Stack layout is the same as aarch64, so we can reuse the same code. We don't track stack in real mode, but it does not really matter as it's usually very short, when the machine boots.
Signed-off-by: Pierrick Bouvier <pierrick.bouv...@linaro.org> --- docs/about/emulation.rst | 14 ++++-- contrib/plugins/uftrace.c | 94 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 104 insertions(+), 4 deletions(-) diff --git a/docs/about/emulation.rst b/docs/about/emulation.rst index 118f059711f..7f45dc209b6 100644 --- a/docs/about/emulation.rst +++ b/docs/about/emulation.rst @@ -824,9 +824,8 @@ Uftrace This plugin generates a binary trace compatible with `uftrace <https://github.com/namhyung/uftrace>`_. -Plugin supports aarch64 only (x64 support should be trivial to add), and works -in user and system mode, allowing to trace a system boot, which is not something -possible usually. +Plugin supports aarch64 and x64, and works in user and system mode, allowing to +trace a system boot, which is not something possible usually. In user mode, the memory mapping is directly copied from ``/proc/self/maps`` at the end of execution. Uftrace should be able to retrieve symbols by itself, @@ -842,7 +841,8 @@ default again on x64 <https://www.brendangregg.com/blog/2024-03-17/the-return-of-the-frame-pointers.html>`_. On aarch64, this is less of a problem, as they are usually part of the ABI, except for leaf functions. That's true for user space applications, but not -necessarily for bare metal code. +necessarily for bare metal code. You can read this `section +<uftrace_build_system_example>` to easily build a system with frame pointers. Timestamps used for events are the number of instructions executed so far by default. As it's tracked per vcpu, each timeline should be considered @@ -964,6 +964,8 @@ find below some sequences taken from this trace: Build and run system example ++++++++++++++++++++++++++++ +.. _uftrace_build_system_example: + Building a full system image with frame pointers is not trivial. We provide a `simple way <https://github.com/pbo-linaro/qemu-linux-stack>`_ to @@ -972,6 +974,10 @@ and debian userland. It's based on containers (``podman`` only) and ``qemu-user-static (binfmt)`` to make sure it's easily reproducible and does not depend on machine where you build it. +You can follow the exact same instructions for a x64 system, combining edk2, +Linux, and Ubuntu, simply by switching to +`x86_64 <https://github.com/pbo-linaro/qemu-linux-stack/tree/x86_64>`_ branch. + To build the system:: # Install dependencies diff --git a/contrib/plugins/uftrace.c b/contrib/plugins/uftrace.c index 9cbadda0aae..8fc22302989 100644 --- a/contrib/plugins/uftrace.c +++ b/contrib/plugins/uftrace.c @@ -81,6 +81,20 @@ typedef struct { struct qemu_plugin_register *reg_scr_el3; } Aarch64Cpu; +typedef enum { + X64_RING0, + X64_RING1, + X64_RING2, + X64_RING3, + X64_REAL_MODE, +} X64PrivilegeLevel; + +typedef struct { + struct qemu_plugin_register *reg_rbp; + struct qemu_plugin_register *reg_cs; + struct qemu_plugin_register *reg_cr0; +} X64Cpu; + typedef struct { uint64_t timestamp; uint64_t data; @@ -600,6 +614,84 @@ static CpuOps aarch64_ops = { .does_insn_modify_frame_pointer = aarch64_does_insn_modify_frame_pointer, }; +static uint8_t x64_num_privilege_levels(void) +{ + return X64_REAL_MODE + 1; +} + +static const char *x64_get_privilege_level_name(uint8_t pl) +{ + switch (pl) { + case X64_RING0: return "Ring0"; + case X64_RING1: return "Ring1"; + case X64_RING2: return "Ring2"; + case X64_RING3: return "Ring3"; + case X64_REAL_MODE: return "RealMode"; + default: + g_assert_not_reached(); + } +} + +static uint8_t x64_get_privilege_level(Cpu *cpu_) +{ + X64Cpu *cpu = cpu_->arch; + uint64_t cr0 = cpu_read_register64(cpu_, cpu->reg_cr0); + uint64_t protected_mode = (cr0 >> 0) & 0b1; + if (!protected_mode) { + return X64_REAL_MODE; + } + uint32_t cs = cpu_read_register32(cpu_, cpu->reg_cs); + uint32_t ring_level = (cs >> 0) & 0b11; + return ring_level; +} + +static uint64_t x64_get_frame_pointer(Cpu *cpu_) +{ + X64Cpu *cpu = cpu_->arch; + return cpu_read_register64(cpu_, cpu->reg_rbp); +} + +static void x64_init(Cpu *cpu_) +{ + X64Cpu *cpu = g_malloc0(sizeof(X64Cpu)); + cpu_->arch = cpu; + g_autoptr(GArray) regs = qemu_plugin_get_registers(); + for (int i = 0; i < regs->len; ++i) { + qemu_plugin_reg_descriptor *reg; + reg = &g_array_index(regs, qemu_plugin_reg_descriptor, i); + if (!strcmp(reg->name, "rbp")) { + cpu->reg_rbp = reg->handle; + } else if (!strcmp(reg->name, "cs")) { + cpu->reg_cs = reg->handle; + } else if (!strcmp(reg->name, "cr0")) { + cpu->reg_cr0 = reg->handle; + } + } + g_assert(cpu->reg_rbp); + g_assert(cpu->reg_cs); + g_assert(cpu->reg_cr0); +} + +static void x64_end(Cpu *cpu) +{ + g_free(cpu->arch); +} + +static bool x64_does_insn_modify_frame_pointer(const char *disas) +{ + return strstr(disas, "rbp"); +} + +static CpuOps x64_ops = { + .init = x64_init, + .end = x64_end, + .get_frame_pointer = x64_get_frame_pointer, + .get_privilege_level = x64_get_privilege_level, + .num_privilege_levels = x64_num_privilege_levels, + .get_privilege_level_name = x64_get_privilege_level_name, + .does_insn_modify_frame_pointer = x64_does_insn_modify_frame_pointer, +}; + static void track_privilege_change(unsigned int cpu_index, void *udata) { Cpu *cpu = qemu_plugin_scoreboard_find(score, cpu_index); @@ -905,6 +997,8 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, if (!strcmp(info->target_name, "aarch64")) { arch_ops = aarch64_ops; + } else if (!strcmp(info->target_name, "x86_64")) { + arch_ops = x64_ops; } else { fprintf(stderr, "plugin uftrace: %s target is not supported\n", info->target_name); -- 2.47.2
