From: Yuan Yao <yuan.yao@linux.intel.com> To: pbonzini@redhat.com Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org, dgilbert@redhat.com, ehabkost@redhat.com, mst@redhat.com, armbru@redhat.com, mtosatti@redhat.com, ashish.kalra@amd.com, Thomas.Lendacky@amd.com, brijesh.singh@amd.com, isaku.yamahata@intel.com, yuan.yao@intel.com Subject: [RFC][PATCH v1 10/10] Introduce new CPUClass::get_phys_page_attrs_debug implementation for encrypted guests Date: Thu, 6 May 2021 09:40:37 +0800 [thread overview] Message-ID: <20210506014037.11982-11-yuan.yao@linux.intel.com> (raw) In-Reply-To: <20210506014037.11982-1-yuan.yao@linux.intel.com> From: Yuan Yao <yuan.yao@intel.com> Add new function x86_cpu_get_phys_page_attrs_encrypted_debug() to walking guset page tables to do VA -> PA translation for encrypted guests. Now install this to cc->get_phys_page_attrs_debug for INTEL TD guests only. Signed-off-by: Yuan Yao <yuan.yao@intel.com> diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 7a8a1386fb..9ce81bb21c 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1807,6 +1807,8 @@ void x86_cpu_dump_state(CPUState *cs, FILE *f, int flags); hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr, MemTxAttrs *attrs); +hwaddr x86_cpu_get_phys_page_attrs_encrypted_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs); int x86_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); int x86_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); diff --git a/target/i386/helper.c b/target/i386/helper.c index 21edcb9204..a9a0467b50 100644 --- a/target/i386/helper.c +++ b/target/i386/helper.c @@ -205,8 +205,10 @@ void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4) } #if !defined(CONFIG_USER_ONLY) -hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, - MemTxAttrs *attrs) +static hwaddr x86_cpu_get_phys_page_attrs_debug_internal(CPUState *cs, vaddr addr, + MemTxAttrs *attrs, + uint64_t (*ldq_phys)(CPUState *, hwaddr), + uint32_t (*ldl_phys)(CPUState *, hwaddr)) { X86CPU *cpu = X86_CPU(cs); CPUX86State *env = &cpu->env; @@ -242,7 +244,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, if (la57) { pml5e_addr = ((env->cr[3] & ~0xfff) + (((addr >> 48) & 0x1ff) << 3)) & a20_mask; - pml5e = x86_ldq_phys(cs, pml5e_addr); + pml5e = ldq_phys(cs, pml5e_addr); if (!(pml5e & PG_PRESENT_MASK)) { return -1; } @@ -252,13 +254,13 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, pml4e_addr = ((pml5e & PG_ADDRESS_MASK) + (((addr >> 39) & 0x1ff) << 3)) & a20_mask; - pml4e = x86_ldq_phys(cs, pml4e_addr); + pml4e = ldq_phys(cs, pml4e_addr); if (!(pml4e & PG_PRESENT_MASK)) { return -1; } pdpe_addr = ((pml4e & PG_ADDRESS_MASK) + (((addr >> 30) & 0x1ff) << 3)) & a20_mask; - pdpe = x86_ldq_phys(cs, pdpe_addr); + pdpe = ldq_phys(cs, pdpe_addr); if (!(pdpe & PG_PRESENT_MASK)) { return -1; } @@ -273,14 +275,14 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, { pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) & a20_mask; - pdpe = x86_ldq_phys(cs, pdpe_addr); + pdpe = ldq_phys(cs, pdpe_addr); if (!(pdpe & PG_PRESENT_MASK)) return -1; } pde_addr = ((pdpe & PG_ADDRESS_MASK) + (((addr >> 21) & 0x1ff) << 3)) & a20_mask; - pde = x86_ldq_phys(cs, pde_addr); + pde = ldq_phys(cs, pde_addr); if (!(pde & PG_PRESENT_MASK)) { return -1; } @@ -293,7 +295,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, pte_addr = ((pde & PG_ADDRESS_MASK) + (((addr >> 12) & 0x1ff) << 3)) & a20_mask; page_size = 4096; - pte = x86_ldq_phys(cs, pte_addr); + pte = ldq_phys(cs, pte_addr); } if (!(pte & PG_PRESENT_MASK)) { return -1; @@ -303,7 +305,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, /* page directory entry */ pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask; - pde = x86_ldl_phys(cs, pde_addr); + pde = ldl_phys(cs, pde_addr); if (!(pde & PG_PRESENT_MASK)) return -1; if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) { @@ -312,7 +314,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, } else { /* page directory entry */ pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask; - pte = x86_ldl_phys(cs, pte_addr); + pte = ldl_phys(cs, pte_addr); if (!(pte & PG_PRESENT_MASK)) { return -1; } @@ -329,6 +331,22 @@ out: return pte | page_offset; } +hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs) +{ + return x86_cpu_get_phys_page_attrs_debug_internal(cs, addr, attrs, + x86_ldq_phys, + x86_ldl_phys); +} + +hwaddr x86_cpu_get_phys_page_attrs_encrypted_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs) +{ + return x86_cpu_get_phys_page_attrs_debug_internal(cs, addr, attrs, + x86_ldq_phys_debug, + x86_ldl_phys_debug); +} + typedef struct MCEInjectionParams { Monitor *mon; int bank; diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index d13d4c8487..b1e089f73f 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -273,6 +273,7 @@ void tdx_pre_create_vcpu(CPUState *cpu) MachineState *ms = MACHINE(qdev_get_machine()); X86CPU *x86cpu = X86_CPU(cpu); + CPUClass *cc = CPU_GET_CLASS(cpu); CPUX86State *env = &x86cpu->env; TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs), TYPE_TDX_GUEST); @@ -320,6 +321,11 @@ void tdx_pre_create_vcpu(CPUState *cpu) init_vm.cpuid = (__u64)(&cpuid_data); tdx_ioctl(KVM_TDX_INIT_VM, 0, &init_vm); + + if (tdx->debug) { + cc->get_phys_page_attrs_debug + = x86_cpu_get_phys_page_attrs_encrypted_debug; + } out: qemu_mutex_unlock(&tdx->lock); } -- 2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Yuan Yao <yuan.yao@linux.intel.com> To: pbonzini@redhat.com Cc: isaku.yamahata@intel.com, Thomas.Lendacky@amd.com, ashish.kalra@amd.com, brijesh.singh@amd.com, ehabkost@redhat.com, kvm@vger.kernel.org, mst@redhat.com, mtosatti@redhat.com, armbru@redhat.com, qemu-devel@nongnu.org, yuan.yao@intel.com, dgilbert@redhat.com Subject: [RFC][PATCH v1 10/10] Introduce new CPUClass::get_phys_page_attrs_debug implementation for encrypted guests Date: Thu, 6 May 2021 09:40:37 +0800 [thread overview] Message-ID: <20210506014037.11982-11-yuan.yao@linux.intel.com> (raw) In-Reply-To: <20210506014037.11982-1-yuan.yao@linux.intel.com> From: Yuan Yao <yuan.yao@intel.com> Add new function x86_cpu_get_phys_page_attrs_encrypted_debug() to walking guset page tables to do VA -> PA translation for encrypted guests. Now install this to cc->get_phys_page_attrs_debug for INTEL TD guests only. Signed-off-by: Yuan Yao <yuan.yao@intel.com> diff --git a/target/i386/cpu.h b/target/i386/cpu.h index 7a8a1386fb..9ce81bb21c 100644 --- a/target/i386/cpu.h +++ b/target/i386/cpu.h @@ -1807,6 +1807,8 @@ void x86_cpu_dump_state(CPUState *cs, FILE *f, int flags); hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr, MemTxAttrs *attrs); +hwaddr x86_cpu_get_phys_page_attrs_encrypted_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs); int x86_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg); int x86_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg); diff --git a/target/i386/helper.c b/target/i386/helper.c index 21edcb9204..a9a0467b50 100644 --- a/target/i386/helper.c +++ b/target/i386/helper.c @@ -205,8 +205,10 @@ void cpu_x86_update_cr4(CPUX86State *env, uint32_t new_cr4) } #if !defined(CONFIG_USER_ONLY) -hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, - MemTxAttrs *attrs) +static hwaddr x86_cpu_get_phys_page_attrs_debug_internal(CPUState *cs, vaddr addr, + MemTxAttrs *attrs, + uint64_t (*ldq_phys)(CPUState *, hwaddr), + uint32_t (*ldl_phys)(CPUState *, hwaddr)) { X86CPU *cpu = X86_CPU(cs); CPUX86State *env = &cpu->env; @@ -242,7 +244,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, if (la57) { pml5e_addr = ((env->cr[3] & ~0xfff) + (((addr >> 48) & 0x1ff) << 3)) & a20_mask; - pml5e = x86_ldq_phys(cs, pml5e_addr); + pml5e = ldq_phys(cs, pml5e_addr); if (!(pml5e & PG_PRESENT_MASK)) { return -1; } @@ -252,13 +254,13 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, pml4e_addr = ((pml5e & PG_ADDRESS_MASK) + (((addr >> 39) & 0x1ff) << 3)) & a20_mask; - pml4e = x86_ldq_phys(cs, pml4e_addr); + pml4e = ldq_phys(cs, pml4e_addr); if (!(pml4e & PG_PRESENT_MASK)) { return -1; } pdpe_addr = ((pml4e & PG_ADDRESS_MASK) + (((addr >> 30) & 0x1ff) << 3)) & a20_mask; - pdpe = x86_ldq_phys(cs, pdpe_addr); + pdpe = ldq_phys(cs, pdpe_addr); if (!(pdpe & PG_PRESENT_MASK)) { return -1; } @@ -273,14 +275,14 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, { pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) & a20_mask; - pdpe = x86_ldq_phys(cs, pdpe_addr); + pdpe = ldq_phys(cs, pdpe_addr); if (!(pdpe & PG_PRESENT_MASK)) return -1; } pde_addr = ((pdpe & PG_ADDRESS_MASK) + (((addr >> 21) & 0x1ff) << 3)) & a20_mask; - pde = x86_ldq_phys(cs, pde_addr); + pde = ldq_phys(cs, pde_addr); if (!(pde & PG_PRESENT_MASK)) { return -1; } @@ -293,7 +295,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, pte_addr = ((pde & PG_ADDRESS_MASK) + (((addr >> 12) & 0x1ff) << 3)) & a20_mask; page_size = 4096; - pte = x86_ldq_phys(cs, pte_addr); + pte = ldq_phys(cs, pte_addr); } if (!(pte & PG_PRESENT_MASK)) { return -1; @@ -303,7 +305,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, /* page directory entry */ pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask; - pde = x86_ldl_phys(cs, pde_addr); + pde = ldl_phys(cs, pde_addr); if (!(pde & PG_PRESENT_MASK)) return -1; if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) { @@ -312,7 +314,7 @@ hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, } else { /* page directory entry */ pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask; - pte = x86_ldl_phys(cs, pte_addr); + pte = ldl_phys(cs, pte_addr); if (!(pte & PG_PRESENT_MASK)) { return -1; } @@ -329,6 +331,22 @@ out: return pte | page_offset; } +hwaddr x86_cpu_get_phys_page_attrs_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs) +{ + return x86_cpu_get_phys_page_attrs_debug_internal(cs, addr, attrs, + x86_ldq_phys, + x86_ldl_phys); +} + +hwaddr x86_cpu_get_phys_page_attrs_encrypted_debug(CPUState *cs, vaddr addr, + MemTxAttrs *attrs) +{ + return x86_cpu_get_phys_page_attrs_debug_internal(cs, addr, attrs, + x86_ldq_phys_debug, + x86_ldl_phys_debug); +} + typedef struct MCEInjectionParams { Monitor *mon; int bank; diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c index d13d4c8487..b1e089f73f 100644 --- a/target/i386/kvm/tdx.c +++ b/target/i386/kvm/tdx.c @@ -273,6 +273,7 @@ void tdx_pre_create_vcpu(CPUState *cpu) MachineState *ms = MACHINE(qdev_get_machine()); X86CPU *x86cpu = X86_CPU(cpu); + CPUClass *cc = CPU_GET_CLASS(cpu); CPUX86State *env = &x86cpu->env; TdxGuest *tdx = (TdxGuest *)object_dynamic_cast(OBJECT(ms->cgs), TYPE_TDX_GUEST); @@ -320,6 +321,11 @@ void tdx_pre_create_vcpu(CPUState *cpu) init_vm.cpuid = (__u64)(&cpuid_data); tdx_ioctl(KVM_TDX_INIT_VM, 0, &init_vm); + + if (tdx->debug) { + cc->get_phys_page_attrs_debug + = x86_cpu_get_phys_page_attrs_encrypted_debug; + } out: qemu_mutex_unlock(&tdx->lock); } -- 2.20.1
next prev parent reply other threads:[~2021-05-06 1:41 UTC|newest] Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-05-06 1:40 [RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 01/10] Extend the MemTxAttrs to include a 'debug' flag. The flag can be used as general indicator that operation was triggered by the debugger Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 02/10] Currently, guest memory access for debugging purposes is performed using memcpy(). Extend the 'struct MemoryRegion' to include new callbacks that can be used to override the use of memcpy() with something else Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 03/10] Introduce new interface KVMState::set_mr_debug_ops and its wrapper Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 04/10] Implements the common MemoryRegion::ram_debug_ops for encrypted guests Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 05/10] Set the RAM's MemoryRegion::debug_ops for INTEL TD guests Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 06/10] Introduce new MemoryDebugOps which hook into guest virtual and physical memory debug interfaces such as cpu_memory_rw_debug, to allow vendor specific assist/hooks for debugging and delegating accessing the guest memory. This is required for example in case of AMD SEV platform where the guest memory is encrypted and a SEV specific debug assist/hook will be required to access the guest memory Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 07/10] Add new address_space_read and address_space_write debug helper interfaces which can be invoked by vendor specific guest memory debug assist/hooks to do guest RAM memory accesses using the added MemoryRegion callbacks Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 08/10] Introduce debug version of physical memory read/write API Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` [RFC][PATCH v1 09/10] Change the monitor and other commands and gdbstub to use the debug API Yuan Yao 2021-05-06 1:40 ` Yuan Yao 2021-05-06 1:40 ` Yuan Yao [this message] 2021-05-06 1:40 ` [RFC][PATCH v1 10/10] Introduce new CPUClass::get_phys_page_attrs_debug implementation for encrypted guests Yuan Yao 2021-09-02 14:04 ` [RFC][PATCH v1 00/10] Enable encrypted guest memory access in QEMU Ashish Kalra 2021-09-02 23:23 ` Yao, Yuan 2021-09-02 23:23 ` Yao, Yuan 2021-09-07 10:51 ` Ashish Kalra
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210506014037.11982-11-yuan.yao@linux.intel.com \ --to=yuan.yao@linux.intel.com \ --cc=Thomas.Lendacky@amd.com \ --cc=armbru@redhat.com \ --cc=ashish.kalra@amd.com \ --cc=brijesh.singh@amd.com \ --cc=dgilbert@redhat.com \ --cc=ehabkost@redhat.com \ --cc=isaku.yamahata@intel.com \ --cc=kvm@vger.kernel.org \ --cc=mst@redhat.com \ --cc=mtosatti@redhat.com \ --cc=pbonzini@redhat.com \ --cc=qemu-devel@nongnu.org \ --cc=yuan.yao@intel.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.