[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 00/11] Add QEMU debug support for SEV guests
From: |
Ashish Kalra |
Subject: |
[PATCH 00/11] Add QEMU debug support for SEV guests |
Date: |
Mon, 16 Nov 2020 18:48:24 +0000 |
From: Ashish Kalra <ashish.kalra@amd.com>
This patchset adds QEMU debug support for SEV guests. Debug requires access to
the guest pages, which is encrypted when SEV is enabled.
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are available to
decrypt/encrypt the guest pages, if the guest policy allows for debugging.
Changes are made to the guest page table walker since SEV guest pte entries
will have the C-bit set.
Also introduces new MemoryDebugOps which hook into guest virtual and physical
memory debug interfaces such as cpu_memory_rw_debug,
to allow vendor specific assist/hooks for debugging and delegating accessing
the guest memory. This is used for example in case of
AMD SEV platform where the guest memory is encrypted and a SEV specific debug
assist/hook will be required to access the guest memory.
The MemoryDebugOps are used by cpu_memory_rw_debug() and default to
address_space_read and address_space_write_rom as described below.
typedef struct MemoryDebugOps {
MemTxResult (*read)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, void *buf,
hwaddr len);
MemTxResult (*write)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, const void *buf,
hwaddr len);
} MemoryDebugOps;
These ops would be used only by cpu_memory_rw_debug and would default to
static const MemoryDebugOps default_debug_ops = {
.translate = cpu_get_phys_page_attrs_debug,
.read = address_space_read,
.write = address_space_write_rom
};
static const MemoryDebugOps *debug_ops = &default_debug_ops;
Ashish Kalra (3):
exec: Add new MemoryDebugOps.
exec: Add address_space_read and address_space_write debug helpers.
sev/i386: add SEV specific MemoryDebugOps.
Brijesh Singh (8):
memattrs: add debug attribute
exec: add ram_debug_ops support
exec: add debug version of physical memory read and write API
monitor/i386: use debug APIs when accessing guest memory
kvm: introduce debug memory encryption API
sev/i386: add debug encrypt and decrypt commands
hw/i386: set ram_debug_ops when memory encryption is enabled
target/i386: clear C-bit when walking SEV guest page table
accel/kvm/kvm-all.c | 22 ++++
accel/kvm/sev-stub.c | 8 ++
accel/stubs/kvm-stub.c | 8 ++
hw/i386/pc.c | 9 ++
hw/i386/pc_sysfw.c | 6 +
include/exec/cpu-common.h | 18 +++
include/exec/memattrs.h | 2 +
include/exec/memory.h | 49 ++++++++
include/sysemu/kvm.h | 15 +++
include/sysemu/sev.h | 12 ++
monitor/misc.c | 4 +-
softmmu/cpus.c | 2 +-
softmmu/physmem.c | 170 +++++++++++++++++++++++++-
target/i386/kvm.c | 4 +
target/i386/monitor.c | 124 +++++++++++--------
target/i386/sev.c | 244 ++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
17 files changed, 642 insertions(+), 56 deletions(-)
--
2.17.1
- [PATCH 00/11] Add QEMU debug support for SEV guests,
Ashish Kalra <=
- [PATCH 01/11] memattrs: add debug attribute, Ashish Kalra, 2020/11/16
- [PATCH 02/11] exec: Add new MemoryDebugOps., Ashish Kalra, 2020/11/16
- [PATCH 03/11] exec: add ram_debug_ops support, Ashish Kalra, 2020/11/16
- [PATCH 04/11] exec: Add address_space_read and address_space_write debug helpers., Ashish Kalra, 2020/11/16
- [PATCH 05/11] exec: add debug version of physical memory read and write API, Ashish Kalra, 2020/11/16
- [PATCH 06/11] monitor/i386: use debug APIs when accessing guest memory, Ashish Kalra, 2020/11/16
- [PATCH 07/11] kvm: introduce debug memory encryption API, Ashish Kalra, 2020/11/16
- [PATCH 08/11] sev/i386: add debug encrypt and decrypt commands, Ashish Kalra, 2020/11/16
- [PATCH 09/11] hw/i386: set ram_debug_ops when memory encryption is enabled, Ashish Kalra, 2020/11/16