[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v5] vm_event: Implement ARM SMC events
On Wed, 28 Sep 2016, Tamas K Lengyel wrote: > The ARM SMC instructions are already configured to trap to Xen by default. In > this patch we allow a user-space process in a privileged domain to receive > notification of when such event happens through the vm_event subsystem by > introducing the PRIVILEGED_CALL type. > > The intended use-case for this feature is for a monitor application to be able > insert tap-points into the domU kernel-code. For this task only unconditional > SMC instruction should be used. > > Signed-off-by: Tamas K Lengyel <tamas.lengyel@xxxxxxxxxxxx> > Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx> > Acked-by: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx> Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx> > Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> > Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx> > Cc: Julien Grall <julien.grall@xxxxxxx> > > v5: Only check if monitor.privileged_call_enabled is set once > --- > tools/libxc/include/xenctrl.h | 2 + > tools/libxc/xc_monitor.c | 14 +++++++ > tools/tests/xen-access/xen-access.c | 30 +++++++++++++++ > xen/arch/arm/Makefile | 1 + > xen/arch/arm/monitor.c | 76 > +++++++++++++++++++++++++++++++++++++ > xen/arch/arm/traps.c | 16 +++++++- > xen/include/asm-arm/domain.h | 5 +++ > xen/include/asm-arm/monitor.h | 18 +++------ > xen/include/public/domctl.h | 1 + > xen/include/public/vm_event.h | 7 ++++ > 10 files changed, 155 insertions(+), 15 deletions(-) > create mode 100644 xen/arch/arm/monitor.c > > diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h > index 560ce7b..eb53172 100644 > --- a/tools/libxc/include/xenctrl.h > +++ b/tools/libxc/include/xenctrl.h > @@ -2168,6 +2168,8 @@ int xc_monitor_guest_request(xc_interface *xch, domid_t > domain_id, > int xc_monitor_debug_exceptions(xc_interface *xch, domid_t domain_id, > bool enable, bool sync); > int xc_monitor_cpuid(xc_interface *xch, domid_t domain_id, bool enable); > +int xc_monitor_privileged_call(xc_interface *xch, domid_t domain_id, > + bool enable); > /** > * This function enables / disables emulation for each REP for a > * REP-compatible instruction. > diff --git a/tools/libxc/xc_monitor.c b/tools/libxc/xc_monitor.c > index 4298813..15a7c32 100644 > --- a/tools/libxc/xc_monitor.c > +++ b/tools/libxc/xc_monitor.c > @@ -185,6 +185,20 @@ int xc_monitor_cpuid(xc_interface *xch, domid_t > domain_id, bool enable) > return do_domctl(xch, &domctl); > } > > +int xc_monitor_privileged_call(xc_interface *xch, domid_t domain_id, > + bool enable) > +{ > + DECLARE_DOMCTL; > + > + domctl.cmd = XEN_DOMCTL_monitor_op; > + domctl.domain = domain_id; > + domctl.u.monitor_op.op = enable ? XEN_DOMCTL_MONITOR_OP_ENABLE > + : XEN_DOMCTL_MONITOR_OP_DISABLE; > + domctl.u.monitor_op.event = XEN_DOMCTL_MONITOR_EVENT_PRIVILEGED_CALL; > + > + return do_domctl(xch, &domctl); > +} > + > /* > * Local variables: > * mode: C > diff --git a/tools/tests/xen-access/xen-access.c > b/tools/tests/xen-access/xen-access.c > index ed18c71..9d4f957 100644 > --- a/tools/tests/xen-access/xen-access.c > +++ b/tools/tests/xen-access/xen-access.c > @@ -338,6 +338,8 @@ void usage(char* progname) > fprintf(stderr, "Usage: %s [-m] <domain_id> write|exec", progname); > #if defined(__i386__) || defined(__x86_64__) > fprintf(stderr, > "|breakpoint|altp2m_write|altp2m_exec|debug|cpuid"); > +#elif defined(__arm__) || defined(__aarch64__) > + fprintf(stderr, "|privcall"); > #endif > fprintf(stderr, > "\n" > @@ -362,6 +364,7 @@ int main(int argc, char *argv[]) > int required = 0; > int breakpoint = 0; > int shutting_down = 0; > + int privcall = 0; > int altp2m = 0; > int debug = 0; > int cpuid = 0; > @@ -431,6 +434,11 @@ int main(int argc, char *argv[]) > { > cpuid = 1; > } > +#elif defined(__arm__) || defined(__aarch64__) > + else if ( !strcmp(argv[0], "privcall") ) > + { > + privcall = 1; > + } > #endif > else > { > @@ -563,6 +571,16 @@ int main(int argc, char *argv[]) > } > } > > + if ( privcall ) > + { > + rc = xc_monitor_privileged_call(xch, domain_id, 1); > + if ( rc < 0 ) > + { > + ERROR("Error %d setting privileged call trapping with > vm_event\n", rc); > + goto exit; > + } > + } > + > /* Wait for access */ > for (;;) > { > @@ -578,6 +596,9 @@ int main(int argc, char *argv[]) > if ( cpuid ) > rc = xc_monitor_cpuid(xch, domain_id, 0); > > + if ( privcall ) > + rc = xc_monitor_privileged_call(xch, domain_id, 0); > + > if ( altp2m ) > { > rc = xc_altp2m_switch_to_view( xch, domain_id, 0 ); > @@ -695,6 +716,15 @@ int main(int argc, char *argv[]) > continue; > } > break; > + case VM_EVENT_REASON_PRIVILEGED_CALL: > + printf("Privileged call: pc=%"PRIx64" (vcpu %d)\n", > + req.data.regs.arm.pc, > + req.vcpu_id); > + > + rsp.data.regs.arm = req.data.regs.arm; > + rsp.data.regs.arm.pc += 4; > + rsp.flags |= VM_EVENT_FLAG_SET_REGISTERS; > + break; > case VM_EVENT_REASON_SINGLESTEP: > printf("Singlestep: rip=%016"PRIx64", vcpu %d, altp2m %u\n", > req.data.regs.x86.rip, > diff --git a/xen/arch/arm/Makefile b/xen/arch/arm/Makefile > index 64fdf41..b140d7e 100644 > --- a/xen/arch/arm/Makefile > +++ b/xen/arch/arm/Makefile > @@ -25,6 +25,7 @@ obj-y += irq.o > obj-y += kernel.o > obj-$(CONFIG_LIVEPATCH) += livepatch.o > obj-y += mm.o > +obj-y += monitor.o > obj-y += p2m.o > obj-y += percpu.o > obj-y += platform.o > diff --git a/xen/arch/arm/monitor.c b/xen/arch/arm/monitor.c > new file mode 100644 > index 0000000..59ce8f6 > --- /dev/null > +++ b/xen/arch/arm/monitor.c > @@ -0,0 +1,76 @@ > +/* > + * arch/arm/monitor.c > + * > + * Arch-specific monitor_op domctl handler. > + * > + * Copyright (c) 2016 Tamas K Lengyel (tamas.lengyel@xxxxxxxxxxxx) > + * > + * This program is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public > + * License v2 as published by the Free Software Foundation. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + * General Public License for more details. > + * > + * You should have received a copy of the GNU General Public > + * License along with this program; If not, see > <http://www.gnu.org/licenses/>. > + */ > + > +#include <xen/vm_event.h> > +#include <xen/monitor.h> > +#include <asm/monitor.h> > +#include <asm/vm_event.h> > +#include <public/vm_event.h> > + > +int arch_monitor_domctl_event(struct domain *d, > + struct xen_domctl_monitor_op *mop) > +{ > + struct arch_domain *ad = &d->arch; > + bool_t requested_status = (XEN_DOMCTL_MONITOR_OP_ENABLE == mop->op); > + > + switch ( mop->event ) > + { > + case XEN_DOMCTL_MONITOR_EVENT_PRIVILEGED_CALL: > + { > + bool_t old_status = ad->monitor.privileged_call_enabled; > + > + if ( unlikely(old_status == requested_status) ) > + return -EEXIST; > + > + domain_pause(d); > + ad->monitor.privileged_call_enabled = requested_status; > + domain_unpause(d); > + break; > + } > + > + default: > + /* > + * Should not be reached unless arch_monitor_get_capabilities() is > + * not properly implemented. > + */ > + ASSERT_UNREACHABLE(); > + return -EOPNOTSUPP; > + } > + > + return 0; > +} > + > +int monitor_smc(void) > +{ > + vm_event_request_t req = { > + .reason = VM_EVENT_REASON_PRIVILEGED_CALL > + }; > + > + return monitor_traps(current, 1, &req); > +} > + > +/* > + * Local variables: > + * mode: C > + * c-file-style: "BSD" > + * c-basic-offset: 4 > + * indent-tabs-mode: nil > + * End: > + */ > diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c > index 39a05fd..3555a28 100644 > --- a/xen/arch/arm/traps.c > +++ b/xen/arch/arm/traps.c > @@ -41,6 +41,7 @@ > #include <asm/mmio.h> > #include <asm/cpufeature.h> > #include <asm/flushtlb.h> > +#include <asm/monitor.h> > > #include "decode.h" > #include "vtimer.h" > @@ -2527,6 +2528,17 @@ bad_data_abort: > inject_dabt_exception(regs, info.gva, hsr.len); > } > > +static void do_trap_smc(struct cpu_user_regs *regs, const union hsr hsr) > +{ > + int rc = 0; > + > + if ( current->domain->arch.monitor.privileged_call_enabled ) > + rc = monitor_smc(); > + > + if ( rc != 1 ) > + inject_undef_exception(regs, hsr); > +} > + > static void enter_hypervisor_head(struct cpu_user_regs *regs) > { > if ( guest_mode(regs) ) > @@ -2602,7 +2614,7 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs > *regs) > */ > GUEST_BUG_ON(!psr_mode_is_32bit(regs->cpsr)); > perfc_incr(trap_smc32); > - inject_undef32_exception(regs); > + do_trap_smc(regs, hsr); > break; > case HSR_EC_HVC32: > GUEST_BUG_ON(!psr_mode_is_32bit(regs->cpsr)); > @@ -2635,7 +2647,7 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs > *regs) > */ > GUEST_BUG_ON(psr_mode_is_32bit(regs->cpsr)); > perfc_incr(trap_smc64); > - inject_undef64_exception(regs, hsr.len); > + do_trap_smc(regs, hsr); > break; > case HSR_EC_SYSREG: > GUEST_BUG_ON(psr_mode_is_32bit(regs->cpsr)); > diff --git a/xen/include/asm-arm/domain.h b/xen/include/asm-arm/domain.h > index 9452fcd..2d6fbb1 100644 > --- a/xen/include/asm-arm/domain.h > +++ b/xen/include/asm-arm/domain.h > @@ -126,6 +126,11 @@ struct arch_domain > paddr_t efi_acpi_gpa; > paddr_t efi_acpi_len; > #endif > + > + /* Monitor options */ > + struct { > + uint8_t privileged_call_enabled : 1; > + } monitor; > } __cacheline_aligned; > > struct arch_vcpu > diff --git a/xen/include/asm-arm/monitor.h b/xen/include/asm-arm/monitor.h > index 4af707a..1c4fea3 100644 > --- a/xen/include/asm-arm/monitor.h > +++ b/xen/include/asm-arm/monitor.h > @@ -32,19 +32,8 @@ int arch_monitor_domctl_op(struct domain *d, struct > xen_domctl_monitor_op *mop) > return -EOPNOTSUPP; > } > > -static inline > int arch_monitor_domctl_event(struct domain *d, > - struct xen_domctl_monitor_op *mop) > -{ > - /* > - * No arch-specific monitor vm-events on ARM. > - * > - * Should not be reached unless arch_monitor_get_capabilities() is not > - * properly implemented. > - */ > - ASSERT_UNREACHABLE(); > - return -EOPNOTSUPP; > -} > + struct xen_domctl_monitor_op *mop); > > static inline > int arch_monitor_init_domain(struct domain *d) > @@ -63,9 +52,12 @@ static inline uint32_t > arch_monitor_get_capabilities(struct domain *d) > { > uint32_t capabilities = 0; > > - capabilities = (1U << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST); > + capabilities = (1U << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST | > + 1U << XEN_DOMCTL_MONITOR_EVENT_PRIVILEGED_CALL); > > return capabilities; > } > > +int monitor_smc(void); > + > #endif /* __ASM_ARM_MONITOR_H__ */ > diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h > index ddd3de4..177319d 100644 > --- a/xen/include/public/domctl.h > +++ b/xen/include/public/domctl.h > @@ -1085,6 +1085,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_cmt_op_t); > #define XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST 4 > #define XEN_DOMCTL_MONITOR_EVENT_DEBUG_EXCEPTION 5 > #define XEN_DOMCTL_MONITOR_EVENT_CPUID 6 > +#define XEN_DOMCTL_MONITOR_EVENT_PRIVILEGED_CALL 7 > > struct xen_domctl_monitor_op { > uint32_t op; /* XEN_DOMCTL_MONITOR_OP_* */ > diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h > index f756126..b251f68 100644 > --- a/xen/include/public/vm_event.h > +++ b/xen/include/public/vm_event.h > @@ -124,6 +124,13 @@ > #define VM_EVENT_REASON_DEBUG_EXCEPTION 9 > /* CPUID executed */ > #define VM_EVENT_REASON_CPUID 10 > +/* > + * Privileged call executed (e.g. SMC). > + * Note: event may be generated even if SMC condition check fails on some > CPUs. > + * As this behavior is CPU-specific, users are advised to not rely on > it. > + * These kinds of events will be filtered out in future versions. > + */ > +#define VM_EVENT_REASON_PRIVILEGED_CALL 11 > > /* Supported values for the vm_event_write_ctrlreg index. */ > #define VM_EVENT_X86_CR0 0 > -- > 2.9.3 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |