From: Yuan Yao <yuan.yao@linux.intel.com>
To: pbonzini@redhat.com
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org, dgilbert@redhat.com,
ehabkost@redhat.com, mst@redhat.com, armbru@redhat.com,
mtosatti@redhat.com, ashish.kalra@amd.com,
Thomas.Lendacky@amd.com, brijesh.singh@amd.com,
isaku.yamahata@intel.com, yuan.yao@intel.com
Subject: [RFC][PATCH v1 07/10] Add new address_space_read and address_space_write debug helper interfaces which can be invoked by vendor specific guest memory debug assist/hooks to do guest RAM memory accesses using the added MemoryRegion callbacks.
Date: Thu, 6 May 2021 09:40:34 +0800 [thread overview]
Message-ID: <20210506014037.11982-8-yuan.yao@linux.intel.com> (raw)
In-Reply-To: <20210506014037.11982-1-yuan.yao@linux.intel.com>
From: Ashish Kalra <ashish.kalra@amd.com>
Yuan Yao:
- Fixed fuzz_dma_read_cb() parameter issue for QEMU 5.2.91.
- Move the caller of encrypted_memory_debug_ops into phymem.c
as common callbacks for encrypted guests.
- Adapted address_space_read_debug/address_space_wirte_rom_debug
with new definition of MemoryRegion::ram_debug_ops;
- Install the encrypted_memory_debug_ops/phymem.c for INTEL
TD guest.
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
Signed-off-by: Yuan Yao <yuan.yao@intel.com>
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 0250b50beb..c0d6c1bd8f 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -2246,6 +2246,12 @@ MemTxResult address_space_write_rom(AddressSpace *as, hwaddr addr,
MemTxAttrs attrs,
const void *buf, hwaddr len);
+MemTxResult address_space_write_rom_debug(AddressSpace *as,
+ hwaddr addr,
+ MemTxAttrs attrs,
+ const void *ptr,
+ hwaddr len);
+
/* address_space_ld*: load from an address space
* address_space_st*: store to an address space
*
@@ -2512,6 +2518,8 @@ extern const MemoryDebugOps *physical_memory_debug_ops;
void address_space_set_debug_ops(const MemoryDebugOps *ops);
+void set_encrypted_memory_debug_ops(void);
+
static inline bool memory_access_is_direct(MemoryRegion *mr, bool is_write)
{
if (is_write) {
@@ -2567,6 +2575,10 @@ MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
return result;
}
+MemTxResult address_space_read_debug(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs, void *buf,
+ hwaddr len);
+
/**
* address_space_read_cached: read from a cached RAM region
*
diff --git a/softmmu/physmem.c b/softmmu/physmem.c
index c8029f69ad..0fde02d325 100644
--- a/softmmu/physmem.c
+++ b/softmmu/physmem.c
@@ -3245,6 +3245,94 @@ void cpu_physical_memory_unmap(void *buffer, hwaddr len,
#define RCU_READ_UNLOCK(...) rcu_read_unlock()
#include "memory_ldst.c.inc"
+inline MemTxResult address_space_read_debug(AddressSpace *as, hwaddr addr,
+ MemTxAttrs attrs, void *ptr,
+ hwaddr len)
+{
+ uint64_t val;
+ MemoryRegion *mr;
+ hwaddr l = len;
+ hwaddr addr1;
+ MemTxResult result = MEMTX_OK;
+ bool release_lock = false;
+ uint8_t *buf = ptr;
+ uint8_t *ram_ptr;
+
+ for (;;) {
+ RCU_READ_LOCK_GUARD();
+ mr = address_space_translate(as, addr, &addr1, &l, false, attrs);
+ if (!memory_access_is_direct(mr, false)) {
+ /* I/O case */
+ release_lock |= prepare_mmio_access(mr);
+ l = memory_access_size(mr, l, addr1);
+ result |= memory_region_dispatch_read(mr, addr1, &val,
+ size_memop(l), attrs);
+ stn_he_p(buf, l, val);
+ } else {
+ /* RAM case */
+ fuzz_dma_read_cb(addr, l, mr);
+ ram_ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->read(buf, ram_ptr, addr1, l, attrs);
+ } else {
+ memcpy(buf, ram_ptr, l);
+ }
+ result = MEMTX_OK;
+ }
+ if (release_lock) {
+ qemu_mutex_unlock_iothread();
+ release_lock = false;
+ }
+
+ len -= l;
+ buf += l;
+ addr += l;
+
+ if (!len) {
+ break;
+ }
+ l = len;
+ }
+ return result;
+}
+
+MemTxResult address_space_write_rom_debug(AddressSpace *as,
+ hwaddr addr,
+ MemTxAttrs attrs,
+ const void *ptr,
+ hwaddr len)
+{
+ hwaddr l;
+ uint8_t *ram_ptr;
+ hwaddr addr1;
+ MemoryRegion *mr;
+ const uint8_t *buf = ptr;
+
+ RCU_READ_LOCK_GUARD();
+ while (len > 0) {
+ l = len;
+ mr = address_space_translate(as, addr, &addr1, &l, true, attrs);
+
+ if (!(memory_region_is_ram(mr) ||
+ memory_region_is_romd(mr))) {
+ l = memory_access_size(mr, l, addr1);
+ } else {
+ /* ROM/RAM case */
+ ram_ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ram_ptr, addr1, buf, l, attrs);
+ } else {
+ memcpy(ram_ptr, buf, l);
+ }
+ invalidate_and_set_dirty(mr, addr1, l);
+ }
+ len -= l;
+ buf += l;
+ addr += l;
+ }
+ return MEMTX_OK;
+}
+
int64_t address_space_cache_init(MemoryRegionCache *cache,
AddressSpace *as,
hwaddr addr,
@@ -3438,6 +3526,33 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
return 0;
}
+static MemTxResult address_space_encrypted_memory_read_debug(AddressSpace *as,
+ hwaddr addr, MemTxAttrs attrs,
+ void *ptr, hwaddr len)
+{
+ attrs.debug = 1;
+ return address_space_read_debug(as, addr, attrs, ptr, len);
+}
+
+
+static MemTxResult address_space_encrypted_rom_write_debug(AddressSpace *as,
+ hwaddr addr, MemTxAttrs attrs,
+ const void *ptr, hwaddr len)
+{
+ attrs.debug = 1;
+ return address_space_write_rom_debug(as, addr, attrs, ptr, len);
+}
+
+static const MemoryDebugOps encrypted_memory_debug_ops = {
+ .read = address_space_encrypted_memory_read_debug,
+ .write = address_space_encrypted_rom_write_debug,
+};
+
+void set_encrypted_memory_debug_ops(void)
+{
+ address_space_set_debug_ops(&encrypted_memory_debug_ops);
+}
+
/*
* Allows code that needs to deal with migration bitmaps etc to still be built
* target independent.
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 5050b2a82f..228d18a449 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -2231,9 +2231,11 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
return ret;
}
- if (kvm_tdx_enabled())
+ if (kvm_tdx_enabled()) {
kvm_setup_memory_region_debug_ops(s,
kvm_encrypted_guest_set_memory_region_debug_ops);
+ set_encrypted_memory_debug_ops();
+ }
if (!kvm_check_extension(s, KVM_CAP_IRQ_ROUTING)) {
error_report("kvm: KVM_CAP_IRQ_ROUTING not supported by KVM");
--
2.20.1
next prev parent reply other threads:[~2021-05-06 1:41 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-06 1:40 [RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 01/10] Extend the MemTxAttrs to include a 'debug' flag. The flag can be used as general indicator that operation was triggered by the debugger Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 02/10] Currently, guest memory access for debugging purposes is performed using memcpy(). Extend the 'struct MemoryRegion' to include new callbacks that can be used to override the use of memcpy() with something else Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 03/10] Introduce new interface KVMState::set_mr_debug_ops and its wrapper Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 04/10] Implements the common MemoryRegion::ram_debug_ops for encrypted guests Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 05/10] Set the RAM's MemoryRegion::debug_ops for INTEL TD guests Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 06/10] Introduce new MemoryDebugOps which hook into guest virtual and physical memory debug interfaces such as cpu_memory_rw_debug, to allow vendor specific assist/hooks for debugging and delegating accessing the guest memory. This is required for example in case of AMD SEV platform where the guest memory is encrypted and a SEV specific debug assist/hook will be required to access the guest memory Yuan Yao
2021-05-06 1:40 ` Yuan Yao [this message]
2021-05-06 1:40 ` [RFC][PATCH v1 08/10] Introduce debug version of physical memory read/write API Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 09/10] Change the monitor and other commands and gdbstub to use the debug API Yuan Yao
2021-05-06 1:40 ` [RFC][PATCH v1 10/10] Introduce new CPUClass::get_phys_page_attrs_debug implementation for encrypted guests Yuan Yao
2021-09-02 14:04 ` [RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU Ashish Kalra
2021-09-02 23:23 ` Yao, Yuan
2021-09-07 10:51 ` Ashish Kalra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210506014037.11982-8-yuan.yao@linux.intel.com \
--to=yuan.yao@linux.intel.com \
--cc=Thomas.Lendacky@amd.com \
--cc=armbru@redhat.com \
--cc=ashish.kalra@amd.com \
--cc=brijesh.singh@amd.com \
--cc=dgilbert@redhat.com \
--cc=ehabkost@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=kvm@vger.kernel.org \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=yuan.yao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).