1

This post showed me how to see stuff in SMM. And I notice that Simics shows other normally "hidden" registers like the segment descriptor shadow values, which only get updated indirectly. So is it possible to see the "smbase" register in Simics?

Jimmy Wu
  • 149
  • 7

2 Answers2

2

First, you may search the loaded configuration for a particular string using the apropos command (a for short). And since smbase is likely exposed via an attribute it would look like a -a smbase. And if there are anything "smbase" in the configuration you will see it.

I loaded the QSP-x86 Firststeps platform and got several hits on the form

<cpu-class>.msr_ia32_smbase

Also, in general it helps knowing the context of a certain something. Such that smbase is "part of" MSR.

Dharman
  • 30,962
  • 25
  • 85
  • 135
simgron
  • 139
  • 6
  • 1
    Ah, I had been using help-search (which I assumed took the role typically played by apropos, and it looks like I was right since they're synonyms), but I hadn't actually looked at the help for it yet, so I hadn't seen the -a option. Also, interestingly, when I run "a -a smbase" in the firststeps.simics, I get "The text 'smbase' cannot be found in any documentation." So I'm just mentioning that because that tripped me up for a bit. And while we're at it, how do I read MSRs in Simics? I see attributes, interfaces, and HAPs, but no commands for reading them?) – Jimmy Wu Sep 09 '21 at 11:12
  • 1
    OK I found "board.mb.cpu0.core[0][0].msrs" to print *all* MSRs, but how do I print just one? – Jimmy Wu Sep 09 '21 at 14:30
  • 1
    OK, I found that I can actually just use "print -x %msr_ia32_smbase" ! I was making it too complicated thinking there needed to be something to fill in that prefix. – Jimmy Wu Sep 09 '21 at 14:46
  • how about, "output-radix 16 4" then "%msr_ia32_smbase" – James Sep 09 '21 at 21:06
2

To read one MSR, currently you need to use interface calls on the processor. The "%" operator reads named registers on the current processor. Calling the iface inspects any processor object, and works for-only-has-a-number MSRs.

Use online help to figure out how to use the interface. For example:

simics> @conf.board.mb.cpu0.core[0][0].iface.x86_msr.get_number("IA32_TSC_DEADLINE")
1760
simics> api-help x86_msr_interface_t 
Help on API keyword "x86_msr_interface_t":

DESCRIPTION


SIM_INTERFACE(x86_msr) {
        void (*register_handlers)(
                conf_object_t *cpu,
                int64 number,
                x86_msr_getter_func_t getter,
                lang_void *getter_data,
                x86_msr_setter_func_t setter,
                lang_void *setter_data,
...

Adding a command for inspection is on the wish list.

UPDATE.

The interface also provides the ability to look up from number to name. For the case of MSR 0x9E, IA32_SMBASE, on the "client" core in Public Simics, looking up the name yields this:

simics> @conf.board.mb.cpu0.core[0][0].iface.x86_msr.get_name(158)
'msr_ia32_smbase'
simics> @conf.board.mb.cpu0.core[0]0].iface.x86_msr.get_number("msr_ia32_smbase")
158

For historical reasons, the register is called msr_ia32_smbase, and not IA32_SMBASE from the manual. In general, looking things up by number is a bit more robust. Esp since many MSRs just have numbers in the Simics model as it is currently set up.

jakobengblom2
  • 5,531
  • 2
  • 25
  • 33