From patchwork Tue Oct 5 23:44:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538201 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E859FC433EF for ; Tue, 5 Oct 2021 23:46:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D200460EE9 for ; Tue, 5 Oct 2021 23:46:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237211AbhJEXsc (ORCPT ); Tue, 5 Oct 2021 19:48:32 -0400 Received: from mail-bn8nam11hn2208.outbound.protection.outlook.com ([52.100.171.208]:38080 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237092AbhJEXsI (ORCPT ); Tue, 5 Oct 2021 19:48:08 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MfSDdnckkKWBVhHgTyiJwygfSvYHY/g+DHcq3mDoRlLzzSBaX4DbhM+ppNbPaC7l801wDDVfWAAcrqirhZSXI57OT7j/6Ocbc7oHZelaG+kJq8TKLLBm1C5x9t4l+O5tjSHV5ipV1XNYmTQPc8icVtCDxedbXqVXtqxh6qhDaR/+5JFQNVYhNzvg/YzZAnWf76vzsBp82TNbA2y5I0j8Z7aFdIcWZZxe9g10Gp3CtlDh2Y9aVM0s2X1XFhVI2OjY+5J/O5EqGahFqVFXThVW+omXKhSAkUiYz3cBmXUgx08hzQhNY1IGYkydw62T6sLG5kcIotWllPA63ipJ4hG32w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RcjVDyz3y/g66ja5+h3ghdhJFWcW8t85X0OkjDCWEHs=; b=RhKOLBx6xC1eUwTaUmTes71msSxPJ61Y7lVlLRqQqoRGJO0eusUAF8o3YvEUqDQb0jU/zuendgDlBqrLtfZnSGFXqrix1nHIxHwBh1Fu3zRddzebAquB89LL6N4RzS08VyEqe7bXdAxfQuHL7xR+coVQ8qrY9LlMkmmo6vQV1NJJF6wACz5UXT2BIGpqMAWB55+i6ZwCnKJqAMEQtZkYZJmq/bdbbOw8aNDdf754tF8mAIHMEx7rjlP5KAp/1LX1o4TJ8lFe6+xCZB/cVa74uXCW5TLMaps/4ria5gDeRunamltOC7QIuZnskz3HCh96WBCL89ANyrJ5v/0++ITMmg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RcjVDyz3y/g66ja5+h3ghdhJFWcW8t85X0OkjDCWEHs=; b=Pwz2uPbOSh5BjHqkk7CVlQpntN10TvgNLNU6aZYtacQutu8JqwXgPcA0k6ZCo/Qt8iE2vuTdJtRB2kCuvASZynMnRep+xdanFfQPaawDsWYeh8viMCHLTfd1C+TPnf3iTKSL5/SZy4QDmZWF2h7wUT69fnzO5VkKisRXbjXXLZ0= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:46:00 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:59 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 01/16] KVM: selftests: move vm_phy_pages_alloc() earlier in file Date: Tue, 5 Oct 2021 18:44:44 -0500 Message-Id: <20211005234459.430873-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA0PR12CA0001.namprd12.prod.outlook.com (2603:10b6:806:6f::6) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA0PR12CA0001.namprd12.prod.outlook.com (2603:10b6:806:6f::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.17 via Frontend Transport; Tue, 5 Oct 2021 23:45:59 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4d9e2f8b-76c8-4cd3-bad2-08d9885a4890 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4B64piqwPcnQEeGdODAjeS0MfhCFXvAyfkBTXkc5izYQDChejfctPXeYy5ivDJ8+OzPJ3BX8yjTTwv0o4ZeEveguqM7ZUWzzx8vd4UZjVL8cLunJGZgR57Lp5EkgwhN+Lha29btrSfB6scykRAnCrK3z5+zgQkOkNifwIpFigV4VzxqedRBbZR0ez7J2x2J9OfCSoCBDkWAxTh1dIsJVUd+Ff7KxalPHEo1YgeMF9p3KgDw93xRmQZM6CfQmwCPsdkkJiH0gTJ6XL3LAjIWErsChIW6lGwv6BYU+eCN9vYqhpfFDLJbVtrV/oa50dB9WLQhpqgmKAylJ8fdgvGbRnlXVH7vvMduIS1oh/B5iS2tmuvhhdZ2aFNeV7CUS9ks9GHDeI5YgVZardPEQD8vVdkcDCoplU9vzO1x/bR4GJY67O0mnxuBROXrEJgCUEL13ySfYwa9yeTBGUAoc6Uqp0wWesBikIsX84qei+FtiPURkX5wleboUdc2iqTLcBS/sj0aMqLJhTIbu+aMmmS8gnVLfi81kfniPoPCWedT+ww4YkwmqfHqPzDGYJ4bZ/ynxbfLrXCboDafq43lloV9t4yFdkapTVG1lCkL4thRECJF2nIcLaVFsI9ImSmfhjZmPhblDK9zTwLYh1hPIsLkIL6bXVIu0ynBRjJdA3gnRbbwuuNf0pL0WHfmUTq0uUJM7xelUKe3vjBXPImkYHP41999aH1FA2K/uks1YK49Q/scodnyvm0QQYLNHHzcXJwRypPSj2Igs6s6YP86fotoayDJl/tx4dUgzxymfDkCyu0xmHzNqOcvQWMGv9kGrJvjQuthietr8ExFvgfmTyWbyfpg7wPKkSspZGk5rBOc1WfiIfMkn0CtZROhWO1nnQaPxK1fq8lGc2HEmC6IpXF/aLctRzLtTY3zu32XK8MXD+48RgxGjsOZ+GZCL1KBJ7LiZzRQQfPysGYAbbQhESqg36elzduOI/otIYnj/NjMZQjZKbDtZXxEeZsypL84jPvj6OUrVH1zNjpKTiWj8tRPMuNsVpcQ2UGL3hgUuj0rnaZk= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6666004)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Oquza7/pfxnSGhTD7Tf7lt13JCkO83+vmihvUwkHeJxHE2si56rM8o4B4QJHPskNQfc45eu3IOoUpu6DdjYCtaMrRQG4F0I59srFU38fv8jFUWL0ccRSrnFvA7D1Ca9jXPQlFQcBc94weIy3lI11tuvRuiRE1fvJIeYyxMYtKB6I6v5HraeJWqe/2ChD8rGX5veGORzjtUcla2/hT4gJRH47FtQlUtn6CLrebbHczAUjvsaJ5WlFCqb71OsC/YPvVcbimIeDoaxw5CN2DQkEsEhJzla/hBVbMf5J/oIWILUmAlnL3wF0ACdgINL6/NoZZD1QFS2yrt1yKBEF1WH1/KQDl4FzdgN/POqXxl3jgRWyJ57cc8J0/Vbw4zZd7y8HK9ZWBgEq0xBx0BW1XuseI/sBGdS/XjMy68ndmwCSYSyBmpRFFGIj0DdMbaNKuj0DZ2RpegoJQWQmqXKkMA1h7EUTu3HMEP5RyXQzbraxo3M8a1YauIBK/XNj56qvmqcGr5TIGOLCIK6OWwFPGU4evdt4I5g0Zcgts+3ZN+9jw4rcCxutYSP2ZJNg0DkwVu5cMSpgzHoAac1S4m86atEjS1qYSVL3uxEoSRtwjJRpPhKt+axCnoG1x793lbF/pQp36Wn+ujZVwDAAbqmmtVqVCaj5bO8g35ENuqyBJLcioO4DtIfPC4mX4jpXKNfhEE1Y929ONcC9wlFnYY5rdoqSVE3FmMqbI6FRrqx+Ss/PtHhNeRxoBDwpOeHiEd1dQllDH9PSpzM8GhNqhJUJEmkieYgcilHfyze+Qg2jiKn0ad14Llq/Q30v2kwXVCIw2JUhZrNGydkPpTH/s58Bqj7LefrIlDASmu+K3qFBN56+NSYIm5crsfgc+qQklZDv3t5wiDFiuiZxeVog+ob6SO6lKm9wngmFWGKaUHOP9kKq69UzZpf3RxDhQqsMnd5i0he1lHEFT1vTJr61E0FThF0NsKnqd700+Amx1t9o7geEtqSo7TprYrhyzRL6eI1dcTi5ReGyJrFlDCTgokH5l/HigiQSC+aScUWaWCjtYjvqfT1UN2xhzlDTmA0dPzDsw9Zw5DDoPUwZK4Ll1Xn+mdDtbhVLWWRADv18cpDFS1xOXPxPH1yvR67ChOGfRQgWoQxJTjpQ/QTPj+4ad6YlEDmIzapWBbRH/cUVfnJeMQBb+C8wFnkkg56l9Hv9yBQvFoihp1YvzPD2tuPQY/GrQJKAntAqf0yOQ2UKrdt8uJUhMfqccBMc11vBGdDs3fecwuZmJJ32JH3VGrWkNs4hp6yNlS+zLx4Z+LfHz4oDKCKoKio4noMFpO3lwJvwZaQRuxO7 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4d9e2f8b-76c8-4cd3-bad2-08d9885a4890 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:59.7386 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: AA3KS8GQYhBeZT79GOn5bxkOsYHRminzHpr/UQCWjtdILSvW3ZUn+UjBxAPVDyn491rew83tVjfVwGz4XLYHRQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Subsequent patches will break some of this code out into file-local helper functions, which will be used by functions like vm_vaddr_alloc(), which currently are defined earlier in the file, so a forward declaration would be needed. Instead, move it earlier in the file, just above vm_vaddr_alloc() and and friends, which are the main users. Signed-off-by: Michael Roth Reviewed-by: Mingwei Zhang --- tools/testing/selftests/kvm/lib/kvm_util.c | 146 ++++++++++----------- 1 file changed, 73 insertions(+), 73 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 10a8ed691c66..92f59adddebe 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1145,6 +1145,79 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) list_add(&vcpu->list, &vm->vcpus); } +/* + * Physical Contiguous Page Allocator + * + * Input Args: + * vm - Virtual Machine + * num - number of pages + * paddr_min - Physical address minimum + * memslot - Memory region to allocate page from + * + * Output Args: None + * + * Return: + * Starting physical address + * + * Within the VM specified by vm, locates a range of available physical + * pages at or above paddr_min. If found, the pages are marked as in use + * and their base address is returned. A TEST_ASSERT failure occurs if + * not enough pages are available at or above paddr_min. + */ +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + struct userspace_mem_region *region; + sparsebit_idx_t pg, base; + + TEST_ASSERT(num > 0, "Must allocate at least one page"); + + TEST_ASSERT((paddr_min % vm->page_size) == 0, "Min physical address " + "not divisible by page size.\n" + " paddr_min: 0x%lx page_size: 0x%x", + paddr_min, vm->page_size); + + region = memslot2region(vm, memslot); + base = pg = paddr_min >> vm->page_shift; + + do { + for (; pg < base + num; ++pg) { + if (!sparsebit_is_set(region->unused_phy_pages, pg)) { + base = pg = sparsebit_next_set(region->unused_phy_pages, pg); + break; + } + } + } while (pg && pg != base + num); + + if (pg == 0) { + fprintf(stderr, "No guest physical page available, " + "paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", + paddr_min, vm->page_size, memslot); + fputs("---- vm dump ----\n", stderr); + vm_dump(stderr, vm, 2); + abort(); + } + + for (pg = base; pg < base + num; ++pg) + sparsebit_clear(region->unused_phy_pages, pg); + + return base * vm->page_size; +} + +vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, + uint32_t memslot) +{ + return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); +} + +/* Arbitrary minimum physical address used for virtual translation tables. */ +#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 + +vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) +{ + return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); +} + /* * VM Virtual Address Unused Gap * @@ -2149,79 +2222,6 @@ const char *exit_reason_str(unsigned int exit_reason) return "Unknown"; } -/* - * Physical Contiguous Page Allocator - * - * Input Args: - * vm - Virtual Machine - * num - number of pages - * paddr_min - Physical address minimum - * memslot - Memory region to allocate page from - * - * Output Args: None - * - * Return: - * Starting physical address - * - * Within the VM specified by vm, locates a range of available physical - * pages at or above paddr_min. If found, the pages are marked as in use - * and their base address is returned. A TEST_ASSERT failure occurs if - * not enough pages are available at or above paddr_min. - */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) -{ - struct userspace_mem_region *region; - sparsebit_idx_t pg, base; - - TEST_ASSERT(num > 0, "Must allocate at least one page"); - - TEST_ASSERT((paddr_min % vm->page_size) == 0, "Min physical address " - "not divisible by page size.\n" - " paddr_min: 0x%lx page_size: 0x%x", - paddr_min, vm->page_size); - - region = memslot2region(vm, memslot); - base = pg = paddr_min >> vm->page_shift; - - do { - for (; pg < base + num; ++pg) { - if (!sparsebit_is_set(region->unused_phy_pages, pg)) { - base = pg = sparsebit_next_set(region->unused_phy_pages, pg); - break; - } - } - } while (pg && pg != base + num); - - if (pg == 0) { - fprintf(stderr, "No guest physical page available, " - "paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", - paddr_min, vm->page_size, memslot); - fputs("---- vm dump ----\n", stderr); - vm_dump(stderr, vm, 2); - abort(); - } - - for (pg = base; pg < base + num; ++pg) - sparsebit_clear(region->unused_phy_pages, pg); - - return base * vm->page_size; -} - -vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, - uint32_t memslot) -{ - return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); -} - -/* Arbitrary minimum physical address used for virtual translation tables. */ -#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 - -vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) -{ - return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); -} - /* * Address Guest Virtual to Host Virtual * From patchwork Tue Oct 5 23:44:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538203 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9AE3DC433F5 for ; Tue, 5 Oct 2021 23:47:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7BE4C60EE4 for ; Tue, 5 Oct 2021 23:47:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237183AbhJEXsu (ORCPT ); Tue, 5 Oct 2021 19:48:50 -0400 Received: from mail-bn8nam11hn2217.outbound.protection.outlook.com ([52.100.171.217]:8641 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237129AbhJEXsc (ORCPT ); Tue, 5 Oct 2021 19:48:32 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M07DhvzqeVLnZQIYljCyUxp+axU1UYRxzovSXgswyLQws83AhsH2YHzwwRAKmPUWQ76z1qBJnYg662CFmLzB7oDCgwniWcNbBk83M7Mg4YldyBQ04OY/EmGpZAOAVaoFlP/rIK3bDTQ5Lp7sVO2bXeortVFj3OqQQ/KCnO3oq8Q0qXpD5IR7ls7nNGLFCGHijUS33Z5bza1WpQPvLpgookNBrB2plJCEcA5P0F7CMDhoNyZZ6NgcN17mO6/VhK1vpzEllKcyNcnZ759oCDcX9h6aqtjSkpNEj++5YUycYxxzurlxwuIWPTrHoUkSnWyuDxLYqiHJBvrd6pmps4Zwow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0SIZvFcjGmuBgM+NGicSg0h8HP4qi8Yi76JXDlGCe7E=; b=HRDmYOeNIV0X3GXgpUsw+jHshxCbZaxWcQRi5fRfoGwMXXABvPI3OtmJqnsuRdorBSp0PdprwbyOrs/xuR82l0DLFCqnRN3acfEC48xuvB9JbZuRqRE1x0g9QsVype9folP0frfRwgmKS9hEfGSAWl3RGAWWv6R3BIWkoSqXcU3cKEgLGrX1IJ9pNQP+Hi7e3prpjELigagZgU4aEwPuHGn80NNscrCdjPKPfY3czGX0t3S8D0l7+DvQpPa6Zh+60V74aDnBg2qI/pfQ9UK2A/2nOaHNPDEzm4bVK2h4zz5Hxx12hvUHwA+VIG6XNK59D/xuU4WGm3BA4FFyGdzunA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0SIZvFcjGmuBgM+NGicSg0h8HP4qi8Yi76JXDlGCe7E=; b=nalOvURB8L38LumocejYf7okYedX3UXdTxxVKyDLexkYieN3e5zUuDGC0kPwCbPm7rdNSozyIzCvnACwYMeU89ScE8lC61A42oP3P6Jz/D5QbJ2YP09QFo5qkoP1obonldl1qiBgGot/5Fv212+m8PdjKG1H77yEPPzuBWbcRMI= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:46:01 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:46:01 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 02/16] KVM: selftests: add hooks for managing encrypted guest memory Date: Tue, 5 Oct 2021 18:44:45 -0500 Message-Id: <20211005234459.430873-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9P221CA0011.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::16) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9P221CA0011.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22 via Frontend Transport; Tue, 5 Oct 2021 23:46:01 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d8b5c93d-2148-40f5-42fe-08d9885a499c X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2582; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /huW8s8o4wubo17upFyE8VjPWPWJNC2E/uxB3Z0gNvXBafZivbdU2/UgMaibI5kLL03HHK7FezdABTDsOx7+mFwhgQycLL2g2Kkwqv3RqL08Yijt8bvzAAzx3dctcwM+sGWuYOPfmEEkIgrU8mkiq3jXdbHwvxoeorZpyUKxSkdv2q1GyDFLncC03LiAV3jTue7VV22eVj638cTlwJVvYIdSjIuA44dg0AfMs+9xtafybqTFYi/ayyj8KuXuVCqyQaOQCOYYDeQgMlBwoEH/qIc2/2L7CdqQaBRJr+Ae7FnOB+1DwVUFwLWTLYijIlM42UJlZx9sTvDV/HGRivPFOdgyoV8gItMza/th+4hwu+Uw57bbupLAxCwjVZNOUrApynhJiIXQbjop3AGnznjc2qpcBEBlIoZws8+fjYizsnx+PLlVfElXVnZ1maOLUAUPHvedRHK3PHMMo8/UWJGTev16TiGQyGH8NK4IalVkaI8mAeCYUzWi2mDQx89Baxm/3v7husGtWbdwQNTZGQqVdi4OXVhPuW6OZiP9lXkFVR7mFyLKEKOTERNDKMQbVgFd/7OJZH8bNzvQzX7GWGUnL0v6JdOWXd7yFFtMsW5BWXc/XHDTpYVO+XMwdNO4C68mSxUYXDzgbL2IXiStpg64PWKauFUbSWj8TZ6M+/qa09nspjL5m2Bbr8YMTN6Wf4wInmWac3J6ylYl32jkTX5d1uNjwMPdjoXrSv8xKdPhb7M+dP3vMh/SO0NeE3OAXoxdEPJEd5GnTaH5tVQ3p5G5UQcYQyta8VAJx+0jcivgk3WA5w+iz4WmM39+WOhXtzTghvoycA7Cdg4hYfklDMgOvTQshhvKk6vHJKWExmaMGwxY9TJ3HkZn5dEh83xL+ddtQxYSG82JZ71PdrG/LOm+/seRtsi6CQM/I7U/oXhynNvW7v8VayXQOxT0ebTViEVildzcuGr6ia1AgQnmWo0W/vo/k50xSVzdhV82yLHJMPoF38Dbe4rbva+1wztqAuRj+1HF7AiAJXe/pt/vMVdwNTyfc9kOGhB+NejVWeZpY3Y= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6666004)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: YlV7kvCTxLl/0oZAlZxLectgBBIxIAfVOWfRN9/SO0MPcdcYizvQJd7pHlcduTd9HC2h9KZZ5t6dRHCOqa9GT+u9MOO/6fssvCaBQuXDTC1RwrdJT0XAIJGh/quXBSKQARLvZTswpRDhMg765/G+aU8zu58Z5aBA5eY79dTkV2eaNr22bl4LK1zoPZHeQw5EmOnnr39Rvzs8cA4tfuxIBmrLdF1Bn9SrXMenJdDylniXS9sZ42eG363bw8g0rX+IIpspZtsMrsCHs9lPLlZ4vMEYa/jzPF5GY2AsExCYhPLMMOZoAvaxQY1sXE7GPX+FmlfmY6h+2Pqi4U1UPVaz1JEDnGyEhgcCON/gWwID74NWjbi2CTpEPfZwUUeGZPaKLo/OHRST4JKBOezIQqFaus7iHpR01k7/BI4uzI6bajWJGWrRfzodwANbIGl8YOZ48xkHv2wFiB15c5JonE59SdV7ksTbgxN3ySKSS+xNI2FFLNdBACxhnIwLrFxSjtLEx7xdrd2eU5ns4ijggcQIhGyR3/5XbKONtQepkpmih8ZOsw4exOYZshFr+vFI6wOPa+xvWT6460X5nJDcCuRQ/+cOJLNEPVimq/Prld4Lo9r5FFcsnxtWarVZRthdmEjAn87+4CBPPwy0dHkLkjtpLTgvCSWkykQJ9ZhIpPXcntxnttUAZA6kfGlTOjJ93O4UOF4kW4HUqkfbaR7oCEQEbE60J0RBGmaezxv5vxwW0MN1qcvQBHQ/kxfRjDBCSF+/sNYtGDQK9phtqBWqzC+JdV3+cwiUc9Hz20QqvxfHBRXEAoyEvnaDly3cmKLBOWujK0hJu0bEJFW7w9TWFtWGxQhbriB7ShnTquYEctU9n89Ut2MbrA8PF1S+ENZKjygYL+YSy4ayzMNhIY7uMFMoxEz9655isUTOZULT2y1dXD8MB8F3T1JuWDq0C0dU6T/Uef1G92NJkpqMuSl1vweum9alZtHT9T0e5B5lXYY1nFxP6W405e8Ld30sL+PfdA8wXCntisx3nq5yRNiX9MXh5Up9k9eObbBNpe8DH6kEIE79t9IjxRt65HirNcQhPtT/E32t2SzDuVLqOnZ2ftNozOBSOtJiDVBD0Mr+m8D8ne2YJR5Zhl6LwoFmWtOPuR8FNdfM03/WsP0AasldCpWFZI9iBjYvu3C3Bs6MPiOK3yIwS+XraTnCyNfi99Fa+n4+bfMZ4DqhwyeEQt9e7JmiXinAOBY2BudPbRn5ZDYUeD2oJHo1hSfdyTHICTt66F/CPOHIb1BZy5suv7KnWKA3t6CkwI/o93E+1wmlm8NhrhQJpJqzMC9lXmriZa2bjg3I X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d8b5c93d-2148-40f5-42fe-08d9885a499c X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:46:01.5058 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ntsqX5hv3o5YDkPKinV5Az2D1yPlZqsPN4E0vxhQwT9BzrhTRtNv+NjPnxAUoKzrDAPLVFrXBZKVitzuxN6wQg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org VM implementations that make use of encrypted memory need a way to configure things like the encryption/shared bit position for page table handling, the default encryption policy for internal allocations made by the core library, and a way to fetch the list/bitmap of encrypted pages to do the actual memory encryption. Add an interface to configure these parameters. Also introduce a sparsebit map to track allocations/mappings that should be treated as encrypted, and provide a way for VM implementations to retrieve it to handle operations related memory encryption. Signed-off-by: Michael Roth Reviewed-by: Mingwei Zhang --- .../testing/selftests/kvm/include/kvm_util.h | 6 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 63 +++++++++++++++++-- .../selftests/kvm/lib/kvm_util_internal.h | 10 +++ 3 files changed, 75 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 010b59b13917..f417de80596c 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -348,6 +348,12 @@ int vm_create_device(struct kvm_vm *vm, struct kvm_create_device *cd); void assert_on_unhandled_exception(struct kvm_vm *vm, uint32_t vcpuid); +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit); +struct sparsebit *vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, + vm_paddr_t *gpa_start, + uint64_t *size); + /* Common ucalls */ enum { UCALL_NONE, diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 92f59adddebe..c58f930dedd2 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -631,6 +631,7 @@ static void __vm_mem_region_delete(struct kvm_vm *vm, "rc: %i errno: %i", ret, errno); sparsebit_free(®ion->unused_phy_pages); + sparsebit_free(®ion->encrypted_phy_pages); ret = munmap(region->mmap_start, region->mmap_size); TEST_ASSERT(ret == 0, "munmap failed, rc: %i errno: %i", ret, errno); @@ -924,6 +925,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, } region->unused_phy_pages = sparsebit_alloc(); + region->encrypted_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, guest_paddr >> vm->page_shift, npages); region->region.slot = slot; @@ -1153,6 +1155,7 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) * num - number of pages * paddr_min - Physical address minimum * memslot - Memory region to allocate page from + * encrypt - Whether to treat the pages as encrypted * * Output Args: None * @@ -1164,11 +1167,13 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) * and their base address is returned. A TEST_ASSERT failure occurs if * not enough pages are available at or above paddr_min. */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) +static vm_paddr_t +_vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, vm_paddr_t paddr_min, + uint32_t memslot, bool encrypt) { struct userspace_mem_region *region; sparsebit_idx_t pg, base; + vm_paddr_t gpa; TEST_ASSERT(num > 0, "Must allocate at least one page"); @@ -1198,10 +1203,25 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, abort(); } - for (pg = base; pg < base + num; ++pg) + for (pg = base; pg < base + num; ++pg) { sparsebit_clear(region->unused_phy_pages, pg); + if (encrypt) + sparsebit_set(region->encrypted_phy_pages, pg); + } + + gpa = base * vm->page_size; - return base * vm->page_size; + if (encrypt && vm->memcrypt.has_enc_bit) + gpa |= (1ULL << vm->memcrypt.enc_bit); + + return gpa; +} + +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + return _vm_phy_pages_alloc(vm, 1, paddr_min, memslot, + vm->memcrypt.enc_by_default); } vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, @@ -2146,6 +2166,10 @@ void vm_dump(FILE *stream, struct kvm_vm *vm, uint8_t indent) region->host_mem); fprintf(stream, "%*sunused_phy_pages: ", indent + 2, ""); sparsebit_dump(stream, region->unused_phy_pages, 0); + if (vm->memcrypt.enabled) { + fprintf(stream, "%*sencrypted_phy_pages: ", indent + 2, ""); + sparsebit_dump(stream, region->encrypted_phy_pages, 0); + } } fprintf(stream, "%*sMapped Virtual Pages:\n", indent, ""); sparsebit_dump(stream, vm->vpages_mapped, indent + 2); @@ -2343,3 +2367,34 @@ int vcpu_get_stats_fd(struct kvm_vm *vm, uint32_t vcpuid) return ioctl(vcpu->fd, KVM_GET_STATS_FD, NULL); } + +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit) +{ + vm->memcrypt.enabled = true; + vm->memcrypt.enc_by_default = enc_by_default; + vm->memcrypt.has_enc_bit = has_enc_bit; + vm->memcrypt.enc_bit = enc_bit; +} + +struct sparsebit * +vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, vm_paddr_t *gpa_start, + uint64_t *size) +{ + struct userspace_mem_region *region; + struct sparsebit *encrypted_phy_pages; + + if (!vm->memcrypt.enabled) + return NULL; + + region = memslot2region(vm, slot); + if (!region) + return NULL; + + encrypted_phy_pages = sparsebit_alloc(); + sparsebit_copy(encrypted_phy_pages, region->encrypted_phy_pages); + *size = region->region.memory_size; + *gpa_start = region->region.guest_phys_addr; + + return encrypted_phy_pages; +} diff --git a/tools/testing/selftests/kvm/lib/kvm_util_internal.h b/tools/testing/selftests/kvm/lib/kvm_util_internal.h index a03febc24ba6..99ccab86115c 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util_internal.h +++ b/tools/testing/selftests/kvm/lib/kvm_util_internal.h @@ -16,6 +16,7 @@ struct userspace_mem_region { struct kvm_userspace_memory_region region; struct sparsebit *unused_phy_pages; + struct sparsebit *encrypted_phy_pages; int fd; off_t offset; void *host_mem; @@ -44,6 +45,14 @@ struct userspace_mem_regions { DECLARE_HASHTABLE(slot_hash, 9); }; +/* Memory encryption policy/configuration. */ +struct vm_memcrypt { + bool enabled; + int8_t enc_by_default; + bool has_enc_bit; + int8_t enc_bit; +}; + struct kvm_vm { int mode; unsigned long type; @@ -67,6 +76,7 @@ struct kvm_vm { vm_vaddr_t idt; vm_vaddr_t handlers; uint32_t dirty_ring_size; + struct vm_memcrypt memcrypt; }; struct vcpu *vcpu_find(struct kvm_vm *vm, uint32_t vcpuid); From patchwork Tue Oct 5 23:44:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538205 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8093DC4332F for ; Tue, 5 Oct 2021 23:47:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6395360EE3 for ; Tue, 5 Oct 2021 23:47:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237305AbhJEXsv (ORCPT ); Tue, 5 Oct 2021 19:48:51 -0400 Received: from mail-bn8nam11hn2208.outbound.protection.outlook.com ([52.100.171.208]:38080 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237187AbhJEXsc (ORCPT ); Tue, 5 Oct 2021 19:48:32 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RZtEMTIFP6AFW6OS719nKezOmPM3OcTHwl7qjGD9cVdtGSu+MGVM283LqkMXmu+dfTPVKfPDI68Jn8PGoP6p8Dons+qFlKS3hm+Mj6It4li3V6Ax63En/B9bfM37X+A/2/E+jiCFVkz0iYm/R+pWZiaHMh7szQfajTODe9QMpwFm4zIqyqDmHltpwNbmVLhdAPoHtrnCkonSZMIaO+abCXDX8m+WP8YdmaiR15CekBMPY+mWsRgRSdKh/2/+8lla1DAru8c0RWDEwjRq+FUWwcDwtPnh2LwkUQXyrIiq6hIJDc8xop1SS1qMtYmaQgqsTgFMWzGnY0ThOAunGDfJXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sZipiri2MgYDAKwE57UEvJmQdGN0o6KhTqw5dHuuDW8=; b=cjlqiepablJ9Gv4YiC4GmLSd5yAz5ITT7SPA+DRRIvqr6RE3/FLaaLPBaSgnUJ4cVg6nhWPRhedmo1xh3s6r3fRLbAX55ihq9Tf9XD/bmf1j0ez5pBchBhFVc3LcfQYN/3CvJUdbuPya1eusICC5cjaRX/HEvGtkXsLVEnhCx5RQZAI6SMc+pnSgDlDQF/08oJtggA+Xg00HcPaTyvwPb9E7IIMFdMw2bXg8bsIV9tmgmUQ/IhzSgTAJEwKu9BmUlGbs2zp9k3C8x8P+avxZJNOgmTavH5RsMNWBYQCNtTuCxAwOElOUC8A1zqzvMaLW4k7AcmdHgmjI+yK1bkfxSA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sZipiri2MgYDAKwE57UEvJmQdGN0o6KhTqw5dHuuDW8=; b=JnRivwkWy0KMqGAMAO7R2owyETxv12Kj2fmJ3O7VInGL+kok623a7zvPAME8owgBf5knK5VuczvQAxR9jL6mNRG97qTWNSDifsmyk44qFSrHhcIQMa5AtgxRYg66+kgiWXINeXLe/HZAdMHdL2X8iw0br82sr+WOWn+Hf8qli+o= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:46:03 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:46:03 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 03/16] KVM: selftests: handle encryption bits in page tables Date: Tue, 5 Oct 2021 18:44:46 -0500 Message-Id: <20211005234459.430873-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9P221CA0030.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::35) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9P221CA0030.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.19 via Frontend Transport; Tue, 5 Oct 2021 23:46:02 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a8d4cbe1-d2c7-4e4d-ac4d-08d9885a4a7a X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: OjuAKNdO+w0090eH6AcfONyFKJ3BGqNyoktUBrZN3ayrf+y1W5M0qmUFa3mgxOTCQq6vMRATvcR1OcrB9D+GSsJIk6MJcbD2ynxELM3sKCSiqp6UmbO5+tGXVLjIiti+jR6GG/MJTb0Q7atZrTxOJi/VaZ5A8tfpJyhmyQHCp4SQStv4/pi9U2cfk66T65T41uNQypu/P78Mh4We+Ek4NDXNMbaHUVHUtI/suTLll8T4aq59B86t1W7jKFRnnXu/qxnairf/SyCPYU5BgrDldRRZ2kC/haO3U3srRPHgUTCVn0r/RUXYRx6IhNMcyv/dmQj3P/mq4X2yu+Pv7VpxT4OozbSAACDAYCc0VlpPcUtKuKYo0wmEEV/pXRDzplI6gK+gZ7XD0aCjkqquHjo8Y2aIFg4siuKHSXKqEKa1POTByp7rN7gBbXqwKA8/YUlUM9WWFoLwBTPZVkqe5penboKHizIvNYcb1cLAzOzK34rGOc4NVTYKW2lCC+EI2prHNtW5g1hYT0rIR48+w7d1oDYLPcxFMgkbx5ka1xatLpwAKBY4kIFMvTbzt80q2+a9dnI7wpZSvm5BZrPlY7fMmpS2cJkmvRdDa76SKaEAWB+SUe57em/bMknzdEpnuwE9l8ZJpKogdHyOnLF4C5sMd+MXLc8xyMgEhoy/F0ZPkqf1EblTrpyJaywVkfq8IpM7uoO+MUELSz94ec/E8/wsIQUqlUSbJ6k3L+FTImSETDbfu8REflJ/XczGC0v+RHIxe78MO6OvBeWjUQf1CGYJbKhYo14D3r5PCEDwTe7lNAIpNVsTKQtIj/8jMcNbepJSzJhdtlRKMrzFAMnPEGftO9UqDHr//tbJJrnfz7q8UdLgROaYsiBVp6v5LKmYpFCI+s/GdGzFTi6Nl/RYdX7Qi9fmIojbgTU7+4FIlBkmpWn3BAyZKKvJwkv3Z3kNPFcjpUnp4QF9CeuKgd0bCblbrRWs2PXbOtn5S3fJbtbT+8bgfJ+Z7JqBd92B7B3y3iJ86QD1ojkgGExBdo72Dxya3qmVhYWSy6TH5RXNoC2xfUw= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6666004)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: PmKqrwfkPJILBZU6I57gvz426T6KxV4pVQ9cW9At/USlg9poehb2cINXK1U0kCkWlwX63xR8hN8W1uAUseVFvWvVt5HO4hF0VpuX6a3Djly5hFeG0gjYKTDvfhx2nHtRHog25NH6lLmv+6xekft7822QamfHcAepRdG1iGLDKFCNDTFJUQ+UiwaWTVnnfYDrhMKvm3E07YjWU5J6ALqWJU8b8ur2dgY/7QOPwd6zo/Z5bZuq7vKRUpeHauMuRNzhGpV3xQweXoXB4kSx/Obv7OEnfOrBpsaF3ro+TTEG6GUcvVlbtPgOJJjMTYQi6QZxRIawszFaRf6Nhx8SZiI1Q5k3W/jZCswCFaxhnAeuK/3oZ2ndnj5UGHQG6vitwSj163C2/CW5ii5/dbYYoSqdumo9EPdvZFhiIt6FU/OzlZwkaRQPicP38BEJBTC8cxkEhlbOow8BlVPtwgoUxNQXJZ5S88SRsWBXouN3TQmtfqkUfSkUnvCbD7ni4U3X8vr0XONcRvmQVLaldS3+z99C43BFxqMpKfU9TeesM7596ynXobOC5/Ak4H8r6CBudqiLvfTnKBrMrX9WPTSfvM8SC6pB05meTtqWar3ue6bPS9uOXkLE9+a+RXguW1Bdx2TZDGKfdB4YTs5Nmr21g0XmZwlsqDZ1Yud7WrkbW2Pzsiwv0r1BC60WXkQyn5ZpTNGUCq7E0ePEtAJHCGmk6dnTc24AMdBj+94dfiSthHF4U2Pr996P1FJJizCpD4Ep3YOlW33laaxMBDar7os9kwRro/SI5DvSofzeWvJIsCSQfRtkdAuGwJZEbXrt5yWza3Ux6uicwJUySYqSXFwLk5XxtNhEJa5zkaJ/1TsUesw8vRi1rhxNrp9B7WNOC+U5HHkTgbZf2ra8WPytmc6wg2bDDLpMJV0Y74c97H6GCUrDHyd6dM9bNHh/AHDL8gMBKalQ7nt2PSCKgir6Jvrqb/fIORxHv7wlB+I95XtbbLgaRMZG2r/KQtVjuYIkShhT2Kq2o17ZOanNCVrVCp1byvxVrAG6deqZYPF2zUlCM7evpKOqNvtjTpduonPOFGBEyoyjLHw6h3g35q3Hir90WG9OuCkDThd1JpViQxZawSDl4+MvgKjlQRBcqaNS+CYDyr2lo7eN0Fj/m18hnQhXJoA9qXdIkZ1FkD/V09Ht+q6w/CMq3/igf//tPlGbEimi4Y6lwLOJqRnepOVgYevF663VWA0bK8sXnokxzlU+KA2o5u76yWn4qmBdVCLX14Tu6Qaqjz4Ke3/s1mt0HkTRnEWFCVppzkRnI54LWwzNP5esy1ifw+wojVvWAzR7EVhGWMxI X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a8d4cbe1-d2c7-4e4d-ac4d-08d9885a4a7a X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:46:03.1277 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: JVq6yU3ZQhPWJ9RAucFzU9qZ1wyFW/C1bWMjuK3FViO1Ko2BHQpGusKbIvKicfpcyd3cxhchMl8TtRLAmxLaFg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org SEV guests rely on an encyption bit which resides within the range that current code treats as address bits. Guest code will expect these bits to be set appropriately in their page tables, whereas helpers like addr_gpa2hva() will expect these bits to be masked away prior to translation. Add proper handling for these cases. Signed-off-by: Michael Roth --- .../testing/selftests/kvm/include/kvm_util.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 23 +++++++++++++++- .../selftests/kvm/lib/x86_64/processor.c | 26 +++++++++---------- 3 files changed, 36 insertions(+), 14 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index f417de80596c..4bf686d664cc 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -152,6 +152,7 @@ void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa); void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t gpa); +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_vaddr_t gpa_raw); /* * Address Guest Virtual to Guest Physical diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index c58f930dedd2..ef88fdc7e46b 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1443,6 +1443,26 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, } } +/* + * Mask off any special bits from raw GPA + * + * Input Args: + * vm - Virtual Machine + * gpa_raw - Raw VM physical address + * + * Output Args: None + * + * Return: + * GPA with special bits (e.g. shared/encrypted) masked off. + */ +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_paddr_t gpa_raw) +{ + if (!vm->memcrypt.has_enc_bit) + return gpa_raw; + + return gpa_raw & ~(1ULL << vm->memcrypt.enc_bit); +} + /* * Address VM Physical to Host Virtual * @@ -1460,9 +1480,10 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, * address providing the memory to the vm physical address is returned. * A TEST_ASSERT failure occurs if no region containing gpa exists. */ -void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa) +void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa_raw) { struct userspace_mem_region *region; + vm_paddr_t gpa = addr_raw2gpa(vm, gpa_raw); region = userspace_mem_region_find(vm, gpa, gpa); if (!region) { diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 28cb881f440d..0bbd88fe1127 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -198,7 +198,7 @@ static void *virt_get_pte(struct kvm_vm *vm, uint64_t pt_pfn, uint64_t vaddr, static struct pageUpperEntry *virt_create_upper_pte(struct kvm_vm *vm, uint64_t pt_pfn, uint64_t vaddr, - uint64_t paddr, + uint64_t paddr_raw, int level, enum x86_page_size page_size) { @@ -208,10 +208,9 @@ static struct pageUpperEntry *virt_create_upper_pte(struct kvm_vm *vm, pte->writable = true; pte->present = true; pte->page_size = (level == page_size); - if (pte->page_size) - pte->pfn = paddr >> vm->page_shift; - else - pte->pfn = vm_alloc_page_table(vm) >> vm->page_shift; + if (!pte->page_size) + paddr_raw = vm_alloc_page_table(vm); + pte->pfn = paddr_raw >> vm->page_shift; } else { /* * Entry already present. Assert that the caller doesn't want @@ -228,12 +227,13 @@ static struct pageUpperEntry *virt_create_upper_pte(struct kvm_vm *vm, return pte; } -void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, +void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr_raw, enum x86_page_size page_size) { const uint64_t pg_size = 1ull << ((page_size * 9) + 12); struct pageUpperEntry *pml4e, *pdpe, *pde; struct pageTableEntry *pte; + uint64_t paddr = addr_raw2gpa(vm, paddr_raw); TEST_ASSERT(vm->mode == VM_MODE_PXXV48_4K, "Unknown or unsupported guest mode, mode: 0x%x", vm->mode); @@ -256,15 +256,15 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, * early if a hugepage was created. */ pml4e = virt_create_upper_pte(vm, vm->pgd >> vm->page_shift, - vaddr, paddr, 3, page_size); + vaddr, paddr_raw, 3, page_size); if (pml4e->page_size) return; - pdpe = virt_create_upper_pte(vm, pml4e->pfn, vaddr, paddr, 2, page_size); + pdpe = virt_create_upper_pte(vm, pml4e->pfn, vaddr, paddr_raw, 2, page_size); if (pdpe->page_size) return; - pde = virt_create_upper_pte(vm, pdpe->pfn, vaddr, paddr, 1, page_size); + pde = virt_create_upper_pte(vm, pdpe->pfn, vaddr, paddr_raw, 1, page_size); if (pde->page_size) return; @@ -272,14 +272,14 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, pte = virt_get_pte(vm, pde->pfn, vaddr, 0); TEST_ASSERT(!pte->present, "PTE already present for 4k page at vaddr: 0x%lx\n", vaddr); - pte->pfn = paddr >> vm->page_shift; + pte->pfn = paddr_raw >> vm->page_shift; pte->writable = true; pte->present = 1; } -void virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr) +void virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr_raw) { - __virt_pg_map(vm, vaddr, paddr, X86_PAGE_SIZE_4K); + __virt_pg_map(vm, vaddr, paddr_raw, X86_PAGE_SIZE_4K); } static struct pageTableEntry *_vm_get_page_table_entry(struct kvm_vm *vm, int vcpuid, @@ -587,7 +587,7 @@ vm_paddr_t addr_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) if (!pte[index[0]].present) goto unmapped_gva; - return (pte[index[0]].pfn * vm->page_size) + (gva & 0xfffu); + return addr_raw2gpa(vm, ((uint64_t)pte[index[0]].pfn * vm->page_size)) + (gva & 0xfffu); unmapped_gva: TEST_FAIL("No mapping for vm virtual address, gva: 0x%lx", gva); From patchwork Wed Oct 6 20:28:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12540519 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94958C433F5 for ; Wed, 6 Oct 2021 20:29:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7897A61139 for ; Wed, 6 Oct 2021 20:29:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239460AbhJFUbR (ORCPT ); Wed, 6 Oct 2021 16:31:17 -0400 Received: from mail-sn1anam02hn2240.outbound.protection.outlook.com ([52.100.159.240]:11651 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S239459AbhJFUbQ (ORCPT ); Wed, 6 Oct 2021 16:31:16 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cmxuz6foczMQ/ViRxlSvaXD9lzzFhK5t86EYBRmz6ftSe78mO60aWualmymPg7EWohBgEXS8uO5Jv+4TMr+TFzjxv59dBgxPpYQI0LLyCPdfNDQ4btWj6M2Cl7y4Kk3zj9lxPUJg9/y1IzQqXcuRAuYcP5i8DhI5vK4MSx2O350L/BP930pKZCzyo8ZELZI66mS+5iobisrslcnlTb9H9cyyn7cgLeXsV1omUGDpHzXiAyF3IM+0/a59S9UKeRssEfogGSQsnZ9aVtZ/DplkvBPUdebPtTkEl4mi/zA1Yd1Y+aXpg1pWnbhuL0X7er4iGBLpI9GUc5GzC2f5PGupgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qH8ZyUqkE6HSTsXLAWoLuO1ZFIK4Gg3ENC40S6E3hw4=; b=XrvFVPZQIvV9Wr0rAatwq+QAaKVxuJjn9ucUUg0UQhBlFlCEgIDOgLw67T/vPY7BoHv2EW8g/Oaao9Hg8YGDaD//RilwUAax4UKmP8A0aPJZ2sNw+N2SokE0k7FLrAv1tnYuXOFQK16935Co/3+ueiQ/pHzap6R5toow/HdMR1OY5H1ImlsWc1bSzgGBWpTE31aeGsoWgUGAALAPd+KlPPSgt+SIq9weJnGeoCD/DyYtoqRecYRzfNON8ujxI5+hdwSvhFiz/jx9bxnZbJHxnT62jPcwIkSHeJPHnTd6FTSx2zwmplR5829A51jAegwAxFcEqgBzoMpEczjMmy71lA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qH8ZyUqkE6HSTsXLAWoLuO1ZFIK4Gg3ENC40S6E3hw4=; b=0eXR9cyZDrNqNLW2/IvCvopc8DShJSKJymeORwzlOaoqOhxIAAFEEUopCc15AZDqfKddZ7/aKgUqAfwsk1fa7qdpIzSpVRYLK2Ievua7YKznRr2z0fBE9YeAifVj7Xb12J1JhSbY9r1kKMZcKhog1RqxTpCswgfAZSFEypVU7AM= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB4103.namprd12.prod.outlook.com (2603:10b6:610:7e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Wed, 6 Oct 2021 20:29:21 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.019; Wed, 6 Oct 2021 20:29:21 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 04/16] KVM: selftests: add library for creating/interacting with SEV guests Date: Wed, 6 Oct 2021 15:28:05 -0500 Message-Id: <20211006202805.12360-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SN7PR04CA0181.namprd04.prod.outlook.com (2603:10b6:806:126::6) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SN7PR04CA0181.namprd04.prod.outlook.com (2603:10b6:806:126::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Wed, 6 Oct 2021 20:29:20 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cf4e968a-1481-4bce-216f-08d98907fa39 X-MS-TrafficTypeDiagnostic: CH2PR12MB4103: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:126; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: aoXt9Ibc5jVNr6RAR7oZY9P0N5pHcuBFWwh9ptnklYhSpSOqtB/l/vMIdr3sdTDMBfLjfycge+xrEErbv/b3R+VoG6a2z1qnLtp4MvGkX0cAaFn6aOviDZcUAXpklat7oFXLh0eJFsM7o3I0vbg2uYNd8WsTKizNCmjfyY6nR582qN4f5apaR+I9lmp8shc8J/aJ6TEIIlo9qmL9GXiPIOt3Wfq12GJ8oxatgV/0ioR12rSyzCB4pphFLXohfXwxnqia5q6FdWWrLlZ1lUa2hWjELf53CfdHF4aDlJXxaLwgmcN3OO/GmtpYqyYic8g5Q0Yj/9XIw/Jqvk35kJjO7rl0sWN0U9/MeehzlBnkmzZhpP5jsQuMfxtV/v8PkJGh2TGO0yY41cLcOnTR0sLBolkwbE1nq8gDziHvStpSif+tuAzG2PNNl7Wnn+NX/cyMBHJFRf1v9/mLi/eeFo9uawkUJ6o8cv6wmH8s7aWwZmOooXkQE0ycvG2HLbMs9Cm1f5JN24HUboQo4Aciv8u6QL6CksNctnTNUfhjYkZbM1fua7MRk4DxaP5xgo6RZ9jCp9mfHpFtQEHxIXObjrg2eWw3UO43zsAcRBlzQQlEsO5O1d9wtSWa0AhZ38UwxWSlpz7uZfO0R/jYyvt09bbJE9ebkDvGxPPChFyafFX+S5nUiGRYlkUjCFblGHahesno9IoB8PbpZaeh1fJ4plXhwtdJp39v3A5DYw9LR1hrgEOEhnFtGlN2lB4ekH4oiorLcmbtfCidRrLoOPgDBuN+W1/lBoi3/cehAHa40ORLtzDgswh+ON70w/vafQ6FXeIG01MRMBg6THqTj9nt97730IwdqQn8OrE1dI6++ZSS7MWeBrXap3s15ANYfb+fnUcKgS2pADfiePnroYBx1vThAVZ7Onj87MpRUQ2itor452tEaoRcXnJMFWW74SCamuuD6aKI6qhn7zNuhHCrUglnxiuCosM2BYG7tBo/rKOOI8/Cu4azHoSB+zn0e/7IVHuaduL79Jy7Qh8j+uM1uf2Yp0s1eTwyHXFPAHRKpOq0ORE= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(508600001)(6666004)(2906002)(44832011)(86362001)(54906003)(316002)(186003)(5660300002)(4326008)(52116002)(6496006)(6916009)(26005)(8936002)(66476007)(38350700002)(66556008)(66946007)(7416002)(2616005)(956004)(1076003)(83380400001)(6486002)(38100700002)(36756003)(8676002)(30864003)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: WLYYuoj1wS8Gg0u9TVrFbUNPkLKBVohKmK9BsZiKBJY1wCyFn+7teX4HdVfkKBFBtXn1PM/MaqsEq+0JYQg8z+i2NjywKVtHh3+jabfCMv2KZW0XCZ4lJfUqu+o3UJFXZx0r1alOEnDSVu1vTHVPrPfpPuOjEJrYnIY8u0a3o9eBfoSLCcMVK6jkX+SBdSzTTEw5Je1sBW0CRLAVGfAC2azjFVOFPaBQaF4OCWCEhXdJdRNrq8q9KEeeO9YLGgfB8CHQyweyOIU6+VFRrJh8X72ZF4Xk3Rzt41Q36QWG3GLPPAApMHtWsH6U3Cdatp4vC/A+4SMXwMtVujMpoeE53idRnjrcl6F2NQMh3nvHeFxRvizoOAFPq9QCjZJNZnQia3K0ejp/pTJXknci9J5ETErxZhgu0wcWv4gwPG0aHoJGOfMi+ui18YF1pChuNL7hxMDjKY5Sho5QTbsjOcckijv7XLkXbCN4a+ipwpii3XfMiikQDxoQh/FVw5kQG+9K6k2VSRhr3cXn6asVFTESO5/oAXmrSUa2bRvsJEJHwHguAzDVWP9LL1BbDkc8a0Cm9cijCdd++5L+ci85PdQHA6IS0UR3VFBjcdXaAGI4NeZJASrovn9cWtox3sfuppZoD+fu+jeEWD5IQlw7T3ncaZUnvuWK2xYjHXvY2kbNSdD+DbALg5D+Q8rhA21ovZuXhtx20qyh7ZROM+TYm3vySauyPoAkD3iEPp1KKdOmn0JJCLqzPTV0oO9t5lY2ECfT0Spk/u8D06w6xIuTItgalYTNlzhNnttwTS14G3hS5NYMsY+7nsZIZJMMt6+7vlitf8uZsTKdsmzDcCe8omvrk9Kuwb8YGD0earlCG5ymyRuckqmoetANqWBb5bNwTodSyHYwCjy7Y509IY9+21YfpGP7IUAWVnbCMJo4gx3VBt5eJ0FahvwogsLA8HOoruiBz46xP3MOUeyyXIZUrZF20nwa9mwwX2eeAJdo9KeulGeVj8fOdprgpNH1Xa9N4XqEKcWdU2+EnR98kqgOWQbUJNt2dvYHmKioYSDkVLzwDq2hriXj4Ngm57FhFj8+HT9Zr6XW9OZ4KJy6BqtxkTIjbFsbIAnK+ukjmdKTTLnBlZuWESlwX1JjeDbot+JO1SggrsJ6vdTozsue2IBWlbnnUJBmQ4vu0An2cQgp2zq6uNqQEISwneiauwQiQQ5k/rofomjTE4PBTdgiSaKt5kbInp4s70y+V1u35e90stoktLLLeqpLaXe+vUUJgt4Py1Gkx7GjwSMBbgMGLczS+2oPEWzkEJ4uys7je6n8gDnfBzesLa0dyEXTpoqsWBDvSJLa X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: cf4e968a-1481-4bce-216f-08d98907fa39 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2021 20:29:20.7879 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: HCS49Tm0uI6ubLHOQNXDEqtFqL77zV3jy1hISPSB2519jBlYpF7NAAIBNs6S88pD8u3m4O41fAshaDyvbCxgpQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4103 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Add interfaces to allow tests to create/manage SEV guests. The additional state associated with these guests is encapsulated in a new struct sev_vm, which is a light wrapper around struct kvm_vm. These VMs will use vm_set_memory_encryption() and vm_get_encrypted_phy_pages() under the covers to configure and sync up with the core kvm_util library on what should/shouldn't be treated as encrypted memory. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/x86_64/sev.h | 62 ++++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 303 ++++++++++++++++++ 3 files changed, 366 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 5832f510a16c..c7a5e1c69e0c 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -35,6 +35,7 @@ endif LIBKVM = lib/assert.c lib/elf.c lib/io.c lib/kvm_util.c lib/rbtree.c lib/sparsebit.c lib/test_util.c lib/guest_modes.c lib/perf_test_util.c LIBKVM_x86_64 = lib/x86_64/apic.c lib/x86_64/processor.c lib/x86_64/vmx.c lib/x86_64/svm.c lib/x86_64/ucall.c lib/x86_64/handlers.S +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_aarch64 = lib/aarch64/processor.c lib/aarch64/ucall.c lib/aarch64/handlers.S LIBKVM_s390x = lib/s390x/processor.c lib/s390x/ucall.c lib/s390x/diag318_test_handler.c diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h new file mode 100644 index 000000000000..d2f41b131ecc --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -0,0 +1,62 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#ifndef SELFTEST_KVM_SEV_H +#define SELFTEST_KVM_SEV_H + +#include +#include +#include "kvm_util.h" + +#define SEV_DEV_PATH "/dev/sev" +#define SEV_FW_REQ_VER_MAJOR 1 +#define SEV_FW_REQ_VER_MINOR 30 + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +#define SEV_GUEST_ASSERT(sync, token, _cond) do { \ + if (!(_cond)) \ + sev_guest_abort(sync, token, 0); \ +} while (0) + +enum { + SEV_GSTATE_UNINIT = 0, + SEV_GSTATE_LUPDATE, + SEV_GSTATE_LSECRET, + SEV_GSTATE_RUNNING, +}; + +struct sev_sync_data { + uint32_t token; + bool pending; + bool done; + bool aborted; + uint64_t info; +}; + +struct sev_vm; + +void sev_guest_sync(struct sev_sync_data *sync, uint32_t token, uint64_t info); +void sev_guest_done(struct sev_sync_data *sync, uint32_t token, uint64_t info); +void sev_guest_abort(struct sev_sync_data *sync, uint32_t token, uint64_t info); + +void sev_check_guest_sync(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token); +void sev_check_guest_done(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token); + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data); +struct kvm_vm *sev_get_vm(struct sev_vm *sev); +uint8_t sev_get_enc_bit(struct sev_vm *sev); + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages); +void sev_vm_free(struct sev_vm *sev); +void sev_vm_launch(struct sev_vm *sev); +void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement); +void sev_vm_launch_finish(struct sev_vm *sev); + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..adda3b396566 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,303 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#include +#include +#include "kvm_util.h" +#include "linux/psp-sev.h" +#include "processor.h" +#include "sev.h" + +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1UL << PAGE_SHIFT) + +struct sev_vm { + struct kvm_vm *vm; + int fd; + int enc_bit; + uint32_t sev_policy; +}; + +/* Helpers for coordinating between guests and test harness. */ + +void sev_guest_sync(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + sync->token = token; + sync->info = info; + sync->pending = true; + + asm volatile("hlt" : : : "memory"); +} + +void sev_guest_done(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + while (true) { + sync->done = true; + sev_guest_sync(sync, token, info); + } +} + +void sev_guest_abort(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + while (true) { + sync->aborted = true; + sev_guest_sync(sync, token, info); + } +} + +void sev_check_guest_sync(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token) +{ + TEST_ASSERT(run->exit_reason == KVM_EXIT_HLT, + "unexpected exit reason: %u (%s)", + run->exit_reason, exit_reason_str(run->exit_reason)); + TEST_ASSERT(sync->token == token, + "unexpected guest token, expected %d, got: %d", token, + sync->token); + TEST_ASSERT(!sync->done, "unexpected guest state"); + TEST_ASSERT(!sync->aborted, "unexpected guest state"); + sync->pending = false; +} + +void sev_check_guest_done(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token) +{ + TEST_ASSERT(run->exit_reason == KVM_EXIT_HLT, + "unexpected exit reason: %u (%s)", + run->exit_reason, exit_reason_str(run->exit_reason)); + TEST_ASSERT(sync->token == token, + "unexpected guest token, expected %d, got: %d", token, + sync->token); + TEST_ASSERT(sync->done, "unexpected guest state"); + TEST_ASSERT(!sync->aborted, "unexpected guest state"); + sync->pending = false; +} + +/* Common SEV helpers/accessors. */ + +struct kvm_vm *sev_get_vm(struct sev_vm *sev) +{ + return sev->vm; +} + +uint8_t sev_get_enc_bit(struct sev_vm *sev) +{ + return sev->enc_bit; +} + +void sev_ioctl(int sev_fd, int cmd, void *data) +{ + int ret; + struct sev_issue_cmd arg; + + arg.cmd = cmd; + arg.data = (unsigned long)data; + ret = ioctl(sev_fd, SEV_ISSUE_CMD, &arg); + TEST_ASSERT(ret == 0, + "SEV ioctl %d failed, error: %d, fw_error: %d", + cmd, ret, arg.error); +} + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data) +{ + struct kvm_sev_cmd arg = {0}; + int ret; + + arg.id = cmd; + arg.sev_fd = sev->fd; + arg.data = (__u64)data; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_OP, &arg); + TEST_ASSERT(ret == 0, + "SEV KVM ioctl %d failed, rc: %i errno: %i (%s), fw_error: %d", + cmd, ret, errno, strerror(errno), arg.error); +} + +/* Local helpers. */ + +static void +sev_register_user_range(struct sev_vm *sev, void *hva, uint64_t size) +{ + struct kvm_enc_region range = {0}; + int ret; + + pr_debug("register_user_range: hva: %p, size: %lu\n", hva, size); + + range.addr = (__u64)hva; + range.size = size; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_REG_REGION, &range); + TEST_ASSERT(ret == 0, "failed to register user range, errno: %i\n", errno); +} + +static void +sev_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_launch_update_data ksev_update_data = {0}; + + pr_debug("encrypt_phy_range: addr: 0x%lx, size: %lu\n", gpa, size); + + ksev_update_data.uaddr = (__u64)addr_gpa2hva(sev->vm, gpa); + ksev_update_data.len = size; + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); +} + +static void sev_encrypt(struct sev_vm *sev) +{ + struct sparsebit *enc_phy_pages; + struct kvm_vm *vm = sev->vm; + sparsebit_idx_t pg = 0; + vm_paddr_t gpa_start; + uint64_t memory_size; + + /* Only memslot 0 supported for now. */ + enc_phy_pages = vm_get_encrypted_phy_pages(sev->vm, 0, &gpa_start, &memory_size); + TEST_ASSERT(enc_phy_pages, "Unable to retrieve encrypted pages bitmap"); + while (pg < (memory_size / vm_get_page_size(vm))) { + sparsebit_idx_t pg_cnt; + + if (sparsebit_is_clear(enc_phy_pages, pg)) { + pg = sparsebit_next_set(enc_phy_pages, pg); + if (!pg) + break; + } + + pg_cnt = sparsebit_next_clear(enc_phy_pages, pg) - pg; + if (pg_cnt <= 0) + pg_cnt = 1; + + sev_encrypt_phy_range(sev, + gpa_start + pg * vm_get_page_size(vm), + pg_cnt * vm_get_page_size(vm)); + pg += pg_cnt; + } + + sparsebit_free(&enc_phy_pages); +} + +/* SEV VM implementation. */ + +static struct sev_vm *sev_common_create(struct kvm_vm *vm) +{ + struct sev_user_data_status sev_status = {0}; + uint32_t eax, ebx, ecx, edx; + struct sev_vm *sev; + int sev_fd; + + sev_fd = open(SEV_DEV_PATH, O_RDWR); + if (sev_fd < 0) { + pr_info("Failed to open SEV device, path: %s, error: %d, skipping test.\n", + SEV_DEV_PATH, sev_fd); + return NULL; + } + + sev_ioctl(sev_fd, SEV_PLATFORM_STATUS, &sev_status); + + if (!(sev_status.api_major > SEV_FW_REQ_VER_MAJOR || + (sev_status.api_major == SEV_FW_REQ_VER_MAJOR && + sev_status.api_minor >= SEV_FW_REQ_VER_MINOR))) { + pr_info("SEV FW version too old. Have API %d.%d (build: %d), need %d.%d, skipping test.\n", + sev_status.api_major, sev_status.api_minor, sev_status.build, + SEV_FW_REQ_VER_MAJOR, SEV_FW_REQ_VER_MINOR); + return NULL; + } + + sev = calloc(1, sizeof(*sev)); + sev->fd = sev_fd; + sev->vm = vm; + + /* Get encryption bit via CPUID. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + sev->enc_bit = ebx & 0x3F; + + return sev; +} + +static void sev_common_free(struct sev_vm *sev) +{ + close(sev->fd); + free(sev); +} + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) +{ + struct sev_vm *sev; + struct kvm_vm *vm; + + /* Need to handle memslots after init, and after setting memcrypt. */ + vm = vm_create(VM_MODE_DEFAULT, 0, O_RDWR); + sev = sev_common_create(vm); + if (!sev) + return NULL; + sev->sev_policy = policy; + + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + + vm_set_memory_encryption(vm, true, true, sev->enc_bit); + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); + sev_register_user_range(sev, addr_gpa2hva(vm, 0), npages * vm_get_page_size(vm)); + + pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + sev->sev_policy, npages * vm_get_page_size(vm) / 1024); + + return sev; +} + +void sev_vm_free(struct sev_vm *sev) +{ + kvm_vm_free(sev->vm); + sev_common_free(sev); +} + +void sev_vm_launch(struct sev_vm *sev) +{ + struct kvm_sev_launch_start ksev_launch_start = {0}; + struct kvm_sev_guest_status ksev_status = {0}; + + ksev_launch_start.policy = sev->sev_policy; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_START, &ksev_launch_start); + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.policy == sev->sev_policy, "Incorrect guest policy."); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE, + "Unexpected guest state: %d", ksev_status.state); + + sev_encrypt(sev); +} + +void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement) +{ + struct kvm_sev_launch_measure ksev_launch_measure = {0}; + struct kvm_sev_guest_status ksev_guest_status = {0}; + + ksev_launch_measure.len = 256; + ksev_launch_measure.uaddr = (__u64)measurement; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_MEASURE, &ksev_launch_measure); + + /* Measurement causes a state transition, check that. */ + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_guest_status); + TEST_ASSERT(ksev_guest_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_guest_status.state); +} + +void sev_vm_launch_finish(struct sev_vm *sev) +{ + struct kvm_sev_guest_status ksev_status = {0}; + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE || + ksev_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_status.state); + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_FINISH, NULL); + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, + "Unexpected guest state: %d", ksev_status.state); +} From patchwork Wed Oct 6 20:36:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12540525 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BBF75C433F5 for ; Wed, 6 Oct 2021 20:39:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 93FEF61152 for ; Wed, 6 Oct 2021 20:39:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239530AbhJFUlb (ORCPT ); Wed, 6 Oct 2021 16:41:31 -0400 Received: from mail-mw2nam08hn2249.outbound.protection.outlook.com ([52.100.162.249]:60640 "EHLO NAM04-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231593AbhJFUla (ORCPT ); Wed, 6 Oct 2021 16:41:30 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eNQL50gsNy6ikKgqT/KjBj2eq1+DoOZCdPXLTmenDu50TgHfK09XGSSYJEuZhVk5/DFCdng1xY2geAh2qen7PcAq29BRN0RfZLR5yrf3xhVNsLt9t2IH0oI9IP6EQghjclsjF12NIUvlMEau0iJf2LDbCqK6XYaEuNj4XOsqu2YyZ3drpxHhSgK5PacKaTL1ccFO4srPS8rSK6izQ/deatvr9q2CZGM4gdO7Oi2Ws9uqtXV5AFlaFcuUrgDfgRORdoQSszy7MhQPzclUUBGTlu5O/V8uL0SaI14FXbVT3GLNvjoAFhXRMSFEM6WLetRCFMsEzOhPTsbyzwqFJzvSQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=D387B+NlEEEejRnW3/0BUUr7gw6sXo5O6Sr8XdlG64E=; b=J+XSoFIC2qRakEoN6/5mOlu3evBuev1RUSSBfheVw0aVHryFDtN7JM22tOWwgI7dRpRvyYeXtRk9XZ4vm46OtLKOYhcknmmJtJPTVyf4A6uSqousWnyjCVmG8Crq3vUld5cMilaof4XVCiF6m8BdH7HdsVx0pngfdvyNSgs5UcPZz/Ph4iZXnUlVBoGi/qpppIxZkCcY9MemzVCTQDqtZL9FWED6/AWBODeLByEXVV9nTJWbRapPATxMG9MJwcxHWq3hXdxdRWdiN01DM0dqvNgXJXoHy90jBuay/uCXe+dCVsv4542edyEMY9qZm5sJKqKheIEBIX7qkSE9T1rWUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D387B+NlEEEejRnW3/0BUUr7gw6sXo5O6Sr8XdlG64E=; b=uEThMktWb0nLQ4d4mbSYN3chuRsHUQyTpuK/pA1ohTimjXpqaKWlImmEZrDC028mq+HvbBXC8ahTYNAF5q1fG164Cfp8dIvxiEqVjlnhKehVuHwmNGjZMeMjocC9PiMoUDwIy0PfLI8NsWF3gvevD1RAbjEGRKKFpzdB00ecbqQ= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB4264.namprd12.prod.outlook.com (2603:10b6:610:a4::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.16; Wed, 6 Oct 2021 20:39:35 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.019; Wed, 6 Oct 2021 20:39:35 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 05/16] KVM: selftests: add support for encrypted vm_vaddr_* allocations Date: Wed, 6 Oct 2021 15:36:48 -0500 Message-Id: <20211006203648.13251-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SN2PR01CA0010.prod.exchangelabs.com (2603:10b6:804:2::20) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SN2PR01CA0010.prod.exchangelabs.com (2603:10b6:804:2::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.17 via Frontend Transport; Wed, 6 Oct 2021 20:39:34 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: deb6a0ee-9535-40f8-ad5e-08d989096886 X-MS-TrafficTypeDiagnostic: CH2PR12MB4264: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: MB1S1RxtKPvxI2DfWk4sgQj4ka4r7Wlxj/ZITbLPcAMOSH0uaVCbpEpEmGAhk8i1KEl6FeZDmqtSOJmo1ZKtO5YG/YHeSlFYjFQkXQuNsMYo4t8NiE4A4ZwWDedPCQOSbJmBBWb0PpM1YCQiiQ8cWJsFePu3/pqkjb/gmm/TjEZ+CIBJMxgKMdKtZTkw0lsDzCY12nuhYibbdyL+cLgRAEQbCfmrJqxx7ae1JwjM+d2XBVma0n2DVuDp+Xqcb29o6D5+LrUgHjy9o3pvzqgZP2kcCf6dqm6SALHIbOxP0wzDY3iZyrw6SLSkwvCCBMU6duohByumKYEKJn1VxtJpTjFPOB0gjulaMtXwg2maHjfm7ePwJzQ/9djAbjrJK10WrMVaNy7YNBCv+3XrmX/UFQmMp/cioA00Q3LSsSogzdhDcRiWxe8KQ6qBBjHbdFMsoT4q7UdXDiaxsCYSGOqBIFi183mitVGLxsS0ukVoLtqMoKYmxVqujHlAkRVp85IVw70Tso/yW9d+b07g2/U3yH2XbhjjjaQn5kCQRcxYOG5CgVm6CbWRz5093+CJf4YeqGCRtrnzE1gXoq6QZfFD/ORORCaXu8zOCRyMj5ZKQNryt/36m0gzbaiiFci6VDgKHWDG7XWs38/QZH5Qlh+lWqVvQblkf99jurm19jfgiIRGF7U479WwNnC/4R5nU+nMy4wvTo/r/tGePrvgChPiiSXiX4j1pB0VD0QOXbhJhV6Lq96VzOKGIaynnKVQd1imf4RCTCqsVvEzCHRj8gymhfYLMQAeoB3ZDNdS0Kr6XumFWrRukC62r2Z6+Bn73514hi14kgnUiKtyREaeziDuW9AZck0rRCIfScAr7obs+C+E6djIlVM4oTO1mDx/+52RA5V1ipcoYNzfYqnTLQoypNECBu5Kzu5q2CWjYFBm045GEwtd8qDHpkvxJldmost/g1Abksat79UJVJjuo2oZV8YDheOSTU7ZZdcp3KX6vWKV+eWwk3MuobaVZiZKnhNwHdpGoNFQEFWR9bc5NX1cUnzWw7ALRtr8dyB9P1DaSa8= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(86362001)(7416002)(36756003)(6916009)(1076003)(316002)(66946007)(66556008)(26005)(8676002)(956004)(44832011)(186003)(66476007)(4326008)(6496006)(52116002)(508600001)(83380400001)(2906002)(6486002)(38100700002)(8936002)(2616005)(38350700002)(6666004)(54906003)(5660300002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: d5ELxr97OEaNfa1y8n/WCKeQ+wrjN+4MUqW9Z4J4vBrn2oMbZkOXuTsdqAoNQc8CX3VZhLP4cqzQlaZlyca+ZIBTqAcgmKtbE/UbwQlur+pN/XIXh3CyyDOWg/uDcC/ZjoOqXz3fFf1OaGUckufIXwFZQ5c279oNAkDM1e3jD5jmFzHK8dvQaOzNLZrUpOjY2ZZi+3dz/RsU4aMTiBcDf1aHpIjfCbIYbkurQ+gJpOaLtFBD/lGjSZDCfhMtseeJNhraU2fxIYYa3/8QrhRqgmJv585x9sWYIbPyQ23wgB9IFl9IbT+8yID8texDLRFSqc5SUN6Vmqgm6OtTz+grxOHz/Gs0dBpQAF3vHL6NPK/IN27JTw8+AuS8nZdaC9ksEAufNqGzyvMZUhjr/+FDHfdxDAhJrqDfXklUk0APUTfr5s43SQeE0NQDHoACakmE6O62fZPbb2V/LMYnyMtHuxwdeUY/VL6+JKSvc3afuXvlxrmxSiTy0v2j0vGCTooB049JetqOIl7BSfv1z4ApK0ya305C8+tENIaiJs9TogK8/wQ2ZT28eK92LBESxPSfWVw7d1nchFVkXRyeQ6i5MIiAQ8Bfb9rAdPGoCzrn+LP76T+xYCKhq8DTHHXIA8LbAhPIZRN1Kh0t+IiiqBiputMwKGWztFK7xJbjXneyyb815WZqyHcTziqMWTkMxsGaqClXoLTG0WghcJA0pM64qxA2hIXjMwG/7DJQ9WjiB8yUeH79hYlfGP1DFzHPXa0Sex6k2/SoWFtTsC7WhZiJEUWRS2gItp9P3XWgfR6bRTt1Ztvv18TRljctlYS7m8S4O1SjGiRU/b5KNoKavBePv2MjHdxntvO6ZcuiQXK9d/O7gbG02CX0NdmpTbqQR1d9MGpfLbsf+Arngs5uky6AaqD0qucNE6dgmKWMCykrH/MCRfRkDc+1HerXR0YyOX3p9+fK9FdapdksepVFFMn26Kp+bZcmT27NOu9JxCctOg5SjzUAb6ssvBbLY+BNIRB6Yy0T0uZwqrQRwf5l7Mk44JZ6Jj1gDdEe1dNsvvkwqqENHTc+267Yqal5H+APc818a++q1RLvi+F19c+1hCaJ3CLdPRfyx7IUfIc/DBraItFg+sivOnfUf3FBqNW7pXdi5CQIiC72S5HlaB5KWM8wC3gIT/eHKPZHJWrRTJum8sA4DLKvF0bepiEbKX/lY1bf4maRaaZWW+g7HRi0Q5qcWxzVoekfdAo2OAhfTbeRlYwG+v/pfuiEolDr/QLdGC7/XaxdIycSrYaKHeUMQzaG7HhB05lyrP8+oCh/5b/njiddOkqM708RJjS9p/ezYj0k X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: deb6a0ee-9535-40f8-ad5e-08d989096886 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2021 20:39:35.3313 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 4R6l2vWQAh3zQ6DIj0cfbtKaJSyk/l86XIFsqkDQJ0auzqkj3TdCN50rD/9gkm7kxP0+CPCVwBcdnrDO6QZITQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4264 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org The default policy for whether to handle allocations as encrypted or shared pages is currently determined by vm_phy_pages_alloc(), which in turn uses the policy defined by vm->memcrypt.enc_by_default. Test programs may wish to allocate shared vaddrs for things like sharing memory with the guest. Since enc_by_default will be true in the case of SEV guests (since it's required in order to have the initial ELF binary and page table become part of the initial guest payload), an interface is needed to explicitly request shared pages. Implement this by splitting the common code out from vm_vaddr_alloc() and introducing a new vm_vaddr_alloc_shared(). Signed-off-by: Michael Roth --- .../testing/selftests/kvm/include/kvm_util.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 23 ++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 4bf686d664cc..d96e89ee4f40 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -143,6 +143,7 @@ void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 646cffd86d09..f6df50012c8d 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1325,14 +1325,13 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, } /* - * VM Virtual Address Allocate + * VM Virtual Address Allocate Shared/Encrypted * * Input Args: * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address - * data_memslot - Memory region slot for data pages - * pgd_memslot - Memory region slot for new virtual translation tables + * encrypt - Whether the region should be handled as encrypted * * Output Args: None * @@ -1345,13 +1344,15 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, * a unique set of pages, with the minimum real allocation being at least * a page. */ -vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +static vm_vaddr_t +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, bool encrypt) { uint64_t pages = (sz >> vm->page_shift) + ((sz % vm->page_size) != 0); virt_pgd_alloc(vm); - vm_paddr_t paddr = vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, 0); + vm_paddr_t paddr = _vm_phy_pages_alloc(vm, pages, + KVM_UTIL_MIN_PFN * vm->page_size, + 0, encrypt); /* * Find an unused range of virtual page addresses of at least @@ -1372,6 +1373,16 @@ vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) return vaddr_start; } +vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, vm->memcrypt.enc_by_default); +} + +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, false); +} + /* * VM Virtual Address Allocate Pages * From patchwork Wed Oct 6 20:37:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12540527 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 97ADFC433F5 for ; Wed, 6 Oct 2021 20:40:12 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6E68661177 for ; Wed, 6 Oct 2021 20:40:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231593AbhJFUmE (ORCPT ); Wed, 6 Oct 2021 16:42:04 -0400 Received: from mail-mw2nam10hn2246.outbound.protection.outlook.com ([52.100.157.246]:7296 "EHLO NAM10-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232177AbhJFUmD (ORCPT ); Wed, 6 Oct 2021 16:42:03 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZeyHF++J3jkTuLEsoNcx/8/jlpkBmo8hhtda+NeMRzEytQpzddewD8PHsMh7rvjhIEuVLp/NKpijZI9rKfxSYgJD8MDaAxi3mBUfvTIIwB+q/2fbzxDIFS0KQ2yMn07wfnWgslQak6zh2H0W4dTeCGZlBvx9ePWUK9txW+qmPRoiZIGjIqqhKb9Bnvad4EpyDOyoabJqgXeV18RhhjLKxSmuH18qi7pGaFz+Z3gIu4KBUv1Wg//lhvwC2CmJfpEFtQPS6FC52iCsdLwdM+9cwaEXbGaQBIfcbgjZHnDq9b4tAOmLUeXNT0qL2MhIwbEfwMmKjgrICzJ3aNG2WmHVGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qH8ZyUqkE6HSTsXLAWoLuO1ZFIK4Gg3ENC40S6E3hw4=; b=C5NXrbI6++f/eufrl5FxKtgoie6eZVqJsUU62trtgL8mJaf0UhbG06gedZbXVt0YzlyKbzD1lNfuy7AnD0nV13VqMcdHuM4YrMpaysxEXtSji+nksCq4commt2XpXhB/081N5UwOZZ0ahkFzvYZS3GCyAjNONrQXhQfxTDnxRwaFnYFAKuYzKterqD/MiRdnVKJ8/4ccevxOh+vz5cKM5leoWKhvRFhdDkoT/hfZIWUYJfHcXikt2N+rgVuhegptPoGC93y9dhYqUAxitFBLBnMsLaE2cYmYM+GQLFoMG30hl3VeIxtxF15RDz0befjMhY+YhzQ1BC/2YbjvFw7y/w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qH8ZyUqkE6HSTsXLAWoLuO1ZFIK4Gg3ENC40S6E3hw4=; b=YdfHG7yUNGLr4zP6D8nGfI4rbmMW5Bz3FTRBSFzIvGHvbqq8vD/nQJMWGFmJ0OmlLoDlWsCl3I8AXVV5phcqIHCqAjitnJPLOfeARIQeND3hD/8l58MRlR6XgjFTZRYXUDYszxJ0FWPHyQH6Mpm6gGe+VqCCgWPyeXHUl8BdIHo= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3848.namprd12.prod.outlook.com (2603:10b6:610:16::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Wed, 6 Oct 2021 20:40:07 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.019; Wed, 6 Oct 2021 20:40:07 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 06/16] KVM: selftests: add library for creating/interacting with SEV guests Date: Wed, 6 Oct 2021 15:37:10 -0500 Message-Id: <20211006203710.13326-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SN4PR0501CA0088.namprd05.prod.outlook.com (2603:10b6:803:22::26) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SN4PR0501CA0088.namprd05.prod.outlook.com (2603:10b6:803:22::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.4 via Frontend Transport; Wed, 6 Oct 2021 20:40:06 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bf9ea238-7a50-4d3b-931b-08d989097b70 X-MS-TrafficTypeDiagnostic: CH2PR12MB3848: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:126; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RxmNApO17ZhCSbXvVWtYLd/FrcWK756MRFEDH4CgsGCE+JyKeqCbvewjCOv9bGcsN/XIVjVsfEqUewQbFlrmYwlp1LYdpD1ZD4lWTb1PCJVHZeVxtn5J0/QPlvPtprvNX4cR38tbiuh0wa3svaRrUlP4Em9aNO4o2CKH9GSMwGgK45z+0fPOJQL7c2+mlSK4FpNwHyWW7uY+I8iec5HjIbmNa7M9lKkDY2vWzHRB3E8zILN9dfOpm8A5FLsq/OA211RK8aeGLq0YIgz6gUFQ1eKUyIO22GUq+ItVqYvuXLIW5XMKDTIgfAA/6B0yVUyQvwLZ+F+xIdiUgv+Yv881IZPW/IzQ9ewek3qqZ3WaJVcNhuSiPf0rMcN1AwB9Ak4QvPzX0hFGowT5J5OuwNprlFefYj7vNsyyq7TFie8WXzfqCHGFHy9+hTbtpodR4T03jzuYJAMbNCr+Gp4j8z3Ob87CxrDwwNglSksPwGxF+V0UoTzxrfv+RekIag+p1buQQ5Lp5nwH+uFwHdxO75RGwhU5eHg1qxyd2e/QWt7moHgTBIZzwhVZfoemCpKfDpSeZaSIKhq2/rF0qWgxlpZaBifNRCz0aamzU/p7JYqX6xYAOxoBq9rpmm/NHTZ0EQoez+nl5kNO2Cvii1dOTq16LwQHGWiQ+IpK5OfsqDQylsMJTXRxu0Cv2m+deF52QmNYpP8jiAolsLeH5gDGNlOs22rtJ/1aVhtw7J86Sx5OoEKOFrtkE911eRzq6/sl4P7Aaoz6ut4gSTbAP8lIhHAqvr4bT+YYmrXI6q4xOuTrEZeDP8HSE6S8ZmURmEe/J6gxG2HTcRQeRIfnqo+jdFAiMx4SQZYUOsJIruaIfxj4+pqZsoggNDl8Rh4+6gquu1b7Wfbih+OGHS27x7r9n4QphqFr0YfpBiLFgr9MKzcL986fWW9Kvk8R5vj0SL3tcA+yw4cDeBvx6kC20vp4lvNvt/99JShKWhoS2TxleaIPUOz5ACCeGAL2IM+tcPx9Hogyj1QPPil8h5gcLuLW50NKsgKz9eKBu/tenmgEWFt1S6k= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(38100700002)(38350700002)(44832011)(2616005)(956004)(508600001)(5660300002)(30864003)(6916009)(186003)(36756003)(26005)(7416002)(2906002)(4326008)(8936002)(316002)(52116002)(66946007)(66556008)(6666004)(8676002)(54906003)(6486002)(83380400001)(86362001)(6496006)(66476007)(1076003)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 069Vsug/GicUJ318PBh1TMNgEE2NmIXI0dU5mLXR+QZXZgfBsd93+lbztl1FrIaCzaaITKATQPhKL6LLrBvUnFn/LrnEbVSzD8+DBkYs3LAMarR5uNNzk1pMFrJfIG7haF8Zsy/LTmmoWLEvdxsr48xBHu+1tsyoP5f+JwuX6YVwNWLBP3i70D3/qEJbhxGBLPVEl22R18Ft/xUp+/7CSUKwmUIr2VJ7crj9As9JA0fEzfm7sz2TRCw4sLNCmb4GWn6mo+bkYRGmWoP7DVOP9qaklMoDZwzOEw+LlU9/UWWXLMJ5hjHhrRtwBIQsnBhhbYn3E3v5VMBXtE4VYUT4iPXUgmBkLblxq+pZMJupK2Sd+vNv1hNV3velmjeGVYPlBTBDl9Y+2YnmjVmtY8Svg/mPpg94toWh91MNsnV7clw63V7/zNjyzV+UCSEsCxUbOlevgMsrK1fIGDY6OwBgVYIWDfGtJk4QEy7/0Gv3xxObN5y5DhJ23uBp/JIQ1nIxiPwFiEtkgtnRtEGhuik8gznoek9gDa69HeH7Jq6TTJnQKWLyv2Shp1M+pVMlpUiNl38IP6k9RZU8j2taJmNTkDkiIW8fSHxuL/Za96QA/+yu+G0J0wDYtn8Ql9iJDYtzeNuqvYgRufuyKGtvteIec8Mc2HXT7aYGZnc00zozA9mF7Ax1pXNwZfx3BTI7dZ+3+/gAe+dTN9EWCiMKfXu7PyBjOT44tpX43Z/s6rLVxasaVjZOBpbu+9one/XNeI9R9KIwBVH0OAAuQZgxC/l3OQzFTe+HnyLK/pENBW24fBiGP4nIALuwtKYTnXE/NRjqm9ngcenaGWfKwD2l4Wy2aJ5NZS7XhZgr2rw+dbkvf/g5rxSmyziEF1a3KK+JLI42Dvrds9m23NmbKLQttzBklOBuLjxmA9ByIuAGDouyw/nTFRowuJ50pDqGJ4IFEsCjFcdr2GQVFNiJfrNbKPGdWSuRePV/Sik0aNIGmQ/8joglBa7Wuft1RUg80pjz+fZfj/t0CL/yBgKCVO3T4LlPE6DT7GsmbqpVUu9lV3kz8XRIEEMYJb1wbfZv74dUUcS0+lEVx0qbLL7D2MC1JNW3S57IQ+wo2czrrwriTN96YAfoKzQRLyrtlT61oZZCXsvH4uh2VARQqKfbwaUoc9MtvIUaPFVjJUjeved8pM0lVqKusp/WFKi6RIMhEKkVoZtIwZBO+vdKorlF/n9SRHtV8hqigJyW5N/aHQlidlENh4Vg7kGqCTTt0Lxp5kU1jyTbV1q9GxQrfvX6b3D/+Ul9pnCxX/ht45M7WYd5JRxhNgcsX9VMgXeQlO7vUPJQcaSb X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: bf9ea238-7a50-4d3b-931b-08d989097b70 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2021 20:40:07.0124 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: gzbABcXwYnkPuge+uMy1eyBxfXCkIK1fn+Et8LKTBJp25Qdw8A4UDEAbbK02e74AdMtaesqVeuqC4PsuWUgghQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3848 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Add interfaces to allow tests to create/manage SEV guests. The additional state associated with these guests is encapsulated in a new struct sev_vm, which is a light wrapper around struct kvm_vm. These VMs will use vm_set_memory_encryption() and vm_get_encrypted_phy_pages() under the covers to configure and sync up with the core kvm_util library on what should/shouldn't be treated as encrypted memory. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/x86_64/sev.h | 62 ++++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 303 ++++++++++++++++++ 3 files changed, 366 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 5832f510a16c..c7a5e1c69e0c 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -35,6 +35,7 @@ endif LIBKVM = lib/assert.c lib/elf.c lib/io.c lib/kvm_util.c lib/rbtree.c lib/sparsebit.c lib/test_util.c lib/guest_modes.c lib/perf_test_util.c LIBKVM_x86_64 = lib/x86_64/apic.c lib/x86_64/processor.c lib/x86_64/vmx.c lib/x86_64/svm.c lib/x86_64/ucall.c lib/x86_64/handlers.S +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_aarch64 = lib/aarch64/processor.c lib/aarch64/ucall.c lib/aarch64/handlers.S LIBKVM_s390x = lib/s390x/processor.c lib/s390x/ucall.c lib/s390x/diag318_test_handler.c diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h new file mode 100644 index 000000000000..d2f41b131ecc --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -0,0 +1,62 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#ifndef SELFTEST_KVM_SEV_H +#define SELFTEST_KVM_SEV_H + +#include +#include +#include "kvm_util.h" + +#define SEV_DEV_PATH "/dev/sev" +#define SEV_FW_REQ_VER_MAJOR 1 +#define SEV_FW_REQ_VER_MINOR 30 + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +#define SEV_GUEST_ASSERT(sync, token, _cond) do { \ + if (!(_cond)) \ + sev_guest_abort(sync, token, 0); \ +} while (0) + +enum { + SEV_GSTATE_UNINIT = 0, + SEV_GSTATE_LUPDATE, + SEV_GSTATE_LSECRET, + SEV_GSTATE_RUNNING, +}; + +struct sev_sync_data { + uint32_t token; + bool pending; + bool done; + bool aborted; + uint64_t info; +}; + +struct sev_vm; + +void sev_guest_sync(struct sev_sync_data *sync, uint32_t token, uint64_t info); +void sev_guest_done(struct sev_sync_data *sync, uint32_t token, uint64_t info); +void sev_guest_abort(struct sev_sync_data *sync, uint32_t token, uint64_t info); + +void sev_check_guest_sync(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token); +void sev_check_guest_done(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token); + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data); +struct kvm_vm *sev_get_vm(struct sev_vm *sev); +uint8_t sev_get_enc_bit(struct sev_vm *sev); + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages); +void sev_vm_free(struct sev_vm *sev); +void sev_vm_launch(struct sev_vm *sev); +void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement); +void sev_vm_launch_finish(struct sev_vm *sev); + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..adda3b396566 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,303 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#include +#include +#include "kvm_util.h" +#include "linux/psp-sev.h" +#include "processor.h" +#include "sev.h" + +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1UL << PAGE_SHIFT) + +struct sev_vm { + struct kvm_vm *vm; + int fd; + int enc_bit; + uint32_t sev_policy; +}; + +/* Helpers for coordinating between guests and test harness. */ + +void sev_guest_sync(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + sync->token = token; + sync->info = info; + sync->pending = true; + + asm volatile("hlt" : : : "memory"); +} + +void sev_guest_done(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + while (true) { + sync->done = true; + sev_guest_sync(sync, token, info); + } +} + +void sev_guest_abort(struct sev_sync_data *sync, uint32_t token, uint64_t info) +{ + while (true) { + sync->aborted = true; + sev_guest_sync(sync, token, info); + } +} + +void sev_check_guest_sync(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token) +{ + TEST_ASSERT(run->exit_reason == KVM_EXIT_HLT, + "unexpected exit reason: %u (%s)", + run->exit_reason, exit_reason_str(run->exit_reason)); + TEST_ASSERT(sync->token == token, + "unexpected guest token, expected %d, got: %d", token, + sync->token); + TEST_ASSERT(!sync->done, "unexpected guest state"); + TEST_ASSERT(!sync->aborted, "unexpected guest state"); + sync->pending = false; +} + +void sev_check_guest_done(struct kvm_run *run, struct sev_sync_data *sync, + uint32_t token) +{ + TEST_ASSERT(run->exit_reason == KVM_EXIT_HLT, + "unexpected exit reason: %u (%s)", + run->exit_reason, exit_reason_str(run->exit_reason)); + TEST_ASSERT(sync->token == token, + "unexpected guest token, expected %d, got: %d", token, + sync->token); + TEST_ASSERT(sync->done, "unexpected guest state"); + TEST_ASSERT(!sync->aborted, "unexpected guest state"); + sync->pending = false; +} + +/* Common SEV helpers/accessors. */ + +struct kvm_vm *sev_get_vm(struct sev_vm *sev) +{ + return sev->vm; +} + +uint8_t sev_get_enc_bit(struct sev_vm *sev) +{ + return sev->enc_bit; +} + +void sev_ioctl(int sev_fd, int cmd, void *data) +{ + int ret; + struct sev_issue_cmd arg; + + arg.cmd = cmd; + arg.data = (unsigned long)data; + ret = ioctl(sev_fd, SEV_ISSUE_CMD, &arg); + TEST_ASSERT(ret == 0, + "SEV ioctl %d failed, error: %d, fw_error: %d", + cmd, ret, arg.error); +} + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data) +{ + struct kvm_sev_cmd arg = {0}; + int ret; + + arg.id = cmd; + arg.sev_fd = sev->fd; + arg.data = (__u64)data; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_OP, &arg); + TEST_ASSERT(ret == 0, + "SEV KVM ioctl %d failed, rc: %i errno: %i (%s), fw_error: %d", + cmd, ret, errno, strerror(errno), arg.error); +} + +/* Local helpers. */ + +static void +sev_register_user_range(struct sev_vm *sev, void *hva, uint64_t size) +{ + struct kvm_enc_region range = {0}; + int ret; + + pr_debug("register_user_range: hva: %p, size: %lu\n", hva, size); + + range.addr = (__u64)hva; + range.size = size; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_REG_REGION, &range); + TEST_ASSERT(ret == 0, "failed to register user range, errno: %i\n", errno); +} + +static void +sev_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_launch_update_data ksev_update_data = {0}; + + pr_debug("encrypt_phy_range: addr: 0x%lx, size: %lu\n", gpa, size); + + ksev_update_data.uaddr = (__u64)addr_gpa2hva(sev->vm, gpa); + ksev_update_data.len = size; + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); +} + +static void sev_encrypt(struct sev_vm *sev) +{ + struct sparsebit *enc_phy_pages; + struct kvm_vm *vm = sev->vm; + sparsebit_idx_t pg = 0; + vm_paddr_t gpa_start; + uint64_t memory_size; + + /* Only memslot 0 supported for now. */ + enc_phy_pages = vm_get_encrypted_phy_pages(sev->vm, 0, &gpa_start, &memory_size); + TEST_ASSERT(enc_phy_pages, "Unable to retrieve encrypted pages bitmap"); + while (pg < (memory_size / vm_get_page_size(vm))) { + sparsebit_idx_t pg_cnt; + + if (sparsebit_is_clear(enc_phy_pages, pg)) { + pg = sparsebit_next_set(enc_phy_pages, pg); + if (!pg) + break; + } + + pg_cnt = sparsebit_next_clear(enc_phy_pages, pg) - pg; + if (pg_cnt <= 0) + pg_cnt = 1; + + sev_encrypt_phy_range(sev, + gpa_start + pg * vm_get_page_size(vm), + pg_cnt * vm_get_page_size(vm)); + pg += pg_cnt; + } + + sparsebit_free(&enc_phy_pages); +} + +/* SEV VM implementation. */ + +static struct sev_vm *sev_common_create(struct kvm_vm *vm) +{ + struct sev_user_data_status sev_status = {0}; + uint32_t eax, ebx, ecx, edx; + struct sev_vm *sev; + int sev_fd; + + sev_fd = open(SEV_DEV_PATH, O_RDWR); + if (sev_fd < 0) { + pr_info("Failed to open SEV device, path: %s, error: %d, skipping test.\n", + SEV_DEV_PATH, sev_fd); + return NULL; + } + + sev_ioctl(sev_fd, SEV_PLATFORM_STATUS, &sev_status); + + if (!(sev_status.api_major > SEV_FW_REQ_VER_MAJOR || + (sev_status.api_major == SEV_FW_REQ_VER_MAJOR && + sev_status.api_minor >= SEV_FW_REQ_VER_MINOR))) { + pr_info("SEV FW version too old. Have API %d.%d (build: %d), need %d.%d, skipping test.\n", + sev_status.api_major, sev_status.api_minor, sev_status.build, + SEV_FW_REQ_VER_MAJOR, SEV_FW_REQ_VER_MINOR); + return NULL; + } + + sev = calloc(1, sizeof(*sev)); + sev->fd = sev_fd; + sev->vm = vm; + + /* Get encryption bit via CPUID. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + sev->enc_bit = ebx & 0x3F; + + return sev; +} + +static void sev_common_free(struct sev_vm *sev) +{ + close(sev->fd); + free(sev); +} + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) +{ + struct sev_vm *sev; + struct kvm_vm *vm; + + /* Need to handle memslots after init, and after setting memcrypt. */ + vm = vm_create(VM_MODE_DEFAULT, 0, O_RDWR); + sev = sev_common_create(vm); + if (!sev) + return NULL; + sev->sev_policy = policy; + + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + + vm_set_memory_encryption(vm, true, true, sev->enc_bit); + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); + sev_register_user_range(sev, addr_gpa2hva(vm, 0), npages * vm_get_page_size(vm)); + + pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + sev->sev_policy, npages * vm_get_page_size(vm) / 1024); + + return sev; +} + +void sev_vm_free(struct sev_vm *sev) +{ + kvm_vm_free(sev->vm); + sev_common_free(sev); +} + +void sev_vm_launch(struct sev_vm *sev) +{ + struct kvm_sev_launch_start ksev_launch_start = {0}; + struct kvm_sev_guest_status ksev_status = {0}; + + ksev_launch_start.policy = sev->sev_policy; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_START, &ksev_launch_start); + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.policy == sev->sev_policy, "Incorrect guest policy."); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE, + "Unexpected guest state: %d", ksev_status.state); + + sev_encrypt(sev); +} + +void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement) +{ + struct kvm_sev_launch_measure ksev_launch_measure = {0}; + struct kvm_sev_guest_status ksev_guest_status = {0}; + + ksev_launch_measure.len = 256; + ksev_launch_measure.uaddr = (__u64)measurement; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_MEASURE, &ksev_launch_measure); + + /* Measurement causes a state transition, check that. */ + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_guest_status); + TEST_ASSERT(ksev_guest_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_guest_status.state); +} + +void sev_vm_launch_finish(struct sev_vm *sev) +{ + struct kvm_sev_guest_status ksev_status = {0}; + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE || + ksev_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_status.state); + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_FINISH, NULL); + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, + "Unexpected guest state: %d", ksev_status.state); +} From patchwork Wed Oct 6 20:37:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12540529 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8E915C433F5 for ; Wed, 6 Oct 2021 20:40:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 710C661152 for ; Wed, 6 Oct 2021 20:40:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239570AbhJFUme (ORCPT ); Wed, 6 Oct 2021 16:42:34 -0400 Received: from mail-dm6nam10hn2213.outbound.protection.outlook.com ([52.100.156.213]:10241 "EHLO NAM10-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232147AbhJFUmd (ORCPT ); Wed, 6 Oct 2021 16:42:33 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XdHSeHBmcLx/La4QAybFyYu/Ygkh95IRaJYf5uqBAmIM3tyeTCdYJP0aUZOdUOeCSNz5JaVCupwQodtMm8pY6u2EI4MYt/SDhm+fjXks+2s7qUyskJ2hifiUghi2Y1vZOs2pU8E1f8d1QS8ZmJHjk9n21bHgGmT2poBhuRWHX9Yo0OQtk3NxBLHn2GPGt1eUZYNF4v8Ya6wOS9gRWa0SLhUgY48Hx5NcJAciWN9X13dksICmZ0MtgA2o4HESm0Z4kzqqThNLjuIHZ7OD0FJIA9e96mpbyatCbQH66uv0BI/Tj8Gybe7axuyVaeF8m/qdyXZT5rtSNc5e5QeKBkEs2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ren96GO9wngZmjxYyjT/gv27SJ8sMV65hEgBq1k8JcA=; b=BUmPqqVNv0iqvn4IFNTn693Vxorks7N2eBdzLTUYVf9spAgv9cIIwvB9icZSoYEnelhlZL2g5Ci5NR4QNXIhupn5R3pi6IjralKJqcGYQpRKT79fhBTp11+qOCmXxUKQSHsbnwPPF0PA4jgilh4TzljGhG2ByI5xSSPz13koL3O+C/BqkNrl3ihswEaSeJW0u32xy5wKGw/LCrqKdWzCbwJjIxW2XVB4Ru9n94V662mzC7AYfht/zgBT2VeWJW1X3b+mc9bJC1AqwIgzeQlU2yVcmqLrn8nEdCXeRAMzORPMEDFrXTtH7f8QE3MRTZvZ2FMIVDGw36BaavWROyv4Bw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ren96GO9wngZmjxYyjT/gv27SJ8sMV65hEgBq1k8JcA=; b=McgPK76RA2McAWt8eLfKsH6AJi0oR9cEzwLih69V7NS+y3jEX+OfsKWJ/bG3lWWFoq0nSwFkawc+hrxRl+tmrwmOHHOctUY4XrMWKddxk8ssf3a0uyQSBGp39ZIO4ifC2ZoiOrQghSejujUK3QILUq1pNeOlMwwrtaQgpANhfZk= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB4264.namprd12.prod.outlook.com (2603:10b6:610:a4::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.16; Wed, 6 Oct 2021 20:40:39 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.019; Wed, 6 Oct 2021 20:40:38 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 07/16] KVM: selftests: add SEV boot tests Date: Wed, 6 Oct 2021 15:37:26 -0500 Message-Id: <20211006203726.13402-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SN4PR0201CA0048.namprd02.prod.outlook.com (2603:10b6:803:2e::34) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SN4PR0201CA0048.namprd02.prod.outlook.com (2603:10b6:803:2e::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.15 via Frontend Transport; Wed, 6 Oct 2021 20:40:38 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b9dc4685-8d82-488a-03d3-08d989098e66 X-MS-TrafficTypeDiagnostic: CH2PR12MB4264: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4125; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vjwPOLOjAcz4Ze3wdYJwJSeM7U0HXTt6WZzteHw6qpWHJf0FrRy3AVpiJF2HSg1opkD8WBbcvGU4vobsfTSGZtc433Gc5kyR4Ru0RNR+jenfTEzNgQEBHLOxj0CEn7ffTjma15loCHaLAYCyzApPr3h1eNpcoSR4ouLDDO/nw6KYLl3T/+7tr9S4ZVzbwmXz5tQOcfDIS6F966uQ/ttCkcUz0JXSghTlzIqSKNdVRCxG7/T1gQYLgDbt7fmZBkAcIXFMCsCBZUcRsinxmM0TfLqHoxz89k/bdUmnIj/sXsXqWCcTRHJPDU3pVWTz/EemR1mH0mRcKFdcMsKeuwzqo0T/RINYxWhjFhUrFdYg0RIwjysQ/i++gedrlbHXD6k9El/Dcvy64UeBi6gU2h3MsZy/hRzL988S1hatqA2Odbl6ikhIU4y/KWieOz/bSbQ+9SlAUvl/RsU9IKsKLwDb+Nb7YsOpzR/86IR9+rVdnIWemyWahgeRvJdRvgrV2SsHF1hU5xRAvBOYN31tvQxmtSRsTIcv1pDfOlLI9PwiNZVHVM0z7fn2aFIFtuNJ0/eYYzm2Dc/qGxj+4M+CxfGZina8T9GCC3hK1qSO2DMXPiOIvNs1ZnwGDDsHh2fFaMJfIo8JBqpkELzC8ujn3mjbMHWMrdjqd3EK6RwO9w82N2K1J8Wl9kBh2J2TdlKkAklPWk8bC4ArHGb9KqR2i99T7oaLrw2fbHt4rSnIPlBuDKnKVUd6HHWVAZJUOY5S2KjAc4LCF9TGaep4eu3aP37G4mBHCMJMQbc4mcOcmwePWRNhe7H2PvmB3Uw/wIFH4X3lXjKgfQUL3NWjF+vrk25QSBufZyUPiW0OL8++uW+CIwGEDYcKRPOjQUboVVUBx4NQ28kceoaLNbqM96saAwnWm/TeXU4LdL9Qiu3dVIdnmVPfTYoTdEL4SowMAX3Bri2VNnbkTSqorb967ZhWmOFtl41IfycIUXeLMLkCr0puCMINsdejzsRc7Q1IyhctlriXro/TTu9wjm6FPzCwFHgpF21YD+8ubX2lEC4iANcGF2E= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(86362001)(7416002)(36756003)(6916009)(1076003)(316002)(66946007)(66556008)(26005)(8676002)(956004)(44832011)(186003)(66476007)(4326008)(6496006)(52116002)(508600001)(83380400001)(2906002)(6486002)(38100700002)(8936002)(2616005)(38350700002)(6666004)(54906003)(5660300002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: z8hvlq0AgQMnRHIY3tKoIPX5nxhIpTioUMYMMbNfzThGlBbKRY7H0DM57NvmoJIxkCsbKSb8uBdGPjc7pXM29HUj8wpiQEhdzmiRXBJ8dp9QZ5XqHo8q936CsWinXjUqaKclaz342MzyXDc+6DqZbtQTLmf+AOJLirK/eEBDAoPT23aZWHBh+cVKYBKoAWLRXZYX6+uHg6XQ8mTWrfsZ/psqKSK7szU3QrOQXyb1tbN6O9dwJdWtWAbWj68FBFwlG2q2jVFZhMcZ6o2tvrxL4LURQoHj8Pol8cELMOa/l7biPKjqDbQP6y/kfDLHhpDaqMZMF1JvchZAG4ZdkFy1eoRFHYeQjwCZiToGofXmcY5PTmFnFRU23AQueMwzE44zRvRR5CPjMQUDVsYrwINdcpggUhOtlVR4yidKgYSO7iLkcDUuN1spm/By6McLflhrKIBCQPxBpm8VmqAJFIuNvB7Nw5Y/vytIbCWWv5Fp+Reb2mETzdkSRV1ZoszXq0Tgekfd6oLNHrwBBCylITVQU38tM/Ry/jQjrD7CzuVe/rIwppF0iVTkL8Waj+V+7mo8Jq64ygapPQ/wL5OnTFeza0vI/qWxQIuOnN0KkoqH56nnxsLQIZ4cF1s5Xs8j+fQPlvNYISsYpCYLQeP7in67zBGt7eV14sofV7JmvqEL50I9LU7fZXsxBFMVkqNzakGPsqHU/rpFiAJGgkEJ9C8qY4IwDG0AYRnIBEimFt3MPkEAVIyafE00hB5lm1MswlCcm8ErIH6kAKATuUexcZ55hsTSR6ByPG9SaZkSS8Y/F5lg9aCnb85OkIANRvYZQaFYYAt4O8M7wR7+6vqNkQbmo4epP2hQoJSK/ErVMsBOg6Ns37Su4ffsuu+Dqj4osRWsZaYGIBRaobMn7mYow1afNkJigF4TtKfOcIaEzfqTrmxMiPQrxcf8SMNKaf5yJW+mhFGusZ4g1P6cL4vdATHzawSynWSul/GfdUbcuRwuyM5Ikndf0sEfY0MQr2Izx6KyhUkq2SA5uCGokS2n6tem9bIoTitrHcGxnnXBRhAYlF0svhqkgbuVo9OrDvmCV/fahZqRNYvlwvMAuZxogbyk7zMWG2mRh6K+gDZcmz8egjBcNcIvPM8awAC2MZS8yH9VjWy918Sn8KGsCh3kIctNyMokcuNCULLdKMNnID5vpl6WEtFIqB7V7vuuIS02aKaBjXvCtP25xI04KLSH7Bf45z8jGFttGt9eTxirpaZ0nxqsr3pzkM/3iejEN1bXiFoteySKJ2ukKCA60OlOJnSWNqkegWBXUqarh+YU5mg+qqK2H+eMo0HpurfniHACjXNs X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b9dc4685-8d82-488a-03d3-08d989098e66 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2021 20:40:38.8298 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: OuZ0gJUmNEPxI539TbEukI3f4qvkMwfe7IP5CwV1EmdgV5A30nRxW0QFQ506MzxZ2mNuDFJqAwRrbzj4KuWAFQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4264 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org A common aspect of booting SEV guests is checking related CPUID/MSR bits and accessing shared/private memory. Add a basic test to cover this. This test will be expanded to cover basic boot of SEV-ES and SEV-SNP in subsequent patches. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_all_boot_test.c | 252 ++++++++++++++++++ 3 files changed, 254 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index 0709af0144c8..824f100bec2a 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -38,6 +38,7 @@ /x86_64/xen_vmcall_test /x86_64/xss_msr_test /x86_64/vmx_pmu_msrs_test +/x86_64/sev_all_boot_test /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index c7a5e1c69e0c..aa8901bdbd22 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -72,6 +72,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/tsc_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test +TEST_GEN_PROGS_x86_64 += x86_64/sev_all_boot_test TEST_GEN_PROGS_x86_64 += access_tracking_perf_test TEST_GEN_PROGS_x86_64 += demand_paging_test TEST_GEN_PROGS_x86_64 += dirty_log_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c new file mode 100644 index 000000000000..8df7143ac17d --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -0,0 +1,252 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Basic SEV boot tests. + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include +#include +#include +#include + +#include "test_util.h" + +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +#define VCPU_ID 2 +#define PAGE_SIZE 4096 +#define PAGE_STRIDE 32 + +#define SHARED_PAGES 8192 +#define SHARED_VADDR_MIN 0x1000000 + +#define PRIVATE_PAGES 2048 +#define PRIVATE_VADDR_MIN (SHARED_VADDR_MIN + SHARED_PAGES * PAGE_SIZE) + +#define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) + +static void fill_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + buf[i * PAGE_SIZE + j] = val; +} + +static bool check_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + if (buf[i * PAGE_SIZE + j] != val) + return false; + + return true; +} + +static void guest_test_start(struct sev_sync_data *sync) +{ + /* Initial guest check-in. */ + sev_guest_sync(sync, 1, 0); +} + +static void check_test_start(struct kvm_vm *vm, struct sev_sync_data *sync) +{ + struct kvm_run *run; + + run = vcpu_state(vm, VCPU_ID); + vcpu_run(vm, VCPU_ID); + + /* Initial guest check-in. */ + sev_check_guest_sync(run, sync, 1); +} + +static void +guest_test_common(struct sev_sync_data *sync, uint8_t *shared_buf, uint8_t *private_buf) +{ + bool success; + + /* Initial check-in for common. */ + sev_guest_sync(sync, 100, 0); + + /* Ensure initial shared pages are intact. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x41); + SEV_GUEST_ASSERT(sync, 103, success); + + /* Ensure initial private pages are intact/encrypted. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); + SEV_GUEST_ASSERT(sync, 104, success); + + /* Ensure host userspace can't read newly-written encrypted data. */ + fill_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x43); + + sev_guest_sync(sync, 200, 0); + + /* Ensure guest can read newly-written shared data from host. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x44); + SEV_GUEST_ASSERT(sync, 201, success); + + /* Ensure host can read newly-written shared data from guest. */ + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x45); + + sev_guest_sync(sync, 300, 0); +} + +static void +check_test_common(struct kvm_vm *vm, struct sev_sync_data *sync, + uint8_t *shared_buf, uint8_t *private_buf) +{ + struct kvm_run *run = vcpu_state(vm, VCPU_ID); + bool success; + + /* Initial guest check-in. */ + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 100); + + /* Ensure initial private pages are intact/encrypted. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); + TEST_ASSERT(!success, "Initial guest memory not encrypted!"); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 200); + + /* Ensure host userspace can't read newly-written encrypted data. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x43); + TEST_ASSERT(!success, "Modified guest memory not encrypted!"); + + /* Ensure guest can read newly-written shared data from host. */ + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x44); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 300); + + /* Ensure host can read newly-written shared data from guest. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x45); + TEST_ASSERT(success, "Host can't read shared guest memory!"); +} + +static void +guest_test_done(struct sev_sync_data *sync) +{ + sev_guest_done(sync, 10000, 0); +} + +static void +check_test_done(struct kvm_vm *vm, struct sev_sync_data *sync) +{ + struct kvm_run *run = vcpu_state(vm, VCPU_ID); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_done(run, sync, 10000); +} + +static void __attribute__((__flatten__)) +guest_sev_code(struct sev_sync_data *sync, uint8_t *shared_buf, uint8_t *private_buf) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t sev_status; + + guest_test_start(sync); + + /* Check SEV CPUID bit. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + SEV_GUEST_ASSERT(sync, 2, eax & (1 << 1)); + + /* Check SEV MSR bit. */ + sev_status = rdmsr(MSR_AMD64_SEV); + SEV_GUEST_ASSERT(sync, 3, (sev_status & 0x1) == 1); + + guest_test_common(sync, shared_buf, private_buf); + + guest_test_done(sync); +} + +static void +setup_test_common(struct sev_vm *sev, void *guest_code, vm_vaddr_t *sync_vaddr, + vm_vaddr_t *shared_vaddr, vm_vaddr_t *private_vaddr) +{ + struct kvm_vm *vm = sev_get_vm(sev); + uint8_t *shared_buf, *private_buf; + + /* Set up VCPU and initial guest kernel. */ + vm_vcpu_add_default(vm, VCPU_ID, guest_code); + kvm_vm_elf_load(vm, program_invocation_name); + + /* Set up shared sync buffer. */ + *sync_vaddr = vm_vaddr_alloc_shared(vm, PAGE_SIZE, 0); + + /* Set up buffer for reserved shared memory. */ + *shared_vaddr = vm_vaddr_alloc_shared(vm, SHARED_PAGES * PAGE_SIZE, + SHARED_VADDR_MIN); + shared_buf = addr_gva2hva(vm, *shared_vaddr); + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x41); + + /* Set up buffer for reserved private memory. */ + *private_vaddr = vm_vaddr_alloc(vm, PRIVATE_PAGES * PAGE_SIZE, + PRIVATE_VADDR_MIN); + private_buf = addr_gva2hva(vm, *private_vaddr); + fill_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + vm_vaddr_t sync_vaddr, shared_vaddr, private_vaddr; + uint8_t *shared_buf, *private_buf; + struct sev_sync_data *sync; + uint8_t measurement[512]; + struct sev_vm *sev; + struct kvm_vm *vm; + int i; + + sev = sev_vm_create(policy, TOTAL_PAGES); + if (!sev) + return; + vm = sev_get_vm(sev); + + setup_test_common(sev, guest_code, &sync_vaddr, &shared_vaddr, &private_vaddr); + + /* Set up guest params. */ + vcpu_args_set(vm, VCPU_ID, 4, sync_vaddr, shared_vaddr, private_vaddr); + + sync = addr_gva2hva(vm, sync_vaddr); + shared_buf = addr_gva2hva(vm, shared_vaddr); + private_buf = addr_gva2hva(vm, private_vaddr); + + /* Allocations/setup done. Encrypt initial guest payload. */ + sev_vm_launch(sev); + + /* Dump the initial measurement. A test to actually verify it would be nice. */ + sev_vm_measure(sev, measurement); + pr_info("guest measurement: "); + for (i = 0; i < 32; ++i) + pr_info("%02x", measurement[i]); + pr_info("\n"); + + sev_vm_launch_finish(sev); + + /* Guest is ready to run. Do the tests. */ + check_test_start(vm, sync); + check_test_common(vm, sync, shared_buf, private_buf); + check_test_done(vm, sync); + + sev_vm_free(sev); +} + +int main(int argc, char *argv[]) +{ + /* SEV tests */ + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +} From patchwork Wed Oct 6 20:37:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12540531 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D59E9C433F5 for ; Wed, 6 Oct 2021 20:41:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A075B61058 for ; Wed, 6 Oct 2021 20:41:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231749AbhJFUnH (ORCPT ); Wed, 6 Oct 2021 16:43:07 -0400 Received: from mail-dm6nam12hn2200.outbound.protection.outlook.com ([52.100.166.200]:25953 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S239459AbhJFUnF (ORCPT ); Wed, 6 Oct 2021 16:43:05 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D6lofKYuOSMYRopNZfWjgN7kEt+uKCRFRWeOh1cBm347Rq62QVGkV0H8hILogZUb4ZTPxL0129OXfrCMZJx92pr3058f58JyhFYIOiKQmQWsjeHEIw0sljZPFOF1Iyjdb1+etIVdF+rfm9+p+3Ym4uj48CpV3ehUh426JqKyWo7HecdrOfmGWe8TESfosis/+1hNnZ7wPsv2ei7lTzF2lKJLMJN83NFUD207s/2EmImRGT5XmBrCk+bq5fCAmCHDkBYLXNwTtfFrYoNpqoutShKM/Cl3kCkoP1zT64qLEnth2j1sQDiI/ucvjOlT9+c3Cn/dzx+ancr/4zYv6p/72Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8VmEaJ67SCgXSyjII3nYUTpUaMj1K2bDVqvE+h3bBbA=; b=MXfuHg/gkvUNn19KZvU4bcQNOx7yQw5wq8iRo2ONTpWrVlgdp+xT3zJdcLax1Me4jFoAO+qPyz8kxKPjdrxaxnFwhyxW4HjxdVPPsng4qyvl0VQeL/B2oBRAvycmUnMiUiTG2PkCtIUHRd3w3LtShHb04nmlHdmnIHtEqRKHYBp8Bbh9qAPMujWPMLfNVUh3Cmss64NMzKt9SgFRPO6HKHUy0W+hmSlI8WqsBDNrbJoSQ75r0wlWS5C4xBo6NbELaCbftFm04+yOnILwZE7RUWgcr7JeasunH/OIRtlDc3bCEbBA7wYMCV8y8Lq/AGPy/Y4j7AhZ1ff/Hu1eaedW+A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8VmEaJ67SCgXSyjII3nYUTpUaMj1K2bDVqvE+h3bBbA=; b=3QDv/kMmkFvPr+nZoaxb50YehjNzNDgxg2pOdq284Hoi96/ObzAAtUf5OXxw9kKw5gd0ZQEr3uXhp2O6FWGin72mA9Z/V6dvXXGs5JOgcRp1AZbuACfLY8nByJPbtv1X9p029gEELTHq08+y2dLxg1NP4H5zvY8k39KgYh1Vwxc= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3848.namprd12.prod.outlook.com (2603:10b6:610:16::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Wed, 6 Oct 2021 20:41:10 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.019; Wed, 6 Oct 2021 20:41:10 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 08/16] KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests Date: Wed, 6 Oct 2021 15:37:47 -0500 Message-Id: <20211006203747.13479-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9PR13CA0130.namprd13.prod.outlook.com (2603:10b6:806:27::15) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9PR13CA0130.namprd13.prod.outlook.com (2603:10b6:806:27::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.4 via Frontend Transport; Wed, 6 Oct 2021 20:41:10 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a502c8eb-262a-46ea-c10c-08d98909a14f X-MS-TrafficTypeDiagnostic: CH2PR12MB3848: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2276; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HtRChKGEkty3a3eSG4eiiUyvgIHeiiJPia5bhqEnxSpwU1SfMjvXZqFiWNZ+7WIh26L+3QIvEYYNwSb1n2dS+ZPjuS/sOL2iOOiUPPs9+UJatCWfyP0qhNZQYBztv1uN1ON2GzAL7o6Sl+13GytTiBCEsHgqz/duZc+nBW3ggC7l+kk1aCOuMZ8h14FOL3HWGa4a9U8Yx5azsFCEjI91RxBUg8SVH/+Q/eyl6Y/vPW7/wpU5GtErcADa5XkPlzEUudh2sUXOW09HFFn/0pbV7jszcVqWFdwL1KuR7/HhXE4cK9thUkfNBqscp7iJxntTOqhxidQqSNjRaz+XD05dO0FS3+21kegxoCXMlleXEcn/+fBb14tgboUM/4fdEwfeFxhfXL87BxbXQbtd3GDeP8T6stqSNDcUjru1RAHAWqfyQWDz5VedOSX7Qnj0iyMfj9F6kcfKFuS8DmtrUzoWwP55fWTngVTqCY8sQ43SLMM/h9+JtDLP5h1hJ2pEH9V5mHiP2nTpNJ005C+4gNWRqcvdBoiI96f9DK3BLw2u0+an0yu4lBf3ql22+eAtem8S4kGC8z64SG/BHJhlWfpXvdg1Z1bEGFrlpaxS7kSNbnsBsQpCQiowo/jxmRduXFX6rihsbe0WBx5ztY9Jd1e31b7co5LWBR2+V3M5vopBaPl1NG6K+ZLJjx16QqJRc9hAYV2N72yl0PoS5JS9IySQ3OFuMnQdCjh6/2zsxNnM4dRYva+i01WnnpYUZVIsMzYyJGTYA6dObq+KGbV/7oJ5N1coOtQ9nNR4zB0Os/CVCmwJCghY4i2gtreHAUhxiHsRT81kwQth1+w9dfwSMDAZbpnqMINcxM/iedGTRFtUMQUPLaZR1jzi8f9RNgmavPGMUB5ppPuO3aCWT7TPz+CflOtqPFCnnew33XQPftJF7vtQ7rXUP/z/BXqVs3ElbQx9aP7jUIHKMzD9Y1PR2IAhKdtYggbyyZ57d7T+H9cuDv0CQgVFy3BAI5Q/hU5YvCxdXqNq6/yVB3ZsBkJ03AkNpeq2Gzt4NaRWTxUDJZWkq+g= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(38100700002)(38350700002)(44832011)(2616005)(956004)(508600001)(5660300002)(6916009)(186003)(36756003)(26005)(7416002)(2906002)(4326008)(8936002)(316002)(52116002)(66946007)(66556008)(6666004)(8676002)(54906003)(6486002)(83380400001)(86362001)(6496006)(66476007)(1076003)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: YR7xR3MPRuqeVSJVOhMN0kgesPr6ON1EnW+LrqbVQ6Kp8X17gXPh2/6hAxflYkByo0ufBFmKEJlC4hPnMc/RasywTLquZYAoedNbzPZeuPoBinMOsMMHl2xpFeiIslJoYnHDmtRjNMlfyZE8LUR7YB+TmJYpy85Q8Q3R9zir7nFJj7vcxr6GOTIUg9SL0Z7nQEtHnBiT/65SdP3WWCVvqW8JwQgViESWMs+ZiSqy9NUeAjMeXEfZIJ8D2bvafn8EB4qqn+VrCir/FhlbWz61T9CkG9hXPeQkoikkVkx641aE92bJtKFBKU40DNCq0IHa/Y+bsekOp4ERDjvdef41JnfwZAn1hKCHqTT7acxdjcQwK3T26EX1eJqb+qfJxmgvxRutgKNFKXsZWiBuXLIAi/1t722zsokH4yhDAeZBrbYm5U6EdeB0CveIV1QF69KXx75lRz4XsbUfFOjsWaiVDggWiFhhf7+yARaAv9M1eQu8FckNMuk7jDh+2NZj/ge6cdSxjR/Cz0KgAkU5S3EEbBfpp4abvsQhVHyY97YGPs52lGTA1oeFgA4OH6e2EIAjB5CzYKZP2c3pSTgsBWWJfGp/6v0BT0czc/IVc7PCWkpqNd99uj3AP7ZNn26NI+OiVgU4gPUOIKmXwR1W3HE74NX2WfYa443lPGW/uUb+Lvw0OEKCukY2G0gPhboeHoR9Ofp8qtdu70AG0sv5o4DfpABlca20ba8r+ILpc1Q8yfCFoCxTtWvI7G0FlnWIHxPwTD7gl2gxij8GFFHDpnjww3rCQM6uI0n2HsCBrwblIJQGeH8xviNDLEq2gCtGxhRFW6yCxHwuv9/xbbcEdjAZmsFwCqnp1tgikY1165h7syMvpoYI6DAHTGs9BTG6r0i93thTNeQcKiBPhXZbRMc3Shs/s7ZDYLDWhssd6vaSo9oW0mkZhj+whKxEexOa/n8/GO39GcshzvA74xHuaQHCXxpkdgp2JuwBcEVNSqZWyBIUD3DpeMxT9v+Re40UxOAgbrjU3eZ99wqH4wm+ala4gHJ/72iHvWn0IL75RwzwR+8q9msEOse5ysY8f2vzIjl5PmkmEzn5u0xeYAcQ4l/G76ql2oKJKgiXpbwG93gqffLcnYR2ujpIAZytyvqhUW1geOiApZvkO/p7laFWR2U11enU+yowlFf0Pwjgr8qd9BnT9M+FJZR8vG0KuprF7cYRUiBJhmlEZDCCxpCO7opSDgqvSYp14RpGgcoQ3FtLP/5uLx2gevVEVqwUk8E4ZQmBk6jMwFgP/PqXZ8CDpc657sAt3w42iAjPlJ3WSujaHjzvPKwhNcR4VM9RczWrXRl5 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: a502c8eb-262a-46ea-c10c-08d98909a14f X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Oct 2021 20:41:10.5527 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: nsAFRGK1ZfAlXM5s2PgrwxMjQOGRRlNFyN9tVTOqULPYR6ZIN7prNEsmkAV+trzkXjdcNBsP/r8a5O/coMnrPA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3848 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Normally guests will set up CR3 themselves, but some guests, such as kselftests, and potentially CONFIG_PVH guests, rely on being booted with paging enabled and CR3 initialized to a pre-allocated page table. Currently CR3 updates via KVM_SET_SREGS* are not loaded into the guest VMCB until just prior to entering the guest. For SEV-ES/SEV-SNP, this is too late, since it will have switched over to using the VMSA page prior to that point, with the VMSA CR3 copied from the VMCB initial CR3 value: 0. Address this by sync'ing the CR3 value into the VMCB save area immediately when KVM_SET_SREGS* is issued so it will find it's way into the initial VMSA. Suggested-by: Tom Lendacky Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm/svm.c | 22 ++++++++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 8 ++++++++ arch/x86/kvm/x86.c | 3 +-- 5 files changed, 33 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 3d25a86840db..653659e20614 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -35,6 +35,7 @@ KVM_X86_OP(get_cpl) KVM_X86_OP(set_segment) KVM_X86_OP_NULL(get_cs_db_l_bits) KVM_X86_OP(set_cr0) +KVM_X86_OP(set_cr3) KVM_X86_OP(is_valid_cr4) KVM_X86_OP(set_cr4) KVM_X86_OP(set_efer) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 09ec1ff5bd83..232e997acae6 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1324,6 +1324,7 @@ struct kvm_x86_ops { struct kvm_segment *var, int seg); void (*get_cs_db_l_bits)(struct kvm_vcpu *vcpu, int *db, int *l); void (*set_cr0)(struct kvm_vcpu *vcpu, unsigned long cr0); + void (*set_cr3)(struct kvm_vcpu *vcpu, unsigned long cr3); bool (*is_valid_cr4)(struct kvm_vcpu *vcpu, unsigned long cr0); void (*set_cr4)(struct kvm_vcpu *vcpu, unsigned long cr4); int (*set_efer)(struct kvm_vcpu *vcpu, u64 efer); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7e19f5f6d0d8..2c3bc7a667c8 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1716,6 +1716,27 @@ static void svm_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) vmcb_mark_dirty(svm->vmcb, VMCB_DT); } +static void svm_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + vcpu->arch.cr3 = cr3; + kvm_register_mark_available(vcpu, VCPU_EXREG_CR3); + + /* + * For guests that don't set guest_state_protected, the cr3 update is + * handled via kvm_mmu_load() while entering the guest. For guests + * that do (SEV-ES/SEV-SNP), the cr3 update needs to be written to + * VMCB save area now, since the save area will become the initial + * contents of the VMSA, and future VMCB save area updates won't be + * seen. + */ + if (sev_es_guest(vcpu->kvm)) { + svm->vmcb->save.cr3 = cr3; + vmcb_mark_dirty(svm->vmcb, VMCB_CR); + } +} + void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0) { struct vcpu_svm *svm = to_svm(vcpu); @@ -4564,6 +4585,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .get_cpl = svm_get_cpl, .get_cs_db_l_bits = kvm_get_cs_db_l_bits, .set_cr0 = svm_set_cr0, + .set_cr3 = svm_set_cr3, .is_valid_cr4 = svm_is_valid_cr4, .set_cr4 = svm_set_cr4, .set_efer = svm_set_efer, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index fada1055f325..4f233d0b05bf 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -3130,6 +3130,13 @@ static void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, vmcs_writel(GUEST_CR3, guest_cr3); } + +void vmx_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) +{ + vcpu->arch.cr3 = cr3; + kvm_register_mark_available(vcpu, VCPU_EXREG_CR3); +} + static bool vmx_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) { /* @@ -7578,6 +7585,7 @@ static struct kvm_x86_ops vmx_x86_ops __initdata = { .get_cpl = vmx_get_cpl, .get_cs_db_l_bits = vmx_get_cs_db_l_bits, .set_cr0 = vmx_set_cr0, + .set_cr3 = vmx_set_cr3, .is_valid_cr4 = vmx_is_valid_cr4, .set_cr4 = vmx_set_cr4, .set_efer = vmx_set_efer, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c1a2dd0024b2..d724fa185bef 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10400,8 +10400,7 @@ static int __set_sregs_common(struct kvm_vcpu *vcpu, struct kvm_sregs *sregs, vcpu->arch.cr2 = sregs->cr2; *mmu_reset_needed |= kvm_read_cr3(vcpu) != sregs->cr3; - vcpu->arch.cr3 = sregs->cr3; - kvm_register_mark_available(vcpu, VCPU_EXREG_CR3); + static_call(kvm_x86_set_cr3)(vcpu, sregs->cr3); kvm_set_cr8(vcpu, sregs->cr8); From patchwork Tue Oct 5 23:44:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538183 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03DC0C433EF for ; Tue, 5 Oct 2021 23:45:48 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C827961251 for ; Tue, 5 Oct 2021 23:45:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231582AbhJEXrj (ORCPT ); Tue, 5 Oct 2021 19:47:39 -0400 Received: from mail-bn8nam11hn2240.outbound.protection.outlook.com ([52.100.171.240]:62688 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231373AbhJEXri (ORCPT ); Tue, 5 Oct 2021 19:47:38 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h2djrroHjmDfeAYuizppqHyqO2nB+uVBNelmNBsrno1fA0WO8a9l2qswOGvWJ5VOKD1gtpi9wPE6ObT80YjOABwKj5+GioASMp7qN84sEHkYfFtLcj1Utlw+b745yqmYOkvYBkRX53+KFrYIK/omQ+1zoL55TvYWxkjk0Taou/HaZE6ilpCSsgaYyL+3PSPgNaCrjFArZ7S7Dh2SZ59Sy9L3MTbGIpiIWxOtPi5n2//Etl0XN0wElvqXZhqZhhGBW3PKqsLLWhX6PgUSauVsVaayDX0ELxgLEDA1dxtLch0dMks3dIlRdOEZf6zVqPDTGg1dwjzhzsUZ9IJ//VBHZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=C61ZZ4VSDTm7gNgNtaN72QQgAXlZ5VHkw4OEdGMeqv8=; b=A5atAxXAs1S6VvkXEcuOQ46/8CNr1u8HeRQG1GPB65Oq6uclfFjafrBeg4TC8RVn9WoMFr3tk7Q5LOZ8UBjeLlM2BPbk5LTr5d5DkLKyrgZJKJFzghzCtiBnYHt7fAtRPgskn0je4vuRWVhrk/p/R6xywlZYUUS0rP55nesxEykwIoxUCdY0h6r7/BWdYFbLATjBWC8Dy3/SrIwfTqVu8b2SfIAi6NHHm0HZIIfSawhQ5/PBcLoNW5X1rbx+4BZC174OviEIPI8JVQiaeTmXxQTUDYFBy+4NkDiMLxKU8N/PoUm4YbSPUT0q2lLVcKY8c1W32fMb3HVX3CebPShDEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C61ZZ4VSDTm7gNgNtaN72QQgAXlZ5VHkw4OEdGMeqv8=; b=Tl2c0peJGsNiy270hRTaURSn+1dcSN9QiPhqxCP1UHcW/5Irxs6UJ+Ian0FjsQj3pxTfG9xSaUbOjwPSAx6JhNCvX+1E09TykC2uOzMVW4cZDWYkiJ99Ax7hxFwRonFjVbOuf3kO1oSjyBrV4M1BvE2RyGMbCisHYtvPRwI/WGk= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:44 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:44 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 09/16] KVM: selftests: account for error code in #VC exception frame Date: Tue, 5 Oct 2021 18:44:52 -0500 Message-Id: <20211005234459.430873-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SN7PR04CA0151.namprd04.prod.outlook.com (2603:10b6:806:125::6) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SN7PR04CA0151.namprd04.prod.outlook.com (2603:10b6:806:125::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.14 via Frontend Transport; Tue, 5 Oct 2021 23:45:43 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 59b60367-c8c6-4636-19ed-08d9885a3efe X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2399; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sO1XJlv2ZUJMsmv5w+AYNzB+8zLgjZkH/LFQnjXxhi4+ELt60mmy9dckzITLIFSfqDVx0WJrVhgc8cBkBjVfgIHIAae5lrxnw6F65EN0TewsP2c2S8JTLz298MGONNSNu8IwrzB5jLWlfYRZFvXXfaohF0BAdknqvw0ODsLk0V9AycJ3yYbA7047taQ6uiMV9Xc8iCjQvyjoHq5b6KIY+ZMZRjByT6fvTL+vsduvcPIKRToI7xc84YHwzsmDXzIsOQHisTDCHIpx8yTvWEFsIL2cb6f0zxnsMpcVjowmsBhfbvd3c6BYd9NDFnE2wUFsgHm/xlYSTshrDks9xXSywkTm4zadAdzDYZEIxCf2MaekIx5IpMutUJiZ7lTaEFn8tZ3MX2+HS21NFUEM2YPuV/KJ8ZyxJA21qOpBzbcW75enba7NbPMGljH6fodiCgTay9qwyuJlDntug2CFCcIdCwwNGvGKBOhCybT7bSMSUfDk1uLMaSQPapWM3ra2YZ9+1MvDVbfW+HiikxnGtqNAt1o5pPDLOrnfFqcVGy1awPX0pyqpuR61dXEY71PNvynA2eRMQlbc+BP1YlmWivD5uMPuCSSR7nXYsxZG869/yKVFfaDY9XF0bUMrl8bPn7Lm04B1Bz2Cb4gWkaGEh6mOsPkXjypSP85gynsR9Ubx7XcDB0SMg0e8AWf/FeT4mWst5ySdJrnsHO+LWwrzo7z5pGjYwHF7HSMx8+I6psMcA8XZNkXT73I4sr57dtFSSP1hTB+D1f/NTzcuafwlj7EFaET4Lh2krcNtUEVQST/RrfIisT+ovsXLK2VXuBSJvn6Qnlu+4l/Zy8XEG2CCNnqlu8+FwR7VNdY18OTNsDmp2pHcMr5Mnr1wZSlsqFvjhH5LEZYECvWJqfhrhbpATcyjmgAe7c3XigYzZSQMzpmJnBjEgtf/StsHoLwTypOCYamD92t/XZ65chHSTeRQzB8EUWP1j51wPJGIorgo/wSvv5l8YE3ahZemsAWfhxZbZorT4cuy26n7kzqFSNLepz6pEPq8ErnaCjT1BeO7fdSalNg= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6666004)(6916009)(316002)(4744005)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(15650500001)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: frxBVqEK30Y06cCXLNNWqFkoEwUrOYavQQy+H+bsn3ifFuDU32XDL9VwvEGndB1h+2ZtjqQ/fG4dv4ZEEZo4Xrc32qOGl6XLdg65nmtxxe92iZWBxnxku+/qh8cdeeCyO8l0adeqqA4yxvdQ8wRxLrzMF7DjgnRtewCZApdtS1SLpg82uIwwkKVJlP25kTi1Kl/CQrokexgeh7Jp4lJedhRx4Wf4fOi0uM1zY9vBAj6XARqmPIHV3s8O4x9H+ZQ/6TjsdKyfk3yZNsg2S+Xr4qweA/MQ62/BUuURYwzlsBTqWEMVqMhKyZa+MuErocuC0ptabI/pvoKWPZ3+W7vwPf94arolR7dwzKx5XAnc41Lxl/ApN1mAMgLVDQFbodM1Mv9TNj6pOXwMYg8+eV3kEWdspAi+oTgDCmUHD8L6bjPLfO3YpBlYycY+AHmi+quUuUI+X9oueFTYNA+qky7Ccvgq7NGjrq4mud4gRkwoshJYUu/IVWCrL6oWVf9AwKrVbVL6OxLPVpoie/Gfnb4P0DGAtiJG7mfctucQ/saIu5D39BPIke26RSc5lSrHUGJ/mXGZOEhOTAO9BY1SqHtCbWtVRcAJop3pVb45waW/sb+TxMKvyeeDoAvmB2eYO5wAHe4HsEFJ19wfCtrRBgobe7jOkjgSI0YPFKg0x16XMGhqVNZsmcq7hKA0C82u0fZ15bxXyLO7U9HwNwmb+x1K//8sSpfx0TBsFFuPoyycQ+UTyuiD2N8/2QawUMEvr9r4PNIMcfc5jF3foq5Rl8bgUes9P9lGYHCdmLsUEuGZjoVzHtKHRo2Tel3/JxN15mj+4bvqjZiikgOl/0SNYvy/2NyIJKtJDRINzV/Nz3Wv55CHxJLdpDeqyZueOb708Fx1mEll7yStmeDkGeSrW7AcRp3JFgmF5BvT7/9X1mgmjQqSXczMJyeEIzA1ZOCXXppy+/L0iEf5Q6KsKz2tPtdogqz9cBVwRvz2JzsxAyF104LAEJf6TnjsUMbq0oF3uEBotipvY8uYk4Kpjyx3YeqnABVmHpB/iopl++K5NoWLbafS3GASlfGC4+wwVFEW0ygNgCt4wOwfTkjmjSnLuiM8cvUKgRH9b98S7mHlMnruQze4JguVieLmZVxmrVFNyoJ9g/msakAe906xrHPuMB5HE1eQu9zTSaHrYEPWUsxyTRnkE3HciJi58Y+cIjLYBxo9+1ZS3/scx2jupKIEGdC8DLs8vtnrJyMXZbiUnLMTuUvzzURyshxVJu+frY3EgG2avf0UZ6iSzKGh+77Z4Q3aAVmIA2xQf5XBtHwi19I1J/xdMFFJnbRAYsFSnkux6c5Z X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 59b60367-c8c6-4636-19ed-08d9885a3efe X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:44.0107 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: MQgY8zaWn4qpn3AT90WxB2l58I7bq9eLMo/lL0pPQAXRSSQ+V9ldXePdvgPNSgEbLtRmhzUXLHYUcP1/fVMfPw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Exception 29 (#VC) pushes an error_code parameter on the stack. Update the exception list to reflect this. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/x86_64/handlers.S | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/handlers.S b/tools/testing/selftests/kvm/lib/x86_64/handlers.S index 7629819734af..19715a58f5d2 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/handlers.S +++ b/tools/testing/selftests/kvm/lib/x86_64/handlers.S @@ -76,6 +76,8 @@ idt_handler_code: HANDLERS has_error=1 from=10 to=14 HANDLERS has_error=0 from=15 to=16 HANDLERS has_error=1 from=17 to=17 - HANDLERS has_error=0 from=18 to=255 + HANDLERS has_error=0 from=18 to=28 + HANDLERS has_error=1 from=29 to=29 + HANDLERS has_error=0 from=30 to=255 .section .note.GNU-stack, "", %progbits From patchwork Tue Oct 5 23:44:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538185 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 75270C433F5 for ; Tue, 5 Oct 2021 23:45:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3BA006142A for ; Tue, 5 Oct 2021 23:45:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236966AbhJEXrk (ORCPT ); Tue, 5 Oct 2021 19:47:40 -0400 Received: from mail-bn8nam11hn2240.outbound.protection.outlook.com ([52.100.171.240]:62688 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S231481AbhJEXrj (ORCPT ); Tue, 5 Oct 2021 19:47:39 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f2wL7Z9Lkfkn2oNZpm3EWCmCzIYsSebXG8DdbKnVRJlFte9vI4v+MVzHPTveSvqeo/kQNjJ7tUJjSAJzV7VAmZNtqjcPci1ZwKBKlDNH+o4CjSZfvkFeGLt8dEfKJszVFIM4LtYe8KzKxuIkFKiO/EvQhN7b5o6qqg0wsydMRF9QkFXGu5AJ3u7EbwFkn5yAoNE+Z/grRr57FghT2qqNVthm/EgyTjNgbVbOR5DX9jTO1xjeU0VzsQwBmxmh0cqG+jXHswRfwFTBA7NgPIHoTg47XxdQJtqUhghz7xLo7/wi1Bc20DCEIvHZcmkZUl/hGUyL4KEfWbiB/4PEMANEOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+OF4TOBpCh6AiCl0BdEUjKGtSMtvyPZxw/+eZ47So5w=; b=NX0e0Fym/rbrhaNyAEocQCBfWI0j87Af7+XG0S0sWr8xfnMIjlY4Zu1OXgMQE1NhI67wqytjT7UR5KveoolOwMZ5n5eHPwN/oSGv8WXMoxc1gmUVMTZKlRu7MJH50yZiun6Dxw2SZ+mGC/hQSuCIyy673x5CzRPc2o4HAKjiEbhXav3y6hyZ7u17u0TPZS4PjTXN+0zQbgUuMYU/Tiz2lMIyFRq5gLEHsRePdSvwJRjEO8XOmBatktEowr2aUqdHaCvSPCEK1vXTEAwC3IiMP9VM/2kHmoiLtGn390Dof8c2JsxKslVeMJg2BGt2QCdFkUk7I4dQOP+oRuH7WkpQug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+OF4TOBpCh6AiCl0BdEUjKGtSMtvyPZxw/+eZ47So5w=; b=ibgbOOe9Au+RlqUJ1x7YRtuQxDTRSQNrJbMBo1v5SLiteDb5zBsGcxxihGYr6fTTz7gIamtGhYBoXkPWXct3KARvyohCDgVgsyjGlAofJ1F0QpznkQIBx+74LGhF3fanr5BAljZDQ3DQNV2wN/O6IqrMJxwrCk+n7UhW/0/2zQ4= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:45 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:45 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 10/16] KVM: selftests: add support for creating SEV-ES guests Date: Tue, 5 Oct 2021 18:44:53 -0500 Message-Id: <20211005234459.430873-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9PR13CA0049.namprd13.prod.outlook.com (2603:10b6:806:22::24) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9PR13CA0049.namprd13.prod.outlook.com (2603:10b6:806:22::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.7 via Frontend Transport; Tue, 5 Oct 2021 23:45:45 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 54f8e193-13bd-490b-13cb-08d9885a4011 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4303; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2nODGEy7Pb6obB1igg7Kw0Ei+PLeQcYgkFZLYAL2kC9vzcm69AOcFefGb3A8MruhneG2CDYBXhtUXsjvkg20aq5d7gosZn4DjK0GDCIpuoXcPYurHsuKSAFmd8A/qIp11R3YzHYQW7cm7epa01nd0V1xd9KeE8Gd5Drh7Vnq3f5IOH6hwVPqAaUMY3/lyKLPQduB7EaDPfudUFivOCm/fr0U1D/pPLfWdA3NYEUsovjGnr/A3Wg8MdDLbGO6raX/Pxvg85CeLuL/DBf5j+t3NAVAsC+4/qPinHmnK3mHrOFNPejPL91XeHG9kSR/HLc5qYnx52F1QYD136s/2QPUTKU5p04qxULB9PMvvra9JeiPQaES1xon4O1tenM7GiZVkTuw3zFWdFWXNELDP/f+3IzV51NZ58Mj8+LF91oXJj+8FYxh/+Dw2RnW8Uco7RaXP6JP2jJwCTn1ACENdCW7vfLsM3vbh3/B++TAokyo/GBrMDHa+Kizb0ntmoPnJPYJTet2zrrbJN9LUi9nMFrwW84Yi5VpAYAKyH4dZHze/dArGJr9SXWP9H9DcisMpH/g7BwQY9BARLSJDxP6eew6k+LwsnhvJGQ0sAZBCu2xJzwdifMUuT/ivj5PsNsOQPMHBwfJRRuu+cE1wdX3Pf7DzgpcGC8BZrOU5I0T4HgHng/tAxT/T9VswD40Gf6VxNETR46rJnNoUrczYPs2jNddfqIsZ1zccyJI6qEMsG5djkOaYVMa+K+8zqH20WiaQFXPvKFlNIZVO2ddJnWDgZjg7FOVh3x7i09dGchdKXRa6zrM25qo3K5QuCp35jfDHv0XD/N2qs1N0ubxbsfAE3AppPOHhjAPBOWadZlrpJLSmDQ1VhBCTNKvRaRATLuaf/H409lo+a8JfeuTN7CvFxx7PokypAwsYjWmYe/8Dm2cMwVNAMnyOySe3Ewb4AyQB4OPcoE8f8i7WLTxg2m9MhqJvGV7hEsvFpqiBPc3PANhszZZnGnOvQVu3BPA3IG6gpbzdRUWYoiSoTZ+Ls4a1AVtTfenKKDjJ2SuRa1KVlyjphI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6666004)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Icq/zT7L/drfWR2mkYPc8h469C5XciW8ae8Op6eBdN87LAMXYCCgGpcIGDEO2MzuogDfkYHYBShd5Mb4qfQqHS4s8rVUqXo9jUNFrKx70MR1ierQycYZGxNolZV2UFaWs7voZoGqJ18ovw8x1XlEYH8wi+CpqccsL9sUnRh8XlCO5+HvMZDOH/NJIGNJ3SPOa3+/ZQg76FoJWRO9c5xgzdQg5n7ObWd4lUrQAOtjCDQ6Vwat2GXdetLLtLoStl0PsvUEbUTRusL8xHNdW0G+79SGWUCTBKFEPFQnD2olWtu3CzxBe4FxTqezNZhTN1wkjp1IpflE9nXpYs0aPWGcaUANmGHEjnKJhrAa7W8UZYrMhu3HFSmSuAvdJiY6PmgRe7njQ80Ep930UOqotBuvSYSmoxzORIxIHTU7UQKpCJ+v6SXgbN4mO0h9L3vBrBE/QPf+w4yWs6Iq4xuppI6YqEI5zaxF4UpcgEK8NimYfrjNaGp1bAJ5Xtsgfnvqo4GANIxw9s2QahXKqd/xcq39DfkhZ577CB+xH4EPFxQ5PE7JRm/mtS4bBE0fEMPj9ezZj71vStIQ25J7NgSJXnG5ttaYvOa/AXky2ZT3YrbltX/UMZpgnkUYazcb7pV5LpY13FZJlwUePc2L6HHPYOqp0CShK40jBkVPfD3c0IY11y5gbzRcY27cCi2azx9j/wC4luUcig0ILciSuB3Vv7R7ypKle+SS5GihiScfScKtTnelk9uAzqqGWSmYjwMN6kZPD7RAqQVQAsDkRlqumNnE0eIZiaKXVPqwnXwKIR6OIdoO75m1M59MDBLsZnNZ390CzQBTJaIo7xdU52KYGkKuLll0KW6tqDDcFLuGy0wDMTwkqoLrygPuHHvsaAWVU+If1A/Vt40ErIeVeutl/qNOH9/TVXNLVnsR4JLbmhuoL9igyKaBb0iWV6fX1A98hMwFkzXOuufmDYXReyt0JgUOXdiAKFNqLxghd/nNW+3uT+/ZBB1N++ZLOZhdCRgfXyHFcWWRcRq6F8bsSm25YNYnUnvvCVkhdD+45gIKG9G4gaWkJ16k9xaHx37aBr2molO2AtpxiJDm82wRqFYnUJG7SgWFPvuTFowYbrud/55efH9bbFtKOGzXeUneRHMWjH531u2KNLm04PPoIifiM3UnQuh/ebK+5XS/1wIsV8+XqtLYFFs/BJcKP0SsxCVq3NxgJVc9Npe/qRGE4PTQKK9aJXlzJE6wTHZGQBbi8seTbwukuwKYZxBeIajSRVFRExY0p/1zjmlVbbWWPF7cQlK4pQAY5P+uRSzTrY0myq+HHVO//L84DGApyu3KQnsYu2r0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 54f8e193-13bd-490b-13cb-08d9885a4011 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:45.5947 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Za8UjBdcdu4BXXw66ZJDj9z1rcFz4iPcmPP1AzuMpN5VxvXwFwUJtiIs7mwyIAlK5SKRe0QXNlcIdBbt3Kakwg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Only a couple KVM_SEV_* ioctls need to be handled differently for SEV-ES. Do so when the specified policy indicates SEV-ES support. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/x86_64/sev.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c index adda3b396566..d01b0f637ced 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -238,13 +238,17 @@ struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) return NULL; sev->sev_policy = policy; - kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + if (sev->sev_policy & SEV_POLICY_ES) + kvm_sev_ioctl(sev, KVM_SEV_ES_INIT, NULL); + else + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); vm_set_memory_encryption(vm, true, true, sev->enc_bit); vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); sev_register_user_range(sev, addr_gpa2hva(vm, 0), npages * vm_get_page_size(vm)); - pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + pr_info("%s guest created, policy: 0x%x, size: %lu KB\n", + (sev->sev_policy & SEV_POLICY_ES) ? "SEV-ES" : "SEV", sev->sev_policy, npages * vm_get_page_size(vm) / 1024); return sev; @@ -269,6 +273,9 @@ void sev_vm_launch(struct sev_vm *sev) "Unexpected guest state: %d", ksev_status.state); sev_encrypt(sev); + + if (sev->sev_policy & SEV_POLICY_ES) + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); } void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement) From patchwork Tue Oct 5 23:44:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538189 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36F1AC4332F for ; Tue, 5 Oct 2021 23:45:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 15BFC61501 for ; Tue, 5 Oct 2021 23:45:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237059AbhJEXrq (ORCPT ); Tue, 5 Oct 2021 19:47:46 -0400 Received: from mail-bn8nam11hn2202.outbound.protection.outlook.com ([52.100.171.202]:63616 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237016AbhJEXrn (ORCPT ); Tue, 5 Oct 2021 19:47:43 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EIDwIA5vSNiFklwCngSqdTPE0hZKhUwbwx1yiZP/ZNwOuAZF3ZfXFB3gW2oJ22IFruH/zmj27531MI0Ao4LGRhfR8TR9eOMNgy+KrICSyEey3y25uAppaN88Az+vTFOXkKssfJ8f0wWxlhco6v1F0+Fbhh7CtWltJBtDrIYDt51xkl7ru+NE5m19GuXbL0KKqRyDJEk9urNwa7xIgRyqxuiX74Y+C0dM1eSWVbPl8jqYr2sSq9i1bxOIcSW4B2VDWZ9gp63wkMzp6UGXKDKoQ+sHyk51/TdhjVJ1G+676u8cYKeXQK/opUOPRbBK7Mqzpvx4HS0U4xzTIR/lzCAR6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KNc1Vp8B73BXYEpwY4yuFcoRId/o+0rdFZiZXHm3R1w=; b=MpSYlrYUr/itcFYl1oNtwn1sv/0tBNiIws0If3e+dtB9TL3/3l73tD2RD2apPAxZKaiq4pQo5cH6316iAtgBJm9M95dngeWH3ybroLFDA7Z/MwYnRdT1Puh+g5H1ee5LnoFVrFtFLqwSDM5w1dVMpiojyU5fAy3J0QZmn64Yqja7u0GMUKEvNN4g1FeO728BFG4se7H6Iae00qcvOWjod7PPp3g2qKpXakquri8LZkFCw9bifSWqdLpYEzP8Y4+reuRE7jQc1sKRi7O5QCVUYkLLRgEqPx9RoF2xY7CM4HryPb4xzw1u9Cv1ncIuDNqpO2k1eRV9ISpSxpYffLJWDA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KNc1Vp8B73BXYEpwY4yuFcoRId/o+0rdFZiZXHm3R1w=; b=4uYDSVo5q0sLgdTnX2MkEG9Rr9s4htZu1BBlQebgkLybSxjLX0k8LgQVrDAdduNhjMuQ7qYpachJC7frARrvNBwICd9udAHbVtz14ulzvRfZfdx6hRbgiUTuh0OuWskWhSpnitl+vVPm0AvmJsqhClmiLu3VOKfKCYzdF1EzyV4= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:50 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:49 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 11/16] KVM: selftests: add library for handling SEV-ES-related exits Date: Tue, 5 Oct 2021 18:44:54 -0500 Message-Id: <20211005234459.430873-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9PR13CA0037.namprd13.prod.outlook.com (2603:10b6:806:22::12) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9PR13CA0037.namprd13.prod.outlook.com (2603:10b6:806:22::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.7 via Frontend Transport; Tue, 5 Oct 2021 23:45:49 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 56ebb1f1-037a-45e1-58d1-08d9885a4297 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YvCl55RbV/Kfnb8OxevMoKNNAxiY/vXWKsxzmbw3pV6GXastp0JFRIMVnsMA39kn2PilqQH5sd+Ye/+H2IrLUuyUj6lV3BI6xN9xhBi3GvuVD0c3E3wU4VZwtZrqit7eBBK9u+rzsyZiT6Ouk481fTVN5+9Yk4TTjvOXJPcteFtj/zHaBO7vn0XeP1xXPuXhK1H7IHaDG42LQ28tRpg1Yif8LaQGHQMEUw7om3mEolnJp8rTPsEqV/z8QbgmhsSNPp60mAsY0r7+0Te5Paj1HiNMCXblNo8fQfWONitD5k1zk6M7Vhev3g19LOL9mtvXsig93ocmE21cjRnyw7jSSSGkZu0NncaXI5eOWTPwfviT4g+1+ZlYiti/CEVG8GjZ/oK20+fYj5zIfb1wJHaZtBrrHqXttUX5YfKUYKu1hWTUQ9uJ9W2OCg1+aq2gqJFCE/Jj7UBL24HNFmuk14107bu3/ujnIGm+OxGmjIpWFw8UTNsdZPks/G1f1okfGvKMnKfJoSihBQ3DXEFYm9Q1xXjfmfDOKUYaAPPV9iiHJ7r1ADLE6FajSOOByzGOdgVgRNPUIVFlJDmNurqYNAsU8P97MMI1BeNxIxdzv8CMasNePSwJpbAyC3I7PiocW36ghhsaqHOA+ia0DpXAaFgvr/s1pMTfIQkJ/mYnGgz2Of8q+EpEJIra5sze7lU4MfVKClppVFupeCs+8B57fddQRzv+c9eA630A/SnDUJ2vZlAoWI0tpsH/mAtL1bz0jVtktcbbBb3XsOx/0v7vl1I9KsS4c3NTp88pxqDGz/pJ78q64UEriGHoClztWZ0kPNjfMRNLaENr2zElrdP502NK8VsUXmeRrlTRg03FrYDv43QQ7QpsIwD9UHoYr0vymkkQUZ8gHJdkITLAYrLZPhbtYwbM3A9HKC29tx5hB+Db4D7XpFp6xeE3D6kZpJdinfr/vz0bHobwvf9czHhZlVXno2IhjpWHLY8URFqBwBoHjVep0+l1ZA2Xs6s1lICDbIhtkixTYSrUjesKpHmu7SqeHxPKPukXBGbuFAtXIhx649E= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(30864003)(6666004)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: mJvp/6040UrjR4qIyXmxC3NWmriPIz4vPNDhWWFcNGsNqDspGb46pfj05k6oWcOpdi5gcG/v2c063e7JWTHD6J+2cON0Nd/TFinMZIO9rFBF7WadGIbZC33qdplaLbsJIrhBw2UWI7SXxDw2+W4AoaQiFLXPMB23/u1ruQZTvzn7z1qlnC49ckurtwOTwyQTELRN7ePSXWI2o7eOx5dspYlMPthoZkaIhShvo8SlRR190MHeAJO7um6Ap81GeXjscQeJKNG1wW5WO8nXYkbxGW0yDIx2xwiw6kG7LZNO5q4T9bEC4xto3S+QO9BkNi1+c3FlW+HqttYD/lXLe5bGJrsTV5ROs5KI6afvdMIFfmS5KJLIrZ/6ETP9d0j/qTrS9ojMxP0k8twu39BfGnDKyW/Tb4oeL+SzlPeh4Nniiqa22H/ywcZWka+ls0QCqYeYoy4o1x6Vj/LWB7CN9gJOOTlVQCvJ537Hmc4prvE8wrPfo11eydTchTA06U6wsysJX0aWqgA5WHD+jPryZ2/Xvquw7sUnXSldkYJBj1d26JirnWQv+Z3pMz1Ha5ziw9rAmdja/S23Vy0zIyLRjt3sapRwW5rX2THM4KqXe6VIR63AJHh9ZPcoNX2YRhq1BM2RFcYmgdCLkbOl9btOp4pDQqgALF9taxmV60sYqmEH+QEg+6FyEKLIf2vaBsy+HF+QgcUO5altRrQDWt53QyhkRAI7XZvzb6nSmGWjjPR/oaioPk/NmcAuf8303mR2wO/CdvvNg1i0VaIgNftttByvAE+bewSg8MDKGPwNUGgVJrY7Mr5zopkAk0XkX+mTWIvXIULtVEC4hSuVNjITy5cxYVDQwUmS3raVXOYnAjDm8Ed0KDejHhasacTHHblBt0nBQsYZxKYzeNF1VPceLyyOS2s6lSgF2+kY27GFtkw8lRNkRpE3itvrTJf83KxN5PX8j5z8N9mnR1sgdxsErEk4/8UH5inc4hbjplyCdEiC6Z++LRPA5j1fUq+Chs8/mIYgwZRqBSU/XfJmeaYneWvKwxbMG2A+TqVUkoXuS/57gE6CLBNRU1KTBQ284lGxnsQWcQDsrJ2ysNPhMR4e1PTN2O1Ysay7Aa1rcVPICkN8BswziWIUDsk7F/UVqT32igiaAvibrn33MNSrivJYqpRER+y3zfSHmK9hIDi4pD9p9MowVVZ43fPzJBn/fZvrOcNydq19qYuIvTGmXGL6MdWssn3zgnelkMwhKIXl8eTPEdG6I7H6T4B2ElQ0q+5ET8zEcv2se/01FmQH1VmXfJ5Uu1hc36AxZXGrpMv2eDutvyZ3vzhUbuBN2vLz0PJKqFLB X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 56ebb1f1-037a-45e1-58d1-08d9885a4297 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:49.8341 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: mPFm0xjBAxTt8nxAlPMNJuS+s/hvKPB7CkaFZzKbNBqTxMGXnKHr4J1BUwiJcisuSODxEFs4hmGMfyrc2xyHUw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Add (or copy from kernel) routines related to handling #VC exceptions (only for cpuid currently) or issuing vmgexits. These will be used mostly by guest code. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/Makefile | 2 +- .../kvm/include/x86_64/sev_exitlib.h | 14 + .../selftests/kvm/include/x86_64/svm.h | 35 +++ .../selftests/kvm/include/x86_64/svm_util.h | 1 + .../selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++++ 5 files changed, 300 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index aa8901bdbd22..7b3261cc60a3 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -35,7 +35,7 @@ endif LIBKVM = lib/assert.c lib/elf.c lib/io.c lib/kvm_util.c lib/rbtree.c lib/sparsebit.c lib/test_util.c lib/guest_modes.c lib/perf_test_util.c LIBKVM_x86_64 = lib/x86_64/apic.c lib/x86_64/processor.c lib/x86_64/vmx.c lib/x86_64/svm.c lib/x86_64/ucall.c lib/x86_64/handlers.S -LIBKVM_x86_64 += lib/x86_64/sev.c +LIBKVM_x86_64 += lib/x86_64/sev.c lib/x86_64/sev_exitlib.c LIBKVM_aarch64 = lib/aarch64/processor.c lib/aarch64/ucall.c lib/aarch64/handlers.S LIBKVM_s390x = lib/s390x/processor.c lib/s390x/ucall.c lib/s390x/diag318_test_handler.c diff --git a/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h b/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h new file mode 100644 index 000000000000..4b67b4004dfa --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * VC/vmgexit/GHCB-related helpers for SEV-ES/SEV-SNP guests. + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#ifndef SELFTEST_KVM_SEV_EXITLIB_H +#define SELFTEST_KVM_SEV_EXITLIB_H + +int sev_es_handle_vc(void *ghcb, u64 ghcb_gpa, struct ex_regs *regs); +void sev_es_terminate(int reason); + +#endif /* SELFTEST_KVM_SEV_EXITLIB_H */ diff --git a/tools/testing/selftests/kvm/include/x86_64/svm.h b/tools/testing/selftests/kvm/include/x86_64/svm.h index f4ea2355dbc2..d633caea4b7d 100644 --- a/tools/testing/selftests/kvm/include/x86_64/svm.h +++ b/tools/testing/selftests/kvm/include/x86_64/svm.h @@ -204,6 +204,41 @@ struct __attribute__ ((__packed__)) vmcb_save_area { u64 br_to; u64 last_excp_from; u64 last_excp_to; + + /* + * The following part of the save area is valid only for + * SEV-ES guests when referenced through the GHCB or for + * saving to the host save area. + */ + u8 reserved_7[80]; + u32 pkru; + u8 reserved_7a[20]; + u64 reserved_8; /* rax already available at 0x01f8 */ + u64 rcx; + u64 rdx; + u64 rbx; + u64 reserved_9; /* rsp already available at 0x01d8 */ + u64 rbp; + u64 rsi; + u64 rdi; + u64 r8; + u64 r9; + u64 r10; + u64 r11; + u64 r12; + u64 r13; + u64 r14; + u64 r15; + u8 reserved_10[16]; + u64 sw_exit_code; + u64 sw_exit_info_1; + u64 sw_exit_info_2; + u64 sw_scratch; + u64 sev_features; + u8 reserved_11[48]; + u64 xcr0; + u8 valid_bitmap[16]; + u64 x87_state_gpa; }; struct __attribute__ ((__packed__)) vmcb { diff --git a/tools/testing/selftests/kvm/include/x86_64/svm_util.h b/tools/testing/selftests/kvm/include/x86_64/svm_util.h index b7531c83b8ae..4319bb6f4691 100644 --- a/tools/testing/selftests/kvm/include/x86_64/svm_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/svm_util.h @@ -16,6 +16,7 @@ #define CPUID_SVM_BIT 2 #define CPUID_SVM BIT_ULL(CPUID_SVM_BIT) +#define SVM_EXIT_CPUID 0x072 #define SVM_EXIT_VMMCALL 0x081 struct svm_test_data { diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c b/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c new file mode 100644 index 000000000000..b3f7b0297e5b --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c @@ -0,0 +1,249 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * GHCB/#VC/instruction helpers for use with SEV-ES/SEV-SNP guests. + * + * Partially copied from arch/x86/kernel/sev*.c + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#include +#include /* needed by kvm_util_internal.h */ +#include "../kvm_util_internal.h" /* needed by processor.h */ +#include "processor.h" /* for struct ex_regs */ +#include "svm_util.h" /* for additional SVM_EXIT_* definitions */ +#include "svm.h" /* for VMCB/VMSA layout */ +#include "sev_exitlib.h" + +#define PAGE_SHIFT 12 + +#define MSR_SEV_ES_GHCB 0xc0010130 + +#define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } + +#define GHCB_PROTOCOL_MAX 1 +#define GHCB_DEFAULT_USAGE 0 + +/* Guest-requested termination codes */ +#define GHCB_TERMINATE 0x100UL +#define GHCB_TERMINATE_REASON(reason_set, reason_val) \ + (((((u64)reason_set) & 0x7) << 12) | \ + ((((u64)reason_val) & 0xff) << 16)) + +#define GHCB_TERMINATE_REASON_UNSPEC 0 + +/* GHCB MSR protocol for CPUID */ +#define GHCB_CPUID_REQ_EAX 0 +#define GHCB_CPUID_REQ_EBX 1 +#define GHCB_CPUID_REQ_ECX 2 +#define GHCB_CPUID_REQ_EDX 3 +#define GHCB_CPUID_REQ_CODE 0x4UL +#define GHCB_CPUID_REQ(fn, reg) \ + (GHCB_CPUID_REQ_CODE | (((uint64_t)reg & 3) << 30) | (((uint64_t)fn) << 32)) +#define GHCB_CPUID_RESP_CODE 0x5UL +#define GHCB_CPUID_RESP(resp) ((resp) & 0xfff) + +/* GHCB MSR protocol for GHCB registration */ +#define GHCB_REG_GPA_REQ_CODE 0x12UL +#define GHCB_REG_GPA_REQ(gfn) \ + (((unsigned long)((gfn) & GENMASK_ULL(51, 0)) << 12) | GHCB_REG_GPA_REQ_CODE) +#define GHCB_REG_GPA_RESP_CODE 0x13UL +#define GHCB_REG_GPA_RESP(resp) ((resp) & GENMASK_ULL(11, 0)) +#define GHCB_REG_GPA_RESP_VAL(resp) ((resp) >> 12) + +/* GHCB format/accessors */ + +struct ghcb { + struct vmcb_save_area save; + u8 reserved_save[2048 - sizeof(struct vmcb_save_area)]; + u8 shared_buffer[2032]; + u8 reserved_1[10]; + u16 protocol_version; + u32 ghcb_usage; +}; + +#define GHCB_BITMAP_IDX(field) \ + (offsetof(struct vmcb_save_area, field) / sizeof(u64)) + +#define DEFINE_GHCB_ACCESSORS(field) \ + static inline bool ghcb_##field##_is_valid(const struct ghcb *ghcb) \ + { \ + return test_bit(GHCB_BITMAP_IDX(field), \ + (unsigned long *)&ghcb->save.valid_bitmap); \ + } \ + \ + static inline u64 ghcb_get_##field(struct ghcb *ghcb) \ + { \ + return ghcb->save.field; \ + } \ + \ + static inline u64 ghcb_get_##field##_if_valid(struct ghcb *ghcb) \ + { \ + return ghcb_##field##_is_valid(ghcb) ? ghcb->save.field : 0; \ + } \ + \ + static inline void ghcb_set_##field(struct ghcb *ghcb, u64 value) \ + { \ + __set_bit(GHCB_BITMAP_IDX(field), \ + (unsigned long *)&ghcb->save.valid_bitmap); \ + ghcb->save.field = value; \ + } + +DEFINE_GHCB_ACCESSORS(cpl) +DEFINE_GHCB_ACCESSORS(rip) +DEFINE_GHCB_ACCESSORS(rsp) +DEFINE_GHCB_ACCESSORS(rax) +DEFINE_GHCB_ACCESSORS(rcx) +DEFINE_GHCB_ACCESSORS(rdx) +DEFINE_GHCB_ACCESSORS(rbx) +DEFINE_GHCB_ACCESSORS(rbp) +DEFINE_GHCB_ACCESSORS(rsi) +DEFINE_GHCB_ACCESSORS(rdi) +DEFINE_GHCB_ACCESSORS(r8) +DEFINE_GHCB_ACCESSORS(r9) +DEFINE_GHCB_ACCESSORS(r10) +DEFINE_GHCB_ACCESSORS(r11) +DEFINE_GHCB_ACCESSORS(r12) +DEFINE_GHCB_ACCESSORS(r13) +DEFINE_GHCB_ACCESSORS(r14) +DEFINE_GHCB_ACCESSORS(r15) +DEFINE_GHCB_ACCESSORS(sw_exit_code) +DEFINE_GHCB_ACCESSORS(sw_exit_info_1) +DEFINE_GHCB_ACCESSORS(sw_exit_info_2) +DEFINE_GHCB_ACCESSORS(sw_scratch) +DEFINE_GHCB_ACCESSORS(xcr0) + +static uint64_t sev_es_rdmsr_ghcb(void) +{ + uint64_t lo, hi; + + asm volatile("rdmsr" + : "=a" (lo), "=d" (hi) + : "c" (MSR_SEV_ES_GHCB)); + + return ((hi << 32) | lo); +} + +static void sev_es_wrmsr_ghcb(uint64_t val) +{ + uint64_t lo, hi; + + lo = val & 0xFFFFFFFF; + hi = val >> 32; + + asm volatile("wrmsr" + :: "c" (MSR_SEV_ES_GHCB), "a" (lo), "d" (hi) + : "memory"); +} + +void sev_es_terminate(int reason) +{ + uint64_t val = GHCB_TERMINATE; + + val |= GHCB_TERMINATE_REASON(2, reason); + + sev_es_wrmsr_ghcb(val); + VMGEXIT(); + + while (true) + asm volatile("hlt" : : : "memory"); +} + +static int sev_es_ghcb_hv_call(struct ghcb *ghcb, u64 ghcb_gpa, u64 exit_code) +{ + ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; + + ghcb_set_sw_exit_code(ghcb, exit_code); + ghcb_set_sw_exit_info_1(ghcb, 0); + ghcb_set_sw_exit_info_2(ghcb, 0); + + sev_es_wrmsr_ghcb(ghcb_gpa); + + VMGEXIT(); + + /* Only #VC exceptions are currently handled. */ + if ((ghcb->save.sw_exit_info_1 & 0xffffffff) == 1) + sev_es_terminate(GHCB_TERMINATE_REASON_UNSPEC); + + return 0; +} + +static int handle_vc_cpuid(struct ghcb *ghcb, u64 ghcb_gpa, struct ex_regs *regs) +{ + int ret; + + ghcb_set_rax(ghcb, regs->rax); + ghcb_set_rcx(ghcb, regs->rcx); + + /* ignore additional XSAVE states for now */ + ghcb_set_xcr0(ghcb, 1); + + ret = sev_es_ghcb_hv_call(ghcb, ghcb_gpa, SVM_EXIT_CPUID); + if (ret) + return ret; + + if (!(ghcb_rax_is_valid(ghcb) && + ghcb_rbx_is_valid(ghcb) && + ghcb_rcx_is_valid(ghcb) && + ghcb_rdx_is_valid(ghcb))) + return 1; + + regs->rax = ghcb->save.rax; + regs->rbx = ghcb->save.rbx; + regs->rcx = ghcb->save.rcx; + regs->rdx = ghcb->save.rdx; + + regs->rip += 2; + + return 0; +} + +static int handle_msr_vc_cpuid(struct ex_regs *regs) +{ + uint32_t fn = regs->rax & 0xFFFFFFFF; + uint64_t resp; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EAX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rax = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EBX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rbx = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_ECX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rcx = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EDX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rdx = resp >> 32; + + regs->rip += 2; + + return 0; +} + +int sev_es_handle_vc(void *ghcb, u64 ghcb_gpa, struct ex_regs *regs) +{ + if (regs->error_code != SVM_EXIT_CPUID) + return 1; + + if (!ghcb) + return handle_msr_vc_cpuid(regs); + + return handle_vc_cpuid(ghcb, ghcb_gpa, regs); +} From patchwork Tue Oct 5 23:44:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538191 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 593DCC433EF for ; Tue, 5 Oct 2021 23:46:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 412C26124D for ; Tue, 5 Oct 2021 23:46:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237069AbhJEXrw (ORCPT ); Tue, 5 Oct 2021 19:47:52 -0400 Received: from mail-bn8nam11hn2217.outbound.protection.outlook.com ([52.100.171.217]:8641 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237047AbhJEXrq (ORCPT ); Tue, 5 Oct 2021 19:47:46 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CFZ+AGoea3Sxt5AR1JWVs8N20PWbn1sv9pktxTKTwrwr81edozS8KnwWRgW5qkCAmn6GX3fK4As+7ryEDLmRfjjbcRFDU4iqquZkYOr5ZtfDUv8Zzrz12k7fXk81LnMUb/XAUnOgbj+JjmWLk0SDgqKpkk1m21tisVCZhuXcMuiAvqVopLDoyAWbjOzifwxbCTXn0lrE4CgMRZg7Iz6BDtfTzXt9WMzsL+haMQI7cCfnK/r85pArSFvJ4B48Hfde5GgHgj/OnxolaRUdIKHKvfNhKRP8s7Zee4TgGA+MLVglnci/JM84+pphkEMmhboOlT4E8Zl4vAtok0lrnKeHQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jeB6FnD9KJxn+Wn2IDh5RFP6Ze4RfCvcJDiUDf/SMk0=; b=LfBwSsbAnVN10/qe+NXs9NHUo/DR9EQE8XwW9M8Ancl5Eeyxjnj0vwtUPZIl305nD7HR5aBgEq8nO4qUQ1iTSI/ORLvfkycLbPFMJEAi8GsPJvuM7Up5otAs9sHJxSU1LJL/xfl9Z34rHJnMGAdn9+rHeLNEmvTBOmGDtIxdRKeFGMiJoq5ZMuoEZ+1vB994pBhXvmMad0jlHZZLqAzj7z4GepBHBFkIxrjQHLHfDsMzkhPcmrOfGOFhOkO41ChPiexuzDFXK6VrWvu7i3AhEay04zs8Ol8B3tilruSAEVC/6To7uZsazLLgO2lyNs2xQB3cjfYtqElMXhTzI5BAZg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jeB6FnD9KJxn+Wn2IDh5RFP6Ze4RfCvcJDiUDf/SMk0=; b=hSAVsrAAKhHKUDC4T7NMrReGIVgm5PuUtK0lwQ3rriSo+WmI2dSL8tCHJha+UX2SiSS3XO8b0yLihTuHUSGyb6B6Z+RzQsYF6/zBsCO6AF1kfbKIJQLj5ib5+Uni0GPY67yAPmeVcW8zxHKKAnhsLikbTPHbU0GJ/FELa9Wq+qE= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:51 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:51 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 12/16] KVM: selftests: add SEV-ES boot tests Date: Tue, 5 Oct 2021 18:44:55 -0500 Message-Id: <20211005234459.430873-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA9PR13CA0047.namprd13.prod.outlook.com (2603:10b6:806:22::22) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA9PR13CA0047.namprd13.prod.outlook.com (2603:10b6:806:22::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.11 via Frontend Transport; Tue, 5 Oct 2021 23:45:50 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 960770bf-ac7c-450d-2406-08d9885a4388 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2582; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Equ47obkOKM6Hygz+JBgaZvPIzEyqyW5l3rpJhEDGbYjpzNSeGfFkqVPm6NNQEHFw66l70Q69dsfpVUOHRaRjTIyEo2U7RgO8Wgj83iaD3ZUO+maOLS+Cw5X7nRlxNtQIS6cQO6vzfDm7EnDXuhsLYZOQg1yq1K77Sn8NkqBrQFUFfAry1PF39DOYqGAp1OBvphguQWWWAf8BAq3T8r6MUeiHL5Z/8uAh0LkjHDM9XGsBr8/L0oLlQ0LLN7shBpS6EXadsQ5Ry5guB3B2d6NWBaSQZbqLDZVkNjEJSB/vWvC5QPD6893XyN6nbytUMUm8ivcteJuGyw/odvVwPeQ+OyUnUjSJ/yHKJPVk8fJuFOdIqfywQvVr36icHXzEHWH9vzE+3ri/P/I93AKkAaFzdNIDYHo+xUHf2+2OX+0FV3FtWRg46SGnJO2jckLcIMdoKOdJhA1s53HvkbN+avBO8IprJ7d4vrfdOGKSdHWsTzMzuXIn4baP/9JFnysrnyS4hrhN9dZRqeZ9vMsaFCmpMpWVMqXkSDYA+clSRLPjJYMknhpEHnsVstCp8ln1XQFfDhngiXp+4J04XqpSrp743bwuW4yyMRcwnVbY18Yq44Wrc0LNU1foXMVC5eG1WCxle/Se9LsLjXlhUVCvDI6xiSqmAMd8zv2+UXSBeRwCz6V+sqdUb71V+Hd0oKtGTEz7kqd1CWz1555FSHQPbolVwkloACZuD+8K4JnDr8zGk+0+Z+dJ9Mq8OlP+g/BVpndYjMIuOcEYhyWoxs85E4pLLa2bLPfOgOdKv67Zkdle0PMhWnsEtLX6ZWc7QYnWxQZgRjEAL6Tjge09aQJNkYtBReJ2H+FtZezd+zfzj087bOeEX/lBnkOcaAI1q4NW0oWi9FUjEGGCJPzdnA9A0IQdck5y4RkBySgFtniXYX56HQ8sGNstwadfmBQwcXnfxb0T+QFNj9nR56sB9HIRNMr4fAtdfSsNfCPTyuB3ICIKyj9I7egcve4PMdEyMylZFRRGwviwZAxMrTj1AS4HYqvJuZwVWchN8vEH+o80GoPw+8= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: aeU0Ri7a/BUUq9bVn4w/xrvMGCgaHAPr/YfHDkJel84DgPMldegn58CzNJzAPguck3fS228Hje/TZsuhgYDT94jChfYjzU0lc0YjnGMVxEJVJy2hHxpyq6Kkkx5Ny7LPbrp4O0+C7OQi8jlrbhbIAdKr8fYxmpu8UO+nV/fDfahwj76yQmyu28v4ffeFDzsXeCDkPdlOYWbovO3ZiGzGwkrAxvIsPocQv9Buu/cu/fPQpFavp7xKLNf5gsAEfXXOxXUOfV0N/X+Gz1qusntkS3hBNK3dmh6ncBOesmezLEfEW7gVDhqOuPIccKBdOLFu0ZHLFkGTVsKldongEEVfoh4nRwDZeMpP8CHJAd8xJq0HPJ6/RD3oxazfmvDN/UoJW/4m8htY20RVKAzBPLTHl+2X+Lk/8Qr/zCGaTjzA+JB4TuuGyIcNy+mEK+I6BqROobVlsr1KaIYOnQoOwloaPnS0WtFU0q94MTh/4bObKIMtINEL+KeUL4gMx8nCCiRmNfcy7unuj1r5qeeV7FMwdwAPuxGtnBUX4VQb+mQnVYdv1uhBGOqLeGaI5U7WgxdVSIi1giJks7WVSm2o9/jcEThDqOx95BLXJOizkgW3GG+4xaHinW9ioFLmTbvnE2nz5rboTcEPv2Q5Z7RXF9lwUy3D3D1LYLnZ1JwJ2JVP5Q3qi24njgl072KZ/g8qEHd0eqnN4eUjIN9e0Ymmf84gmkAjxUNCPAe2C7Bx4YbW1yTUht5ZqqojpnTKUVjQyJPLoOkO4nH5yuyuR8ghOIcUhQ1oJ57EJ+ggg0v+CIS6vEqfRLbN9IKQockPN2IH/CjaCc6x4NOUul1V66ora63NqEvomWtEZWF1gfZdY2HCjzZqgCUn+pYezk2juPASRDvcsnyKrghPBs332s1Zt3TUOFhIQ1b61ZijvI9meTwQYTnl8KnmIVzJyu5GAwnwfY7y5Q4stqZny3Ok1mBtrMpDEx9xivyz3jOYJauSUYZXvZV67/ViolADDQEksXwQWZFra39DuEURpk9IazUJa+bETjdz5cZfmehnrDwva6bD4q3Yyud4Ko/9YNKzeRgH5aTsoyxoRS1beQ40rK4gdXpbkdG/Xh3dltz2JKK5/1XBLWf7vTA1h3EU+2SexpSIkSmxUJGAIfuMFczOnR7CJnZ6yF9o3fIGIRi0I5uV2E24tZ/rP9kQuQc5W2hkQCjHF/DcRQYt73ADqC0lGZ9m4mXKk4RnUX3WHjuE8aqtM0QOZcZ2vkbMokwgrnBC4jS/d+xJd7Jssn8Pb+vdCvqgRF+TkWqE4tzyM/I6cof8mI2yIv/acvWTGKrDj0ktJSQONvmE X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 960770bf-ac7c-450d-2406-08d9885a4388 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:51.3654 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: uP+YS58aqD3mD5iMPrveRLp0ajj8BzwUGL5oT+Or8lULRElVUWoH2NMfzOBGZdeU4xSY7dLKhWTOSpdtLKMyWw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Extend the existing SEV boot tests to also cover SEV-ES guests. Also add some tests for handling #VC exceptions for cpuid instructions using both MSR-based and GHCB-based vmgexits. Signed-off-by: Michael Roth --- .../selftests/kvm/x86_64/sev_all_boot_test.c | 63 ++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c index 8df7143ac17d..58c57c4c0ec1 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -18,6 +18,7 @@ #include "svm_util.h" #include "linux/psp-sev.h" #include "sev.h" +#include "sev_exitlib.h" #define VCPU_ID 2 #define PAGE_SIZE 4096 @@ -31,6 +32,10 @@ #define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) +/* Globals for use by #VC handler. */ +static void *ghcb0_gva; +static vm_paddr_t ghcb0_gpa; + static void fill_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) { int i, j; @@ -171,6 +176,47 @@ guest_sev_code(struct sev_sync_data *sync, uint8_t *shared_buf, uint8_t *private guest_test_done(sync); } +static void vc_handler(struct ex_regs *regs) +{ + sev_es_handle_vc(ghcb0_gva, ghcb0_gpa, regs); +} + +static void __attribute__((__flatten__)) +guest_sev_es_code(struct sev_sync_data *sync, uint8_t *shared_buf, + uint8_t *private_buf, uint64_t ghcb_gpa, void *ghcb_gva) +{ + uint32_t eax, ebx, ecx, edx, token = 1; + uint64_t sev_status; + + guest_test_start(sync); + +again: + /* Check CPUID values via GHCB MSR protocol. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + + /* Check SEV bit. */ + SEV_GUEST_ASSERT(sync, token++, eax & (1 << 1)); + /* Check SEV-ES bit. */ + SEV_GUEST_ASSERT(sync, token++, eax & (1 << 3)); + + if (!ghcb0_gva) { + ghcb0_gva = ghcb_gva; + ghcb0_gpa = ghcb_gpa; + /* Check CPUID bits again using GHCB-based protocol. */ + goto again; + } + + /* Check SEV and SEV-ES enabled bits (bits 0 and 1, respectively). */ + sev_status = rdmsr(MSR_AMD64_SEV); + SEV_GUEST_ASSERT(sync, token++, (sev_status & 0x3) == 3); + + guest_test_common(sync, shared_buf, private_buf); + + guest_test_done(sync); +} + static void setup_test_common(struct sev_vm *sev, void *guest_code, vm_vaddr_t *sync_vaddr, vm_vaddr_t *shared_vaddr, vm_vaddr_t *private_vaddr) @@ -216,7 +262,18 @@ static void test_sev(void *guest_code, uint64_t policy) setup_test_common(sev, guest_code, &sync_vaddr, &shared_vaddr, &private_vaddr); /* Set up guest params. */ - vcpu_args_set(vm, VCPU_ID, 4, sync_vaddr, shared_vaddr, private_vaddr); + if (policy & SEV_POLICY_ES) { + vm_vaddr_t ghcb_vaddr = vm_vaddr_alloc_shared(vm, PAGE_SIZE, 0); + + vcpu_args_set(vm, VCPU_ID, 6, sync_vaddr, shared_vaddr, private_vaddr, + addr_gva2gpa(vm, ghcb_vaddr), ghcb_vaddr); + /* Set up VC handler. */ + vm_init_descriptor_tables(vm); + vm_install_exception_handler(vm, 29, vc_handler); + vcpu_init_descriptor_tables(vm, VCPU_ID); + } else { + vcpu_args_set(vm, VCPU_ID, 4, sync_vaddr, shared_vaddr, private_vaddr); + } sync = addr_gva2hva(vm, sync_vaddr); shared_buf = addr_gva2hva(vm, shared_vaddr); @@ -248,5 +305,9 @@ int main(int argc, char *argv[]) test_sev(guest_sev_code, SEV_POLICY_NO_DBG); test_sev(guest_sev_code, 0); + /* SEV-ES tests */ + test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev(guest_sev_es_code, SEV_POLICY_ES); + return 0; } From patchwork Tue Oct 5 23:44:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538193 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4EB16C433F5 for ; Tue, 5 Oct 2021 23:46:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 387266128A for ; Tue, 5 Oct 2021 23:46:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237173AbhJEXr4 (ORCPT ); Tue, 5 Oct 2021 19:47:56 -0400 Received: from mail-bn8nam11hn2217.outbound.protection.outlook.com ([52.100.171.217]:8641 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237101AbhJEXru (ORCPT ); Tue, 5 Oct 2021 19:47:50 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TdWIclDF6YfAbv6KvIkVCc4vHpoed5hFiom+nAbnUoJvlJ8l4hs3EwcaQGNWNDwji5EdSBa1Mg4zC3BFTp6MsoI+tOZt6fT4nW0gLlbdmjOfJxz+XT9lEyL+m5wapYsoOKStYZ6ruJqJyH7rySY66rEmVA7ZnzzsH4QBKruZvLLbjYMFOJHeSJqRWEINvxvgEBQPV7MT1MK6py5BR38V9br899RIQEPkKtzpgOnIY5wb6yGJPL3xpcvJAbYu1u84zeQhy8t/sncir+rQroQlYH4Nt68Nq/q7Q4S7+e3l0UzDAZLq0sDlFnesWJkkm2doBPYIQVZ9VaaxHF9wcW8jzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ad7xBnwHZqqbp+Spvucmt1/DsIcgno9wjq9UBqWKFWA=; b=VMRcJeRrYp3ALeTc1pvo+ZpcaWgptzFRyYKcnII5DwkcLA8e4Gu5NZSCbmcozLuRIuvTEGZSEtakqdKe9KMk7l1tW9bKzd7FPUtQMqowbYGSbDs1iSUFc5QY5WYXuyxBSYhpZm7URo9AibqwJNbXfNzSnlKJ9BhBuDBcXDkz9GWAleu8Ro7ggb3gt1TsoISKlr7gRcmxViLu02eZN4B28RgOnY3VOaANGHwpCH7GkxFRSGV+DI8Mf4kAuvHl+3iZJYK6aq7hp0AwPefO1cGqtmi4Jl4OfFb62eHfCkFtOT1j3uaWNU28Q+b0UZXpGqn0w4uYdq6wy5UuWpBsn83XWQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ad7xBnwHZqqbp+Spvucmt1/DsIcgno9wjq9UBqWKFWA=; b=3B7rXD++mJ1Fg4nqgNEzG9McZKXZnqPQkpjCIYfcdA6cLuKRkI6OCePA1dr01x/8KlVny0ez3GNcE28ppGZz+BwihiTjonC0gT3lePX2xFLKlZJM+NHPKFVt8spZwIMekZrDYoYHa4dh5S+VoPAMsQRkczg90fNtl/ONZ7hBUE0= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:53 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:53 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 13/16] KVM: selftests: add support for creating SEV-SNP guests Date: Tue, 5 Oct 2021 18:44:56 -0500 Message-Id: <20211005234459.430873-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA0PR12CA0028.namprd12.prod.outlook.com (2603:10b6:806:6f::33) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA0PR12CA0028.namprd12.prod.outlook.com (2603:10b6:806:6f::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Tue, 5 Oct 2021 23:45:52 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c16ed738-1981-428a-6ad0-08d9885a4483 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Sc/4dFjqL8A+YZ+S+IQSh/vfMIrDQ02/jRFsGWoBoW2cSIVGZrYto4jNbKNokiv1YBlyLecSO/CymNlMmTpuAfkNodlOkEi9dl7+qsi6e8dtIwo+6cmubwr8oqICEfgX4Oolz+Y44QrKjcdOJaN0w3TVhVzCpDxXS1OOs5n7gBeXSF7sGHam7LC90aXQI7jw/m8xMHFoL7NOlusSlb22Za4lfldiWO4TqctXXyUZUalEQ9MjBnStMWbd/qrgMG8D6JAB8ncv7y36iJ0O66Z6eEfLN/37FKT/K3ZPaHqLQs21KlkKzOiwveW37WUS6FXefXziSf0gckqKku3a12T0PmbdzFtAYggrIXrnzyWjlbS8cvQkKrIl3IBF43ECGWi78gzkuxQM3+UZ/Z9ktlPyL5A2pcVXZHTSoww2ZJIo7CH9Fk6yQQAliyv6wLonkVjkpN96py6JV4YHIrrL44O605Phl6FAoBBntDCiGGH7pv6qsmcsN88gW5OQTNKyKVgCLEq08tYKCLnMrPcFE0U3B5Rw7sBTSUl6yblHHoYxMtioCdo5jrjifiOZ1VNFOsOR49rMRBcijFLXuybp2GquoqDcUPnFFSLmQg0Oq8qhgTR4T++34g/B79bppUGqw18zTHCRA4r0Jdh/ivgEiZB54fL7M1Ye07fl7rcjUWxc/RTyrmyz4NVUl7AaLwny7asiO7pFmw4LoCe2t9TQ0PUY/WDERDL1pVSIRvJYLOAkExSbt1AA1uehQurhNtOm0PWHJ7ZNF40386UKy8Uu0v4Qph9yJp0mCmivsrQHcDRDn5dMZ+n156CzlJ9/HEvNHT3sCZSyIaUgnB3Hi/j8rm8Febm7rlYH7lMbef5HkNpkD39P51WQCoj6fIlvnxST7i61w8s5eVY8/gwWXFKyLjUxI3yJWYZ5B6L3hteGI2IgSRBpq+ROhxINE7dgjuf+DDu9oRHhkeiFtQp6DB8NkLHBEXKxyvKkoRxBmq4UKUCnKP9EqFp7IGZz/CYaV9gHld+/JZPgnO3Dq2Wl6/JpgU9BOf2RCwmfV5cukAOmnkvBZlM= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: 2XjJuItbHKSbhvYuQEP5d23DESRji8cSsh5yeMz+o5H6g/2nms8r9TrVXhpJhx28H2il8SgI5hkU4k8PfZsRlDWcz2ZT/Mdc59arx9wCqQPeyrGltA+KxyuzQ1XuNUsdQazJCWRfnhDLJ8jvIDlLKmvydVyaF3bK3sobb1r9KikkqPPm/8YpCi+NctPz/LPxacZCmFjbFBMSOAkEb+iRUcTWS2Upk3+ervSEIogYGH8r6feyR+OnVDSSmGxRMab/lzk4eBCVekZtpS795NOKZHUbiMKo6FJrPYYayihNvXYYA4OGgxlA6HlYNHhGlhMTz855WDKrrVgfeouBJ5k/QuIJWeQ/pYqALxTq8X4nzhhyPuYVziXHm2rD7sjzOOzv2Glgac3Jdi0aKzES2LdrSbOTYw1Pli8XzH5zRWqOOfRVSXoqs31baXU82APykHKk53CibFTQyxL2dYB7zyH9z4DDaYFHlF8bdX/ha6Jc82U7hxkMGEUjb5PUsSZSh/P6ttUY38hxF9kfNHeLoqu7C57qZ2J/1bEjaJCPYz+DcgSI133Q8BB6j192maXkHa1PZEgfR0O2Em/aRiqw49Ee5gYnhLyP16iure7rptsJvVqin+v6eIcIRL+dYa+qSCYZpI1fyYqqrgBePIrDeRzN65wUsDuOe2McnsMeHAyHGdnJjwZEwTYANYL/EZ/fMh268vBy+XEamN4U/K1lwCAWryc7auaAlJAobbMV50KZZR+f7fRWRnkIC44P7KBmkDFTXlbygbhDlrhEYpiJLI5u6bxTqHdWMt9YKOjxayGVOyoGMOZzUodVOP6k0+CtgM0hhZA4tJGXLCfcsATy05tMOm9PLn9S57BP11rHPbGIJdTjlqBeZ1I+Nhy/zr4iIIMaxMNfuBfbu66OPk4dWsVnORIrtS9ci+fpd9x/I45tZkJWAs5bYVlhk9KHhW4IFzsk37ryBGfYOydErjZ9Ye/ZLiQYESmi9fd3eWM+Rrfy235+Bd22oah4bM4zEmEtWuvzMr/f7JisM5IxSmAfMEq62y3NmQr1sMVAu7VHfqSCHT+e7YY2mqyULRjmAwmMr5YzfZgIsRVzj8LQ05IwpXDGf2yCSPmmLGkf8ysxRDprxHaocnksTp7ipep7Bt4QTrhSwp1xh/WvGbw/NrfS6UwVE+bERukpBOdC+4Y5Pl6kcNp4OYkhWr+41n/5PKUyRwALQM0cCvaco2V6UIGGQbpHkRNRoIRfVnHgs3URnrE1OHk/0mCSwP3LAtr2GSz7E/cY64fKofjh6KumHagx6j5h+JOmfMy80nRjW7RRp1E4wPK7BNaF+NwMX0HZqoxBvxN8 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c16ed738-1981-428a-6ad0-08d9885a4483 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:53.0759 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: z1lOS6WBwJ/hHoSKxIVD19B68fpDX+zF+dB8D02HeKi/2O+kS3JyGt7Fi7YK94iR7vQd4Kzf9JbITrtCie+aug== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org SEV-SNP uses an entirely different set of KVM_SEV_* ioctls to manage guests. The needed vm_memcrypt callbacks are different as well. Address these differences by extending the SEV library with a new set of interfaces specific to creating/managing SEV-SNP guests. These guests will still use a struct sev_vm under the covers, so some existing sev_*() helpers are still applicable. Signed-off-by: Michael Roth --- .../selftests/kvm/include/x86_64/sev.h | 8 ++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 77 ++++++++++++++++++- 2 files changed, 82 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h index d2f41b131ecc..f3e088c03bdd 100644 --- a/tools/testing/selftests/kvm/include/x86_64/sev.h +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -18,6 +18,10 @@ #define SEV_POLICY_NO_DBG (1UL << 0) #define SEV_POLICY_ES (1UL << 2) +#define SNP_POLICY_SMT (1ULL << 16) +#define SNP_POLICY_RSVD (1ULL << 17) +#define SNP_POLICY_DBG (1ULL << 19) + #define SEV_GUEST_ASSERT(sync, token, _cond) do { \ if (!(_cond)) \ sev_guest_abort(sync, token, 0); \ @@ -59,4 +63,8 @@ void sev_vm_launch(struct sev_vm *sev); void sev_vm_measure(struct sev_vm *sev, uint8_t *measurement); void sev_vm_launch_finish(struct sev_vm *sev); +struct sev_vm *sev_snp_vm_create(uint64_t policy, uint64_t npages); +void sev_snp_vm_free(struct sev_vm *sev); +void sev_snp_vm_launch(struct sev_vm *sev); + #endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c index d01b0f637ced..939d7d5dff41 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -20,6 +20,7 @@ struct sev_vm { int fd; int enc_bit; uint32_t sev_policy; + uint64_t snp_policy; }; /* Helpers for coordinating between guests and test harness. */ @@ -119,6 +120,12 @@ void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data) /* Local helpers. */ +static bool sev_snp_enabled(struct sev_vm *sev) +{ + /* RSVD is always 1 for SNP guests. */ + return sev->snp_policy & SNP_POLICY_RSVD; +} + static void sev_register_user_range(struct sev_vm *sev, void *hva, uint64_t size) { @@ -147,6 +154,21 @@ sev_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); } +static void +sev_snp_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_snp_launch_update update_data = {0}; + + pr_debug("encrypt_phy_range: addr: 0x%lx, size: %lu\n", gpa, size); + + update_data.uaddr = (__u64)addr_gpa2hva(sev->vm, gpa); + update_data.start_gfn = gpa >> PAGE_SHIFT; + update_data.len = size; + update_data.page_type = KVM_SEV_SNP_PAGE_TYPE_NORMAL; + + kvm_sev_ioctl(sev, KVM_SEV_SNP_LAUNCH_UPDATE, &update_data); +} + static void sev_encrypt(struct sev_vm *sev) { struct sparsebit *enc_phy_pages; @@ -171,9 +193,14 @@ static void sev_encrypt(struct sev_vm *sev) if (pg_cnt <= 0) pg_cnt = 1; - sev_encrypt_phy_range(sev, - gpa_start + pg * vm_get_page_size(vm), - pg_cnt * vm_get_page_size(vm)); + if (sev_snp_enabled(sev)) + sev_snp_encrypt_phy_range(sev, + gpa_start + pg * vm_get_page_size(vm), + pg_cnt * vm_get_page_size(vm)); + else + sev_encrypt_phy_range(sev, + gpa_start + pg * vm_get_page_size(vm), + pg_cnt * vm_get_page_size(vm)); pg += pg_cnt; } @@ -308,3 +335,47 @@ void sev_vm_launch_finish(struct sev_vm *sev) TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, "Unexpected guest state: %d", ksev_status.state); } + +/* SEV-SNP VM implementation. */ + +struct sev_vm *sev_snp_vm_create(uint64_t policy, uint64_t npages) +{ + struct kvm_snp_init init = {0}; + struct sev_vm *sev; + struct kvm_vm *vm; + + vm = vm_create(VM_MODE_DEFAULT, 0, O_RDWR); + sev = sev_common_create(vm); + if (!sev) + return NULL; + sev->snp_policy = policy | SNP_POLICY_RSVD; + + kvm_sev_ioctl(sev, KVM_SEV_SNP_INIT, &init); + vm_set_memory_encryption(vm, true, true, sev->enc_bit); + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); + sev_register_user_range(sev, addr_gpa2hva(vm, 0), npages * vm_get_page_size(vm)); + + pr_info("SEV-SNP guest created, policy: 0x%lx, size: %lu KB\n", + sev->snp_policy, npages * vm_get_page_size(vm) / 1024); + + return sev; +} + +void sev_snp_vm_free(struct sev_vm *sev) +{ + kvm_vm_free(sev->vm); + sev_common_free(sev); +} + +void sev_snp_vm_launch(struct sev_vm *sev) +{ + struct kvm_sev_snp_launch_start launch_start = {0}; + struct kvm_sev_snp_launch_update launch_finish = {0}; + + launch_start.policy = sev->snp_policy; + kvm_sev_ioctl(sev, KVM_SEV_SNP_LAUNCH_START, &launch_start); + + sev_encrypt(sev); + + kvm_sev_ioctl(sev, KVM_SEV_SNP_LAUNCH_FINISH, &launch_finish); +} From patchwork Tue Oct 5 23:44:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538195 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 673E6C433EF for ; Tue, 5 Oct 2021 23:46:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4E98261248 for ; Tue, 5 Oct 2021 23:46:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237116AbhJEXsH (ORCPT ); Tue, 5 Oct 2021 19:48:07 -0400 Received: from mail-bn8nam11hn2217.outbound.protection.outlook.com ([52.100.171.217]:8641 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237159AbhJEXr4 (ORCPT ); Tue, 5 Oct 2021 19:47:56 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FsrquY6FraHrzETT3XWuofKHvz049UcHvcQRfgS64zZcqQp14+FriQ2agcCVO+IZ/utBTVA1QtYoiirX7PEWjo8kXQZH57jg1TcjQ0au6yy8NnNhAJpOTyC+CjJTpaJVQVfOAzu80y+8s4ShOIMi/+Izpu+k5u/3P3d06SwFotlIlO92I+0JBuyNXwgL5jeB0iIQOw6ArJX7GjomOViX36SIKSYk19wE8zMRnoYcqsaW6hcD9ufOUFxgfkelKO2FqnV+D8LA2x3jE2UV0NrngsOz0LfuK8zzurqlhtpb45vpbDRfZiwMiGPQB07pJaxVC7ubVTiFNhgmxy7ZdUCC1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=w1yt174BkP9mJg2zq1FVO4125cgDK7TQCy43M1tA0dQ=; b=RN+GiteUJPD6wjVhC3TG5t+gNRjNsSjxwuPGiv66A2tdPM6etnoMMSzzNuWd/YMq6Y4gZkv4IMirIBqAbcnfq7UbowyXlQmmS3nFucK/6qnl44Q9yUrMahIGgxyNxbt/hh8hX9hY4mb5I38ws8Rc4Ewky06LyUYzsd3HtRu9k5EGxkR69qG0Qfm/0kCn8yUEh0Yv8bC5JFm/rj/XmXHfJGCX9o8ST8jk6A/dnNxl+teqoYAh251ZaKQiqIMsu7A8p3S5ZDrv1Y6VQcDGFuFuvo3B/wvfak0p3lJr7+lAW07O3VWe2r2LvT8GxSNBuomK+Foguk8HC2Wy0vYZ4pUqpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=w1yt174BkP9mJg2zq1FVO4125cgDK7TQCy43M1tA0dQ=; b=OdPsDhxksuMLN+M024/n9TvdjOJ6g01rhQXjMPdwu+cyHdifW/wO/Q6Pu6RA7N5nH/x/iczsrTMhZl5gx0lYBy++wA/PxYg7q1s/57PUSzTVuHGYpZCTldRRvw/AB9KIGBV9NQuH1BwKZYvZ/S04nAz1CwLPwsOpBgYWLEBwbE8= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:55 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:55 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 14/16] KVM: selftests: add helpers for SEV-SNP-related instructions/exits Date: Tue, 5 Oct 2021 18:44:57 -0500 Message-Id: <20211005234459.430873-15-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA0PR12CA0008.namprd12.prod.outlook.com (2603:10b6:806:6f::13) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA0PR12CA0008.namprd12.prod.outlook.com (2603:10b6:806:6f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Tue, 5 Oct 2021 23:45:54 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e7d518b7-110a-4923-d5e1-08d9885a4591 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4502; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XOi0RpoIEyj2Ig8c14VGuaNm39r1AmZCYaNr5SUeC0BRmy891O6puwEe3u3WMGHjOU4KDgBe46axm9HUwO5MnlVMPElh1I6o5Hwjh0xqxXXX0bw/i5kd6qMBVKLHVL/fLxJs3TQ01R1U2YTqwcf3Ugf7SmIZIBCrhJbAEwuhz22oNGQvoNf0HrnKq4eyX3ZkMK5XBkJvmrwM4YS10hCcmyDE8Rpl1IEN5qxh1isYtuUeULMPNW1oxq+QEqOstvZDtHXvebfw36qblbiNewvo+3PUvawXXFgl+faqrpuDa/FzzN1XPr1CHBvdxP1PD8T2a/8ZspxPAtkpbqWfwKKFAlUuJw6mCm8wZHmJmcmqNyhjHN6A99DbSK3csxaHSDE3vfTgWISDpOA6EsybDy/UjsaQJvEU08nXSC8nT/RIH73XeEg/1cyQ45jJTCu60H70ZOoEHGPe7KeAPDv03EzsjqPMfRZ+nsVJPkLJIlIgRuaNHr3hD6zBogBGvqSnupqXWXdaKzj/95L/nIixlYSN4xONy4rDD0wl0ByLUQxTskSjEw4Hr7bpgyNR5c0bcvLWJy6FoUiiJkPTFsYwo0EK6/6U+UgO8MohXo/OnC3/dD8WoVJ3D9qa04D45OEzCXwGapfxQoa1+Ufg0vsQrlSOeFGvK/GBdd6+nfU7T9J57mFr7PMlQF+6Xi3POwYbXpEt8U1TZcurQ8CY+C4i3T/OU/XYIRHe60xpB3Icp+xlowdgCkQXc32sa97oxvorwMYu7nK9bsfg0H/NJROWrEIvSQsf5GYdaJKklH8nzeJcxMTJ4MWruDADwS0NN4JtQIWqyPWq2tzSgNfjJW9mqf/uetn6ceQTfFWXojdH9V8g9m6dAPcrEz5kyM/2PJIkUhmlW7cmNsWpvv7sI24bu8Gmv4pytYGNxg9I5OjDYrgZi4P2V1kCYPsiJNUTbm75GOuokhrK+1E/w2Z55LmtsFD/Q3IbLKH2HwquGyBjMDTHIqqVMUGTS2YNl5sCqz9JLTyFr9XWT0Rzj6q8uzugFgC/7rW0ufgu1p1puLVdsHwy/DI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: /oc4fZremX9mz4r8mFATbDIY3z1S+qJSCaaZx7NRYooKYxW3bpL6lo+81xmmHhJ0wROQ8+PnI9yuhPDg4olVNVriNQ8Be+7YbindGlDCba3bayUyMdLyq4lwED7KyRd671tYwtDzL3JjXNWHKrDIx8XZ2bqupDuy6nRLBwstjzZyi8I6AlcoZpO7hcedoiushJZNS6IlCRwjxWyyRlV2oJ98znOOSxXBGnaDF98s5SDnVrjaAmi/fM4O4qFI801dGznDQkooHg6rcq88eD5Q8CFNstCmKvrnVnOod+veg6b3k7HFRF6anXutRJ4JetIzu6lKQPg2NBoA5tX3roalSRNrcaYvTT9ziYVh2P2IjGlM/V6VbZlopUHV2Do+g/DYCSs7F95BpmL4TW608hquGfq+3ECF50ItnyfWcU2tjy1PCLqdADSSCZflncwuNZRbmQZBUkBdwNl3K9lkf4syQL6zA7/I2SglolIfcUaga4RyRqwmsg10w2Mwg5LYZyvHxRLKlOkLQa7qGjZBNoCeYtMw8XEcwKJFQ0+hovA70TSOTJmZm2aVEHI92uWh7Leclqgej64MgyURLoVDU+laI9XwtdS/PODwPFJX+vkotxw8Nu8mbGiUQSaipu9Ok6D54B0PLefv81PZ9BRv+iHzJB7ozRQ8b1wyEp22kLYxsNJAOBfScPwPT4YC4UTQ+LH9/BPCunGCktVRffnlaCccPiRPMWVrB7Lu8ojY9j72mOjr8Hv2yLLRj84qp6u0jdjTHVJcUCsv3n5m1AOXHEoBKZzv20KthkZgOQhWG8YWZmUdMir3Ro/tvlgZuy59lRnqSp4pvPWt8mxCq9vHEV/hfRdtMGBg9DEgIGjQAwryUml6gDGRyat01Ced43+bAWRqBasFCo7q9ch8VRAeCxPnrnw2jaqn14LenZlw9DQDE2ctUDw0+s1gba4UnSmbp00SwIjPYBgj8olbR145o1ZXwDCcSWQ3WApqEFGQOR0s3LvxJHQFx7EfholK0g/CkpW53PZkGfK714viLmG0RxT/3sEhQP1agSRnf+vLl9QOHNSE+eR8DhyfOOs9IymOytrvpZQyoeFHMo7DT9/TlpgH8gOQnxIhSTsO7QfEY7VU7q7Haj9xbogBcS8E9mZJHIICiC1rLkLEn0DY1ejCVhqdEKlWJ2wyJoEFgGSzYVkUpDSC/lnp8e9zkoi9Ux5odlHtUgAA7CsSwkUNEFDFyooRl+14FvQoxhyKee17dzprgtTWKMdlGNeCTYTmQFAlDE4RyAcweKRHx3Kl+Nbv4JzwECozG3eYXKBHZEOoWePH0ktL0cJDIe2qPw9LUF2Wcu24 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: e7d518b7-110a-4923-d5e1-08d9885a4591 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:54.8262 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 8R08/G5LHXpIyOYxkHvVRycbhn48YUU3l0riiXy7OkdCdoGQIek5alJVC95SUHtYCyN8+xVXEKLwJJwZ3X7+Bw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Extend the existing sev_exitlib with helpers for handling pvalidate instructions and issuing page-state changes via the GHCB MSR protocol. Subsequent SEV-SNP-related tests will make use of these in guest code. Signed-off-by: Michael Roth --- .../kvm/include/x86_64/sev_exitlib.h | 6 ++ .../selftests/kvm/lib/x86_64/sev_exitlib.c | 77 +++++++++++++++++++ 2 files changed, 83 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h b/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h index 4b67b4004dfa..5c7356f9e925 100644 --- a/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h +++ b/tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h @@ -8,7 +8,13 @@ #ifndef SELFTEST_KVM_SEV_EXITLIB_H #define SELFTEST_KVM_SEV_EXITLIB_H +#define PVALIDATE_NO_UPDATE 255 + int sev_es_handle_vc(void *ghcb, u64 ghcb_gpa, struct ex_regs *regs); void sev_es_terminate(int reason); +void snp_register_ghcb(u64 ghcb_gpa); +void snp_psc_set_shared(u64 gpa); +void snp_psc_set_private(u64 gpa); +int snp_pvalidate(void *ptr, bool rmp_psize, bool validate); #endif /* SELFTEST_KVM_SEV_EXITLIB_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c b/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c index b3f7b0297e5b..546b402d5015 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c @@ -51,6 +51,19 @@ #define GHCB_REG_GPA_RESP(resp) ((resp) & GENMASK_ULL(11, 0)) #define GHCB_REG_GPA_RESP_VAL(resp) ((resp) >> 12) +/* GHCB MSR protocol for Page State Change */ +#define GHCB_PSC_REQ_PRIVATE 1 +#define GHCB_PSC_REQ_SHARED 2 +#define GHCB_PSC_REQ_PSMASH 3 +#define GHCB_PSC_REQ_UNSMASH 4 +#define GHCB_PSC_REQ_CODE 0x14UL +#define GHCB_PSC_REQ(gfn, op) \ + (((unsigned long)((op) & 0xf) << 52) | \ + ((unsigned long)((gfn) & ~(1ULL << 40)) << 12) | \ + GHCB_PSC_REQ_CODE) +#define GHCB_PSC_RESP_CODE 0x15UL +#define GHCB_PSC_RESP(resp) ((resp) & GENMASK_ULL(11, 0)) + /* GHCB format/accessors */ struct ghcb { @@ -247,3 +260,67 @@ int sev_es_handle_vc(void *ghcb, u64 ghcb_gpa, struct ex_regs *regs) return handle_vc_cpuid(ghcb, ghcb_gpa, regs); } + +void snp_register_ghcb(u64 ghcb_gpa) +{ + u64 gfn = ghcb_gpa >> PAGE_SHIFT; + u64 resp; + + sev_es_wrmsr_ghcb(GHCB_REG_GPA_REQ(gfn)); + VMGEXIT(); + + resp = sev_es_rdmsr_ghcb(); + if (GHCB_REG_GPA_RESP(resp) != GHCB_REG_GPA_RESP_CODE || + GHCB_REG_GPA_RESP_VAL(resp) != gfn) + sev_es_terminate(GHCB_TERMINATE_REASON_UNSPEC); +} + +static void snp_psc_request(u64 gfn, int op) +{ + u64 resp; + + sev_es_wrmsr_ghcb(GHCB_PSC_REQ(gfn, op)); + VMGEXIT(); + + resp = sev_es_rdmsr_ghcb(); + if (GHCB_PSC_RESP(resp) != GHCB_PSC_RESP_CODE) + sev_es_terminate(GHCB_TERMINATE_REASON_UNSPEC); +} + +void snp_psc_set_shared(u64 gpa) +{ + snp_psc_request(gpa >> PAGE_SHIFT, GHCB_PSC_REQ_SHARED); +} + +void snp_psc_set_private(u64 gpa) +{ + snp_psc_request(gpa >> PAGE_SHIFT, GHCB_PSC_REQ_PRIVATE); +} + +/* From arch/x86/include/asm/asm.h */ +#ifdef __GCC_ASM_FLAG_OUTPUTS__ +# define CC_SET(c) "\n\t/* output condition code " #c "*/\n" +# define CC_OUT(c) "=@cc" #c +#else +# define CC_SET(c) "\n\tset" #c " %[_cc_" #c "]\n" +# define CC_OUT(c) [_cc_ ## c] "=qm" +#endif + +int snp_pvalidate(void *ptr, bool rmp_psize, bool validate) +{ + uint64_t gva = (uint64_t)ptr; + bool no_rmpupdate; + int rc; + + /* "pvalidate" mnemonic support in binutils 2.36 and newer */ + asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFF\n\t" + CC_SET(c) + : CC_OUT(c) (no_rmpupdate), "=a"(rc) + : "a"(gva), "c"(rmp_psize), "d"(validate) + : "memory", "cc"); + + if (no_rmpupdate) + return PVALIDATE_NO_UPDATE; + + return rc; +} From patchwork Tue Oct 5 23:44:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538197 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0C31C433EF for ; Tue, 5 Oct 2021 23:46:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9308C61215 for ; Tue, 5 Oct 2021 23:46:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237109AbhJEXsI (ORCPT ); Tue, 5 Oct 2021 19:48:08 -0400 Received: from mail-bn8nam11hn2208.outbound.protection.outlook.com ([52.100.171.208]:38080 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S236966AbhJEXr6 (ORCPT ); Tue, 5 Oct 2021 19:47:58 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YBQR4frYlhS46ZJDTL2VnZcXiLM5LplQjUoTfQN3CZu0EY7CE0FtkguYfB99iuL0k/43owEmvmkjbw4NzuLvaefM/1H3NFjr4tkyNYNb1GUxil9JSMiawI5bf1fda35FGrAxbO5JQjtcDa03Y9jYJuN/lXX3B8/keXmu4fzSx2EoJCNAJfGBs0L/pegwqySjmIFGQuE9Jug7NQAbtcxbz7IftuxsQJsYhdbmQl8Z6KUAdOlcBD/khDWLrrmLVumPqw9jBQoFvngCuP2BDBPPMnVcxY2Z4/qUfnRiBG0MBAYKpaUcm5HkrDvnMBKmXpifWgZUCPxJyna9LWiDa7ANHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ukg735LtZUz8u/3Gx7DRtsq8S0qw8QEJzUvZN9TkjK0=; b=IUh3NjwdvKG92+/BMjhpO2neLRZQS3//L00Hb/ELoMmNTZSq8SQwFidpKQQzcjU980s7VDOxnvMtVmicVS8nrcXO5HSWt66P8tNjpY2db1bJxLybzJXFOLJ6TG7RpE/yLOYFr8xQlQOd6FREyIAfXCaAyPP/nravwlZpzPjckW8QUojp5TzV1NOaPbNcqdHF097fnhcRvct6kouAlAeN9DeB7xM6rUQr2YKImLJesSYJPxvt31KvHNVzwQK6X+s4SUUuSzDdiI7OsX+eysJ15dkg5Yy9zvRKXMN/kJ1ljwi1eJZI2V17XYAvs2kNWh+hgJshEa6DWoUBqFtXACQLww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ukg735LtZUz8u/3Gx7DRtsq8S0qw8QEJzUvZN9TkjK0=; b=VWI4oGUmuES5HqHuzeTfMPxRiDrQ+Q4MC3gjOh3NTMT4UgkFsYdPi0I3BrGsDzREI+v2s6zXodkqYZ6fVraAf1/lbmI/gmkgrKQzuH1MxFn1aPx7YZNSpuAPtG96sNv6sQ6sB2EtH84Bqcux0NG7cOw403jDexlHH5LjIUHLgzc= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:56 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:56 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 15/16] KVM: selftests: add SEV-SNP boot tests Date: Tue, 5 Oct 2021 18:44:58 -0500 Message-Id: <20211005234459.430873-16-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA0PR12CA0007.namprd12.prod.outlook.com (2603:10b6:806:6f::12) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA0PR12CA0007.namprd12.prod.outlook.com (2603:10b6:806:6f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Tue, 5 Oct 2021 23:45:56 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e8a4d8f8-0054-4700-f5b9-08d9885a468c X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vJSeYd6diUa6l/HwGkYfefmAbaDQuSfpSnCr+lCwRodQQIa4nCOBN0ANKR8Pan0j+LYdP1eEpQ5/vPqfOxAEsf4mgImUMvjYcn31a3YtPl24Q8/3Rf2RYoOwxZHA7i7L6nS8TPPHEAeBaxULogl0pX7nI7ZojLiOQfYuKWkHaMpIhedtCRRuBei2VHDQ4ReTTxX+fyMovjkIDzilCkfgiXi0/D/J4d9wZUcnuvGXILpuXr22cBfQQtGm8PqLhx4giUA8KUq3j4ol5lBKjrppagaUFlQOj/dZX39i1hJvjOdDgVY+O3Gv8ZFjSlFLVMpAYAI/TKbVlordsc24UTdZ4CDu5f9nNw2c6HCn8CWw3PCdggKR3nQeTJUMVWd9xsg/GF1h//lEQfuLRLwKhVFBQnJNtbdZp/k8GAY8AtVQ88WrLyOLEIWvZ1I0qOuwSicMQ6DY/RkLU6I70thAtQXhL4bxX31Nbad4Y+6S6gCIF2FRSYhJQ95ZYEUOeyPyRL8A/+1MpSMCzw/QYR2LUmLR74ivBWnY0V9u/peIzhZOf4nC88mT7aocDC+qUAUbkUQFlyWEZxW3I+8n0awSOmmWo2Tj3Fl344K1pCz+KsqNV26GuugapCwg22VCmaZ10QFDGjD8Pe9Apg6jdrWzLO9KvxYohIF03g2RKA7Wx74Wq5asecFk0tgenGTm8TRzCJV0N8ifMfzpnZOC1ZsgtlkxbJeEOqNo+31AYO+CfVTAHcML9Tr2d7P0bRKNa4Fa+bsvHJYvFcpFfhaBGt3IHQ61TfK41tZ3WcPsWNebXy9mNn4hHrUWTBFlpOAw/RizIJ94VZBoUEnJS2HUF6eItcxUI0cOQTMhmDuEMkGm1Hb4joowlFfynk13u7S5E917dhoNBkHH3YTzsb7Z6K2xo8a14PA0fhsGnb4X7rRHYC2kHPh3gsjdBlkf+JWdEDOkrvrAwr6vj7IdZnbtkn/auaASWM34uuxSeA+l/GsvDKAtx5AeL4uxgnN4v77HJGLxkUSLEJXOHGInpq57PgKnOXjIuEtatZMHAkJem0woZRR0zL8= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: L5Ga/gLQn6uwcs4dPCYBl3aCrCImjYnHbb4+xdDXhkeAB3gMb183jOfF0ptO+QStMY0TVpwc8Wo4uikH9GOiciMd73Sc1nUZFiHFhpemakCT9sNjWnS11A2p05C/MjecqHXoIZ8SQLQiYE1+dvLYpaNFamezHPCNxZcyu3zlItdKRTnHFN6yFAhHN+hUMU/PSeSeVm4Hz2f+J2oVMSugNf+C4cQo70FulQweVDT+tdUAZFVsfkxssN6lYhYE3g6joMqKjDoeqKXBmx09K+WieERaaq5VW5gr70bJ8amD7vY/b51LzIWN+eaVAQ8e1uYaDswuXAP/58ohcDWbScjO/5a1t97nm9cxMyj2kkpAp038+RxjLXRakx/2bnr0BnLZnYZdHov3ns+3uDX5XeuB79xH6ApUgORvterpwPkp+WrtAQ6cKlLOWv68wBdoV18rdLuZrmIS38jd3DUQoXWuo5dCYfm1lChWQlkIxVuJsq6mrq8khGgN4zMRMgmZTkEy4MILlq0lAAbg8LxJFym4/TlxhkZXwWmRqn8rnJ599zr6FdxenJ/2l/8NP+6t9zb2wvDJ+XQqkPbz6QLu6hyy0ezXhG3t/eLLPrmU1yUWs7txGXXixHabXLk/RNjmGANVVPGMUrMH8EonSlVoh8I8WejrBX4o/mSeFJBRRbWTH0JyqlbbxnriY8wzBmZWg1jE2BFUzbcFoJ2F/t6/8a+IVIvZLp70gXtVZt4ytRqcj4JGI53oQ6HTOJdZeH/G2ATfrTZRQDa0LEEv2MBQSBQJ9aB+6HGk//cXx2Gl3cBUPZ3RF/QQdFCsGuYf5Y3YtoAczJTeY6d5a7aJJU1WjSDnugF4O2ISotlUbbd30jm4vKsp3e5nL23PVeuX+ulx+ijeD0+ivHQnSvEtx86O0s/8uyGkF9bQA2vs+RNLcImKpN2HTo31OHVe7w6Qbb6PdBPsvqGctkZkrgvvOOhrhLiUTPQz3vU/NS9UaTDNDaZnzMTs49Y+4M7GpkG4l/SGfeqBtc4WZb8RdmB9CO78f+DfrPWck4SVHcVUwg34l3uj/Foc6sicgCbjS1clSXxtTWpNlFheqtjLRfTY8kzXY/NxvJ2Mo/PtTZm5Lkxv5SgGBTWgQ+v+wo9o/EQ0FwLX1ir5oyfgqEIXwcovwVkdDDOyFwWxcO2n+m2g0xcucRjBZNuQc+keJthIqluOH623VIaP9MbMDtQ2CAVNdKqBEOxv2Qp+oV73GPNshUFiRuf3RadE3bvL3dnXqwXEBvtgHM97QLTYr9jZxUQXtGw/p2GRL2AHW0cRPGhJjDw39V7xeLabJar8vNVkjH83hrZCVs0C X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: e8a4d8f8-0054-4700-f5b9-08d9885a468c X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:56.6422 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Jyd/GhVc6hYbUuVsG+tfzM6UhLxhWzfVWRte60h3RlDw6f5GALaXPolZ8Mnqql0loNkkLLBXls70zYw81kINYw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org Extend the existing SEV/SEV-ES boot tests to also cover SEV-SNP guests. Also add a basic test to check validation state of initial guest memory. Signed-off-by: Michael Roth --- .../selftests/kvm/include/x86_64/svm_util.h | 1 + .../selftests/kvm/x86_64/sev_all_boot_test.c | 86 +++++++++++++++---- 2 files changed, 71 insertions(+), 16 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/svm_util.h b/tools/testing/selftests/kvm/include/x86_64/svm_util.h index 4319bb6f4691..6c51fc304ce9 100644 --- a/tools/testing/selftests/kvm/include/x86_64/svm_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/svm_util.h @@ -18,6 +18,7 @@ #define SVM_EXIT_CPUID 0x072 #define SVM_EXIT_VMMCALL 0x081 +#define SVM_EXIT_NOT_VALIDATED 0x404 struct svm_test_data { /* VMCB */ diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c index 58c57c4c0ec1..3d8048efa25f 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -217,6 +217,48 @@ guest_sev_es_code(struct sev_sync_data *sync, uint8_t *shared_buf, guest_test_done(sync); } +static void __attribute__((__flatten__)) +guest_sev_snp_code(struct sev_sync_data *sync, uint8_t *shared_buf, + uint8_t *private_buf, uint64_t ghcb_gpa, void *ghcb_gva) +{ + uint32_t eax, ebx, ecx, edx, token = 1; + uint64_t sev_status; + int ret; + + guest_test_start(sync); + +again: + /* Check CPUID values via GHCB MSR protocol. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + + /* Check SEV bit. */ + SEV_GUEST_ASSERT(sync, token++, eax & (1 << 1)); + /* Check SEV-ES bit. */ + SEV_GUEST_ASSERT(sync, token++, eax & (1 << 3)); + + if (!ghcb0_gva) { + ghcb0_gva = ghcb_gva; + ghcb0_gpa = ghcb_gpa; + snp_register_ghcb(ghcb0_gpa); + /* Check CPUID bits again using GHCB-based protocol. */ + goto again; + } + + /* Check SEV/SEV-ES/SEV-SNP enabled bits (bits 0, 1, and 3, respectively). */ + sev_status = rdmsr(MSR_AMD64_SEV); + SEV_GUEST_ASSERT(sync, token++, (sev_status & 0x7) == 7); + + /* Confirm private data was validated by FW prior to boot. */ + ret = snp_pvalidate(private_buf, 0, true); + SEV_GUEST_ASSERT(sync, token++, ret == PVALIDATE_NO_UPDATE); + + guest_test_common(sync, shared_buf, private_buf); + + guest_test_done(sync); +} + static void setup_test_common(struct sev_vm *sev, void *guest_code, vm_vaddr_t *sync_vaddr, vm_vaddr_t *shared_vaddr, vm_vaddr_t *private_vaddr) @@ -244,7 +286,7 @@ setup_test_common(struct sev_vm *sev, void *guest_code, vm_vaddr_t *sync_vaddr, fill_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); } -static void test_sev(void *guest_code, uint64_t policy) +static void test_sev(void *guest_code, bool snp, uint64_t policy) { vm_vaddr_t sync_vaddr, shared_vaddr, private_vaddr; uint8_t *shared_buf, *private_buf; @@ -254,7 +296,8 @@ static void test_sev(void *guest_code, uint64_t policy) struct kvm_vm *vm; int i; - sev = sev_vm_create(policy, TOTAL_PAGES); + sev = snp ? sev_snp_vm_create(policy, TOTAL_PAGES) + : sev_vm_create(policy, TOTAL_PAGES); if (!sev) return; vm = sev_get_vm(sev); @@ -262,7 +305,7 @@ static void test_sev(void *guest_code, uint64_t policy) setup_test_common(sev, guest_code, &sync_vaddr, &shared_vaddr, &private_vaddr); /* Set up guest params. */ - if (policy & SEV_POLICY_ES) { + if (snp || (policy & SEV_POLICY_ES)) { vm_vaddr_t ghcb_vaddr = vm_vaddr_alloc_shared(vm, PAGE_SIZE, 0); vcpu_args_set(vm, VCPU_ID, 6, sync_vaddr, shared_vaddr, private_vaddr, @@ -280,34 +323,45 @@ static void test_sev(void *guest_code, uint64_t policy) private_buf = addr_gva2hva(vm, private_vaddr); /* Allocations/setup done. Encrypt initial guest payload. */ - sev_vm_launch(sev); + if (snp) { + sev_snp_vm_launch(sev); + } else { + sev_vm_launch(sev); - /* Dump the initial measurement. A test to actually verify it would be nice. */ - sev_vm_measure(sev, measurement); - pr_info("guest measurement: "); - for (i = 0; i < 32; ++i) - pr_info("%02x", measurement[i]); - pr_info("\n"); + /* Dump the initial measurement. A test to actually verify it would be nice. */ + sev_vm_measure(sev, measurement); + pr_info("guest measurement: "); + for (i = 0; i < 32; ++i) + pr_info("%02x", measurement[i]); + pr_info("\n"); - sev_vm_launch_finish(sev); + sev_vm_launch_finish(sev); + } /* Guest is ready to run. Do the tests. */ check_test_start(vm, sync); check_test_common(vm, sync, shared_buf, private_buf); check_test_done(vm, sync); - sev_vm_free(sev); + if (snp) + sev_snp_vm_free(sev); + else + sev_vm_free(sev); } int main(int argc, char *argv[]) { /* SEV tests */ - test_sev(guest_sev_code, SEV_POLICY_NO_DBG); - test_sev(guest_sev_code, 0); + test_sev(guest_sev_code, false, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, false, 0); /* SEV-ES tests */ - test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); - test_sev(guest_sev_es_code, SEV_POLICY_ES); + test_sev(guest_sev_es_code, false, SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev(guest_sev_es_code, false, SEV_POLICY_ES); + + /* SEV-SNP tests */ + test_sev(guest_sev_snp_code, true, SNP_POLICY_SMT); + test_sev(guest_sev_snp_code, true, SNP_POLICY_SMT | SNP_POLICY_DBG); return 0; } From patchwork Tue Oct 5 23:44:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12538199 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8083C433F5 for ; Tue, 5 Oct 2021 23:46:41 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8FC0260EE3 for ; Tue, 5 Oct 2021 23:46:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237151AbhJEXsb (ORCPT ); Tue, 5 Oct 2021 19:48:31 -0400 Received: from mail-bn8nam11hn2217.outbound.protection.outlook.com ([52.100.171.217]:8641 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S237240AbhJEXsH (ORCPT ); Tue, 5 Oct 2021 19:48:07 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BAE1+BeUwCym5tr3UcdT9gvtJN/cbxZuvReH0Uk334mYWa+izijZ2LsrQeree/suomH0PWw3h3u/37QmCIqkcKGB6mhHAm7TuVP0I/LH13Ju35eeo3Lwglkvws47xLgabFXE8T0Be051YaYjni/TowcukQslBbOyT5WYrDH/h0EbOnMGIVOdnuqC6NX2NjJd9Pq5aKCk029ZsYko0yYe9hQ7+badPgjYuzyYJeIm0qJ0Zp5Oh6ZO8BLrNtNln5h8auOJQ8sL/CLEUDqVBvGVj28uCdpw5HANCDL55DW7NNwHXGz6xaa5OuhivwAuGmD1BVi7m9d74lWpzU9+wCSA3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qBVg4Filp1xn8ZowPTaMrMyh17Zi4wOJlTQEV8OVZZ0=; b=mxewDvH3zXqfVY71valu68jrkWMh9+WFv01ripMccv8ExK9NjBwMKpjbyFsj+fDwnq0K+BeagWlrlNLU51GJ0uK8THLg/QAPz2tcMXM3v5j41MEgxX1H6zAWSrGoKk5pzRc0+RDTwbCsgx1RP6msFilIMrfhIffUa6tromsbyKf24As+aJY/cOPLBI8cwfeUJSwEdYM86lU6oqzCmDm+u2hE5rS3VH+RMoNdWgwkhEJmG4bpQbCL0uZjPnyTzo//I7KsA40TX+8JAWC0lDgFF5Ocj0gXeGMBBtEKgpgiHhRefVMB8JRhNdg4HOy+Ru3LN445bAlTL/IMT06PVqXMVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qBVg4Filp1xn8ZowPTaMrMyh17Zi4wOJlTQEV8OVZZ0=; b=rChr1hSg8AYXNsRKKRLaLIvaIyuI1l059CI8pOb+xjanhUSzrSE2oAvH0YZggnDO2kYvvTAhkhcVWvgxDxfOLiqf66NX30oerCtmN1zo0kDftlOH5NZ564FKqp568Ti+LELRq90rjun1KEToyU9XHWfjIS06ZzPWxYEhHoSWF8o= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4566.22; Tue, 5 Oct 2021 23:45:58 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::59b0:c983:56:ec27%5]) with mapi id 15.20.4587.018; Tue, 5 Oct 2021 23:45:58 +0000 From: Michael Roth To: linux-kselftest@vger.kernel.org Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Nathan Tempelman , Marc Orr , Steve Rutherford , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , David Woodhouse , Ricardo Koller , Jim Mattson , Wanpeng Li , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" Subject: [RFC 16/16] KVM: selftests: add SEV-SNP tests for page-state changes Date: Tue, 5 Oct 2021 18:44:59 -0500 Message-Id: <20211005234459.430873-17-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005234459.430873-1-michael.roth@amd.com> References: <20211005234459.430873-1-michael.roth@amd.com> X-ClientProxiedBy: SA0PR12CA0007.namprd12.prod.outlook.com (2603:10b6:806:6f::12) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 Received: from localhost (165.204.77.1) by SA0PR12CA0007.namprd12.prod.outlook.com (2603:10b6:806:6f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.18 via Frontend Transport; Tue, 5 Oct 2021 23:45:57 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0ff2a08d-5bd3-4bb3-539f-08d9885a4793 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2887; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HC2nK3t+jm2U4hd++jGfU5QJdAzuyq91n7TVZGGeP2cXxxoUqDiokbI9Z4ydrmma0pn5UVnu3TOb9gWDPtZzc3zCAoC0RGTE/wqNB44UoF/FPlbOdu5lEeD8tqSPrtiZ9JenIIoOlQdP7OwisIpzLr+1fdbSH1Mwp+99Vn496iQv55DB1iHofNga+dTEQkI52OA/wcg6JQAvu6PMcoycdKdwfLhj/9ceKavWSriLiQk0ti+VcC+v2gr7hroYKo3VTAXhso+Mm+Kg3HAcg3RtTf3/vYFpdFp6jz3AQVp+dfxSv2JO6RPqrvV+wvzzPsYx1VqDENeySD4TMxHFDWmnt4MBNxHA3v24f/ez1M9NbIcBQ4KfHgguGWnsDjaIW2eO/gE5W/dDPZ0786FKAh/gstlZb4j2kTeK9M7fI4ZQlaAtHZ/oZ5K30fz9nIqk148Wq6tZ1sgOmOZEhXya1Zg1dYDaR3fRSonUia1d+TL4M9aF6rWKjjiODXI0b5fcUKapDwFkDsVa3NS/KpNKTpolv4xL/BZ9v+hOmmBMebDO86Fk46vy67vEwr82bzQN+6BGXwda53GFehpY3q9OktGBLmm8lq2P9H04umwj8FvI2Oqt/tUMIcGN+U+m4gV2UJZxP76eAJh9fGI9RqbdME/YsEWe6LyjgE9VDmgfwx1A7HxMjeAgKCMpup6HsspjGwjLS+d062+Cw9pGm9n+oLyNyvkDOkev/S/nYv8xg+E7OmMEErdSUvv22BUTUKF8YT0wENVLiZcLjDSo330ZW/ASSH1n6c5Mc0mRBxzD5UnIdDJRn4D6089h3LuNc5BLieE/jBby9mmnXk6ozLqnOhMKN2GarO1itXnuf19vQpPvty6PFMpRVBPzXkGQnpZgfOdomqjcE/xeomtDmYU8JvCuVLyNskh1eunI7/ylfAAIBd+NjcDCnB5IWa7M8B7OdRWwSF2Sp6RZgJNdBrG5XQmwdhyCrPtemzWa971/4vqeZxukNhONCCeZgvUwl/s+PPAfmkAzjeQalsQMqBox9TqU7qGAYJoJy4l6owlXyU/zCpg= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:CH2PR12MB4133.namprd12.prod.outlook.com;PTR:;CAT:OSPM;SFS:(4636009)(366004)(8936002)(5660300002)(6486002)(30864003)(6916009)(316002)(8676002)(44832011)(26005)(54906003)(66946007)(38350700002)(66556008)(66476007)(83380400001)(38100700002)(52116002)(956004)(508600001)(36756003)(7416002)(86362001)(2616005)(4326008)(1076003)(6496006)(186003)(2906002)(23200700001);DIR:OUT;SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: zRjvnVX3M6YQOWgo9bvXAOdWPj/DT+0cgvEgX2WQcTv79GuUmkssymMNta/ttdCY/9zTDM37HYaOobnDikerJCkqxooz3x7pvsYOAxk3HBZk1u+FBUq0k0DAnW59a9XR0FoRcOCdiM8lna5OfsjPOqrlkwftbBI1GwXPXyBFXyQtncmo4yysdUMnU6U9SEXXKyJSPjqE+D5eO5zh0/R12jJqRd3LBdAwWHY5E2Y2ksUAdtLZqgUIYeq3mpeC0iZGzjHadFmvBnWLBGYWNcOnmK2cPsL4feG3r1JnTf+Heihql9QlUq6S9kmuP6ffWPP3IUajKRUIMYCFcI4qYXIkv0UPBYdknYYtaZH6bmNdFqDO/u9Uu32kZg2anRDAfXdPO4YVmXCGmnyvNPbt9xf1oD3p8MU/pILRGmxzuF1xFMQtIxKXLn3A1SwA9VtKWDsX+DRkQ7JRTs1+R1Gx+IDFnqW1qO5AhijehyJxnbx6DG0lYdvt755C9dbJDGVyUuDPHj3AVpyOHdwW+16uaOg92eqksTXbybPKTq8NoUocYQJ5YEvd0WpsxAkhIsSwnoiIRuErHY3InNvZlvvqWIxfuURKV9RbPsgyOlxmGb8aYqm8l+4Z1uEP+Haimdu0Yh5sjKJkMTE47fFGbnMS+xVcwYfk0nd2smqKblyN1Z7HIWO6r5KHlbihdL7ho+RNmhpxlie+G3jALjecF3lu6sDK+5DKBKOkL5bMBm+DrAniwYa3CLyU5GyHDDfgsAK3wQnfxeuQXzErtlOoLMsodcrnrc8M95DuqqMQa4ncMpRxm52ZSs/keKJ246H7KEfRXvMP4xX4niMZr0fgkb6SqEU+euXR0Fbzr/uuvCUM2098y8B8WYtdCR8bxLLkXg2r53Ibp7lCKw5/dDS2P3AusVYM6KO2WaBuclv61qdiCBrBzgq4ha1Q/ZqSe7t3jw8NHWGzkM+H3mEgqRY+n41aw+rSaUGShfWNU9XjXOWdyYy9+YzGlnTjsyMB3kNOFiff2bsOcxtTI2BsOCHf7KEyl0BPWRAqi7Y+nOeHt/QaF8x4JRQcdOyA20R+h7PmbgHgp/fTtmMiQOaaU6S0VCiuWsaAQZdZXZALq1h9o6b0zbCSncu5abA6uJBPZrSr0yMdohUE8Ky8r81MOBo0S2+l5hgtdUV051QYAo8VsYoVTmLRyeY6LhJ2WxIj/c+0uhWfnTMPSjwqzSlQjuPxuFm6K2MfSz2/iytvLVmgjrDvARExuixRB3ShJFCS5cKBukTpwJrIWW39+KLKl5dzmvF8rQhCHOtYwBe9JcwDCb2Zy05p53nM6pujaqHvxRYNoOuH6BE9 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0ff2a08d-5bd3-4bb3-539f-08d9885a4793 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2021 23:45:58.1625 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3H4GIFWkK6mn9BvIJnp/L8/GjJJtWZrVysc1amD0Tuuv+H+KEp5wFdvYLEwDoxpzaXzEdlLhzwRdyX2mo2aC0Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Precedence: bulk List-ID: X-Mailing-List: linux-kselftest@vger.kernel.org With SEV-SNP guests memory is marked as private/shared or validated/un-validated in the RMP table. Transitioning memory between these states can be done within a guest via pvalidate instructions and the page-state changes via GHCB protocol. Add a number of tests to cover various permutations of the operations across shared/private guest memory. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_snp_psc_test.c | 378 ++++++++++++++++++ 3 files changed, 380 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_snp_psc_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index 824f100bec2a..cad9ebe7728d 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -39,6 +39,7 @@ /x86_64/xss_msr_test /x86_64/vmx_pmu_msrs_test /x86_64/sev_all_boot_test +/x86_64/sev_snp_psc_test /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 7b3261cc60a3..b95fb86f12aa 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -73,6 +73,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test TEST_GEN_PROGS_x86_64 += x86_64/sev_all_boot_test +TEST_GEN_PROGS_x86_64 += x86_64/sev_snp_psc_test TEST_GEN_PROGS_x86_64 += access_tracking_perf_test TEST_GEN_PROGS_x86_64 += demand_paging_test TEST_GEN_PROGS_x86_64 += dirty_log_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_snp_psc_test.c b/tools/testing/selftests/kvm/x86_64/sev_snp_psc_test.c new file mode 100644 index 000000000000..695abcd14792 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_snp_psc_test.c @@ -0,0 +1,378 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * SEV-SNP tests for pvalidate and page-state changes. + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" +#include "sev_exitlib.h" + +#define VCPU_ID 0 +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1UL << PAGE_SHIFT) +#define PAGE_STRIDE 64 + +/* NOTE: private/shared pages must each number at least 4 and be power of 2. */ + +#define SHARED_PAGES 512 +#define SHARED_VADDR_MIN 0x1000000 + +#define PRIVATE_PAGES 512 +#define PRIVATE_VADDR_MIN (SHARED_VADDR_MIN + SHARED_PAGES * PAGE_SIZE) + +#define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) +#define LINEAR_MAP_GVA (PRIVATE_VADDR_MIN + PRIVATE_PAGES * PAGE_SIZE) + +struct pageTableEntry { + uint64_t present:1; + uint64_t ignored_11_01:11; + uint64_t pfn:40; + uint64_t ignored_63_52:12; +}; + +/* Globals for use by #VC handler and helpers. */ +static int page_not_validated_count; +static struct sev_sync_data *guest_sync; +static uint8_t enc_bit; + +static void fill_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + buf[i * PAGE_SIZE + j] = val; +} + +static bool check_buf_nostop(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + bool matches = true; + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + if (buf[i * PAGE_SIZE + j] != val) + matches = false; + return matches; +} + +static bool check_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + if (buf[i * PAGE_SIZE + j] != val) + return false; + + return true; +} + +static void vc_handler(struct ex_regs *regs) +{ + int ret; + + if (regs->error_code == SVM_EXIT_NOT_VALIDATED) { + unsigned long gva; + + page_not_validated_count++; + + asm volatile("mov %%cr2,%0" : "=r" (gva)); + ret = snp_pvalidate((void *)gva, 0, true); + SEV_GUEST_ASSERT(guest_sync, 9001, !ret); + + return; + } + + ret = sev_es_handle_vc(NULL, 0, regs); + SEV_GUEST_ASSERT(guest_sync, 20000 + regs->error_code, !ret); +} + +#define gpa_mask(gpa) (gpa & ~(1ULL << enc_bit)) +#define gfn_mask(gfn) (gfn & ~((1ULL << enc_bit) >> PAGE_SHIFT)) +#define va(gpa) ((void *)(LINEAR_MAP_GVA + (gpa & ~(1ULL << enc_bit)))) +#define gfn2va(gfn) va(gfn_mask(gfn) * PAGE_SIZE) + +static void set_pte_bit(void *ptr, uint8_t pos, bool enable) +{ + struct pageTableEntry *pml4e, *pdpe, *pde, *pte; + uint16_t index[4]; + uint64_t *pte_val; + uint64_t gva = (uint64_t)ptr; + + index[0] = (gva >> 12) & 0x1FFU; + index[1] = (gva >> 21) & 0x1FFU; + index[2] = (gva >> 30) & 0x1FFU; + index[3] = (gva >> 39) & 0x1FFU; + + pml4e = (struct pageTableEntry *)va(gpa_mask(get_cr3())); + SEV_GUEST_ASSERT(guest_sync, 1001, pml4e[index[3]].present); + + pdpe = (struct pageTableEntry *)gfn2va(pml4e[index[3]].pfn); + SEV_GUEST_ASSERT(guest_sync, 1002, pdpe[index[2]].present); + + pde = (struct pageTableEntry *)gfn2va(pdpe[index[2]].pfn); + SEV_GUEST_ASSERT(guest_sync, 1003, pde[index[1]].present); + + pte = (struct pageTableEntry *)gfn2va(pde[index[1]].pfn); + SEV_GUEST_ASSERT(guest_sync, 1004, pte[index[0]].present); + + pte_val = (uint64_t *)&pte[index[0]]; + if (enable) + *pte_val |= (1UL << pos); + else + *pte_val &= ~(1UL << pos); + + asm volatile("invlpg (%0)" ::"r" (gva) : "memory"); +} + +static void guest_test_psc(uint64_t shared_buf_gpa, uint8_t *shared_buf, + uint64_t private_buf_gpa, uint8_t *private_buf) +{ + bool success; + int rc, i; + + sev_guest_sync(guest_sync, 100, 0); + + /* Flip 1st half of private pages to shared and verify VMM can read them. */ + for (i = 0; i < (PRIVATE_PAGES / 2); i++) { + rc = snp_pvalidate(&private_buf[i * PAGE_SIZE], 0, false); + SEV_GUEST_ASSERT(guest_sync, 101, !rc); + snp_psc_set_shared(private_buf_gpa + i * PAGE_SIZE); + set_pte_bit(&private_buf[i * PAGE_SIZE], enc_bit, false); + } + fill_buf(private_buf, PRIVATE_PAGES / 2, PAGE_STRIDE, 0x43); + + sev_guest_sync(guest_sync, 200, 0); + + /* + * Flip 2nd half of private pages to shared and hand them to the VMM. + * + * This time leave the C-bit set, which should cause a 0x404 + * (PAGE_NOT_VALIDATED) #VC when guest later attempts to access each + * page. + */ + for (i = PRIVATE_PAGES / 2; i < PRIVATE_PAGES; i++) { + rc = snp_pvalidate(&private_buf[i * PAGE_SIZE], 0, false); + if (rc) + sev_guest_abort(guest_sync, rc, 0); + snp_psc_set_shared(private_buf_gpa + i * PAGE_SIZE); + } + + sev_guest_sync(guest_sync, 300, 0); + + /* + * VMM has filled up the newly-shared pages, but C-bit is still set, so + * verify the contents still show up as encrypted, and make sure to + * access each to verify #VC records the PAGE_NOT_VALIDATED exceptions. + */ + WRITE_ONCE(page_not_validated_count, 0); + success = check_buf_nostop(&private_buf[(PRIVATE_PAGES / 2) * PAGE_SIZE], + PRIVATE_PAGES / 2, PAGE_STRIDE, 0x44); + SEV_GUEST_ASSERT(guest_sync, 301, !success); + SEV_GUEST_ASSERT(guest_sync, 302, + READ_ONCE(page_not_validated_count) == (PRIVATE_PAGES / 2)); + + /* Now flip the C-bit off and verify the VMM-provided values are intact. */ + for (i = PRIVATE_PAGES / 2; i < PRIVATE_PAGES; i++) + set_pte_bit(&private_buf[i * PAGE_SIZE], enc_bit, false); + success = check_buf(&private_buf[(PRIVATE_PAGES / 2) * PAGE_SIZE], + PRIVATE_PAGES / 2, PAGE_STRIDE, 0x44); + SEV_GUEST_ASSERT(guest_sync, 303, success); + + /* Flip the 1st half back to private pages. */ + for (i = 0; i < (PRIVATE_PAGES / 2); i++) { + snp_psc_set_private(private_buf_gpa + i * PAGE_SIZE); + set_pte_bit(&private_buf[i * PAGE_SIZE], enc_bit, true); + rc = snp_pvalidate(&private_buf[i * PAGE_SIZE], 0, true); + SEV_GUEST_ASSERT(guest_sync, 304, !rc); + } + /* Pages are private again, write over them with new encrypted data. */ + fill_buf(private_buf, PRIVATE_PAGES / 2, PAGE_STRIDE, 0x45); + + sev_guest_sync(guest_sync, 400, 0); + + /* + * Take some private pages and flip the C-bit off. Subsequent access + * should cause an RMP fault, which should lead to the VMM doing a + * PSC to shared on our behalf. + */ + for (i = 0; i < (PRIVATE_PAGES / 4); i++) + set_pte_bit(&private_buf[i * PAGE_SIZE], enc_bit, false); + fill_buf(private_buf, PRIVATE_PAGES / 4, PAGE_STRIDE, 0x46); + + sev_guest_sync(guest_sync, 500, 0); + + /* Flip all even-numbered shared pages to private. */ + for (i = 0; i < SHARED_PAGES; i++) { + if ((i % 2) != 0) + continue; + + snp_psc_set_private(shared_buf_gpa + i * PAGE_SIZE); + set_pte_bit(&shared_buf[i * PAGE_SIZE], enc_bit, true); + rc = snp_pvalidate(&shared_buf[i * PAGE_SIZE], 0, true); + SEV_GUEST_ASSERT(guest_sync, 501, !rc); + } + + /* Write across the entire range and hand it back to VMM to verify. */ + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x47); + + sev_guest_sync(guest_sync, 600, 0); +} + +static void check_test_psc(struct kvm_vm *vm, struct sev_sync_data *sync, + uint8_t *shared_buf, uint8_t *private_buf) +{ + struct kvm_run *run = vcpu_state(vm, VCPU_ID); + bool success; + int i; + + /* Initial check-in for PSC tests. */ + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 100); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 200); + + /* 1st half of private buffer should be shared now, check contents. */ + success = check_buf(private_buf, PRIVATE_PAGES / 2, PAGE_STRIDE, 0x43); + TEST_ASSERT(success, "Unexpected contents in newly-shared buffer."); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 300); + + /* 2nd half of private buffer should be shared now, write to it. */ + fill_buf(&private_buf[(PRIVATE_PAGES / 2) * PAGE_SIZE], + PRIVATE_PAGES / 2, PAGE_STRIDE, 0x44); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 400); + + /* 1st half of private buffer should no longer be shared. Verify. */ + success = check_buf(private_buf, PRIVATE_PAGES / 2, PAGE_STRIDE, 0x45); + TEST_ASSERT(!success, "Unexpected contents in newly-private buffer."); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 500); + + /* 1st quarter of private buffer should be shared again. Verify. */ + success = check_buf(private_buf, PRIVATE_PAGES / 4, PAGE_STRIDE, 0x46); + TEST_ASSERT(success, "Unexpected contents in newly-shared buffer."); + + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 600); + + /* Verify even-numbered pages in shared_buf are now private. */ + for (i = 0; i < SHARED_PAGES; i++) { + success = check_buf(&shared_buf[i * PAGE_SIZE], 1, PAGE_STRIDE, 0x47); + if ((i % 2) == 0) + TEST_ASSERT(!success, "Private buffer contains plain-text."); + else + TEST_ASSERT(success, "Shared buffer contains cipher-text."); + } +} + +static void __attribute__((__flatten__)) +guest_code(struct sev_sync_data *sync, uint64_t shared_buf_gpa, uint8_t *shared_buf, + uint64_t private_buf_gpa, uint8_t *private_buf) +{ + uint32_t eax, ebx, ecx, edx; + + /* Initial check-in. */ + guest_sync = sync; + sev_guest_sync(guest_sync, 1, 0); + + /* Get encryption bit via CPUID. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + enc_bit = ebx & 0x3F; + + /* Do the tests. */ + guest_test_psc(shared_buf_gpa, shared_buf, private_buf_gpa, private_buf); + + sev_guest_done(guest_sync, 10000, 0); +} + +int main(int argc, char *argv[]) +{ + vm_vaddr_t shared_vaddr, private_vaddr, sync_vaddr; + uint8_t *shared_buf, *private_buf; + struct sev_sync_data *sync; + struct kvm_run *run; + struct sev_vm *sev; + struct kvm_vm *vm; + + /* Create VM and main memslot/region. */ + sev = sev_snp_vm_create(SNP_POLICY_SMT, TOTAL_PAGES); + if (!sev) + exit(KSFT_SKIP); + vm = sev_get_vm(sev); + + /* Set up VCPU and #VC handler. */ + vm_vcpu_add_default(vm, VCPU_ID, guest_code); + kvm_vm_elf_load(vm, program_invocation_name); + vm_init_descriptor_tables(vm); + vm_install_exception_handler(vm, 29, vc_handler); + vcpu_init_descriptor_tables(vm, VCPU_ID); + + /* Set up shared page for sync buffer. */ + sync_vaddr = vm_vaddr_alloc_shared(vm, PAGE_SIZE, 0); + sync = addr_gva2hva(vm, sync_vaddr); + + /* Set up additional buffer for reserved shared memory. */ + shared_vaddr = vm_vaddr_alloc_shared(vm, SHARED_PAGES * PAGE_SIZE, + SHARED_VADDR_MIN); + shared_buf = addr_gva2hva(vm, shared_vaddr); + memset(shared_buf, 0, SHARED_PAGES * PAGE_SIZE); + + /* Set up additional buffer for reserved private memory. */ + private_vaddr = vm_vaddr_alloc(vm, PRIVATE_PAGES * PAGE_SIZE, + PRIVATE_VADDR_MIN); + private_buf = addr_gva2hva(vm, private_vaddr); + memset(private_buf, 0, PRIVATE_PAGES * PAGE_SIZE); + + /* + * Create a linear mapping of all guest memory. This will map all pages + * as encrypted, which is okay in this case, because the linear mapping + * will only be used to access page tables, which are always treated + * as encrypted. + */ + virt_map(vm, LINEAR_MAP_GVA, 1UL << sev_get_enc_bit(sev), TOTAL_PAGES); + + /* Set up guest params. */ + vcpu_args_set(vm, VCPU_ID, 5, sync_vaddr, + addr_gva2gpa(vm, shared_vaddr), shared_vaddr, + addr_gva2gpa(vm, private_vaddr), private_vaddr); + + /* Encrypt initial guest payload and prepare to run it. */ + sev_snp_vm_launch(sev); + + /* Initial guest check-in. */ + run = vcpu_state(vm, VCPU_ID); + vcpu_run(vm, VCPU_ID); + sev_check_guest_sync(run, sync, 1); + + /* Do the tests. */ + check_test_psc(vm, sync, shared_buf, private_buf); + + /* Wait for guest to finish up. */ + vcpu_run(vm, VCPU_ID); + sev_check_guest_done(run, sync, 10000); + + sev_snp_vm_free(sev); + + return 0; +}