idt_handler_array:
-        i = 0
-        .rept 32
-        .align 32
-        .if ((0x20027d00 >> i) & 1) == 0
-        pushq   $0
-        .endif
-        pushq   $i  /* Vector Number */
-        jmp push_regs
-        i = i + 1
-        .endr
-        
         /* Needed by the stack unwinder to recognize exception frames. */
         .globl generic_idt_handler_return
     generic_idt_handler_return:

src/cpu/idt/svsm.rs

@@ -7,10 +7,9 @@
 use super::super::control_regs::read_cr2;
 use super::super::extable::handle_exception_table;
 use super::super::tss::IST_DF;
-use super::super::vc::stage2_handle_vc_exception;
+use super::super::vc::handle_vc_exception;
 use super::common::{
-    load_idt, svsm_idt_handler_array, Idt, IdtEntry, BP_VECTOR, DF_VECTOR, GLOBAL_IDT, GP_VECTOR,
-    PF_VECTOR, VC_VECTOR,
+    load_idt, Idt, IdtEntry, BP_VECTOR, DF_VECTOR, GLOBAL_IDT, GP_VECTOR, PF_VECTOR, VC_VECTOR,
 };
 use crate::address::VirtAddr;
 use crate::cpu::X86ExceptionContext;
@@ -45,7 +44,7 @@ pub fn idt_init() {
 }
 
 #[no_mangle]
-pub fn generic_idt_handler(ctx: &mut X86ExceptionContext) {
+pub extern "C" fn generic_idt_handler(ctx: &mut X86ExceptionContext) {
     if ctx.vector == DF_VECTOR {
         let cr2 = read_cr2();
         let rip = ctx.frame.rip;
@@ -76,7 +75,7 @@ pub fn generic_idt_handler(ctx: &mut X86ExceptionContext) {
             );
         }
     } else if ctx.vector == VC_VECTOR {
-        stage2_handle_vc_exception(ctx);
+        handle_vc_exception(ctx);
     } else if ctx.vector == BP_VECTOR {
         handle_bp_exception(ctx);
     } else {
@@ -93,6 +92,10 @@ pub fn generic_idt_handler(ctx: &mut X86ExceptionContext) {
     }
 }
 
+extern "C" {
+    static svsm_idt_handler_array: u8;
+}
+
 global_asm!(
     r#"
         .text

src/cpu/insn.rs

@@ -9,7 +9,6 @@ extern crate alloc;
 use crate::cpu::vc::VcError;
 use crate::error::SvsmError;
 use core::ptr;
-use log::info;
 
 const MAX_INSN_SIZE: usize = 15;
 const MAX_INSN_FIELD_SIZE: usize = 3;

src/cpu/vc.rs

@@ -6,16 +6,18 @@
 
 use super::idt::common::X86ExceptionContext;
 use crate::cpu::cpuid::{cpuid_table_raw, CpuidLeaf};
-use crate::cpu::extable::handle_exception_table;
 use crate::cpu::insn::{insn_fetch, Instruction};
+use crate::cpu::percpu::this_cpu_mut;
 use crate::cpu::registers::X86GeneralRegs;
 use crate::debug::gdbstub::svsm_gdbstub::handle_db_exception;
 use crate::error::SvsmError;
+use crate::sev::ghcb::{GHCBIOSize, GHCB};
 use core::fmt;
 
 pub const SVM_EXIT_EXCP_BASE: usize = 0x40;
 pub const SVM_EXIT_LAST_EXCP: usize = 0x5f;
 pub const SVM_EXIT_CPUID: usize = 0x72;
+pub const SVM_EXIT_IOIO: usize = 0x7b;
 pub const X86_TRAP_DB: usize = 0x01;
 pub const X86_TRAP: usize = SVM_EXIT_EXCP_BASE + X86_TRAP_DB;
 
@@ -52,7 +54,7 @@ pub fn stage2_handle_vc_exception(ctx: &mut X86ExceptionContext) {
     let err = ctx.error_code;
     let rip = ctx.frame.rip;
 
-    vc_decode_insn(ctx).unwrap_or_else(|e| {
+    let insn = vc_decode_insn(ctx).unwrap_or_else(|e| {
         panic!(
             "Unhandled #VC exception RIP {:#018x} error code: {:#018x} error {:?}",
             rip, err, e
@@ -77,7 +79,48 @@ pub fn stage2_handle_vc_exception(ctx: &mut X86ExceptionContext) {
         )
     });
 
-    vc_finish_insn(ctx);
+    vc_finish_insn(ctx, &insn);
+}
+
+pub fn handle_vc_exception(ctx: &mut X86ExceptionContext) {
+    let error_code = ctx.error_code;
+    let rip = ctx.frame.rip;
+
+    /*
+     * To handle NAE events, we're supposed to reset the VALID_BITMAP field of the GHCB.
+     * This is currently only relevant for IOIO handling. This field is currently reset in
+     * the ioio_{in,ou} methods but it would be better to move the reset out of the different
+     * handlers.
+     */
+    let ghcb = this_cpu_mut().ghcb();
+
+    let insn = vc_decode_insn(ctx).unwrap_or_else(|e| {
+        panic!(
+            "Unhandled #VC exception RIP {:#018x} error code: {:#018x} error {:?}",
+            rip, error_code, e
+        )
+    });
+
+    match error_code {
+        // If the debugger is enabled then handle the DB exception
+        // by directly invoking the exception handler
+        X86_TRAP_DB => {
+            handle_db_exception(ctx);
+            Ok(())
+        }
+
+        SVM_EXIT_CPUID => handle_cpuid(ctx),
+        SVM_EXIT_IOIO => handle_ioio(ctx, ghcb, &insn),
+        _ => Err(SvsmError::Vc(VcError::Unsupported)),
+    }
+    .unwrap_or_else(|err| {
+        panic!(
+            "Unhandled #VC exception RIP {:#018x} error code: {:#018x}: #VC error: {:?}",
+            rip, error_code, err
+        )
+    });
+
+    vc_finish_insn(ctx, &insn);
 }
 
 fn handle_cpuid(ctx: &mut X86ExceptionContext) -> Result<(), SvsmError> {
@@ -117,13 +160,55 @@ fn snp_cpuid(regs: &mut X86GeneralRegs) -> Result<(), SvsmError> {
     Ok(())
 }
 
-fn vc_finish_insn(ctx: &mut X86ExceptionContext) {
-    ctx.frame.rip += ctx.insn.length;
+fn vc_finish_insn(ctx: &mut X86ExceptionContext, insn: &Instruction) {
+    ctx.frame.rip += insn.length;
+}
+
+fn handle_ioio(
+    ctx: &mut X86ExceptionContext,
+    ghcb: &mut GHCB,
+    insn: &Instruction,
+) -> Result<(), SvsmError> {
+    let port: u16 = (ctx.regs.rdx & 0xffff) as u16;
+    let out_value: u64 = ctx.regs.rax as u64;
+
+    match insn.opcode.bytes[0] {
+        0x6C..=0x6F | 0xE4..=0xE7 => Err(SvsmError::Vc(VcError::Unsupported)),
+        0xEC => {
+            let ret = ghcb.ioio_in(port, GHCBIOSize::Size8)?;
+            ctx.regs.rax = (ret & 0xff) as usize;
+            Ok(())
+        }
+        0xED => {
+            let mut size: GHCBIOSize = GHCBIOSize::Size32;
+            let mut mask = 0xffffffff;
+            if insn.prefixes.nb_bytes > 0 {
+                // inw instruction has a 0x66 operand-size prefix for word-sized operands.
+                size = GHCBIOSize::Size16;
+                mask = 0xffff;
+            }
+
+            let ret = ghcb.ioio_in(port, size)?;
+            ctx.regs.rax = (ret & mask) as usize;
+            Ok(())
+        }
+        0xEE => ghcb.ioio_out(port, GHCBIOSize::Size8, out_value),
+        0xEF => {
+            let mut size: GHCBIOSize = GHCBIOSize::Size32;
+            if insn.prefixes.nb_bytes > 0 {
+                // outw instruction has a 0x66 operand-size prefix for word-sized operands.
+                size = GHCBIOSize::Size16;
+            }
+
+            ghcb.ioio_out(port, size, out_value)
+        }
+        _ => Err(SvsmError::Vc(VcError::DecodeFailed)),
+    }
 }
 
-fn vc_decode_insn(ctx: &mut X86ExceptionContext) -> Result<(), SvsmError> {
+fn vc_decode_insn(ctx: &mut X86ExceptionContext) -> Result<Instruction, SvsmError> {
     if !vc_decoding_needed(ctx.error_code) {
-        return Ok(());
+        return Ok(Instruction::default());
     }
 
     /*
@@ -135,30 +220,9 @@ fn vc_decode_insn(ctx: &mut X86ExceptionContext) -> Result<(), SvsmError> {
     let mut insn = Instruction::new(insn_raw);
     insn.decode()?;
 
-    ctx.insn = insn;
-
-    Ok(())
+    Ok(insn)
 }
 
 fn vc_decoding_needed(error_code: usize) -> bool {
     !(SVM_EXIT_EXCP_BASE..=SVM_EXIT_LAST_EXCP).contains(&error_code)
 }
-
-pub fn handle_vc_exception(ctx: &mut X86ExceptionContext) {
-    let err = ctx.error_code;
-    let rip = ctx.frame.rip;
-
-    // If the debugger is enabled then handle the DB exception
-    // by directly invoking the exception hander
-    if err == (SVM_EXIT_EXCP_BASE + X86_TRAP_DB) {
-        handle_db_exception(ctx);
-        return;
-    }
-
-    if !handle_exception_table(ctx) {
-        panic!(
-            "Unhandled #VC exception RIP {:#018x} error code: {:#018x}",
-            rip, err
-        );
-    }
-}