2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2011 NetApp, Inc.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
34 #include <sys/types.h>
35 #ifndef WITHOUT_CAPSICUM
36 #include <sys/capsicum.h>
41 #include <amd64/vmm/intel/vmcs.h>
43 #include <machine/atomic.h>
44 #include <machine/segments.h>
56 #include <pthread_np.h>
59 #ifndef WITHOUT_CAPSICUM
64 #include <machine/vmm.h>
65 #ifndef WITHOUT_CAPSICUM
66 #include <machine/vmm_dev.h>
83 #include "smbiostbl.h"
85 #include "spinup_ap.h"
88 #define GUEST_NIO_PORT 0x488 /* guest upcalls via i/o port */
90 #define MB (1024UL * 1024)
91 #define GB (1024UL * MB)
93 static const char * const vmx_exit_reason_desc[] = {
94 [EXIT_REASON_EXCEPTION] = "Exception or non-maskable interrupt (NMI)",
95 [EXIT_REASON_EXT_INTR] = "External interrupt",
96 [EXIT_REASON_TRIPLE_FAULT] = "Triple fault",
97 [EXIT_REASON_INIT] = "INIT signal",
98 [EXIT_REASON_SIPI] = "Start-up IPI (SIPI)",
99 [EXIT_REASON_IO_SMI] = "I/O system-management interrupt (SMI)",
100 [EXIT_REASON_SMI] = "Other SMI",
101 [EXIT_REASON_INTR_WINDOW] = "Interrupt window",
102 [EXIT_REASON_NMI_WINDOW] = "NMI window",
103 [EXIT_REASON_TASK_SWITCH] = "Task switch",
104 [EXIT_REASON_CPUID] = "CPUID",
105 [EXIT_REASON_GETSEC] = "GETSEC",
106 [EXIT_REASON_HLT] = "HLT",
107 [EXIT_REASON_INVD] = "INVD",
108 [EXIT_REASON_INVLPG] = "INVLPG",
109 [EXIT_REASON_RDPMC] = "RDPMC",
110 [EXIT_REASON_RDTSC] = "RDTSC",
111 [EXIT_REASON_RSM] = "RSM",
112 [EXIT_REASON_VMCALL] = "VMCALL",
113 [EXIT_REASON_VMCLEAR] = "VMCLEAR",
114 [EXIT_REASON_VMLAUNCH] = "VMLAUNCH",
115 [EXIT_REASON_VMPTRLD] = "VMPTRLD",
116 [EXIT_REASON_VMPTRST] = "VMPTRST",
117 [EXIT_REASON_VMREAD] = "VMREAD",
118 [EXIT_REASON_VMRESUME] = "VMRESUME",
119 [EXIT_REASON_VMWRITE] = "VMWRITE",
120 [EXIT_REASON_VMXOFF] = "VMXOFF",
121 [EXIT_REASON_VMXON] = "VMXON",
122 [EXIT_REASON_CR_ACCESS] = "Control-register accesses",
123 [EXIT_REASON_DR_ACCESS] = "MOV DR",
124 [EXIT_REASON_INOUT] = "I/O instruction",
125 [EXIT_REASON_RDMSR] = "RDMSR",
126 [EXIT_REASON_WRMSR] = "WRMSR",
127 [EXIT_REASON_INVAL_VMCS] =
128 "VM-entry failure due to invalid guest state",
129 [EXIT_REASON_INVAL_MSR] = "VM-entry failure due to MSR loading",
130 [EXIT_REASON_MWAIT] = "MWAIT",
131 [EXIT_REASON_MTF] = "Monitor trap flag",
132 [EXIT_REASON_MONITOR] = "MONITOR",
133 [EXIT_REASON_PAUSE] = "PAUSE",
134 [EXIT_REASON_MCE_DURING_ENTRY] =
135 "VM-entry failure due to machine-check event",
136 [EXIT_REASON_TPR] = "TPR below threshold",
137 [EXIT_REASON_APIC_ACCESS] = "APIC access",
138 [EXIT_REASON_VIRTUALIZED_EOI] = "Virtualized EOI",
139 [EXIT_REASON_GDTR_IDTR] = "Access to GDTR or IDTR",
140 [EXIT_REASON_LDTR_TR] = "Access to LDTR or TR",
141 [EXIT_REASON_EPT_FAULT] = "EPT violation",
142 [EXIT_REASON_EPT_MISCONFIG] = "EPT misconfiguration",
143 [EXIT_REASON_INVEPT] = "INVEPT",
144 [EXIT_REASON_RDTSCP] = "RDTSCP",
145 [EXIT_REASON_VMX_PREEMPT] = "VMX-preemption timer expired",
146 [EXIT_REASON_INVVPID] = "INVVPID",
147 [EXIT_REASON_WBINVD] = "WBINVD",
148 [EXIT_REASON_XSETBV] = "XSETBV",
149 [EXIT_REASON_APIC_WRITE] = "APIC write",
150 [EXIT_REASON_RDRAND] = "RDRAND",
151 [EXIT_REASON_INVPCID] = "INVPCID",
152 [EXIT_REASON_VMFUNC] = "VMFUNC",
153 [EXIT_REASON_ENCLS] = "ENCLS",
154 [EXIT_REASON_RDSEED] = "RDSEED",
155 [EXIT_REASON_PM_LOG_FULL] = "Page-modification log full",
156 [EXIT_REASON_XSAVES] = "XSAVES",
157 [EXIT_REASON_XRSTORS] = "XRSTORS"
160 typedef int (*vmexit_handler_t)(struct vmctx *, struct vm_exit *, int *vcpu);
161 extern int vmexit_task_switch(struct vmctx *, struct vm_exit *, int *vcpu);
166 char *guest_uuid_str;
168 static int guest_vmexit_on_hlt, guest_vmexit_on_pause;
169 static int virtio_msix = 1;
170 static int x2apic_mode = 0; /* default is xAPIC */
173 static int strictmsr = 1;
177 static char *progname;
178 static const int BSP = 0;
180 static cpuset_t cpumask;
182 static void vm_loop(struct vmctx *ctx, int vcpu, uint64_t rip);
184 static struct vm_exit vmexit[VM_MAXCPU];
187 uint64_t vmexit_bogus;
188 uint64_t vmexit_reqidle;
190 uint64_t vmexit_pause;
191 uint64_t vmexit_mtrap;
192 uint64_t vmexit_inst_emul;
193 uint64_t cpu_switch_rotate;
194 uint64_t cpu_switch_direct;
199 struct vmctx *mt_ctx;
201 } mt_vmm_info[VM_MAXCPU];
203 static cpuset_t *vcpumap[VM_MAXCPU] = { NULL };
210 "Usage: %s [-abehuwxACHPSWY] [-c vcpus] [-g <gdb port>] [-l <lpc>]\n"
211 " %*s [-m mem] [-p vcpu:hostcpu] [-s <pci>] [-U uuid] <vm>\n"
212 " -a: local apic is in xAPIC mode (deprecated)\n"
213 " -A: create ACPI tables\n"
214 " -c: # cpus (default 1)\n"
215 " -C: include guest memory in core file\n"
216 " -e: exit on unhandled I/O access\n"
219 " -H: vmexit from the guest on hlt\n"
220 " -l: LPC device configuration\n"
221 " -m: memory size in MB\n"
222 " -p: pin 'vcpu' to 'hostcpu'\n"
223 " -P: vmexit from the guest on pause\n"
224 " -s: <slot,driver,configinfo> PCI slot config\n"
225 " -S: guest memory cannot be swapped\n"
226 " -u: RTC keeps UTC time\n"
228 " -w: ignore unimplemented MSRs\n"
229 " -W: force virtio to use single-vector MSI\n"
230 " -x: local apic is in x2APIC mode\n"
231 " -Y: disable MPtable generation\n",
232 progname, (int)strlen(progname), "");
237 #ifndef WITHOUT_CAPSICUM
239 * 11-stable capsicum helpers
242 bhyve_caph_cache_catpages(void)
245 (void)catopen("libc", NL_CAT_LOCALE);
249 bhyve_caph_limit_stdoe(void)
252 unsigned long cmds[] = { TIOCGETA, TIOCGWINSZ };
253 int i, fds[] = { STDOUT_FILENO, STDERR_FILENO };
255 cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, CAP_IOCTL);
256 cap_rights_set(&rights, CAP_WRITE);
258 for (i = 0; i < nitems(fds); i++) {
259 if (cap_rights_limit(fds[i], &rights) < 0 && errno != ENOSYS)
262 if (cap_ioctls_limit(fds[i], cmds, nitems(cmds)) < 0 && errno != ENOSYS)
265 if (cap_fcntls_limit(fds[i], CAP_FCNTL_GETFL) < 0 && errno != ENOSYS)
275 pincpu_parse(const char *opt)
279 if (sscanf(opt, "%d:%d", &vcpu, &pcpu) != 2) {
280 fprintf(stderr, "invalid format: %s\n", opt);
284 if (vcpu < 0 || vcpu >= VM_MAXCPU) {
285 fprintf(stderr, "vcpu '%d' outside valid range from 0 to %d\n",
286 vcpu, VM_MAXCPU - 1);
290 if (pcpu < 0 || pcpu >= CPU_SETSIZE) {
291 fprintf(stderr, "hostcpu '%d' outside valid range from "
292 "0 to %d\n", pcpu, CPU_SETSIZE - 1);
296 if (vcpumap[vcpu] == NULL) {
297 if ((vcpumap[vcpu] = malloc(sizeof(cpuset_t))) == NULL) {
301 CPU_ZERO(vcpumap[vcpu]);
303 CPU_SET(pcpu, vcpumap[vcpu]);
308 vm_inject_fault(void *arg, int vcpu, int vector, int errcode_valid,
312 int error, restart_instruction;
315 restart_instruction = 1;
317 error = vm_inject_exception(ctx, vcpu, vector, errcode_valid, errcode,
318 restart_instruction);
323 paddr_guest2host(struct vmctx *ctx, uintptr_t gaddr, size_t len)
326 return (vm_map_gpa(ctx, gaddr, len));
330 fbsdrun_vmexit_on_pause(void)
333 return (guest_vmexit_on_pause);
337 fbsdrun_vmexit_on_hlt(void)
340 return (guest_vmexit_on_hlt);
344 fbsdrun_virtio_msix(void)
347 return (virtio_msix);
351 fbsdrun_start_thread(void *param)
353 char tname[MAXCOMLEN + 1];
354 struct mt_vmm_info *mtp;
360 snprintf(tname, sizeof(tname), "vcpu %d", vcpu);
361 pthread_set_name_np(mtp->mt_thr, tname);
363 vm_loop(mtp->mt_ctx, vcpu, vmexit[vcpu].rip);
371 fbsdrun_addcpu(struct vmctx *ctx, int fromcpu, int newcpu, uint64_t rip)
375 assert(fromcpu == BSP);
378 * The 'newcpu' must be activated in the context of 'fromcpu'. If
379 * vm_activate_cpu() is delayed until newcpu's pthread starts running
380 * then vmm.ko is out-of-sync with bhyve and this can create a race
383 error = vm_activate_cpu(ctx, newcpu);
385 err(EX_OSERR, "could not activate CPU %d", newcpu);
387 CPU_SET_ATOMIC(newcpu, &cpumask);
390 * Set up the vmexit struct to allow execution to start
393 vmexit[newcpu].rip = rip;
394 vmexit[newcpu].inst_length = 0;
396 mt_vmm_info[newcpu].mt_ctx = ctx;
397 mt_vmm_info[newcpu].mt_vcpu = newcpu;
399 error = pthread_create(&mt_vmm_info[newcpu].mt_thr, NULL,
400 fbsdrun_start_thread, &mt_vmm_info[newcpu]);
405 fbsdrun_deletecpu(struct vmctx *ctx, int vcpu)
408 if (!CPU_ISSET(vcpu, &cpumask)) {
409 fprintf(stderr, "Attempting to delete unknown cpu %d\n", vcpu);
413 CPU_CLR_ATOMIC(vcpu, &cpumask);
414 return (CPU_EMPTY(&cpumask));
418 vmexit_handle_notify(struct vmctx *ctx, struct vm_exit *vme, int *pvcpu,
423 * put guest-driven debug here
426 return (VMEXIT_CONTINUE);
430 vmexit_inout(struct vmctx *ctx, struct vm_exit *vme, int *pvcpu)
433 int bytes, port, in, out;
438 port = vme->u.inout.port;
439 bytes = vme->u.inout.bytes;
440 in = vme->u.inout.in;
443 /* Extra-special case of host notifications */
444 if (out && port == GUEST_NIO_PORT) {
445 error = vmexit_handle_notify(ctx, vme, pvcpu, vme->u.inout.eax);
449 error = emulate_inout(ctx, vcpu, vme, strictio);
451 fprintf(stderr, "Unhandled %s%c 0x%04x at 0x%lx\n",
453 bytes == 1 ? 'b' : (bytes == 2 ? 'w' : 'l'),
455 return (VMEXIT_ABORT);
457 return (VMEXIT_CONTINUE);
462 vmexit_rdmsr(struct vmctx *ctx, struct vm_exit *vme, int *pvcpu)
469 error = emulate_rdmsr(ctx, *pvcpu, vme->u.msr.code, &val);
471 fprintf(stderr, "rdmsr to register %#x on vcpu %d\n",
472 vme->u.msr.code, *pvcpu);
474 vm_inject_gp(ctx, *pvcpu);
475 return (VMEXIT_CONTINUE);
480 error = vm_set_register(ctx, *pvcpu, VM_REG_GUEST_RAX, eax);
484 error = vm_set_register(ctx, *pvcpu, VM_REG_GUEST_RDX, edx);
487 return (VMEXIT_CONTINUE);
491 vmexit_wrmsr(struct vmctx *ctx, struct vm_exit *vme, int *pvcpu)
495 error = emulate_wrmsr(ctx, *pvcpu, vme->u.msr.code, vme->u.msr.wval);
497 fprintf(stderr, "wrmsr to register %#x(%#lx) on vcpu %d\n",
498 vme->u.msr.code, vme->u.msr.wval, *pvcpu);
500 vm_inject_gp(ctx, *pvcpu);
501 return (VMEXIT_CONTINUE);
504 return (VMEXIT_CONTINUE);
508 vmexit_spinup_ap(struct vmctx *ctx, struct vm_exit *vme, int *pvcpu)
511 (void)spinup_ap(ctx, *pvcpu,
512 vme->u.spinup_ap.vcpu, vme->u.spinup_ap.rip);
514 return (VMEXIT_CONTINUE);
517 #define DEBUG_EPT_MISCONFIG
518 #ifdef DEBUG_EPT_MISCONFIG
519 #define VMCS_GUEST_PHYSICAL_ADDRESS 0x00002400
521 static uint64_t ept_misconfig_gpa, ept_misconfig_pte[4];
522 static int ept_misconfig_ptenum;
526 vmexit_vmx_desc(uint32_t exit_reason)
529 if (exit_reason >= nitems(vmx_exit_reason_desc) ||
530 vmx_exit_reason_desc[exit_reason] == NULL)
532 return (vmx_exit_reason_desc[exit_reason]);
536 vmexit_vmx(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
539 fprintf(stderr, "vm exit[%d]\n", *pvcpu);
540 fprintf(stderr, "\treason\t\tVMX\n");
541 fprintf(stderr, "\trip\t\t0x%016lx\n", vmexit->rip);
542 fprintf(stderr, "\tinst_length\t%d\n", vmexit->inst_length);
543 fprintf(stderr, "\tstatus\t\t%d\n", vmexit->u.vmx.status);
544 fprintf(stderr, "\texit_reason\t%u (%s)\n", vmexit->u.vmx.exit_reason,
545 vmexit_vmx_desc(vmexit->u.vmx.exit_reason));
546 fprintf(stderr, "\tqualification\t0x%016lx\n",
547 vmexit->u.vmx.exit_qualification);
548 fprintf(stderr, "\tinst_type\t\t%d\n", vmexit->u.vmx.inst_type);
549 fprintf(stderr, "\tinst_error\t\t%d\n", vmexit->u.vmx.inst_error);
550 #ifdef DEBUG_EPT_MISCONFIG
551 if (vmexit->u.vmx.exit_reason == EXIT_REASON_EPT_MISCONFIG) {
552 vm_get_register(ctx, *pvcpu,
553 VMCS_IDENT(VMCS_GUEST_PHYSICAL_ADDRESS),
555 vm_get_gpa_pmap(ctx, ept_misconfig_gpa, ept_misconfig_pte,
556 &ept_misconfig_ptenum);
557 fprintf(stderr, "\tEPT misconfiguration:\n");
558 fprintf(stderr, "\t\tGPA: %#lx\n", ept_misconfig_gpa);
559 fprintf(stderr, "\t\tPTE(%d): %#lx %#lx %#lx %#lx\n",
560 ept_misconfig_ptenum, ept_misconfig_pte[0],
561 ept_misconfig_pte[1], ept_misconfig_pte[2],
562 ept_misconfig_pte[3]);
564 #endif /* DEBUG_EPT_MISCONFIG */
565 return (VMEXIT_ABORT);
569 vmexit_svm(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
572 fprintf(stderr, "vm exit[%d]\n", *pvcpu);
573 fprintf(stderr, "\treason\t\tSVM\n");
574 fprintf(stderr, "\trip\t\t0x%016lx\n", vmexit->rip);
575 fprintf(stderr, "\tinst_length\t%d\n", vmexit->inst_length);
576 fprintf(stderr, "\texitcode\t%#lx\n", vmexit->u.svm.exitcode);
577 fprintf(stderr, "\texitinfo1\t%#lx\n", vmexit->u.svm.exitinfo1);
578 fprintf(stderr, "\texitinfo2\t%#lx\n", vmexit->u.svm.exitinfo2);
579 return (VMEXIT_ABORT);
583 vmexit_bogus(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
586 assert(vmexit->inst_length == 0);
588 stats.vmexit_bogus++;
590 return (VMEXIT_CONTINUE);
594 vmexit_reqidle(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
597 assert(vmexit->inst_length == 0);
599 stats.vmexit_reqidle++;
601 return (VMEXIT_CONTINUE);
605 vmexit_hlt(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
611 * Just continue execution with the next instruction. We use
612 * the HLT VM exit as a way to be friendly with the host
615 return (VMEXIT_CONTINUE);
619 vmexit_pause(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
622 stats.vmexit_pause++;
624 return (VMEXIT_CONTINUE);
628 vmexit_mtrap(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
631 assert(vmexit->inst_length == 0);
633 stats.vmexit_mtrap++;
635 return (VMEXIT_CONTINUE);
639 vmexit_inst_emul(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
644 stats.vmexit_inst_emul++;
646 vie = &vmexit->u.inst_emul.vie;
647 err = emulate_mem(ctx, *pvcpu, vmexit->u.inst_emul.gpa,
648 vie, &vmexit->u.inst_emul.paging);
652 fprintf(stderr, "Unhandled memory access to 0x%lx\n",
653 vmexit->u.inst_emul.gpa);
656 fprintf(stderr, "Failed to emulate instruction [");
657 for (i = 0; i < vie->num_valid; i++) {
658 fprintf(stderr, "0x%02x%s", vie->inst[i],
659 i != (vie->num_valid - 1) ? " " : "");
661 fprintf(stderr, "] at 0x%lx\n", vmexit->rip);
662 return (VMEXIT_ABORT);
665 return (VMEXIT_CONTINUE);
668 static pthread_mutex_t resetcpu_mtx = PTHREAD_MUTEX_INITIALIZER;
669 static pthread_cond_t resetcpu_cond = PTHREAD_COND_INITIALIZER;
672 vmexit_suspend(struct vmctx *ctx, struct vm_exit *vmexit, int *pvcpu)
674 enum vm_suspend_how how;
676 how = vmexit->u.suspended.how;
678 fbsdrun_deletecpu(ctx, *pvcpu);
681 pthread_mutex_lock(&resetcpu_mtx);
682 pthread_cond_signal(&resetcpu_cond);
683 pthread_mutex_unlock(&resetcpu_mtx);
687 pthread_mutex_lock(&resetcpu_mtx);
688 while (!CPU_EMPTY(&cpumask)) {
689 pthread_cond_wait(&resetcpu_cond, &resetcpu_mtx);
691 pthread_mutex_unlock(&resetcpu_mtx);
694 case VM_SUSPEND_RESET:
696 case VM_SUSPEND_POWEROFF:
698 case VM_SUSPEND_HALT:
700 case VM_SUSPEND_TRIPLEFAULT:
703 fprintf(stderr, "vmexit_suspend: invalid reason %d\n", how);
706 return (0); /* NOTREACHED */
709 static vmexit_handler_t handler[VM_EXITCODE_MAX] = {
710 [VM_EXITCODE_INOUT] = vmexit_inout,
711 [VM_EXITCODE_INOUT_STR] = vmexit_inout,
712 [VM_EXITCODE_VMX] = vmexit_vmx,
713 [VM_EXITCODE_SVM] = vmexit_svm,
714 [VM_EXITCODE_BOGUS] = vmexit_bogus,
715 [VM_EXITCODE_REQIDLE] = vmexit_reqidle,
716 [VM_EXITCODE_RDMSR] = vmexit_rdmsr,
717 [VM_EXITCODE_WRMSR] = vmexit_wrmsr,
718 [VM_EXITCODE_MTRAP] = vmexit_mtrap,
719 [VM_EXITCODE_INST_EMUL] = vmexit_inst_emul,
720 [VM_EXITCODE_SPINUP_AP] = vmexit_spinup_ap,
721 [VM_EXITCODE_SUSPENDED] = vmexit_suspend,
722 [VM_EXITCODE_TASK_SWITCH] = vmexit_task_switch,
726 vm_loop(struct vmctx *ctx, int vcpu, uint64_t startrip)
729 enum vm_exitcode exitcode;
730 cpuset_t active_cpus;
732 if (vcpumap[vcpu] != NULL) {
733 error = pthread_setaffinity_np(pthread_self(),
734 sizeof(cpuset_t), vcpumap[vcpu]);
738 error = vm_active_cpus(ctx, &active_cpus);
739 assert(CPU_ISSET(vcpu, &active_cpus));
741 error = vm_set_register(ctx, vcpu, VM_REG_GUEST_RIP, startrip);
745 error = vm_run(ctx, vcpu, &vmexit[vcpu]);
749 exitcode = vmexit[vcpu].exitcode;
750 if (exitcode >= VM_EXITCODE_MAX || handler[exitcode] == NULL) {
751 fprintf(stderr, "vm_loop: unexpected exitcode 0x%x\n",
756 rc = (*handler[exitcode])(ctx, &vmexit[vcpu], &vcpu);
759 case VMEXIT_CONTINUE:
767 fprintf(stderr, "vm_run error %d, errno %d\n", error, errno);
771 num_vcpus_allowed(struct vmctx *ctx)
775 error = vm_get_capability(ctx, BSP, VM_CAP_UNRESTRICTED_GUEST, &tmp);
778 * The guest is allowed to spinup more than one processor only if the
779 * UNRESTRICTED_GUEST capability is available.
788 fbsdrun_set_capabilities(struct vmctx *ctx, int cpu)
792 if (fbsdrun_vmexit_on_hlt()) {
793 err = vm_get_capability(ctx, cpu, VM_CAP_HALT_EXIT, &tmp);
795 fprintf(stderr, "VM exit on HLT not supported\n");
798 vm_set_capability(ctx, cpu, VM_CAP_HALT_EXIT, 1);
800 handler[VM_EXITCODE_HLT] = vmexit_hlt;
803 if (fbsdrun_vmexit_on_pause()) {
805 * pause exit support required for this mode
807 err = vm_get_capability(ctx, cpu, VM_CAP_PAUSE_EXIT, &tmp);
810 "SMP mux requested, no pause support\n");
813 vm_set_capability(ctx, cpu, VM_CAP_PAUSE_EXIT, 1);
815 handler[VM_EXITCODE_PAUSE] = vmexit_pause;
819 err = vm_set_x2apic_state(ctx, cpu, X2APIC_ENABLED);
821 err = vm_set_x2apic_state(ctx, cpu, X2APIC_DISABLED);
824 fprintf(stderr, "Unable to set x2apic state (%d)\n", err);
828 vm_set_capability(ctx, cpu, VM_CAP_ENABLE_INVPCID, 1);
831 static struct vmctx *
832 do_open(const char *vmname)
836 bool reinit, romboot;
837 #ifndef WITHOUT_CAPSICUM
839 const cap_ioctl_t *cmds;
843 reinit = romboot = false;
848 error = vm_create(vmname);
850 if (errno == EEXIST) {
855 * The virtual machine has been setup by the
856 * userspace bootloader.
866 * If the virtual machine was just created then a
867 * bootrom must be configured to boot it.
869 fprintf(stderr, "virtual machine cannot be booted\n");
874 ctx = vm_open(vmname);
880 #ifndef WITHOUT_CAPSICUM
881 cap_rights_init(&rights, CAP_IOCTL, CAP_MMAP_RW);
882 if (cap_rights_limit(vm_get_device_fd(ctx), &rights) == -1 &&
884 errx(EX_OSERR, "Unable to apply rights for sandbox");
885 vm_get_ioctls(&ncmds);
886 cmds = vm_get_ioctls(NULL);
888 errx(EX_OSERR, "out of memory");
889 if (cap_ioctls_limit(vm_get_device_fd(ctx), cmds, ncmds) == -1 &&
891 errx(EX_OSERR, "Unable to apply rights for sandbox");
892 free((cap_ioctl_t *)cmds);
896 error = vm_reinit(ctx);
906 main(int argc, char *argv[])
908 int c, error, gdb_port, err, bvmcons;
909 int max_vcpus, mptgen, memflags;
917 progname = basename(argv[0]);
925 optstr = "abehuwxACHIPSWYp:g:c:s:m:l:U:";
926 while ((c = getopt(argc, argv, optstr)) != -1) {
938 if (pincpu_parse(optarg) != 0) {
939 errx(EX_USAGE, "invalid vcpu pinning "
940 "configuration '%s'", optarg);
944 guest_ncpus = atoi(optarg);
947 memflags |= VM_MEM_F_INCORE;
950 gdb_port = atoi(optarg);
953 if (lpc_device_parse(optarg) != 0) {
954 errx(EX_USAGE, "invalid lpc device "
955 "configuration '%s'", optarg);
959 if (pci_parse_slot(optarg) != 0)
964 memflags |= VM_MEM_F_WIRED;
967 error = vm_parse_memsize(optarg, &memsize);
969 errx(EX_USAGE, "invalid memsize '%s'", optarg);
972 guest_vmexit_on_hlt = 1;
976 * The "-I" option was used to add an ioapic to the
979 * An ioapic is now provided unconditionally for each
980 * virtual machine and this option is now deprecated.
984 guest_vmexit_on_pause = 1;
993 guest_uuid_str = optarg;
1020 ctx = do_open(vmname);
1022 if (guest_ncpus < 1) {
1023 fprintf(stderr, "Invalid guest vCPUs (%d)\n", guest_ncpus);
1027 max_vcpus = num_vcpus_allowed(ctx);
1028 if (guest_ncpus > max_vcpus) {
1029 fprintf(stderr, "%d vCPUs requested but only %d available\n",
1030 guest_ncpus, max_vcpus);
1034 fbsdrun_set_capabilities(ctx, BSP);
1036 vm_set_memflags(ctx, memflags);
1037 err = vm_setup_memory(ctx, memsize, VM_MMAP_ALL);
1039 fprintf(stderr, "Unable to setup memory (%d)\n", errno);
1045 fprintf(stderr, "init_msr error %d", error);
1055 rtc_init(ctx, rtc_localtime);
1059 * Exit if a device emulation finds an error in it's initilization
1061 if (init_pci(ctx) != 0) {
1062 perror("device emulation initialization error");
1067 init_dbgport(gdb_port);
1072 if (lpc_bootrom()) {
1073 if (vm_set_capability(ctx, BSP, VM_CAP_UNRESTRICTED_GUEST, 1)) {
1074 fprintf(stderr, "ROM boot failed: unrestricted guest "
1075 "capability not available\n");
1078 error = vcpu_reset(ctx, BSP);
1082 error = vm_get_register(ctx, BSP, VM_REG_GUEST_RIP, &rip);
1086 * build the guest tables, MP etc.
1089 error = mptable_build(ctx, guest_ncpus);
1091 perror("error to build the guest tables");
1096 error = smbios_build(ctx);
1100 error = acpi_build(ctx, guest_ncpus);
1108 * Change the proc title to include the VM name.
1110 setproctitle("%s", vmname);
1112 #ifndef WITHOUT_CAPSICUM
1113 bhyve_caph_cache_catpages();
1115 if (bhyve_caph_limit_stdoe() == -1)
1116 errx(EX_OSERR, "Unable to apply rights for sandbox");
1118 if (cap_enter() == -1 && errno != ENOSYS)
1119 errx(EX_OSERR, "cap_enter() failed");
1125 fbsdrun_addcpu(ctx, BSP, BSP, rip);
1128 * Head off to the main event dispatch loop
projects / FreeBSD / FreeBSD.git / blob