1 #ifndef __ASM_MSR_H
2 #define __ASM_MSR_H
3
4 #include "msr-index.h"
5
6 #include <xen/types.h>
7 #include <xen/percpu.h>
8 #include <xen/errno.h>
9
10 #include <xen/lib/x86/msr.h>
11
12 #include <asm/asm_defns.h>
13 #include <asm/cpufeature.h>
14 #include <asm/processor.h>
15
16 #define rdmsr(msr,val1,val2) \
17 __asm__ __volatile__("rdmsr" \
18 : "=a" (val1), "=d" (val2) \
19 : "c" (msr))
20
21 #define rdmsrl(msr,val) do { unsigned long a__,b__; \
22 __asm__ __volatile__("rdmsr" \
23 : "=a" (a__), "=d" (b__) \
24 : "c" (msr)); \
25 val = a__ | ((u64)b__<<32); \
26 } while(0)
27
28 #define wrmsr(msr,val1,val2) \
29 __asm__ __volatile__("wrmsr" \
30 : /* no outputs */ \
31 : "c" (msr), "a" (val1), "d" (val2))
32
wrmsrl(unsigned int msr,__u64 val)33 static inline void wrmsrl(unsigned int msr, __u64 val)
34 {
35 __u32 lo, hi;
36 lo = (__u32)val;
37 hi = (__u32)(val >> 32);
38 wrmsr(msr, lo, hi);
39 }
40
41 /* rdmsr with exception handling */
42 #define rdmsr_safe(msr,val) ({\
43 int rc_; \
44 uint32_t lo_, hi_; \
45 __asm__ __volatile__( \
46 "1: rdmsr\n2:\n" \
47 ".section .fixup,\"ax\"\n" \
48 "3: xorl %0,%0\n; xorl %1,%1\n" \
49 " movl %5,%2\n; jmp 2b\n" \
50 ".previous\n" \
51 _ASM_EXTABLE(1b, 3b) \
52 : "=a" (lo_), "=d" (hi_), "=&r" (rc_) \
53 : "c" (msr), "2" (0), "i" (-EFAULT)); \
54 val = lo_ | ((uint64_t)hi_ << 32); \
55 rc_; })
56
57 /* wrmsr with exception handling */
wrmsr_safe(unsigned int msr,uint64_t val)58 static inline int wrmsr_safe(unsigned int msr, uint64_t val)
59 {
60 int rc;
61 uint32_t lo, hi;
62 lo = (uint32_t)val;
63 hi = (uint32_t)(val >> 32);
64
65 __asm__ __volatile__(
66 "1: wrmsr\n2:\n"
67 ".section .fixup,\"ax\"\n"
68 "3: movl %5,%0\n; jmp 2b\n"
69 ".previous\n"
70 _ASM_EXTABLE(1b, 3b)
71 : "=&r" (rc)
72 : "c" (msr), "a" (lo), "d" (hi), "0" (0), "i" (-EFAULT));
73 return rc;
74 }
75
msr_fold(const struct cpu_user_regs * regs)76 static inline uint64_t msr_fold(const struct cpu_user_regs *regs)
77 {
78 return (regs->rdx << 32) | regs->eax;
79 }
80
msr_split(struct cpu_user_regs * regs,uint64_t val)81 static inline void msr_split(struct cpu_user_regs *regs, uint64_t val)
82 {
83 regs->rdx = val >> 32;
84 regs->rax = (uint32_t)val;
85 }
86
rdtsc(void)87 static inline uint64_t rdtsc(void)
88 {
89 uint32_t low, high;
90
91 __asm__ __volatile__("rdtsc" : "=a" (low), "=d" (high));
92
93 return ((uint64_t)high << 32) | low;
94 }
95
rdtsc_ordered(void)96 static inline uint64_t rdtsc_ordered(void)
97 {
98 /*
99 * The RDTSC instruction is not ordered relative to memory access.
100 * The Intel SDM and the AMD APM are both vague on this point, but
101 * empirically an RDTSC instruction can be speculatively executed
102 * before prior loads. An RDTSC immediately after an appropriate
103 * barrier appears to be ordered as a normal load, that is, it
104 * provides the same ordering guarantees as reading from a global
105 * memory location that some other imaginary CPU is updating
106 * continuously with a time stamp.
107 */
108 alternative("lfence", "mfence", X86_FEATURE_MFENCE_RDTSC);
109 return rdtsc();
110 }
111
112 #define __write_tsc(val) wrmsrl(MSR_IA32_TSC, val)
113 #define write_tsc(val) ({ \
114 /* Reliable TSCs are in lockstep across all CPUs. We should \
115 * never write to them. */ \
116 ASSERT(!boot_cpu_has(X86_FEATURE_TSC_RELIABLE)); \
117 __write_tsc(val); \
118 })
119
120 #define rdpmc(counter,low,high) \
121 __asm__ __volatile__("rdpmc" \
122 : "=a" (low), "=d" (high) \
123 : "c" (counter))
124
125 /*
126 * On hardware supporting FSGSBASE, the value loaded into hardware is the
127 * guest kernel's choice for 64bit PV guests (Xen's choice for Idle, HVM and
128 * 32bit PV).
129 *
130 * Therefore, the {RD,WR}{FS,GS}BASE instructions are only safe to use if
131 * %cr4.fsgsbase is set.
132 */
__rdfsbase(void)133 static inline unsigned long __rdfsbase(void)
134 {
135 unsigned long base;
136
137 #ifdef HAVE_AS_FSGSBASE
138 asm volatile ( "rdfsbase %0" : "=r" (base) );
139 #else
140 asm volatile ( ".byte 0xf3, 0x48, 0x0f, 0xae, 0xc0" : "=a" (base) );
141 #endif
142
143 return base;
144 }
145
__rdgsbase(void)146 static inline unsigned long __rdgsbase(void)
147 {
148 unsigned long base;
149
150 #ifdef HAVE_AS_FSGSBASE
151 asm volatile ( "rdgsbase %0" : "=r" (base) );
152 #else
153 asm volatile ( ".byte 0xf3, 0x48, 0x0f, 0xae, 0xc8" : "=a" (base) );
154 #endif
155
156 return base;
157 }
158
rdfsbase(void)159 static inline unsigned long rdfsbase(void)
160 {
161 unsigned long base;
162
163 if ( read_cr4() & X86_CR4_FSGSBASE )
164 return __rdfsbase();
165
166 rdmsrl(MSR_FS_BASE, base);
167
168 return base;
169 }
170
rdgsbase(void)171 static inline unsigned long rdgsbase(void)
172 {
173 unsigned long base;
174
175 if ( read_cr4() & X86_CR4_FSGSBASE )
176 return __rdgsbase();
177
178 rdmsrl(MSR_GS_BASE, base);
179
180 return base;
181 }
182
rdgsshadow(void)183 static inline unsigned long rdgsshadow(void)
184 {
185 unsigned long base;
186
187 if ( read_cr4() & X86_CR4_FSGSBASE )
188 {
189 asm volatile ( "swapgs" );
190 base = __rdgsbase();
191 asm volatile ( "swapgs" );
192 }
193 else
194 rdmsrl(MSR_SHADOW_GS_BASE, base);
195
196 return base;
197 }
198
wrfsbase(unsigned long base)199 static inline void wrfsbase(unsigned long base)
200 {
201 if ( read_cr4() & X86_CR4_FSGSBASE )
202 #ifdef HAVE_AS_FSGSBASE
203 asm volatile ( "wrfsbase %0" :: "r" (base) );
204 #else
205 asm volatile ( ".byte 0xf3, 0x48, 0x0f, 0xae, 0xd0" :: "a" (base) );
206 #endif
207 else
208 wrmsrl(MSR_FS_BASE, base);
209 }
210
wrgsbase(unsigned long base)211 static inline void wrgsbase(unsigned long base)
212 {
213 if ( read_cr4() & X86_CR4_FSGSBASE )
214 #ifdef HAVE_AS_FSGSBASE
215 asm volatile ( "wrgsbase %0" :: "r" (base) );
216 #else
217 asm volatile ( ".byte 0xf3, 0x48, 0x0f, 0xae, 0xd8" :: "a" (base) );
218 #endif
219 else
220 wrmsrl(MSR_GS_BASE, base);
221 }
222
wrgsshadow(unsigned long base)223 static inline void wrgsshadow(unsigned long base)
224 {
225 if ( read_cr4() & X86_CR4_FSGSBASE )
226 {
227 asm volatile ( "swapgs\n\t"
228 #ifdef HAVE_AS_FSGSBASE
229 "wrgsbase %0\n\t"
230 "swapgs"
231 :: "r" (base) );
232 #else
233 ".byte 0xf3, 0x48, 0x0f, 0xae, 0xd8\n\t"
234 "swapgs"
235 :: "a" (base) );
236 #endif
237 }
238 else
239 wrmsrl(MSR_SHADOW_GS_BASE, base);
240 }
241
242 DECLARE_PER_CPU(uint64_t, efer);
read_efer(void)243 static inline uint64_t read_efer(void)
244 {
245 return this_cpu(efer);
246 }
247
write_efer(uint64_t val)248 static inline void write_efer(uint64_t val)
249 {
250 this_cpu(efer) = val;
251 wrmsrl(MSR_EFER, val);
252 }
253
254 extern unsigned int ler_msr;
255
256 DECLARE_PER_CPU(uint32_t, tsc_aux);
257
258 /* Lazy update of MSR_TSC_AUX */
wrmsr_tsc_aux(uint32_t val)259 static inline void wrmsr_tsc_aux(uint32_t val)
260 {
261 uint32_t *this_tsc_aux = &this_cpu(tsc_aux);
262
263 if ( *this_tsc_aux != val )
264 {
265 wrmsr(MSR_TSC_AUX, val, 0);
266 *this_tsc_aux = val;
267 }
268 }
269
270 extern struct msr_policy raw_msr_policy,
271 host_msr_policy,
272 pv_max_msr_policy,
273 pv_def_msr_policy,
274 hvm_max_msr_policy,
275 hvm_def_msr_policy;
276
277 /* Container object for per-vCPU MSRs */
278 struct vcpu_msrs
279 {
280 /* 0x00000048 - MSR_SPEC_CTRL */
281 struct {
282 uint32_t raw;
283 } spec_ctrl;
284
285 /*
286 * 0x00000140 - MSR_INTEL_MISC_FEATURES_ENABLES
287 *
288 * This MSR is non-architectural, but for simplicy we allow it to be read
289 * unconditionally. The CPUID Faulting bit is the only writeable bit, and
290 * only if enumerated by MSR_PLATFORM_INFO.
291 */
292 union {
293 uint32_t raw;
294 struct {
295 bool cpuid_faulting:1;
296 };
297 } misc_features_enables;
298
299 /* 0x00000da0 - MSR_IA32_XSS */
300 struct {
301 uint64_t raw;
302 } xss;
303
304 /*
305 * 0xc0000103 - MSR_TSC_AUX
306 *
307 * Value is guest chosen, and always loaded in vcpu context. Guests have
308 * no direct MSR access, and the value is accessible to userspace with the
309 * RDTSCP and RDPID instructions.
310 */
311 uint32_t tsc_aux;
312
313 /*
314 * 0xc00110{27,19-1b} MSR_AMD64_DR{0-3}_ADDRESS_MASK
315 *
316 * Loaded into hardware for guests which have active %dr7 settings.
317 * Furthermore, HVM guests are offered direct access, meaning that the
318 * values here may be stale in current context.
319 */
320 uint32_t dr_mask[4];
321 };
322
323 void init_guest_msr_policy(void);
324 int init_domain_msr_policy(struct domain *d);
325 int init_vcpu_msr_policy(struct vcpu *v);
326
327 /*
328 * Below functions can return X86EMUL_UNHANDLEABLE which means that MSR is
329 * not (yet) handled by it and must be processed by legacy handlers. Such
330 * behaviour is needed for transition period until all rd/wrmsr are handled
331 * by the new MSR infrastructure.
332 *
333 * These functions are also used by the migration logic, so need to cope with
334 * being used outside of v's context.
335 */
336 int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val);
337 int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val);
338
339 #endif /* __ASM_MSR_H */
340