| Age | Commit message (Collapse) | Author |
|---|
|
This change fixes warnings seen with code analysis on VS2017 and
typo. Also, excludes a .VC.db file.
|
|
1) On failures after vmxon, but before vmxlaunch, make sure to vmxoff.
2) On failure to initialize hypervisor, don't return SHV_STATUS_SUCCESS
ultimately. This was going to get caught later by the hypervisor CPUID
bit not being present, but this helps debugging.
3) Hypervisor should be an EFI driver (and runtime driver actually somee
day), not EFI application
4) Fix ShvOsFreeContiguousAlignedMemory to use pages, not bytes.
|
|
when leaf is invalid!
To address this, return a magic value in RCX so we can be sure that
RAX:RBX are trustworthy and contain VP_DATA.
|
|
|
|
|
|
Fix memory leak in ShvVpLoadCallback. There is a flow (when ShvVpInitialize is failed) that the per-processor data is not freed before the goto Failure and return. Of-course, we can't free it in the Failure, since we need to distinguish between different flows of failures (fail to allocate, fail to initialize, hypervisor not present) So just keep freeing it anytime we fail for some reason (just as when our hypervisor is not present on line 275).
Thanks :)
|
|
|
|
Refactoring. Reject NULL/LDT selectors when building VMCS.
Support systems without 1GB HugePage EPT support (such as Vmware) by
simply not enabling EPT for the.
Refactor header files and some definitions again to support non-NT.
Deallocation routines on some platform need to have a size. Refactor
alloc and free so this is easy to maintain portably.
Make ShvVmxLaunchOnVpreturn a status code instead of VOID, so we can
actually know if launch failed instead of just relying on CPUID (which,
if the hypervisor was already loaded, misidentified that a second load
failed, and instead assumed success).
Refactor the launch/off-on-failure code into a ShvVmxLaunch routine.
Fix some comments to reflect the new portability layer/refactoring.
Factor out OS-specific load/unload logic
(ShvOsPrepareProcessor/ShvOsUnprepareProcessor)
Fix ShvUtilConvertGdtEntry to reject selectors with the TI bit set, or
NULL selectors, and correctly mark them as unusable.
|
|
Fix the last few stragglers.
|
|
|
|
If SimpleVisor got unloaded, __cpuidex might not return valid data in
EAX:EBX. Handle this case.
|
|
SimpleVisor no longer builds with NT headers -- instead, ntint.h
provides the necessary NT"isms" and compiler definitions.
Create a bridge header (shv_x.h) between the OS layer and SimpleVisor
layer.
ShvOs.c builds with the NT Headers, and don't use ntint.h, importing
only shv_x.h
|
|
Separate Load vs Unload callback. Misc. portability fixes.
Create a layer of OS-specific functions to handle the various
requirements around memory allocation, context save/restore,
entrypoint/unloadpoint, and multi-CPU execution and topology
information. SimpleVisor no longer uses NT-specific functions (some
structures and types still remain).
Additionally, the hypervisor should not know that "NT" is running
underneath, so it has no business touching the IRQL. As we won't call
Windows functions, and as interrupts are disabled, this doesn't 'change'
anything and is correct.
Don't use the same callback for load and unload. We can make unload its
own callback now, as we've separated out the DPC-specific logic. This
makes the load callback cleaner as well.
Remove NT_ASSERTS which don't work anyway, and use portable
definitions/types when possible (more to do here).
Return the failed CPU and status in all cases during load. Sometimes
this wasn't done before.
|
|
|
|
This allows us to now free the data for each processor, by returning its
pointer through the CPUID interface.
|
|
Each routine knew exactly how to get its VP Data except the
post-launch-guest-resumer. We now run it on the hypervisor stack (which
shouldn't matter -- because it uses no stack variables other than the
home space), which means it can essentially "containing record" its VP
data based on it.
|
|
|
|
We no longer need the VmxEnabled flag and confusing logic around it.
|
|
|
|
Freeing the data on unload seems to cause a hang. WIP investigation.
The old way we OR'ed the InitMask was both prone to racing and causing
incorrect failure codes, as well as was limited by 64 processors.
|
|
|
|
|
|
Each processor now allocates its own node-local memory, instead of
relying on a single global array on an arbitrary node. This should help
performance on NUMA system.
Additionally, each processor now checks its own VMX status, and reports
back its unique VMX initialization, isntead of assuming all CPUs
initialized or all failed. A mask is used to report which CPUs did not
initialize, and a failure status can now be returned.
|
|
The MSR Bitmap and EPML4/EPDPTEs were allocated globally, with each LP's
VMCS pointing to the same physical address. Make things simpler and more
efficient (especially if we take advantage of NUMA) by giving each
LP/VMCS its own MSR Bitmap and EPT structures. The intent here is not to
de-synchronize this data, as we have no exits which would cause either
of these structures to change and require synchronization.
|
|
misc. cleanups
SimpleVisor was previously using the presence of *ANY* hypervisor as a
sign that it is already loaded. This breaks if the loaded hypervisor
actually supports nesting and/or isn't SimpleVisor. As such, always try
to enable SimpleVisor -- ShvVmxProbe will fail if we can't, and detect
SimpleVisor explicitly using the Hyper-V Detection Interface (used by
all hypervisors these days).
Second, stop using KeSaveStateForHibernate. While it saved us the need
for two more assembly instructions (str/sldt), it appears to have bugs
around handling of DebugControl, on top of the other bugs we already had
to work around. Instead, just use compiler instrincs to grab the
required state, which is faster anyway.
Move Intel VT-x specific structures into vmx.h instead of shv.h
|
|
|
|
Begin refactoring and commenting efforts.
|
