Add TDX debugging documentation

2025-06-08 21:06:48 +00:00 · 2024-11-25 02:59:20 -05:00 · 2024-11-25 02:59:20 -05:00 · 9da6af0394
commit 9da6af0394
parent d67976da88
1 changed files with 29 additions and 1 deletions
--- a/docs/src/kernel/intel_tdx.md
+++ b/docs/src/kernel/intel_tdx.md
@ -77,7 +77,35 @@ make run INTEL_TDX=1
 ```

 If everything goes well,
-Asterinas is now up and running inside a TDVM.
+Asterinas is now up and running inside a TD.
+
+## Using GDB to Debug
+
+A Trust Domain (TD) is debuggable if its `ATTRIBUTES.DEBUG` bit is 1.
+In this mode, the host VMM can use Intel TDX module functions
+to read and modify TD VCPU state and TD private memory,
+which are not accessible when the TD is non-debuggable.
+
+Start Asterinas in a GDB-enabled TD and wait for debugging connection:
+
+```bash
+make gdb_server INTEL_TDX=1
+```
+
+Behind the scene, this command adds `debug=on` configuration to the QEMU parameters
+to enable TD debuggable mode.
+
+The server will listen at the default address specified in `Makefile`,
+i.e., a local TCP port `:1234`.
+
+Start a GDB client in another terminal:
+
+```bash
+make gdb_client INTEL_TDX=1
+```
+
+Note that you must use hardware assisted breakpoints
+because KVM is enabled when debugging a TD.

 ## About Intel TDX