Step 6-2: virtualize APIC timer

Author: equation314

README.md

@@ -2,6 +2,16 @@
 
 Let's write an x86 hypervisor in Rust from scratch!
 
+## Features
+
+* Lightweight enough, only 3K+ LoC
+* Supported guest OS: [NimbOS](https://github.com/equation314/nimbos)
+* Guest/host memory isolation with nested paging
+* Device emulation:
+    + serial port I/O
+    + APIC timer
+* Currently, only supports single core single vCPU and single guest
+
 ## Install Build Dependencies
 
 Install [cargo-binutils](https://github.com/rust-embedded/cargo-binutils) to use `rust-objcopy` and `rust-objdump` tools:
@@ -70,3 +80,7 @@ build_mode = release
 log_level = warn
 ......
 ```
+
+## Documents
+
+* [in Chinese](https://github.com/equation314/RVM-Tutorial/wiki)

hypervisor/src/hv/device_emu/lapic.rs

@@ -0,0 +1,94 @@
+//! Emulated Local APIC. (SDM Vol. 3A, Chapter 10)
+
+#![allow(dead_code)]
+
+use rvm::{RvmError, RvmResult, RvmVcpu};
+
+type Vcpu = RvmVcpu<crate::hv::hal::RvmHalImpl>;
+
+/// ID register.
+const APICID: u32 = 0x2;
+/// Version register.
+const VERSION: u32 = 0x3;
+/// EOI register.
+const EOI: u32 = 0xB;
+/// Logical Destination Register.
+const LDR: u32 = 0xD;
+/// Spurious Interrupt Vector register.
+const SIVR: u32 = 0xF;
+/// Interrupt Command register.
+const ICR: u32 = 0x30;
+/// LVT Timer Interrupt register.
+const LVT_TIMER: u32 = 0x32;
+/// LVT Thermal Sensor Interrupt register.
+const LVT_THERMAL: u32 = 0x33;
+/// LVT Performance Monitor register.
+const LVT_PMI: u32 = 0x34;
+/// LVT LINT0 register.
+const LVT_LINT0: u32 = 0x35;
+/// LVT LINT1 register.
+const LVT_LINT1: u32 = 0x36;
+/// LVT Error register.
+const LVT_ERR: u32 = 0x37;
+///  Initial Count register.
+const INIT_COUNT: u32 = 0x38;
+/// Current Count register.
+const CUR_COUNT: u32 = 0x39;
+/// Divide Configuration register.
+const DIV_CONF: u32 = 0x3E;
+
+pub struct VirtLocalApic;
+
+impl VirtLocalApic {
+    pub const fn msr_range() -> core::ops::Range<u32> {
+        0x800..0x840
+    }
+
+    pub fn rdmsr(vcpu: &mut Vcpu, msr: u32) -> RvmResult<u64> {
+        Self::read(vcpu, msr - 0x800)
+    }
+
+    pub fn wrmsr(vcpu: &mut Vcpu, msr: u32, value: u64) -> RvmResult {
+        Self::write(vcpu, msr - 0x800, value)
+    }
+}
+
+impl VirtLocalApic {
+    fn read(vcpu: &mut Vcpu, offset: u32) -> RvmResult<u64> {
+        let apic_timer = vcpu.apic_timer_mut();
+        match offset {
+            SIVR => Ok(0x1ff), // SDM Vol. 3A, Section 10.9, Figure 10-23 (with Software Enable bit)
+            LVT_THERMAL | LVT_PMI | LVT_LINT0 | LVT_LINT1 | LVT_ERR => {
+                Ok(0x1_0000) // SDM Vol. 3A, Section 10.5.1, Figure 10-8 (with Mask bit)
+            }
+            LVT_TIMER => Ok(apic_timer.lvt_timer() as u64),
+            INIT_COUNT => Ok(apic_timer.initial_count() as u64),
+            DIV_CONF => Ok(apic_timer.divide() as u64),
+            CUR_COUNT => Ok(apic_timer.current_counter() as u64),
+            _ => Err(RvmError::Unsupported),
+        }
+    }
+
+    fn write(vcpu: &mut Vcpu, offset: u32, value: u64) -> RvmResult {
+        if offset != ICR && (value >> 32) != 0 {
+            return Err(RvmError::InvalidParam); // all registers except ICR are 32-bits
+        }
+        let apic_timer = vcpu.apic_timer_mut();
+        match offset {
+            EOI => {
+                if value != 0 {
+                    Err(RvmError::InvalidParam) // write a non-zero value causes #GP
+                } else {
+                    Ok(())
+                }
+            }
+            SIVR | LVT_THERMAL | LVT_PMI | LVT_LINT0 | LVT_LINT1 | LVT_ERR => {
+                Ok(()) // ignore these register writes
+            }
+            LVT_TIMER => apic_timer.set_lvt_timer(value as u32),
+            INIT_COUNT => apic_timer.set_initial_count(value as u32),
+            DIV_CONF => apic_timer.set_divide(value as u32),
+            _ => Err(RvmError::Unsupported),
+        }
+    }
+}

hypervisor/src/hv/device_emu/mod.rs

@@ -1,8 +1,11 @@
 mod i8259_pic;
+mod lapic;
 mod uart16550;
 
 use alloc::{sync::Arc, vec, vec::Vec};
 
+pub use self::lapic::VirtLocalApic;
+
 pub trait PortIoDevice: Send + Sync {
     fn port_range(&self) -> core::ops::Range<u16>;
     fn read(&self, port: u16, access_size: u8) -> rvm::RvmResult<u32>;

hypervisor/src/hv/hal.rs

@@ -1,6 +1,7 @@
 use rvm::{HostPhysAddr, HostVirtAddr, RvmHal, RvmVcpu};
 
 use super::vmexit;
+use crate::arch::timer;
 use crate::mm::{address, frame};
 
 pub struct RvmHalImpl;
@@ -25,4 +26,8 @@ impl RvmHal for RvmHalImpl {
     fn vmexit_handler(vcpu: &mut RvmVcpu<Self>) {
         vmexit::vmexit_handler(vcpu).unwrap()
     }
+
+    fn current_time_nanos() -> u64 {
+        timer::ticks_to_nanos(timer::current_ticks())
+    }
 }

hypervisor/src/hv/vmexit.rs

@@ -1,13 +1,23 @@
-use super::device_emu;
+use super::device_emu::{self, VirtLocalApic};
 use super::hal::RvmHalImpl;
 use rvm::arch::{VmxExitInfo, VmxExitReason};
 use rvm::{RvmError, RvmResult, RvmVcpu};
 
 type Vcpu = RvmVcpu<RvmHalImpl>;
 
 const VM_EXIT_INSTR_LEN_CPUID: u8 = 2;
+const VM_EXIT_INSTR_LEN_RDMSR: u8 = 2;
+const VM_EXIT_INSTR_LEN_WRMSR: u8 = 2;
 const VM_EXIT_INSTR_LEN_VMCALL: u8 = 3;
 
+fn handle_external_interrupt(vcpu: &mut Vcpu) -> RvmResult {
+    let int_info = vcpu.interrupt_exit_info()?;
+    trace!("VM-exit: external interrupt: {:#x?}", int_info);
+    assert!(int_info.valid);
+    crate::arch::handle_irq(int_info.vector);
+    Ok(())
+}
+
 fn handle_cpuid(vcpu: &mut Vcpu) -> RvmResult {
     use raw_cpuid::{cpuid, CpuIdResult};
 
@@ -118,6 +128,55 @@ fn handle_io_instruction(vcpu: &mut Vcpu, exit_info: &VmxExitInfo) -> RvmResult
     Ok(())
 }
 
+fn handle_msr_read(vcpu: &mut Vcpu) -> RvmResult {
+    let msr = vcpu.regs().rcx as u32;
+
+    use x86::msr::*;
+    let res = if msr == IA32_APIC_BASE {
+        let mut apic_base = unsafe { rdmsr(IA32_APIC_BASE) };
+        apic_base |= 1 << 11 | 1 << 10; // enable xAPIC and x2APIC
+        Ok(apic_base)
+    } else if VirtLocalApic::msr_range().contains(&msr) {
+        VirtLocalApic::rdmsr(vcpu, msr)
+    } else {
+        Err(RvmError::Unsupported)
+    };
+
+    if let Ok(value) = res {
+        debug!("VM exit: RDMSR({:#x}) -> {:#x}", msr, value);
+        vcpu.regs_mut().rax = value & 0xffff_ffff;
+        vcpu.regs_mut().rdx = value >> 32;
+    } else {
+        panic!("Failed to handle RDMSR({:#x}): {:?}", msr, res);
+    }
+    vcpu.advance_rip(VM_EXIT_INSTR_LEN_RDMSR)?;
+    Ok(())
+}
+
+fn handle_msr_write(vcpu: &mut Vcpu) -> RvmResult {
+    let msr = vcpu.regs().rcx as u32;
+    let value = (vcpu.regs().rax & 0xffff_ffff) | (vcpu.regs().rdx << 32);
+    debug!("VM exit: WRMSR({:#x}) <- {:#x}", msr, value);
+
+    use x86::msr::*;
+    let res = if msr == IA32_APIC_BASE {
+        Ok(()) // ignore
+    } else if VirtLocalApic::msr_range().contains(&msr) {
+        VirtLocalApic::wrmsr(vcpu, msr, value)
+    } else {
+        Err(RvmError::Unsupported)
+    };
+
+    if res.is_err() {
+        panic!(
+            "Failed to handle WRMSR({:#x}) <- {:#x}: {:?}",
+            msr, value, res
+        );
+    }
+    vcpu.advance_rip(VM_EXIT_INSTR_LEN_WRMSR)?;
+    Ok(())
+}
+
 fn handle_ept_violation(vcpu: &Vcpu, guest_rip: usize) -> RvmResult {
     let fault_info = vcpu.nested_page_fault_info()?;
     panic!(
@@ -135,9 +194,13 @@ pub fn vmexit_handler(vcpu: &mut Vcpu) -> RvmResult {
     }
 
     let res = match exit_info.exit_reason {
+        VmxExitReason::EXTERNAL_INTERRUPT => handle_external_interrupt(vcpu),
+        VmxExitReason::INTERRUPT_WINDOW => vcpu.set_interrupt_window(false),
         VmxExitReason::CPUID => handle_cpuid(vcpu),
         VmxExitReason::VMCALL => handle_hypercall(vcpu),
         VmxExitReason::IO_INSTRUCTION => handle_io_instruction(vcpu, &exit_info),
+        VmxExitReason::MSR_READ => handle_msr_read(vcpu),
+        VmxExitReason::MSR_WRITE => handle_msr_write(vcpu),
         VmxExitReason::EPT_VIOLATION => handle_ept_violation(vcpu, exit_info.guest_rip),
         _ => panic!(
             "Unhandled VM-Exit reason {:?}:\n{:#x?}",

rvm/src/arch/x86_64/lapic.rs

@@ -0,0 +1,145 @@
+use bit_field::BitField;
+use core::marker::PhantomData;
+
+use crate::{RvmHal, RvmResult};
+
+const APIC_FREQ_MHZ: u64 = 1000; // 1000 MHz
+const APIC_CYCLE_NANOS: u64 = 1000 / APIC_FREQ_MHZ;
+
+/// Local APIC timer modes.
+#[derive(Debug, Copy, Clone)]
+#[repr(u8)]
+#[allow(dead_code)]
+pub enum TimerMode {
+    /// Timer only fires once.
+    OneShot = 0b00,
+    /// Timer fires periodically.
+    Periodic = 0b01,
+    /// Timer fires at an absolute time.
+    TscDeadline = 0b10,
+}
+
+/// A virtual local APIC timer. (SDM Vol. 3C, Section 10.5.4)
+pub struct ApicTimer<H: RvmHal> {
+    lvt_timer_bits: u32,
+    divide_shift: u8,
+    initial_count: u32,
+    last_start_ns: u64,
+    deadline_ns: u64,
+    _phantom: PhantomData<H>,
+}
+
+impl<H: RvmHal> ApicTimer<H> {
+    pub(crate) const fn new() -> Self {
+        Self {
+            lvt_timer_bits: 0x1_0000, // masked
+            divide_shift: 0,
+            initial_count: 0,
+            last_start_ns: 0,
+            deadline_ns: 0,
+            _phantom: PhantomData,
+        }
+    }
+
+    /// Check if an interrupt generated. if yes, update it's states.
+    pub fn check_interrupt(&mut self) -> bool {
+        if self.deadline_ns == 0 {
+            false
+        } else if H::current_time_nanos() >= self.deadline_ns {
+            if self.is_periodic() {
+                self.deadline_ns += self.interval_ns();
+            } else {
+                self.deadline_ns = 0;
+            }
+            !self.is_masked()
+        } else {
+            false
+        }
+    }
+
+    /// Whether the timer interrupt is masked.
+    pub const fn is_masked(&self) -> bool {
+        self.lvt_timer_bits & (1 << 16) != 0
+    }
+
+    /// Whether the timer mode is periodic.
+    pub const fn is_periodic(&self) -> bool {
+        let timer_mode = (self.lvt_timer_bits >> 17) & 0b11;
+        timer_mode == TimerMode::Periodic as _
+    }
+
+    /// The timer interrupt vector number.
+    pub const fn vector(&self) -> u8 {
+        (self.lvt_timer_bits & 0xff) as u8
+    }
+
+    /// LVT Timer Register. (SDM Vol. 3A, Section 10.5.1, Figure 10-8)
+    pub const fn lvt_timer(&self) -> u32 {
+        self.lvt_timer_bits
+    }
+
+    /// Divide Configuration Register. (SDM Vol. 3A, Section 10.5.4, Figure 10-10)
+    pub const fn divide(&self) -> u32 {
+        let dcr = self.divide_shift.wrapping_sub(1) as u32 & 0b111;
+        (dcr & 0b11) | ((dcr & 0b100) << 1)
+    }
+
+    /// Initial Count Register.
+    pub const fn initial_count(&self) -> u32 {
+        self.initial_count
+    }
+
+    /// Current Count Register.
+    pub fn current_counter(&self) -> u32 {
+        let elapsed_ns = H::current_time_nanos() - self.last_start_ns;
+        let elapsed_cycles = (elapsed_ns / APIC_CYCLE_NANOS) >> self.divide_shift;
+        if self.is_periodic() {
+            self.initial_count - (elapsed_cycles % self.initial_count as u64) as u32
+        } else if elapsed_cycles < self.initial_count as u64 {
+            self.initial_count - elapsed_cycles as u32
+        } else {
+            0
+        }
+    }
+
+    /// Set LVT Timer Register.
+    pub fn set_lvt_timer(&mut self, bits: u32) -> RvmResult {
+        let timer_mode = bits.get_bits(17..19);
+        if timer_mode == TimerMode::TscDeadline as _ {
+            return rvm_err!(Unsupported); // TSC deadline mode was not supported
+        } else if timer_mode == 0b11 {
+            return rvm_err!(InvalidParam); // reserved
+        }
+        self.lvt_timer_bits = bits;
+        self.start_timer();
+        Ok(())
+    }
+
+    /// Set Initial Count Register.
+    pub fn set_initial_count(&mut self, initial: u32) -> RvmResult {
+        self.initial_count = initial;
+        self.start_timer();
+        Ok(())
+    }
+
+    /// Set Divide Configuration Register.
+    pub fn set_divide(&mut self, dcr: u32) -> RvmResult {
+        let shift = (dcr & 0b11) | ((dcr & 0b1000) >> 1);
+        self.divide_shift = (shift + 1) as u8 & 0b111;
+        self.start_timer();
+        Ok(())
+    }
+
+    const fn interval_ns(&self) -> u64 {
+        (self.initial_count as u64 * APIC_CYCLE_NANOS) << self.divide_shift
+    }
+
+    fn start_timer(&mut self) {
+        if self.initial_count != 0 {
+            self.last_start_ns = H::current_time_nanos();
+            self.deadline_ns = self.last_start_ns + self.interval_ns();
+        } else {
+            self.deadline_ns = 0;
+        }
+    }
+}