Skip to content

CVM: Set GuestCrashRegsAvailable in cpuid #1308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 22, 2025
Merged

CVM: Set GuestCrashRegsAvailable in cpuid #1308

merged 1 commit into from
May 22, 2025

Conversation

smalis-msft
Copy link
Contributor

We support these regs on all backends, so no reason not to.

@smalis-msft smalis-msft requested a review from a team as a code owner May 6, 2025 21:07
@chris-oo
Copy link
Member

chris-oo commented May 6, 2025

Do we need to maybe filter offering this diagnostic on if cvm tracing is enabled?
This is what I see now in a debug build:

[kmsg]: [2.166324] virt_mshv_vtl::processor: INFO  Guest has reported system crash crash=VtlCrash { vp_index: VpIndex(0), last_vtl: Vtl0, control: GuestCrashCtl { pre_os_id: 0, no_crash_dump: false, crash_message: true, crash_notify: true }, parameters: [800000000000001a, 0, 72e, 33d85cb0, 85] }
[kmsg]: [2.166707] underhill_core::dispatch: INFO  Notifying the host of the guest system crash VtlCrash { vp_index: VpIndex(0), last_vtl: Vtl0, control: GuestCrashCtl { pre_os_id: 0, no_crash_dump: false, crash_message: true, crash_notify: true }, parameters: [800000000000001a, 0, 72e, 33d85cb0, 85] }
[kmsg]: [2.167256] firmware_uefi: WARN  unknown uefi write addr=0x2c data=0x1
[kmsg]: [2.167828] vmm_core::partition_unit::vp_set: ERROR  rax=0x800000000000001a rcx=0x72e rdx=0x0 rbx=0x0 rsp=0x33d85c58 rbp=0x33d86d10 rsi=0x66083198 rdi=0x72e r8=0x72e r9=0x0 r10=0x0 r11=0x1b r12=0x80000000 r13=0x33db2458 r14=0x1 r15=0x80000000 rip=0x66af0c34 rflags=0x10206
[kmsg]: [2.168161] vmm_core::partition_unit::vp_set: ERROR  cs=SegmentRegister { base: 0, limit: ffffffff, selector: 38, attributes: a09b } ds=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } es=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } fs=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } gs=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } ss=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } tr=SegmentRegister { base: 33dbca30, limit: 67, selector: 20, attributes: 8b } ldtr=SegmentRegister { base: 0, limit: ffff, selector: 0, attributes: 82 } gdtr=TableRegister { base: 66bc7000, limit: 47 } idtr=TableRegister { base: 0, limit: 0 } cr0=0x80010033 cr2=0x0 cr3=0x33801000 cr4=0x660 cr8=0x0 efer=0xd00
[kmsg]: [2.169456] vmm_core::partition_unit::vp_set: ERROR  faulting instruction instruction="ud2" bytes=[f, b, eb, fc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc]
[kmsg]: [2.169608] vmm_core::partition_unit::vp_set: ERROR  triple fault vtl=Vtl0

versus before:

[kmsg]: [2.186469] underhill_core::dispatch: INFO  starting VM boot_time_ms=0x1b17 boot_time="6.9353505s"
[kmsg]: [2.189205] firmware_uefi: WARN  unknown uefi write addr=0x2b data=0x77000
[kmsg]: [2.230847] vmm_core::partition_unit::vp_set: ERROR  rax=0x800000000000001a rcx=0x72e rdx=0x0 rbx=0x0 rsp=0x33d85c58 rbp=0x33d86d10 rsi=0x66083198 rdi=0x72e r8=0x72e r9=0x0 r10=0x0 r11=0x1b r12=0x80000000 r13=0x33db2458 r14=0x1 r15=0x80000000 rip=0x66af0c34 rflags=0x10206
[kmsg]: [2.231072] vmm_core::partition_unit::vp_set: ERROR  cs=SegmentRegister { base: 0, limit: ffffffff, selector: 38, attributes: a09b } ds=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } es=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } fs=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } gs=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } ss=SegmentRegister { base: 0, limit: ffffffff, selector: 30, attributes: c093 } tr=SegmentRegister { base: 33dbca30, limit: 67, selector: 20, attributes: 8b } ldtr=SegmentRegister { base: 0, limit: ffff, selector: 0, attributes: 82 } gdtr=TableRegister { base: 66bc7000, limit: 47 } idtr=TableRegister { base: 0, limit: 0 } cr0=0x80010033 cr2=0x0 cr3=0x33801000 cr4=0x660 cr8=0x0 efer=0xd00
[kmsg]: [2.232417] vmm_core::partition_unit::vp_set: ERROR  faulting instruction instruction="ud2" bytes=[f, b, eb, fc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc, cc]
[kmsg]: [2.232491] vmm_core::partition_unit::vp_set: ERROR  triple fault vtl=Vtl0

@chris-oo
Copy link
Member

chris-oo commented May 6, 2025

I think also, we may want to print the crash message within UH itself?

@smmalis37
Copy link
Contributor

We don't need to filter this on cvm tracing, it is the responsibility of the guest to not send secret data to these. However the crash message is a different story, since I believe it's just a pointer into guest memory, so that we would have to be careful about reading and sharing.

@chris-oo
Copy link
Member

chris-oo commented May 6, 2025

I guess if we emit the guest message as a normal tracing call, then we'll follow whatever the normal filtering logic is. I think though, we should emit the message because OHCL is may be the only thing that can actually read it, the host can't.

@jstarks
Copy link
Member

jstarks commented May 12, 2025

We don't need to filter this on cvm tracing, it is the responsibility of the guest to not send secret data to these.

I don't think that's true.

@smalis-msft smalis-msft added the backport_2505 Change should be backported to the release/2505 branch label May 21, 2025
@smalis-msft
Copy link
Contributor Author

smalis-msft commented May 21, 2025
edited
Loading

I don't think we need to filter the mere availability of the crash registers, and our forwarding of them to the host, on whether CVM debugging is enabled or not. They contain extremely minimal information (5 u64s if no message, 3 if there is a message), and this is already the policy of the legacy HCL.

I do think we need to filter the message itself, if one is included, however that can come in a follow up PR (I agree that tracing the message would be valuable)(#1395). Today the host is unable to read the message anyways, as the memory pointed to by P3 will be encrypted in a CVM.

@smalis-msft smalis-msft merged commit 4ee7550 into microsoft:main May 22, 2025
27 checks passed
@smalis-msft smalis-msft deleted the cvm-crash-regs branch May 22, 2025 19:34
smalis-msft added a commit to smalis-msft/openvmm that referenced this pull request May 22, 2025
@smalis-msft
CVM: Set GuestCrashRegsAvailable in cpuid (microsoft#1308)
6bf43bb 
We support these regs on all backends, so no reason not to.
@smalis-msft smalis-msft mentioned this pull request May 22, 2025
Merged
smalis-msft added a commit that referenced this pull request May 23, 2025
@smalis-msft
CVM: Set GuestCrashRegsAvailable in cpuid (#1308) (#1403)
7ae48b3 
We support these regs on all backends, so no reason not to.

Cherry-pick of #1308
@smalis-msft smalis-msft added backported_2505 PR that has been backported to release/2505 backport_2505_approved labels May 28, 2025
@benhillis
Copy link
Member

Backported in #1403

@benhillis benhillis removed the backport_2505 Change should be backported to the release/2505 branch label May 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jstarks jstarks jstarks approved these changes

Assignees
No one assigned
Labels
backport_2505_approved backported_2505 PR that has been backported to release/2505
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@smalis-msft @chris-oo @smmalis37 @jstarks @benhillis