Step 6-1: virtualize serial port I/O

Author: equation314

hypervisor/src/arch/x86_64/uart16550.rs

@@ -87,7 +87,6 @@ pub fn console_putchar(c: u8) {
     COM1.lock().putchar(c);
 }
 
-#[allow(dead_code)]
 pub fn console_getchar() -> Option<u8> {
     COM1.lock().getchar()
 }

hypervisor/src/hv/device_emu/i8259_pic.rs

@@ -0,0 +1,28 @@
+//! Emulated Intel 8259 Programmable Interrupt Controller. (ref: https://wiki.osdev.org/8259_PIC)
+
+use super::PortIoDevice;
+use rvm::{RvmError, RvmResult};
+
+pub struct I8259Pic {
+    port_base: u16,
+}
+
+impl PortIoDevice for I8259Pic {
+    fn port_range(&self) -> core::ops::Range<u16> {
+        self.port_base..self.port_base + 2
+    }
+
+    fn read(&self, _port: u16, _access_size: u8) -> RvmResult<u32> {
+        Err(RvmError::Unsupported) // report error for read
+    }
+
+    fn write(&self, _port: u16, _access_size: u8, _value: u32) -> RvmResult {
+        Ok(()) // ignore write
+    }
+}
+
+impl I8259Pic {
+    pub const fn new(port_base: u16) -> Self {
+        Self { port_base }
+    }
+}

hypervisor/src/hv/device_emu/mod.rs

@@ -0,0 +1,36 @@
+mod i8259_pic;
+mod uart16550;
+
+use alloc::{sync::Arc, vec, vec::Vec};
+
+pub trait PortIoDevice: Send + Sync {
+    fn port_range(&self) -> core::ops::Range<u16>;
+    fn read(&self, port: u16, access_size: u8) -> rvm::RvmResult<u32>;
+    fn write(&self, port: u16, access_size: u8, value: u32) -> rvm::RvmResult;
+}
+
+pub struct VirtDeviceList {
+    port_io_devices: Vec<Arc<dyn PortIoDevice>>,
+}
+
+impl VirtDeviceList {
+    pub fn find_port_io_device(&self, port: u16) -> Option<&Arc<dyn PortIoDevice>> {
+        self.port_io_devices
+            .iter()
+            .find(|dev| dev.port_range().contains(&port))
+    }
+}
+
+lazy_static::lazy_static! {
+    static ref VIRT_DEVICES : VirtDeviceList = VirtDeviceList {
+        port_io_devices: vec![
+            Arc::new(uart16550::Uart16550::new(0x3f8)), // COM1
+            Arc::new(i8259_pic::I8259Pic::new(0x20)), // PIC1
+            Arc::new(i8259_pic::I8259Pic::new(0xA0)), // PIC2
+        ],
+    };
+}
+
+pub fn all_virt_devices() -> &'static VirtDeviceList {
+    &VIRT_DEVICES
+}

hypervisor/src/hv/device_emu/uart16550.rs

@@ -0,0 +1,143 @@
+//! Emulated UART 16550. (ref: https://wiki.osdev.org/Serial_Ports)
+
+use super::PortIoDevice;
+use crate::arch::uart;
+
+use rvm::{RvmError, RvmResult};
+use spin::Mutex;
+
+const DATA_REG: u16 = 0;
+const INT_EN_REG: u16 = 1;
+const FIFO_CTRL_REG: u16 = 2;
+const LINE_CTRL_REG: u16 = 3;
+const MODEM_CTRL_REG: u16 = 4;
+const LINE_STATUS_REG: u16 = 5;
+const MODEM_STATUS_REG: u16 = 6;
+const SCRATCH_REG: u16 = 7;
+
+const UART_FIFO_CAPACITY: usize = 16;
+
+bitflags::bitflags! {
+    /// Line status flags
+    struct LineStsFlags: u8 {
+        const INPUT_FULL = 1;
+        // 1 to 4 unknown
+        const OUTPUT_EMPTY = 1 << 5;
+        // 6 and 7 unknown
+    }
+}
+
+/// FIFO queue for caching bytes read.
+struct Fifo<const CAP: usize> {
+    buf: [u8; CAP],
+    head: usize,
+    num: usize,
+}
+
+impl<const CAP: usize> Fifo<CAP> {
+    const fn new() -> Self {
+        Self {
+            buf: [0; CAP],
+            head: 0,
+            num: 0,
+        }
+    }
+
+    fn is_empty(&self) -> bool {
+        self.num == 0
+    }
+
+    fn is_full(&self) -> bool {
+        self.num == CAP
+    }
+
+    fn push(&mut self, value: u8) {
+        assert!(self.num < CAP);
+        self.buf[(self.head + self.num) % CAP] = value;
+        self.num += 1;
+    }
+
+    fn pop(&mut self) -> u8 {
+        assert!(self.num > 0);
+        let ret = self.buf[self.head];
+        self.head += 1;
+        self.head %= CAP;
+        self.num -= 1;
+        ret
+    }
+}
+
+pub struct Uart16550 {
+    port_base: u16,
+    fifo: Mutex<Fifo<UART_FIFO_CAPACITY>>,
+}
+
+impl PortIoDevice for Uart16550 {
+    fn port_range(&self) -> core::ops::Range<u16> {
+        self.port_base..self.port_base + 8
+    }
+
+    fn read(&self, port: u16, access_size: u8) -> RvmResult<u32> {
+        if access_size != 1 {
+            error!("Invalid serial port I/O read size: {} != 1", access_size);
+            return Err(RvmError::InvalidParam);
+        }
+        let ret = match port - self.port_base {
+            DATA_REG => {
+                // read a byte from FIFO
+                let mut fifo = self.fifo.lock();
+                if fifo.is_empty() {
+                    0
+                } else {
+                    fifo.pop()
+                }
+            }
+            LINE_STATUS_REG => {
+                // check if the physical serial port has an available byte, and push it to FIFO.
+                let mut fifo = self.fifo.lock();
+                if !fifo.is_full() {
+                    if let Some(c) = uart::console_getchar() {
+                        fifo.push(c);
+                    }
+                }
+                let mut lsr = LineStsFlags::OUTPUT_EMPTY;
+                if !fifo.is_empty() {
+                    lsr |= LineStsFlags::INPUT_FULL;
+                }
+                lsr.bits()
+            }
+            INT_EN_REG | FIFO_CTRL_REG | LINE_CTRL_REG | MODEM_CTRL_REG | MODEM_STATUS_REG
+            | SCRATCH_REG => {
+                info!("Unimplemented serial port I/O read: {:#x}", port); // unimplemented
+                0
+            }
+            _ => unreachable!(),
+        };
+        Ok(ret as u32)
+    }
+
+    fn write(&self, port: u16, access_size: u8, value: u32) -> RvmResult {
+        if access_size != 1 {
+            error!("Invalid serial port I/O write size: {} != 1", access_size);
+            return Err(RvmError::InvalidParam);
+        }
+        match port - self.port_base {
+            DATA_REG => uart::console_putchar(value as u8),
+            INT_EN_REG | FIFO_CTRL_REG | LINE_CTRL_REG | MODEM_CTRL_REG | SCRATCH_REG => {
+                info!("Unimplemented serial port I/O write: {:#x}", port); // unimplemented
+            }
+            LINE_STATUS_REG => {} // ignore
+            _ => unreachable!(),
+        }
+        Ok(())
+    }
+}
+
+impl Uart16550 {
+    pub const fn new(port_base: u16) -> Self {
+        Self {
+            port_base,
+            fifo: Mutex::new(Fifo::new()),
+        }
+    }
+}

hypervisor/src/hv/mod.rs

@@ -1,3 +1,4 @@
+mod device_emu;
 mod gconfig;
 mod gpm;
 mod hal;

hypervisor/src/hv/vmexit.rs

@@ -1,6 +1,7 @@
+use super::device_emu;
 use super::hal::RvmHalImpl;
-use rvm::arch::VmxExitReason;
-use rvm::{RvmResult, RvmVcpu};
+use rvm::arch::{VmxExitInfo, VmxExitReason};
+use rvm::{RvmError, RvmResult, RvmVcpu};
 
 type Vcpu = RvmVcpu<RvmHalImpl>;
 
@@ -65,6 +66,58 @@ fn handle_hypercall(vcpu: &mut Vcpu) -> RvmResult {
     Ok(())
 }
 
+fn handle_io_instruction(vcpu: &mut Vcpu, exit_info: &VmxExitInfo) -> RvmResult {
+    let io_info = vcpu.io_exit_info()?;
+    trace!(
+        "VM exit: I/O instruction @ {:#x}: {:#x?}",
+        exit_info.guest_rip,
+        io_info,
+    );
+    if io_info.is_string {
+        error!("INS/OUTS instructions are not supported!");
+        return Err(RvmError::Unsupported);
+    }
+    if io_info.is_repeat {
+        error!("REP prefixed I/O instructions are not supported!");
+        return Err(RvmError::Unsupported);
+    }
+
+    if let Some(dev) = device_emu::all_virt_devices().find_port_io_device(io_info.port) {
+        if io_info.is_in {
+            let value = dev.read(io_info.port, io_info.access_size)?;
+            let rax = &mut vcpu.regs_mut().rax;
+            // SDM Vol. 1, Section 3.4.1.1:
+            // * 32-bit operands generate a 32-bit result, zero-extended to a 64-bit result in the
+            //   destination general-purpose register.
+            // * 8-bit and 16-bit operands generate an 8-bit or 16-bit result. The upper 56 bits or
+            //   48 bits (respectively) of the destination general-purpose register are not modified
+            //   by the operation.
+            match io_info.access_size {
+                1 => *rax = (*rax & !0xff) | (value & 0xff) as u64,
+                2 => *rax = (*rax & !0xffff) | (value & 0xffff) as u64,
+                4 => *rax = value as u64,
+                _ => unreachable!(),
+            }
+        } else {
+            let rax = vcpu.regs().rax;
+            let value = match io_info.access_size {
+                1 => rax & 0xff,
+                2 => rax & 0xffff,
+                4 => rax,
+                _ => unreachable!(),
+            } as u32;
+            dev.write(io_info.port, io_info.access_size, value)?;
+        }
+    } else {
+        panic!(
+            "Unsupported I/O port {:#x} access: {:#x?}",
+            io_info.port, io_info
+        )
+    }
+    vcpu.advance_rip(exit_info.exit_instruction_length as _)?;
+    Ok(())
+}
+
 fn handle_ept_violation(vcpu: &Vcpu, guest_rip: usize) -> RvmResult {
     let fault_info = vcpu.nested_page_fault_info()?;
     panic!(
@@ -84,6 +137,7 @@ pub fn vmexit_handler(vcpu: &mut Vcpu) -> RvmResult {
     let res = match exit_info.exit_reason {
         VmxExitReason::CPUID => handle_cpuid(vcpu),
         VmxExitReason::VMCALL => handle_hypercall(vcpu),
+        VmxExitReason::IO_INSTRUCTION => handle_io_instruction(vcpu, &exit_info),
         VmxExitReason::EPT_VIOLATION => handle_ept_violation(vcpu, exit_info.guest_rip),
         _ => panic!(
             "Unhandled VM-Exit reason {:?}:\n{:#x?}",

rvm/src/arch/x86_64/mod.rs

@@ -7,7 +7,7 @@ cfg_if::cfg_if! {
     if #[cfg(feature = "vmx")] {
         mod vmx;
         use vmx as vender;
-        pub use vmx::{VmxExitInfo, VmxExitReason};
+        pub use vmx::{VmxExitInfo, VmxExitReason, VmxIoExitInfo};
     }
 }
 

rvm/src/arch/x86_64/vmx/mod.rs

@@ -17,7 +17,7 @@ use crate::hal::RvmHal;
 pub use self::definitions::VmxExitReason;
 pub use self::ept::ExtendedPageTable as NestedPageTable;
 pub use self::vcpu::VmxVcpu as RvmVcpu;
-pub use self::vmcs::VmxExitInfo;
+pub use self::vmcs::{VmxExitInfo, VmxIoExitInfo};
 pub use self::VmxPerCpuState as ArchPerCpuState;
 
 pub fn has_hardware_support() -> bool {

rvm/src/arch/x86_64/vmx/vcpu.rs

@@ -55,6 +55,11 @@ impl<H: RvmHal> VmxVcpu<H> {
         vmcs::exit_info()
     }
 
+    /// Information for VM exits due to I/O instructions.
+    pub fn io_exit_info(&self) -> RvmResult<vmcs::VmxIoExitInfo> {
+        vmcs::io_exit_info()
+    }
+
     /// Information for VM exits due to nested page table faults (EPT violation).
     pub fn nested_page_fault_info(&self) -> RvmResult<NestedPageFaultInfo> {
         vmcs::ept_violation_info()
@@ -211,14 +216,15 @@ impl<H: RvmHal> VmxVcpu<H> {
             0,
         )?;
 
-        // Use MSR bitmaps, activate secondary controls,
+        // Intercept all I/O instructions, use MSR bitmaps, activate secondary controls,
         // disable CR3 load/store interception.
         use PrimaryControls as CpuCtrl;
         vmcs::set_control(
             VmcsControl32::PRIMARY_PROCBASED_EXEC_CONTROLS,
             Msr::IA32_VMX_TRUE_PROCBASED_CTLS,
             Msr::IA32_VMX_PROCBASED_CTLS.read() as u32,
-            (CpuCtrl::USE_MSR_BITMAPS | CpuCtrl::SECONDARY_CONTROLS).bits(),
+            (CpuCtrl::UNCOND_IO_EXITING | CpuCtrl::USE_MSR_BITMAPS | CpuCtrl::SECONDARY_CONTROLS)
+                .bits(),
             (CpuCtrl::CR3_LOAD_EXITING | CpuCtrl::CR3_STORE_EXITING).bits(),
         )?;
 
@@ -268,7 +274,7 @@ impl<H: RvmHal> VmxVcpu<H> {
         VmcsControl32::VMEXIT_MSR_LOAD_COUNT.write(0)?;
         VmcsControl32::VMENTRY_MSR_LOAD_COUNT.write(0)?;
 
-        // Pass-through exceptions, I/O instructions, set MSR bitmaps.
+        // Pass-through exceptions, don't use I/O bitmap, set MSR bitmaps.
         VmcsControl32::EXCEPTION_BITMAP.write(0)?;
         VmcsControl64::IO_BITMAP_A_ADDR.write(0)?;
         VmcsControl64::IO_BITMAP_B_ADDR.write(0)?;

rvm/src/arch/x86_64/vmx/vmcs.rs

@@ -490,6 +490,21 @@ pub struct VmxExitInfo {
     pub guest_rip: usize,
 }
 
+/// Exit Qualification for I/O Instructions. (SDM Vol. 3C, Section 27.2.1, Table 27-5)
+#[derive(Debug)]
+pub struct VmxIoExitInfo {
+    /// Size of access.
+    pub access_size: u8,
+    /// Direction of the attempted access (0 = OUT, 1 = IN).
+    pub is_in: bool,
+    /// String instruction (0 = not string; 1 = string).
+    pub is_string: bool,
+    /// REP prefixed (0 = not REP; 1 = REP).
+    pub is_repeat: bool,
+    /// Port number. (as specified in DX or in an immediate operand)
+    pub port: u16,
+}
+
 pub mod controls {
     pub use x86::vmx::vmcs::control::{EntryControls, ExitControls};
     pub use x86::vmx::vmcs::control::{PinbasedControls, PrimaryControls, SecondaryControls};
@@ -564,6 +579,18 @@ pub fn exit_info() -> RvmResult<VmxExitInfo> {
     })
 }
 
+pub fn io_exit_info() -> RvmResult<VmxIoExitInfo> {
+    // SDM Vol. 3C, Section 27.2.1, Table 27-5
+    let qualification = VmcsReadOnlyNW::EXIT_QUALIFICATION.read()?;
+    Ok(VmxIoExitInfo {
+        access_size: qualification.get_bits(0..3) as u8 + 1,
+        is_in: qualification.get_bit(3),
+        is_string: qualification.get_bit(4),
+        is_repeat: qualification.get_bit(5),
+        port: qualification.get_bits(16..32) as u16,
+    })
+}
+
 pub fn ept_violation_info() -> RvmResult<NestedPageFaultInfo> {
     // SDM Vol. 3C, Section 27.2.1, Table 27-7
     let qualification = VmcsReadOnlyNW::EXIT_QUALIFICATION.read()?;