[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH v4 02/20] memattrs: add debug attribute
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [Qemu-devel] [RFC PATCH v4 02/20] memattrs: add debug attribute |
|
Date: |
Fri, 24 Mar 2017 15:36:13 +0000 |
|
User-agent: |
Mutt/1.8.0 (2017-02-23) |
On Thu, Mar 23, 2017 at 01:14:17PM -0500, Brijesh Singh wrote:
> Hi Stefan,
>
>
> On 03/23/2017 06:29 AM, Stefan Hajnoczi wrote:
> > On Wed, Mar 08, 2017 at 03:51:28PM -0500, Brijesh Singh wrote:
> > > Add a new debug attribute, the attribute should be set when guest memory
> > > accesses are performed for debug purposes.
> > > The attribute will be used in SEV guest, where we need to distinguish
> > > normal
> > > vs debug access to guest memory. In debug mode, we need to use SEV
> > > commands
> > > to access the guest memory.
> > >
> > > Signed-off-by: Brijesh Singh <address@hidden>
> > > ---
> > > include/exec/memattrs.h | 4 ++++
> > > 1 file changed, 4 insertions(+)
> > >
> > > diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
> > > index e601061..b802073 100644
> > > --- a/include/exec/memattrs.h
> > > +++ b/include/exec/memattrs.h
> > > @@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
> > > unsigned int user:1;
> > > /* Requester ID (for MSI for example) */
> > > unsigned int requester_id:16;
> > > + /* Memory access for debug purposes */
> >
> > What does "debug purposes" mean? gdbstub? Can the guest initiate debug
> > memory accesses or is the purely QEMU-internal?
> >
>
> What I mean by that is, any access to the guest memory within Qemu internal
> functions
> (e.g gdbstub, qemu monitor's memory dump, info mem, info tlb etc). I have
> also introduced
> debug version of ldl_phys, ldq_phys, cpu_physical_memory_* [1] and have
> updated hmp monitor
> code to use the debug version api's when accessing the guest memory [2].
>
> [1] http://marc.info/?l=qemu-devel&m=148900832814697&w=2
> [2] http://marc.info/?l=qemu-devel&m=148900831414693&w=2
>
>
> Note: SEV debug API's are meant to be used by hypervisor to decrypt/encrypt
> guest memory.
> But when you are inside the guest, the guest will have access to decrypted
> data and does
> not need to call down to hypervisor for debug access.
People reading the code in memattrs.h aren't thinking about AMD SEV, so
"debug purposes" isn't meaningful in this context.
I suggest something like this instead:
/* Debug memory access for AMD SEV */
That way it's clear this "debug" flag has a very specific meaning in the
context of memory encryption.
Stefan
signature.asc
Description: PGP signature
[Qemu-devel] [RFC PATCH v4 04/20] exec: add debug version of physical memory read and write api, Brijesh Singh, 2017/03/08
[Qemu-devel] [RFC PATCH v4 05/20] monitor/i386: use debug apis when accessing guest memory, Brijesh Singh, 2017/03/08
[Qemu-devel] [RFC PATCH v4 01/20] kvm: update kvm.h header file, Brijesh Singh, 2017/03/08
[Qemu-devel] [RFC PATCH v4 08/20] sev: add Secure Encrypted Virtulization (SEV) support, Brijesh Singh, 2017/03/08
[Qemu-devel] [RFC PATCH v4 13/20] sev: add LAUNCH_UPDATE_DATA command, Brijesh Singh, 2017/03/08
[Qemu-devel] [RFC PATCH v4 06/20] core: add new security-policy object, Brijesh Singh, 2017/03/08