简单的活着

IPT Virtualization

Posted on May 08, 2019 By Mista Cai

Intel Processor Trace virtulization enabling

Here is a patch-series which adding Processor Trace enabling in KVM guest. You can get it’s software developer manuals from:

https://software.intel.com/sites/default/files/managed/c5…

In Chapter 5 INTEL PROCESSOR TRACE: VMX IMPROVEMENTS.

Details on the Intel PT infrastructure and trace capabilities can be found in the Intel 64 and IA-32 Architectures Software Developer’s Manual, Volume 3C.

The suite of architecture changes serve to simplify the process of virtualizing Intel PT for use by a guest software. There are two primary elements to this new architecture support for VMX support improvements made for Intel PT.

  1. Addition of a new guest IA32_RTIT_CTL value field to the VMCS.

— This serves to speed and simplify the process of disabling trace on VM exit, and restoring it on VM entry.

  1. Enabling use of EPT to redirect PT output.

— This enables the VMM to elect to virtualize the PT output buffer using EPT. In this mode, the CPU will treat PT output addresses as Guest Physical Addresses (GPAs) and translate them using EPT. This means that Intel PT output reads (of the ToPA table) and writes (of trace output) can cause EPT violations, and other output events.

Processor Trace virtualization can be work in one of 3 possible modes by set new option “pt_mode”. Default value is host guest mode.

a. system-wide: trace both host/guest and output to host buffer;

b. host-only: only trace host and output to host buffer;

c. host-guest: trace host/guest simultaneous and output to their respective buffer.

From v1:

  • remove guest-only mode because guest-only mode can be covered by host-guest mode;
  • always set “use GPA for processor tracing” in secondary execution control if it can be;
  • trap RTIT_CTL read/write. Forbid write this msr when VMXON in L1 hypervisor.
Chao Peng (8):
  perf/x86/intel/pt: Move Intel-PT MSR bit definitions to a public
    header
  perf/x86/intel/pt: change pt_cap_get() to a public function
  KVM: x86: add Intel processor trace virtualization mode
  KVM: x86: add Intel processor trace cpuid emulataion
  KVM: x86: add Intel processor trace context for each vcpu
  KVM: x86: Implement Intel processor trace context switch
  KVM: x86: add Intel PT msr RTIT_CTL read/write
  KVM: x86: Disable intercept for Intel processor trace MSRs

 arch/x86/events/intel/pt.c       |   3 +-
 arch/x86/events/intel/pt.h       |  55 -----------
 arch/x86/include/asm/intel_pt.h  |  26 ++++++
 arch/x86/include/asm/kvm_host.h  |   1 +
 arch/x86/include/asm/msr-index.h |  35 +++++++
 arch/x86/include/asm/vmx.h       |   8 ++
 arch/x86/kvm/cpuid.c             |  23 ++++-
 arch/x86/kvm/svm.c               |   6 ++
 arch/x86/kvm/vmx.c               | 195 ++++++++++++++++++++++++++++++++++++++-
 9 files changed, 290 insertions(+), 62 deletions(-)

-- 
1.8.3.1

可能存在的问题

Intel-PT does not record any packets when KVM-QEMU is on

处理器MSR MSR_IA32_VMX_MISC中的第14位值为0。根据英特尔文档,对于要在VMX root操作(VMXON和VMXOFF)中使用的Intel-PT,此位应为1。

主要问题是当上面的位为0时,VMXON指令将IA32_RTIT_CTL MSR的TraceEn组件设置为0。该组件控制跟踪操作,如果重置,则不会将跟踪数据写入缓冲区。 此复位在硬件级别进行控制。

所以,至少需要使用Skylake处理器。 Broadwell系统(支持PT),不起作用。

或者,Don’t die on VMXON,打补丁不知道有没有用。解决的是某些版本PT在VMXON时,VMXON会清零TraceEn的控制位,导致内核崩溃。