From nobody Mon Feb 9 12:26:29 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1666779661; cv=none; d=zohomail.com; s=zohoarc; b=jyS90/eUmNParlCRnOSgTallGIDa8FAgKyDF0dUvAEjo84cSTWJvvvQxLTSUZiKQOlYyMcQzwBAjiKtuXij1zoi7g2AX/6GJEJN9tIUjnmE1oAt5IBWz68RSra9L53Lidxw7lx27HdoHnl0LOiGLmEmUWDzCka48fQGGbFTWBEc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666779661; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=N3PMnM5jk3oUqpHEZjwsAHQ16LeGwnjeOGdWPI7Gn3U=; b=fI65uoT8ZZPUnZtfcM+3VqwdmlNgeFVvFt0kvHOJTxajPfkI8NVNKZ2VSei92PwjQkdL73Im0uT/L9tHrwSDpPnM8dIU+wDidHafHwbpTRdWeaH28wilCI0GP5S2WbOZNq1Rxdp51Jg/Tl+3XHgKa9/z4kd2WzarhfCJ6+l3Hm4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1666779661339313.02271979457294; Wed, 26 Oct 2022 03:21:01 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.430422.682122 (Exim 4.92) (envelope-from ) id 1ondWZ-0005QZ-AL; Wed, 26 Oct 2022 10:20:39 +0000 Received: by outflank-mailman (output) from mailman id 430422.682122; Wed, 26 Oct 2022 10:20:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ondWZ-0005QQ-7H; Wed, 26 Oct 2022 10:20:39 +0000 Received: by outflank-mailman (input) for mailman id 430422; Wed, 26 Oct 2022 10:20:38 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ondWX-0004c6-Of for xen-devel@lists.xenproject.org; Wed, 26 Oct 2022 10:20:37 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id d3bbc3f4-5517-11ed-91b5-6bf2151ebd3b; Wed, 26 Oct 2022 12:20:35 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d3bbc3f4-5517-11ed-91b5-6bf2151ebd3b DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1666779635; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=R02ZMC1k6phfC4hNr6bv6e+rmMsxG/5mpBaH4ZGEwOQ=; b=GW2gy6Rf5OpvQZjqvAcRmmv1Fqhivd1drAVFA5BIeOClU/NmRtp86TfC bB7djA8kGIjva0Imwbhh0w7ADrSGNQf9FFgz+CjtuvrOjxP8Zaz62/Oj6 x2gcyX8YXyD+awLAIUJubazwtlDirVFoUwj1jSAvFvZrmbLmzokiT4dSk 4=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 5.1 X-MesageID: 82629705 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: A9a23:P8i7P6769hNKx18BiYLetQxRtKjHchMFZxGqfqrLsTDasY5as4F+v jRKW2CBMq2JZTOgKI8ja9i//B5V6sDUztZiGgc9rylkHi5G8cbLO4+Ufxz6V8+wwm8vb2o8t plDNYOQRCwQZiWBzvt4GuG59RGQ7YnRGvymTras1hlZHWdMUD0mhQ9oh9k3i4tphcnRKw6Ws Jb5rta31GWNglaYCUpJrfPewP9TlK6q4mlB5gZgPakjUGL2zBH5MrpOfcldEFOgKmVkNrbSb /rOyri/4lTY838FYj9yuu+mGqGiaue60Tmm0hK6aYD76vRxjnVaPpIAHOgdcS9qZwChxLid/ jnvWauYEm/FNoWU8AgUvoIx/ytWZcWq85efSZSzXFD6I+QrvBIAzt03ZHzaM7H09c5LHT1iy e4nJwkNVTDcv7yJ6euAeu5V05FLwMnDZOvzu1llxDDdS/0nXYrCU+PB4towMDUY354UW6yEP oxANGQpPE+ojx5nYz/7DLoXmuuyi2a5WDpfsF+P/oI84nTJzRw327/oWDbQUozQG58EwR7Fz o7A10voBggxLu6l8CPG1lWiiffkkBqnW7tHQdVU8dY12QbOlwT/EiY+a1y/pvWoj1+kbPhWI UcU5ykGoLA78QqgSdyVdx+lpH+JuDYMVtwWFPc1gCmtx6zO8kCmD24LZjdbbZots8pebTYnz EOTltXlQzlmqqSISGm1/62R6zi1PEA9NnQebCUJSQ8E5djLo4wpiB/LCNF5H8adldD+BCvx3 yGivCU4wbIJgqYjx6i9uFzKnT+ojpzIVRIuoBXaWHq/6QF0b5LjYJangXDE6d5QIYDfSUOO1 FAmscWD6OEFDbmWiTeABu4KGdmUC+2taWOGxwQ1Rt94qmrrqyXLkZ1sDC9WGFs1HvoWRjDQY HTz5jsP27YKB0utVPoiC26uMPgCwa/lHNXjc/nbaNtSf5R8HDO6EDFSiV24hD60zhV1+U0rE dLCKJv3Uy5GYUhy5GDuL9rxx4PH0czXKYn7YZnghyqq3rOFDJJ+YedUaQDeBgzVAU7tnek0z zq9H5HUo/m8eLekCsUyzWL0BQlTRUXX/bis96Rqmhere2KK4l0JBf7L2q8GcId4halTneqg1 ijjBBEHkgCu3CSdcVjihpVfhFTHBMgXkJ7GFXZ0YQbAN4YLPe5DE5vzh7NoJOJ6pYSPPNZ/T uUfetXoPxi8Ym2vxtjpVrGk9NYKXE3y3WqmZnP1CAXTirY9HmQlDPe/JVCxnMTPZwLq3fYDT 0qIjFiCEMddGlkzZCsUAdr2p26MUbEmsLoadyP1zhN7IS0ALKACx/TNs8IK IronPort-HdrOrdr: A9a23:WsNLS6C5F24WvBXlHemq55DYdb4zR+YMi2TC1yhKJiC9Ffbo8f xG/c5rsiMc5wxxZJhNo7290ey7MBHhHP1OkO0s1NWZPDUO0VHAROoJ0WKh+UyEJ8SXzJ8l6U 4KScZD4bPLYWSS9fyKgzWFLw== X-IronPort-AV: E=Sophos;i="5.95,214,1661832000"; d="scan'208";a="82629705" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Xen Security Team , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Wei Liu , Stefano Stabellini , Julien Grall , Volodymyr Babchuk , "Bertrand Marquis" , Henry Wang , "Anthony PERARD" Subject: [PATCH 2/4] tools/tests: Unit test for p2m pool size Date: Wed, 26 Oct 2022 11:20:16 +0100 Message-ID: <20221026102018.4144-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20221026102018.4144-1-andrew.cooper3@citrix.com> References: <20221026102018.4144-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1666779661795100001 Exercise some basic functionality of the new xc_{get,set}_p2m_mempool_size() hypercalls. This passes on x86, but fails currently on ARM. ARM will be fixed up in future patches. This is part of XSA-409 / CVE-2022-33747. Signed-off-by: Andrew Cooper --- CC: Xen Security Team CC: Jan Beulich CC: Roger Pau Monn=C3=A9 CC: Wei Liu CC: Stefano Stabellini CC: Julien Grall CC: Volodymyr Babchuk CC: Bertrand Marquis CC: Henry Wang CC: Anthony PERARD --- tools/tests/Makefile | 1 + tools/tests/p2m-pool/.gitignore | 1 + tools/tests/p2m-pool/Makefile | 42 ++++++++ tools/tests/p2m-pool/test-p2m-pool.c | 181 +++++++++++++++++++++++++++++++= ++++ 4 files changed, 225 insertions(+) create mode 100644 tools/tests/p2m-pool/.gitignore create mode 100644 tools/tests/p2m-pool/Makefile create mode 100644 tools/tests/p2m-pool/test-p2m-pool.c diff --git a/tools/tests/Makefile b/tools/tests/Makefile index d99146d56a64..7ce8b7b881db 100644 --- a/tools/tests/Makefile +++ b/tools/tests/Makefile @@ -11,6 +11,7 @@ endif SUBDIRS-y +=3D xenstore SUBDIRS-y +=3D depriv SUBDIRS-y +=3D vpci +SUBDIRS-y +=3D p2m-pool =20 .PHONY: all clean install distclean uninstall all clean distclean install uninstall: %: subdirs-% diff --git a/tools/tests/p2m-pool/.gitignore b/tools/tests/p2m-pool/.gitign= ore new file mode 100644 index 000000000000..cce6d97b1cc8 --- /dev/null +++ b/tools/tests/p2m-pool/.gitignore @@ -0,0 +1 @@ +test-p2m-pool diff --git a/tools/tests/p2m-pool/Makefile b/tools/tests/p2m-pool/Makefile new file mode 100644 index 000000000000..24f348f20582 --- /dev/null +++ b/tools/tests/p2m-pool/Makefile @@ -0,0 +1,42 @@ +XEN_ROOT =3D $(CURDIR)/../../.. +include $(XEN_ROOT)/tools/Rules.mk + +TARGET :=3D test-p2m-pool + +.PHONY: all +all: $(TARGET) + +.PHONY: clean +clean: + $(RM) -- *.o $(TARGET) $(DEPS_RM) + +.PHONY: distclean +distclean: clean + $(RM) -- *~ + +.PHONY: install +install: all + $(INSTALL_DIR) $(DESTDIR)$(LIBEXEC_BIN) + $(INSTALL_PROG) $(TARGET) $(DESTDIR)$(LIBEXEC_BIN) + +.PHONY: uninstall +uninstall: + $(RM) -- $(DESTDIR)$(LIBEXEC_BIN)/$(TARGET) + +CFLAGS +=3D $(CFLAGS_xeninclude) +CFLAGS +=3D $(CFLAGS_libxenctrl) +CFLAGS +=3D $(CFLAGS_libxenforeginmemory) +CFLAGS +=3D $(CFLAGS_libxengnttab) +CFLAGS +=3D $(APPEND_CFLAGS) + +LDFLAGS +=3D $(LDLIBS_libxenctrl) +LDFLAGS +=3D $(LDLIBS_libxenforeignmemory) +LDFLAGS +=3D $(LDLIBS_libxengnttab) +LDFLAGS +=3D $(APPEND_LDFLAGS) + +%.o: Makefile + +$(TARGET): test-p2m-pool.o + $(CC) -o $@ $< $(LDFLAGS) + +-include $(DEPS_INCLUDE) diff --git a/tools/tests/p2m-pool/test-p2m-pool.c b/tools/tests/p2m-pool/te= st-p2m-pool.c new file mode 100644 index 000000000000..1ffb19eeb420 --- /dev/null +++ b/tools/tests/p2m-pool/test-p2m-pool.c @@ -0,0 +1,181 @@ +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +static unsigned int nr_failures; +#define fail(fmt, ...) \ +({ \ + nr_failures++; \ + (void)printf(fmt, ##__VA_ARGS__); \ +}) + +static xc_interface *xch; +static uint32_t domid; + +static struct xen_domctl_createdomain create =3D { + .flags =3D XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, + .max_vcpus =3D 1, + .max_grant_frames =3D 1, + .grant_opts =3D XEN_DOMCTL_GRANT_version(1), + + .arch =3D { +#if defined(__x86_64__) || defined(__i386__) + .emulation_flags =3D XEN_X86_EMU_LAPIC, +#endif + }, +}; + +static uint64_t default_p2m_size_bytes =3D +#if defined(__x86_64__) || defined(__i386__) + 256 << 12; /* Only x86 HAP for now. x86 Shadow broken. */ +#elif defined (__arm__) || defined(__aarch64__) + 16 << 12; +#endif + +static void run_tests(void) +{ + xen_pfn_t physmap[] =3D { 0 }; + uint64_t size_bytes, old_size_bytes; + int rc; + + printf("Test default p2m mempool size\n"); + + rc =3D xc_get_p2m_mempool_size(xch, domid, &size_bytes); + if ( rc ) + return fail(" Fail: get p2m mempool size: %d - %s\n", + errno, strerror(errno)); + + printf("P2M pool size %"PRIu64" bytes (%"PRIu64"kB, %"PRIu64"MB)\n", + size_bytes, size_bytes >> 10, size_bytes >> 20); + + + /* + * Check that the domain has the expected default allocation size. Th= is + * will fail if the logic in Xen is altered without an equivelent + * adjustment here. + */ + if ( size_bytes !=3D default_p2m_size_bytes ) + return fail(" Fail: size %"PRIu64" !=3D expected size %"PRIu64"\n= ", + size_bytes, default_p2m_size_bytes); + + + printf("Test that allocate doesn't alter pool size\n"); + + /* + * Populate the domain with some RAM. This will cause more of the p2m + * pool to be used. + */ + old_size_bytes =3D size_bytes; + + rc =3D xc_domain_setmaxmem(xch, domid, -1); + if ( rc ) + return fail(" Fail: setmaxmem: : %d - %s\n", + errno, strerror(errno)); + + rc =3D xc_domain_populate_physmap_exact(xch, domid, 1, 0, 0, physmap); + if ( rc ) + return fail(" Fail: populate physmap: %d - %s\n", + errno, strerror(errno)); + + /* + * Re-get the p2m size. Should not have changed as a consequence of + * populate physmap. + */ + rc =3D xc_get_p2m_mempool_size(xch, domid, &size_bytes); + if ( rc ) + return fail(" Fail: get p2m mempool size: %d - %s\n", + errno, strerror(errno)); + + if ( old_size_bytes !=3D size_bytes ) + return fail(" Fail: p2m mempool size changed %"PRIu64" =3D> %"PRI= u64"\n", + old_size_bytes, size_bytes); + + + + printf("Test bad set size\n"); + + /* + * Check that setting a non-page size results in failure. + */ + rc =3D xc_set_p2m_mempool_size(xch, domid, size_bytes + 1); + if ( rc !=3D -1 || errno !=3D EINVAL ) + return fail(" Fail: Bad set size: expected -1/EINVAL, got %d/%d -= %s\n", + rc, errno, strerror(errno)); + + + printf("Test very large set size\n"); + + /* + * Check that setting a large P2M size succeeds. This is expecting to + * trigger continuations. + */ + rc =3D xc_set_p2m_mempool_size(xch, domid, 64 << 20); + if ( rc ) + return fail(" Fail: Set size 64MB: %d - %s\n", + errno, strerror(errno)); + + + /* + * Check that the reported size matches what set consumed. + */ + rc =3D xc_get_p2m_mempool_size(xch, domid, &size_bytes); + if ( rc ) + return fail(" Fail: get p2m mempool size: %d - %s\n", + errno, strerror(errno)); + + if ( size_bytes !=3D 64 << 20 ) + return fail(" Fail: expected mempool size %u, got %"PRIu64"\n", + 64 << 20, size_bytes); +} + +int main(int argc, char **argv) +{ + int rc; + + printf("P2M Shadow memory pool tests\n"); + + xch =3D xc_interface_open(NULL, NULL, 0); + + if ( !xch ) + err(1, "xc_interface_open"); + + rc =3D xc_domain_create(xch, &domid, &create); + if ( rc ) + { + if ( errno =3D=3D EINVAL || errno =3D=3D EOPNOTSUPP ) + printf(" Skip: %d - %s\n", errno, strerror(errno)); + else + fail(" Domain create failure: %d - %s\n", + errno, strerror(errno)); + goto out; + } + + printf(" Created d%u\n", domid); + + run_tests(); + + rc =3D xc_domain_destroy(xch, domid); + if ( rc ) + fail(" Failed to destroy domain: %d - %s\n", + errno, strerror(errno)); + out: + return !!nr_failures; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --=20 2.11.0