From patchwork Tue Oct 18 20:58:39 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4316 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2159094wrs; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7fcXn7GsQCCVchvibFEOGcbxyBTq86l3TiacJpddBLX56noDry9HMMsS0/+8Sk03EKmwAB X-Received: by 2002:a17:907:80b:b0:77a:86a1:db52 with SMTP id wv11-20020a170907080b00b0077a86a1db52mr4187536ejb.294.1666127002213; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127002; cv=none; d=google.com; s=arc-20160816; b=iUsu4ZmEER6nRr7JpC8EiJC9ttIHs3YtQ5evsV6mbhOckrQORaXPb1CBO/6d83mDMK 9TaXvHDfH5deKZpb14QdknHZvI9QxG83JoC4JLshgqQzpgxGQxFE5ObBnjyznqLXdF91 mnXD3SpBp4rh23o9G05oBPYgv96TUccZveUF4QldEyWz35jhpawr+ME1f6qQow+KHOfG 1pQfFLEg/7okDJeuZxYmcJ2+hL08bdwoLwll9J4fQ2pEkwrja4mUOjsjd1obVs3kqBmK P4F1KlBFDmj4cP69yjTsC8pGLfwYi1vN7tOV7yiu+OyqTFCLgG1Ei3dk/VipOx16H33Y tLyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=m9S/n+W1CVLuVrncZlJdXHSgguSt4z+6kqo4Mrml9oo=; b=0IsLp5IYzsMuf8Qp7jdVlsA/EmIHMarXzzEd6ClYYAfJfbfb1R0uk7Rf4LM3g8GiAY NGC9PpCE7KFAHBj6C+QwbOIfv+ajxKpsJEvd5kPUlDwHGSAOH9OmeYQxX9RZjgRBoR0K ukOgjjJtVHB5NT85WcFrD4RYGJgvVMcbUHMAyV2cQCd1bh6Ki111iU3DlAzt/9g/Vmay x+/2o6TtbXvi46QlTDs+zWyecXzunLHm9NbqobZccl5ujK+q+Jio9R7MphEsuGnEYzn5 zzoW/FRJqt2yeBhn9ra2Y5lOQvkPrEtltyJy/P9VULsXAtOjr/R3bQqqOA24IrRCy2yH iSVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XF+UyqA8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id en16-20020a056402529000b00457166171c6si10688468edb.432.2022.10.18.14.02.40; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XF+UyqA8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230164AbiJRU7E (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33548 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230149AbiJRU67 (ORCPT ); Tue, 18 Oct 2022 16:58:59 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92389C0695 for ; Tue, 18 Oct 2022 13:58:56 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id z5-20020a170903018500b00184aedd9c75so10484675plg.11 for ; Tue, 18 Oct 2022 13:58:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=m9S/n+W1CVLuVrncZlJdXHSgguSt4z+6kqo4Mrml9oo=; b=XF+UyqA8QFRcTUNYoTjqmhOpHqM3xEB1afs4v9SoTHp1Iajsx7th9i2RupMZ+d4Scc i691GAldNhlVJiE5iuQU5F3D5EgC/LyUfBQPUXdFGnDJqklfXwsGtrxENcSqoVEShGoV YdCiO8VN3ndV+zHOsvmyY6uI5aDBs1OEMxkXj9nZueyDVGfdbArSGe97ZPwVBGr3eXM7 xiC7CpMXUx4w/OkQjGtCdE5r4ewICSOdXY004CWyfh3DC9AftAl6LEwlH9Rpa5wEz4rr zwkoCYohoA40JeFA6GEgU/3uacOWv907JKLWEtddCJbVJymWsEyh5nJQ0sBAF4oHI4tV jYMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=m9S/n+W1CVLuVrncZlJdXHSgguSt4z+6kqo4Mrml9oo=; b=oHwU6n2CUUNSXyrv2NA5wlIicnz/uVxG4f33nL0Am0lXBXgWOxOoyEJDb3OaBrdFqi q6GWCqPQ9dfqQnHm85d18XZ74AWu1JT5/g9MCrBJgvihUcDfDAnVtpo+udW1dmpXiTlJ KjsQ9jctutv8J55dC2BXu8qDxqYHz4uHG9PAiI9otGQ4/BvBJn8XIU4D6S55kqpqj7F8 dyaHkonVXCCGun8npKV1ESdaeFP1DwZ+MhBj0uuJpaCF4AlHc7uUV5AVWgCjL7t67SnT ZGj4MNWvSz1h5U63kSLVQl+Evfay8kkFCt4+63FKToxbq2vsoGb0HEo9lTxvsSJTF1R/ cU2g== X-Gm-Message-State: ACrzQf1d67qBchpT4UbT5mhFoFUpFO2Gh7OX5fR5033hwHm53/JMneNk T3hKJzGYHKGD0/k5n54QOyQ46Jv2Hbo= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:90a:5408:b0:20a:d6b1:a2a7 with SMTP id z8-20020a17090a540800b0020ad6b1a2a7mr1864801pjh.2.1666126735734; Tue, 18 Oct 2022 13:58:55 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:39 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-2-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 1/7] KVM: selftests: sparsebit: add const where appropriate From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060787759910243?= X-GMAIL-MSGID: =?utf-8?q?1747060787759910243?= From: Michael Roth Subsequent patches will introduce an encryption bitmap in kvm_util that would be useful to allow tests to access in read-only fashion. This will be done via a const sparsebit*. To avoid warnings or the need to add casts everywhere, add const to the various sparsebit functions that are applicable for read-only usage of sparsebit. Reviewed-by: Andrew Jones Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../testing/selftests/kvm/include/sparsebit.h | 36 +++++++------- tools/testing/selftests/kvm/lib/sparsebit.c | 48 +++++++++---------- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/tools/testing/selftests/kvm/include/sparsebit.h b/tools/testing/selftests/kvm/include/sparsebit.h index 12a9a4b9cead..fb5170d57fcb 100644 --- a/tools/testing/selftests/kvm/include/sparsebit.h +++ b/tools/testing/selftests/kvm/include/sparsebit.h @@ -30,26 +30,26 @@ typedef uint64_t sparsebit_num_t; struct sparsebit *sparsebit_alloc(void); void sparsebit_free(struct sparsebit **sbitp); -void sparsebit_copy(struct sparsebit *dstp, struct sparsebit *src); +void sparsebit_copy(struct sparsebit *dstp, const struct sparsebit *src); -bool sparsebit_is_set(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_set_num(struct sparsebit *sbit, +bool sparsebit_is_set(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_set_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -bool sparsebit_is_clear(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_clear_num(struct sparsebit *sbit, +bool sparsebit_is_clear(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_clear_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -sparsebit_num_t sparsebit_num_set(struct sparsebit *sbit); -bool sparsebit_any_set(struct sparsebit *sbit); -bool sparsebit_any_clear(struct sparsebit *sbit); -bool sparsebit_all_set(struct sparsebit *sbit); -bool sparsebit_all_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_set(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_next_set(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *sbit, +sparsebit_num_t sparsebit_num_set(const struct sparsebit *sbit); +bool sparsebit_any_set(const struct sparsebit *sbit); +bool sparsebit_any_clear(const struct sparsebit *sbit); +bool sparsebit_all_set(const struct sparsebit *sbit); +bool sparsebit_all_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *sbit, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_set(struct sparsebit *sbitp, sparsebit_idx_t idx); @@ -62,9 +62,9 @@ void sparsebit_clear_num(struct sparsebit *sbitp, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_clear_all(struct sparsebit *sbitp); -void sparsebit_dump(FILE *stream, struct sparsebit *sbit, +void sparsebit_dump(FILE *stream, const struct sparsebit *sbit, unsigned int indent); -void sparsebit_validate_internal(struct sparsebit *sbit); +void sparsebit_validate_internal(const struct sparsebit *sbit); #ifdef __cplusplus } diff --git a/tools/testing/selftests/kvm/lib/sparsebit.c b/tools/testing/selftests/kvm/lib/sparsebit.c index 50e0cf41a7dd..6777a5b1fbd2 100644 --- a/tools/testing/selftests/kvm/lib/sparsebit.c +++ b/tools/testing/selftests/kvm/lib/sparsebit.c @@ -202,7 +202,7 @@ static sparsebit_num_t node_num_set(struct node *nodep) /* Returns a pointer to the node that describes the * lowest bit index. */ -static struct node *node_first(struct sparsebit *s) +static struct node *node_first(const struct sparsebit *s) { struct node *nodep; @@ -216,7 +216,7 @@ static struct node *node_first(struct sparsebit *s) * lowest bit index > the index of the node pointed to by np. * Returns NULL if no node with a higher index exists. */ -static struct node *node_next(struct sparsebit *s, struct node *np) +static struct node *node_next(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -244,7 +244,7 @@ static struct node *node_next(struct sparsebit *s, struct node *np) * highest index < the index of the node pointed to by np. * Returns NULL if no node with a lower index exists. */ -static struct node *node_prev(struct sparsebit *s, struct node *np) +static struct node *node_prev(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -273,7 +273,7 @@ static struct node *node_prev(struct sparsebit *s, struct node *np) * subtree and duplicates the bit settings to the newly allocated nodes. * Returns the newly allocated copy of subtree. */ -static struct node *node_copy_subtree(struct node *subtree) +static struct node *node_copy_subtree(const struct node *subtree) { struct node *root; @@ -307,7 +307,7 @@ static struct node *node_copy_subtree(struct node *subtree) * index is within the bits described by the mask bits or the number of * contiguous bits set after the mask. Returns NULL if there is no such node. */ -static struct node *node_find(struct sparsebit *s, sparsebit_idx_t idx) +static struct node *node_find(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -393,7 +393,7 @@ static struct node *node_add(struct sparsebit *s, sparsebit_idx_t idx) } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_all_set(struct sparsebit *s) +bool sparsebit_all_set(const struct sparsebit *s) { /* * If any nodes there must be at least one bit set. Only case @@ -776,7 +776,7 @@ static void node_reduce(struct sparsebit *s, struct node *nodep) /* Returns whether the bit at the index given by idx, within the * sparsebit array is set or not. */ -bool sparsebit_is_set(struct sparsebit *s, sparsebit_idx_t idx) +bool sparsebit_is_set(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -922,7 +922,7 @@ static inline sparsebit_idx_t node_first_clear(struct node *nodep, int start) * used by test cases after they detect an unexpected condition, as a means * to capture diagnostic information. */ -static void sparsebit_dump_internal(FILE *stream, struct sparsebit *s, +static void sparsebit_dump_internal(FILE *stream, const struct sparsebit *s, unsigned int indent) { /* Dump the contents of s */ @@ -970,7 +970,7 @@ void sparsebit_free(struct sparsebit **sbitp) * sparsebit_alloc(). It can though already have bits set, which * if different from src will be cleared. */ -void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) +void sparsebit_copy(struct sparsebit *d, const struct sparsebit *s) { /* First clear any bits already set in the destination */ sparsebit_clear_all(d); @@ -982,7 +982,7 @@ void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) } /* Returns whether num consecutive bits starting at idx are all set. */ -bool sparsebit_is_set_num(struct sparsebit *s, +bool sparsebit_is_set_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_cleared; @@ -1006,14 +1006,14 @@ bool sparsebit_is_set_num(struct sparsebit *s, } /* Returns whether the bit at the index given by idx. */ -bool sparsebit_is_clear(struct sparsebit *s, +bool sparsebit_is_clear(const struct sparsebit *s, sparsebit_idx_t idx) { return !sparsebit_is_set(s, idx); } /* Returns whether num consecutive bits starting at idx are all cleared. */ -bool sparsebit_is_clear_num(struct sparsebit *s, +bool sparsebit_is_clear_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_set; @@ -1042,13 +1042,13 @@ bool sparsebit_is_clear_num(struct sparsebit *s, * value. Use sparsebit_any_set(), instead of sparsebit_num_set() > 0, * to determine if the sparsebit array has any bits set. */ -sparsebit_num_t sparsebit_num_set(struct sparsebit *s) +sparsebit_num_t sparsebit_num_set(const struct sparsebit *s) { return s->num_set; } /* Returns whether any bit is set in the sparsebit array. */ -bool sparsebit_any_set(struct sparsebit *s) +bool sparsebit_any_set(const struct sparsebit *s) { /* * Nodes only describe set bits. If any nodes then there @@ -1071,20 +1071,20 @@ bool sparsebit_any_set(struct sparsebit *s) } /* Returns whether all the bits in the sparsebit array are cleared. */ -bool sparsebit_all_clear(struct sparsebit *s) +bool sparsebit_all_clear(const struct sparsebit *s) { return !sparsebit_any_set(s); } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_any_clear(struct sparsebit *s) +bool sparsebit_any_clear(const struct sparsebit *s) { return !sparsebit_all_set(s); } /* Returns the index of the first set bit. Abort if no bits are set. */ -sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *s) { struct node *nodep; @@ -1098,7 +1098,7 @@ sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) /* Returns the index of the first cleared bit. Abort if * no bits are cleared. */ -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *s) { struct node *nodep1, *nodep2; @@ -1152,7 +1152,7 @@ sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) /* Returns index of next bit set within s after the index given by prev. * Returns 0 if there are no bits after prev that are set. */ -sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1245,7 +1245,7 @@ sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, /* Returns index of next bit cleared within s after the index given by prev. * Returns 0 if there are no bits after prev that are cleared. */ -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1301,7 +1301,7 @@ sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, * and returns the index of the first sequence of num consecutively set * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1336,7 +1336,7 @@ sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, * and returns the index of the first sequence of num consecutively cleared * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1584,7 +1584,7 @@ static size_t display_range(FILE *stream, sparsebit_idx_t low, * contiguous bits. This is done because '-' is used to specify command-line * options, and sometimes ranges are specified as command-line arguments. */ -void sparsebit_dump(FILE *stream, struct sparsebit *s, +void sparsebit_dump(FILE *stream, const struct sparsebit *s, unsigned int indent) { size_t current_line_len = 0; @@ -1682,7 +1682,7 @@ void sparsebit_dump(FILE *stream, struct sparsebit *s, * s. On error, diagnostic information is printed to stderr and * abort is called. */ -void sparsebit_validate_internal(struct sparsebit *s) +void sparsebit_validate_internal(const struct sparsebit *s) { bool error_detected = false; struct node *nodep, *prev = NULL; From patchwork Tue Oct 18 20:58:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4315 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2159097wrs; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6AFpExhur+cIK0KfBh9IQQhnbqGCgvruhWqjzKva3GISEB+dQXEmUDFFNa659CkZc4pLIE X-Received: by 2002:a05:6402:1941:b0:457:13a:cce9 with SMTP id f1-20020a056402194100b00457013acce9mr4402325edz.265.1666127002438; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127002; cv=none; d=google.com; s=arc-20160816; b=FAvRRLgXxHi8PcUvNqKUf/fJYMss0IuM03fioHXqPK/6ucbJDXi4R3Rs+6dlolScrU 4Pnon1egWUAYM55tr2hAsyccsQrovDpaxFW9c+yC7nAMq2kc4brRtKBsr7sIAdDjPoO8 Ytc4eMms1eqwSJeJJoXNXQwYEVGDTxLBLaszm7pL6VE7nsZAhvPCMAhLNsqjsrvaU1RL S9bbgh2zMJ1kWHI80JjEGBnuF9N3sb3D3zECZcTqu0KnPwKwt/emUkcmOTQT3v3v6kQ2 GWnwMLvDSQZ8CWQUFdk22LSca79Mj9Br4+RZLz8D6ENgGOg2zd/fGFtbtc+g2jSu8tWp pHvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=dm0BAJRXbXrs7kBcZp+dxeyPGUHjPB12rWArnLP7msg=; b=rY/VCBAO1BK1psPGIlbIr+6EEdUK2ceC7J1LMuaPj+iAuIjfM90TZ+7U98v6YYwqjz TNX1iHOPcoalz0tZdXj3z0/58gSBMNJYPRzAyW5VOrlK72SxUY4JlkVKHKEsRxL0Ebfw MxOqtxjTEceKEbbYcNFhVdIvcEa72t2NMWTzN21hqIU4TzWn2mjuRpwNlcFLnuZPuqXz VC83nlYyGurdzT1vpjvz/NwpoULR2EJlsG5/2L07n/3+FaO92e+9kC2ClkD5Rg3t0RfG N68ZoSj2DiQubRToaPDXunpTSC7z7+qAkBUuiIRzNYoG2R4+qPdhJGI17UOdpn+t+KYC 4t1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=YF5VeFDy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c11-20020a0564021f8b00b00458ab55ccc9si13435323edc.168.2022.10.18.14.02.41; Tue, 18 Oct 2022 14:03:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=YF5VeFDy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230199AbiJRU7I (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33670 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230150AbiJRU7C (ORCPT ); Tue, 18 Oct 2022 16:59:02 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 181B6C06BF for ; Tue, 18 Oct 2022 13:58:58 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id j7-20020a170902da8700b0018540711393so8763615plx.18 for ; Tue, 18 Oct 2022 13:58:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=dm0BAJRXbXrs7kBcZp+dxeyPGUHjPB12rWArnLP7msg=; b=YF5VeFDyNQJ2ym8Y57EPDOEDneGD4XW9dGLt9NeoeMOFKRBStFaGBkpzLuIXnhrTct bFMMNIywz3eMLsi027WLwkml7N8AyUIDWSsdQ71xnTB3lclRIIJTZElOQJ3u5+uci4wM HffV50ggDKpdmFDKqClp0HneDe6g2Yq13ulSWP3AI6XpAHnjWln5bE0NWeGYDiHEnONB tUGhWPphmBjlL6y/JjPRQKod8MY4Le7inveQ2BSMPyrMLe9A3wIzJ5RifwreZJSiIYWI EsN41+348W/E7vAZ+gJ6SzsGkCRP4NtAzBVCrDNazMXZzRhmVNMaH60LlZHWLMaBcAEE oADA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dm0BAJRXbXrs7kBcZp+dxeyPGUHjPB12rWArnLP7msg=; b=cDiveu9TPa2lCSgcJL97nLvwTJIAvis5YYNqmOCtcy75aewmvisaAiQ4FaEgaDYT6f gGqeS37gU8ED5O8NSBLq/d8wx/d7qeQylY6MIKGkTNAy6Decm2Md7jd7XZ+5UMJXAfTd FDHPbdlBqjExlyJj67gOPCUi4AlpNr7uv/6v4t+4KGaR2Axy3qPIl9CvamFF/g7jB2ng 3XCVD3xc5lM/BvEGnPgukbndoV6f5fVl8wkJIv7pAHtTOtJ4gzexs0K0wW46mPWq6bqu S8wEc9ZU6CtoYo4Eh0Fb09siwxDXkStZE5uTBob/ybh69PTmRhyn34JVJmwQXWndWTDe dnkw== X-Gm-Message-State: ACrzQf21Rtx2OciOnhFJs8/JJsvixNJJx0l++Rd5bPRiOHvE0J3NLn8u Dn6fmwscQllHL0vBuTcCajhdzXhG/Z0= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:aa7:8e8c:0:b0:562:a549:efc5 with SMTP id a12-20020aa78e8c000000b00562a549efc5mr5126346pfr.20.1666126738024; Tue, 18 Oct 2022 13:58:58 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:40 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-3-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 2/7] KVM: selftests: add hooks for managing protected guest memory From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060787402767470?= X-GMAIL-MSGID: =?utf-8?q?1747060787402767470?= Add kvm_vm.protected metadata. Protected VMs memory, potentially register and other state may not be accessible to KVM. This combined with a new protected_phy_pages bitmap will allow the selftests to check if a given pages is accessible. Originally-by: Michael Roth Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 14 ++++++++++++-- tools/testing/selftests/kvm/lib/kvm_util.c | 16 +++++++++++++--- 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index c14d531a942a..625f13cf3b58 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -33,6 +33,7 @@ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ struct userspace_mem_region { struct kvm_userspace_memory_region region; struct sparsebit *unused_phy_pages; + struct sparsebit *protected_phy_pages; int fd; off_t offset; void *host_mem; @@ -90,6 +91,9 @@ struct kvm_vm { vm_vaddr_t handlers; uint32_t dirty_ring_size; + /* VM protection enabled: SEV, etc*/ + bool protected; + /* Cache of information for binary stats interface */ int stats_fd; struct kvm_stats_header stats_header; @@ -638,10 +642,16 @@ const char *exit_reason_str(unsigned int exit_reason); vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, uint32_t memslot); -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot); +vm_paddr_t _vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot, bool protected); vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm); +static inline vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + return _vm_phy_pages_alloc(vm, num, paddr_min, memslot, vm->protected); +} + /* * ____vm_create() does KVM_CREATE_VM and little else. __vm_create() also * loads the test binary into guest memory and creates an IRQ chip (x86 only). diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index f12ebd27f6e5..0ce5cdb52f0c 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -595,6 +595,7 @@ static void __vm_mem_region_delete(struct kvm_vm *vm, vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region); sparsebit_free(®ion->unused_phy_pages); + sparsebit_free(®ion->protected_phy_pages); ret = munmap(region->mmap_start, region->mmap_size); TEST_ASSERT(!ret, __KVM_SYSCALL_ERROR("munmap()", ret)); @@ -935,6 +936,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, } region->unused_phy_pages = sparsebit_alloc(); + region->protected_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, guest_paddr >> vm->page_shift, npages); region->region.slot = slot; @@ -1711,6 +1713,10 @@ void vm_dump(FILE *stream, struct kvm_vm *vm, uint8_t indent) region->host_mem); fprintf(stream, "%*sunused_phy_pages: ", indent + 2, ""); sparsebit_dump(stream, region->unused_phy_pages, 0); + if (vm->protected) { + fprintf(stream, "%*sprotected_phy_pages: ", indent + 2, ""); + sparsebit_dump(stream, region->protected_phy_pages, 0); + } } fprintf(stream, "%*sMapped Virtual Pages:\n", indent, ""); sparsebit_dump(stream, vm->vpages_mapped, indent + 2); @@ -1807,8 +1813,9 @@ const char *exit_reason_str(unsigned int exit_reason) * and their base address is returned. A TEST_ASSERT failure occurs if * not enough pages are available at or above paddr_min. */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) +vm_paddr_t _vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot, + bool protected) { struct userspace_mem_region *region; sparsebit_idx_t pg, base; @@ -1841,8 +1848,11 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, abort(); } - for (pg = base; pg < base + num; ++pg) + for (pg = base; pg < base + num; ++pg) { sparsebit_clear(region->unused_phy_pages, pg); + if (protected) + sparsebit_set(region->protected_phy_pages, pg); + } return base * vm->page_size; } From patchwork Tue Oct 18 20:58:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4321 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2161030wrs; Tue, 18 Oct 2022 14:06:46 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7PBF0yCUT10+gsaqcKzXWWrk5uQ1rbye3sFFy0HA4MsOIO3yUGBAJVQThm4mCpYTQgFLAy X-Received: by 2002:aa7:df04:0:b0:45b:cb0d:856a with SMTP id c4-20020aa7df04000000b0045bcb0d856amr4491253edy.180.1666127205903; Tue, 18 Oct 2022 14:06:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127205; cv=none; d=google.com; s=arc-20160816; b=1LH5hFCtci5cO1j+LXgr9q6SOEG5073pfYlGcxQ8tMoJMyEUU3e1My5Qgr1s4ll/8B 5E5Xb7jIejJk+tv4bE2v8mIw6kRhwTxvAYrDuYIMdbVtoT73+s6CUejt6dZvujIwI8UD 2ZWt4aHr8zNcagH6IG/V9mOTz+tTl8JL5EXEsIsVR1K/2ME035dflWxXIQA/DPUZEXzc 7TC/tV8VUVisVBPXraXuJLWwdUxAMUwd7hbZLWnllnGuRDQ/gP5jZIpvs3LOU9MymkKJ 6poEjT2lQxjFjX8CmZLU34pOVOkg1FPMfV58qXlK+l3LeToKsHsCBtzb73Mwq3rbBfHH tcFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=oqylZsVtegWBY/vSLJsU224U61TcYtzc2MAlvromGyY=; b=mLzJ63AOWAnoOoLIl3RaU2kVVAsCD18s/0edYFrZjEgveIrEQRhwoWlRQWOuyIdo+t up+1HM8Cc0/4vHOvQYt+gtxTNqKVPsr0V2WkP15bZNUN/HTPWtaxII2bgf/T1P9/krnw PlhnURYeRQHJkb6aJhGOvYkWy6Nx59tukwHHuJIWRN4oqZtOsFTndonEeTVJ7UH+IYB+ hou37sN3TprU7dkHDDQBS7E5BpACF+oGYqJX1rZXkmEWUdDq2wt8KtqzKhXimdf4Tj5i N/L9IoAw6oIEV6jV9V3wazUYXeYonERmrLRcFSm67OOde38snb+/SiE5aGApX7xiBl3j zuow== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="nRW/h/U5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ne7-20020a1709077b8700b00788a70eed08si13140449ejc.610.2022.10.18.14.06.20; Tue, 18 Oct 2022 14:06:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="nRW/h/U5"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230188AbiJRU7m (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230172AbiJRU7c (ORCPT ); Tue, 18 Oct 2022 16:59:32 -0400 Received: from mail-oo1-xc49.google.com (mail-oo1-xc49.google.com [IPv6:2607:f8b0:4864:20::c49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA3DAC1D97 for ; Tue, 18 Oct 2022 13:59:11 -0700 (PDT) Received: by mail-oo1-xc49.google.com with SMTP id a11-20020a4a80cb000000b004805cba57f1so6576573oog.11 for ; Tue, 18 Oct 2022 13:59:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=oqylZsVtegWBY/vSLJsU224U61TcYtzc2MAlvromGyY=; b=nRW/h/U52g0e28hPPRHZidXvY8y+CEzkntU07RTkvXFZ4VT9PjpliUBP2F2iL2G4/r w9IBrH2q0ezrMRZi2+krSBRRNmO2qkFcC1vsiFHFY3HiRHvpdS2AAj4nnk8KPd3ZenlR SnnlKClc539jmBBmiNXMc1PFbw4xDMIdeLlDMEkby/MsmPLAwYqtA4QN8CxbtWwMro8O XNB6T9DzTpPkQYxfsBhMOhig0Md8v4Q1EJds602SRogvCdgD45yU60eoKP6T3AHqxC8A VjAShJlGPHlo6f5IxB4bMNd2gND7u/Gu2zT2L/nQA6sbrThOs2q9L9Hr4hv2lBjN6ttZ wXPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=oqylZsVtegWBY/vSLJsU224U61TcYtzc2MAlvromGyY=; b=oua9jaQQb6LOEeBjc+M4Kzsg26y8tbKAbksjRxPdsl73p992QPEBl3u1WllTbeC50k vZPG2R697p6Z0Cwhq3ps4lLLW6g/q0ku6rhBuC3t8o9j96Dt27KjnSv+EojMfLJdosJa bL5SlaPH0e3qrSfFGZ+jzsceb/E67y6DVd2HU19r7a6br5Dg8utukg4XXBte44SeX/rw sJ2B0YJoNlpmB/I4NQ25jsSOZqjczfE/9/Odq2Rak025dLEAUH8twv+mh/IHJh6XfW3q cAf8zVMmB3siaAO0Cr2xHG2EJaNxeHOkgisRBvPP/yoe6DgP9dDz/mFzkM71AZ/V94Hl 4SrQ== X-Gm-Message-State: ACrzQf3IpxB6JWrAqqO6pt3/rf/p8JZuH2Dxc0cb918U4lRaUdqjPmvO udcilRzNTXLtapplxRoLr4IaGAyaJAQ= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:90b:692:b0:203:6c21:b4aa with SMTP id m18-20020a17090b069200b002036c21b4aamr40162380pjz.227.1666126739717; Tue, 18 Oct 2022 13:58:59 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:41 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-4-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 3/7] KVM: selftests: handle protected bits in page tables From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747061001422718268?= X-GMAIL-MSGID: =?utf-8?q?1747061001422718268?= SEV guests rely on an encyption bit which resides within the range that current code treats as address bits. Guest code will expect these bits to be set appropriately in their page tables, whereas the rest of the kvm_util functions will generally expect these bits to not be present. Introduce pte_me_mask and struct kvm_vm_arch to allow for arch specific address tagging. Currently just adding x86 c_bit and s_bit support for SEV and TDX. Originally-by: Michael Roth Signed-off-by: Peter Gonda --- tools/arch/arm64/include/asm/kvm_host.h | 7 ++++++ tools/arch/riscv/include/asm/kvm_host.h | 7 ++++++ tools/arch/s390/include/asm/kvm_host.h | 7 ++++++ tools/arch/x86/include/asm/kvm_host.h | 14 ++++++++++++ .../selftests/kvm/include/kvm_util_base.h | 19 ++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 22 ++++++++++++++++++- .../selftests/kvm/lib/x86_64/processor.c | 19 +++++++++++++--- 7 files changed, 91 insertions(+), 4 deletions(-) create mode 100644 tools/arch/arm64/include/asm/kvm_host.h create mode 100644 tools/arch/riscv/include/asm/kvm_host.h create mode 100644 tools/arch/s390/include/asm/kvm_host.h create mode 100644 tools/arch/x86/include/asm/kvm_host.h diff --git a/tools/arch/arm64/include/asm/kvm_host.h b/tools/arch/arm64/include/asm/kvm_host.h new file mode 100644 index 000000000000..218f5cdf0d86 --- /dev/null +++ b/tools/arch/arm64/include/asm/kvm_host.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H +#define _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H diff --git a/tools/arch/riscv/include/asm/kvm_host.h b/tools/arch/riscv/include/asm/kvm_host.h new file mode 100644 index 000000000000..c8280d5659ce --- /dev/null +++ b/tools/arch/riscv/include/asm/kvm_host.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H +#define _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H diff --git a/tools/arch/s390/include/asm/kvm_host.h b/tools/arch/s390/include/asm/kvm_host.h new file mode 100644 index 000000000000..4c4c1c1e4bf8 --- /dev/null +++ b/tools/arch/s390/include/asm/kvm_host.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_S390_KVM_HOST_H +#define _TOOLS_LINUX_ASM_S390_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_S390_KVM_HOST_H diff --git a/tools/arch/x86/include/asm/kvm_host.h b/tools/arch/x86/include/asm/kvm_host.h new file mode 100644 index 000000000000..03153c18c747 --- /dev/null +++ b/tools/arch/x86/include/asm/kvm_host.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_X86_KVM_HOST_H +#define _TOOLS_LINUX_ASM_X86_KVM_HOST_H + +#include +#include + +struct kvm_vm_arch { + uint64_t pte_me_mask; + uint64_t c_bit; + uint64_t s_bit; +}; + +#endif // _TOOLS_LINUX_ASM_X86_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 625f13cf3b58..9aacc6110d09 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -17,6 +17,8 @@ #include "linux/rbtree.h" #include +#include +#include #include @@ -90,6 +92,9 @@ struct kvm_vm { vm_vaddr_t idt; vm_vaddr_t handlers; uint32_t dirty_ring_size; + uint64_t gpa_protected_mask; + + struct kvm_vm_arch arch; /* VM protection enabled: SEV, etc*/ bool protected; @@ -127,6 +132,7 @@ enum vm_guest_mode { VM_MODE_P40V48_16K, VM_MODE_P40V48_64K, VM_MODE_PXXV48_4K, /* For 48bits VA but ANY bits PA */ + VM_MODE_PXXV48_4K_SEV, /* For 48bits VA but ANY bits PA */ VM_MODE_P47V64_4K, VM_MODE_P44V64_4K, VM_MODE_P36V48_4K, @@ -400,6 +406,17 @@ void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t gpa); + +static inline vm_paddr_t vm_untag_gpa(struct kvm_vm *vm, vm_paddr_t gpa) +{ + return gpa & ~vm->gpa_protected_mask; +} + +static inline vm_paddr_t vm_tag_gpa(struct kvm_vm *vm, vm_paddr_t gpa) +{ + return gpa | vm->gpa_protected_mask; +} + void vcpu_run(struct kvm_vcpu *vcpu); int _vcpu_run(struct kvm_vcpu *vcpu); @@ -863,4 +880,6 @@ static inline int __vm_disable_nx_huge_pages(struct kvm_vm *vm) return __vm_enable_cap(vm, KVM_CAP_VM_DISABLE_NX_HUGE_PAGES, 0); } +bool vm_is_gpa_protected(struct kvm_vm *vm, vm_paddr_t paddr); + #endif /* SELFTEST_KVM_UTIL_BASE_H */ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 0ce5cdb52f0c..f5f18a802434 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1363,9 +1363,10 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, * address providing the memory to the vm physical address is returned. * A TEST_ASSERT failure occurs if no region containing gpa exists. */ -void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa) +void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa_tagged) { struct userspace_mem_region *region; + vm_paddr_t gpa = vm_untag_gpa(vm, gpa_tagged); region = userspace_mem_region_find(vm, gpa, gpa); if (!region) { @@ -2042,3 +2043,22 @@ void __vm_get_stat(struct kvm_vm *vm, const char *stat_name, uint64_t *data, break; } } + +bool vm_is_gpa_protected(struct kvm_vm *vm, vm_paddr_t paddr) +{ + sparsebit_idx_t pg = 0; + struct userspace_mem_region *region; + + if (!vm->protected) + return false; + + region = userspace_mem_region_find(vm, paddr, paddr); + if (!region) { + TEST_FAIL("No vm physical memory at 0x%lx", paddr); + return false; + } + + pg = paddr >> vm->page_shift; + return sparsebit_is_set(region->protected_phy_pages, pg); + +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 39c4409ef56a..377e342ecff7 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -127,6 +127,8 @@ void virt_arch_pgd_alloc(struct kvm_vm *vm) /* If needed, create page map l4 table. */ if (!vm->pgd_created) { vm->pgd = vm_alloc_page_table(vm); + vm->pgd |= vm->arch.pte_me_mask; + vm->pgd_created = true; } } @@ -148,13 +150,17 @@ static uint64_t *virt_create_upper_pte(struct kvm_vm *vm, int target_level) { uint64_t *pte = virt_get_pte(vm, pt_pfn, vaddr, current_level); + uint64_t paddr_raw = vm_untag_gpa(vm, paddr); if (!(*pte & PTE_PRESENT_MASK)) { *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK; if (current_level == target_level) - *pte |= PTE_LARGE_MASK | (paddr & PHYSICAL_PAGE_MASK); - else + *pte |= PTE_LARGE_MASK | (paddr_raw & PHYSICAL_PAGE_MASK); + else { *pte |= vm_alloc_page_table(vm) & PHYSICAL_PAGE_MASK; + *pte |= vm->arch.pte_me_mask; + } + } else { /* * Entry already present. Assert that the caller doesn't want @@ -192,6 +198,8 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) "Physical address beyond maximum supported,\n" " paddr: 0x%lx vm->max_gfn: 0x%lx vm->page_size: 0x%x", paddr, vm->max_gfn, vm->page_size); + TEST_ASSERT(vm_untag_gpa(vm, paddr) == paddr, + "Unexpected bits in paddr: %lx", paddr); /* * Allocate upper level page tables, if not already present. Return @@ -215,6 +223,11 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) TEST_ASSERT(!(*pte & PTE_PRESENT_MASK), "PTE already present for 4k page at vaddr: 0x%lx\n", vaddr); *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK | (paddr & PHYSICAL_PAGE_MASK); + + if (vm_is_gpa_protected(vm, paddr)) + *pte |= vm->arch.c_bit; + else + *pte |= vm->arch.s_bit; } void virt_arch_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr) @@ -542,7 +555,7 @@ vm_paddr_t addr_arch_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) if (!(pte[index[0]] & PTE_PRESENT_MASK)) goto unmapped_gva; - return (PTE_GET_PFN(pte[index[0]]) * vm->page_size) + (gva & ~PAGE_MASK); + return vm_untag_gpa(vm, PTE_GET_PFN(pte[index[0]]) * vm->page_size) + (gva & ~PAGE_MASK); unmapped_gva: TEST_FAIL("No mapping for vm virtual address, gva: 0x%lx", gva); From patchwork Tue Oct 18 20:58:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4317 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2159368wrs; Tue, 18 Oct 2022 14:03:51 -0700 (PDT) X-Google-Smtp-Source: AMsMyM56lwGrjPWxgFifGrYu+XZ9eQzHdnQnPi7rOMfHTIjMUKPkM8gJIoSbs2H2jqKyvFtxAjUm X-Received: by 2002:a05:6402:3492:b0:45d:c00:ea8e with SMTP id v18-20020a056402349200b0045d0c00ea8emr4364337edc.150.1666127031532; Tue, 18 Oct 2022 14:03:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127031; cv=none; d=google.com; s=arc-20160816; b=RYT4XwZB++G0RjkKoiKb6LhlWh5+ciMmIxellUYxC/AlaVwc4i1tnxeU+yeQAPvkOu QDNiPhrE9ZvdrW4Rp/fiAdjLp/ldMOzmbFY5JsbUmUeJG78VABOJFCSjWmHjsT9r2SnY WJkrElO+afhiPljrev+ZvkiNhcrk6UN8bzkTYs+PDJP00VIjSZsDJv11cu+62P65i/iQ AAhh4XQwD1suC3Es738sW6UUlRUHBNQvEpPBQsWZ7/JxPLFpK62O2LYQSlUIUNyMBgUl C057eP4ZGtEe5vZVDqqMUVlJjmIsFiwJXe4onVXBwwK/IuG2PF7x/T+VMlRMeqd47+gQ JjJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=aZEM2Q9nzB7T1LpqHIaGf2vJIOKjOHavkTCUOr3ZRUg=; b=lm2DOBPcF5ieUjoH7jpnzwRfm/735aJBgtLbOWYFQztUxyR8SsiX4RmSkSo/0fHHyO t4uC3N35eUBgUP/VlmUCTtlFYqOSH2lcBRNJr7CEbEPRZ3Xce2W2/OSKIrQcNRRhKiVS WGNvBHBkv9DGT+3SVVsriRh/yfRw8XYqTk229ehtPu87lcooNMSvI8a8p99VVjx06VKw hlttDnEoVmGowZ3LGRrnRo9dapZdf93PAxiHztJjvCyf5UVmURx/sxxj/r1sywq6e3dy XsBBg28o4jj0Rg44yNHtiNIPgh8qS/gw4RWFnjB+RA4Qf7Ym8J9/8OzDIv/3eaVtx7AO gv4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=L8xBPJIb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i3-20020a05640242c300b0045808c3aac6si15772875edc.36.2022.10.18.14.03.01; Tue, 18 Oct 2022 14:03:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=L8xBPJIb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230220AbiJRU7L (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33754 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230180AbiJRU7E (ORCPT ); Tue, 18 Oct 2022 16:59:04 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 82EB7C09B7 for ; Tue, 18 Oct 2022 13:59:02 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id k16-20020a170902c41000b00184987e3d09so10553294plk.21 for ; Tue, 18 Oct 2022 13:59:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=aZEM2Q9nzB7T1LpqHIaGf2vJIOKjOHavkTCUOr3ZRUg=; b=L8xBPJIbH2fFvWt3Nn0n5TviDwSCrB7kaYUmdmF7LrZ0bSGXPMRvjU/VXc//G0Nw9K MC83S93NdveyiStgpg8eMNHtClOJoKDefasKGeN5aIDu+gfB8i7Vh08g0BUPwb3W/aMI 1jQoKMxEquGWBcNf1zul641XBvckpW/PE9a4Kd9S+OVgsjvQlneCdvH2W54FAslGLSYy H6Ydqme6FfNJG0MJBM5GTCCm3i0GlKUrdwRpP8i443kd97ec9EJKWHLU58zTI4zkSn9e r4oG/B9JpvhkcC6rsWS0wEIpg9LSyQgtRrek6tgIA07D0n2ILqVuCP1yAegWB4zZqJFY 6VjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aZEM2Q9nzB7T1LpqHIaGf2vJIOKjOHavkTCUOr3ZRUg=; b=hTtZ0QbKL7qHKDPvkHycqqm9pxzcfQ2HfbOkJH06BoFPl6o1nnde8BJB7P+Rx65Mpi kDS/0BKuC/TrZk/CafUrAlhrIRJSfadGAPKZWfyOgcg/JcYhY9orIo9koUfmng+j8+KJ AZzONI/WipA8pBRFP/S/4FoiF7wxuiq+idNrXrhJMC5p+fh8SRE8i/vOfA5UNHqZ/efu PcrUZRtyTnddIVQVYjAS+Uk9dx3ZL7I5m/LGxDo0ETln0ckDxwCVNGSjJzWNVOUEillY HEBT0IIgHjJ8rqilPQh/fsobE42zD7PPPB8SxBnpcMNqkbD29LRzYW1lXoijs+XT61TP vd7w== X-Gm-Message-State: ACrzQf13zX3Et9ssC2IWXouprFPVpAnHUfd9/thHANPKVvowfJD5Qwcu 8ZBmTMUKjTgySQL3wd3vO6ZEVyjA9OA= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:902:cec8:b0:185:505b:95da with SMTP id d8-20020a170902cec800b00185505b95damr4875973plg.83.1666126741535; Tue, 18 Oct 2022 13:59:01 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:42 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-5-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 4/7] KVM: selftests: add support for protected vm_vaddr_* allocations From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060818136777321?= X-GMAIL-MSGID: =?utf-8?q?1747060818136777321?= From: Michael Roth Test programs may wish to allocate shared vaddrs for things like sharing memory with the guest. Since protected vms will have their memory encrypted by default an interface is needed to explicitly request shared pages. Implement this by splitting the common code out from vm_vaddr_alloc() and introducing a new vm_vaddr_alloc_shared(). Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 21 +++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 9aacc6110d09..4224026fbe25 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -396,6 +396,7 @@ void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index f5f18a802434..d753345993d6 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1231,12 +1231,13 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, } /* - * VM Virtual Address Allocate + * VM Virtual Address Allocate Shared/Encrypted * * Input Args: * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address + * encrypt - Whether the region should be handled as encrypted * * Output Args: None * @@ -1249,13 +1250,15 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, * a unique set of pages, with the minimum real allocation being at least * a page. */ -vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +static vm_vaddr_t +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, bool encrypt) { uint64_t pages = (sz >> vm->page_shift) + ((sz % vm->page_size) != 0); virt_pgd_alloc(vm); - vm_paddr_t paddr = vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, 0); + vm_paddr_t paddr = _vm_phy_pages_alloc(vm, pages, + KVM_UTIL_MIN_PFN * vm->page_size, + 0, encrypt); /* * Find an unused range of virtual page addresses of at least @@ -1276,6 +1279,16 @@ vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) return vaddr_start; } +vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, vm->protected); +} + +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, false); +} + /* * VM Virtual Address Allocate Pages * From patchwork Tue Oct 18 20:58:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4318 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2159391wrs; Tue, 18 Oct 2022 14:03:54 -0700 (PDT) X-Google-Smtp-Source: AMsMyM68SnzPKdQLw1bYHr15FbgbbSNWW7pkiLSKIaPC5L50MnlNBPyuE3Gedq83WEtMpY4D36PG X-Received: by 2002:a17:906:c151:b0:78d:cdbc:9fb7 with SMTP id dp17-20020a170906c15100b0078dcdbc9fb7mr3852855ejc.688.1666127034323; Tue, 18 Oct 2022 14:03:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127034; cv=none; d=google.com; s=arc-20160816; b=X2bK3g2H0VORu2bxHxaVx/43czinf01U1+l7cW/xyvcbY8AcUipvDoM3QvjLP/UloJ l18hxTl7wqecOni1GRKQGfvevqrJHGR91EicT3GjJESJdsHODYucengPofn6JhbNj8AZ S+VLY/CA/c34VAUhVOE5L+1mNbkWiujyYIs/hrvdLu9kUAb1Fex+KlNZ/O/YCXT1G8Yy 5FWR1MnjU4rTfxqhm0LKXD+FKMODElRGLvklk//bdm9NtR9oFU+haBZzOGz3Sc5wVBeM ZkN1MPCrQBQqTX7o+JkBY+m5A5kCFfZlocY0HHi74wWPdrec5iCbi/9aYGmEG4NmK8j9 ck2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=ve65J9Yhx3cpA/bFRhrVBhV9zjGGaLIwJGnKq/Q7y38=; b=vuVjknGpuRMsJkHhfXSozyPiyUX7RzITjv2yxTEjokb9Vl6GS53KY3Pawyn97mBb/a LegU0y9F1lTfFntl9jqoTnKE4r55OsrNuFGjbHWd3vs/OyjWQe4Oc9H/zj1WHKMIAie0 FlOUcyfFIMTih93QxToCLvlcx44iT4gVLRqcxwHMQNS7V0jU6VuNaMMFzLBsz/ioF3Tb hv/G3DXpl0Lpbe6BFSYelEfNnlJ+0fhTaYgDVsLTr8ij94/RGzUk6ipV0J2H0y3hDhuJ LbfhAd1WodTqyzAVabVCljtijQDcz8ctWpb0POjY2BgFnwSm7FV+bmTJyCJf1QrqeA/h wmzg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=C72G0aJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g12-20020a1709065d0c00b0078de8494d0esi13734828ejt.575.2022.10.18.14.03.09; Tue, 18 Oct 2022 14:03:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=C72G0aJj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230107AbiJRU7R (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230189AbiJRU7H (ORCPT ); Tue, 18 Oct 2022 16:59:07 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A115C06AA for ; Tue, 18 Oct 2022 13:59:04 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id p1-20020aa78601000000b00565a29d32e5so8285391pfn.5 for ; Tue, 18 Oct 2022 13:59:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ve65J9Yhx3cpA/bFRhrVBhV9zjGGaLIwJGnKq/Q7y38=; b=C72G0aJjdK6yM+RjPgGcs072tgdVOtq3S4hGXSDnUYaVRYsCH+XL33OLTod89SPxOr vls+fg5Vdocuwqsw+i3a3HmExE1xx1Hl/yJ6ogvmfENbXGip+G16DxCyj1z2XsAStM+o erveJCfUYaDxzeXXdIKosTXAeYec4a9Rk3KSbP5meQZbO0lfXBie+M+tMn+/J/sSfl9A qV3F1LNKVTeIov5Y2nOCPrh9y7teB9WnRz8XS7PYwzyQbG5SyjH++9Z6xmbmKP7mzAKU BLLT6ah+MWjXMp9+TlZIRIYRxy3ItpbcURUO4/5Za7iKgkOyklztJlUmpDO3EBoGgTz2 7xqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ve65J9Yhx3cpA/bFRhrVBhV9zjGGaLIwJGnKq/Q7y38=; b=OdnPfc2MHI71Pm4/ctyZeoq9ZknYzDKS9qM3KyrPlV7E2ntG2jFPqztFHidNU4Nzxm VFIcuuLy9JI2mUnCw1CVjFoN5sDv4eL2ICZ4ucT3cO0xnnnuen1VR0h6/5iOez+UsJTH +IQWJ0cK/2hf9KaQsr7sDpKiVtlI1f5/YHHhJCyWqDzwfP9XojTFxJqoFoG/tti8vihM IzrP9jbDXSqmu4hqI55HCOioljsCXSH6PTWlV0agykOe+g2+f7G/1UfiUJuGL08krSMf 6eY6akL47sYOVwnK7lmLFXp/mLwqe8s9VB1N3tOvRERuHjLaxksrqT37mKvLlBCwvANM kQEQ== X-Gm-Message-State: ACrzQf3hBTunwYvlzP5/YTbtKkBKVRvxUo4949XAp9RIia76REc+EgEp CD7uZwaEAgm4N+vIpqEJWYr/o9v6Y4g= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:90b:4a4d:b0:20d:4dc7:fa72 with SMTP id lb13-20020a17090b4a4d00b0020d4dc7fa72mr5493661pjb.86.1666126743629; Tue, 18 Oct 2022 13:59:03 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:43 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-6-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 5/7] KVM: selftests: add library for creating/interacting with SEV guests From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060820668859429?= X-GMAIL-MSGID: =?utf-8?q?1747060820668859429?= Add interfaces to allow tests to create SEV guests. The additional requirements for SEV guests PTs and other state is encapsulated by the new vm_sev_create_with_one_vcpu() function. This can future be generalized for more vCPUs but the first set of SEV selftests in this series only uses a single vCPU. Originally-by: Michael Roth Signed-off-by: Peter Gonda --- tools/arch/x86/include/asm/kvm_host.h | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/kvm_util_base.h | 15 +- .../selftests/kvm/include/x86_64/sev.h | 22 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 4 +- .../selftests/kvm/lib/x86_64/processor.c | 4 + tools/testing/selftests/kvm/lib/x86_64/sev.c | 243 ++++++++++++++++++ 7 files changed, 286 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/arch/x86/include/asm/kvm_host.h b/tools/arch/x86/include/asm/kvm_host.h index 03153c18c747..0357a7135835 100644 --- a/tools/arch/x86/include/asm/kvm_host.h +++ b/tools/arch/x86/include/asm/kvm_host.h @@ -9,6 +9,7 @@ struct kvm_vm_arch { uint64_t pte_me_mask; uint64_t c_bit; uint64_t s_bit; + bool is_pt_protected; }; #endif // _TOOLS_LINUX_ASM_X86_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 65eb45ff1bff..4f27ef70cf2b 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -58,6 +58,7 @@ LIBKVM_x86_64 += lib/x86_64/processor.c LIBKVM_x86_64 += lib/x86_64/svm.c LIBKVM_x86_64 += lib/x86_64/ucall.c LIBKVM_x86_64 += lib/x86_64/vmx.c +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_aarch64 += lib/aarch64/gic.c LIBKVM_aarch64 += lib/aarch64/gic_v3.c diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 4224026fbe25..8e4ded757a40 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -68,6 +68,13 @@ struct userspace_mem_regions { DECLARE_HASHTABLE(slot_hash, 9); }; +/* VM protection policy/configuration. */ +struct protected_vm { + bool enabled; + bool has_protected_bit; + int8_t protected_bit; +}; + struct kvm_vm { int mode; unsigned long type; @@ -670,6 +677,10 @@ static inline vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, return _vm_phy_pages_alloc(vm, num, paddr_min, memslot, vm->protected); } +uint64_t vm_nr_pages_required(enum vm_guest_mode mode, + uint32_t nr_runnable_vcpus, + uint64_t extra_mem_pages); + /* * ____vm_create() does KVM_CREATE_VM and little else. __vm_create() also * loads the test binary into guest memory and creates an IRQ chip (x86 only). @@ -722,8 +733,8 @@ unsigned long vm_compute_max_gfn(struct kvm_vm *vm); unsigned int vm_calc_num_guest_pages(enum vm_guest_mode mode, size_t size); unsigned int vm_num_host_pages(enum vm_guest_mode mode, unsigned int num_guest_pages); unsigned int vm_num_guest_pages(enum vm_guest_mode mode, unsigned int num_host_pages); -static inline unsigned int -vm_adjust_num_guest_pages(enum vm_guest_mode mode, unsigned int num_guest_pages) +static inline unsigned int vm_adjust_num_guest_pages(enum vm_guest_mode mode, + unsigned int num_guest_pages) { unsigned int n; n = vm_num_guest_pages(mode, vm_num_host_pages(mode, num_guest_pages)); diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h new file mode 100644 index 000000000000..1148db928d0b --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -0,0 +1,22 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Helpers used for SEV guests + * + */ +#ifndef SELFTEST_KVM_SEV_H +#define SELFTEST_KVM_SEV_H + +#include +#include + +#include "kvm_util.h" + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +bool is_kvm_sev_supported(void); + +struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, + struct kvm_vcpu **cpu); + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index d753345993d6..753b8991eff3 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -254,7 +254,7 @@ struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages) vm->pgtable_levels = 4; vm->va_bits = 48; #else - TEST_FAIL("VM_MODE_PXXV48_4K not supported on non-x86 platforms"); + TEST_FAIL("VM_MODE_PXXV48_4K* not supported on non-x86 platforms"); #endif break; case VM_MODE_P47V64_4K: @@ -294,7 +294,7 @@ struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages) return vm; } -static uint64_t vm_nr_pages_required(enum vm_guest_mode mode, +uint64_t vm_nr_pages_required(enum vm_guest_mode mode, uint32_t nr_runnable_vcpus, uint64_t extra_mem_pages) { diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 377e342ecff7..04a5434ba3dd 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -529,6 +529,10 @@ vm_paddr_t addr_arch_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) uint64_t *pml4e, *pdpe, *pde; uint64_t *pte; + TEST_ASSERT( + !vm->arch.is_pt_protected, + "Protected guests have their page tables protected so gva2gpa conversions are not possible."); + TEST_ASSERT(vm->mode == VM_MODE_PXXV48_4K, "Attempt to use " "unknown or unsupported guest mode, mode: 0x%x", vm->mode); diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..faed2ebe63ac --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,243 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Helpers used for SEV guests + * + */ + +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include + +#include "kvm_util.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "processor.h" +#include "sev.h" + +#define CPUID_MEM_ENC_LEAF 0x8000001f +#define CPUID_EBX_CBIT_MASK 0x3f + +#define SEV_FW_REQ_VER_MAJOR 0 +#define SEV_FW_REQ_VER_MINOR 17 + +enum sev_guest_state { + SEV_GSTATE_UNINIT = 0, + SEV_GSTATE_LUPDATE, + SEV_GSTATE_LSECRET, + SEV_GSTATE_RUNNING, +}; + +static void sev_ioctl(int cmd, void *data) +{ + int ret; + struct sev_issue_cmd arg; + + arg.cmd = cmd; + arg.data = (unsigned long)data; + ret = ioctl(open_sev_dev_path_or_exit(), SEV_ISSUE_CMD, &arg); + TEST_ASSERT(ret == 0, "SEV ioctl %d failed, error: %d, fw_error: %d", + cmd, ret, arg.error); +} + +static void kvm_sev_ioctl(struct kvm_vm *vm, int cmd, void *data) +{ + struct kvm_sev_cmd arg = {0}; + int ret; + + arg.id = cmd; + arg.sev_fd = open_sev_dev_path_or_exit(); + arg.data = (__u64)data; + + ret = ioctl(vm->fd, KVM_MEMORY_ENCRYPT_OP, &arg); + TEST_ASSERT( + ret == 0, + "SEV KVM ioctl %d failed, rc: %i errno: %i (%s), fw_error: %d", + cmd, ret, errno, strerror(errno), arg.error); +} + +static void sev_register_user_region(struct kvm_vm *vm, struct userspace_mem_region *region) +{ + struct kvm_enc_region range = {0}; + int ret; + + range.addr = (__u64)region->region.userspace_addr; + ; + range.size = region->region.memory_size; + + ret = ioctl(vm->fd, KVM_MEMORY_ENCRYPT_REG_REGION, &range); + TEST_ASSERT(ret == 0, "failed to register user range, errno: %i\n", + errno); +} + +static void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_launch_update_data ksev_update_data = {0}; + + pr_debug("%s: addr: 0x%lx, size: %lu\n", __func__, gpa, size); + + ksev_update_data.uaddr = (__u64)addr_gpa2hva(vm, gpa); + ksev_update_data.len = size; + + kvm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); +} + +static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region) +{ + const struct sparsebit *protected_phy_pages = + region->protected_phy_pages; + const uint64_t memory_size = region->region.memory_size; + const vm_paddr_t gpa_start = region->region.guest_phys_addr; + sparsebit_idx_t pg = 0; + + sev_register_user_region(vm, region); + + while (pg < (memory_size / vm->page_size)) { + sparsebit_idx_t nr_pages; + + if (sparsebit_is_clear(protected_phy_pages, pg)) { + pg = sparsebit_next_set(protected_phy_pages, pg); + if (!pg) + break; + } + + nr_pages = sparsebit_next_clear(protected_phy_pages, pg) - pg; + if (nr_pages <= 0) + nr_pages = 1; + + sev_launch_update_data(vm, gpa_start + pg * vm->page_size, + nr_pages * vm->page_size); + pg += nr_pages; + } +} + +static void sev_encrypt(struct kvm_vm *vm) +{ + int ctr; + struct userspace_mem_region *region; + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + encrypt_region(vm, region); + } + + vm->arch.is_pt_protected = true; +} + +bool is_kvm_sev_supported(void) +{ + struct sev_user_data_status sev_status; + + sev_ioctl(SEV_PLATFORM_STATUS, &sev_status); + + if (!(sev_status.api_major > SEV_FW_REQ_VER_MAJOR || + (sev_status.api_major == SEV_FW_REQ_VER_MAJOR && + sev_status.api_minor >= SEV_FW_REQ_VER_MINOR))) { + pr_info("SEV FW version too old. Have API %d.%d (build: %d), need %d.%d, skipping test.\n", + sev_status.api_major, sev_status.api_minor, + sev_status.build, SEV_FW_REQ_VER_MAJOR, + SEV_FW_REQ_VER_MINOR); + return false; + } + + return true; +} + +static void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) +{ + struct kvm_sev_launch_start ksev_launch_start = {0}; + struct kvm_sev_guest_status ksev_status; + + ksev_launch_start.policy = policy; + kvm_sev_ioctl(vm, KVM_SEV_LAUNCH_START, &ksev_launch_start); + kvm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.policy == policy, "Incorrect guest policy."); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE, + "Unexpected guest state: %d", ksev_status.state); + + ucall_init(vm, 0); + + sev_encrypt(vm); +} + +static void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement) +{ + struct kvm_sev_launch_measure ksev_launch_measure; + struct kvm_sev_guest_status ksev_guest_status; + + ksev_launch_measure.len = 256; + ksev_launch_measure.uaddr = (__u64)measurement; + kvm_sev_ioctl(vm, KVM_SEV_LAUNCH_MEASURE, &ksev_launch_measure); + + kvm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &ksev_guest_status); + TEST_ASSERT(ksev_guest_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_guest_status.state); +} + +static void sev_vm_launch_finish(struct kvm_vm *vm) +{ + struct kvm_sev_guest_status ksev_status; + + kvm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE || + ksev_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_status.state); + + kvm_sev_ioctl(vm, KVM_SEV_LAUNCH_FINISH, NULL); + + kvm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, + "Unexpected guest state: %d", ksev_status.state); +} + +static void configure_sev_pte_masks(struct kvm_vm *vm) +{ + uint32_t eax, ebx, ecx, edx, enc_bit; + + cpuid(CPUID_MEM_ENC_LEAF, &eax, &ebx, &ecx, &edx); + enc_bit = ebx & CPUID_EBX_CBIT_MASK; + + vm->arch.c_bit = 1 << enc_bit; + vm->arch.pte_me_mask = vm->arch.c_bit | vm->arch.s_bit; + vm->protected = true; +} + +static void sev_vm_measure(struct kvm_vm *vm) +{ + uint8_t measurement[512]; + int i; + + sev_vm_launch_measure(vm, measurement); + + /* TODO: Validate the measurement is as expected. */ + pr_debug("guest measurement: "); + for (i = 0; i < 32; ++i) + pr_debug("%02x", measurement[i]); + pr_debug("\n"); +} + +struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, + struct kvm_vcpu **cpu) +{ + enum vm_guest_mode mode = VM_MODE_PXXV48_4K; + uint64_t nr_pages = vm_nr_pages_required(mode, 1, 0); + struct kvm_vm *vm; + + vm = ____vm_create(mode, nr_pages); + + kvm_sev_ioctl(vm, KVM_SEV_INIT, NULL); + + configure_sev_pte_masks(vm); + + *cpu = vm_vcpu_add(vm, 0, guest_code); + kvm_vm_elf_load(vm, program_invocation_name); + + sev_vm_launch(vm, policy); + + sev_vm_measure(vm); + + sev_vm_launch_finish(vm); + + pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", policy, + nr_pages * vm->page_size / 1024); + + return vm; +} From patchwork Tue Oct 18 20:58:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4319 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2159423wrs; Tue, 18 Oct 2022 14:04:00 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5B2psYUDd4qNgnD3nLatur63Jr7zGbTDBN78Us0bhgmSzKqAknd75ETzRaw0EugCdRI5/o X-Received: by 2002:a05:6402:164c:b0:459:1e2e:e742 with SMTP id s12-20020a056402164c00b004591e2ee742mr4261699edx.125.1666127040391; Tue, 18 Oct 2022 14:04:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127040; cv=none; d=google.com; s=arc-20160816; b=0sdkJP8rtYGkaA62pf7HwbDxunDygWNc90ddzvXHL7iCtRYwphW1XRyEXKHheZ8zye GHzqNCXnxLbpGAWoiA76HPlC9CyBEl89E5/jVGGH+8623mk02ETWDUPHRoJd8g3blfcK OmOxzM3s80Q13VJwjni2wE/Jccmm1/T/noaJnqhoAWMkV0wrc024HyItvaOYunlRCICg dsEs5BMSXM/ReA1advUYfT1i/HJIRWQIC9NMisVGSrS9JlBrCqWDKMIFy4Fi3PBcSVeG v9nRFrKlrfrUf3VqH15J+7ss8Npq5/phJko00U4dhu+iLyrZyjsf5oinQMcuSLKXXmIc O0Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=Vkb6jpXxRXZcay7XTYkpdaFUx0NcW26q2P9aH4gnX04=; b=f3uxN+H8E7YLcEXLYbZ3cwY4IR7w/y5F99auyMiHdaa8DMcrOllps9gkITHr58retk TFRhQJG9QIAajBzJ5ake5p6CoswO+8RqmPXgQ34YPykAEjOSnKvgvRxyoGP9JeNwyuz/ K02RK2xo4OIpwI+wL9j2X3z7bq0PefyHK4ADfjfWuIShhv8jQRZo23IsCK2qgA7UK0ah ogIlU+ejbsriW1BS/FsDstgvJvdy69OG1zaJ2o9o3pa8Xtl4+IoLruiS0hbkPpnRkre4 AWk4+KP/EipXYPjibMAoxw6vgJZ57zoKMGzme6QEyrK+ISDy8b4xJ+WRiudnhJb8uYdQ yo+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="IH/dgM5Q"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q7-20020a1709060e4700b007315809ec88si10477314eji.399.2022.10.18.14.03.21; Tue, 18 Oct 2022 14:04:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="IH/dgM5Q"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230189AbiJRU7W (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33890 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230202AbiJRU7J (ORCPT ); Tue, 18 Oct 2022 16:59:09 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F108EC1493 for ; Tue, 18 Oct 2022 13:59:05 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id k16-20020a170902c41000b00184987e3d09so10553379plk.21 for ; Tue, 18 Oct 2022 13:59:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Vkb6jpXxRXZcay7XTYkpdaFUx0NcW26q2P9aH4gnX04=; b=IH/dgM5QKzU6C10PzalpoK2rBbFJNvA1rL1ERHjeWHFmjnozppx/HMFwk94ecDWk8s fAZwZdDI/u79+0/2WLTJ5ndBjDvrYCTW9+8yeM8uSof9OmmYD0Wug3u3JB2D76IutTMT FV8Xy19ZjJphypvoCzFUFTHb4KvwiekOsCvpSFasHhjM/Xeoyxv39S+rgjP1pNJR+u60 OIFtcFw/ArZOasgeq26VYKJanrmsiiclQESeI7tkWSoF2GKoEC1G58fV8ZJMGaEKCNiX 1PVbb9jZpAo9UwN8nZOdd1gQZOPt92nEgEbu1brp1iT9JIGaPaAnpaourRvYQrWqfPoH UrZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Vkb6jpXxRXZcay7XTYkpdaFUx0NcW26q2P9aH4gnX04=; b=Ty8rsui8B29TJ4CT+XpzKLNvzAiWYMJPkLsoH46eTZjS3KHk9+HQImj2Oc1e9zcpJ8 ahTKb7DYHGTPSLLZp06pr7G+LvfemdjDDNBOQWAq0CRsveGq3wIi/fh4ik3izVt3Bj7p Dslgx5xkD8T6TSwE0WK6+XneUlfSewES7g+AE7tvRYKIRw1Bt4YsYbimrwDF3eSJDj+y MltR++P05k/SwpXar05fii36iUW0ZDHg/uEFF9MculF6F/Z0flOUoSBdiccXmJgyYmUz iFh9X9cFS4uIX2nBBtcqk2g2Rv2SRTnS+3fIZIM81HDltFI7moSjFTjzQchhhZ5ZzXOM rKvg== X-Gm-Message-State: ACrzQf2EiuXBtLLLyfP2ux+d8I1tWepeZCkzpyJFsbm9fORuxMIU/G++ eoo4qCjCW2qt+iwvOjqEhAgrqZ8twIY= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:90b:48c1:b0:20c:8edd:59a3 with SMTP id li1-20020a17090b48c100b0020c8edd59a3mr5603433pjb.222.1666126745539; Tue, 18 Oct 2022 13:59:05 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:44 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-7-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 6/7] KVM: selftests: Update ucall pool to allocate from shared memory From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060827600166102?= X-GMAIL-MSGID: =?utf-8?q?1747060827600166102?= Update the per VM ucall_header allocation from vm_vaddr_alloc() to vm_vaddr_alloc_shared(). This allows encrypted guests to use ucall pools by placing their shared ucall structures in unencrypted (shared) memory. No behavior change for non encrypted guests. Signed-off-by: Peter Gonda --- tools/testing/selftests/kvm/lib/ucall_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index fcae96461e46..b4168e562255 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -22,7 +22,7 @@ void ucall_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa) vm_vaddr_t vaddr; int i; - vaddr = vm_vaddr_alloc(vm, sizeof(*hdr), KVM_UTIL_MIN_VADDR); + vaddr = vm_vaddr_alloc_shared(vm, sizeof(*hdr), KVM_UTIL_MIN_VADDR); hdr = (struct ucall_header *)addr_gva2hva(vm, vaddr); memset(hdr, 0, sizeof(*hdr)); From patchwork Tue Oct 18 20:58:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 4320 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4ac7:0:0:0:0:0 with SMTP id y7csp2160676wrs; Tue, 18 Oct 2022 14:06:02 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4z8icp5pMS0pWmNSyXsNTLlMBl+4SFp67Cv8VCzkoMHEbJVLp8iY5RBvpk26eXfbrTLDmt X-Received: by 2002:a17:906:fe49:b0:73d:70c5:1a52 with SMTP id wz9-20020a170906fe4900b0073d70c51a52mr4046621ejb.469.1666127162468; Tue, 18 Oct 2022 14:06:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666127162; cv=none; d=google.com; s=arc-20160816; b=wiocA3hsOKHy+H6Bfz6l6ZM2b4vAw+RHwNx/H+n0DcqqM6bF59WLHiJQrU0uiGSitP lA+VsGQg+ddLTQZQmDVTJjBsBkNeeCs1GTHisEbpbUV7Qcwho+ZRo0wfH0GiuDwrNnVZ bRv8sIq88a1k+Ni/uOazkLRy6uLzbaifUGoQo7M82bO6WrHdRJ7KtUue4RfPYtewjfFP JK8bLdOaBPUBurSqRrX7loH5A4y9i8we1HAyZLu8XDZxY2MknOLG7AxIVUf4a1DfBGvx 1vMnYxNlwyW2GQWp44jGP3OMAPPowLoLnC6ofUD+2ZjzKSS9Sf1pj8YmBpfioyQ7SrMK 9AOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:dkim-signature; bh=L04i/bHb+FWWtwiQpLypJXSsQojGyBvdLvEayXA31so=; b=PN5tZUx+esgN73O03robsXDnInA4lNTeg8OuQE8jqbXjYGBTs+3jExNcCW6exqO+eh UP1UHI9yZf0bwlN6AC+KemoaOIhPq8pKrwISRaOH0P8r7lIx3rBlAyANKJS5JHxO/XsR Hin4ahR+S3yTcT4nLIeSjWmeK8z+7dxxrFHuKO0Gi/GC0VTxITgHXMyOQF4HTcdJC70D 49AoGibyVF0IpQQKOZV5HeQSqGa9rzmZiJoIzHh3ZK18ma1aSx2VrDZETKFfGGUNDDu/ ZH/Sy2vKEyTryiXq1S62PzQ0qB48/n/eHnMJy6o+3yPCDJnlvywKehBN4cuxdrmjdegR f5JQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=K8TIEus1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hq4-20020a1709073f0400b00791910ecd0fsi7239103ejc.540.2022.10.18.14.05.23; Tue, 18 Oct 2022 14:06:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=K8TIEus1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230232AbiJRU7j (ORCPT + 99 others); Tue, 18 Oct 2022 16:59:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33892 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230202AbiJRU73 (ORCPT ); Tue, 18 Oct 2022 16:59:29 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9EB72C1D8B for ; Tue, 18 Oct 2022 13:59:08 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id v5-20020a17090abb8500b0020a76ded27eso12431214pjr.3 for ; Tue, 18 Oct 2022 13:59:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=L04i/bHb+FWWtwiQpLypJXSsQojGyBvdLvEayXA31so=; b=K8TIEus1IJ1GCzPG4wpF0e63hzchCvpqkrYnoE5SR8c3cXYK3qPOLgzYr1mXKd84bP r26FSAX5jQ6pYYhguRf2fYJP5kRlRJMlEfZv/oeXUo4MtbuY2naVFp3j2UX49thAuhXK BPn3l869e1Izuu9gXybVlFNrJrJH/P1+BBlewyS6e/vPIxvFfjTVUgi8D7IE3sgiMVM+ 4dOOi/sTYLYNdwtgqr1f9ZBKr9KgcXkExPgALs1sj0wTnkt92h7r8K6EsRiIG1gDqW64 w387plPBqyecazJtgFcNCrKWA9gjPJn0wNrYmBdFra4uF/owkoUzYd/yzLFjwcS0yJfe 8+LQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=L04i/bHb+FWWtwiQpLypJXSsQojGyBvdLvEayXA31so=; b=Imy6GjM+GZgTPRAam8Pg2izOESZ06LufaT/2ZR7ZsgGJheojrAd8xlYkSvxZxTUt3J HxokQApwbYQnUV6XoYHUM0oEDPMUa3yJ5IHtgpT8q/qA/lPAnLmB/ZeokDcDk9osMwXJ 3lMaUvyUD4Blj0OUIPyFBHdY2Gz3CfWMnH/m7F9Wr1jq7zFyWkvCrNv2LVjrVdoSCo4h EETlGR029nnfn+6PfCn1Z6StAnwjsLJGg4YNn0Z9r4UVFO3otrE3oTPwr0TNJgMGPLUt WBIha8PgIMQkabSyY7Uxk9c76HXMx/sGj06uor0umg0501pQx/hVdjdWeaqFQt35obHz ji4g== X-Gm-Message-State: ACrzQf2+Xkq14Z/XrWHToQ2DQF+UkhaxUQQ3X5g6I4LrBod0LHKRV9zY 2PeLk7cRjXRc4wVnYja5a5/diyjlHB4= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:c89b:7f49:3437:9db8]) (user=pgonda job=sendgmr) by 2002:a17:90b:390b:b0:20d:2335:bff0 with SMTP id ob11-20020a17090b390b00b0020d2335bff0mr41157901pjb.141.1666126747247; Tue, 18 Oct 2022 13:59:07 -0700 (PDT) Date: Tue, 18 Oct 2022 13:58:45 -0700 In-Reply-To: <20221018205845.770121-1-pgonda@google.com> Message-Id: <20221018205845.770121-8-pgonda@google.com> Mime-Version: 1.0 References: <20221018205845.770121-1-pgonda@google.com> X-Mailer: git-send-email 2.38.0.413.g74048e4d9e-goog Subject: [PATCH V5 7/7] KVM: selftests: Add simple sev vm testing From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, pgonda@google.com, vannapurve@google.com X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747060955653920137?= X-GMAIL-MSGID: =?utf-8?q?1747060955653920137?= A very simple of booting SEV guests that checks related CPUID bits. This is a stripped down version of "[PATCH v2 08/13] KVM: selftests: add SEV boot tests" from Michael but much simpler. Suggested-by: Michael Roth Signed-off-by: Peter Gonda --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_all_boot_test.c | 84 +++++++++++++++++++ 3 files changed, 86 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index 2f0d705db9db..813e7610619d 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -35,6 +35,7 @@ /x86_64/pmu_event_filter_test /x86_64/set_boot_cpu_id /x86_64/set_sregs_test +/x86_64/sev_all_boot_test /x86_64/sev_migrate_tests /x86_64/smm_test /x86_64/state_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 4f27ef70cf2b..1eb9b2aa7c22 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -126,6 +126,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/tsc_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_caps_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test +TEST_GEN_PROGS_x86_64 += x86_64/sev_all_boot_test TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests TEST_GEN_PROGS_x86_64 += x86_64/amx_test TEST_GEN_PROGS_x86_64 += x86_64/max_vcpuid_cap_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c new file mode 100644 index 000000000000..e9e4d7305bc1 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -0,0 +1,84 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Basic SEV boot tests. + * + */ +#include +#include +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +#define NR_SYNCS 1 + +#define MSR_AMD64_SEV_BIT 1 + +static void guest_run_loop(struct kvm_vcpu *vcpu) +{ + struct ucall uc; + int i; + + for (i = 0; i <= NR_SYNCS; ++i) { + vcpu_run(vcpu); + switch (get_ucall(vcpu, &uc)) { + case UCALL_SYNC: + continue; + case UCALL_DONE: + return; + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + default: + TEST_FAIL("Unexpected exit: %s", + exit_reason_str(vcpu->run->exit_reason)); + } + } +} + +static void is_sev_enabled(void) +{ + uint64_t sev_status; + + GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); + + sev_status = rdmsr(MSR_AMD64_SEV); + GUEST_ASSERT(sev_status & 0x1); +} + +static void guest_sev_code(void) +{ + GUEST_SYNC(1); + + is_sev_enabled(); + + GUEST_DONE(); +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm = vm_sev_create_with_one_vcpu(policy, guest_code, &vcpu); + TEST_ASSERT(vm, "vm_sev_create_with_one_vcpu() failed to create VM\n"); + + guest_run_loop(vcpu); + + kvm_vm_free(vm); +} + +int main(int argc, char *argv[]) +{ + TEST_REQUIRE(is_kvm_sev_supported()); + + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +}