vmcs_intel_x64 Class Reference

Public Member Functions
	vmcs_intel_x64 ()
virtual	~vmcs_intel_x64 ()=default
virtual void	launch (gsl::not_null< vmcs_intel_x64_state *> host_state, gsl::not_null< vmcs_intel_x64_state *> guest_state)
virtual void	resume ()
virtual void	promote ()
virtual void	load ()
virtual void	clear ()

Protected Member Functions
virtual void	write_fields (gsl::not_null< vmcs_intel_x64_state *> host_state, gsl::not_null< vmcs_intel_x64_state *> guest_state)
void	create_vmcs_region ()
void	release_vmcs_region () noexcept
void	create_exit_handler_stack ()
void	release_exit_handler_stack () noexcept
void	write_16bit_control_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_64bit_control_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_32bit_control_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_natural_control_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_16bit_guest_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_64bit_guest_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_32bit_guest_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_natural_guest_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_16bit_host_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_64bit_host_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_32bit_host_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	write_natural_host_state (gsl::not_null< vmcs_intel_x64_state *> state)
void	pin_based_vm_execution_controls ()
void	primary_processor_based_vm_execution_controls ()
void	secondary_processor_based_vm_execution_controls ()
void	vm_exit_controls ()
void	vm_entry_controls ()

Protected Attributes
uintptr_t	m_vmcs_region_phys
std::unique_ptr< uint32_t[]>	m_vmcs_region
state_save_intel_x64 *	m_state_save
std::unique_ptr< char[]>	m_exit_handler_stack

Detailed Description

Intel x86_64 VMCS

The following provides the basic VMCS implementation as defined by the Intel Software Developer's Manual (chapters 24-33). To best understand this code, the manual should first be read.

This class provides the bare minimum to get a virtual machine to execute. It assumes a 64bit VMM, and a 64bit guest. It does not trap on anything by default, and thus the guest is allowed to execute unfettered. If an error should occur, it contains the logic needed to help identify the issue, including a complete implementation of chapter 26 in the Intel manual, that describes all of the checks the CPU will perform prior to a VM launch. We also provide a considerable amount of pre-defined constants for working with the VMCS fields. Please see the VMCS headers for more details. Pro tip: auto-complete works great with the VMCS namespace logic.

To use this class, subclass vmcs_intel_x64, and overload the virtual functions for setting up the guest / host state to provide the desired functionality. Don't forget to call the base class function when complete unless you intend to provide the same functionality. For an example of how to do this, please see:

Bareflank Hypervisor VPID Example

Definition at line 57 of file vmcs_intel_x64.h.

Constructor & Destructor Documentation

vmcs_intel_x64()

vmcs_intel_x64::vmcs_intel_x64

(

)

Default Constructor

Precondition

expects: none

Postcondition

ensures: none

Definition at line 49 of file vmcs_intel_x64.cpp.

~vmcs_intel_x64()

virtual vmcs_intel_x64::~vmcs_intel_x64 ( )

virtualdefault

Destructor

Precondition

expects: none

Postcondition

ensures: none

Member Function Documentation

launch()

void vmcs_intel_x64::launch ( gsl::not_null< vmcs_intel_x64_state *>  host_state, gsl::not_null< vmcs_intel_x64_state *>  guest_state  )

virtual

Launch

Launches the VMCS. Note that this will create a new guest VM when it is complete. If this function is run more than once, it will clear the VMCS and its state, starting the VM over again. For this reason it should only be called once, unless you intend to clear the VM.

Precondition

expects: host_state != nullptr

expects: guest_state != nullptr

Postcondition

ensures: none

Definition at line 55 of file vmcs_intel_x64.cpp.

resume()

void vmcs_intel_x64::resume ( )

virtual

Resume

Resumes the VMCS. Note that this should only be called after a launch, otherwise the system will crash. This function should be called whenever the exit handler needs to execute a VM. Note that there are two different times that this might happen: when the exit handler is done emulating an instruction and needs to return back to the VM, or it's time to schedule a different VM to execute (that has obviously already been launched)

Note

if you are going to resume a VMCS, you must make sure that VMCS has been loaded first. Otherwise, you will end up resuming the currently loaded VMCS with a different state save area. We don't check for this issue as it would require us to query VMX for the currently loaded VMCS which is slow, and it's likely this function will get executed a lot.

Precondition

expects: none

Postcondition

ensures: none

Definition at line 97 of file vmcs_intel_x64.cpp.

promote()

void vmcs_intel_x64::promote ( )

virtual

Promote

Promotes this guest to VMX root. This is used to transition out of VMX operation as the guest that this VMCS defines is likely about to disable VMX operation, and needs to be in VMX root to do so. Note that this function doesn't actually return if it is successful. Instead, the CPU resumes execution on the last instruction executed by the guest.

Note

this function is mainly implemented in raw assembly. The reason for this is, GCC was optimizing errors in its implementation when "-O3" was enabled. The order of each instruction is very important

Precondition

expects: none

Postcondition

ensures: none

Definition at line 90 of file vmcs_intel_x64.cpp.

load()

void vmcs_intel_x64::load ( )

virtual

Load

The main purpose of this function is to execute VMPTRLD. Specifically, this function loads the VMCS that this class contains into the CPU. There are two different times that this is mainly needed. When the VMCS is first created, a VM launch is needed to get this VMCS up and running. Before the launch can occur, the VMCS needs to be loaded so that vm reads / writes are successful (as the CPU needs to know which VMCS to read / write to). Once a launch has been done, the VMCS contains the VM's state. The next time it needs to be run, a VMRESUME must be executed. Once gain, the CPU needs to know which VMCS to use, and thus a load is needed.

Precondition

expects: none

Postcondition

ensures: none

Definition at line 104 of file vmcs_intel_x64.cpp.

clear()

void vmcs_intel_x64::clear ( )

virtual

Clear

Clears the VMCS. This should only be needed before a VM launch. But can be used to "reset" a guest prior to launching it again. If you run a clear, you must run load again as the clear will remove the valid bit in the VMCS, rendering future reads / writes to this VMCS invalid.

Precondition

expects: none

Postcondition

ensures: none

Definition at line 108 of file vmcs_intel_x64.cpp.

write_fields()

void vmcs_intel_x64::write_fields ( gsl::not_null< vmcs_intel_x64_state *>  host_state, gsl::not_null< vmcs_intel_x64_state *>  guest_state  )

protectedvirtual

Definition at line 140 of file vmcs_intel_x64.cpp.

create_vmcs_region()

void vmcs_intel_x64::create_vmcs_region ( )

protected

Definition at line 112 of file vmcs_intel_x64.cpp.

release_vmcs_region()

void vmcs_intel_x64::release_vmcs_region ( )

protectednoexcept

Definition at line 125 of file vmcs_intel_x64.cpp.

create_exit_handler_stack()

void vmcs_intel_x64::create_exit_handler_stack ( )

protected

Definition at line 132 of file vmcs_intel_x64.cpp.

release_exit_handler_stack()

void vmcs_intel_x64::release_exit_handler_stack ( )

protectednoexcept

Definition at line 136 of file vmcs_intel_x64.cpp.

write_16bit_control_state()

void vmcs_intel_x64::write_16bit_control_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 166 of file vmcs_intel_x64.cpp.

write_64bit_control_state()

void vmcs_intel_x64::write_64bit_control_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 176 of file vmcs_intel_x64.cpp.

write_32bit_control_state()

void vmcs_intel_x64::write_32bit_control_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 205 of file vmcs_intel_x64.cpp.

write_natural_control_state()

void vmcs_intel_x64::write_natural_control_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 250 of file vmcs_intel_x64.cpp.

write_16bit_guest_state()

void vmcs_intel_x64::write_16bit_guest_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 265 of file vmcs_intel_x64.cpp.

write_64bit_guest_state()

void vmcs_intel_x64::write_64bit_guest_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 280 of file vmcs_intel_x64.cpp.

write_32bit_guest_state()

void vmcs_intel_x64::write_32bit_guest_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 295 of file vmcs_intel_x64.cpp.

write_natural_guest_state()

void vmcs_intel_x64::write_natural_guest_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 327 of file vmcs_intel_x64.cpp.

write_16bit_host_state()

void vmcs_intel_x64::write_16bit_host_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 357 of file vmcs_intel_x64.cpp.

write_64bit_host_state()

void vmcs_intel_x64::write_64bit_host_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 369 of file vmcs_intel_x64.cpp.

write_32bit_host_state()

void vmcs_intel_x64::write_32bit_host_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 377 of file vmcs_intel_x64.cpp.

write_natural_host_state()

void vmcs_intel_x64::write_natural_host_state ( gsl::not_null< vmcs_intel_x64_state *>  state )

protected

Definition at line 383 of file vmcs_intel_x64.cpp.

pin_based_vm_execution_controls()

void vmcs_intel_x64::pin_based_vm_execution_controls ( )

protected

Definition at line 414 of file vmcs_intel_x64.cpp.

primary_processor_based_vm_execution_controls()

void vmcs_intel_x64::primary_processor_based_vm_execution_controls ( )

protected

Definition at line 424 of file vmcs_intel_x64.cpp.

secondary_processor_based_vm_execution_controls()

void vmcs_intel_x64::secondary_processor_based_vm_execution_controls ( )

protected

Definition at line 450 of file vmcs_intel_x64.cpp.

vm_exit_controls()

void vmcs_intel_x64::vm_exit_controls ( )

protected

Definition at line 475 of file vmcs_intel_x64.cpp.

vm_entry_controls()

void vmcs_intel_x64::vm_entry_controls ( )

protected

Definition at line 492 of file vmcs_intel_x64.cpp.

Field Documentation

m_vmcs_region_phys

uintptr_t vmcs_intel_x64::m_vmcs_region_phys

protected

Definition at line 195 of file vmcs_intel_x64.h.

m_vmcs_region

std::unique_ptr<uint32_t[]> vmcs_intel_x64::m_vmcs_region

protected

Definition at line 196 of file vmcs_intel_x64.h.

m_state_save

state_save_intel_x64* vmcs_intel_x64::m_state_save

protected

Definition at line 198 of file vmcs_intel_x64.h.

m_exit_handler_stack

std::unique_ptr<char[]> vmcs_intel_x64::m_exit_handler_stack

protected

Definition at line 199 of file vmcs_intel_x64.h.

---

The documentation for this class was generated from the following files:

• /home/user/hypervisor/bfvmm/include/vmcs/vmcs_intel_x64.h
• /home/user/hypervisor/bfvmm/src/vmcs/src/vmcs_intel_x64.cpp