From mboxrd@z Thu Jan  1 00:00:00 1970
From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Subject: Re: AMD support of hvm_vcpu.single_step
Date: Wed, 11 Jun 2014 11:56:15 -0400
Message-ID: <53987C1F.4080303@oracle.com>
References: <20140610144948.4d001df3@mantra.us.oracle.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <20140610144948.4d001df3@mantra.us.oracle.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Mukesh Rathor <mukesh.rathor@oracle.com>
Cc: "Xen-devel@lists.xensource.com" <Xen-devel@lists.xensource.com>, Aravind.Gopalakrishnan@amd.com, suravee.suthikulpanit@amd.com
List-Id: xen-devel@lists.xenproject.org

On 06/10/2014 05:49 PM, Mukesh Rathor wrote:
> Hi AMD folks,
>
> I am unable to see support of single step on amd platform. On intel,
> hvm_vcpu.single_step will cause MTF to be set in vmx_intr_assist:
>
>      /* Block event injection when single step with MTF. */
>      if ( unlikely(v->arch.hvm_vcpu.single_step) )
>      {
>          v->arch.hvm_vmx.exec_control |= CPU_BASED_MONITOR_TRAP_FLAG;
>          vmx_update_cpu_exec_control(v);
>          return;
>      }
>
> I don't see equivalent on amd?

I think HW performs TF bit manipulations that your patch is suggesting 
(per 13.1.4 of APMv2)

>
> Furthermore, as a second issue, in __update_guest_eip(), imo the exception
> is injected into the guest prematurely :
>
>      if ( regs->eflags & X86_EFLAGS_TF )
>              hvm_inject_hw_exception(TRAP_debug,
>      HVM_DELIVER_NO_ERROR_CODE);
>
> Reason being, in the BP path, __update_guest_eip is called before
> domain_pause_for_debugger(). As such, if the BP is handled, there is no
> need to inject into the guest. right?

TF should be cleared when INT3 is executed according to the same section.

(Besides, it looks like VMX code does the same.)

-boris

>
> I've the following patch in my tree for the single step issue. LMK what
> you think.
>
> thanks
> Mukesh
>
>
> diff --git a/xen/arch/x86/hvm/svm/intr.c b/xen/arch/x86/hvm/svm/intr.c
> index 023151a..28d2c6d 100644
> --- a/xen/arch/x86/hvm/svm/intr.c
> +++ b/xen/arch/x86/hvm/svm/intr.c
> @@ -139,6 +139,12 @@ void svm_intr_assist(void)
>       struct hvm_intack intack;
>       enum hvm_intblk intblk;
>   
> +    if ( unlikely(v->arch.hvm_vcpu.single_step) )
> +    {
> +        guest_cpu_user_regs()->eflags |= X86_EFLAGS_TF;
> +        return;
> +    }
> +
>       /* Crank the handle on interrupt state. */
>       pt_update_irq(v);
>   
> diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
> index d307dfb..b55825b 100644
> --- a/xen/arch/x86/hvm/svm/svm.c
> +++ b/xen/arch/x86/hvm/svm/svm.c
> @@ -2340,12 +2368,14 @@ void svm_vmexit_handler(struct cpu_user_regs *regs)
>           break;
>   
>       case VMEXIT_EXCEPTION_DB:
> +        if ( !v->domain->debugger_attached )
> +            goto exit_and_crash;
> +        else
> +            regs->eflags &= ~X86_EFLAGS_TF;
> -        if ( !v->domain->debugger_attached )
> -            goto exit_and_crash;
>           domain_pause_for_debugger();
>           break;
>