From mboxrd@z Thu Jan  1 00:00:00 1970
From: Corneliu ZUZU <czuzu@bitdefender.com>
Subject: Re: [PATCH 7/7] arch.monitor: move bits to common
 (arch_domain to domain)
Date: Tue, 9 Feb 2016 09:14:43 +0200
Message-ID: <56B991E3.4020508@bitdefender.com>
References: <1454950682-9459-1-git-send-email-czuzu@bitdefender.com>
	<1454950682-9459-8-git-send-email-czuzu@bitdefender.com>
	<CABfawh=nYRwXS=+WwiXL52G3VxdgE6O5a2EXsN3BTjFXEjfdCg@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2384693101684151834=="
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <CABfawh=nYRwXS=+WwiXL52G3VxdgE6O5a2EXsN3BTjFXEjfdCg@mail.gmail.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Tamas K Lengyel <tamas@tklengyel.com>
Cc: Kevin Tian <kevin.tian@intel.com>, Keir Fraser <keir@xen.org>, Ian Campbell <ian.campbell@citrix.com>, Razvan Cojocaru <rcojocaru@bitdefender.com>, Andrew Cooper <andrew.cooper3@citrix.com>, Xen-devel <xen-devel@lists.xen.org>, Jan Beulich <jbeulich@suse.com>, Stefano Stabellini <stefano.stabellini@citrix.com>, Jun Nakajima <jun.nakajima@intel.com>
List-Id: xen-devel@lists.xenproject.org

This is a multi-part message in MIME format.
--===============2384693101684151834==
Content-Type: multipart/alternative;
 boundary="------------000108080803010603020409"

This is a multi-part message in MIME format.
--------------000108080803010603020409
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

On 2/8/2016 8:29 PM, Tamas K Lengyel wrote:
>
>
> On Mon, Feb 8, 2016 at 9:58 AM, Corneliu ZUZU <czuzu@bitdefender.com 
> <mailto:czuzu@bitdefender.com>> wrote:
>
>     This patch moves bitfield members for single-step,
>     software-breakpoint and
>     guest-request monitor vm-events from the arch-side (struct
>     arch_domain) to
>     the common-side (struct domain). Ctrl-reg bits (i.e.
>     write_ctrlreg_* members)
>     are left on the arch-side, because control-registers number can
>     vary across
>     architectures.
>
>     Signed-off-by: Corneliu ZUZU <czuzu@bitdefender.com
>     <mailto:czuzu@bitdefender.com>>
>
>
> Technically this looks fine, but I do wonder if and what plans you 
> have to actually implement these events for ARM.

Currently I've only planned implementations for control-register write 
events & guest-requests.
The other two also seem feasible though, I might give adding those a 
shot sometime after sending the other patches.

> I haven't spent too much time looking into it, but I'm not aware of 
> equivalent features on ARM to Intel MTF (singlestepping) or to 
> software-breakpoint trapping. The only instruction I know that 
> functionally comes close to software-breakpoint trapping (INT3) is the 
> SMC instruction which can be trapped into the VMM, but I would not 
> call that a "breakpoint" in the traditional sense.
>
> Tamas
>

There's the debugging architecture, hypervisor control of that is 
possible on both 32-bit & 64-bit ARM.
It isn't as easy as for X86 though, where MTF is a hypervisor-internal 
feature and INT3 can be
trapped specifically, whereas on ARM granularity of trap-setting is less 
of a concern apparently.
For this reason, the only issue I see here is the performance penalty 
these traps would cause for
arbitrary software breakpoints (for obvious reasons that doesn't matter 
in the case of single-stepping).

For INT3, the ARM equivalent is be the BKPT/BRK (set HDCR.TDE on 
AArch32/MDCR_EL2.TDE AArch64) instruction.
Trapping on this instruction implies trapping on
- AArch32: some other debug exceptions (looking @ B1.8.9, ARMv7 DDI 0406C.b)
- AArch64: *all software debug exceptions* + *all debug register 
accesses* (this might cause some headaches)
For MTF-like functionality, the debug architecture also provides ways 
for single-stepping.
That would similarly generate software breakpoint exceptions which can 
be routed to the hypervisor.

Corneliu.

--------------000108080803010603020409
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 2/8/2016 8:29 PM, Tamas K Lengyel
      wrote:<br>
    </div>
    <blockquote
cite="mid:CABfawh=nYRwXS=+WwiXL52G3VxdgE6O5a2EXsN3BTjFXEjfdCg@mail.gmail.com"
      type="cite">
      <div dir="ltr"><br>
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Mon, Feb 8, 2016 at 9:58 AM,
            Corneliu ZUZU <span dir="ltr">&lt;<a moz-do-not-send="true"
                href="mailto:czuzu@bitdefender.com" target="_blank">czuzu@bitdefender.com</a>&gt;</span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0
              .8ex;border-left:1px #ccc solid;padding-left:1ex">This
              patch moves bitfield members for single-step,
              software-breakpoint and<br>
              guest-request monitor vm-events from the arch-side (struct
              arch_domain) to<br>
              the common-side (struct domain). Ctrl-reg bits (i.e.
              write_ctrlreg_* members)<br>
              are left on the arch-side, because control-registers
              number can vary across<br>
              architectures.<br>
              <br>
              Signed-off-by: Corneliu ZUZU &lt;<a moz-do-not-send="true"
                href="mailto:czuzu@bitdefender.com">czuzu@bitdefender.com</a>&gt;<span
                class="HOEnZb"><font color="#888888"><br>
                </font></span></blockquote>
            <div><br>
            </div>
            <div>Technically this looks fine, but I do wonder if and
              what plans you have to actually implement these events for
              ARM.</div>
          </div>
        </div>
      </div>
    </blockquote>
    <br>
    Currently I've only planned implementations for control-register
    write events &amp; guest-requests.<br>
    The other two also seem feasible though, I might give adding those a
    shot sometime after sending the other patches.<br>
    <br>
    <blockquote
cite="mid:CABfawh=nYRwXS=+WwiXL52G3VxdgE6O5a2EXsN3BTjFXEjfdCg@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_extra">
          <div class="gmail_quote">
            <div>I haven't spent too much time looking into it, but I'm
              not aware of equivalent features on ARM to Intel MTF
              (singlestepping) or to software-breakpoint trapping. The
              only instruction I know that functionally comes close to
              software-breakpoint trapping (INT3) is the SMC instruction
              which can be trapped into the VMM, but I would not call
              that a "breakpoint" in the traditional sense.<br>
              <br>
            </div>
            <div>Tamas <br>
            </div>
          </div>
          <br>
        </div>
      </div>
    </blockquote>
    <br>
    There's the debugging architecture, hypervisor control of that is
    possible on both 32-bit &amp; 64-bit ARM.<br>
    It isn't as easy as for X86 though, where MTF is a
    hypervisor-internal feature and INT3 can be<br>
    trapped specifically, whereas on ARM granularity of trap-setting is
    less of a concern apparently.<br>
    For this reason, the only issue I see here is the performance
    penalty these traps would cause for<br>
    arbitrary software breakpoints (for obvious reasons that doesn't
    matter in the case of single-stepping).<br>
    <br>
    For INT3, the ARM equivalent is be the BKPT/BRK (set HDCR.TDE on
    AArch32/MDCR_EL2.TDE AArch64) instruction.<br>
    Trapping on this instruction implies trapping on<br>
    - AArch32: some other debug exceptions (looking @ B1.8.9, ARMv7 DDI
    0406C.b)<br>
    - AArch64: *all software debug exceptions* + *all debug register
    accesses* (this might cause some headaches)<br>
    For MTF-like functionality, the debug architecture also provides
    ways for single-stepping.<br>
    That would similarly generate software breakpoint exceptions which
    can be routed to the hypervisor.<br>
    <br>
    Corneliu.<br>
  </body>
</html>

--------------000108080803010603020409--


--===============2384693101684151834==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--===============2384693101684151834==--