From: Ashish Kalra <ashish.kalra@xxxxxxx>
This patchset adds QEMU debug support for SEV guests. Debug requires access to the guest pages, which is encrypted when SEV is enabled.
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are available to decrypt/encrypt the guest pages, if the guest policy allows for debugging.
Changes are made to the guest page table walker since SEV guest pte entries will have the C-bit set.
Also introduces new MemoryDebugOps which hook into guest virtual and physical memory debug interfaces such as cpu_memory_rw_debug,
to allow vendor specific assist/hooks for debugging and delegating accessing the guest memory. This is used for example in case of
AMD SEV platform where the guest memory is encrypted and a SEV specific debug assist/hook will be required to access the guest memory.
The MemoryDebugOps are used by cpu_memory_rw_debug() and default to address_space_read and address_space_write_rom as described below.
typedef struct MemoryDebugOps {
MemTxResult (*read)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, void *buf,
hwaddr len);
MemTxResult (*write)(AddressSpace *as, hwaddr phys_addr,
MemTxAttrs attrs, const void *buf,
hwaddr len);
} MemoryDebugOps;
These ops would be used only by cpu_memory_rw_debug and would default to
static const MemoryDebugOps default_debug_ops = {
.translate = cpu_get_phys_page_attrs_debug,
.read = address_space_read,
.write = address_space_write_rom
};
static const MemoryDebugOps *debug_ops = &default_debug_ops;
Ashish Kalra (3):
exec: Add new MemoryDebugOps.
exec: Add address_space_read and address_space_write debug helpers.
sev/i386: add SEV specific MemoryDebugOps.
Brijesh Singh (8):
memattrs: add debug attribute
exec: add ram_debug_ops support
exec: add debug version of physical memory read and write API
monitor/i386: use debug APIs when accessing guest memory
kvm: introduce debug memory encryption API
sev/i386: add debug encrypt and decrypt commands
hw/i386: set ram_debug_ops when memory encryption is enabled
target/i386: clear C-bit when walking SEV guest page table
accel/kvm/kvm-all.c | 22 ++++
accel/kvm/sev-stub.c | 8 ++
accel/stubs/kvm-stub.c | 8 ++
hw/i386/pc.c | 9 ++
hw/i386/pc_sysfw.c | 6 +
include/exec/cpu-common.h | 18 +++
include/exec/memattrs.h | 2 +
include/exec/memory.h | 49 ++++++++
include/sysemu/kvm.h | 15 +++
include/sysemu/sev.h | 12 ++
monitor/misc.c | 4 +-
softmmu/cpus.c | 2 +-
softmmu/physmem.c | 170 +++++++++++++++++++++++++-
target/i386/kvm.c | 4 +
target/i386/monitor.c | 124 +++++++++++--------
target/i386/sev.c | 244 ++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
17 files changed, 642 insertions(+), 56 deletions(-)
--
2.17.1
