3 * - By John Hodge (thePowersGang)
6 * - Virtual 8086 Mode Monitor
13 #include <semaphore.h>
18 #define VM8086_USER_BASE 0x1000
20 #define VM8086_MAGIC_CS 0xFFFF
21 #define VM8086_MAGIC_IP 0x0010
22 #define VM8086_STACK_SEG 0x9F00
23 #define VM8086_STACK_OFS 0x0AFE
26 VM8086_OP_PUSHF = 0x9C,
27 VM8086_OP_POPF = 0x9D,
28 VM8086_OP_INT_I = 0xCD,
29 VM8086_OP_IRET = 0xCF,
30 VM8086_OP_IN_AD = 0xEC,
31 VM8086_OP_IN_ADX = 0xED,
32 VM8086_OP_OUT_AD = 0xEE,
33 VM8086_OP_OUT_ADX = 0xEF
35 #define VM8086_PAGES_PER_INST 4
37 #define VM8086_BLOCKSIZE 128
38 #define VM8086_BLOCKCOUNT ((0x9F000-0x10000)/VM8086_BLOCKSIZE)
41 struct sVM8086_InternalPages
43 Uint32 Bitmap; // 32 sections = 128 byte blocks
47 struct sVM8086_InternalData
49 struct sVM8086_InternalPages AllocatedPages[VM8086_PAGES_PER_INST];
53 int VM8086_Install(char **Arguments);
54 void VM8086_GPF(tRegs *Regs);
55 //tVM8086 *VM8086_Init(void);
58 MODULE_DEFINE(0, 0x100, VM8086, VM8086_Install, NULL, NULL);
59 tMutex glVM8086_Process;
60 tSemaphore gVM8086_TaskComplete;
61 tSemaphore gVM8086_TasksToDo;
62 tPID gVM8086_WorkerPID;
63 tTID gVM8086_CallingThread;
64 tVM8086 volatile * volatile gpVM8086_State = (void*)-1; // Set to -1 to avoid race conditions
65 Uint32 gaVM8086_MemBitmap[VM8086_BLOCKCOUNT/32];
66 int gbVM8086_ShadowIF = 0;
69 int VM8086_Install(char **Arguments)
71 Semaphore_Init(&gVM8086_TasksToDo, 0, 10, "VM8086", "TasksToDo");
73 // Lock to avoid race conditions
74 Mutex_Acquire( &glVM8086_Process );
76 // Create BIOS Call process
77 tPID pid = Proc_Clone(CLONE_VM);
81 Log_Error("VM8086", "Unable to clone kernel into VM8086 worker");
82 return MODULE_ERR_MISC;
86 Uint * volatile stacksetup; // Initialising Stack
87 Uint16 * volatile rmstack; // Real Mode Stack
89 LOG("Initialising worker");
92 Threads_SetName("VM8086");
95 for(unsigned int i = 0xA0;i<0x100;i++) {
96 MM_RefPhys(i * 0x1000);
97 MM_Map( (void*)(i * 0x1000), i * 0x1000 );
100 MM_Map( (void*)0, 0 ); // IVT / BDA
101 if( MM_GetRefCount(0x00000) > 2 ) {
102 Log_Notice("VM8086", "Ok, who's touched the IVT? (%i)",
103 MM_GetRefCount(0x00000));
106 MM_Map( (void*)0x9F000, 0x9F000 ); // Stack / EBDA
107 if( MM_GetRefCount(0x9F000) > 2 ) {
108 Log_Notice("VM8086", "And who's been playing with my EBDA? (%i)",
109 MM_GetRefCount(0x9F000));
111 // System Stack / Stub
112 if( MM_Allocate( (void*)0x100000 ) == 0 ) {
113 Log_Error("VM8086", "Unable to allocate memory for stack/stub");
114 gVM8086_WorkerPID = 0;
118 *(Uint8*)(0x100000) = VM8086_OP_IRET;
119 *(Uint8*)(0x100001) = 0x07; // POP ES
120 *(Uint8*)(0x100002) = 0x1F; // POP DS
121 *(Uint8*)(0x100003) = 0xCB; // RET FAR
123 rmstack = (Uint16*)(VM8086_STACK_SEG*16 + VM8086_STACK_OFS);
124 rmstack--; *rmstack = 0xFFFF; //CS
125 rmstack--; *rmstack = 0x0010; //IP
128 stacksetup = (Uint*)0x101000;
129 stacksetup--; *stacksetup = VM8086_STACK_SEG; // GS
130 stacksetup--; *stacksetup = VM8086_STACK_SEG; // FS
131 stacksetup--; *stacksetup = VM8086_STACK_SEG; // DS
132 stacksetup--; *stacksetup = VM8086_STACK_SEG; // ES
133 stacksetup--; *stacksetup = VM8086_STACK_SEG; // SS
134 stacksetup--; *stacksetup = VM8086_STACK_OFS-2; // SP
135 stacksetup--; *stacksetup = 0x20202; // FLAGS
136 stacksetup--; *stacksetup = 0xFFFF; // CS
137 stacksetup--; *stacksetup = 0x10; // IP
138 stacksetup--; *stacksetup = 0xAAAA; // AX
139 stacksetup--; *stacksetup = 0xCCCC; // CX
140 stacksetup--; *stacksetup = 0xDDDD; // DX
141 stacksetup--; *stacksetup = 0xBBBB; // BX
142 stacksetup--; *stacksetup = 0x5454; // SP
143 stacksetup--; *stacksetup = 0xB4B4; // BP
144 stacksetup--; *stacksetup = 0x5151; // SI
145 stacksetup--; *stacksetup = 0xD1D1; // DI
146 stacksetup--; *stacksetup = 0x20|3; // DS - Kernel
147 stacksetup--; *stacksetup = 0x20|3; // ES - Kernel
148 stacksetup--; *stacksetup = 0x20|3; // FS
149 stacksetup--; *stacksetup = 0x20|3; // GS
150 LOG("stacksetup = %p, entering vm8086");
151 __asm__ __volatile__ (
152 "mov %%eax,%%esp;\n\t" // Set stack pointer
158 "iret;\n\t" : : "a" (stacksetup));
159 for(;;); // Shouldn't be reached
162 gVM8086_WorkerPID = pid;
164 // It's released when the GPF fires
165 LOG("Waiting for worker %i to start", gVM8086_WorkerPID);
166 Mutex_Acquire( &glVM8086_Process );
167 Mutex_Release( &glVM8086_Process );
169 // Worker killed itself
170 if( gVM8086_WorkerPID != pid ) {
171 return MODULE_ERR_MISC;
174 return MODULE_ERR_OK;
177 void VM8086_GPF(tRegs *Regs)
182 // Log_Log("VM8086", "GPF - %04x:%04x", Regs->cs, Regs->eip);
184 LOG("VM8086 GPF at %04x:%04x", Regs->cs, Regs->eip);
186 if(Regs->eip == VM8086_MAGIC_IP && Regs->cs == VM8086_MAGIC_CS
187 && Threads_GetPID() == gVM8086_WorkerPID)
189 if( gpVM8086_State == (void*)-1 ) {
190 Log_Log("VM8086", "Worker thread ready and waiting");
191 gpVM8086_State = NULL;
192 Mutex_Release( &glVM8086_Process ); // Release lock obtained in VM8086_Install
194 // Log_Log("VM8086", "gpVM8086_State = %p, gVM8086_CallingThread = %i",
195 // gpVM8086_State, gVM8086_CallingThread);
198 gpVM8086_State->AX = Regs->eax; gpVM8086_State->CX = Regs->ecx;
199 gpVM8086_State->DX = Regs->edx; gpVM8086_State->BX = Regs->ebx;
200 gpVM8086_State->BP = Regs->ebp;
201 gpVM8086_State->SI = Regs->esi; gpVM8086_State->DI = Regs->edi;
202 gpVM8086_State->DS = Regs->ds; gpVM8086_State->ES = Regs->es;
204 LOG("gpVM8086_State = %p", gpVM8086_State);
205 LOG("gpVM8086_State->Internal = %p", gpVM8086_State->Internal);
206 for( Uint i = 0; i < VM8086_PAGES_PER_INST; i ++ )
208 if( !gpVM8086_State->Internal->AllocatedPages[i].VirtBase )
210 MM_Deallocate( (tPage*)VM8086_USER_BASE + i );
213 gpVM8086_State = NULL;
216 Semaphore_Signal(&gVM8086_TaskComplete, 1);
219 //Log_Log("VM8086", "Waiting for something to do");
220 __asm__ __volatile__ ("sti");
221 Semaphore_Wait(&gVM8086_TasksToDo, 1);
223 for( Uint i = 0; i < VM8086_PAGES_PER_INST; i ++ )
225 if( !gpVM8086_State->Internal->AllocatedPages[i].VirtBase )
227 MM_RefPhys( gpVM8086_State->Internal->AllocatedPages[i].PhysAddr );
228 MM_Map( (tPage*)VM8086_USER_BASE + i, gpVM8086_State->Internal->AllocatedPages[i].PhysAddr );
232 //Log_Log("VM8086", "We have a task (%p)", gpVM8086_State);
233 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = VM8086_MAGIC_CS;
234 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = VM8086_MAGIC_IP;
235 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = gpVM8086_State->CS;
236 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = gpVM8086_State->IP;
237 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = gpVM8086_State->DS;
238 Regs->esp -= 2; *(Uint16*)( (Regs->ss<<4) + (Regs->esp&0xFFFF) ) = gpVM8086_State->ES;
241 Regs->eip = 0x11; Regs->cs = 0xFFFF;
242 Regs->eax = gpVM8086_State->AX; Regs->ecx = gpVM8086_State->CX;
243 Regs->edx = gpVM8086_State->DX; Regs->ebx = gpVM8086_State->BX;
244 Regs->esi = gpVM8086_State->SI; Regs->edi = gpVM8086_State->DI;
245 Regs->ebp = gpVM8086_State->BP;
246 Regs->ds = 0x23; Regs->es = 0x23;
247 Regs->fs = 0x23; Regs->gs = 0x23;
251 opcode = *(Uint8*)( (Regs->cs*16) + (Regs->eip) );
255 case VM8086_OP_PUSHF: //PUSHF
257 *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) = Regs->eflags & 0xFFFF;
258 if( gbVM8086_ShadowIF )
259 *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) |= 0x200;
261 *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) &= ~0x200;
263 Log_Debug("VM8086", "%04x:%04x Emulated PUSHF (value 0x%x)",
264 Regs->cs, Regs->eip-1, Regs->eflags & 0xFFFF);
267 case VM8086_OP_POPF: //POPF
268 // Changing IF is not allowed
269 Regs->eflags &= 0xFFFF0202;
270 Regs->eflags |= *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) );
271 gbVM8086_ShadowIF = !!(*(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) & 0x200);
274 Log_Debug("VM8086", "%04x:%04x Emulated POPF (new value 0x%x)",
275 Regs->cs, Regs->eip-1, Regs->eflags & 0xFFFF);
279 case VM8086_OP_INT_I: //INT imm8
282 id = *(Uint8*)( Regs->cs*16 +(Regs->eip&0xFFFF));
285 Regs->esp -= 2; *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) = Regs->eflags;
286 Regs->esp -= 2; *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) = Regs->cs;
287 Regs->esp -= 2; *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ) = Regs->eip;
289 newcs = *(Uint16*)(4*id + 2);
290 newip = *(Uint16*)(4*id);
292 Log_Debug("VM8086", "%04x:%04x Emulated INT 0x%x (%04x:%04x) - AX=%04x,BX=%04x",
293 Regs->cs, Regs->eip-2, id, newcs, newip, Regs->eax, Regs->ebx);
300 case VM8086_OP_IRET: //IRET
301 newip = *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ); Regs->esp += 2;
302 newcs = *(Uint16*)( Regs->ss*16 + (Regs->esp&0xFFFF) ); Regs->esp += 2;
304 Log_Debug("VM8086", "%04x:%04x IRET to %04x:%04x",
305 Regs->cs, Regs->eip-1, newcs, newip);
312 case VM8086_OP_IN_AD: //IN AL, DX
313 Regs->eax &= 0xFFFFFF00;
314 Regs->eax |= inb(Regs->edx&0xFFFF);
316 Log_Debug("VM8086", "%04x:%04x Emulated IN AL, DX (Port 0x%x [Val 0x%02x])",
317 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax&0xFF);
320 case VM8086_OP_IN_ADX: //IN AX, DX
321 Regs->eax &= 0xFFFF0000;
322 Regs->eax |= inw(Regs->edx&0xFFFF);
324 Log_Debug("VM8086", "%04x:%04x Emulated IN AX, DX (Port 0x%x [Val 0x%04x])",
325 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax&0xFFFF);
329 case VM8086_OP_OUT_AD: //OUT DX, AL
330 outb(Regs->edx&0xFFFF, Regs->eax&0xFF);
332 Log_Debug("VM8086", "%04x:%04x Emulated OUT DX, AL (*0x%04x = 0x%02x)",
333 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax&0xFF);
336 case VM8086_OP_OUT_ADX: //OUT DX, AX
337 outw(Regs->edx&0xFFFF, Regs->eax&0xFFFF);
339 Log_Debug("VM8086", "%04x:%04x Emulated OUT DX, AX (*0x%04x = 0x%04x)",
340 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax&0xFFFF);
344 // TODO: Decide on allowing VM8086 Apps to enable/disable interrupts
347 Log_Debug("VM8086", "%04x:%04x Ignored CLI",
348 Regs->cs, Regs->eip);
350 gbVM8086_ShadowIF = 0;
354 Log_Debug("VM8086", "%04x:%04x Ignored STI",
355 Regs->cs, Regs->eip);
357 gbVM8086_ShadowIF = 1;
361 opcode = *(Uint8*)( (Regs->cs*16) + (Regs->eip&0xFFFF));
365 case VM8086_OP_IN_ADX: //IN AX, DX
366 Regs->eax = ind(Regs->edx&0xFFFF);
368 Log_Debug("VM8086", "%04x:%04x Emulated IN EAX, DX (Port 0x%x [Val 0x%08x])",
369 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax);
372 case VM8086_OP_OUT_ADX: //OUT DX, AX
373 outd(Regs->edx&0xFFFF, Regs->eax);
375 Log_Debug("VM8086", "%04x:%04x Emulated OUT DX, EAX (*0x%04x = 0x%08x)",
376 Regs->cs, Regs->eip-1, Regs->edx&0xFFFF, Regs->eax);
380 Log_Error("VM8086", "Error - Unknown opcode 66 %02x caused a GPF at %04x:%04x",
381 Regs->cs, Regs->eip-2,
384 // Force an end to the call
385 Regs->cs = VM8086_MAGIC_CS;
386 Regs->eip = VM8086_MAGIC_IP;
392 opcode = *(Uint8*)( (Regs->cs*16) + (Regs->eip&0xFFFF));
393 Log_Error("VM8086", "Error - Unknown opcode 0F %02x caused a GPF at %04x:%04x",
394 opcode, Regs->cs, Regs->eip);
395 // Force an end to the call
396 Regs->cs = VM8086_MAGIC_CS;
397 Regs->eip = VM8086_MAGIC_IP;
401 Log_Error("VM8086", "Error - Unknown opcode %02x caused a GPF at %04x:%04x",
402 opcode, Regs->cs, Regs->eip-1);
403 // Force an end to the call
404 Regs->cs = VM8086_MAGIC_CS;
405 Regs->eip = VM8086_MAGIC_IP;
411 * \brief Create an instance of the VM8086 Emulator
413 tVM8086 *VM8086_Init(void)
416 ret = calloc( 1, sizeof(tVM8086) + sizeof(struct sVM8086_InternalData) );
417 ret->Internal = (void*)((tVAddr)ret + sizeof(tVM8086));
421 void VM8086_Free(tVM8086 *State)
423 // TODO: Make sure the state isn't in use currently
424 for( Uint i = VM8086_PAGES_PER_INST; i --; )
425 MM_UnmapHWPages( State->Internal->AllocatedPages[i].VirtBase, 1);
429 void *VM8086_Allocate(tVM8086 *State, int Size, Uint16 *Segment, Uint16 *Offset)
431 struct sVM8086_InternalPages *pages = State->Internal->AllocatedPages;
435 Size = (Size + 127) & ~127;
436 nBlocks = Size / 128;
438 if(Size > 4096) return NULL;
440 for( i = 0; i < VM8086_PAGES_PER_INST; i++ )
442 if( pages[i].VirtBase == 0 ) continue;
444 //Log_Debug("VM8086", "pages[%i].Bitmap = 0b%b", i, pages[i].Bitmap);
448 // Scan the bitmap for a free block
449 // - 32 blocks per page == 128 bytes per block == 8 segments
450 for( j = 0; j < 32; j++ )
452 if( pages[i].Bitmap & (1 << j) )
459 if(rem == 0) // Goodie, there's a gap
461 for( j = 0; j < nBlocks; j++ )
462 pages[i].Bitmap |= 1 << (base + j);
463 *Segment = (VM8086_USER_BASE + i * 0x1000) / 16 + base * 8;
465 LOG("Allocated at #%i,%04x", i, base*8*16);
466 LOG(" - %x:%x", *Segment, *Offset);
467 return pages[i].VirtBase + base * 8 * 16;
472 // No pages with free space?, allocate a new one
473 for( i = 0; i < VM8086_PAGES_PER_INST; i++ )
475 if( pages[i].VirtBase == 0 ) break;
477 // Darn, we can't allocate any more
478 if( i == VM8086_PAGES_PER_INST ) {
479 Log_Warning("VM8086", "Out of pages in %p", State);
483 pages[i].VirtBase = MM_AllocDMA(1, -1, &pages[i].PhysAddr);
484 if( pages[i].VirtBase == 0 ) {
485 Log_Warning("VM8086", "Unable to allocate data page");
489 LOG("AllocatedPages[%i].VirtBase = %p", i, pages[i].VirtBase);
490 LOG("AllocatedPages[%i].PhysAddr = %P", i, pages[i].PhysAddr);
492 for( j = 0; j < nBlocks; j++ )
493 pages[i].Bitmap |= 1 << j;
494 LOG("AllocatedPages[%i].Bitmap = 0b%b", i, pages[i].Bitmap);
495 *Segment = (VM8086_USER_BASE + i * 0x1000) / 16;
497 LOG(" - %04x:%04x", *Segment, *Offset);
498 return pages[i].VirtBase;
501 void *VM8086_GetPointer(tVM8086 *State, Uint16 Segment, Uint16 Offset)
503 Uint32 addr = Segment * 16 + Offset;
505 if( VM8086_USER_BASE <= addr && addr < VM8086_USER_BASE + VM8086_PAGES_PER_INST*0x1000 )
507 int pg = (addr - VM8086_USER_BASE) / 0x1000;
508 if( State->Internal->AllocatedPages[pg].VirtBase == 0)
511 return State->Internal->AllocatedPages[pg].VirtBase + (addr & 0xFFF);
515 return (void*)( KERNEL_BASE + addr );
519 void VM8086_Int(tVM8086 *State, Uint8 Interrupt)
521 State->IP = *(Uint16*)(KERNEL_BASE+4*Interrupt);
522 State->CS = *(Uint16*)(KERNEL_BASE+4*Interrupt+2);
524 // Log_Debug("VM8086", "Software interrupt %i to %04x:%04x", Interrupt, State->CS, State->IP);
526 Mutex_Acquire( &glVM8086_Process );
528 gpVM8086_State = State;
529 gVM8086_CallingThread = Threads_GetTID();
530 Semaphore_Signal(&gVM8086_TasksToDo, 1);
532 Semaphore_Wait(&gVM8086_TaskComplete, 1);
534 Mutex_Release( &glVM8086_Process );