[v4,4/8] KVM: selftests: Introduce SEV VM type check

Message ID	20241114234104.128532-5-pratikrajesh.sampat@amd.com (mailing list archive)
State	New
Headers	show Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2064.outbound.protection.outlook.com [40.107.94.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 229621B3925; Thu, 14 Nov 2024 23:42:13 +0000 (UTC) Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: "Pratik R. Sampat" <pratikrajesh.sampat@amd.com> To: <kvm@vger.kernel.org> CC: <seanjc@google.com>, <pbonzini@redhat.com>, <pgonda@google.com>, <thomas.lendacky@amd.com>, <michael.roth@amd.com>, <shuah@kernel.org>, <linux-kselftest@vger.kernel.org>, <linux-kernel@vger.kernel.org>, <sos-linux-ext-patches@mailman-svr.amd.com>, <pratikrajesh.sampat@amd.com> Subject: [PATCH v4 4/8] KVM: selftests: Introduce SEV VM type check Date: Thu, 14 Nov 2024 17:41:00 -0600 Message-ID: <20241114234104.128532-5-pratikrajesh.sampat@amd.com> In-Reply-To: <20241114234104.128532-1-pratikrajesh.sampat@amd.com> References: <20241114234104.128532-1-pratikrajesh.sampat@amd.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain
Series	Basic SEV-SNP Selftests \| expand [v4,0/8] Basic SEV-SNP Selftests [v4,1/8] KVM: SEV: Disable SEV-SNP on FW validation failure [v4,2/8] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 [v4,3/8] KVM: selftests: Add VMGEXIT helper [v4,4/8] KVM: selftests: Introduce SEV VM type check [v4,5/8] KVM: selftests: Add library support for interacting with SNP [v4,6/8] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type [v4,7/8] KVM: selftests: Abstractions for SEV to decouple policy from type [v4,8/8] KVM: selftests: Add a basic SEV-SNP smoke test

Message ID

20241114234104.128532-5-pratikrajesh.sampat@amd.com (mailing list archive)

State

New

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: "Pratik R. Sampat" <pratikrajesh.sampat@amd.com>
To: <kvm@vger.kernel.org>
CC: <seanjc@google.com>, <pbonzini@redhat.com>, <pgonda@google.com>,
	<thomas.lendacky@amd.com>, <michael.roth@amd.com>, <shuah@kernel.org>,
	<linux-kselftest@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
	<sos-linux-ext-patches@mailman-svr.amd.com>, <pratikrajesh.sampat@amd.com>
Subject: [PATCH v4 4/8] KVM: selftests: Introduce SEV VM type check
Date: Thu, 14 Nov 2024 17:41:00 -0600
Message-ID: <20241114234104.128532-5-pratikrajesh.sampat@amd.com>
In-Reply-To: <20241114234104.128532-1-pratikrajesh.sampat@amd.com>
References: <20241114234104.128532-1-pratikrajesh.sampat@amd.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Nov 2024 23:42:08.7344
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ab2b42b7-aa3c-427f-116b-08dd0505f45b
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CO1PEPF000044F4.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6009

Series

Basic SEV-SNP Selftests | expand

Commit Message

Pratik R. Sampat Nov. 14, 2024, 11:41 p.m. UTC

In preparation for SNP, declutter the vm type check by introducing a
SEV-SNP VM type check as well a transitive set of helper functions.

The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP
types are subset of the SEV VM type check.

Signed-off-by: Pratik R. Sampat <pratikrajesh.sampat@amd.com>
---
 .../testing/selftests/kvm/include/x86_64/sev.h  |  4 ++++
 .../selftests/kvm/lib/x86_64/processor.c        |  4 ++--
 tools/testing/selftests/kvm/lib/x86_64/sev.c    | 17 +++++++++++++++++
 .../selftests/kvm/x86_64/sev_smoke_test.c       |  2 +-
 4 files changed, 24 insertions(+), 3 deletions(-)

Comments

Nikunj A Dadhania Jan. 13, 2025, 8:18 a.m. UTC | #1

On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
> In preparation for SNP, declutter the vm type check by introducing a
> SEV-SNP VM type check as well a transitive set of helper functions.
> 
> The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP
> types are subset of the SEV VM type check.
> 
> Signed-off-by: Pratik R. Sampat <pratikrajesh.sampat@amd.com>
> ---
>  .../testing/selftests/kvm/include/x86_64/sev.h  |  4 ++++
>  .../selftests/kvm/lib/x86_64/processor.c        |  4 ++--
>  tools/testing/selftests/kvm/lib/x86_64/sev.c    | 17 +++++++++++++++++
>  .../selftests/kvm/x86_64/sev_smoke_test.c       |  2 +-
>  4 files changed, 24 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h
> index e7df5d0987f6..faed91435963 100644
> --- a/tools/testing/selftests/kvm/include/x86_64/sev.h
> +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h
> @@ -29,6 +29,10 @@ enum sev_guest_state {
>  
>  #define VMGEXIT()		{ __asm__ __volatile__("rep; vmmcall"); }
>  
> +bool is_sev_vm(struct kvm_vm *vm);
> +bool is_sev_es_vm(struct kvm_vm *vm);
> +bool is_sev_snp_vm(struct kvm_vm *vm);
> +
>  void sev_vm_launch(struct kvm_vm *vm, uint32_t policy);
>  void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement);
>  void sev_vm_launch_finish(struct kvm_vm *vm);
> diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c
> index 636b29ba8985..13f060748fc2 100644
> --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c
> +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c
> @@ -641,7 +641,7 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm)
>  	sync_global_to_guest(vm, host_cpu_is_amd);
>  	sync_global_to_guest(vm, is_forced_emulation_enabled);
>  
> -	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
> +	if (is_sev_vm(vm)) {
>  		struct kvm_sev_init init = { 0 };
>  
>  		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
> @@ -1158,7 +1158,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits)
>  
>  void kvm_init_vm_address_properties(struct kvm_vm *vm)
>  {
> -	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
> +	if (is_sev_vm(vm)) {
>  		vm->arch.sev_fd = open_sev_dev_path_or_exit();
>  		vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
>  		vm->gpa_tag_mask = vm->arch.c_bit;
> diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c
> index e9535ee20b7f..d6e7a422b69d 100644
> --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c
> +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c
> @@ -4,6 +4,23 @@
>  
>  #include "sev.h"
>  
> +bool is_sev_snp_vm(struct kvm_vm *vm)
> +{
> +	return vm->type == KVM_X86_SNP_VM;
> +}
> +
> +/* A SNP VM is also a SEV-ES VM */
> +bool is_sev_es_vm(struct kvm_vm *vm)
> +{
> +	return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM;
> +}
> +
> +/* A SEV-ES and SNP VM is also a SEV VM */
> +bool is_sev_vm(struct kvm_vm *vm)
> +{
> +	return is_sev_snp_vm(vm) || is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM;

As is_sev_es_vm() already checks is_sev_snp_vm(), we can drop SNP VM check here, right ?

Regards
Nikunj

Pratik Rajesh Sampat Jan. 13, 2025, 8:10 p.m. UTC | #2

On 1/13/25 2:18 AM, Nikunj A. Dadhania wrote:
> 
> 
> On 11/15/2024 5:11 AM, Pratik R. Sampat wrote:
>> In preparation for SNP, declutter the vm type check by introducing a
>> SEV-SNP VM type check as well a transitive set of helper functions.
>>
>> The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP
>> types are subset of the SEV VM type check.
>>
>> Signed-off-by: Pratik R. Sampat <pratikrajesh.sampat@amd.com>
>> ---
>>  .../testing/selftests/kvm/include/x86_64/sev.h  |  4 ++++
>>  .../selftests/kvm/lib/x86_64/processor.c        |  4 ++--
>>  tools/testing/selftests/kvm/lib/x86_64/sev.c    | 17 +++++++++++++++++
>>  .../selftests/kvm/x86_64/sev_smoke_test.c       |  2 +-
>>  4 files changed, 24 insertions(+), 3 deletions(-)
>>
>> diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h
>> index e7df5d0987f6..faed91435963 100644
>> --- a/tools/testing/selftests/kvm/include/x86_64/sev.h
>> +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h
>> @@ -29,6 +29,10 @@ enum sev_guest_state {
>>  
>>  #define VMGEXIT()		{ __asm__ __volatile__("rep; vmmcall"); }
>>  
>> +bool is_sev_vm(struct kvm_vm *vm);
>> +bool is_sev_es_vm(struct kvm_vm *vm);
>> +bool is_sev_snp_vm(struct kvm_vm *vm);
>> +
>>  void sev_vm_launch(struct kvm_vm *vm, uint32_t policy);
>>  void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement);
>>  void sev_vm_launch_finish(struct kvm_vm *vm);
>> diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c
>> index 636b29ba8985..13f060748fc2 100644
>> --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c
>> +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c
>> @@ -641,7 +641,7 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm)
>>  	sync_global_to_guest(vm, host_cpu_is_amd);
>>  	sync_global_to_guest(vm, is_forced_emulation_enabled);
>>  
>> -	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
>> +	if (is_sev_vm(vm)) {
>>  		struct kvm_sev_init init = { 0 };
>>  
>>  		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
>> @@ -1158,7 +1158,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits)
>>  
>>  void kvm_init_vm_address_properties(struct kvm_vm *vm)
>>  {
>> -	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
>> +	if (is_sev_vm(vm)) {
>>  		vm->arch.sev_fd = open_sev_dev_path_or_exit();
>>  		vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
>>  		vm->gpa_tag_mask = vm->arch.c_bit;
>> diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c
>> index e9535ee20b7f..d6e7a422b69d 100644
>> --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c
>> +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c
>> @@ -4,6 +4,23 @@
>>  
>>  #include "sev.h"
>>  
>> +bool is_sev_snp_vm(struct kvm_vm *vm)
>> +{
>> +	return vm->type == KVM_X86_SNP_VM;
>> +}
>> +
>> +/* A SNP VM is also a SEV-ES VM */
>> +bool is_sev_es_vm(struct kvm_vm *vm)
>> +{
>> +	return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM;
>> +}
>> +
>> +/* A SEV-ES and SNP VM is also a SEV VM */
>> +bool is_sev_vm(struct kvm_vm *vm)
>> +{
>> +	return is_sev_snp_vm(vm) || is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM;
> 
> As is_sev_es_vm() already checks is_sev_snp_vm(), we can drop SNP VM check here, right ?
> 

That's right, thanks for catching that. I'll get rid of the
is_sev_es_vm() check here.

Pratik

diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h
index e7df5d0987f6..faed91435963 100644
--- a/tools/testing/selftests/kvm/include/x86_64/sev.h
+++ b/tools/testing/selftests/kvm/include/x86_64/sev.h
@@ -29,6 +29,10 @@  enum sev_guest_state {
 
 #define VMGEXIT()		{ __asm__ __volatile__("rep; vmmcall"); }
 
+bool is_sev_vm(struct kvm_vm *vm);
+bool is_sev_es_vm(struct kvm_vm *vm);
+bool is_sev_snp_vm(struct kvm_vm *vm);
+
 void sev_vm_launch(struct kvm_vm *vm, uint32_t policy);
 void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement);
 void sev_vm_launch_finish(struct kvm_vm *vm);
diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c
index 636b29ba8985..13f060748fc2 100644
--- a/tools/testing/selftests/kvm/lib/x86_64/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c
@@ -641,7 +641,7 @@  void kvm_arch_vm_post_create(struct kvm_vm *vm)
 	sync_global_to_guest(vm, host_cpu_is_amd);
 	sync_global_to_guest(vm, is_forced_emulation_enabled);
 
-	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
+	if (is_sev_vm(vm)) {
 		struct kvm_sev_init init = { 0 };
 
 		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
@@ -1158,7 +1158,7 @@  void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits)
 
 void kvm_init_vm_address_properties(struct kvm_vm *vm)
 {
-	if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) {
+	if (is_sev_vm(vm)) {
 		vm->arch.sev_fd = open_sev_dev_path_or_exit();
 		vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
 		vm->gpa_tag_mask = vm->arch.c_bit;
diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c
index e9535ee20b7f..d6e7a422b69d 100644
--- a/tools/testing/selftests/kvm/lib/x86_64/sev.c
+++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c
@@ -4,6 +4,23 @@ 
 
 #include "sev.h"
 
+bool is_sev_snp_vm(struct kvm_vm *vm)
+{
+	return vm->type == KVM_X86_SNP_VM;
+}
+
+/* A SNP VM is also a SEV-ES VM */
+bool is_sev_es_vm(struct kvm_vm *vm)
+{
+	return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM;
+}
+
+/* A SEV-ES and SNP VM is also a SEV VM */
+bool is_sev_vm(struct kvm_vm *vm)
+{
+	return is_sev_snp_vm(vm) || is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM;
+}
+
 /*
  * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and the
  * -1 would then cause an underflow back to 2**64 - 1. This is expected and
diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
index 97d9989c8011..53bc0af62bad 100644
--- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
@@ -123,7 +123,7 @@  static void test_sev(void *guest_code, uint64_t policy)
 	for (;;) {
 		vcpu_run(vcpu);
 
-		if (policy & SEV_POLICY_ES) {
+		if (is_sev_es_vm(vm)) {
 			TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT,
 				    "Wanted SYSTEM_EVENT, got %s",
 				    exit_reason_str(vcpu->run->exit_reason));

[v4,4/8] KVM: selftests: Introduce SEV VM type check

Commit Message

Comments

Patch