From: Richard Henderson <richard.henderson@linaro.org>
To: "Ilya Leoshkevich" <iii@linux.ibm.com>,
"Peter Maydell" <peter.maydell@linaro.org>,
"Alex Bennée" <alex.bennee@linaro.org>,
"David Hildenbrand" <david@redhat.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
qemu-devel@nongnu.org, qemu-arm@nongnu.org,
qemu-s390x@nongnu.org
Subject: Re: [PATCH 1/3] linux-user: Allow gdbstub to ignore page protection
Date: Wed, 10 Jan 2024 04:42:25 +1100 [thread overview]
Message-ID: <0195c274-0d5c-484b-9475-84a4d16bfae8@linaro.org> (raw)
In-Reply-To: <20240108233821.201325-2-iii@linux.ibm.com>
On 1/9/24 10:34, Ilya Leoshkevich wrote:
> gdbserver ignores page protection by virtue of using /proc/$pid/mem.
> Teach qemu gdbstub to do this too. This will not work if /proc is not
> mounted; accept this limitation.
>
> One alternative is to temporarily grant the missing PROT_* bit, but
> this is inherently racy. Another alternative is self-debugging with
> ptrace(POKE), which will break if QEMU itself is being debugged - a
> much more severe limitation.
>
> Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
> ---
> cpu-target.c | 55 ++++++++++++++++++++++++++++++++++++++--------------
> 1 file changed, 40 insertions(+), 15 deletions(-)
>
> diff --git a/cpu-target.c b/cpu-target.c
> index 5eecd7ea2d7..69e97f78980 100644
> --- a/cpu-target.c
> +++ b/cpu-target.c
> @@ -406,6 +406,15 @@ int cpu_memory_rw_debug(CPUState *cpu, vaddr addr,
> vaddr l, page;
> void * p;
> uint8_t *buf = ptr;
> + int ret = -1;
> + int mem_fd;
> +
> + /*
> + * Try ptrace first. If /proc is not mounted or if there is a different
> + * problem, fall back to the manual page access. Note that, unlike ptrace,
> + * it will not be able to ignore the protection bits.
> + */
> + mem_fd = open("/proc/self/mem", is_write ? O_WRONLY : O_RDONLY);
Surely this is the unlikely fallback, and you don't need to open unless the page is
otherwise inaccessible.
I see no handling for writes to pages that contain TranslationBlocks.
r~
>
> while (len > 0) {
> page = addr & TARGET_PAGE_MASK;
> @@ -413,22 +422,33 @@ int cpu_memory_rw_debug(CPUState *cpu, vaddr addr,
> if (l > len)
> l = len;
> flags = page_get_flags(page);
> - if (!(flags & PAGE_VALID))
> - return -1;
> + if (!(flags & PAGE_VALID)) {
> + goto out_close;
> + }
> if (is_write) {
> - if (!(flags & PAGE_WRITE))
> - return -1;
> + if (mem_fd == -1 ||
> + pwrite(mem_fd, ptr, len, (off_t)g2h_untagged(addr)) != len) {
> + if (!(flags & PAGE_WRITE)) {
> + goto out_close;
> + }
> + /* XXX: this code should not depend on lock_user */
> + p = lock_user(VERIFY_WRITE, addr, l, 0);
> + if (!p) {
> + goto out_close;
> + }
> + memcpy(p, buf, l);
> + unlock_user(p, addr, l);
> + }
> + } else if (mem_fd == -1 ||
> + pread(mem_fd, ptr, len, (off_t)g2h_untagged(addr)) != len) {
> + if (!(flags & PAGE_READ)) {
> + goto out_close;
> + }
> /* XXX: this code should not depend on lock_user */
> - if (!(p = lock_user(VERIFY_WRITE, addr, l, 0)))
> - return -1;
> - memcpy(p, buf, l);
> - unlock_user(p, addr, l);
> - } else {
> - if (!(flags & PAGE_READ))
> - return -1;
> - /* XXX: this code should not depend on lock_user */
> - if (!(p = lock_user(VERIFY_READ, addr, l, 1)))
> - return -1;
> + p = lock_user(VERIFY_READ, addr, l, 1);
> + if (!p) {
> + goto out_close;
> + }
> memcpy(buf, p, l);
> unlock_user(p, addr, 0);
> }
> @@ -436,7 +456,12 @@ int cpu_memory_rw_debug(CPUState *cpu, vaddr addr,
> buf += l;
> addr += l;
> }
> - return 0;
> + ret = 0;
> +out_close:
> + if (mem_fd != -1) {
> + close(mem_fd);
> + }
> + return ret;
> }
> #endif
>
next prev parent reply other threads:[~2024-01-09 17:43 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-08 23:34 [PATCH 0/3] linux-user: Allow gdbstub to ignore page protection Ilya Leoshkevich
2024-01-08 23:34 ` [PATCH 1/3] " Ilya Leoshkevich
2024-01-09 17:42 ` Richard Henderson [this message]
2024-01-09 19:39 ` Ilya Leoshkevich
2024-01-09 21:47 ` Richard Henderson
2024-01-08 23:34 ` [PATCH 2/3] tests/tcg: Factor out gdbstub test functions Ilya Leoshkevich
2024-01-08 23:34 ` [PATCH 3/3] tests/tcg: Add the PROT_NONE gdbstub test Ilya Leoshkevich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0195c274-0d5c-484b-9475-84a4d16bfae8@linaro.org \
--to=richard.henderson@linaro.org \
--cc=alex.bennee@linaro.org \
--cc=david@redhat.com \
--cc=iii@linux.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.