Resend as attachment as the previous version gots corrupted.From abea41b457aff4c04c3aa397b88847b66aaff1ad Mon Sep 17 00:00:00 2001
From: Bernhard Kauer
Date: Fri, 20 Jan 2023 21:33:04 +
Subject: [PATCH 2/2] target/i386: Change CR4 before CR0 in SVM
There is a dependency in cpu_x86_update_cr0
Guest to host page translation is missing if the guest runs in unpaged mode.
See last sentence in AMD SDM rev 3.40 section 15.25.5.
Signed-off-by: Bernhard Kauer
---
target/i386/tcg/sysemu/excp_helper.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/target/i386/tcg/sysemu/excp_helper.c
Guest to host page translation should be done even if the guest runs in unpaged
mode.
See last sentence in AMD SDM rev 3.40 section 15.25.5.
Signed-off-by: Bernhard Kauer
---
target/i386/tcg/sysemu/excp_helper.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/target/i386/tcg/sysemu
There is a dependency in cpu_x86_update_cr0() to the current value of CR4
to enable or disable long-mode. This value is outdated when switching into
or out of SVM. This leads to invalid CPU state when returning from an unpaged
VM when EFER.LME is set.
Signed-off-by: Bernhard Kauer
diff
On Fri, May 21, 2010 at 02:02:43PM +0200, andrzej zaborowski wrote:
> I pushed a modified patch to preserve attributes such as background
> colour.
Good idea.
> Please check if this works for you.
Yes, this works.
Thanks,
Bernhard Kauer
On Mon, May 03, 2010 at 01:06:46PM -0500, Anthony Liguori wrote:
> On 04/22/2010 09:08 AM, Bernhard Kauer wrote:
> >Hi,
> >
> >>I believe this issue has come up before with a similar patch but
> >well i've submitted such a patch more than two years ago. Unfortu
Hi,
> I believe this issue has come up before with a similar patch but
well i've submitted such a patch more than two years ago. Unfortunatelly
it got never applied, so that I have to patch my Qemu on every update...
> someone checked their ncurses and they didn't see the same issue.
> I just
zeros the VGA text buffer and later pokes single
characters,
the console output can become unreadable. The attached patch corrects this bug.
Bernhard Kauer
Signed-off-by: Bernhard Kauer
diff --git a/curses.c b/curses.c
index ed3165e..9bf9265 100644
--- a/curses.c
+++ b/curses.c
VMM should always prevent guests from writing EFER.
Therefore i think the wrmsr-code is just fine, as it is in my patch.
Bernhard Kauer
s zero, the SVM instructions cause #UD exceptions.
The bit was called MSR_EFER_SVME_MASK in svm.h before, I renamed it in the
attached patch to MSR_EFER_SVME to match the style of the other definitions
in cpu.h.
BTW, triggering the above mentioned #UD is missing in the code...
Bernhard
The wrmsr_helper should allow to set the SVM flag in EFER.
Bernhard Kauer
Index: target-i386/helper.c
===
RCS file: /sources/qemu/qemu/target-i386/helper.c,v
retrieving revision 1.101
diff -u -r1.101 helper.c
--- target-i386
line-buffer.
Please note that this change affects other consoles as well and is
perhaps undesirable. Comments?
Bernhard Kauer
Index: console.h
--- console.h 10 Feb 2008 16:33:13 - 1.2
+++ console.h 25 Feb 2008 17:25:53 -
@@ -104,7 +104,8 @@
typedef unsigned long console_ch_t
The SVM event injection mechanism for NMI and INTRs should not
be handled as software interrupts.
Bernhard Kauer
Index: target-i386/helper.c
--- target-i386/helper.c 24 Dec 2007 13:36:00 - 1.98
+++ target-i386/helper.c 23 Jan 2008 22:37:49 -
@@ -4124,7 +4193,7 @@
case
pter 8...
Bernhard Kauer
An SVM enabled processor should provide the CPUID extended leaf Fn8000_000A
(see AMD documentation #25481). The attached patch add this feature.
Bernhard Kauer
Index: target-i386/helper.c
===
RCS file: /sources/qemu/qemu
The cmpxchg8b opcode is only valid if the nnn bits
in the mod/rm byte are 001, otherwise an #UD should
be generated. The attached patch fixes this.
Bernhard Kauer
Index: target-i386/translate.c
--- target-i386/translate.c 8 Nov 2007 14:25:03 - 1.74
+++ target-i386/translate.c 18 Dec
>
> That was the one. Thank you.
Unfortunately there is another bug in this line. As there
is only a single byte read from the permission bitmap, an
unaligned 4-byte access to port 0x7 would be possible even
when the access to port 0x8-0xa is not allowed. The updated
patch fixes also
On Fri, Dec 07, 2007 at 02:10:35PM +0100, Alexander Graf wrote:
> Could you please make this more readable?
Not easy by a one liner. I splitted the mask calculation in a separate line.
Is it better now?
> Apart from that the patch is fine if the highest bit in the IOIO vector is
> to be set. I co
The SVM IOIO intercept does not check all bits in the IO permission map
for in/outs with word or long operand size. The attached patch fix this.
Bernhard Kauer
Index: target-i386/helper.c
--- target-i386/helper.c 18 Nov 2007 01:44:38 - 1.95
+++ target-i386/helper.c 6 Dec 2007 19:22
The attached patch adds an SVM intercept for rdpmc to qemu,
thus allowing a VMM to virtualize them. Please note that
performance counters are currently unimplemented in qemu.
Bernhard Kauer
Index: target-i386/helper.c
--- target-i386/helper.c 18 Nov 2007 01:44:38 - 1.95
+++ target
It is perhaps not the best idea to read behind the
end of the boot_device string. It would be safer to
declare boot_device as 'static char boot_device[4]'
and use a strncpy.
Bernhard
> diff --git a/hw/pc.c b/hw/pc.c
> index a0c824f..3c552ff 100644
> --- a/hw/pc.c
> +++ b/hw/pc.c
> +
from Sep 10 on the Bochs developer mailinglist for a patch.
Bernhard Kauer
implement skinit, but did not had the time to
finish that work, yet. Please note that this patch requires
a two line patch to the tpm-emulator to understand the localities.
Bernhard Kauer
Index: Makefile.target
===
RCS file:
Has somebody besides me tested the patch?
Bernhard Kauer
On Wed, Aug 01, 2007 at 05:42:17PM +0200, Bernhard Kauer wrote:
> The boot_device is not communicated to the bochsbios
> through the CMOS. The following patch allows to boot
> via network on the newest bochsbios.
On Mon, Aug 06, 2007 at 07:21:21AM +0930, Dan Shearer wrote:
> On Sun, Aug 05, 2007 at 11:13:55PM +0200, Bernhard Kauer wrote:
> > There are a couple of places in qemu, where abort() is called.
> > The most commonly used one is perhaps cpu_abort() which is called
> > e.g
cursor is invisible.
Are there any reasons not to use exit(1) in cpu_abort()?
Bernhard Kauer
Index: exec.c
===
RCS file: /sources/qemu/qemu/exec.c,v
retrieving revision 1.103
diff -u -r1.103 exec.c
--- exec.c 1 Jul 2007 18:21
On Wed, Aug 01, 2007 at 11:02:58AM -0500, Anthony Liguori wrote:
> Bernhard Kauer wrote:
>> -boot_device = 'c'; /* to prevent confusion by the BIOS */
>> +//boot_device = 'c'; /* to prevent confusion by the BIOS */
>> }
>>
>
>
The boot_device is not communicated to the bochsbios
through the CMOS. The following patch allows to boot
via network on the newest bochsbios.
Bernhard Kauer
Index: vl.c
===
RCS file: /sources/qemu/qemu/vl.c,v
retrieving
The boot_device is not communicated to the bochsbios
through the CMOS. The following patch allows to boot
via network on the newest bochsbios.
Bernhard Kauer
The PIC initilization should respect the fourth byte init
bit in single mode.
Bernhard Kauer
Index: hw/i8259.c
===
RCS file: /sources/qemu/qemu/hw/i8259.c,v
retrieving revision 1.22
diff -u -r1.22 i8259.c
--- hw/i8259.c 7
The old_exception field is initialized on startup with 0.
Therefore the very first fault (e.g. #GP) could be converted
to a double fault on an application processor. The attached
patch initialize old_exception on every CPU reset with -1.
Bernhard Kauer
Index: target-i386/helper2.c
e where this wrong sign extension happend needs
still to be found.
Bernhard Kauer
The calculation of pdpe and pde addresses is broken, when running 32bit
code under x86_64-qemu. The code assumes that the addr parameter is 32bit
wide. This assumption does not hold for x86_64 as target.
Bernhard Kauer
Index: target-i386/helper2.c
On Wed, Mar 28, 2007 at 02:39:31PM +0200, Bernhard Kauer wrote:
> On Wed, Mar 28, 2007 at 10:13:49AM +0200, Sebastian Kaliszewski wrote:
> > Bernhard Kauer wrote:
> > >Qemu does not generate a double fault (DBF) on x86, if a general protection
> > >fault could not be del
The PIC-i8259 does not work in single mode, where only the master PIC is used.
The attached patch fixes the initialization part for single mode.
Bernhard Kauer
Index: i8259.c
===
RCS file: /sources/qemu/qemu/hw/i8259.c,v
On Wed, Mar 28, 2007 at 10:13:49AM +0200, Sebastian Kaliszewski wrote:
> Bernhard Kauer wrote:
> >Qemu does not generate a double fault (DBF) on x86, if a general protection
> >fault could not be delivered. Instead it hangs in a loop.
> >
> >The patch fix this bug
Qemu does not generate a double fault (DBF) on x86, if a general protection
fault could not be delivered. Instead it hangs in a loop.
The patch fix this bug by checking whether we are already in a GPF exception.
Bernhard Kauer
Index: helper.c
On Mon, Mar 26, 2007 at 01:54:43PM +, Julian Seward wrote:
>
> Does this fix some specific bug you encountered?
I have some code here that runs on Qemu but not on real hardware
due to this missing check.
Bernhard
> On Monday 26 March 2007 14:53, Bernhard Kauer wrote:
>
The Intel manual states for LTR and 64-Bit Exceptions:
#GP(selector)
If the descriptor type of the upper 8-byte of the 16-byte descriptor
is non-zero.
Qemu currently does not check this. The attached patch fixes the bug.
Bernhard Kauer
--- helper.c.orig 2007-03-26
name
Greetings,
Bernhard Kauer
diff -N -r -u qemu.old/Makefile.target qemu/Makefile.target
--- qemu.old/Makefile.target2007-03-09 02:46:14.024009410 +0100
+++ qemu/Makefile.target2007-03-09 01:03:53.0 +0100
@@ -372,6 +372,7 @@
VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259.o
Hi,
cpuid(01H) on i386 does not return the initial APIC id.
The following patch correct this.
Bernhard Kauer
Index: hw/apic.c
===
RCS file: /sources/qemu/qemu/hw/apic.c,v
retrieving revision 1.12
diff -u -r1.12 apic.c
--- hw
name
Greetings,
Bernhard Kauer
diff -N -r -u qemu.old/Makefile.target qemu/Makefile.target
--- qemu.old/Makefile.target2007-03-09 02:46:14.024009410 +0100
+++ qemu/Makefile.target2007-03-09 01:03:53.0 +0100
@@ -372,6 +372,7 @@
VL_OBJS+= fdc.o mc146818rtc.o serial.o i8259.o
42 matches
Mail list logo
