From: Peter Maydell <peter.maydell@linaro.org>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
Alistair Francis <alistair.francis@xilinx.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Cornelia Huck <cornelia.huck@de.ibm.com>,
"Daniel P . Berrange" <berrange@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Edgar E . Iglesias" <edgar.iglesias@xilinx.com>,
Eduardo Habkost <ehabkost@redhat.com>,
Eric Blake <eblake@redhat.com>, kvm-devel <kvm@vger.kernel.org>,
Marcel Apfelbaum <marcel@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Peter Crosthwaite <crosthwaite.peter@gmail.com>,
Richard Henderson <richard.henderson@linaro.org>,
Richard Henderson <rth@twiddle.net>,
Stefan Hajnoczi <stefanha@gmail.com>,
Subject: Re: [PATCH v5 01/23] memattrs: add debug attribute
Date: Wed, 6 Dec 2017 22:03:06 +0000 [thread overview]
Message-ID: <CAFEAcA8UvBopec1ammRML+fgh36YLfRyg2wsgmzesmAUFy8H3w@mail.gmail.com> (raw)
In-Reply-To: <20171206200346.116537-2-brijesh.singh@amd.com>
On 6 December 2017 at 20:03, Brijesh Singh <brijesh.singh@amd.com> wrote:
> The debug attribute will be set when qemu attempts to access the guest
> memory for debug (e.g memory access from gdbstub, memory dump commands
> etc).
>
> When guest memory is encrypted, the debug access will need to go through
> the memory encryption APIs.
>
> Cc: Alistair Francis <alistair.francis@xilinx.com>
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
> Cc: Richard Henderson <richard.henderson@linaro.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
> include/exec/memattrs.h | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
> index d4a16420984b..721362e06292 100644
> --- a/include/exec/memattrs.h
> +++ b/include/exec/memattrs.h
> @@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
> unsigned int user:1;
> /* Requester ID (for MSI for example) */
> unsigned int requester_id:16;
> + /* Debug memory access for encrypted guest */
> + unsigned int debug:1;
> } MemTxAttrs;
Can we have some more detailed semantics for this please?
For instance, if a device gets a debug=1 transaction
should it refuse to do things like read-clears-bits
semantics or other side-effects you wouldn't expect
of debugger accesses?
thanks
-- PMM
WARNING: multiple messages have this Message-ID (diff)
From: Peter Maydell <peter.maydell@linaro.org>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>,
Alistair Francis <alistair.francis@xilinx.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Cornelia Huck <cornelia.huck@de.ibm.com>,
"Daniel P . Berrange" <berrange@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
"Edgar E . Iglesias" <edgar.iglesias@xilinx.com>,
Eduardo Habkost <ehabkost@redhat.com>,
Eric Blake <eblake@redhat.com>, kvm-devel <kvm@vger.kernel.org>,
Marcel Apfelbaum <marcel@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Peter Crosthwaite <crosthwaite.peter@gmail.com>,
Richard Henderson <richard.henderson@linaro.org>,
Richard Henderson <rth@twiddle.net>,
Stefan Hajnoczi <stefanha@gmail.com>,
Thomas Lendacky <Thomas.Lendacky@amd.com>,
Borislav Petkov <bp@suse.de>
Subject: Re: [Qemu-devel] [PATCH v5 01/23] memattrs: add debug attribute
Date: Wed, 6 Dec 2017 22:03:06 +0000 [thread overview]
Message-ID: <CAFEAcA8UvBopec1ammRML+fgh36YLfRyg2wsgmzesmAUFy8H3w@mail.gmail.com> (raw)
In-Reply-To: <20171206200346.116537-2-brijesh.singh@amd.com>
On 6 December 2017 at 20:03, Brijesh Singh <brijesh.singh@amd.com> wrote:
> The debug attribute will be set when qemu attempts to access the guest
> memory for debug (e.g memory access from gdbstub, memory dump commands
> etc).
>
> When guest memory is encrypted, the debug access will need to go through
> the memory encryption APIs.
>
> Cc: Alistair Francis <alistair.francis@xilinx.com>
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
> Cc: Richard Henderson <richard.henderson@linaro.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
> include/exec/memattrs.h | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
> index d4a16420984b..721362e06292 100644
> --- a/include/exec/memattrs.h
> +++ b/include/exec/memattrs.h
> @@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
> unsigned int user:1;
> /* Requester ID (for MSI for example) */
> unsigned int requester_id:16;
> + /* Debug memory access for encrypted guest */
> + unsigned int debug:1;
> } MemTxAttrs;
Can we have some more detailed semantics for this please?
For instance, if a device gets a debug=1 transaction
should it refuse to do things like read-clears-bits
semantics or other side-effects you wouldn't expect
of debugger accesses?
thanks
-- PMM
next prev parent reply other threads:[~2017-12-06 22:03 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-06 20:03 [PATCH v5 00/23] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 01/23] memattrs: add debug attribute Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 22:03 ` Peter Maydell [this message]
2017-12-06 22:03 ` Peter Maydell
2017-12-07 21:20 ` Brijesh Singh
2017-12-07 21:20 ` [Qemu-devel] " Brijesh Singh
2017-12-08 9:55 ` Peter Maydell
2017-12-08 9:55 ` [Qemu-devel] " Peter Maydell
2017-12-08 10:24 ` Edgar E. Iglesias
2017-12-08 10:24 ` [Qemu-devel] " Edgar E. Iglesias
2017-12-08 22:57 ` Brijesh Singh
2017-12-08 22:57 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 02/23] exec: add ram_debug_ops support Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 03/23] exec: add debug version of physical memory read and write API Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 04/23] monitor/i386: use debug APIs when accessing guest memory Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 05/23] target/i386: add memory encryption feature cpuid support Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 06/23] machine: add -memory-encryption property Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 07/23] kvm: update kvm.h to include memory encryption ioctls Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 08/23] docs: add AMD Secure Encrypted Virtualization (SEV) Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 09/23] accel: add Secure Encrypted Virtulization (SEV) object Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 10/23] sev: add command to initialize the memory encryption context Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 11/23] sev: register the guest memory range which may contain encrypted data Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 12/23] kvm: introduce memory encryption APIs Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 13/23] hmp: display memory encryption support in 'info kvm' Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 14/23] sev: add command to create launch memory encryption context Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 15/23] sev: add command to encrypt guest memory region Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 16/23] target/i386: encrypt bios rom Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 17/23] qapi: add SEV_MEASUREMENT event Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 18/23] sev: emit the " Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 19/23] sev: Finalize the SEV guest launch flow Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 20/23] hw: i386: set ram_debug_ops when memory encryption is enabled Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 21/23] sev: add debug encrypt and decrypt commands Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 22/23] target/i386: clear C-bit when walking SEV guest page table Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-06 20:03 ` [PATCH v5 23/23] sev: add migration blocker Brijesh Singh
2017-12-06 20:03 ` [Qemu-devel] " Brijesh Singh
2017-12-07 11:03 ` Dr. David Alan Gilbert
2017-12-07 11:03 ` [Qemu-devel] " Dr. David Alan Gilbert
2017-12-07 11:10 ` Peter Maydell
2017-12-07 11:10 ` [Qemu-devel] " Peter Maydell
2017-12-07 11:27 ` Dr. David Alan Gilbert
2017-12-07 11:27 ` [Qemu-devel] " Dr. David Alan Gilbert
2017-12-07 21:25 ` Brijesh Singh
2017-12-07 21:25 ` [Qemu-devel] " Brijesh Singh
2017-12-07 22:50 ` Brijesh Singh
2017-12-07 22:50 ` [Qemu-devel] " Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFEAcA8UvBopec1ammRML+fgh36YLfRyg2wsgmzesmAUFy8H3w@mail.gmail.com \
--to=peter.maydell@linaro.org \
--cc=alistair.francis@xilinx.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=borntraeger@de.ibm.com \
--cc=brijesh.singh@amd.com \
--cc=cornelia.huck@de.ibm.com \
--cc=crosthwaite.peter@gmail.com \
--cc=dgilbert@redhat.com \
--cc=eblake@redhat.com \
--cc=edgar.iglesias@xilinx.com \
--cc=ehabkost@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=marcel@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=rth@twiddle.net \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.