From: Marc Zyngier <maz@kernel.org>
To: Vincent Donnefort <vdonnefort@google.com>
Cc: rostedt@goodmis.org, mhiramat@kernel.org,
mathieu.desnoyers@efficios.com,
linux-trace-kernel@vger.kernel.org, oliver.upton@linux.dev,
joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com,
kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org,
jstultz@google.com, qperret@google.com, will@kernel.org,
aneesh.kumar@kernel.org, kernel-team@android.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v8 21/28] KVM: arm64: Add tracing capability for the pKVM hyp
Date: Sun, 30 Nov 2025 18:23:43 +0000 [thread overview]
Message-ID: <877bv7fkgg.wl-maz@kernel.org> (raw)
In-Reply-To: <aR8DM6Xf8cmTGVR0@google.com>
On Thu, 20 Nov 2025 12:01:55 +0000,
Vincent Donnefort <vdonnefort@google.com> wrote:
>
> On Wed, Nov 19, 2025 at 05:06:38PM +0000, Marc Zyngier wrote:
> > On Fri, 07 Nov 2025 09:38:33 +0000,
> > Vincent Donnefort <vdonnefort@google.com> wrote:
> > >
> > > When running with protected mode, the host has very little knowledge
> > > about what is happening in the hypervisor. Of course this is an
> > > essential feature for security but nonetheless, that piece of code
> > > growing with more responsibilities, we need now a way to debug and
> > > profile it. Tracefs by its reliability, versatility and support for
> > > user-space is the perfect tool.
> > >
> > > There's no way the hypervisor could log events directly into the host
> > > tracefs ring-buffers. So instead let's use our own, where the hypervisor
> > > is the writer and the host the reader.
> > >
> > > Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
> > >
> > > diff --git a/arch/arm64/include/asm/kvm_asm.h b/arch/arm64/include/asm/kvm_asm.h
> > > index 9da54d4ee49e..ad02dee140d3 100644
> > > --- a/arch/arm64/include/asm/kvm_asm.h
> > > +++ b/arch/arm64/include/asm/kvm_asm.h
> > > @@ -89,6 +89,10 @@ enum __kvm_host_smccc_func {
> > > __KVM_HOST_SMCCC_FUNC___pkvm_vcpu_load,
> > > __KVM_HOST_SMCCC_FUNC___pkvm_vcpu_put,
> > > __KVM_HOST_SMCCC_FUNC___pkvm_tlb_flush_vmid,
> > > + __KVM_HOST_SMCCC_FUNC___pkvm_load_tracing,
> > > + __KVM_HOST_SMCCC_FUNC___pkvm_unload_tracing,
> > > + __KVM_HOST_SMCCC_FUNC___pkvm_enable_tracing,
> > > + __KVM_HOST_SMCCC_FUNC___pkvm_swap_reader_tracing,
> > > };
> > >
> > > #define DECLARE_KVM_VHE_SYM(sym) extern char sym[]
> > > diff --git a/arch/arm64/include/asm/kvm_hyptrace.h b/arch/arm64/include/asm/kvm_hyptrace.h
> > > new file mode 100644
> > > index 000000000000..9c30a479bc36
> > > --- /dev/null
> > > +++ b/arch/arm64/include/asm/kvm_hyptrace.h
> > > @@ -0,0 +1,13 @@
> > > +/* SPDX-License-Identifier: GPL-2.0-only */
> > > +#ifndef __ARM64_KVM_HYPTRACE_H_
> > > +#define __ARM64_KVM_HYPTRACE_H_
> > > +
> > > +#include <linux/ring_buffer.h>
> > > +
> > > +struct hyp_trace_desc {
> > > + unsigned long bpages_backing_start;
> >
> > Why is this an integer type? You keep casting it all over the place,
> > which tells me that's not the ideal type.
>
> That's because it is a kern VA the hyp needs to convert. However it would indeed
> make my life easier to declare it as a struct simple_buffer_page * in the
> struct hyp_trace_buffer below.
>
> >
> > > + size_t bpages_backing_size;
> > > + struct trace_buffer_desc trace_buffer_desc;
> > > +
> > > +};
> > > +#endif
> > > diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig
> > > index 4f803fd1c99a..580426cdbe77 100644
> > > --- a/arch/arm64/kvm/Kconfig
> > > +++ b/arch/arm64/kvm/Kconfig
> > > @@ -83,4 +83,11 @@ config PTDUMP_STAGE2_DEBUGFS
> > >
> > > If in doubt, say N.
> > >
> > > +config PKVM_TRACING
> > > + bool
> > > + depends on KVM
> > > + depends on TRACING
> > > + select SIMPLE_RING_BUFFER
> > > + default y
> >
> > I'd rather this is made to depend on NVHE_EL2_DEBUG, just like the
> > other debug options.
>
> NVHE_EL2_DEBUG is unsafe for production because of the stage-2 relax on panic.
> While this one is. So ideally this should be usable even without NVHE_EL2_DEBUG.
I don't see what makes tracing safer, as it potentially exposes
information (timing, control flow) that the host use to infer what is
happening at EL2. Which is, after all, the whole point of tracing.
I really think this should be guarded by NVHE_EL2_DEBUG, and the
stage-2 relaxation tied to the stacktrace infrastructure, so that you
can select both independently.
> I can remove this hidden PKVM_TRACING option and use everywhere
> CONFIG_TRACING. But then I need something to select
> SIMPLE_RING_BUFFER.
>
> Perhaps with the following?
>
> diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig
> index 2ae6bf499236..c561bf9d4754 100644
> --- a/arch/arm64/kvm/Kconfig
> +++ b/arch/arm64/kvm/Kconfig
> @@ -38,6 +38,7 @@ menuconfig KVM
> select SCHED_INFO
> select GUEST_PERF_EVENTS if PERF_EVENTS
> select KVM_GUEST_MEMFD
> + select SIMPLE_RING_BUFFER if CONFIG_TRACING
That's better, but my ask about making this depending on DEBUG still
stand.
Thanks,
M.
--
Jazz isn't dead. It just smells funny.
next prev parent reply other threads:[~2025-11-30 18:23 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-07 9:38 [PATCH v8 00/28] Tracefs support for pKVM Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 01/28] ring-buffer: Add page statistics to the meta-page Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 02/28] ring-buffer: Store bpage pointers into subbuf_ids Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 03/28] ring-buffer: Introduce ring-buffer remotes Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 04/28] ring-buffer: Add non-consuming read for " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 05/28] tracing: Introduce trace remotes Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 06/28] tracing: Add reset to " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 07/28] tracing: Add non-consuming read " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 08/28] tracing: Add init callback " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 09/28] tracing: Add events " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 10/28] tracing: Add events/ root files " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 11/28] tracing: Add helpers to create trace remote events Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 12/28] ring-buffer: Export buffer_data_page and macros Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 13/28] tracing: Introduce simple_ring_buffer Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 14/28] tracing: Add a trace remote module for testing Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 15/28] tracing: selftests: Add trace remote tests Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 16/28] Documentation: tracing: Add tracing remotes Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 17/28] tracing: load/unload page callbacks for simple_ring_buffer Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 18/28] tracing: Check for undefined symbols in simple_ring_buffer Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 19/28] KVM: arm64: Support unaligned fixmap in the pKVM hyp Vincent Donnefort
2025-11-19 15:38 ` Marc Zyngier
2025-11-20 9:55 ` Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 20/28] KVM: arm64: Add clock support for " Vincent Donnefort
2025-11-19 15:44 ` Marc Zyngier
2025-11-20 11:36 ` Vincent Donnefort
2025-11-30 18:15 ` Marc Zyngier
2025-11-07 9:38 ` [PATCH v8 21/28] KVM: arm64: Add tracing capability " Vincent Donnefort
2025-11-19 17:06 ` Marc Zyngier
2025-11-20 12:01 ` Vincent Donnefort
2025-11-30 18:23 ` Marc Zyngier [this message]
2025-11-25 11:22 ` Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 22/28] KVM: arm64: Add trace remote " Vincent Donnefort
2025-11-19 17:31 ` Marc Zyngier
2025-11-20 12:27 ` Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 23/28] KVM: arm64: Sync boot clock with " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 24/28] KVM: arm64: Add trace reset to " Vincent Donnefort
2025-11-30 18:33 ` Marc Zyngier
2025-11-07 9:38 ` [PATCH v8 25/28] KVM: arm64: Add event support to the pKVM hyp and trace remote Vincent Donnefort
2025-11-30 18:54 ` Marc Zyngier
2025-11-07 9:38 ` [PATCH v8 26/28] KVM: arm64: Add hyp_enter/hyp_exit events to pKVM hyp Vincent Donnefort
2025-11-30 19:00 ` Marc Zyngier
2025-12-01 16:04 ` Vincent Donnefort
2025-12-01 16:33 ` Marc Zyngier
2025-11-07 9:38 ` [PATCH v8 27/28] KVM: arm64: Add selftest event support " Vincent Donnefort
2025-11-07 9:38 ` [PATCH v8 28/28] tracing: selftests: Add pKVM trace remote tests Vincent Donnefort
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=877bv7fkgg.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=aneesh.kumar@kernel.org \
--cc=joey.gouly@arm.com \
--cc=jstultz@google.com \
--cc=kernel-team@android.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhiramat@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=qperret@google.com \
--cc=rostedt@goodmis.org \
--cc=suzuki.poulose@arm.com \
--cc=vdonnefort@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).