dbg_helper.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
dbg_helper.c (4846B)
      1/*
      2 * Copyright (c) 2011 - 2019, Max Filippov, Open Source and Linux Lab.
      3 * All rights reserved.
      4 *
      5 * Redistribution and use in source and binary forms, with or without
      6 * modification, are permitted provided that the following conditions are met:
      7 *     * Redistributions of source code must retain the above copyright
      8 *       notice, this list of conditions and the following disclaimer.
      9 *     * Redistributions in binary form must reproduce the above copyright
     10 *       notice, this list of conditions and the following disclaimer in the
     11 *       documentation and/or other materials provided with the distribution.
     12 *     * Neither the name of the Open Source and Linux Lab nor the
     13 *       names of its contributors may be used to endorse or promote products
     14 *       derived from this software without specific prior written permission.
     15 *
     16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
     17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
     20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
     22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
     23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
     25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     26 */
     27
     28#include "qemu/osdep.h"
     29#include "qemu/main-loop.h"
     30#include "cpu.h"
     31#include "exec/helper-proto.h"
     32#include "qemu/host-utils.h"
     33#include "exec/exec-all.h"
     34#include "exec/address-spaces.h"
     35
     36static void tb_invalidate_virtual_addr(CPUXtensaState *env, uint32_t vaddr)
     37{
     38    uint32_t paddr;
     39    uint32_t page_size;
     40    unsigned access;
     41    int ret = xtensa_get_physical_addr(env, false, vaddr, 2, 0,
     42                                       &paddr, &page_size, &access);
     43    if (ret == 0) {
     44        tb_invalidate_phys_addr(&address_space_memory, paddr,
     45                                MEMTXATTRS_UNSPECIFIED);
     46    }
     47}
     48
     49void HELPER(wsr_ibreakenable)(CPUXtensaState *env, uint32_t v)
     50{
     51    uint32_t change = v ^ env->sregs[IBREAKENABLE];
     52    unsigned i;
     53
     54    for (i = 0; i < env->config->nibreak; ++i) {
     55        if (change & (1 << i)) {
     56            tb_invalidate_virtual_addr(env, env->sregs[IBREAKA + i]);
     57        }
     58    }
     59    env->sregs[IBREAKENABLE] = v & ((1 << env->config->nibreak) - 1);
     60}
     61
     62void HELPER(wsr_ibreaka)(CPUXtensaState *env, uint32_t i, uint32_t v)
     63{
     64    if (env->sregs[IBREAKENABLE] & (1 << i) && env->sregs[IBREAKA + i] != v) {
     65        tb_invalidate_virtual_addr(env, env->sregs[IBREAKA + i]);
     66        tb_invalidate_virtual_addr(env, v);
     67    }
     68    env->sregs[IBREAKA + i] = v;
     69}
     70
     71static void set_dbreak(CPUXtensaState *env, unsigned i, uint32_t dbreaka,
     72        uint32_t dbreakc)
     73{
     74    CPUState *cs = env_cpu(env);
     75    int flags = BP_CPU | BP_STOP_BEFORE_ACCESS;
     76    uint32_t mask = dbreakc | ~DBREAKC_MASK;
     77
     78    if (env->cpu_watchpoint[i]) {
     79        cpu_watchpoint_remove_by_ref(cs, env->cpu_watchpoint[i]);
     80    }
     81    if (dbreakc & DBREAKC_SB) {
     82        flags |= BP_MEM_WRITE;
     83    }
     84    if (dbreakc & DBREAKC_LB) {
     85        flags |= BP_MEM_READ;
     86    }
     87    /* contiguous mask after inversion is one less than some power of 2 */
     88    if ((~mask + 1) & ~mask) {
     89        qemu_log_mask(LOG_GUEST_ERROR,
     90                      "DBREAKC mask is not contiguous: 0x%08x\n", dbreakc);
     91        /* cut mask after the first zero bit */
     92        mask = 0xffffffff << (32 - clo32(mask));
     93    }
     94    if (cpu_watchpoint_insert(cs, dbreaka & mask, ~mask + 1,
     95                              flags, &env->cpu_watchpoint[i])) {
     96        env->cpu_watchpoint[i] = NULL;
     97        qemu_log_mask(LOG_GUEST_ERROR,
     98                      "Failed to set data breakpoint at 0x%08x/%d\n",
     99                      dbreaka & mask, ~mask + 1);
    100    }
    101}
    102
    103void HELPER(wsr_dbreaka)(CPUXtensaState *env, uint32_t i, uint32_t v)
    104{
    105    uint32_t dbreakc = env->sregs[DBREAKC + i];
    106
    107    if ((dbreakc & DBREAKC_SB_LB) &&
    108        env->sregs[DBREAKA + i] != v) {
    109        set_dbreak(env, i, v, dbreakc);
    110    }
    111    env->sregs[DBREAKA + i] = v;
    112}
    113
    114void HELPER(wsr_dbreakc)(CPUXtensaState *env, uint32_t i, uint32_t v)
    115{
    116    if ((env->sregs[DBREAKC + i] ^ v) & (DBREAKC_SB_LB | DBREAKC_MASK)) {
    117        if (v & DBREAKC_SB_LB) {
    118            set_dbreak(env, i, env->sregs[DBREAKA + i], v);
    119        } else {
    120            if (env->cpu_watchpoint[i]) {
    121                CPUState *cs = env_cpu(env);
    122
    123                cpu_watchpoint_remove_by_ref(cs, env->cpu_watchpoint[i]);
    124                env->cpu_watchpoint[i] = NULL;
    125            }
    126        }
    127    }
    128    env->sregs[DBREAKC + i] = v;
    129}