Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support -addr for AArch64 #9

Open
gsingh93 opened this issue Mar 17, 2022 · 4 comments
Open

Support -addr for AArch64 #9

gsingh93 opened this issue Mar 17, 2022 · 4 comments

Comments

@gsingh93
Copy link
Contributor

It seems like only x86 supports the -addr argument at the moment. It would be useful to have this in other architectures, like AArch64, so I can print out page tables that aren't stored in TTBR0_EL1 or TTBR1_EL1 (like TTBR0_EL2 for example).
@martinradev
Copy link
Owner

Sounds good!
Could you please provide me steps for emulating an aarch64 hypervisor with QEMU?

@martinradev
Copy link
Owner

I think the -addr option was overall not well thought out.
Rather, there should be few architecturally-dependent options to select what to dump:

  • x86: -cr3
  • aarch64: -ttbr0_el1 -ttbr1_el1 etc

@gsingh93
Copy link
Contributor Author

Could you please provide me steps for emulating an aarch64 hypervisor with QEMU?

I built the kernel with:

make O=out/aarch64 CC=clang ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- defconfig
make O=out/aarch64 CC=clang ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu-

Then ran it with QEMU and a busybox initramfs like this:

qemu-system-aarch64 \
    -machine virt,virtualization=on \
    -cpu cortex-a53 \
    -smp 2 \
    -m 1024 \
    -nographic \
    -serial stdio \
    -nodefaults \
    -kernel out/aarch64/arch/arm64/boot/Image \
    -append 'kvm-arm.mode=nvhe nokaslr' \
    -initrd busybox-initramfs.cpio.gz \
    -S -s

The important bits there are virtualization=on, which starts the kernel in EL2, and kvm-arm.mode=nvhe, which starts the kernel in nVHE hypervisor mode.

I think the -addr option was overall not well thought out. Rather, there should be few architecturally-dependent options to select what to dump

I do think having convenience flags like -ttbr0_el1 would be nice. That being said, having the flexibility of using -addr would still be useful for dumping page tables that are in memory but not currently being used, for example for process other than the current task, or for dumping one of the multiple page tables used by the kernel (init_pg_dir, swapper_pg_dir, idmap_pg_dir, etc.) while that page table isn't currently active.

@martinradev
Copy link
Owner

Sorry for the delay, but I tried to also resolve some other issues in gdb-pt-dump.

I removed '-addr' and added the arch-specific args '-cr3', '-ttbr0_el1', '-ttbr1_el1', '-satp'.

Could you check if it works for you?
The current design is such that if you provide '-ttbr0_el1', then the actual TTBR0_EL1 and TTBR1_EL1 will be ignored. Same for if you provide ttbr1_el1.

I haven't looked into supporting a hypervisor, so EL2 are currently not supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gsingh93 @martinradev