Commit graph

921 commits

Author SHA1 Message Date
Alyssa Rosenzweig
ba478f2de5 mini.hv.dcp: Decode common messages
This accounts for most of the DCP traffic once macOS is booted. I used
a sophisticated side-channel hypervisor timing attack to determine the
message functions [ adding time.sleep(1) ]

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-06-21 14:02:25 +09:00
Alyssa Rosenzweig
6adf0c692c mini.trace.asc: Don't log handled messages
ASC handlers now return a boolean to indicate whether they successfully
handled the message (True if so). In that case, printing the underlying
mailbox traffic is redundant, so let's hide it.

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
2021-06-21 14:02:25 +09:00
Hector Martin
86e233931e m1n1.trace.asc: Add core endpoint numbers
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:51:46 +09:00
Hector Martin
e4a591d81a m1n1.trace.asc: Fix MSG_EP_MAP.LAST
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:49:55 +09:00
Hector Martin
71cdcb9bef ASCTracer: Fix subclassing
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:43:01 +09:00
Hector Martin
dbeb174ac9 m1n1.hv: Don't die on ^C in the shell 2021-06-21 02:34:07 +09:00
Hector Martin
03ceed3a97 m1n1.hv: Fix map_hook_idx read/write options
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:06:22 +09:00
Hector Martin
7632a57ff3 m1n1.trace.asc: Implement basic message handling/dispatch
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:05:36 +09:00
Hector Martin
8a0125ac17 m1n1.trce.gpio: Use new register arrays
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:05:08 +09:00
Hector Martin
86154a8194 dart_dump.py: Use new 2D register arrays
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:04:35 +09:00
Hector Martin
2e250df645 run_guest.py: Don't die if -m or -c fails, bring up a shell instead.
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:04:09 +09:00
Hector Martin
0a3bd5c91b m1n1.utils: Add support for multidimensional reg arrays in RegMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:03:18 +09:00
Hector Martin
9e42f4fc0f m1n1.trace: Add a state stash to Tracer that persists
This allows Tracers to keep internal state around even across complete
re-instantiations.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:02:05 +09:00
Hector Martin
7090138779 m1n1.utils: Make Register sub-subclasses work, optimize
Now figures out the fields/etc in a metaclass, not at object
instantiation time.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 02:01:07 +09:00
Hector Martin
8d61a81bed m1n1.hv: Wrap tracer calls in a shell to handle exceptions
This allows you to fix a tracer and retry ('cont' or ^D) or skip
('skip') its execution.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-21 01:58:47 +09:00
Hector Martin
7c19dcc33f m1n1.hv: Handle symbol addresses properly for Linux
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-19 21:51:36 +09:00
Hector Martin
8197538078 m1n1.hv: Add System.map support and make pac_mask configurable
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-19 15:53:14 +09:00
Janne Grunau
36dcc1b8f3 hv.py: remove only the used USB-C port from the ADT
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
bbd2cf8710 hv.py: hook USB-C port specific pmgr addresses
Allows running HV over each USB-C port of a Mac Mini with Mac OS as
guest.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
d88e255c56 hv.py: remove secondary CPU cores unconditionally from the ADT
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
98076ef693 usb: disable tps6598x interrupts
Restore the interrupt masks on chainload or HV guest start. The
interrupt mask is not restored on the USB-C port used by the hypervisor.
This prevents an interrupt storm in the guest when the other USB-C port
is exposed to the guest. Both tps6598x share unfortunately an interrupt
line.

Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:26:54 +09:00
Janne Grunau
de82209079 m1n1.trace.gpio: convert GPIOTracer to new framework
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:23:23 +09:00
Janne Grunau
ccd765464d m1n1.utils: fix RegMap range lookup
Signed-off-by: Janne Grunau <j@jannau.net>
2021-06-18 14:23:23 +09:00
Hector Martin
cb6d1f58a2 m1n1.trace.asc: Initial ASCTracer implementation
A tracer for the ASC coprocessor mailbox interface.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:24:55 +09:00
Hector Martin
b3526bd667 m1n1.trace: Implement RegMap-based tracing & ADTDevTracer
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:23:56 +09:00
Hector Martin
2784f48a24 m1n1.hv: Fix MMIO handling bugs
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:23:08 +09:00
Hector Martin
1213ec4173 m1n1.utils: Improve RegMap lookup functions
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:22:27 +09:00
Hector Martin
94db82f8a0 m1n1.hv: Reload shell globals when reloading class
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:22:06 +09:00
Hector Martin
332e7e22e7 m1n1.utils: Improve Reloadable, add cls._reloadcls()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:21:09 +09:00
Hector Martin
0ee96c7ffd m1n1.proxutils: Add ProxyUtils.{read,write}
These implement generic-size read/write. Use them for hypervisor MMIO
handling and for regmaps.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-18 02:19:39 +09:00
Hector Martin
990f5b3995 m1n1.hv: Complete TraceMode.SYNC/HOOK support
Also fix a nasty bug in legacy/bare map_hook() support

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:35:57 +09:00
Hector Martin
cdbc07e74c m1n1.utils: Add Register.copy()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:35:26 +09:00
Hector Martin
e218129931 m1n1.utils: Introduce Reloadable class for magic live-reloading
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 20:34:54 +09:00
Hector Martin
2f68012d6c m1n1.hv: Show ident for RESERVED page table mappings
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 02:32:46 +09:00
Hector Martin
49dad3b9ff m1n1.hv: Rework MMIO PT handling & tracing
Now keeps track of the requested MMIO maps in a DictRangeMap, which is
then flattened to HV page table updates.

TODO: HOOK/SYNC codepaths

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 02:00:32 +09:00
Hector Martin
228033f9ce m1n1.hv: Make map_hw() fall back to map_sw() for unaligned cases
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:59:35 +09:00
Hector Martin
db928acd61 m1n1.utils: RangeMap fixes & improvements, add BoolRangeMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:57:57 +09:00
Hector Martin
69745c3310 m1n1.utils: Add align_up() and align_down()
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-17 01:57:35 +09:00
Hector Martin
526cd8a55e m1n1.utils: Register: Keep fields sorted in __str__/__repr__
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:53:02 +09:00
Hector Martin
bb6ef8caa1 experiments/dart_dump.py: Port to RegMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:52:51 +09:00
Hector Martin
234051df1c m1n1.utils: Add RegMap base class
This metaclass voodoo allows us to define register maps like this:

class SomeDevice(RegMap):
    FOO = 0x0000, Register32
    BAR = 0x0004, Register32
    # Register array
    BAZ = range(0x100, 0x200, 4), Register32

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:29:46 +09:00
Hector Martin
53dcba6f25 m1n1.utils: RangeMap improvements, add {Scalar,Dict,Set}RangeMap
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:29:30 +09:00
Hector Martin
3d0bb889ab m1n1.utils: Move Register.value -> _value and wrap
Also pre-compute _fields

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-16 02:28:00 +09:00
Hector Martin
15381b8d74 m1n1.adt: Dump out address lookup table in script mode
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 19:45:58 +09:00
Hector Martin
48b4466abf m1n1.utils: Rewrite AddrLookup to improve performance & fix bugs
* Fix correctness issues (ranges could end up overlapping)
* Split ranges instead of merging them on overlap (previously a single
  range overlapping everything would reduce the lookup to a linear
  search over all ranges)
* Support removal and generic mutations by splitting out a generic
  RangeMap class that can be used with arbitrary values/collections

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 19:42:30 +09:00
Hector Martin
7e5054548a hv_vm: Rename SPTE_SYNC_TRACE to SPTE_TRACE_UNBUF
It's not really synchronous, it just flushes USB buffering.

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 16:10:06 +09:00
Hector Martin
96ecd52b65 tools/chainload.py: Remove 1-second delay
I don't think we need this any more, ever since the new reconnection
code

Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:59:55 +09:00
Hector Martin
a664bd5d55 hv_vm: Minor fixes to pagetable code
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:47:44 +09:00
Hector Martin
7ff613665b hv_asm.S: Add comments to the vectors
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:47:24 +09:00
Hector Martin
5751fa0019 hv_vm: Remove broken hv_max_proxy_hook
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-06-15 15:47:07 +09:00