From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0FA86C27C76 for ; Sat, 21 Jan 2023 00:16:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229782AbjAUAQU (ORCPT ); Fri, 20 Jan 2023 19:16:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51756 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229609AbjAUAQS (ORCPT ); Fri, 20 Jan 2023 19:16:18 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3F0B94CBF for ; Fri, 20 Jan 2023 16:16:15 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id i10-20020a25f20a000000b006ea4f43c0ddso7514889ybe.21 for ; Fri, 20 Jan 2023 16:16:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ubxGTk6gAS1cIf2CC99mo1vpnAlsFSvC6HXfL0FfYMo=; b=IB1WGTuvu8nhLqPJU6KIdsFohzOBKSI4NnuM0fwFx8tGKjnp0lx6I8O1+Ev+HPMvNt KtBBAMvONZubRoRoIahe13qF3I7FnV79jYBJVhT21MPmGWCWSormgW0W4/8sY2Bfrivh VGH+WQwesc8Ed/S2AIivkxK84nf6Ldyb0/jWJrqi36WR6ZIMyLRy/E8VD4zeDtqM3N8J BNaDwctQ7qJWu6xRrSOW0/oLrLgIvf+R8pMO5/YAZoPuy3ZKXsRGnA85QLxFtVPGqNNB wYucvMLaUOTUCPUT3GEv5oJAzhoKFt/zNUBRjX+oPVmggUmLN91tMe1jGx2/afChYK1F +0ZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ubxGTk6gAS1cIf2CC99mo1vpnAlsFSvC6HXfL0FfYMo=; b=k0c0bRZ09Y+S4RQV6JhQfHkJJdssKUjsYqpzLUUu5cRAFcplWvccsDbiCI9eaZ+U8q 5JvQL8ECMQlVVFILARMIbtp6f7WNP3Nch/uXZceaKXDDf60lWhnEhUr3cmrgztikCHMe +sTwQvBcqE4hs+azz4q0d25aZjy+eZBTgOHr0Lk/QlmGYZD+Tz+8vcUx2XskW+cJcLje a+wny4H+m4oI6hdR2N2Ljwb/Iv0v4NXAAtbfCWT9nrkP9YkWZT9otTcF8IjO69z9OJH0 gVSddInv3HOKJmquJaJeWIrQP79feD4BezNTal0QTAh7/E30XUOODSI82Y5Hb0pEWII+ oxZw== X-Gm-Message-State: AFqh2kozVBsnLKu3ykFCBSO2KD2CtsTZ4v1fV7HldpTzY7NZP1An0ujJ SxJrgfK8pQ1eTSJFQMlNDOjJcmIHLLgHatv3/w== X-Google-Smtp-Source: AMrXdXvR4ngP8OHu6BGxNu6WmvbrozuSzGpPfbhE1kHKUamx/22mwB0GXXs6Zy+c1rqPTIpgCwWWkaq6iKRnwG5Eqg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:d10a:0:b0:7ff:48e9:4d09 with SMTP id i10-20020a25d10a000000b007ff48e94d09mr506496ybg.440.1674260174863; Fri, 20 Jan 2023 16:16:14 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:12 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-2-ackerleytng@google.com> Subject: [RFC PATCH v3 01/31] KVM: selftests: Add function to allow one-to-one GVA to GPA mappings From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" One-to-one GVA to GPA mappings can be used in the guest to set up boot sequences during which paging is enabled, hence requiring a transition from using physical to virtual addresses in consecutive instructions. Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/kvm_util_base.h | 2 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 35 ++++++++++++++++--- 2 files changed, 32 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index 8dac0f49d20b9..0db5cd4b8383a 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -402,6 +402,8 @@ void vm_mem_region_delete(struct kvm_vm *vm, uint32_t s= lot); struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_m= in); vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t = vaddr_min); +vm_vaddr_t vm_vaddr_alloc_1to1(struct kvm_vm *vm, size_t sz, vm_vaddr_t va= ddr_min, + uint32_t data_memslot); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); =20 diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index fa8aea97cdb62..5257bce6f546d 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1237,6 +1237,8 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *= vm, size_t sz, * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address + * paddr_min - Minimum starting physical address + * data_memslot - memslot number to allocate in * encrypt - Whether the region should be handled as encrypted * * Output Args: None @@ -1251,14 +1253,15 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm= *vm, size_t sz, * a page. */ static vm_vaddr_t -_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, bool e= ncrypt) +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, + vm_paddr_t paddr_min, uint32_t data_memslot, bool encrypt) { uint64_t pages =3D (sz >> vm->page_shift) + ((sz % vm->page_size) !=3D 0); =20 virt_pgd_alloc(vm); vm_paddr_t paddr =3D _vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, - 0, encrypt); + paddr_min, + data_memslot, encrypt); =20 /* * Find an unused range of virtual page addresses of at least @@ -1281,12 +1284,34 @@ _vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_va= ddr_t vaddr_min, bool encrypt =20 vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_m= in) { - return _vm_vaddr_alloc(vm, sz, vaddr_min, vm->protected); + return _vm_vaddr_alloc(vm, sz, vaddr_min, + KVM_UTIL_MIN_PFN * vm->page_size, 0, + vm->protected); } =20 vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t = vaddr_min) { - return _vm_vaddr_alloc(vm, sz, vaddr_min, false); + return _vm_vaddr_alloc(vm, sz, vaddr_min, + KVM_UTIL_MIN_PFN * vm->page_size, 0, false); +} + +/** + * Allocate memory in @vm of size @sz in memslot with id @data_memslot, + * beginning with the desired address of @vaddr_min. + * + * If there isn't enough memory at @vaddr_min, find the next possible addr= ess + * that can meet the requested size in the given memslot. + * + * Return the address where the memory is allocated. + */ +vm_vaddr_t vm_vaddr_alloc_1to1(struct kvm_vm *vm, size_t sz, vm_vaddr_t va= ddr_min, + uint32_t data_memslot) +{ + vm_vaddr_t gva =3D _vm_vaddr_alloc(vm, sz, vaddr_min, (vm_paddr_t) vaddr_= min, + data_memslot, vm->protected); + ASSERT_EQ(gva, addr_gva2gpa(vm, gva)); + + return gva; } =20 /* --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B70CEC38159 for ; Sat, 21 Jan 2023 00:16:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229828AbjAUAQi (ORCPT ); Fri, 20 Jan 2023 19:16:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52210 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229768AbjAUAQa (ORCPT ); Fri, 20 Jan 2023 19:16:30 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E69BA5792 for ; Fri, 20 Jan 2023 16:16:19 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id y66-20020a253245000000b007cb4f1e3e57so7415087yby.8 for ; Fri, 20 Jan 2023 16:16:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=T7o4vSmm7ZL1KEassKDMWSbS80FYjDRO3LkEb1B3l7A=; b=Ol7HjVscoT8ho/9hbUrrCazQ67jYdiv/WqZ3xCCEBOmLMoRYL3BVBpX9yE4cKVDNaM k2Bs1B5PSpElX8QFPMjeAqEYDtW6CtPgpDi+gHVAujrUnMRQfAvsZpqSatGSNrRowTaY qWOU0SderZMc9TdF+m65z5N/Gy26LtNslf/DkyoJYelWAo3xwiQtDsGz+8R91hjiD+1B l5KYpyddlEv1NtUoggfZL9Kb5LuD9WrfVdLaMcy96u+xYmf8sycyvox4f0JLDUf/+mvX dEbJG3xxtHu7lbyab1L26tQFECJWcXKTfIsiqYhE4WfGeXUMwnPZA6OXAjwJsBj9Ko2T /7RA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=T7o4vSmm7ZL1KEassKDMWSbS80FYjDRO3LkEb1B3l7A=; b=zGd3JhJ/qy1KWWx4QCoKYFk+ac3c5l7MtOOlfjH5IhDy9cK7NR1Z5jruGPdfMLYl4s /eeS8j0LUjNmepjv9ni4WSKi+Uvxa9PIqx3MTRFqr8zDA4I+oRCpI4Xd8jSawy22xUW3 zXk7i4u5UuR5YPVXhE+eHtedF9wynmUxKpzu5LG4tvqPA4nwSQoyBMmyF6iFlhI1SqpC je/P7C7PnnsdY706V+wpL2pFW9gb2EUt1IP27bQyoCzRY/IsMeQqgiNnukeoeSBZ1Vda 4jRoNKNL3F/wMmCmxB9A2S59AVkoNn6a0vxMyyBn6dXMJtFJ+zKyCB140a7qWHfVQ2n4 dTNw== X-Gm-Message-State: AFqh2kq6cnTdKdswvl7pYtU2UiQzurj9sODRd8vF4BDh4NCsggGQLBGQ 6JGo2Wik4jmkMYfdMJjgSL7eY81495csvHRnBQ== X-Google-Smtp-Source: AMrXdXvb6e+7GbFt53kF2e0bJ3VgqeUIfUKaID4GUf2ASLS61yYJrydHuxqaqc5U/Mq13V5eDDpJ8IqcnwLc8SZnBQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:d5c6:0:b0:4ef:ce3a:a54 with SMTP id x189-20020a0dd5c6000000b004efce3a0a54mr2181857ywd.485.1674260179077; Fri, 20 Jan 2023 16:16:19 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:13 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-3-ackerleytng@google.com> Subject: [RFC PATCH v3 02/31] KVM: selftests: Add support for creating non-default type VMs From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Erdem Aktas Currently vm_create function only creates KVM_VM_TYPE_DEFAULT type VMs. Adding type parameter to ____vm_create to create new VM types. Signed-off-by: Erdem Aktas Reviewed-by: David Matlack Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/include/kvm_util_base.h | 6 ++++-- tools/testing/selftests/kvm/lib/kvm_util.c | 6 +++--- tools/testing/selftests/kvm/lib/x86_64/sev.c | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index 0db5cd4b8383a..0fa4dab3d8e52 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -27,6 +27,8 @@ =20 #define NSEC_PER_SEC 1000000000L =20 +#define KVM_VM_TYPE_DEFAULT 0 + typedef uint64_t vm_paddr_t; /* Virtual Machine (Guest) physical address */ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ =20 @@ -686,13 +688,13 @@ uint64_t vm_nr_pages_required(enum vm_guest_mode mode, * __vm_create() does NOT create vCPUs, @nr_runnable_vcpus is used purely = to * calculate the amount of memory needed for per-vCPU data, e.g. stacks. */ -struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages); +struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages, i= nt type); struct kvm_vm *__vm_create(enum vm_guest_mode mode, uint32_t nr_runnable_v= cpus, uint64_t nr_extra_pages); =20 static inline struct kvm_vm *vm_create_barebones(void) { - return ____vm_create(VM_MODE_DEFAULT, 0); + return ____vm_create(VM_MODE_DEFAULT, 0, KVM_VM_TYPE_DEFAULT); } =20 static inline struct kvm_vm *vm_create(uint32_t nr_runnable_vcpus) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index 5257bce6f546d..14246f0fd2e78 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -185,7 +185,7 @@ const struct vm_guest_mode_params vm_guest_mode_params[= ] =3D { _Static_assert(sizeof(vm_guest_mode_params)/sizeof(struct vm_guest_mode_pa= rams) =3D=3D NUM_VM_MODES, "Missing new mode params?"); =20 -struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages) +struct kvm_vm *____vm_create(enum vm_guest_mode mode, uint64_t nr_pages, i= nt type) { struct kvm_vm *vm; =20 @@ -201,7 +201,7 @@ struct kvm_vm *____vm_create(enum vm_guest_mode mode, u= int64_t nr_pages) hash_init(vm->regions.slot_hash); =20 vm->mode =3D mode; - vm->type =3D 0; + vm->type =3D type; =20 vm->pa_bits =3D vm_guest_mode_params[mode].pa_bits; vm->va_bits =3D vm_guest_mode_params[mode].va_bits; @@ -337,7 +337,7 @@ struct kvm_vm *__vm_create(enum vm_guest_mode mode, uin= t32_t nr_runnable_vcpus, struct userspace_mem_region *slot0; struct kvm_vm *vm; =20 - vm =3D ____vm_create(mode, nr_pages); + vm =3D ____vm_create(mode, nr_pages, KVM_VM_TYPE_DEFAULT); =20 kvm_vm_elf_load(vm, program_invocation_name); =20 diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/s= elftests/kvm/lib/x86_64/sev.c index faed2ebe63ac9..dedfd9f45cfb3 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -221,7 +221,7 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t pol= icy, void *guest_code, uint64_t nr_pages =3D vm_nr_pages_required(mode, 1, 0); struct kvm_vm *vm; =20 - vm =3D ____vm_create(mode, nr_pages); + vm =3D ____vm_create(mode, nr_pages, KVM_VM_TYPE_DEFAULT); =20 kvm_sev_ioctl(vm, KVM_SEV_INIT, NULL); =20 --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70389C38A23 for ; Sat, 21 Jan 2023 00:16:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229877AbjAUAQk (ORCPT ); Fri, 20 Jan 2023 19:16:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229635AbjAUAQg (ORCPT ); Fri, 20 Jan 2023 19:16:36 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1CBCDBCE1D for ; Fri, 20 Jan 2023 16:16:24 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5005ef73cf3so26574807b3.2 for ; Fri, 20 Jan 2023 16:16:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=BLjdusZm+xjhNzljGhXw4f9568iWucER7Te8w8OqhFs=; b=TDIaCVqYeIkQPZRKMJoacHO6RWwqZ2saZD80hqMq+dsF0MaeVOmsLzBudmhT2LAPx6 zXDGZGPegVLI4pfT2pxUSy2kD77TugYTngV83uqsZH0JbgQjUo3PECb0APIQb47XYCU9 FqwQQ0drC8OvMGcqLF17TkJ2k0eZfsT1Zrg/5meqhIngWjQD5BqlijWlRxExc0y3Uu4d IIJ6t3o1ybuEgQVMCJCJG2Jxzi/FF9RYYuTrxEZU/uPetZKthsFlpDy6vDTBeTw+dVz5 xnBH5JLrC3+jM+Bgx5gy7skPT/bfFSb6GNucSPJw/48hiZ7D2UOe1g//87WZ714vK9yr 5zXA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=BLjdusZm+xjhNzljGhXw4f9568iWucER7Te8w8OqhFs=; b=2wbCYmWe7+3Oj2wnoVS16XXry2lDvMtJLZfU8Tcm7AofWfqEHVf7qQGM4HWOwHDwQH LvfDsF4JCA2rlHEjw5ruIJOcaxV6wVknB2mFV7rAXXABeosja0MnozQoZmvyRggWYqyy GRBs0cl375SG6spE0WXy2W4r3yiXKZ2IBIDDWTbSSNTdpHP3MV//4zOtqRsW1KUtma4K RKvBSu3kfzYJbpM1FUjBtDgVtpnQ8v7R1W5cCga8wxZZq1lycQ+qUTy3O1JgPKAIKV1Q NaeNXY5DYiR7phIWsgnngNpEtdmToJj8YS/5+z53Pp3OVo9ksBPIYmqIdOP9NGymK3AZ fZPA== X-Gm-Message-State: AFqh2krf7jNLZvDUp3k41GDs2WoRWzAHkUQOV/RvLdhVr7ATdJ9lv/ml Me31ORaIsQtDuS3cNZaq5rp+VMb/+cPCsSx2pw== X-Google-Smtp-Source: AMrXdXsHP5+f2fpfYzE99STHEa4P9O08B98yUTieK273C17++g9izQw4HiDu7GbrwsdBFOcun4exBxIBpIXN2zIitg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:dc8f:0:b0:768:2e4c:9799 with SMTP id y137-20020a25dc8f000000b007682e4c9799mr2014885ybe.481.1674260183238; Fri, 20 Jan 2023 16:16:23 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:14 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-4-ackerleytng@google.com> Subject: [RFC PATCH v3 03/31] KVM: selftests: Expose function that sets up sregs based on VM's mode From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This allows initializing sregs without setting vCPU registers in KVM. No functional change intended. Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/processor.h | 2 + .../selftests/kvm/lib/x86_64/processor.c | 39 ++++++++++--------- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools= /testing/selftests/kvm/include/x86_64/processor.h index e8ca0d8a6a7e0..74e0d3698f30c 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -644,6 +644,8 @@ const struct kvm_cpuid_entry2 *get_cpuid_entry(const st= ruct kvm_cpuid2 *cpuid, void vcpu_init_cpuid(struct kvm_vcpu *vcpu, const struct kvm_cpuid2 *cpuid= ); void vcpu_set_hv_cpuid(struct kvm_vcpu *vcpu); =20 +void vcpu_setup_mode_sregs(struct kvm_vm *vm, struct kvm_sregs *sregs); + static inline struct kvm_cpuid_entry2 *__vcpu_get_cpuid_entry(struct kvm_v= cpu *vcpu, uint32_t function, uint32_t index) diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/tes= ting/selftests/kvm/lib/x86_64/processor.c index ed811181320de..1bb07d3c025b0 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -589,35 +589,38 @@ static void kvm_setup_tss_64bit(struct kvm_vm *vm, st= ruct kvm_segment *segp, kvm_seg_fill_gdt_64bit(vm, segp); } =20 -static void vcpu_setup(struct kvm_vm *vm, struct kvm_vcpu *vcpu) +void vcpu_setup_mode_sregs(struct kvm_vm *vm, struct kvm_sregs *sregs) { - struct kvm_sregs sregs; - - /* Set mode specific system register values. */ - vcpu_sregs_get(vcpu, &sregs); - - sregs.idt.limit =3D 0; + sregs->idt.limit =3D 0; =20 - kvm_setup_gdt(vm, &sregs.gdt); + kvm_setup_gdt(vm, &sregs->gdt); =20 switch (vm->mode) { case VM_MODE_PXXV48_4K: - sregs.cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG; - sregs.cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR; - sregs.efer |=3D (EFER_LME | EFER_LMA | EFER_NX); - - kvm_seg_set_unusable(&sregs.ldt); - kvm_seg_set_kernel_code_64bit(vm, DEFAULT_CODE_SELECTOR, &sregs.cs); - kvm_seg_set_kernel_data_64bit(vm, DEFAULT_DATA_SELECTOR, &sregs.ds); - kvm_seg_set_kernel_data_64bit(vm, DEFAULT_DATA_SELECTOR, &sregs.es); - kvm_setup_tss_64bit(vm, &sregs.tr, 0x18); + sregs->cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG; + sregs->cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR; + sregs->efer |=3D (EFER_LME | EFER_LMA | EFER_NX); + + kvm_seg_set_unusable(&sregs->ldt); + kvm_seg_set_kernel_code_64bit(vm, DEFAULT_CODE_SELECTOR, &sregs->cs); + kvm_seg_set_kernel_data_64bit(vm, DEFAULT_DATA_SELECTOR, &sregs->ds); + kvm_seg_set_kernel_data_64bit(vm, DEFAULT_DATA_SELECTOR, &sregs->es); + kvm_setup_tss_64bit(vm, &sregs->tr, 0x18); break; =20 default: TEST_FAIL("Unknown guest mode, mode: 0x%x", vm->mode); } =20 - sregs.cr3 =3D vm->pgd; + sregs->cr3 =3D vm->pgd; +} + +static void vcpu_setup(struct kvm_vm *vm, struct kvm_vcpu *vcpu) +{ + struct kvm_sregs sregs; + + vcpu_sregs_get(vcpu, &sregs); + vcpu_setup_mode_sregs(vm, &sregs); vcpu_sregs_set(vcpu, &sregs); } =20 --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9967C05027 for ; Sat, 21 Jan 2023 00:16:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229712AbjAUAQx (ORCPT ); Fri, 20 Jan 2023 19:16:53 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229487AbjAUAQv (ORCPT ); Fri, 20 Jan 2023 19:16:51 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 75CA4B2E7E for ; Fri, 20 Jan 2023 16:16:29 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-482d3bf0266so65459647b3.3 for ; Fri, 20 Jan 2023 16:16:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/APv3/dZy7Uqys8Jgj7g1WItGoK9cC/vyW/fiLSrtbM=; b=ZFdMejAyz/1eZEWr6CE1KV/fJwKp4C6f4WL5WtXgG88Np70btURm7pCninpSBJojSB KK4E1iX1M3bD1CrMEe4+TSvBz0j4p7sloEuWZiK9VTejKWAIi7iFN2TD2wx9bXQUiHIb +N9i7a3cCH8iuJMbmDKcH1m+HVakzAaXEoTeuCn1D4sqK0IYS60MuIdP8R8qi/dtoP6G shrtjQKccnaUQ32fGfOFnCMAJInqvLEq80PrMtih/PuI5gl5APa3sS9i9AwrKjFF9haB 0dezXLc/gkEEnKcCbbPzFws3RnU+sOo817JJSWaDmG2u6vrvIAwWsroUE7nZMwqMaw4b tXCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/APv3/dZy7Uqys8Jgj7g1WItGoK9cC/vyW/fiLSrtbM=; b=YjIdxgXgdS+Rc/USeYx3NEoIL0kAu06o5khxrtngmaXQZqgqRYHu4B8fFApxcQiYKs AEmle6FvaQCDPy3lrtS40jPtqhADcOVyKZqMp3kXaMLSdHjzf7VkObxBGbEhvUf5ium5 O6t2pW7KdoFQhZ/kPIXcZyi3xtTxFzZSLkkrRLEXTBaa5taTp2WY97Lfz5VXKzxK8Pb+ qrQcs37GhqfyjGrZB3YscCGR+Nx1WeRT2D/NUccA5xyEpBGXdRfWfKEYqL/G07TgAZtu fOSLDxBCsqsC6ZzgCT2rTJNS3QaA8tuLx6LwV2jhfyHTad6NUFMpE96cKwBAgDGqV27Y pqHA== X-Gm-Message-State: AFqh2ko+UTusvA/6seHWi4DPitzsX8jRvsHGhZsCCzV5mdXkULSmL1n9 +Tmvyd79PejteOmPgd1gkShnsnRxrTKUAJLWEQ== X-Google-Smtp-Source: AMrXdXumVBpMD1wS8t96TrOMSwGj8T1nGqZGed5JUaR2MYkla7J53/4pjMUrQ09V611Z1bZNhJPET1aOdRMlceefig== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:2bc1:0:b0:7fe:35ff:fddb with SMTP id r184-20020a252bc1000000b007fe35fffddbmr791742ybr.466.1674260188336; Fri, 20 Jan 2023 16:16:28 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:15 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-5-ackerleytng@google.com> Subject: [RFC PATCH v3 04/31] KVM: selftests: Store initial stack address in struct kvm_vcpu From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX guests' registers cannot be initialized directly using vcpu_regs_set(), hence the stack pointer needs to be initialized by the guest itself, running boot code beginning at the reset vector. We store the stack address as part of struct kvm_vcpu so that it can be accessible later to be passed to the boot code for rsp initialization. Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/include/kvm_util_base.h | 1 + tools/testing/selftests/kvm/lib/x86_64/processor.c | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index 0fa4dab3d8e52..cdc204cfeb4c2 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -54,6 +54,7 @@ struct kvm_vcpu { int fd; struct kvm_vm *vm; struct kvm_run *run; + vm_vaddr_t initial_stack_addr; #ifdef __x86_64__ struct kvm_cpuid2 *cpuid; #endif diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/tes= ting/selftests/kvm/lib/x86_64/processor.c index 1bb07d3c025b0..3046b555fee49 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -673,10 +673,12 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, = uint32_t vcpu_id, vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid()); vcpu_setup(vm, vcpu); =20 + vcpu->initial_stack_addr =3D stack_vaddr + (DEFAULT_STACK_PGS * getpagesi= ze()); + /* Setup guest general purpose registers */ vcpu_regs_get(vcpu, ®s); regs.rflags =3D regs.rflags | 0x2; - regs.rsp =3D stack_vaddr + (DEFAULT_STACK_PGS * getpagesize()); + regs.rsp =3D vcpu->initial_stack_addr; regs.rip =3D (unsigned long) guest_code; vcpu_regs_set(vcpu, ®s); =20 --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7B3CC38159 for ; Sat, 21 Jan 2023 00:17:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229852AbjAUARB (ORCPT ); Fri, 20 Jan 2023 19:17:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229565AbjAUAQ7 (ORCPT ); Fri, 20 Jan 2023 19:16:59 -0500 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3F6CC4E83 for ; Fri, 20 Jan 2023 16:16:33 -0800 (PST) Received: by mail-pj1-x104a.google.com with SMTP id s24-20020a17090aa11800b00229fef3ac5dso2106641pjp.5 for ; Fri, 20 Jan 2023 16:16:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=QxiTKLEOm+oMFK9aaHGMPXI17btDBmCLc/NZqm71Tbk=; b=ltg8p9DEmbRdkxoxc6sGLalH7h0V44/ZmiZXmsQJH6kv+DbmFIWf5KGM42u6kDqI1C kJrNb8zRDReE8eeRiN8umkJCpsFiX+UYIu+pGuoluI1Zuek9LVJsFIykRih4Xw1SQm72 OIcEima7xZ1R1ZJYnf0j5FZPl6Dr94ZMPGNKFmBeR+L8GqvRWIx0t0Y7l8uAFFjkt/Gg j1fv9SYiKYWxSPStjIQRcJAwCJFpf+iEOWEw4MwV70sQfJN7vm9CGFM1/JzgS4MEn3td dcgTt8nvI3TeKTgF0Af3BzAV/Ox4IwvVmxyRyqYz7fbV6XDJoOorffqL27rXS6JNXrWd xFzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=QxiTKLEOm+oMFK9aaHGMPXI17btDBmCLc/NZqm71Tbk=; b=NEZYa6KRsJ98WH5EeJg26ZYkb22fV3cjd/psxFwMV74oaN4+rTIPJrZjakLdXFHNwN zCZpuCJibICjytWE6uKpK49181AT77pOHi3BDcjwO80dhWGqBth3TZK1GWwC9MFELT7u qUJ2vkOIpFRj3gGGjpP7dxEr2gdYPH40YPfyplYQTgkU8yXrgTbi7xX9eXEEpizUIB1c Y73bmE0MIJH3lukuDshMWainor2eYgHa1WcA6T2M5CMJuHR8HjgZkiJNp4F17Dq2aOEa zNVLg4G0DUpq7a972FnDxZR7+CEC+dP1zbq4QhS6kSAuwWvCoyvvXd9K6C517FlYzrs9 YXjA== X-Gm-Message-State: AFqh2kp0e2xAAtJu7R+c09fJ5Sm/gEBl0NX7JrjH5LyJ6RzIg23JX3Fv yAAiULmm1ZLu6hAZoAQQrrc6rn858h6cvEqOXA== X-Google-Smtp-Source: AMrXdXv3LAmIr5JKeM8fvEWbKjfhX1gzLGtTUG4MGSdye8JI6uNnwFl9V9QefgMRzXdW7pmlEuZDNWb1BB8eEn9p6w== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a17:902:9a81:b0:194:6f35:db45 with SMTP id w1-20020a1709029a8100b001946f35db45mr1817207plp.27.1674260192836; Fri, 20 Jan 2023 16:16:32 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:16 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-6-ackerleytng@google.com> Subject: [RFC PATCH v3 05/31] KVM: selftests: Refactor steps in vCPU descriptor table initialization From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Split the vCPU descriptor table initialization process into a few steps and expose them: + Setting up the IDT + Syncing exception handlers into the guest In kvm_setup_idt(), we conditionally allocate guest memory for vm->idt to avoid double allocation when kvm_setup_idt() is used after vm_init_descriptor_tables(). Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/processor.h | 2 ++ .../selftests/kvm/lib/x86_64/processor.c | 19 ++++++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools= /testing/selftests/kvm/include/x86_64/processor.h index 74e0d3698f30c..abaaab4d885c1 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -750,6 +750,8 @@ struct ex_regs { uint64_t rflags; }; =20 +void kvm_setup_idt(struct kvm_vm *vm, struct kvm_dtable *dt); +void sync_exception_handlers_to_guest(struct kvm_vm *vm); void vm_init_descriptor_tables(struct kvm_vm *vm); void vcpu_init_descriptor_tables(struct kvm_vcpu *vcpu); void vm_install_exception_handler(struct kvm_vm *vm, int vector, diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/tes= ting/selftests/kvm/lib/x86_64/processor.c index 3046b555fee49..1ea1019d48c13 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -1174,19 +1174,32 @@ void vm_init_descriptor_tables(struct kvm_vm *vm) DEFAULT_CODE_SELECTOR); } =20 +void kvm_setup_idt(struct kvm_vm *vm, struct kvm_dtable *dt) +{ + if (!vm->idt) + vm->idt =3D vm_vaddr_alloc_page(vm); + + dt->base =3D vm->idt; + dt->limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1; +} + +void sync_exception_handlers_to_guest(struct kvm_vm *vm) +{ + *(vm_vaddr_t *)addr_gva2hva(vm, (vm_vaddr_t)(&exception_handlers)) =3D vm= ->handlers; +} + void vcpu_init_descriptor_tables(struct kvm_vcpu *vcpu) { struct kvm_vm *vm =3D vcpu->vm; struct kvm_sregs sregs; =20 vcpu_sregs_get(vcpu, &sregs); - sregs.idt.base =3D vm->idt; - sregs.idt.limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1; + kvm_setup_idt(vcpu->vm, &sregs.idt); sregs.gdt.base =3D vm->gdt; sregs.gdt.limit =3D getpagesize() - 1; kvm_seg_set_kernel_data_64bit(NULL, DEFAULT_DATA_SELECTOR, &sregs.gs); vcpu_sregs_set(vcpu, &sregs); - *(vm_vaddr_t *)addr_gva2hva(vm, (vm_vaddr_t)(&exception_handlers)) =3D vm= ->handlers; + sync_exception_handlers_to_guest(vm); } =20 void vm_install_exception_handler(struct kvm_vm *vm, int vector, --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7084EC05027 for ; Sat, 21 Jan 2023 00:17:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229906AbjAUARS (ORCPT ); Fri, 20 Jan 2023 19:17:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229737AbjAUARJ (ORCPT ); Fri, 20 Jan 2023 19:17:09 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30575C13DA for ; Fri, 20 Jan 2023 16:16:38 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id z9-20020a25ba49000000b007d4416e3667so7511809ybj.23 for ; Fri, 20 Jan 2023 16:16:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=tMPwncQ1gJtbGz/ljguovcCY9rJ5FMvKrUuU8X2W2Bo=; b=GUyfjPJR9+g/Sg7H2zGwYF8aYccrNPb7vCAFqOQFCBcyn+IQRPGJ5nXtZepkEdAdod UbAqqP4uNzDT11t+P538NStpIM/mSdj3V3qDtbOINskTymF4zugnF9F4B0aYVVo8WSso YZBcW3zxFdKAxpz0jr2e1YCFf2Bx5v3TqomUqdIzLeY/gl66AqtQKN6Raf/9l3xPw5fy nCLbbMZpwEHFtmcPLYGvgoBcVDPNOhKPmxT6bdpvJzFumMTaqkiV5QcaNWFEFYqoF1+U 8UJKhWS8VEVeFylcyCLTINPOlJ1pqX7v9JmlNHZKj2Jm/hCB/Mhq5XAfPC3ZBTYYCGc8 PEhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=tMPwncQ1gJtbGz/ljguovcCY9rJ5FMvKrUuU8X2W2Bo=; b=TaEDlaD9bRZ46oAtlVn8o4OQeI5sRN9/vJc9bk/yVyAYYDQU0HxGixfLETFn06pqxz tC7xR3H4dCa5ofX7U0kI1lf7hI6bwZ2wbLA79ysLjwMZTYThpyMX78654FvHSNm/coz2 eGM+QW3mc1boEt2K8dbXbLyZByY5a0RZ7Pz0r2VAvMzYEoghn7IxD1ro6PnUjS1J98YP pzDlgecxm3EvTT2r+PezhW9HNXqoJIQOFdXSmf5A7h74FuNEfab/SJ5dvF0MnQ2pGtp+ VudzmzKsNN8o6kVa4aTKH+NAaZpawttSuqVPiHnfcGVg/+JxmpEmqaHckDz73RgT6C// ehXQ== X-Gm-Message-State: AFqh2kq2rT2EEDMx1F6doz8OZgZH3M2Q0biTEei/gV8TbnUz/PAecl6j O9+0sHNXb1P+x6Itv6ZaF+UzVRj2lyMdU1bwBQ== X-Google-Smtp-Source: AMrXdXvUzdVeIPaSonRk94pmuklfVRVqZpOfB8xRmZ0eJgOBhWmMIiHDW94gJm7JAEUsn0iqpXyEEIwnHaBCCU/9nA== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:e610:0:b0:3d6:bc67:ddb9 with SMTP id p16-20020a0de610000000b003d6bc67ddb9mr2402266ywe.98.1674260197404; Fri, 20 Jan 2023 16:16:37 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:17 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-7-ackerleytng@google.com> Subject: [RFC PATCH v3 06/31] KVM: selftests: Add helper functions to create TDX VMs From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Erdem Aktas TDX requires additional IOCTLs to initialize VM and vCPUs to add private memory and to finalize the VM memory. Also additional utility functions are provided to manipulate a TD, similar to those that manipulate a VM in the current selftest framework. A TD's initial register state cannot be manipulated directly by setting the VM's memory, hence boot code is provided at the TD's reset vector. This boot code takes boot parameters loaded in the TD's memory and sets up the TD for the selftest. Signed-off-by: Erdem Aktas Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng --- Changes RFCv2 -> RFCv3 + Refactored out required cpuid changes as tdx_apply_cpuid_restrictions (a more meaningful function) + Also fixed logic for setting LBR and CET features to use sub-leaf 1 instead of 0 previously + Renamed ioctl calls to match names used in the kernel for easy referencing --- tools/testing/selftests/kvm/Makefile | 2 + .../kvm/include/x86_64/tdx/td_boot.h | 82 ++++ .../kvm/include/x86_64/tdx/td_boot_asm.h | 16 + .../kvm/include/x86_64/tdx/tdx_util.h | 16 + .../selftests/kvm/lib/x86_64/tdx/td_boot.S | 101 ++++ .../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 438 ++++++++++++++++++ 6 files changed, 655 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/td_boot.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/td_boot_= asm.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util= .h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx/td_boot.S create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests= /kvm/Makefile index 1eb9b2aa7c220..317927d9c55bd 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -59,6 +59,8 @@ LIBKVM_x86_64 +=3D lib/x86_64/svm.c LIBKVM_x86_64 +=3D lib/x86_64/ucall.c LIBKVM_x86_64 +=3D lib/x86_64/vmx.c LIBKVM_x86_64 +=3D lib/x86_64/sev.c +LIBKVM_x86_64 +=3D lib/x86_64/tdx/tdx_util.c +LIBKVM_x86_64 +=3D lib/x86_64/tdx/td_boot.S LIBKVM_aarch64 +=3D lib/aarch64/gic.c LIBKVM_aarch64 +=3D lib/aarch64/gic_v3.c diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/td_boot.h b/too= ls/testing/selftests/kvm/include/x86_64/tdx/td_boot.h new file mode 100644 index 0000000000000..148057e569d69 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/td_boot.h @@ -0,0 +1,82 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TD_BOOT_H +#define SELFTEST_TDX_TD_BOOT_H + +#include +#include "tdx/td_boot_asm.h" + +/* + * Layout for boot section (not to scale) + * + * GPA + * =E2=94=8C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=AC=E2=94=80=E2=94= =800x1_0000_0000 (4GB) + * =E2=94=82 Boot code trampoline =E2=94=82 + * =E2=94=9C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=BC=E2=94=80=E2=94= =800x0_ffff_fff0: Reset vector (16B below 4GB) + * =E2=94=82 Boot code =E2=94=82 + * =E2=94=9C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=BC=E2=94=80=E2=94= =80td_boot will be copied here, so that the + * =E2=94=82 =E2=94=82 jmp to td_boot is exac= tly at the reset vector + * =E2=94=82 Empty space =E2=94=82 + * =E2=94=82 =E2=94=82 + * =E2=94=9C=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=A4 + * =E2=94=82 =E2=94=82 + * =E2=94=82 =E2=94=82 + * =E2=94=82 Boot parameters =E2=94=82 + * =E2=94=82 =E2=94=82 + * =E2=94=82 =E2=94=82 + * =E2=94=94=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=B4=E2=94=80=E2=94= =800x0_ffff_0000: TD_BOOT_PARAMETERS_GPA + */ +#define FOUR_GIGABYTES_GPA (4ULL << 30) + +/** + * The exact memory layout for LGDT or LIDT instructions. + */ +struct __packed td_boot_parameters_dtr { + uint16_t limit; + uint32_t base; +}; + +/** + * The exact layout in memory required for a ljmp, including the selector = for + * changing code segment. + */ +struct __packed td_boot_parameters_ljmp_target { + uint32_t eip_gva; + uint16_t code64_sel; +}; + +/** + * Allows each vCPU to be initialized with different eip and esp. + */ +struct __packed td_per_vcpu_parameters { + uint32_t esp_gva; + struct td_boot_parameters_ljmp_target ljmp_target; +}; + +/** + * Boot parameters for the TD. + * + * Unlike a regular VM, we can't ask KVM to set registers such as esp, eip= , etc + * before boot, so to run selftests, these registers' values have to be + * initialized by the TD. + * + * This struct is loaded in TD private memory at TD_BOOT_PARAMETERS_GPA. + * + * The TD boot code will read off parameters from this struct and set up t= he + * vcpu for executing selftests. + */ +struct __packed td_boot_parameters { + uint32_t cr0; + uint32_t cr3; + uint32_t cr4; + struct td_boot_parameters_dtr gdtr; + struct td_boot_parameters_dtr idtr; + struct td_per_vcpu_parameters per_vcpu[]; +}; + +extern void td_boot(void); +extern void reset_vector(void); +extern void td_boot_code_end(void); + +#define TD_BOOT_CODE_SIZE (td_boot_code_end - td_boot) + +#endif /* SELFTEST_TDX_TD_BOOT_H */ diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/td_boot_asm.h b= /tools/testing/selftests/kvm/include/x86_64/tdx/td_boot_asm.h new file mode 100644 index 0000000000000..0a07104f7debf --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/td_boot_asm.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TD_BOOT_ASM_H +#define SELFTEST_TDX_TD_BOOT_ASM_H + +/* + * GPA where TD boot parameters wil lbe loaded. + * + * TD_BOOT_PARAMETERS_GPA is arbitrarily chosen to + * + * + be within the 4GB address space + * + provide enough contiguous memory for the struct td_boot_parameters su= ch + * that there is one struct td_per_vcpu_parameters for KVM_MAX_VCPUS + */ +#define TD_BOOT_PARAMETERS_GPA 0xffff0000 + +#endif // SELFTEST_TDX_TD_BOOT_ASM_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h b/to= ols/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h new file mode 100644 index 0000000000000..274b245f200bf --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTESTS_TDX_KVM_UTIL_H +#define SELFTESTS_TDX_KVM_UTIL_H + +#include + +#include "kvm_util_base.h" + +struct kvm_vcpu *td_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id, void *gu= est_code); + +struct kvm_vm *td_create(void); +void td_initialize(struct kvm_vm *vm, enum vm_mem_backing_src_type src_typ= e, + uint64_t attributes); +void td_finalize(struct kvm_vm *vm); + +#endif // SELFTESTS_TDX_KVM_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/td_boot.S b/tools/t= esting/selftests/kvm/lib/x86_64/tdx/td_boot.S new file mode 100644 index 0000000000000..800e09264d4ec --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/td_boot.S @@ -0,0 +1,101 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include "tdx/td_boot_asm.h" + +/* Offsets for reading struct td_boot_parameters */ +#define TD_BOOT_PARAMETERS_CR0 0 +#define TD_BOOT_PARAMETERS_CR3 4 +#define TD_BOOT_PARAMETERS_CR4 8 +#define TD_BOOT_PARAMETERS_GDT 12 +#define TD_BOOT_PARAMETERS_IDT 18 +#define TD_BOOT_PARAMETERS_PER_VCPU 24 + +/* Offsets for reading struct td_per_vcpu_parameters */ +#define TD_PER_VCPU_PARAMETERS_ESP_GVA 0 +#define TD_PER_VCPU_PARAMETERS_LJMP_TARGET 4 + +#define SIZEOF_TD_PER_VCPU_PARAMETERS 10 + +.code32 + +.globl td_boot +td_boot: + /* In this procedure, edi is used as a temporary register */ + cli + + /* Paging is off */ + + movl $TD_BOOT_PARAMETERS_GPA, %ebx + + /* + * Find the address of struct td_per_vcpu_parameters for this + * vCPU based on esi (TDX spec: initialized with vcpu id). Put + * struct address into register for indirect addressing + */ + movl $SIZEOF_TD_PER_VCPU_PARAMETERS, %eax + mul %esi + leal TD_BOOT_PARAMETERS_PER_VCPU(%ebx), %edi + addl %edi, %eax + + /* Setup stack */ + movl TD_PER_VCPU_PARAMETERS_ESP_GVA(%eax), %esp + + /* Setup GDT */ + leal TD_BOOT_PARAMETERS_GDT(%ebx), %edi + lgdt (%edi) + + /* Setup IDT */ + leal TD_BOOT_PARAMETERS_IDT(%ebx), %edi + lidt (%edi) + + /* + * Set up control registers (There are no instructions to + * mov from memory to control registers, hence we need to use ebx + * as a scratch register) + */ + movl TD_BOOT_PARAMETERS_CR4(%ebx), %edi + movl %edi, %cr4 + movl TD_BOOT_PARAMETERS_CR3(%ebx), %edi + movl %edi, %cr3 + movl TD_BOOT_PARAMETERS_CR0(%ebx), %edi + movl %edi, %cr0 + + /* Paging is on after setting the most significant bit on cr0 */ + + /* + * Jump to selftest guest code. Far jumps read from . This location has + * already been set up in boot parameters, and we can read boot + * parameters because boot code and boot parameters are loaded so + * that GVA and GPA are mapped 1:1. + */ + ljmp *TD_PER_VCPU_PARAMETERS_LJMP_TARGET(%eax) + +.globl reset_vector +reset_vector: + jmp td_boot + /* + * Pad reset_vector to its full size of 16 bytes so that this + * can be loaded with the end of reset_vector aligned to GPA=3D4G + */ + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + int3 + +/* Leave marker so size of td_boot code can be computed */ +.globl td_boot_code_end +td_boot_code_end: + +/* Disable executable stack */ +.section .note.GNU-stack,"",%progbits diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/= testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c new file mode 100644 index 0000000000000..3564059c0b89b --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c @@ -0,0 +1,438 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include + +#include "kvm_util.h" +#include "test_util.h" +#include "tdx/td_boot.h" +#include "kvm_util_base.h" +#include "processor.h" + +/* + * TDX ioctls + */ + +static char *tdx_cmd_str[] =3D { + "KVM_TDX_CAPABILITIES", + "KVM_TDX_INIT_VM", + "KVM_TDX_INIT_VCPU", + "KVM_TDX_INIT_MEM_REGION", + "KVM_TDX_FINALIZE_VM" +}; +#define TDX_MAX_CMD_STR (ARRAY_SIZE(tdx_cmd_str)) + +static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) +{ + struct kvm_tdx_cmd tdx_cmd; + int r; + + TEST_ASSERT(ioctl_no < TDX_MAX_CMD_STR, "Unknown TDX CMD : %d\n", + ioctl_no); + + memset(&tdx_cmd, 0x0, sizeof(tdx_cmd)); + tdx_cmd.id =3D ioctl_no; + tdx_cmd.flags =3D flags; + tdx_cmd.data =3D (uint64_t)data; + + r =3D ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); + TEST_ASSERT(r =3D=3D 0, "%s failed: %d %d", tdx_cmd_str[ioctl_no], r, + errno); +} + +#define XFEATURE_LBR 15 +#define XFEATURE_XTILECFG 17 +#define XFEATURE_XTILEDATA 18 +#define XFEATURE_CET_U 11 +#define XFEATURE_CET_S 12 + +#define XFEATURE_MASK_LBR (1 << XFEATURE_LBR) +#define XFEATURE_MASK_CET_U (1 << XFEATURE_CET_U) +#define XFEATURE_MASK_CET_S (1 << XFEATURE_CET_S) +#define XFEATURE_MASK_CET (XFEATURE_MASK_CET_U | XFEATURE_MASK_CET_S) +#define XFEATURE_MASK_XTILECFG (1 << XFEATURE_XTILECFG) +#define XFEATURE_MASK_XTILEDATA (1 << XFEATURE_XTILEDATA) +#define XFEATURE_MASK_XTILE (XFEATURE_MASK_XTILECFG | XFEATURE_MASK_XTILED= ATA) + +static void tdx_apply_cpuid_restrictions(struct kvm_cpuid2 *cpuid_data) +{ + for (int i =3D 0; i < cpuid_data->nent; i++) { + struct kvm_cpuid_entry2 *e =3D &cpuid_data->entries[i]; + + if (e->function =3D=3D 0xd && e->index =3D=3D 0) { + /* + * TDX module requires both XTILE_{CFG, DATA} to be set. + * Both bits are required for AMX to be functional. + */ + if ((e->eax & XFEATURE_MASK_XTILE) !=3D + XFEATURE_MASK_XTILE) { + e->eax &=3D ~XFEATURE_MASK_XTILE; + } + } + if (e->function =3D=3D 0xd && e->index =3D=3D 1) { + /* + * TDX doesn't support LBR yet. + * Disable bits from the XCR0 register. + */ + e->ecx &=3D ~XFEATURE_MASK_LBR; + /* + * TDX modules requires both CET_{U, S} to be set even + * if only one is supported. + */ + if (e->ecx & XFEATURE_MASK_CET) + e->ecx |=3D XFEATURE_MASK_CET; + } + } +} + +static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes) +{ + const struct kvm_cpuid2 *cpuid; + struct kvm_tdx_init_vm init_vm; + + memset(&init_vm, 0, sizeof(struct kvm_tdx_init_vm)); + + cpuid =3D kvm_get_supported_cpuid(); + + memcpy(&init_vm.cpuid, cpuid, kvm_cpuid2_size(cpuid->nent)); + init_vm.attributes =3D attributes; + + tdx_apply_cpuid_restrictions(&init_vm.cpuid); + + tdx_ioctl(vm->fd, KVM_TDX_INIT_VM, 0, &init_vm); +} + +static void tdx_td_vcpu_init(struct kvm_vcpu *vcpu) +{ + const struct kvm_cpuid2 *cpuid =3D kvm_get_supported_cpuid(); + + vcpu_init_cpuid(vcpu, cpuid); + tdx_ioctl(vcpu->fd, KVM_TDX_INIT_VCPU, 0, NULL); +} + +static void tdx_init_mem_region(struct kvm_vm *vm, void *source_pages, + uint64_t gpa, uint64_t size) +{ + struct kvm_tdx_init_mem_region mem_region =3D { + .source_addr =3D (uint64_t)source_pages, + .gpa =3D gpa, + .nr_pages =3D size / PAGE_SIZE, + }; + uint32_t metadata =3D KVM_TDX_MEASURE_MEMORY_REGION; + + TEST_ASSERT((mem_region.nr_pages > 0) && + ((mem_region.nr_pages * PAGE_SIZE) =3D=3D size), + "Cannot add partial pages to the guest memory.\n"); + TEST_ASSERT(((uint64_t)source_pages & (PAGE_SIZE - 1)) =3D=3D 0, + "Source memory buffer is not page aligned\n"); + tdx_ioctl(vm->fd, KVM_TDX_INIT_MEM_REGION, metadata, &mem_region); +} + +static void tdx_td_finalizemr(struct kvm_vm *vm) +{ + tdx_ioctl(vm->fd, KVM_TDX_FINALIZE_VM, 0, NULL); +} + +/* + * TD creation/setup/finalization + */ + +static void tdx_enable_capabilities(struct kvm_vm *vm) +{ + int rc; + + rc =3D kvm_check_cap(KVM_CAP_X2APIC_API); + TEST_ASSERT(rc, "TDX: KVM_CAP_X2APIC_API is not supported!"); + rc =3D kvm_check_cap(KVM_CAP_SPLIT_IRQCHIP); + TEST_ASSERT(rc, "TDX: KVM_CAP_SPLIT_IRQCHIP is not supported!"); + + vm_enable_cap(vm, KVM_CAP_X2APIC_API, + KVM_X2APIC_API_USE_32BIT_IDS | + KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK); + vm_enable_cap(vm, KVM_CAP_SPLIT_IRQCHIP, 24); +} + +static void tdx_configure_memory_encryption(struct kvm_vm *vm) +{ + /* Configure shared/enCrypted bit for this VM according to TDX spec */ + vm->arch.s_bit =3D 1ULL << (vm->pa_bits - 1); + vm->arch.c_bit =3D 0; + /* Set gpa_protected_mask so that tagging/untagging of GPAs works */ + vm->gpa_protected_mask =3D vm->arch.s_bit; + /* There's no need to mask any encryption bits for PTEs */ + vm->arch.pte_me_mask =3D 0; + /* This VM is protected (has memory encryption) */ + vm->protected =3D true; +} + +static void tdx_apply_cr4_restrictions(struct kvm_sregs *sregs) +{ + /* TDX spec 11.6.2: CR4 bit MCE is fixed to 1 */ + sregs->cr4 |=3D X86_CR4_MCE; + + /* Set this because UEFI also sets this up, to handle XMM exceptions */ + sregs->cr4 |=3D X86_CR4_OSXMMEXCPT; + + /* TDX spec 11.6.2: CR4 bit VMXE and SMXE are fixed to 0 */ + sregs->cr4 &=3D ~(X86_CR4_VMXE | X86_CR4_SMXE); +} + +static void load_td_boot_code(struct kvm_vm *vm) +{ + void *boot_code_hva =3D addr_gpa2hva(vm, FOUR_GIGABYTES_GPA - TD_BOOT_COD= E_SIZE); + + TEST_ASSERT(td_boot_code_end - reset_vector =3D=3D 16, + "The reset vector must be 16 bytes in size."); + memcpy(boot_code_hva, td_boot, TD_BOOT_CODE_SIZE); +} + +static void load_td_per_vcpu_parameters(struct td_boot_parameters *params, + struct kvm_sregs *sregs, + struct kvm_vcpu *vcpu, + void *guest_code) +{ + /* Store vcpu_index to match what the TDX module would store internally */ + static uint32_t vcpu_index; + + struct td_per_vcpu_parameters *vcpu_params =3D ¶ms->per_vcpu[vcpu_ind= ex]; + + TEST_ASSERT(vcpu->initial_stack_addr !=3D 0, + "initial stack address should not be 0"); + TEST_ASSERT(vcpu->initial_stack_addr <=3D 0xffffffff, + "initial stack address must fit in 32 bits"); + TEST_ASSERT((uint64_t)guest_code <=3D 0xffffffff, + "guest_code must fit in 32 bits"); + TEST_ASSERT(sregs->cs.selector !=3D 0, "cs.selector should not be 0"); + + vcpu_params->esp_gva =3D (uint32_t)(uint64_t)vcpu->initial_stack_addr; + vcpu_params->ljmp_target.eip_gva =3D (uint32_t)(uint64_t)guest_code; + vcpu_params->ljmp_target.code64_sel =3D sregs->cs.selector; + + vcpu_index++; +} + +static void load_td_common_parameters(struct td_boot_parameters *params, + struct kvm_sregs *sregs) +{ + /* Set parameters! */ + params->cr0 =3D sregs->cr0; + params->cr3 =3D sregs->cr3; + params->cr4 =3D sregs->cr4; + params->gdtr.limit =3D sregs->gdt.limit; + params->gdtr.base =3D sregs->gdt.base; + params->idtr.limit =3D sregs->idt.limit; + params->idtr.base =3D sregs->idt.base; + + TEST_ASSERT(params->cr0 !=3D 0, "cr0 should not be 0"); + TEST_ASSERT(params->cr3 !=3D 0, "cr3 should not be 0"); + TEST_ASSERT(params->cr4 !=3D 0, "cr4 should not be 0"); + TEST_ASSERT(params->gdtr.base !=3D 0, "gdt base address should not be 0"); +} + +static void load_td_boot_parameters(struct td_boot_parameters *params, + struct kvm_vcpu *vcpu, void *guest_code) +{ + struct kvm_sregs sregs; + + /* Assemble parameters in sregs */ + memset(&sregs, 0, sizeof(struct kvm_sregs)); + vcpu_setup_mode_sregs(vcpu->vm, &sregs); + tdx_apply_cr4_restrictions(&sregs); + kvm_setup_idt(vcpu->vm, &sregs.idt); + + if (!params->cr0) + load_td_common_parameters(params, &sregs); + + load_td_per_vcpu_parameters(params, &sregs, vcpu, guest_code); +} + +/** + * Adds a vCPU to a TD (Trusted Domain) with minimum defaults. It will not= set + * up any general purpose registers as they will be initialized by the TDX= . In + * TDX, vCPUs RIP is set to 0xFFFFFFF0. See Intel TDX EAS Section "Initial= State + * of Guest GPRs" for more information on vCPUs initial register values wh= en + * entering the TD first time. + * + * Input Args: + * vm - Virtual Machine + * vcpuid - The id of the VCPU to add to the VM. + */ +struct kvm_vcpu *td_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id, void *gu= est_code) +{ + struct kvm_vcpu *vcpu; + + /* + * TD setup will not use the value of rip set in vm_vcpu_add anyway, so + * NULL can be used for guest_code. + */ + vcpu =3D vm_vcpu_add(vm, vcpu_id, NULL); + + tdx_td_vcpu_init(vcpu); + + load_td_boot_parameters(addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA), + vcpu, guest_code); + + return vcpu; +} + +/** + * Iterate over set ranges within sparsebit @s. In each iteration, + * @range_begin and @range_end will take the beginning and end of the set = range, + * which are of type sparsebit_idx_t. + * + * For example, if the range [3, 7] (inclusive) is set, within the iterati= on, + * @range_begin will take the value 3 and @range_end will take the value 7. + * + * Ensure that there is at least one bit set before using this macro with + * sparsebit_any_set(), because sparsebit_first_set() will abort if none a= re + * set. + */ +#define sparsebit_for_each_set_range(s, range_begin, range_end) \ + for (range_begin =3D sparsebit_first_set(s), \ + range_end =3D sparsebit_next_clear(s, range_begin) - 1; \ + range_begin && range_end; \ + range_begin =3D sparsebit_next_set(s, range_end), \ + range_end =3D sparsebit_next_clear(s, range_begin) - 1) +/* + * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and th= e -1 + * would then cause an underflow back to 2**64 - 1. This is expected and + * correct. + * + * If the last range in the sparsebit is [x, y] and we try to iterate, + * sparsebit_next_set() will return 0, and sparsebit_next_clear() will try= and + * find the first range, but that's correct because the condition expressi= on + * would cause us to quit the loop. + */ + +static void load_td_memory_region(struct kvm_vm *vm, + struct userspace_mem_region *region) +{ + const struct sparsebit *pages =3D region->protected_phy_pages; + const uint64_t hva_base =3D region->region.userspace_addr; + const vm_paddr_t gpa_base =3D region->region.guest_phys_addr; + const sparsebit_idx_t lowest_page_in_region =3D gpa_base >> + vm->page_shift; + + sparsebit_idx_t i; + sparsebit_idx_t j; + + if (!sparsebit_any_set(pages)) + return; + + sparsebit_for_each_set_range(pages, i, j) { + const uint64_t size_to_load =3D (j - i + 1) * vm->page_size; + const uint64_t offset =3D + (i - lowest_page_in_region) * vm->page_size; + const uint64_t hva =3D hva_base + offset; + const uint64_t gpa =3D gpa_base + offset; + void *source_addr; + + /* + * KVM_TDX_INIT_MEM_REGION ioctl cannot encrypt memory in place, + * hence we have to make a copy if there's only one backing + * memory source + */ + source_addr =3D mmap(NULL, size_to_load, PROT_READ | PROT_WRITE, + MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + TEST_ASSERT( + source_addr, + "Could not allocate memory for loading memory region"); + + memcpy(source_addr, (void *)hva, size_to_load); + + tdx_init_mem_region(vm, source_addr, gpa, size_to_load); + + munmap(source_addr, size_to_load); + } +} + +static void load_td_private_memory(struct kvm_vm *vm) +{ + int ctr; + struct userspace_mem_region *region; + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + load_td_memory_region(vm, region); + } +} + +struct kvm_vm *td_create(void) +{ + return ____vm_create(VM_MODE_DEFAULT, 0, KVM_X86_TDX_VM); +} + +static void td_setup_boot_code(struct kvm_vm *vm, enum vm_mem_backing_src_= type src_type) +{ + vm_vaddr_t addr; + size_t boot_code_allocation =3D round_up(TD_BOOT_CODE_SIZE, PAGE_SIZE); + vm_paddr_t boot_code_base_gpa =3D FOUR_GIGABYTES_GPA - boot_code_allocati= on; + size_t npages =3D DIV_ROUND_UP(boot_code_allocation, PAGE_SIZE); + + vm_userspace_mem_region_add(vm, src_type, boot_code_base_gpa, 1, npages, = 0); + addr =3D vm_vaddr_alloc_1to1(vm, boot_code_allocation, boot_code_base_gpa= , 1); + ASSERT_EQ(addr, boot_code_base_gpa); + + load_td_boot_code(vm); +} + +static size_t td_boot_parameters_size(void) +{ + int max_vcpus =3D kvm_check_cap(KVM_CAP_MAX_VCPUS); + size_t total_per_vcpu_parameters_size =3D + max_vcpus * sizeof(struct td_per_vcpu_parameters); + + return sizeof(struct td_boot_parameters) + total_per_vcpu_parameters_size; +} + +static void td_setup_boot_parameters(struct kvm_vm *vm, enum vm_mem_backin= g_src_type src_type) +{ + vm_vaddr_t addr; + size_t boot_params_size =3D td_boot_parameters_size(); + int npages =3D DIV_ROUND_UP(boot_params_size, PAGE_SIZE); + size_t total_size =3D npages * PAGE_SIZE; + + vm_userspace_mem_region_add(vm, src_type, TD_BOOT_PARAMETERS_GPA, 2, npag= es, 0); + addr =3D vm_vaddr_alloc_1to1(vm, total_size, TD_BOOT_PARAMETERS_GPA, 2); + ASSERT_EQ(addr, TD_BOOT_PARAMETERS_GPA); +} + +void td_initialize(struct kvm_vm *vm, enum vm_mem_backing_src_type src_typ= e, + uint64_t attributes) +{ + uint64_t nr_pages_required; + + tdx_enable_capabilities(vm); + + tdx_configure_memory_encryption(vm); + + tdx_td_init(vm, attributes); + + nr_pages_required =3D vm_nr_pages_required(VM_MODE_DEFAULT, 1, 0); + + /* + * Add memory (add 0th memslot) for TD. This will be used to setup the + * CPU (provide stack space for the CPU) and to load the elf file. + */ + vm_userspace_mem_region_add(vm, src_type, 0, 0, nr_pages_required, 0); + + kvm_vm_elf_load(vm, program_invocation_name); + + vm_init_descriptor_tables(vm); + + td_setup_boot_code(vm, src_type); + td_setup_boot_parameters(vm, src_type); +} + +void td_finalize(struct kvm_vm *vm) +{ + sync_exception_handlers_to_guest(vm); + + load_td_private_memory(vm); + + tdx_td_finalizemr(vm); +} -- 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 868FEC38159 for ; Sat, 21 Jan 2023 00:17:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229941AbjAUART (ORCPT ); Fri, 20 Jan 2023 19:17:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53062 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229922AbjAUARQ (ORCPT ); Fri, 20 Jan 2023 19:17:16 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 94FBCE0504 for ; Fri, 20 Jan 2023 16:16:42 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-4c2d68b6969so65065667b3.7 for ; Fri, 20 Jan 2023 16:16:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=KI3lc8Qa4odfGOnk3uFPbmARvL0LzJJulpfkNFBemzE=; b=j/DoN5zQelvEIRLCNJ8mAtnltfQSsXNmZd7BctX5fFtP93iKxLb9ixSdg2WNzWXI78 Ymx4YT8j6gfC4S6iRGU2Mv9y37Y4oNY9lD65dIbpSdOS6kCagdOWk3kCH9NHdtlMKpBK zrab/5Y4g5ZpSDO89l27WlSh7FWKZvCBoO+ngfQJqga0zg0Xv6OOuKB+CskX3EQBKUDL 4NMMkETMJiH0CE9dHx6V7b+dTQ8/fNKEXvzF9sKarkFVYUTEIV3xV6y7vlWErO+ikPCX S1PKylJo4o8pamn+0IEOijoaChvstVTTV/6yT2yRWDAIWakbcRSApbdS84IF+dz5R0DS ZAbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KI3lc8Qa4odfGOnk3uFPbmARvL0LzJJulpfkNFBemzE=; b=nDfkdtzjK40kSxHHuhJhK8T7MSdr5MX+IRaGQ2nP7qFjPEL1gEzVPd+j8Mt+0SQupd 5yIBe2AKbv9OOprH4PnL0vpK9dbt1NwjwplWDcyUt7ZBqrN9L8v5pWb4utWohP3WWwgU m8HxGkG5omB3LtFx7rxcl+W5a271kyCHS+9lfirbrwiFcQDUgf7/YhTpU+kvoV1GOPji Wz1uXYSc31nMdLgXkA48pF94WJVHfpkyyxVhWYCGjgRHzvzxgcvrjuF66EYqNaoDZg0y zP6T0Xqi9A6lYMuq8ywsYvUNUHoyu1r2gLsdn3ZWebCJbzoKXMLXHSdbA5yzjllDAw70 M8Xw== X-Gm-Message-State: AFqh2krPzOxLB8UxoU/Aw1tnv6uuQIjtxsq2y/M0t3akxjfZB9wP76Yq T5AX5p+YP6n1C2TlJ3pg3AwIXD0ujzK4pmyN5A== X-Google-Smtp-Source: AMrXdXtydJEIawtxpXOqiqaHbL6Dx7DCG8iZopOtBwRlFXexLweXPTHCILvbivdlZGIN05ch6GxDlBjxhQwV/oNYRg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:9257:0:b0:3df:ba1d:f51a with SMTP id j84-20020a819257000000b003dfba1df51amr2347624ywg.64.1674260201622; Fri, 20 Jan 2023 16:16:41 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:18 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-8-ackerleytng@google.com> Subject: [RFC PATCH v3 07/31] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This also exercises the KVM_TDX_CAPABILITIES ioctl. Suggested-by: Isaku Yamahata Signed-off-by: Ackerley Tng --- .../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 75 ++++++++++++++++++- 1 file changed, 72 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/= testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c index 3564059c0b89b..2e9679d24a843 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c @@ -27,10 +27,9 @@ static char *tdx_cmd_str[] =3D { }; #define TDX_MAX_CMD_STR (ARRAY_SIZE(tdx_cmd_str)) =20 -static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) +static int _tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) { struct kvm_tdx_cmd tdx_cmd; - int r; =20 TEST_ASSERT(ioctl_no < TDX_MAX_CMD_STR, "Unknown TDX CMD : %d\n", ioctl_no); @@ -40,11 +39,63 @@ static void tdx_ioctl(int fd, int ioctl_no, uint32_t fl= ags, void *data) tdx_cmd.flags =3D flags; tdx_cmd.data =3D (uint64_t)data; =20 - r =3D ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); + return ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); +} + +static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) +{ + int r; + + r =3D _tdx_ioctl(fd, ioctl_no, flags, data); TEST_ASSERT(r =3D=3D 0, "%s failed: %d %d", tdx_cmd_str[ioctl_no], r, errno); } =20 +static struct kvm_tdx_capabilities *tdx_read_capabilities(void) +{ + int i; + int rc =3D -1; + int nr_cpuid_configs =3D 4; + struct kvm_tdx_capabilities *tdx_cap =3D NULL; + int kvm_fd; + + kvm_fd =3D open_kvm_dev_path_or_exit(); + + do { + nr_cpuid_configs *=3D 2; + + tdx_cap =3D realloc( + tdx_cap, sizeof(*tdx_cap) + + nr_cpuid_configs * sizeof(*tdx_cap->cpuid_configs)); + TEST_ASSERT(tdx_cap !=3D NULL, + "Could not allocate memory for tdx capability nr_cpuid_configs %d\n= ", + nr_cpuid_configs); + + tdx_cap->nr_cpuid_configs =3D nr_cpuid_configs; + rc =3D _tdx_ioctl(kvm_fd, KVM_TDX_CAPABILITIES, 0, tdx_cap); + } while (rc < 0 && errno =3D=3D E2BIG); + + TEST_ASSERT(rc =3D=3D 0, "KVM_TDX_CAPABILITIES failed: %d %d", + rc, errno); + + pr_debug("tdx_cap: attrs: fixed0 0x%016llx fixed1 0x%016llx\n" + "tdx_cap: xfam fixed0 0x%016llx fixed1 0x%016llx\n", + tdx_cap->attrs_fixed0, tdx_cap->attrs_fixed1, + tdx_cap->xfam_fixed0, tdx_cap->xfam_fixed1); + + for (i =3D 0; i < tdx_cap->nr_cpuid_configs; i++) { + const struct kvm_tdx_cpuid_config *config =3D + &tdx_cap->cpuid_configs[i]; + pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08= x ecx 0x%08x edx 0x%08x\n", + i, config->leaf, config->sub_leaf, + config->eax, config->ebx, config->ecx, config->edx); + } + + close(kvm_fd); + + return tdx_cap; +} + #define XFEATURE_LBR 15 #define XFEATURE_XTILECFG 17 #define XFEATURE_XTILEDATA 18 @@ -90,6 +141,21 @@ static void tdx_apply_cpuid_restrictions(struct kvm_cpu= id2 *cpuid_data) } } =20 +static void tdx_check_attributes(uint64_t attributes) +{ + struct kvm_tdx_capabilities *tdx_cap; + + tdx_cap =3D tdx_read_capabilities(); + + /* TDX spec: any bits 0 in attrs_fixed0 must be 0 in attributes */ + ASSERT_EQ(attributes & ~tdx_cap->attrs_fixed0, 0); + + /* TDX spec: any bits 1 in attrs_fixed1 must be 1 in attributes */ + ASSERT_EQ(attributes & tdx_cap->attrs_fixed1, tdx_cap->attrs_fixed1); + + free(tdx_cap); +} + static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes) { const struct kvm_cpuid2 *cpuid; @@ -100,6 +166,9 @@ static void tdx_td_init(struct kvm_vm *vm, uint64_t att= ributes) cpuid =3D kvm_get_supported_cpuid(); =20 memcpy(&init_vm.cpuid, cpuid, kvm_cpuid2_size(cpuid->nent)); + + tdx_check_attributes(attributes); + init_vm.attributes =3D attributes; =20 tdx_apply_cpuid_restrictions(&init_vm.cpuid); --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 401CEC27C76 for ; Sat, 21 Jan 2023 00:17:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229973AbjAUARd (ORCPT ); Fri, 20 Jan 2023 19:17:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229950AbjAUARV (ORCPT ); Fri, 20 Jan 2023 19:17:21 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3E3B0BAF19 for ; Fri, 20 Jan 2023 16:16:54 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id a14-20020a5b0ace000000b007bf99065fcbso7437957ybr.2 for ; Fri, 20 Jan 2023 16:16:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=iSSiGqnlhzGiDLCzSAtleJIHOm3o/jPruEIVdPoSPmM=; b=i3bQf8fOpOKYn4DsIRRzCUmnsCj+LMJV96+HJVERlyQV50GGhU4m9vph9dFvXLxh33 a6PijOok3GOHph4F2aF0Uo8zDnzeIuzhlwcNn/lmpe5ODxgUHA6krkenLMHAVsTMVG8A DQOBErL8T8utFKaa2hBwsfFZN+8NkBWs2+uZyhMMxhKrvH43FYJ7I3M1J/lUsHYsC3JO fw9Xc1e8mfpAWmMp8YsemFubhIbnl6sBYlN9R8OgKxypq4dN68xuIBEA7FNjAMYzR1gV Yu5F1WkIRQy/QQlujBYRghEm0b6qOSbdB7fBbpYVu8C0LSyi/b3WnM5jtqRfovPdsPgx hPeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=iSSiGqnlhzGiDLCzSAtleJIHOm3o/jPruEIVdPoSPmM=; b=aiVLeTYVPKLFTBOqHSjYXV8XkOBDXwXj08bzJ54nXnLnnHpHzLpa+0flxTerwd5mhM kzrGIi5u0gEms/GLrxYYiewjeZ30uwXD7Cny99vx/MOodqE5X/AGYi2yJ+QJ5ndelHPd 1v+UK1LemwTFgvdS1bO80DmN73yPqirM9UsTBAaRZfBbCeNRdohz2pbNG0RXuM5A1Laj +rYI0rA8dakH0gs3KR4ipU3rkap1XH4fhxCEEGRCdIrclfI1cQGbUcypVMd8bJKENxXQ gP8KXV2CVJbSXYnzWabC/Q46r6RPsEtZbrHug3T37mB9Xn9xBJmleFCYNF82OBozKJ5q vK9Q== X-Gm-Message-State: AFqh2kovC8Zgjy243aNk5moxIqzqlkf9uFk5Kmbuinbz7ykt230gEtRY 0JQdaJ4ZI4mAQW7BnFCX8VaVA5ITbJ6TMyU//Q== X-Google-Smtp-Source: AMrXdXtNm9J3NZyrFD1KxSqYxPFs466v/i5MLLy+izXPoRIE2JNGfeNALA/eYTNAOnPBcLdA/BrRIezn5OXkpRyumg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:bc9:0:b0:471:d0:fcdf with SMTP id 192-20020a810bc9000000b0047100d0fcdfmr1932256ywl.108.1674260206107; Fri, 20 Jan 2023 16:16:46 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:19 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-9-ackerleytng@google.com> Subject: [RFC PATCH v3 08/31] KVM: selftests: Require GCC to realign stacks on function entry From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Some SSE instructions assume a 16-byte aligned stack, and GCC compiles assuming the stack is aligned: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D40838. This combination results in a #GP in guests. Adding this compiler flag will generate an alternate prologue and epilogue to realign the runtime stack, which makes selftest code slower and bigger, but this is okay since we do not need selftest code to be extremely performant. Similar issue discussed at https://lore.kernel.org/all/CAGtprH9yKvuaF5yruh3BupQe4BxDGiBQk3ExtY2m39yP-t= ppsg@mail.gmail.com/ Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests= /kvm/Makefile index 317927d9c55bd..5f9cc1e6ee67e 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -205,7 +205,7 @@ LINUX_TOOL_ARCH_INCLUDE =3D $(top_srcdir)/tools/arch/x8= 6/include else LINUX_TOOL_ARCH_INCLUDE =3D $(top_srcdir)/tools/arch/$(ARCH)/include endif -CFLAGS +=3D -Wall -Wstrict-prototypes -Wuninitialized -O2 -g -std=3Dgnu99 \ +CFLAGS +=3D -mstackrealign -Wall -Wstrict-prototypes -Wuninitialized -O2 -= g -std=3Dgnu99 \ -fno-stack-protector -fno-PIE -I$(LINUX_TOOL_INCLUDE) \ -I$(LINUX_TOOL_ARCH_INCLUDE) -I$(LINUX_HDR_PATH) -Iinclude \ -I$( X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 108C3C27C76 for ; Sat, 21 Jan 2023 00:17:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229995AbjAUARg (ORCPT ); Fri, 20 Jan 2023 19:17:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53082 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229863AbjAUAR3 (ORCPT ); Fri, 20 Jan 2023 19:17:29 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B12A8BFF60 for ; Fri, 20 Jan 2023 16:17:01 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id w14-20020a25ac0e000000b007d519140f18so7436885ybi.3 for ; Fri, 20 Jan 2023 16:17:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=e8fVu8QqTyecSUV8C3Vx7eVvdYsMLP9B/z2QHEeyWh0=; b=i5XEImBpyUeHSwTbKwhHcRZgMwVEdGe03n+MFsqTosDso+tBjMIOrGOnjLAM8/yky5 N4xhtWLwaFTCrzTc1/jhO8PJF3LDPjMBTYLowMXjeYy3ymUQmO35tlGr1y8GHmtAL2sH sfUB4Ydijv5hmx9wqVMWbLUo216Dcss6FPXZXeM5lm5CUQdAx6DwntdQLGBama8eC7r8 HSzcNAHXMYaquf6UWlPzQqgklPqhhRTF+U9yotPs103TVSsBYlOEoJKyXRFp2dWpM4TT 4eifnWcKS1kd5S3guDUMqKBoGzwfieLeEnFzoL1iONxvvnVHsG59qiJLJ5KK4TKEiHWd oKVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=e8fVu8QqTyecSUV8C3Vx7eVvdYsMLP9B/z2QHEeyWh0=; b=NW0r6vBHygC/us4oLRI7teGZ9i93zcHjoiI+iGbbaN5I+5QAGcA/KFIQbk2SIV1FnX IRl5HOS0TtP6PY4631/b1VRGaGNPtbSe+pQYossRZ2Cinxb1MNitNjgdVTfx4FmAu1X1 luZ9BvRJ2k9XK3MuQE2j2edINF7VPIGJLbpt3XTRODnZ77GVOM9Mz9jbcagMwFBmq1yI ipX6I6RoJr0grk7pDF8L2rqtJRMpAl3ITrJv7+LpdxkuB3yaxOfdCsWyRqGwEZKDlZdB lW+hsdpQ3KelOOo4SiSncqnlDOWoe6JfG+jx8dktLon/tjdzsYzCyRVYyaxhbEDY8c// tYOA== X-Gm-Message-State: AFqh2krEpkBIJ+0UJhTxmTdwQlZeYjQFBJkXCItGA1uftnCt0MzGYUia JJ/iZHWM32QjdfV7Ag96IhJm1AFoZzhoJ76fwA== X-Google-Smtp-Source: AMrXdXs4cYCD+h7+e40ddRslg/axY93Tvds7sBJEjfQJwo0v5rVjQMzFA5/S09H+XvohVO57EXS5SSV7wzwv6fTLcw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:dd4e:0:b0:4eb:e96a:1c63 with SMTP id g75-20020a0ddd4e000000b004ebe96a1c63mr1986522ywe.82.1674260210698; Fri, 20 Jan 2023 16:16:50 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:20 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-10-ackerleytng@google.com> Subject: [RFC PATCH v3 09/31] KVM: selftests: TDX: Add TDX lifecycle test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" From: Erdem Aktas Adding a test to verify TDX lifecycle by creating a TD and running a dummy TDG.VP.VMCALL inside it. Signed-off-by: Erdem Aktas Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng --- Changes RFCv2 -> RFCv3 + Add gitignore for tdx_vm_tests binary + Thanks to Isaku for the comment about saving rbp separately for gcc! In this revision, the assembly that wraps tdcall has been mostly taken from the kernel=E2=80=99s implementation, which would be familiar to you! + TDX test-related code is now grouped in tools/testing/selftests/kvm/include/x86_64/tdx/test_util.{c,h} and test-related functions and macros are prefixed with tdx_test to indicate its purpose. --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 4 + .../selftests/kvm/include/x86_64/tdx/tdcall.h | 35 ++++++++ .../selftests/kvm/include/x86_64/tdx/tdx.h | 12 +++ .../kvm/include/x86_64/tdx/test_util.h | 52 +++++++++++ .../selftests/kvm/lib/x86_64/tdx/tdcall.S | 90 +++++++++++++++++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 27 ++++++ .../selftests/kvm/lib/x86_64/tdx/test_util.c | 34 +++++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 45 ++++++++++ 9 files changed, 300 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/tdx/test_uti= l.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c create mode 100644 tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c create mode 100644 tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftes= ts/kvm/.gitignore index 813e7610619d9..370d6430b32b4 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -65,6 +65,7 @@ /x86_64/xss_msr_test /x86_64/vmx_pmu_caps_test /x86_64/triple_fault_event_test +/x86_64/tdx_vm_tests /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests= /kvm/Makefile index 5f9cc1e6ee67e..9f289322a4933 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -61,6 +61,9 @@ LIBKVM_x86_64 +=3D lib/x86_64/vmx.c LIBKVM_x86_64 +=3D lib/x86_64/sev.c LIBKVM_x86_64 +=3D lib/x86_64/tdx/tdx_util.c LIBKVM_x86_64 +=3D lib/x86_64/tdx/td_boot.S +LIBKVM_x86_64 +=3D lib/x86_64/tdx/tdcall.S +LIBKVM_x86_64 +=3D lib/x86_64/tdx/tdx.c +LIBKVM_x86_64 +=3D lib/x86_64/tdx/test_util.c LIBKVM_aarch64 +=3D lib/aarch64/gic.c LIBKVM_aarch64 +=3D lib/aarch64/gic_v3.c @@ -148,6 +151,7 @@ TEST_GEN_PROGS_x86_64 +=3D set_memory_region_test TEST_GEN_PROGS_x86_64 +=3D steal_time TEST_GEN_PROGS_x86_64 +=3D kvm_binary_stats_test TEST_GEN_PROGS_x86_64 +=3D system_counter_offset_test +TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_vm_tests # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 +=3D x86_64/nx_huge_pages_test diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h b/tool= s/testing/selftests/kvm/include/x86_64/tdx/tdcall.h new file mode 100644 index 0000000000000..78001bfec9c8d --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h @@ -0,0 +1,35 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* Adapted from arch/x86/include/asm/shared/tdx.h */ + +#ifndef SELFTESTS_TDX_TDCALL_H +#define SELFTESTS_TDX_TDCALL_H + +#include +#include + +#define TDG_VP_VMCALL_INSTRUCTION_IO_READ 0 +#define TDG_VP_VMCALL_INSTRUCTION_IO_WRITE 1 + +#define TDX_HCALL_HAS_OUTPUT BIT(0) + +#define TDX_HYPERCALL_STANDARD 0 + +/* + * Used in __tdx_hypercall() to pass down and get back registers' values of + * the TDCALL instruction when requesting services from the VMM. + * + * This is a software only structure and not part of the TDX module/VMM AB= I. + */ +struct tdx_hypercall_args { + u64 r10; + u64 r11; + u64 r12; + u64 r13; + u64 r14; + u64 r15; +}; + +/* Used to request services from the VMM */ +u64 __tdx_hypercall(struct tdx_hypercall_args *args, unsigned long flags); + +#endif // SELFTESTS_TDX_TDCALL_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h new file mode 100644 index 0000000000000..a7161efe4ee2e --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TDX_H +#define SELFTEST_TDX_TDX_H + +#include + +#define TDG_VP_VMCALL_INSTRUCTION_IO 30 + +uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, + uint64_t write, uint64_t *data); + +#endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h new file mode 100644 index 0000000000000..b570b6d978ff1 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -0,0 +1,52 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TEST_UTIL_H +#define SELFTEST_TDX_TEST_UTIL_H + +#include + +#include "tdcall.h" + +#define TDX_TEST_SUCCESS_PORT 0x30 +#define TDX_TEST_SUCCESS_SIZE 4 + +/** + * Assert that tdx_test_success() was called in the guest. + */ +#define TDX_TEST_ASSERT_SUCCESS(VCPU) \ + (TEST_ASSERT( \ + ((VCPU)->run->exit_reason =3D=3D KVM_EXIT_IO) && \ + ((VCPU)->run->io.port =3D=3D TDX_TEST_SUCCESS_PORT) && \ + ((VCPU)->run->io.size =3D=3D TDX_TEST_SUCCESS_SIZE) && \ + ((VCPU)->run->io.direction =3D=3D \ + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE), \ + "Unexpected exit values while waiting for test completion: %u (%s) %d %d= %d\n", \ + (VCPU)->run->exit_reason, \ + exit_reason_str((VCPU)->run->exit_reason), \ + (VCPU)->run->io.port, (VCPU)->run->io.size, \ + (VCPU)->run->io.direction)) + +/** + * Run a test in a new process. + * + * There might be multiple tests we are running and if one test fails, it = will + * prevent the subsequent tests to run due to how tests are failing with + * TEST_ASSERT function. The run_in_new_process function will run a test i= n a + * new process context and wait for it to finish or fail to prevent TEST_A= SSERT + * to kill the main testing process. + */ +void run_in_new_process(void (*func)(void)); + +/** + * Verify that the TDX is supported by KVM. + */ +bool is_tdx_enabled(void); + +/** + * Report test success to userspace. + * + * Use TDX_TEST_ASSERT_SUCCESS() to assert that this function was called i= n the + * guest. + */ +void tdx_test_success(void); + +#endif // SELFTEST_TDX_TEST_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S b/tools/te= sting/selftests/kvm/lib/x86_64/tdx/tdcall.S new file mode 100644 index 0000000000000..df9c1ed4bb2d1 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S @@ -0,0 +1,90 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* Adapted from arch/x86/coco/tdx/tdcall.S */ + +#define TDX_HYPERCALL_r10 0 /* offsetof(struct tdx_hypercall_args, r10) */ +#define TDX_HYPERCALL_r11 8 /* offsetof(struct tdx_hypercall_args, r11) */ +#define TDX_HYPERCALL_r12 16 /* offsetof(struct tdx_hypercall_args, r12) */ +#define TDX_HYPERCALL_r13 24 /* offsetof(struct tdx_hypercall_args, r13) */ +#define TDX_HYPERCALL_r14 32 /* offsetof(struct tdx_hypercall_args, r14) */ +#define TDX_HYPERCALL_r15 40 /* offsetof(struct tdx_hypercall_args, r15) */ + +/* + * Bitmasks of exposed registers (with VMM). + */ +#define TDX_R10 0x400 +#define TDX_R11 0x800 +#define TDX_R12 0x1000 +#define TDX_R13 0x2000 +#define TDX_R14 0x4000 +#define TDX_R15 0x8000 + +#define TDX_HCALL_HAS_OUTPUT 0x1 + +/* + * These registers are clobbered to hold arguments for each + * TDVMCALL. They are safe to expose to the VMM. + * Each bit in this mask represents a register ID. Bit field + * details can be found in TDX GHCI specification, section + * titled "TDCALL [TDG.VP.VMCALL] leaf". + */ +#define TDVMCALL_EXPOSE_REGS_MASK ( TDX_R10 | TDX_R11 | \ + TDX_R12 | TDX_R13 | \ + TDX_R14 | TDX_R15 ) + +.code64 +.section .text + +.globl __tdx_hypercall +.type __tdx_hypercall, @function +__tdx_hypercall: + /* Set up stack frame */ + push %rbp + movq %rsp, %rbp + + /* Save callee-saved GPRs as mandated by the x86_64 ABI */ + push %r15 + push %r14 + push %r13 + push %r12 + + /* Mangle function call ABI into TDCALL ABI: */ + /* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */ + xor %eax, %eax + + /* Copy hypercall registers from arg struct: */ + movq TDX_HYPERCALL_r10(%rdi), %r10 + movq TDX_HYPERCALL_r11(%rdi), %r11 + movq TDX_HYPERCALL_r12(%rdi), %r12 + movq TDX_HYPERCALL_r13(%rdi), %r13 + movq TDX_HYPERCALL_r14(%rdi), %r14 + movq TDX_HYPERCALL_r15(%rdi), %r15 + + movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx + + tdcall + + /* TDVMCALL leaf return code is in R10 */ + movq %r10, %rax + + /* Copy hypercall result registers to arg struct if needed */ + testq $TDX_HCALL_HAS_OUTPUT, %rsi + jz .Lout + + movq %r10, TDX_HYPERCALL_r10(%rdi) + movq %r11, TDX_HYPERCALL_r11(%rdi) + movq %r12, TDX_HYPERCALL_r12(%rdi) + movq %r13, TDX_HYPERCALL_r13(%rdi) + movq %r14, TDX_HYPERCALL_r14(%rdi) + movq %r15, TDX_HYPERCALL_r15(%rdi) +.Lout: + /* Restore callee-saved GPRs as mandated by the x86_64 ABI */ + pop %r12 + pop %r13 + pop %r14 + pop %r15 + + pop %rbp + ret + +/* Disable executable stack */ +.section .note.GNU-stack,"",%progbits diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c new file mode 100644 index 0000000000000..c2414523487a7 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include "tdx/tdcall.h" +#include "tdx/tdx.h" + +uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, + uint64_t write, uint64_t *data) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r10 =3D TDX_HYPERCALL_STANDARD, + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_IO, + .r12 =3D size, + .r13 =3D write, + .r14 =3D port, + }; + + if (write) + args.r15 =3D *data; + + ret =3D __tdx_hypercall(&args, write ? 0 : TDX_HCALL_HAS_OUTPUT); + + if (!write) + *data =3D args.r11; + + return ret; +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c b/tools= /testing/selftests/kvm/lib/x86_64/tdx/test_util.c new file mode 100644 index 0000000000000..6905d0ca38774 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c @@ -0,0 +1,34 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include +#include +#include +#include +#include + +#include "kvm_util_base.h" +#include "tdx/tdx.h" +#include "tdx/test_util.h" + +void run_in_new_process(void (*func)(void)) +{ + if (fork() =3D=3D 0) { + func(); + exit(0); + } + wait(NULL); +} + +bool is_tdx_enabled(void) +{ + return !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM)); +} + +void tdx_test_success(void) +{ + uint64_t code =3D 0; + + tdg_vp_vmcall_instruction_io(TDX_TEST_SUCCESS_PORT, + TDX_TEST_SUCCESS_SIZE, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, &code); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c new file mode 100644 index 0000000000000..a18d1c9d60264 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -0,0 +1,45 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include +#include "kvm_util_base.h" +#include "tdx/tdx_util.h" +#include "tdx/test_util.h" +#include "test_util.h" + +void guest_code_lifecycle(void) +{ + tdx_test_success(); +} + +void verify_td_lifecycle(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_code_lifecycle); + td_finalize(vm); + + printf("Verifying TD lifecycle:\n"); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + +int main(int argc, char **argv) +{ + setbuf(stdout, NULL); + + if (!is_tdx_enabled()) { + print_skip("TDX is not supported by the KVM"); + exit(KSFT_SKIP); + } + + run_in_new_process(&verify_td_lifecycle); + + return 0; +} -- 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 80044C05027 for ; Sat, 21 Jan 2023 00:17:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230043AbjAUARl (ORCPT ); Fri, 20 Jan 2023 19:17:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230005AbjAUARa (ORCPT ); Fri, 20 Jan 2023 19:17:30 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0DE15C63AC for ; Fri, 20 Jan 2023 16:17:03 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id n203-20020a2572d4000000b0078f09db9888so7426308ybc.18 for ; Fri, 20 Jan 2023 16:17:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=8GFYGGx0+c/JTGAK76bVwpACnJQuQ5mSfW/fyx26JT0=; b=HumOf0ifUS3YfnDJXNhoBdtmg9FJoE6wlCqVa+T161sRt1hq9HViWgqfj58zoHAvEy N1gnFBZrQ+eGpdu4uvsajl/JhWzXFRMweDw5B7cLPR2DetJwNStCJNUgHTshrQrqn/vM 6p1U06lQUhSYRltYVveoaOS4Hm0lQTnA1D6DxIbA+JYpeR8ooszyhN+GlEG6BzICjwNv +Ov1qZ1buIRk1iuCpq0nxacfe1z0jB4LFQWwjPz2eS+q/R+IyU6HXcVuSRHKiu66/7N9 JdQZshBP4SEBmSt+Y+2useYdIsEUupcBJJkbyA1JiDKDDwa+LNl7fHz4T6gjSu5w/J6V SNKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=8GFYGGx0+c/JTGAK76bVwpACnJQuQ5mSfW/fyx26JT0=; b=LlOoFposYsiCGrUQClSwJJbfuXMTETG0rnoUkm6ziUwaNcFsAkGDOCB8e+J4b+jZ3m TIhsUStK6luWQVphI49fzBWthcopUCpC6YLPyvfpeufvhi5Jo2bUGlvwPnQjkACGiBgl T2w5GtW3t1mZn7aS/YIh7vfjc4Cf3kUPXIau4pUDxebpYerHDsyHwoEfhtFQaaHPpua3 cql43EXJMbUIcTyuSl9o3N5qyAkSMfcP0kFO/x3ofTNQrIbtPdjYYL6oLrdnAT/2sOMz EbptGRdle96R0di6nLUWY5U+LTeEQeuvuJEJvLl9oVM4ZEjo1BZJnJbkIb150H6Rf0dp Zfig== X-Gm-Message-State: AFqh2kqJ6f+abkOlxOP2eZJtj2G8LdK1JxCXmrjcFuGPAL8reglfvS4i fOjgkodC5oASfzRrs/EvvKgpBcG57MEcnAkSiA== X-Google-Smtp-Source: AMrXdXtzwGmgyX9XH8aXpbr891TmJe7G0QtxHKbFHE3C/5WFHHCdxWQnUZ0bfAsxZqyreJBq9m1qDrFhBr37yEpLuw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a05:6902:8f:b0:800:748:7d05 with SMTP id h15-20020a056902008f00b0080007487d05mr683891ybs.15.1674260215175; Fri, 20 Jan 2023 16:16:55 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:21 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-11-ackerleytng@google.com> Subject: [RFC PATCH v3 10/31] KVM: selftests: TDX: Add report_fatal_error test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test checks report_fatal_error functionality. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 3 ++ .../kvm/include/x86_64/tdx/test_util.h | 19 ++++++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 18 ++++++++ .../selftests/kvm/lib/x86_64/tdx/test_util.c | 10 +++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 44 +++++++++++++++++++ 5 files changed, 94 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index a7161efe4ee2e..28959bdb07628 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -4,9 +4,12 @@ =20 #include =20 +#define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 + #define TDG_VP_VMCALL_INSTRUCTION_IO 30 =20 uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, uint64_t write, uint64_t *data); +void tdg_vp_vmcall_report_fatal_error(uint64_t error_code, uint64_t data_g= pa); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h index b570b6d978ff1..6d69921136bd2 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -49,4 +49,23 @@ bool is_tdx_enabled(void); */ void tdx_test_success(void); =20 +/** + * Report an error with @error_code to userspace. + * + * Return value from tdg_vp_vmcall_report_fatal_error is ignored since exe= cution + * is not expected to continue beyond this point. + */ +void tdx_test_fatal(uint64_t error_code); + +/** + * Report an error with @error_code to userspace. + * + * @data_gpa may point to an optional shared guest memory holding the error + * string. + * + * Return value from tdg_vp_vmcall_report_fatal_error is ignored since exe= cution + * is not expected to continue beyond this point. + */ +void tdx_test_fatal_with_data(uint64_t error_code, uint64_t data_gpa); + #endif // SELFTEST_TDX_TEST_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index c2414523487a7..e8c399f2277cf 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -1,5 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only =20 +#include + #include "tdx/tdcall.h" #include "tdx/tdx.h" =20 @@ -25,3 +27,19 @@ uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uin= t64_t size, =20 return ret; } + +void tdg_vp_vmcall_report_fatal_error(uint64_t error_code, uint64_t data_g= pa) +{ + struct tdx_hypercall_args args; + + memset(&args, 0, sizeof(struct tdx_hypercall_args)); + + if (data_gpa) + error_code |=3D 0x8000000000000000; + + args.r11 =3D TDG_VP_VMCALL_REPORT_FATAL_ERROR; + args.r12 =3D error_code; + args.r13 =3D data_gpa; + + __tdx_hypercall(&args, 0); +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c b/tools= /testing/selftests/kvm/lib/x86_64/tdx/test_util.c index 6905d0ca38774..7f3cd8089cea3 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c @@ -32,3 +32,13 @@ void tdx_test_success(void) TDX_TEST_SUCCESS_SIZE, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, &code); } + +void tdx_test_fatal_with_data(uint64_t error_code, uint64_t data_gpa) +{ + tdg_vp_vmcall_report_fatal_error(error_code, data_gpa); +} + +void tdx_test_fatal(uint64_t error_code) +{ + tdx_test_fatal_with_data(error_code, 0); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index a18d1c9d60264..627d60b573bb6 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -2,6 +2,7 @@ =20 #include #include "kvm_util_base.h" +#include "tdx/tdx.h" #include "tdx/tdx_util.h" #include "tdx/test_util.h" #include "test_util.h" @@ -30,6 +31,48 @@ void verify_td_lifecycle(void) printf("\t ... PASSED\n"); } =20 +void guest_code_report_fatal_error(void) +{ + uint64_t err; + + /* + * Note: err should follow the GHCI spec definition: + * bits 31:0 should be set to 0. + * bits 62:32 are used for TD-specific extended error code. + * bit 63 is used to mark additional information in shared memory. + */ + err =3D 0x0BAAAAAD00000000; + if (err) + tdx_test_fatal(err); + + tdx_test_success(); +} +void verify_report_fatal_error(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_code_report_fatal_error); + td_finalize(vm); + + printf("Verifying report_fatal_error:\n"); + + vcpu_run(vcpu); + ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_SYSTEM_EVENT); + ASSERT_EQ(vcpu->run->system_event.ndata, 3); + ASSERT_EQ(vcpu->run->system_event.data[0], TDG_VP_VMCALL_REPORT_FATAL_ERR= OR); + ASSERT_EQ(vcpu->run->system_event.data[1], 0x0BAAAAAD00000000); + ASSERT_EQ(vcpu->run->system_event.data[2], 0); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -40,6 +83,7 @@ int main(int argc, char **argv) } =20 run_in_new_process(&verify_td_lifecycle); + run_in_new_process(&verify_report_fatal_error); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 532C8C25B50 for ; Sat, 21 Jan 2023 00:17:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230074AbjAUARp (ORCPT ); Fri, 20 Jan 2023 19:17:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53172 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229970AbjAUARd (ORCPT ); Fri, 20 Jan 2023 19:17:33 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 390CAC79F6 for ; Fri, 20 Jan 2023 16:17:10 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id a4-20020a5b0004000000b006fdc6aaec4fso7504197ybp.20 for ; Fri, 20 Jan 2023 16:17:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=EC2eVAKw5chE0JhJXlD1+MmiDErdw2lzMwJWsfEJffs=; b=X/BTnHPRI0KSxecnxIVHmWDH6w6f+DxWnjjSrMtMe2JlJrUKWmKU1ub1lVQuTb4GUy WqE6l0j/QytLan9Ix3EXZ9Gxbd9gZ0kkNwPysoMtmBq8n+lforCzB5DlEneN7VjDx43z Hfdk7kbMenghMMrSWfS1S1PHUwdSfv4fl8uCKKZ4eT4n5GNnzLri4jpCvbCJQKrfAgJz LscvoW9GDaRYlOFM2DU9J9XqYw6vCt0DytT2V6/0DC66CnDbhom9eLhsJnK7aMe2ayBa lGsYo07CWm6lLnw2AekdvE+dIO3AY3tqLqnG5HMTEgNZjA6X/rorMfltBuVCVyB9/iSj HtUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=EC2eVAKw5chE0JhJXlD1+MmiDErdw2lzMwJWsfEJffs=; b=KOEPRjR1VdaCmqhg5LtRGA1XH8NAttpdLEMFLHBTqUiM6y9+D5vsqc4BWSTKnYMvUP wHaNtTj6nDz/UzosEYOHGSo6T3kXwNBEl3/Ol/g4xwe6arsXQss64h0TmBI6I5lMj2bb dlLigv8KuQ5g00nxeTVcWAZlWoCT1xz6KTw2lCph3R2i0M1XkasWLHf2U5tJiwR8elPO jst8bspXgH7E8M1SN/w/w5SX4Le9WVM/nz6dnDp319xm3KaDG9yZmjZT4YSn7Uj9ja9o ykJhl1yEXUpgwCj/ZSdwp6L8+RSW+lP8z2105bksjIvN99RGgG/FCTaifDRQHCKRLRTT X5GA== X-Gm-Message-State: AFqh2kr7QGpca4MD9Pg7Lc3RJV/VPwc5Dqp2XwYN1f9YcIAmRL4wMaYy XpcEcqOozHCLm0spAmZdivyqyv2OvGJRft9uhw== X-Google-Smtp-Source: AMrXdXvECtv2OVE4yH2VV4gatly+5G5v4fXTnNgN4aEsp+twouX6j1MXGn/5UpxGAcY1UnIT25ptBjaye89JecjzIg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:1990:0:b0:3c7:edf8:6eb with SMTP id 138-20020a811990000000b003c7edf806ebmr1896073ywz.9.1674260219981; Fri, 20 Jan 2023 16:16:59 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:22 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-12-ackerleytng@google.com> Subject: [RFC PATCH v3 11/31] KVM: selftests: TDX: Adding test case for TDX port IO From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Erdem Aktas Verifies TDVMCALL READ and WRITE operations. Signed-off-by: Erdem Aktas Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../kvm/include/x86_64/tdx/test_util.h | 34 ++++++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 82 +++++++++++++++++++ 2 files changed, 116 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h index 6d69921136bd2..95a5d5be7f0bf 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -9,6 +9,40 @@ #define TDX_TEST_SUCCESS_PORT 0x30 #define TDX_TEST_SUCCESS_SIZE 4 =20 +/** + * Assert that some IO operation involving tdg_vp_vmcall_instruction_io() = was + * called in the guest. + */ +#define TDX_TEST_ASSERT_IO(VCPU, PORT, SIZE, DIR) \ + do { \ + TEST_ASSERT((VCPU)->run->exit_reason =3D=3D KVM_EXIT_IO, \ + "Got exit_reason other than KVM_EXIT_IO: %u (%s)\n", \ + (VCPU)->run->exit_reason, \ + exit_reason_str((VCPU)->run->exit_reason)); \ + \ + TEST_ASSERT(((VCPU)->run->exit_reason =3D=3D KVM_EXIT_IO) && \ + ((VCPU)->run->io.port =3D=3D (PORT)) && \ + ((VCPU)->run->io.size =3D=3D (SIZE)) && \ + ((VCPU)->run->io.direction =3D=3D (DIR)), \ + "Got unexpected IO exit values: %u (%s) %d %d %d\n", \ + (VCPU)->run->exit_reason, \ + exit_reason_str((VCPU)->run->exit_reason), \ + (VCPU)->run->io.port, (VCPU)->run->io.size, \ + (VCPU)->run->io.direction); \ + } while (0) + +/** + * Check and report if there was some failure in the guest, either an exce= ption + * like a triple fault, or if a tdx_test_fatal() was hit. + */ +#define TDX_TEST_CHECK_GUEST_FAILURE(VCPU) \ + do { \ + if ((VCPU)->run->exit_reason =3D=3D KVM_EXIT_SYSTEM_EVENT) \ + TEST_FAIL("Guest reported error. error code: %lld (0x%llx)\n", \ + (VCPU)->run->system_event.data[1], \ + (VCPU)->run->system_event.data[1]); \ + } while (0) + /** * Assert that tdx_test_success() was called in the guest. */ diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 627d60b573bb6..885c2b6bb1b96 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -2,6 +2,7 @@ =20 #include #include "kvm_util_base.h" +#include "tdx/tdcall.h" #include "tdx/tdx.h" #include "tdx/tdx_util.h" #include "tdx/test_util.h" @@ -73,6 +74,86 @@ void verify_report_fatal_error(void) printf("\t ... PASSED\n"); } =20 +#define TDX_IOEXIT_TEST_PORT 0x50 + +/* + * Verifies IO functionality by writing a |value| to a predefined port. + * Verifies that the read value is |value| + 1 from the same port. + * If all the tests are passed then write a value to port TDX_TEST_PORT + */ +void guest_ioexit(void) +{ + uint64_t data_out, data_in, delta; + uint64_t ret; + + data_out =3D 0xAB; + ret =3D tdg_vp_vmcall_instruction_io(TDX_IOEXIT_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &data_out); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IOEXIT_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_READ, + &data_in); + if (ret) + tdx_test_fatal(ret); + + delta =3D data_in - data_out; + if (delta !=3D 1) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +void verify_td_ioexit(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint32_t port_data; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_ioexit); + td_finalize(vm); + + printf("Verifying TD IO Exit:\n"); + + /* Wait for guest to do a IO write */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IOEXIT_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + port_data =3D *(uint8_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + printf("\t ... IO WRITE: OK\n"); + + /* + * Wait for the guest to do a IO read. Provide the previous written data + * + 1 back to the guest + */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IOEXIT_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_READ); + *(uint8_t *)((void *)vcpu->run + vcpu->run->io.data_offset) =3D port_data= + 1; + + printf("\t ... IO READ: OK\n"); + + /* + * Wait for the guest to complete execution successfully. The read + * value is checked within the guest. + */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + printf("\t ... IO verify read/write values: OK\n"); + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -84,6 +165,7 @@ int main(int argc, char **argv) =20 run_in_new_process(&verify_td_lifecycle); run_in_new_process(&verify_report_fatal_error); + run_in_new_process(&verify_td_ioexit); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60A87C25B50 for ; Sat, 21 Jan 2023 00:18:05 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230086AbjAUASE (ORCPT ); Fri, 20 Jan 2023 19:18:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54172 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230078AbjAUARs (ORCPT ); Fri, 20 Jan 2023 19:17:48 -0500 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08A80CC5C6 for ; Fri, 20 Jan 2023 16:17:21 -0800 (PST) Received: by mail-pf1-x44a.google.com with SMTP id j1-20020aa78001000000b0057d28e11cb6so3087040pfi.11 for ; Fri, 20 Jan 2023 16:17:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=i5oNII0+lLuKlf86/kD2DoUVJCXq3iLqKc12JrydmuE=; b=LAEhu7IkGXJf2FuHkgdLDDQdJw5VBwJJZc2AEokK24pr3alf+8FDMjZ2pinHR4ciHa +Oq98y722TU4COUPfEnyjM4uESO8QJBDHGnVB3w6Vsuux0DUHEz27ZW7Z3KKfc5LBvD8 TGs5+WTQPbgaRa5Y3/V8V2K514JbDDUqjQ3m39BfWJbauqvu05Mz8MsoZFqLp80t/lzN p4XfjNXi14DaUj2JEj4WJHNZvW0x9dZZJWn3caDoDhkAbuVwAfoCkLVg3WZUCRoY9ahk AK1EDaJ3UMuYTScpM3TZgKN1hKf76Im39SagK1u0d1eq13O6iYyZj6fK+iIYcqPVDZg6 FTKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=i5oNII0+lLuKlf86/kD2DoUVJCXq3iLqKc12JrydmuE=; b=bRwLj24533Gp3c/XE5nasKTGPVViPm0n1P86YVVOUmS3bm9xEK+F0Kd6jv7721bwHY YKQMyf6FU1e6cVajkERiD7nJNFD+raQ6rJBek18V04LI3xtNojFxlx3sfgyTlGeh09BS 2jkfrE7yrDC5MlFHe9/yhUKorubvKrCSZ3u1V8qlsMFRhmIHLEtqdJqQCh/v+i3M1VM3 2fz3cZjWID52vuGk60rqf61pX+yRSbk+pTlkT45ll8lRKED8MPPUSKVosaA0gNHHjvFm vq8OJ21pJnkhQ4tLg8qIj+UUQVXXEM0mNfL++FR8EMziuB4uocrxCSa2U7C7x3BJWSKS +75Q== X-Gm-Message-State: AFqh2krULr7iKLnq8uwZJ1e36d5qTibfHwr74V6HLavK748ODjQNR7uD BTpzfx5yv0fRN/eAvv1lbSYz6au+Xo6h9yDEIQ== X-Google-Smtp-Source: AMrXdXuTfxIVAzTb1jlUYpnuT5J/zUqBDcX1N7GbIRzVdvA7coUgCHn/bU54/8cQLxM96lqf3TWWbP1uxHSoMjoYsA== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a62:ae10:0:b0:580:9b0b:4fde with SMTP id q16-20020a62ae10000000b005809b0b4fdemr1894341pff.49.1674260224601; Fri, 20 Jan 2023 16:17:04 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:23 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-13-ackerleytng@google.com> Subject: [RFC PATCH v3 12/31] KVM: selftests: TDX: Add basic TDX CPUID test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test reads CPUID values from inside a TD VM and compare them to expected values. The test targets CPUID values which are virtualized as "As Configured", "As Configured (if Native)", "Calculated", "Fixed" and "Native" according to the TDX spec. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- Changes RFCv2 -> RFCv3 + Manually inlined cpuid function in cpuid test. This highlights the purpose of this test - to test the result of the cpuid instruction. + Replace find_cpuid_entry with kvm_get_supported_cpuid_entry from tools/testing/selftests/kvm/lib/x86_64/processor.c --- .../kvm/include/x86_64/tdx/test_util.h | 9 ++ .../selftests/kvm/lib/x86_64/tdx/test_util.c | 11 ++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 106 ++++++++++++++++++ 3 files changed, 126 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h index 95a5d5be7f0bf..af0ddbfe8d71b 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -9,6 +9,9 @@ #define TDX_TEST_SUCCESS_PORT 0x30 #define TDX_TEST_SUCCESS_SIZE 4 +#define TDX_TEST_REPORT_PORT 0x31 +#define TDX_TEST_REPORT_SIZE 4 + /** * Assert that some IO operation involving tdg_vp_vmcall_instruction_io() = was * called in the guest. @@ -102,4 +105,10 @@ void tdx_test_fatal(uint64_t error_code); */ void tdx_test_fatal_with_data(uint64_t error_code, uint64_t data_gpa); +/** + * Report a 32 bit value from the guest to user space using TDG.VP.VMCALL + * call. Data is reported on port TDX_TEST_REPORT_PORT. + */ +uint64_t tdx_test_report_to_user_space(uint32_t data); + #endif // SELFTEST_TDX_TEST_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c b/tools= /testing/selftests/kvm/lib/x86_64/tdx/test_util.c index 7f3cd8089cea3..55c5a1e634df7 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c @@ -42,3 +42,14 @@ void tdx_test_fatal(uint64_t error_code) { tdx_test_fatal_with_data(error_code, 0); } + +uint64_t tdx_test_report_to_user_space(uint32_t data) +{ + /* Upcast data to match tdg_vp_vmcall_instruction_io signature */ + uint64_t data_64 =3D data; + + return tdg_vp_vmcall_instruction_io(TDX_TEST_REPORT_PORT, + TDX_TEST_REPORT_SIZE, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &data_64); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 885c2b6bb1b96..b6072769967fa 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -2,6 +2,7 @@ #include #include "kvm_util_base.h" +#include "processor.h" #include "tdx/tdcall.h" #include "tdx/tdx.h" #include "tdx/tdx_util.h" @@ -154,6 +155,110 @@ void verify_td_ioexit(void) printf("\t ... PASSED\n"); } +/* + * Verifies CPUID functionality by reading CPUID values in guest. The guest + * will then send the values to userspace using an IO write to be checked + * against the expected values. + */ +void guest_code_cpuid(void) +{ + uint64_t err; + uint32_t ebx, ecx; + + /* Read CPUID leaf 0x1 */ + asm volatile ( + "cpuid" + : "=3Db" (ebx), "=3Dc" (ecx) + : "a" (0x1) + : "edx"); + + err =3D tdx_test_report_to_user_space(ebx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_to_user_space(ecx); + if (err) + tdx_test_fatal(err); + + tdx_test_success(); +} + +void verify_td_cpuid(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint32_t ebx, ecx; + const struct kvm_cpuid_entry2 *cpuid_entry; + uint32_t guest_clflush_line_size; + uint32_t guest_max_addressable_ids, host_max_addressable_ids; + uint32_t guest_sse3_enabled; + uint32_t guest_fma_enabled; + uint32_t guest_initial_apic_id; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_code_cpuid); + td_finalize(vm); + + printf("Verifying TD CPUID:\n"); + + /* Wait for guest to report ebx value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ebx =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + /* Wait for guest to report either ecx value or error */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ecx =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + /* Wait for guest to complete execution */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + /* Verify the CPUID values we got from the guest. */ + printf("\t ... Verifying CPUID values from guest\n"); + + /* Get KVM CPUIDs for reference */ + cpuid_entry =3D kvm_get_supported_cpuid_entry(1); + TEST_ASSERT(cpuid_entry, "CPUID entry missing\n"); + + host_max_addressable_ids =3D (cpuid_entry->ebx >> 16) & 0xFF; + + guest_sse3_enabled =3D ecx & 0x1; // Native + guest_clflush_line_size =3D (ebx >> 8) & 0xFF; // Fixed + guest_max_addressable_ids =3D (ebx >> 16) & 0xFF; // As Configured + guest_fma_enabled =3D (ecx >> 12) & 0x1; // As Configured (if Native) + guest_initial_apic_id =3D (ebx >> 24) & 0xFF; // Calculated + + ASSERT_EQ(guest_sse3_enabled, 1); + ASSERT_EQ(guest_clflush_line_size, 8); + ASSERT_EQ(guest_max_addressable_ids, host_max_addressable_ids); + + /* TODO: This only tests the native value. To properly test + * "As Configured (if Native)" we need to override this value + * in the TD params + */ + ASSERT_EQ(guest_fma_enabled, 1); + + /* TODO: guest_initial_apic_id is calculated based on the number of + * VCPUs in the TD. From the spec: "Virtual CPU index, starting from 0 + * and allocated sequentially on each successful TDH.VP.INIT" + * To test non-trivial values we either need a TD with multiple VCPUs + * or to pick a different calculated value. + */ + ASSERT_EQ(guest_initial_apic_id, 0); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -166,6 +271,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_td_lifecycle); run_in_new_process(&verify_report_fatal_error); run_in_new_process(&verify_td_ioexit); + run_in_new_process(&verify_td_cpuid); return 0; } -- 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C455C27C76 for ; Sat, 21 Jan 2023 00:18:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230125AbjAUASI (ORCPT ); Fri, 20 Jan 2023 19:18:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53406 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229988AbjAUARw (ORCPT ); Fri, 20 Jan 2023 19:17:52 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 32D82DA8EB for ; Fri, 20 Jan 2023 16:17:27 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-4bdeb1bbeafso65189907b3.4 for ; Fri, 20 Jan 2023 16:17:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=VfDFJ+/iyxAI3PGD3pUrIdU4TyKMDMQ1v8Rnr8gjcS8=; b=Ow7xLTNJ7rWpBHPrW8eCRek9b8bCgS2hzG4Hq0bJ5VO+ckVuiDumEDCCpEmhHJ4XHr 3rpwqyxkvQJMn76f2v+MmT8l2gC5Z7ueLnbbKv8iar3hP82Tppw00KfoZs5K3Pj+6rJA ZZmx53VNnB8yqA01NJ1jsRgThA4aw/MRMW/f+xyoyxOQKNPacLBO7ncB/IybPvuroSxi z2afvFEE4hCDP3dhztAfsVnrg0qJ+MlrsI0Mw47HmPbRefUb/bkvyj9EB5VSirVgeKsl RKFLa+EcCHFo78XkadVcuetutuQO003GEBZc0UIYfoPf2QfzmwNBFldGfFXHTnBKJ24T E2Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VfDFJ+/iyxAI3PGD3pUrIdU4TyKMDMQ1v8Rnr8gjcS8=; b=BYOcElfRtRKbNDGlVPdqhdakqqOnLD9CFGLjQkB3yOWDBejpiBDm0icdPRAvR87QAu M0rC+EegaIm5Nl4k346tSGuUn+T+hhv+PaL54cLbrXNM8OFYIj0O5jpDajVUUpGdvLTa V29r2psXz6EKAL1gyAUDrBcUUpvrjE3UG7lAqGLmSgDSrAL5WvM5we9Icq3DwUjhCZa3 tENexr1XAsqHGCi2UuK3eS9kIcsV07cDCLDh3dNmFiMw5EPeg+2ivkIarqqGKoobe4BO MoRlHWRovzYOl2vNJIpbVKnucT3r0wDTCjTmNPBpzc/GOSW5aD+vvWhWhulDKAZ7uDfF GQNg== X-Gm-Message-State: AFqh2kqMFgyAsC+lzPLMS0urFw2C4VhjmvIBlIwxgGVmiAFANZXgchNV 3SDq7zGAeH36M9uWA+h4EoyPysS1FJQe9Po5jg== X-Google-Smtp-Source: AMrXdXtHeebCqRs3GM2cU8NHHPkaoFTXq7tzkkWCUQxlXI7dZnOWhcvQvwmKfOZnQB6MDB+5e5ExBanwRiPWIgzekA== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:7189:0:b0:360:7f0a:1620 with SMTP id m131-20020a817189000000b003607f0a1620mr2245734ywc.192.1674260228807; Fri, 20 Jan 2023 16:17:08 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:24 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-14-ackerleytng@google.com> Subject: [RFC PATCH v3 13/31] KVM: selftests: TDX: Add basic get_td_vmcall_info test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test calls get_td_vmcall_info from the guest and verifies the expected returned values. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 3 + .../kvm/include/x86_64/tdx/test_util.h | 27 +++++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 23 ++++++ .../selftests/kvm/lib/x86_64/tdx/test_util.c | 46 +++++++++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 80 +++++++++++++++++++ 5 files changed, 179 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index 28959bdb07628..37ad16943e299 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -4,6 +4,7 @@ =20 #include =20 +#define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 =20 #define TDG_VP_VMCALL_INSTRUCTION_IO 30 @@ -11,5 +12,7 @@ uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, uint64_t write, uint64_t *data); void tdg_vp_vmcall_report_fatal_error(uint64_t error_code, uint64_t data_g= pa); +uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11, uint64_t *r12, + uint64_t *r13, uint64_t *r14); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h index af0ddbfe8d71b..8a9b6a1bec3eb 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -4,6 +4,7 @@ =20 #include =20 +#include "kvm_util_base.h" #include "tdcall.h" =20 #define TDX_TEST_SUCCESS_PORT 0x30 @@ -111,4 +112,30 @@ void tdx_test_fatal_with_data(uint64_t error_code, uin= t64_t data_gpa); */ uint64_t tdx_test_report_to_user_space(uint32_t data); =20 +/** + * Report a 64 bit value from the guest to user space using TDG.VP.VMCALL + * call. + * + * Data is sent to host in 2 calls. LSB is sent (and needs to be read) fir= st. + */ +uint64_t tdx_test_send_64bit(uint64_t port, uint64_t data); + +/** + * Report a 64 bit value from the guest to user space using TDG.VP.VMCALL + * call. Data is reported on port TDX_TEST_REPORT_PORT. + */ +uint64_t tdx_test_report_64bit_to_user_space(uint64_t data); + +/** + * Read a 64 bit value from the guest in user space, sent using + * tdx_test_send_64bit(). + */ +uint64_t tdx_test_read_64bit(struct kvm_vcpu *vcpu, uint64_t port); + +/** + * Read a 64 bit value from the guest in user space, sent using + * tdx_test_report_64bit_to_user_space. + */ +uint64_t tdx_test_read_64bit_report_from_guest(struct kvm_vcpu *vcpu); + #endif // SELFTEST_TDX_TEST_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index e8c399f2277cf..7254d61515db2 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -43,3 +43,26 @@ void tdg_vp_vmcall_report_fatal_error(uint64_t error_cod= e, uint64_t data_gpa) =20 __tdx_hypercall(&args, 0); } + +uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11, uint64_t *r12, + uint64_t *r13, uint64_t *r14) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_GET_TD_VM_CALL_INFO, + .r12 =3D 0, + }; + + ret =3D __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT); + + if (r11) + *r11 =3D args.r11; + if (r12) + *r12 =3D args.r12; + if (r13) + *r13 =3D args.r13; + if (r14) + *r14 =3D args.r14; + + return ret; +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c b/tools= /testing/selftests/kvm/lib/x86_64/tdx/test_util.c index 55c5a1e634df7..3ae651cd5fac4 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/test_util.c @@ -7,6 +7,7 @@ #include =20 #include "kvm_util_base.h" +#include "tdx/tdcall.h" #include "tdx/tdx.h" #include "tdx/test_util.h" =20 @@ -53,3 +54,48 @@ uint64_t tdx_test_report_to_user_space(uint32_t data) TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, &data_64); } + +uint64_t tdx_test_send_64bit(uint64_t port, uint64_t data) +{ + uint64_t err; + uint64_t data_lo =3D data & 0xFFFFFFFF; + uint64_t data_hi =3D (data >> 32) & 0xFFFFFFFF; + + err =3D tdg_vp_vmcall_instruction_io(port, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &data_lo); + if (err) + return err; + + return tdg_vp_vmcall_instruction_io(port, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &data_hi); +} + +uint64_t tdx_test_report_64bit_to_user_space(uint64_t data) +{ + return tdx_test_send_64bit(TDX_TEST_REPORT_PORT, data); +} + +uint64_t tdx_test_read_64bit(struct kvm_vcpu *vcpu, uint64_t port) +{ + uint32_t lo, hi; + uint64_t res; + + TDX_TEST_ASSERT_IO(vcpu, port, 4, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + lo =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + + TDX_TEST_ASSERT_IO(vcpu, port, 4, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + hi =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + res =3D hi; + res =3D (res << 32) | lo; + return res; +} + +uint64_t tdx_test_read_64bit_report_from_guest(struct kvm_vcpu *vcpu) +{ + return tdx_test_read_64bit(vcpu, TDX_TEST_REPORT_PORT); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index b6072769967fa..188442a734dca 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -259,6 +259,85 @@ void verify_td_cpuid(void) printf("\t ... PASSED\n"); } =20 +/* + * Verifies get_td_vmcall_info functionality. + */ +void guest_code_get_td_vmcall_info(void) +{ + uint64_t err; + uint64_t r11, r12, r13, r14; + + err =3D tdg_vp_vmcall_get_td_vmcall_info(&r11, &r12, &r13, &r14); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r11); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r12); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r13); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r14); + if (err) + tdx_test_fatal(err); + + tdx_test_success(); +} + +void verify_get_td_vmcall_info(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint64_t r11, r12, r13, r14; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_code_get_td_vmcall_info); + td_finalize(vm); + + printf("Verifying TD get vmcall info:\n"); + + /* Wait for guest to report r11 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r11 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r12 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r12 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r13 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r13 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r14 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r14 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + ASSERT_EQ(r11, 0); + ASSERT_EQ(r12, 0); + ASSERT_EQ(r13, 0); + ASSERT_EQ(r14, 0); + + /* Wait for guest to complete execution */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -272,6 +351,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_report_fatal_error); run_in_new_process(&verify_td_ioexit); run_in_new_process(&verify_td_cpuid); + run_in_new_process(&verify_get_td_vmcall_info); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A820C25B50 for ; Sat, 21 Jan 2023 00:17:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230017AbjAUARy (ORCPT ); Fri, 20 Jan 2023 19:17:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229985AbjAUARf (ORCPT ); Fri, 20 Jan 2023 19:17:35 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 676B8CD21A for ; Fri, 20 Jan 2023 16:17:13 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id z9-20020a25ba49000000b007d4416e3667so7512930ybj.23 for ; Fri, 20 Jan 2023 16:17:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=j6BV0YtQOiNrXMV5swymIknunfTEIhtzL+zfELVN7Ms=; b=l8az0f+ywIP6e260BtoZwU44Fhm7IcULO1Flblv5y1Y1LiZ/y7PKDffHyKWKkcxHNw KOWmv7uS/Xfu2NSm939NvnzW3uaCNDPHjv3W+IMXLDeZMzkhAJUE7lGBu2dPlPjNSPfL DeI6hQcFAF7QmYLhhlPjaOcp0Znt2M0/BEL4oesWn4F7j5jGAZm8nZ80ZtRDMmujgf+C CvkFThYu+v7NFEn7rLXXegNqaj9Jzw6M+w46LW8ueek/hizCwJecgABJOY/9v7PurAmZ yK/F1qsOl1p/Aoo8e7ext2gE2Q+0az8TOUQkMfg3cT/Ym33fPBlOkFZ+rX3yTSThtExj Rq1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=j6BV0YtQOiNrXMV5swymIknunfTEIhtzL+zfELVN7Ms=; b=mhmRJhdPATaurKRiQsLENxdL/CGVUswUrMgy8A3JmX537tAGUGL6heef1+H/shqEdX kooqWDnAvO+CFKXPjzRSzL/6wrrNENZF920ZoKIIj05W60Tq8858nNO5JC4VRTTFOMyh Xxgbhsjq1dOtt3QWzJxzF6qW+qkpKP8TawfZKO4ZWqpsYein5a5y7hvJBAv4PP7KuLKA SwuFcJ+3OGDHcEOCcOBPMPZQXes9Uo21rp10ekw1DaHgKduZrV7ATbZvUcE0sp68t/2h ayhyvd2/OMNn4epbHKt4TNf4nO8eEpF54ZzufYBpMi/KVyNCD+jNMDCHe/Fuecwgr1BE WxHg== X-Gm-Message-State: AFqh2kpzX8u8dTqmix1cnHdPazcDnHwtG4RsfQZ8w1pDBeSDEZKtPM2v ztXuSYX8Hhxago4N0i3MTtwDAU0aFpkcLNH9tg== X-Google-Smtp-Source: AMrXdXufsM1UYiyJ7fOSO4EaXsXUPYSCdlhfrRAC6atQl4aixkchwbE7r5eeo2uBnFLuw4tNY0+2jTPRJ9IPEu7WMQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a5b:a0b:0:b0:6fb:42d2:69e4 with SMTP id k11-20020a5b0a0b000000b006fb42d269e4mr1808452ybq.436.1674260233016; Fri, 20 Jan 2023 16:17:13 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:25 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-15-ackerleytng@google.com> Subject: [RFC PATCH v3 14/31] KVM: selftests: TDX: Add TDX IO writes test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies IO writes of various sizes from the guest to the host. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdcall.h | 3 + .../selftests/kvm/x86_64/tdx_vm_tests.c | 91 +++++++++++++++++++ 2 files changed, 94 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h b/tool= s/testing/selftests/kvm/include/x86_64/tdx/tdcall.h index 78001bfec9c8d..b5e94b7c48fa5 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h @@ -10,6 +10,9 @@ #define TDG_VP_VMCALL_INSTRUCTION_IO_READ 0 #define TDG_VP_VMCALL_INSTRUCTION_IO_WRITE 1 =20 +#define TDG_VP_VMCALL_SUCCESS 0x0000000000000000 +#define TDG_VP_VMCALL_INVALID_OPERAND 0x8000000000000000 + #define TDX_HCALL_HAS_OUTPUT BIT(0) =20 #define TDX_HYPERCALL_STANDARD 0 diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 188442a734dca..ac23d1ad1e687 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -338,6 +338,96 @@ void verify_get_td_vmcall_info(void) printf("\t ... PASSED\n"); } =20 +#define TDX_IO_WRITES_TEST_PORT 0x51 + +/* + * Verifies IO functionality by writing values of different sizes + * to the host. + */ +void guest_io_writes(void) +{ + uint64_t byte_1 =3D 0xAB; + uint64_t byte_2 =3D 0xABCD; + uint64_t byte_4 =3D 0xFFABCDEF; + uint64_t ret; + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_WRITES_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &byte_1); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_WRITES_TEST_PORT, 2, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &byte_2); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_WRITES_TEST_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &byte_4); + if (ret) + tdx_test_fatal(ret); + + // Write an invalid number of bytes. + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_WRITES_TEST_PORT, 5, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &byte_4); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +void verify_guest_writes(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint8_t byte_1; + uint16_t byte_2; + uint32_t byte_4; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_io_writes); + td_finalize(vm); + + printf("Verifying guest writes:\n"); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_WRITES_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + byte_1 =3D *(uint8_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_WRITES_TEST_PORT, 2, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + byte_2 =3D *(uint16_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_WRITES_TEST_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + byte_4 =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + ASSERT_EQ(byte_1, 0xAB); + ASSERT_EQ(byte_2, 0xABCD); + ASSERT_EQ(byte_4, 0xFFABCDEF); + + vcpu_run(vcpu); + ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_SYSTEM_EVENT); + ASSERT_EQ(vcpu->run->system_event.data[1], TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -352,6 +442,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_td_ioexit); run_in_new_process(&verify_td_cpuid); run_in_new_process(&verify_get_td_vmcall_info); + run_in_new_process(&verify_guest_writes); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D0C20C27C76 for ; Sat, 21 Jan 2023 00:18:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230087AbjAUAS0 (ORCPT ); Fri, 20 Jan 2023 19:18:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53760 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230098AbjAUASH (ORCPT ); Fri, 20 Jan 2023 19:18:07 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CA8BBDB7AD for ; Fri, 20 Jan 2023 16:17:40 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id w70-20020a25df49000000b00803e799d7b1so1600586ybg.10 for ; Fri, 20 Jan 2023 16:17:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=JbxOOqD+pwQw9GweUHv05gGISRszsuPq3GR2Y2VtJ2g=; b=tWSIGxxE0vaZiNmZxyVKpGgbuHSCV8Bs+2krR8P4CkG6Wk6ZJBEvprkyMZ46ROpBFr dtz/gVeX28QK8hr2zlBSJJX0elXAxsmTCByVEtwkV+yfBtOIuHh5lARNQWvKoF8jqvsJ QuvaGrvGtRvza/3LdTRpslfgTlpuCxCRKWgfGZRcuPQ80vZTkY3AWxaoi3aT5A2vd6kE q/624HqznaCWeXVU5MHfEJ5SMpQi0MfVWW71sLe99oNZapAMd6ftkXWUnwwqYNuOLFPZ Afi6R5epM+l3M2PIgDQHvG6hbBFDDRuYiv8a5r6EYPqNV0eN9gVrrD0eklr+dB3PLYMR 33nA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=JbxOOqD+pwQw9GweUHv05gGISRszsuPq3GR2Y2VtJ2g=; b=NFo8NRpih/BKQYeQIsw7mCgXC4dpHHjX30zJYRJNyiQqzTjjL+1Mk6ElyH1OIpYXx9 OqlEUT13xVwpEPiO9QvAdQZ5b8YHimdLxj7Wc7T6kZCThMNZ3JiFxeMj37tgCS4SNSX8 Rjc3NOuhHlMFODnDV9MBq/j6FviZwOOXE7V6rjpjodrdQP41+YAs194wen2zW8QHMnU5 /u9zOq4lIofWhIK26m/ajZ58kArap8gx9ues0UWJ9vOmNztXtwzeDRNtxBp9aRfVMT8m LHDQhmtyU1aRNP0B1y22Uew+FMD41e1+HSoLLdQy397mz+rq5E/pi9gWaLZ2JsGMA+xk 3BqQ== X-Gm-Message-State: AFqh2kpPyzu3+68jwjVyLfSEuZwuiVNiK6r9tB+5dE8K2Nv12rrzGC1D a12jpRNlPwoK2IDHAFly0Yc0n5Lz4fYxm4ELew== X-Google-Smtp-Source: AMrXdXteIywN3dWsGdBSd7kHWIeUZrhBm+8A+16wAnzf+wCy6Rbp8NIKiduVWk/xfFrrTDonNbk6QyimimoKOvCacw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:7316:0:b0:802:5d7f:db9f with SMTP id o22-20020a257316000000b008025d7fdb9fmr292409ybc.182.1674260237241; Fri, 20 Jan 2023 16:17:17 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:26 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-16-ackerleytng@google.com> Subject: [RFC PATCH v3 15/31] KVM: selftests: TDX: Add TDX IO reads test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies IO reads of various sizes from the host to the guest. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/x86_64/tdx_vm_tests.c | 87 +++++++++++++++++++ 1 file changed, 87 insertions(+) diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index ac23d1ad1e687..71aa4e5907a05 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -428,6 +428,92 @@ void verify_guest_writes(void) printf("\t ... PASSED\n"); } =20 +#define TDX_IO_READS_TEST_PORT 0x52 + +/* + * Verifies IO functionality by reading values of different sizes + * from the host. + */ +void guest_io_reads(void) +{ + uint64_t data; + uint64_t ret; + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_READS_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_READ, + &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0xAB) + tdx_test_fatal(1); + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_READS_TEST_PORT, 2, + TDG_VP_VMCALL_INSTRUCTION_IO_READ, + &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0xABCD) + tdx_test_fatal(2); + + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_READS_TEST_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_READ, + &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0xFFABCDEF) + tdx_test_fatal(4); + + // Read an invalid number of bytes. + ret =3D tdg_vp_vmcall_instruction_io(TDX_IO_READS_TEST_PORT, 5, + TDG_VP_VMCALL_INSTRUCTION_IO_READ, + &data); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +void verify_guest_reads(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_io_reads); + td_finalize(vm); + + printf("Verifying guest reads:\n"); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_READS_TEST_PORT, 1, + TDG_VP_VMCALL_INSTRUCTION_IO_READ); + *(uint8_t *)((void *)vcpu->run + vcpu->run->io.data_offset) =3D 0xAB; + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_READS_TEST_PORT, 2, + TDG_VP_VMCALL_INSTRUCTION_IO_READ); + *(uint16_t *)((void *)vcpu->run + vcpu->run->io.data_offset) =3D 0xABCD; + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_IO_READS_TEST_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_READ); + *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset) =3D 0xFFABCD= EF; + + vcpu_run(vcpu); + ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_SYSTEM_EVENT); + ASSERT_EQ(vcpu->run->system_event.data[1], TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -443,6 +529,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_td_cpuid); run_in_new_process(&verify_get_td_vmcall_info); run_in_new_process(&verify_guest_writes); + run_in_new_process(&verify_guest_reads); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E40D7C38159 for ; Sat, 21 Jan 2023 00:18:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230142AbjAUAS3 (ORCPT ); Fri, 20 Jan 2023 19:18:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55054 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230138AbjAUASO (ORCPT ); Fri, 20 Jan 2023 19:18:14 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF5EEDF97F for ; Fri, 20 Jan 2023 16:17:45 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id y66-20020a253245000000b007cb4f1e3e57so7417158yby.8 for ; Fri, 20 Jan 2023 16:17:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=rfsY1LSMZWbkB3lzXo82d1IvFhV8JL2sADgvMPah8iE=; b=iOjwDOWBLA+75vHNu041s40M+FhZkzA3407S5hBkV79p5NSRaF7IU9DIGyOAlBbJoX z/14b1ayPGaPg6JBGlwHj9sU9hxIGQ5kxlc8GbUMUbicrfUe/hvPJKB80Pq/idC7RquH 5x3R+qd2Rp70khxwTrGlKox2h1VNHn/9ZHD4qMYkcO9fKLZjaJ/DI03P9QduZwtLZrrY 2IN4ubI9WsgtkW1fh3/5ettAd38ZWBW7uHzTWYy2ZKScSKvP+oDd4kjVEXs2DBvnbj9L 8wuLw+gIyWbQXjZ+vfluxPl9PiK6W29xbaU7Wwah+4v02L/mEcwftEmwq6puQdXuJI1p lHJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rfsY1LSMZWbkB3lzXo82d1IvFhV8JL2sADgvMPah8iE=; b=WMUJvCW4m7XJsO2uyvodEtrKM9oFKM5SILTxPxyqunTeyIF0w0lEfUTWQiYT6RqjVV r3G+ukX689rsYEA5nTGqYXlsfWAjlosXmfE8JdBsCI4xNGP3aAyM8boOHihzL/7cs70U QUeY6J2myo0x3b/dIxsCuWLmbeMqbiJWyD5IP6spM+wuambPOJq8idtYz+4nglLexTWI v3WzeuUxJGs3OQG64OY7+iWdu8fn8caKi+5oTbrJFUdDL2eK++3d/vThnk+NwhTA5YEf y9jP3UF+KyU8MEElaAjj4LzDh2VxARDG2YyD5CnV316oQ8jbzNaX2PEgy7iQVdu8+7ZM mFOQ== X-Gm-Message-State: AFqh2koy0Mj2DYV/WwwkcdF4ZfnVYCdfaWQl4XSEqWADI3d/IRjsFAkt J/JJsVnAhhHqMlj2X0kiejVJ0bks98wkffJu+g== X-Google-Smtp-Source: AMrXdXuGQ/uTHxxtm+W+laNGWc0n8lUwlm0ZAYDNMJSsXsmvJ1Xc5HBhOnuhLPLPAamVVKNduZp2XSu1xPjt2GsL5A== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a5b:58a:0:b0:7bb:3b2d:718f with SMTP id l10-20020a5b058a000000b007bb3b2d718fmr1765369ybp.302.1674260241431; Fri, 20 Jan 2023 16:17:21 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:27 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-17-ackerleytng@google.com> Subject: [RFC PATCH v3 16/31] KVM: selftests: TDX: Add TDX MSR read/write tests From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies reads and writes for MSR registers with different access level. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- Changes RFCv2 -> RFCv3 + Fixed typo in MTTR->MTRR --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 4 + .../selftests/kvm/lib/x86_64/tdx/tdx.c | 27 +++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 217 ++++++++++++++++++ 3 files changed, 248 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index 37ad16943e299..fbac1951cfe35 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -8,11 +8,15 @@ #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 #define TDG_VP_VMCALL_INSTRUCTION_IO 30 +#define TDG_VP_VMCALL_INSTRUCTION_RDMSR 31 +#define TDG_VP_VMCALL_INSTRUCTION_WRMSR 32 uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, uint64_t write, uint64_t *data); void tdg_vp_vmcall_report_fatal_error(uint64_t error_code, uint64_t data_g= pa); uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11, uint64_t *r12, uint64_t *r13, uint64_t *r14); +uint64_t tdg_vp_vmcall_instruction_rdmsr(uint64_t index, uint64_t *ret_val= ue); +uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, uint64_t value); #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index 7254d61515db2..43088d6f40b50 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -66,3 +66,30 @@ uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11,= uint64_t *r12, return ret; } + +uint64_t tdg_vp_vmcall_instruction_rdmsr(uint64_t index, uint64_t *ret_val= ue) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_RDMSR, + .r12 =3D index, + }; + + ret =3D __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT); + + if (ret_value) + *ret_value =3D args.r11; + + return ret; +} + +uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, uint64_t value) +{ + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_WRMSR, + .r12 =3D index, + .r13 =3D value, + }; + + return __tdx_hypercall(&args, 0); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 71aa4e5907a05..65ca1ec2a6e82 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -514,6 +514,221 @@ void verify_guest_reads(void) printf("\t ... PASSED\n"); } +/* + * Define a filter which denies all MSR access except the following: + * MTTR_BASE_0: Allow read/write access + * MTTR_BASE_1: Allow read access + * MTTR_BASE_2: Allow write access + */ +static u64 tdx_msr_test_allow_bits =3D 0xFFFFFFFFFFFFFFFF; +#define MTTR_BASE_0 (0x200) +#define MTTR_BASE_1 (0x202) +#define MTTR_BASE_2 (0x204) +struct kvm_msr_filter tdx_msr_test_filter =3D { + .flags =3D KVM_MSR_FILTER_DEFAULT_DENY, + .ranges =3D { + { + .flags =3D KVM_MSR_FILTER_READ | + KVM_MSR_FILTER_WRITE, + .nmsrs =3D 1, + .base =3D MTTR_BASE_0, + .bitmap =3D (uint8_t *)&tdx_msr_test_allow_bits, + }, { + .flags =3D KVM_MSR_FILTER_READ, + .nmsrs =3D 1, + .base =3D MTTR_BASE_1, + .bitmap =3D (uint8_t *)&tdx_msr_test_allow_bits, + }, { + .flags =3D KVM_MSR_FILTER_WRITE, + .nmsrs =3D 1, + .base =3D MTTR_BASE_2, + .bitmap =3D (uint8_t *)&tdx_msr_test_allow_bits, + }, + }, +}; + +/* + * Verifies MSR read functionality. + */ +void guest_msr_read(void) +{ + uint64_t data; + uint64_t ret; + + ret =3D tdg_vp_vmcall_instruction_rdmsr(MTTR_BASE_0, &data); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdx_test_report_64bit_to_user_space(data); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_instruction_rdmsr(MTTR_BASE_1, &data); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdx_test_report_64bit_to_user_space(data); + if (ret) + tdx_test_fatal(ret); + + /* We expect this call to fail since MTTR_BASE_2 is write only */ + ret =3D tdg_vp_vmcall_instruction_rdmsr(MTTR_BASE_2, &data); + if (ret) { + ret =3D tdx_test_report_64bit_to_user_space(ret); + if (ret) + tdx_test_fatal(ret); + } else { + tdx_test_fatal(-99); + } + + tdx_test_success(); +} + +void verify_guest_msr_reads(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint64_t data; + int ret; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + + /* + * Set explicit MSR filter map to control access to the MSR registers + * used in the test. + */ + printf("\t ... Setting test MSR filter\n"); + ret =3D kvm_check_cap(KVM_CAP_X86_USER_SPACE_MSR); + TEST_ASSERT(ret, "KVM_CAP_X86_USER_SPACE_MSR is unavailable"); + vm_enable_cap(vm, KVM_CAP_X86_USER_SPACE_MSR, KVM_MSR_EXIT_REASON_FILTER); + + ret =3D kvm_check_cap(KVM_CAP_X86_MSR_FILTER); + TEST_ASSERT(ret, "KVM_CAP_X86_MSR_FILTER is unavailable"); + + ret =3D ioctl(vm->fd, KVM_X86_SET_MSR_FILTER, &tdx_msr_test_filter); + TEST_ASSERT(ret =3D=3D 0, + "KVM_X86_SET_MSR_FILTER failed, ret: %i errno: %i (%s)", + ret, errno, strerror(errno)); + + vcpu =3D td_vcpu_add(vm, 0, guest_msr_read); + td_finalize(vm); + + printf("Verifying guest msr reads:\n"); + + printf("\t ... Setting test MTTR values\n"); + /* valid values for mtrr type are 0, 1, 4, 5, 6 */ + vcpu_set_msr(vcpu, MTTR_BASE_0, 4); + vcpu_set_msr(vcpu, MTTR_BASE_1, 5); + vcpu_set_msr(vcpu, MTTR_BASE_2, 6); + + printf("\t ... Running guest\n"); + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + data =3D tdx_test_read_64bit_report_from_guest(vcpu); + ASSERT_EQ(data, 4); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + data =3D tdx_test_read_64bit_report_from_guest(vcpu); + ASSERT_EQ(data, 5); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + data =3D tdx_test_read_64bit_report_from_guest(vcpu); + ASSERT_EQ(data, TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + +/* + * Verifies MSR write functionality. + */ +void guest_msr_write(void) +{ + uint64_t ret; + + ret =3D tdg_vp_vmcall_instruction_wrmsr(MTTR_BASE_0, 4); + if (ret) + tdx_test_fatal(ret); + + /* We expect this call to fail since MTTR_BASE_1 is read only */ + ret =3D tdg_vp_vmcall_instruction_wrmsr(MTTR_BASE_1, 5); + if (ret) { + ret =3D tdx_test_report_64bit_to_user_space(ret); + if (ret) + tdx_test_fatal(ret); + } else { + tdx_test_fatal(-99); + } + + + ret =3D tdg_vp_vmcall_instruction_wrmsr(MTTR_BASE_2, 6); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +void verify_guest_msr_writes(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + + uint64_t data; + int ret; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + + /* + * Set explicit MSR filter map to control access to the MSR registers + * used in the test. + */ + printf("\t ... Setting test MSR filter\n"); + ret =3D kvm_check_cap(KVM_CAP_X86_USER_SPACE_MSR); + TEST_ASSERT(ret, "KVM_CAP_X86_USER_SPACE_MSR is unavailable"); + vm_enable_cap(vm, KVM_CAP_X86_USER_SPACE_MSR, KVM_MSR_EXIT_REASON_FILTER); + + ret =3D kvm_check_cap(KVM_CAP_X86_MSR_FILTER); + TEST_ASSERT(ret, "KVM_CAP_X86_MSR_FILTER is unavailable"); + + ret =3D ioctl(vm->fd, KVM_X86_SET_MSR_FILTER, &tdx_msr_test_filter); + TEST_ASSERT(ret =3D=3D 0, + "KVM_X86_SET_MSR_FILTER failed, ret: %i errno: %i (%s)", + ret, errno, strerror(errno)); + + vcpu =3D td_vcpu_add(vm, 0, guest_msr_write); + td_finalize(vm); + + printf("Verifying guest msr writes:\n"); + + printf("\t ... Running guest\n"); + /* Only the write to MTTR_BASE_1 should trigger an exit */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + data =3D tdx_test_read_64bit_report_from_guest(vcpu); + ASSERT_EQ(data, TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + printf("\t ... Verifying MTTR values writen by guest\n"); + + ASSERT_EQ(vcpu_get_msr(vcpu, MTTR_BASE_0), 4); + ASSERT_EQ(vcpu_get_msr(vcpu, MTTR_BASE_1), 0); + ASSERT_EQ(vcpu_get_msr(vcpu, MTTR_BASE_2), 6); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -530,6 +745,8 @@ int main(int argc, char **argv) run_in_new_process(&verify_get_td_vmcall_info); run_in_new_process(&verify_guest_writes); run_in_new_process(&verify_guest_reads); + run_in_new_process(&verify_guest_msr_writes); + run_in_new_process(&verify_guest_msr_reads); return 0; } -- 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE0CCC05027 for ; Sat, 21 Jan 2023 00:18:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229970AbjAUASc (ORCPT ); Fri, 20 Jan 2023 19:18:32 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229787AbjAUAST (ORCPT ); Fri, 20 Jan 2023 19:18:19 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A653C73ACF for ; Fri, 20 Jan 2023 16:17:52 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id t13-20020a056902018d00b0074747131938so7468971ybh.12 for ; Fri, 20 Jan 2023 16:17:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=vWnv20fie/GQfacbGSS84A7f8gWQK0m5+WUyBewkaDU=; b=s/mE+Pd84jXkHm4/bsf0JUJY+Vp++e6y8PAPfYAiwDXQRJQ1LT+N4u/a1FMKW37+u/ boh/VILL9JRUzl83bGQNdfbCqD1Qvj7ynAwPya9Lq1ySN87DlcRVLqIFlqELUH0lKyNW LkmRCj2jnjIkZf9JzBU/n7ZcKrB1Ka+Q6tuAg0NHsP6anucVnK7Du+6a6iv3DWS4hCDg 7iQwjc50ACCRROa2td41eLaV5Idiw0HAtFp230LJ68yTISUJyQsJcmuKqHc3XWrWrQMz mQ5eS4mw2l7jgN7PMhMWvwN2Ea8kpEDd5ZpigUpLLz2PpbIhK8KTQvwuisc5TWbo4RSR T2KA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vWnv20fie/GQfacbGSS84A7f8gWQK0m5+WUyBewkaDU=; b=PMnXcReimDJHuBDM8LnUVRvFSxMrnvGi5ZveGoe6Pql0MHiP1cMy9B0/qVvrEZLpgJ mBqnfya06cpWgHG7wNVRrna2qy0L4LvoBj9Gw3QZCdqsWbNQYPcqDmhxhmldpty83Fbk fRuHR2qeCB/WuDtKJY4kx+yiA+eTHfdyBMQC17kcfm4UbiMw41bE5PviGH1rrOEL0qiY HKqWBZ57gTYQIXCUWiCbd/plYCiF7YyGMmiFbBGp+3TfVj7NYLrt/pWqQ5rdOL/KO3IX 8Q11PhgVOLkCtBWfbaGngpzEm+5uwt+PpUGIQlggBwUTPpD1vnDYBrELgSlW0jHYPinI J+4g== X-Gm-Message-State: AFqh2kqzt8r+UNEsnvbxjWfhl1ATTHUmrxe95sjWCq1xNvX92VGqdZA3 dm4Vnnt/tlfbe27ZpalThAesN92L5VkhAfvp9Q== X-Google-Smtp-Source: AMrXdXuz77o9QEUtjLGDv2jBofIrwITXkhKV5huEbQvXz8JbBqYFuHnpsehfmqc8g5e6CXejkPMtKlLjl7Y9quXa+A== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:c0e:0:b0:3b2:2653:d3b with SMTP id 14-20020a810c0e000000b003b226530d3bmr2091550ywm.86.1674260245563; Fri, 20 Jan 2023 16:17:25 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:28 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-18-ackerleytng@google.com> Subject: [RFC PATCH v3 17/31] KVM: selftests: TDX: Add TDX HLT exit test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies that the guest runs TDVMCALL and the guest vCPU enters to the halted state. Signed-off-by: Erdem Aktas Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 3 + .../selftests/kvm/lib/x86_64/tdx/tdx.c | 10 +++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 78 +++++++++++++++++++ 3 files changed, 91 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index fbac1951cfe35..7eba9d80b3681 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -7,10 +7,12 @@ #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 =20 +#define TDG_VP_VMCALL_INSTRUCTION_HLT 12 #define TDG_VP_VMCALL_INSTRUCTION_IO 30 #define TDG_VP_VMCALL_INSTRUCTION_RDMSR 31 #define TDG_VP_VMCALL_INSTRUCTION_WRMSR 32 =20 + uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, uint64_t write, uint64_t *data); void tdg_vp_vmcall_report_fatal_error(uint64_t error_code, uint64_t data_g= pa); @@ -18,5 +20,6 @@ uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11, = uint64_t *r12, uint64_t *r13, uint64_t *r14); uint64_t tdg_vp_vmcall_instruction_rdmsr(uint64_t index, uint64_t *ret_val= ue); uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, uint64_t value); +uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_flag); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index 43088d6f40b50..1af0626c2a4ad 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -93,3 +93,13 @@ uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index,= uint64_t value) =20 return __tdx_hypercall(&args, 0); } + +uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_flag) +{ + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_HLT, + .r12 =3D interrupt_blocked_flag, + }; + + return __tdx_hypercall(&args, 0); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 65ca1ec2a6e82..346c1e07af9c0 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -728,6 +728,83 @@ void verify_guest_msr_writes(void) printf("\t ... PASSED\n"); } =20 +/* + * Verifies HLT functionality. + */ +void guest_hlt(void) +{ + uint64_t ret; + uint64_t interrupt_blocked_flag; + + interrupt_blocked_flag =3D 0; + ret =3D tdg_vp_vmcall_instruction_hlt(interrupt_blocked_flag); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +void _verify_guest_hlt(int signum); + +void wake_me(int interval) +{ + struct sigaction action; + + action.sa_handler =3D _verify_guest_hlt; + sigemptyset(&action.sa_mask); + action.sa_flags =3D 0; + + TEST_ASSERT(sigaction(SIGALRM, &action, NULL) =3D=3D 0, + "Could not set the alarm handler!"); + + alarm(interval); +} + +void _verify_guest_hlt(int signum) +{ + struct kvm_vm *vm; + static struct kvm_vcpu *vcpu; + + /* + * This function will also be called by SIGALRM handler to check the + * vCPU MP State. If vm has been initialized, then we are in the signal + * handler. Check the MP state and let the guest run again. + */ + if (vcpu !=3D NULL) { + struct kvm_mp_state mp_state; + + vcpu_mp_state_get(vcpu, &mp_state); + ASSERT_EQ(mp_state.mp_state, KVM_MP_STATE_HALTED); + + /* Let the guest to run and finish the test.*/ + mp_state.mp_state =3D KVM_MP_STATE_RUNNABLE; + vcpu_mp_state_set(vcpu, &mp_state); + return; + } + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_hlt); + td_finalize(vm); + + printf("Verifying HLT:\n"); + + printf("\t ... Running guest\n"); + + /* Wait 1 second for guest to execute HLT */ + wake_me(1); + vcpu_run(vcpu); + + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + +void verify_guest_hlt(void) +{ + _verify_guest_hlt(0); +} =20 int main(int argc, char **argv) { @@ -747,6 +824,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_guest_reads); run_in_new_process(&verify_guest_msr_writes); run_in_new_process(&verify_guest_msr_reads); + run_in_new_process(&verify_guest_hlt); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B323AC05027 for ; Sat, 21 Jan 2023 00:18:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230161AbjAUASi (ORCPT ); Fri, 20 Jan 2023 19:18:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230085AbjAUASZ (ORCPT ); Fri, 20 Jan 2023 19:18:25 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E113AC4E83 for ; Fri, 20 Jan 2023 16:17:55 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id n203-20020a2572d4000000b0078f09db9888so7427509ybc.18 for ; Fri, 20 Jan 2023 16:17:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=WjO5rBwLb0cHzWThJNyOsO1URxlYZa7SL0LoJaae1iY=; b=DbRKdnP4x88VQmpI73F5HtgUxWbJ2hsDEBYdUyvS8NBGoTwSGWDKbPvp6spCy61JKa d8sCFnczxbj7XTIgC5qmDASbZuQUm4JaxsHKPw5mgwOTcf+5C7fOEgl8kKDjBaA5vDiL BzUxepdz3NOVVwzTyUgqjRDacw06zOUCEiAMbmYtayKjQ0EKf8XNVzpsKuRHJcd9LAcB 0lu7xGF0zPGrHg+/e0vv+lW6RaM488sqw/EJEPXs421fhv5UocYR+waxt3sO+VYZy3tH td827j6Sc07EQNlG9HbMRF7AN9NBjz6hjBomANw6zqJWyuma2V9QYMTIBwBpkZ12gUI3 a14Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=WjO5rBwLb0cHzWThJNyOsO1URxlYZa7SL0LoJaae1iY=; b=D4Agkwe14azL7UBj5gc4UCInoKl/agTy8bAUb676d4k/BWfrcVShjWtA9YPApm3uID Cnm/J6Z0P0VaeBPAGz/VlS7N1jvS/JSD7P03NLERokQ0sIr3aDgY+25qQ8qxJ+Raaxry hOP/ndRdKe5T7gg+sTqaJ2slQf/N0GEROgejC3gRfwmbDNOCoVado+Ij/tcr1blNi/E8 VHdyQPYJqNTkm2XQyTsWQ0DxssqDijE9lU1M9QHUP3IJC8CISqKI4N5wqqaMjGtfjctp ODojbdoUgJyaXyVtzHWL5Frum5B5O1YHpDENM3R//q5Zqgw6psgMP2cVLvcJrqsWdscz OxBQ== X-Gm-Message-State: AFqh2kqbfNTEh7USgB0GOaNG2rEWetu4Onbs6BaL9RDtiTlknh9XWUIF xcoSsjM7g1aPfEZR+rVZhYiPyMS0wdPbMNaC/g== X-Google-Smtp-Source: AMrXdXs2Azizp8MgH3Huhhpq7IBWql1lWkjMllTIOkYSDytuaEr6jOkniKY65Y0teNdl7wi3iWIuU9V4MUkSE2rpow== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:648:0:b0:4ee:30ce:15e1 with SMTP id 69-20020a810648000000b004ee30ce15e1mr2152793ywg.53.1674260249914; Fri, 20 Jan 2023 16:17:29 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:29 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-19-ackerleytng@google.com> Subject: [RFC PATCH v3 18/31] KVM: selftests: TDX: Add TDX MMIO reads test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies MMIO reads of various sizes from the host to the guest. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdcall.h | 2 + .../selftests/kvm/include/x86_64/tdx/tdx.h | 3 + .../kvm/include/x86_64/tdx/test_util.h | 23 +++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 19 ++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 87 +++++++++++++++++++ 5 files changed, 134 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h b/tool= s/testing/selftests/kvm/include/x86_64/tdx/tdcall.h index b5e94b7c48fa5..95fcdbd8404e9 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h @@ -9,6 +9,8 @@ =20 #define TDG_VP_VMCALL_INSTRUCTION_IO_READ 0 #define TDG_VP_VMCALL_INSTRUCTION_IO_WRITE 1 +#define TDG_VP_VMCALL_VE_REQUEST_MMIO_READ 0 +#define TDG_VP_VMCALL_VE_REQUEST_MMIO_WRITE 1 =20 #define TDG_VP_VMCALL_SUCCESS 0x0000000000000000 #define TDG_VP_VMCALL_INVALID_OPERAND 0x8000000000000000 diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index 7eba9d80b3681..8dd6a65485260 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -11,6 +11,7 @@ #define TDG_VP_VMCALL_INSTRUCTION_IO 30 #define TDG_VP_VMCALL_INSTRUCTION_RDMSR 31 #define TDG_VP_VMCALL_INSTRUCTION_WRMSR 32 +#define TDG_VP_VMCALL_VE_REQUEST_MMIO 48 =20 =20 uint64_t tdg_vp_vmcall_instruction_io(uint64_t port, uint64_t size, @@ -21,5 +22,7 @@ uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t *r11, = uint64_t *r12, uint64_t tdg_vp_vmcall_instruction_rdmsr(uint64_t index, uint64_t *ret_val= ue); uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, uint64_t value); uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_flag); +uint64_t tdg_vp_vmcall_ve_request_mmio_read(uint64_t address, uint64_t siz= e, + uint64_t *data_out); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/test_util.h index 8a9b6a1bec3eb..af412b7646049 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/test_util.h @@ -35,6 +35,29 @@ (VCPU)->run->io.direction); \ } while (0) =20 + +/** + * Assert that some MMIO operation involving TDG.VP.VMCALL <#VERequestMMIO= > was + * called in the guest. + */ +#define TDX_TEST_ASSERT_MMIO(VCPU, ADDR, SIZE, DIR) \ + do { \ + TEST_ASSERT((VCPU)->run->exit_reason =3D=3D KVM_EXIT_MMIO, \ + "Got exit_reason other than KVM_EXIT_MMIO: %u (%s)\n", \ + (VCPU)->run->exit_reason, \ + exit_reason_str((VCPU)->run->exit_reason)); \ + \ + TEST_ASSERT(((VCPU)->run->exit_reason =3D=3D KVM_EXIT_MMIO) && \ + ((VCPU)->run->mmio.phys_addr =3D=3D (ADDR)) && \ + ((VCPU)->run->mmio.len =3D=3D (SIZE)) && \ + ((VCPU)->run->mmio.is_write =3D=3D (DIR)), \ + "Got an unexpected MMIO exit values: %u (%s) %llu %d %d\n", \ + (VCPU)->run->exit_reason, \ + exit_reason_str((VCPU)->run->exit_reason), \ + (VCPU)->run->mmio.phys_addr, (VCPU)->run->mmio.len, \ + (VCPU)->run->mmio.is_write); \ + } while (0) + /** * Check and report if there was some failure in the guest, either an exce= ption * like a triple fault, or if a tdx_test_fatal() was hit. diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index 1af0626c2a4ad..dcdacf08bcd60 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -103,3 +103,22 @@ uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interr= upt_blocked_flag) =20 return __tdx_hypercall(&args, 0); } + +uint64_t tdg_vp_vmcall_ve_request_mmio_read(uint64_t address, uint64_t siz= e, + uint64_t *data_out) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO, + .r12 =3D size, + .r13 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO_READ, + .r14 =3D address, + }; + + ret =3D __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT); + + if (data_out) + *data_out =3D args.r11; + + return ret; +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 346c1e07af9c0..88f0429db0176 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -806,6 +806,92 @@ void verify_guest_hlt(void) _verify_guest_hlt(0); } =20 +/* Pick any address that was not mapped into the guest to test MMIO */ +#define TDX_MMIO_TEST_ADDR 0x200000000 + +void guest_mmio_reads(void) +{ + uint64_t data; + uint64_t ret; + + ret =3D tdg_vp_vmcall_ve_request_mmio_read(TDX_MMIO_TEST_ADDR, 1, &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0x12) + tdx_test_fatal(1); + + ret =3D tdg_vp_vmcall_ve_request_mmio_read(TDX_MMIO_TEST_ADDR, 2, &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0x1234) + tdx_test_fatal(2); + + ret =3D tdg_vp_vmcall_ve_request_mmio_read(TDX_MMIO_TEST_ADDR, 4, &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0x12345678) + tdx_test_fatal(4); + + ret =3D tdg_vp_vmcall_ve_request_mmio_read(TDX_MMIO_TEST_ADDR, 8, &data); + if (ret) + tdx_test_fatal(ret); + if (data !=3D 0x1234567890ABCDEF) + tdx_test_fatal(8); + + // Read an invalid number of bytes. + ret =3D tdg_vp_vmcall_ve_request_mmio_read(TDX_MMIO_TEST_ADDR, 10, &data); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +/* + * Varifies guest MMIO reads. + */ +void verify_mmio_reads(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_mmio_reads); + td_finalize(vm); + + printf("Verifying TD MMIO reads:\n"); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 1, TDG_VP_VMCALL_VE_REQUES= T_MMIO_READ); + *(uint8_t *)vcpu->run->mmio.data =3D 0x12; + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 2, TDG_VP_VMCALL_VE_REQUES= T_MMIO_READ); + *(uint16_t *)vcpu->run->mmio.data =3D 0x1234; + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 4, TDG_VP_VMCALL_VE_REQUES= T_MMIO_READ); + *(uint32_t *)vcpu->run->mmio.data =3D 0x12345678; + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 8, TDG_VP_VMCALL_VE_REQUES= T_MMIO_READ); + *(uint64_t *)vcpu->run->mmio.data =3D 0x1234567890ABCDEF; + + vcpu_run(vcpu); + ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_SYSTEM_EVENT); + ASSERT_EQ(vcpu->run->system_event.data[1], TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -825,6 +911,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_guest_msr_writes); run_in_new_process(&verify_guest_msr_reads); run_in_new_process(&verify_guest_hlt); + run_in_new_process(&verify_mmio_reads); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2E08C27C76 for ; Sat, 21 Jan 2023 00:18:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230211AbjAUAS4 (ORCPT ); Fri, 20 Jan 2023 19:18:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54882 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230147AbjAUASe (ORCPT ); Fri, 20 Jan 2023 19:18:34 -0500 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7EE94B2D01 for ; Fri, 20 Jan 2023 16:18:01 -0800 (PST) Received: by mail-pl1-x649.google.com with SMTP id b9-20020a170903228900b00194a0110d7bso3815481plh.6 for ; Fri, 20 Jan 2023 16:18:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=WDRb3hUK3KL7DjIqYNoerTWOItA0XH5RYK6H+82j2oo=; b=XKdLbiTjQhc9QJq14SPOY4oxXeT+HysgYBLtbPoSyINx26ic5GcWQYVBXakE2mIlKz 3OrvzXQoJQ8F1SBQxDJ8tcSajMpWk1WvEXySGVZz5WMgpy9VIWczLuL5s+e2/u5Eqalp mNTWZliS4ITyJscyB4p3S0iuaQ7Wh9c2iLF2ASd2RtXUOf5/mG0b4/wF7eQtRovXL1L6 fuLxuYfQ2YAn9AlXtF14its/YFWf+KMNN4Zd3hlFp6ossx8R4A+zs23HvvI3tXLBMAAl xXSNsTdW7suXb/hQ17/sYvsVmr33WQjnbxMlkNHI4XhNAeM36E3fKtxgX9ErrxPZMtw8 Ai0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=WDRb3hUK3KL7DjIqYNoerTWOItA0XH5RYK6H+82j2oo=; b=6gTYVhACX/TH8XxF8HjZNui3oxOLhHfQTHV1TTEmYFJ5FVGIQdDzeQevdZMfcX53Nk T77AB36xwHMjBHvIEb3hLLzOS+Efs2kT7Zx/yIWdHkxLaFYd8TjtGgpDXB0mzIghCTCd FUm7EQG4LDR5QqbY38Ue9XJmWyvTwpKA4WuCe/+spiuWnJhoKQ5vsqhV++pVZ54NoBNL 0ncvH8c0JQvpUiTL7WYH1DuFAzRb2fvF/ShD9HqemI2vhuw7qe1GnyRS3F4BS4e+qQTH yhJuekSNtRizmHMG/XU/ULHcCeJR6rL5Arcy0EYdlNMWQ3/ibtm0VwMvmYRv9iFIgkjz DJVQ== X-Gm-Message-State: AFqh2krowQbat+1b6CyLOTxf4ZNt23/tpLGCGZVubPbytsbNG/NmbX/o 9d8q76YDadPy15iVdSCY4rH2VkmqbQk9xVMEGA== X-Google-Smtp-Source: AMrXdXt1XhMvepnOd4PkQEnRmj4etZEsfLhZH3dY0GE9wFptQNK6vFci+DDTmZgluotiO55Qn6Oa6u3+G7bcLHPvkw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a17:902:7595:b0:193:3b70:e9a0 with SMTP id j21-20020a170902759500b001933b70e9a0mr1730374pll.6.1674260254883; Fri, 20 Jan 2023 16:17:34 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:30 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-20-ackerleytng@google.com> Subject: [RFC PATCH v3 19/31] KVM: selftests: TDX: Add TDX MMIO writes test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar The test verifies MMIO writes of various sizes from the guest to the host. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 2 + .../selftests/kvm/lib/x86_64/tdx/tdx.c | 14 +++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 85 +++++++++++++++++++ 3 files changed, 101 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index 8dd6a65485260..f2a90ad8a55c6 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -24,5 +24,7 @@ uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, = uint64_t value); uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_flag); uint64_t tdg_vp_vmcall_ve_request_mmio_read(uint64_t address, uint64_t siz= e, uint64_t *data_out); +uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si= ze, + uint64_t data_in); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index dcdacf08bcd60..8b12ac7049572 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -122,3 +122,17 @@ uint64_t tdg_vp_vmcall_ve_request_mmio_read(uint64_t a= ddress, uint64_t size, =20 return ret; } + +uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si= ze, + uint64_t data_in) +{ + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO, + .r12 =3D size, + .r13 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO_WRITE, + .r14 =3D address, + .r15 =3D data_in, + }; + + return __tdx_hypercall(&args, 0); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 88f0429db0176..dcc0940a74e92 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -892,6 +892,90 @@ void verify_mmio_reads(void) printf("\t ... PASSED\n"); } =20 +void guest_mmio_writes(void) +{ + uint64_t ret; + + ret =3D tdg_vp_vmcall_ve_request_mmio_write(TDX_MMIO_TEST_ADDR, 1, 0x12); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_ve_request_mmio_write(TDX_MMIO_TEST_ADDR, 2, 0x1234= ); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_ve_request_mmio_write(TDX_MMIO_TEST_ADDR, 4, 0x1234= 5678); + if (ret) + tdx_test_fatal(ret); + + ret =3D tdg_vp_vmcall_ve_request_mmio_write(TDX_MMIO_TEST_ADDR, 8, 0x1234= 567890ABCDEF); + if (ret) + tdx_test_fatal(ret); + + // Write across page boundary. + ret =3D tdg_vp_vmcall_ve_request_mmio_write(PAGE_SIZE - 1, 8, 0); + if (ret) + tdx_test_fatal(ret); + + tdx_test_success(); +} + +/* + * Varifies guest MMIO writes. + */ +void verify_mmio_writes(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint8_t byte_1; + uint16_t byte_2; + uint32_t byte_4; + uint64_t byte_8; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_mmio_writes); + td_finalize(vm); + + printf("Verifying TD MMIO writes:\n"); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 1, TDG_VP_VMCALL_VE_REQUES= T_MMIO_WRITE); + byte_1 =3D *(uint8_t *)(vcpu->run->mmio.data); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 2, TDG_VP_VMCALL_VE_REQUES= T_MMIO_WRITE); + byte_2 =3D *(uint16_t *)(vcpu->run->mmio.data); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 4, TDG_VP_VMCALL_VE_REQUES= T_MMIO_WRITE); + byte_4 =3D *(uint32_t *)(vcpu->run->mmio.data); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_MMIO(vcpu, TDX_MMIO_TEST_ADDR, 8, TDG_VP_VMCALL_VE_REQUES= T_MMIO_WRITE); + byte_8 =3D *(uint64_t *)(vcpu->run->mmio.data); + + ASSERT_EQ(byte_1, 0x12); + ASSERT_EQ(byte_2, 0x1234); + ASSERT_EQ(byte_4, 0x12345678); + ASSERT_EQ(byte_8, 0x1234567890ABCDEF); + + vcpu_run(vcpu); + ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_SYSTEM_EVENT); + ASSERT_EQ(vcpu->run->system_event.data[1], TDG_VP_VMCALL_INVALID_OPERAND); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -912,6 +996,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_guest_msr_reads); run_in_new_process(&verify_guest_hlt); run_in_new_process(&verify_mmio_reads); + run_in_new_process(&verify_mmio_writes); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7F40C38A23 for ; Sat, 21 Jan 2023 00:19:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230095AbjAUAS7 (ORCPT ); Fri, 20 Jan 2023 19:18:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55510 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230159AbjAUASi (ORCPT ); Fri, 20 Jan 2023 19:18:38 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8922F73AC1 for ; Fri, 20 Jan 2023 16:18:04 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-4c8e781bc0aso66373447b3.22 for ; Fri, 20 Jan 2023 16:18:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=vOwGtki9KFPboHEALtokyYZ7SUKgOo9ywAkWpYTPLlY=; b=GNQli3vbWyBQzWxSUIC96W0IJYbF/Ojtzs3NaAk6EebJ69mMu9B+S0lR/AJ9VJNhM+ +P4JZw6H/PyqDMcyw3GGXZIdf/Mrzaek7lKsK5lapeiukAg4Q+GsGhb35Iveh2wG2Tqp /lI8101PQATC701yjLYNZ/0O+drh4usGew30l4ALSElGN4St029Q+bITRmxWi6h9N5C1 0c3FrL2OGNPIpjK9SEuo3Z/HOPkIMlGSs756uoHPN+TOgAfAnHFf3k7cjJv4oa+iakWO SiZJdc/Y+YwlsFlLLBMvrFt/tFkHq8Ovxm1JcaxykTQ8QxByz5py1XYnkLuq4pfN9ALw 780Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vOwGtki9KFPboHEALtokyYZ7SUKgOo9ywAkWpYTPLlY=; b=FnvPlvWYL5TknjPwjE4kWMH12p8LSwVz35YxjitbC7CYYnMDkitx2V8Sn1Ob7sjYTd G7fJQ4T6Id/d9Gg8hTN64LNbWAnsqw/tjZ9ub81m50DQI7DK1e24vivfvCU2KqK1OuKy x2aQVkXTf7605pQKKa519Rezt8oGijV50LvBI0XYaKmOZRIgvtr/yyN2cdUUXkak0Jw/ DuDJE1yhxp0Ggfa/PD38o6IXh2QkV8NQHqsWmuJLvoDF6rcmL7CkjL1fijiFTTUR1/F6 cobpFgdECyIWNAb8lVwIxWKKaxoW3OsaIs6GZ/07+BGFTAb1WosJCrznhcaS5WtNJHN7 /wPg== X-Gm-Message-State: AFqh2kpztmbFreNzRt7RiVKG+T8ZiYufWZSUoBHcrqEOQp4sDj7eFm9n 6Jvgb/nN6C67KhRsLr+1AMX/M1Wn/QJwwsN+JA== X-Google-Smtp-Source: AMrXdXuSW1/3B2FF32Z+SDnMOS3ZH7UUnyhC9T3Hm4i/Pcki1sMFzn9oqHPTA56gsX45+48sstycBezE8mJwl0r8/A== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:3985:0:b0:3ef:cbd2:224d with SMTP id g127-20020a813985000000b003efcbd2224dmr2465407ywa.459.1674260259812; Fri, 20 Jan 2023 16:17:39 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:31 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-21-ackerleytng@google.com> Subject: [RFC PATCH v3 20/31] KVM: selftests: TDX: Add TDX CPUID TDVMCALL test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sagi Shahar This test issues a CPUID TDVMCALL from inside the guest to get the CPUID values as seen by KVM. Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 4 + .../selftests/kvm/lib/x86_64/tdx/tdx.c | 26 +++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 94 +++++++++++++++++++ 3 files changed, 124 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index f2a90ad8a55c6..e746372206a25 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -7,6 +7,7 @@ #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 =20 +#define TDG_VP_VMCALL_INSTRUCTION_CPUID 10 #define TDG_VP_VMCALL_INSTRUCTION_HLT 12 #define TDG_VP_VMCALL_INSTRUCTION_IO 30 #define TDG_VP_VMCALL_INSTRUCTION_RDMSR 31 @@ -26,5 +27,8 @@ uint64_t tdg_vp_vmcall_ve_request_mmio_read(uint64_t addr= ess, uint64_t size, uint64_t *data_out); uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si= ze, uint64_t data_in); +uint64_t tdg_vp_vmcall_instruction_cpuid(uint32_t eax, uint32_t ecx, + uint32_t *ret_eax, uint32_t *ret_ebx, + uint32_t *ret_ecx, uint32_t *ret_edx); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index 8b12ac7049572..d9d60dd58dfdd 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -136,3 +136,29 @@ uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t = address, uint64_t size, =20 return __tdx_hypercall(&args, 0); } + +uint64_t tdg_vp_vmcall_instruction_cpuid(uint32_t eax, uint32_t ecx, + uint32_t *ret_eax, uint32_t *ret_ebx, + uint32_t *ret_ecx, uint32_t *ret_edx) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_CPUID, + .r12 =3D eax, + .r13 =3D ecx, + }; + + + ret =3D __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT); + + if (ret_eax) + *ret_eax =3D args.r12; + if (ret_ebx) + *ret_ebx =3D args.r13; + if (ret_ecx) + *ret_ecx =3D args.r14; + if (ret_edx) + *ret_edx =3D args.r15; + + return ret; +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index dcc0940a74e92..b9d96b5f6521f 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -976,6 +976,99 @@ void verify_mmio_writes(void) printf("\t ... PASSED\n"); } =20 +/* + * Verifies CPUID TDVMCALL functionality. + * The guest will then send the values to userspace using an IO write to be + * checked against the expected values. + */ +void guest_code_cpuid_tdcall(void) +{ + uint64_t err; + uint32_t eax, ebx, ecx, edx; + + // Read CPUID leaf 0x1 from host. + err =3D tdg_vp_vmcall_instruction_cpuid(/*eax=3D*/1, /*ecx=3D*/0, + &eax, &ebx, &ecx, &edx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_to_user_space(eax); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_to_user_space(ebx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_to_user_space(ecx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_to_user_space(edx); + if (err) + tdx_test_fatal(err); + + tdx_test_success(); +} + +void verify_td_cpuid_tdcall(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + uint32_t eax, ebx, ecx, edx; + const struct kvm_cpuid_entry2 *cpuid_entry; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_code_cpuid_tdcall); + td_finalize(vm); + + printf("Verifying TD CPUID TDVMCALL:\n"); + + /* Wait for guest to report CPUID values */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + eax =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ebx =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ecx =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + edx =3D *(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + /* Get KVM CPUIDs for reference */ + cpuid_entry =3D kvm_get_supported_cpuid_entry(1); + TEST_ASSERT(cpuid_entry, "CPUID entry missing\n"); + + ASSERT_EQ(cpuid_entry->eax, eax); + // Mask lapic ID when comparing ebx. + ASSERT_EQ(cpuid_entry->ebx & ~0xFF000000, ebx & ~0xFF000000); + ASSERT_EQ(cpuid_entry->ecx, ecx); + ASSERT_EQ(cpuid_entry->edx, edx); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -997,6 +1090,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_guest_hlt); run_in_new_process(&verify_mmio_reads); run_in_new_process(&verify_mmio_writes); + run_in_new_process(&verify_td_cpuid_tdcall); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 840A2C27C76 for ; Sat, 21 Jan 2023 00:19:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230163AbjAUATJ (ORCPT ); Fri, 20 Jan 2023 19:19:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53050 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229902AbjAUASw (ORCPT ); Fri, 20 Jan 2023 19:18:52 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C45E6C63BE for ; Fri, 20 Jan 2023 16:18:22 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id h136-20020a25d08e000000b007e1b1a30d5dso7413520ybg.15 for ; Fri, 20 Jan 2023 16:18:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=aU8EEj4+t8QDE1+v+1nJSnMuiEYEWTVzh5HjN1v63xM=; b=CZyMH/wtFabSHYajD2rl/1mxAK8ImYuJhOe0qrxfZn1jd7qkK4ctPvfNnbYe4HpBgq +OR/+07KpRsHSpG+fM9YZr+zU8l76nuHBDYazfdCTQEfar0tsn3xWDHDds/NzG1ApMv8 VrQJ4D6HkoKG0bhi65WUS1xwmhqBbfCDLqWCQ3nM4QYElN20xvR+TIfA1tq3arTQEp0y pT27fs8Jn0SRvuAzmqtwTr2dQUbZXfNwctiUkumuD6AG94N6hbKrp+BqFJ35N67zn5L9 GEyF+ZK/QLVRN2IKVFSF2UC0fFvR+EhiH0lhTmf9VTk0LSkgWcCnE1144RjRk/eFJ15v RNMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aU8EEj4+t8QDE1+v+1nJSnMuiEYEWTVzh5HjN1v63xM=; b=FetTaoOM7ujUrOefOBqDodv5mXALO26Kt5QaRD49ANM/9RFT0p+1Suf7UFCtz38S7O mK6VvNMth/mIEJMsWD14uWopk43V+0ayvzFvOep+Ih8KgD0pZHh//C489Av/nYhpiNol UR8lau6vMdfUNJFvbklVXmIu749/xkS8f4v1gPIdBc+sT87xFX6xRAYGVw8Gky2jHO8c cXkO71nOKVxXt3d4dAHTk2JTfeC8T+so970WFE7SK6hin/tZKO8cSNW/08plG6LBGMbV 2vWKOikck6OjMXX1CCMpi5pST4MMGvQyP1bzs2WtmtMS0eKez9czzw8Oqn4/kuHiTNwW +60g== X-Gm-Message-State: AFqh2kpCxjYtx/UMVcG0kK7OoDc2dGnIfl4875m2rOyHR8SojQIKmjbp unQNCmtxTyvqp6meMUc1MvKc96YDbzeG839J2w== X-Google-Smtp-Source: AMrXdXtk2MSUQiuREtPrJbrkhCVDp53FqaOrQSLGcdLMLfPTeNPOYbS2c9PIzGKPwqn+QnqV+sL1ueCWG+nHRZkyrg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:2c9:0:b0:803:bfff:635f with SMTP id 192-20020a2502c9000000b00803bfff635fmr246350ybc.90.1674260264239; Fri, 20 Jan 2023 16:17:44 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:32 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-22-ackerleytng@google.com> Subject: [RFC PATCH v3 21/31] KVM: selftests: TDX: Verify the behavior when host consumes a TD private memory From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ryan Afranji The test checks that host can only read fixed values when trying to access the guest's private memory. Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/x86_64/tdx_vm_tests.c | 85 +++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index b9d96b5f6521f..4c338206dbaf2 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -1069,6 +1069,90 @@ void verify_td_cpuid_tdcall(void) printf("\t ... PASSED\n"); } =20 +/* + * Shared variables between guest and host for host reading private mem te= st + */ +static uint64_t tdx_test_host_read_private_mem_addr; +#define TDX_HOST_READ_PRIVATE_MEM_PORT_TEST 0x53 + +void guest_host_read_priv_mem(void) +{ + uint64_t ret; + uint64_t placeholder =3D 0; + + /* Set value */ + *((uint32_t *) tdx_test_host_read_private_mem_addr) =3D 0xABCD; + + /* Exit so host can read value */ + ret =3D tdg_vp_vmcall_instruction_io( + TDX_HOST_READ_PRIVATE_MEM_PORT_TEST, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, &placeholder); + if (ret) + tdx_test_fatal(ret); + + /* Update guest_var's value and have host reread it. */ + *((uint32_t *) tdx_test_host_read_private_mem_addr) =3D 0xFEDC; + + tdx_test_success(); +} + +void verify_host_reading_private_mem(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm_vaddr_t test_page; + uint64_t *host_virt; + uint64_t first_host_read; + uint64_t second_host_read; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_host_read_priv_mem); + + test_page =3D vm_vaddr_alloc_page(vm); + TEST_ASSERT(test_page < BIT_ULL(32), + "Test address should fit in 32 bits so it can be sent to the guest"); + + host_virt =3D addr_gva2hva(vm, test_page); + TEST_ASSERT(host_virt !=3D NULL, + "Guest address not found in guest memory regions\n"); + + tdx_test_host_read_private_mem_addr =3D test_page; + sync_global_to_guest(vm, tdx_test_host_read_private_mem_addr); + + td_finalize(vm); + + printf("Verifying host's behavior when reading TD private memory:\n"); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_HOST_READ_PRIVATE_MEM_PORT_TEST, + 4, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + printf("\t ... Guest's variable contains 0xABCD\n"); + + /* Host reads guest's variable. */ + first_host_read =3D *host_virt; + printf("\t ... Host's read attempt value: %lu\n", first_host_read); + + /* Guest updates variable and host rereads it. */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + printf("\t ... Guest's variable updated to 0xFEDC\n"); + + second_host_read =3D *host_virt; + printf("\t ... Host's second read attempt value: %lu\n", + second_host_read); + + TEST_ASSERT(first_host_read =3D=3D second_host_read, + "Host did not read a fixed pattern\n"); + + printf("\t ... Fixed pattern was returned to the host\n"); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -1091,6 +1175,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_mmio_reads); run_in_new_process(&verify_mmio_writes); run_in_new_process(&verify_td_cpuid_tdcall); + run_in_new_process(&verify_host_reading_private_mem); =20 return 0; } --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96538C38159 for ; Sat, 21 Jan 2023 00:19:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230160AbjAUATM (ORCPT ); Fri, 20 Jan 2023 19:19:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230218AbjAUAS5 (ORCPT ); Fri, 20 Jan 2023 19:18:57 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C7607976A for ; Fri, 20 Jan 2023 16:18:27 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id jp14-20020a17090ae44e00b0022a03158ec6so1879451pjb.9 for ; Fri, 20 Jan 2023 16:18:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=WKecfS8+aCqniCqQsmGPHH5353ve1A7On6Nm/ZOADmI=; b=YxTtusFyOuKDAaFVVkuYaK6JCrdmVg2hd8rfn7R3kpLiH7ws96PmQ8/ws5s11KIcIX zLEnTLc6KDmWTlMSrg9afGkAagNc87TrQtWMR6LCIK3Q6Wm/Olu9NvN5K9VO7izwCZTy ptHOWki55WOJBpgnNEP0HlvY0cft/52KiPRxdrqwNHiMsrdTOzxfz8mQPfRSZ+U453ki j0Ph42TE4os2wpwppD2t0oMaSH5fH0HrE0LRcvZpmmjWe1XWBGfgEJkp0qxqPA1yHBQQ 7gvefe7PCbubTZxyKDDvOfrXp6h79ox0prYOmYxB5mdXGflEg22Tva9g3TWJvd5C7aC+ 7r5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=WKecfS8+aCqniCqQsmGPHH5353ve1A7On6Nm/ZOADmI=; b=oNYcKOzgABg80D7NqbbWnXL7oZkUTYQTcq8zK3CpIPSQQBH2kKfu5zrijFX06MUkZc Rwy/RvubXDXsxf05WMznVO9ek5fecEpjQjzz8ZdDjyXspY7fgeIwXnsG43wFRm42cu7G CR5iev6YWoR22HBa5SqEE1klBpWJWay6HaJvVMrD7+uaDyjAAb4nB9pVN1abAnBHLW1Y GKyxKDAEmITGHqkpcHiHLtKehEpqU3Aa1X3izL6z7DVPdEdZUpjAMMwkOCwdKqL7wnDD +ggTnrk0GpG7qh1uIGKEDWtTEA8b2ThoII92KjS/F0BCsZO6/h21GSxP8nHcaijf2opD 5+Og== X-Gm-Message-State: AFqh2kr5OtOZo2r58YOwSH1ydJ3OnIfPfqhzkIKN/3C87rDd06sOPLcW Y8oXvRPtL1YQVslDts6LSGSRdMmkkU16QPqNdg== X-Google-Smtp-Source: AMrXdXsL0BwUIitPOylfaYyud/HjRDUIjwS3hLjmd5OU0WR5b+zjn1m5iCaFoRoJ5nUO9HS0emXgUGIxakBYwGD6WQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a62:864b:0:b0:58d:be66:c31f with SMTP id x72-20020a62864b000000b0058dbe66c31fmr1941671pfd.73.1674260268576; Fri, 20 Jan 2023 16:17:48 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:33 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-23-ackerleytng@google.com> Subject: [RFC PATCH v3 22/31] KVM: selftests: TDX: Add TDG.VP.INFO test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Roger Wang Adds a test for TDG.VP.INFO Signed-off-by: Roger Wang Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- Changes RFCv2 -> RFCv3 + Use KVM_CAP_MAX_VCPUS to set max_vcpus, check that it was passed to the TDX module by reading it back --- .../selftests/kvm/include/x86_64/tdx/tdcall.h | 19 +++ .../selftests/kvm/include/x86_64/tdx/tdx.h | 6 + .../selftests/kvm/lib/x86_64/tdx/tdcall.S | 68 ++++++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 27 ++++ .../selftests/kvm/x86_64/tdx_vm_tests.c | 148 ++++++++++++++++++ 5 files changed, 268 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h b/tool= s/testing/selftests/kvm/include/x86_64/tdx/tdcall.h index 95fcdbd8404e9..a65ce8f3c109b 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdcall.h @@ -37,4 +37,23 @@ struct tdx_hypercall_args { /* Used to request services from the VMM */ u64 __tdx_hypercall(struct tdx_hypercall_args *args, unsigned long flags); +/* + * Used to gather the output registers values of the TDCALL and SEAMCALL + * instructions when requesting services from the TDX module. + * + * This is a software only structure and not part of the TDX module/VMM AB= I. + */ +struct tdx_module_output { + u64 rcx; + u64 rdx; + u64 r8; + u64 r9; + u64 r10; + u64 r11; +}; + +/* Used to communicate with the TDX module */ +u64 __tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, + struct tdx_module_output *out); + #endif // SELFTESTS_TDX_TDCALL_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index e746372206a25..ffab2c3ca312b 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -4,6 +4,8 @@ #include +#define TDG_VP_INFO 1 + #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 @@ -31,4 +33,8 @@ uint64_t tdg_vp_vmcall_instruction_cpuid(uint32_t eax, ui= nt32_t ecx, uint32_t *ret_eax, uint32_t *ret_ebx, uint32_t *ret_ecx, uint32_t *ret_edx); +uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, + uint64_t *r8, uint64_t *r9, + uint64_t *r10, uint64_t *r11); + #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S b/tools/te= sting/selftests/kvm/lib/x86_64/tdx/tdcall.S index df9c1ed4bb2d1..601d715314434 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdcall.S @@ -86,5 +86,73 @@ __tdx_hypercall: pop %rbp ret +#define TDX_MODULE_rcx 0 /* offsetof(struct tdx_module_output, rcx) */ +#define TDX_MODULE_rdx 8 /* offsetof(struct tdx_module_output, rdx) */ +#define TDX_MODULE_r8 16 /* offsetof(struct tdx_module_output, r8) */ +#define TDX_MODULE_r9 24 /* offsetof(struct tdx_module_output, r9) */ +#define TDX_MODULE_r10 32 /* offsetof(struct tdx_module_output, r10) */ +#define TDX_MODULE_r11 40 /* offsetof(struct tdx_module_output, r11) */ + +.globl __tdx_module_call +.type __tdx_module_call, @function +__tdx_module_call: + /* Set up stack frame */ + push %rbp + movq %rsp, %rbp + + /* Callee-saved, so preserve it */ + push %r12 + + /* + * Push output pointer to stack. + * After the operation, it will be fetched into R12 register. + */ + push %r9 + + /* Mangle function call ABI into TDCALL/SEAMCALL ABI: */ + /* Move Leaf ID to RAX */ + mov %rdi, %rax + /* Move input 4 to R9 */ + mov %r8, %r9 + /* Move input 3 to R8 */ + mov %rcx, %r8 + /* Move input 1 to RCX */ + mov %rsi, %rcx + /* Leave input param 2 in RDX */ + + tdcall + + /* + * Fetch output pointer from stack to R12 (It is used + * as temporary storage) + */ + pop %r12 + + /* + * Since this macro can be invoked with NULL as an output pointer, + * check if caller provided an output struct before storing output + * registers. + * + * Update output registers, even if the call failed (RAX !=3D 0). + * Other registers may contain details of the failure. + */ + test %r12, %r12 + jz .Lno_output_struct + + /* Copy result registers to output struct: */ + movq %rcx, TDX_MODULE_rcx(%r12) + movq %rdx, TDX_MODULE_rdx(%r12) + movq %r8, TDX_MODULE_r8(%r12) + movq %r9, TDX_MODULE_r9(%r12) + movq %r10, TDX_MODULE_r10(%r12) + movq %r11, TDX_MODULE_r11(%r12) + +.Lno_output_struct: + /* Restore the state of R12 register */ + pop %r12 + + pop %rbp + ret + /* Disable executable stack */ .section .note.GNU-stack,"",%progbits diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index d9d60dd58dfdd..a280136634d3b 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -162,3 +162,30 @@ uint64_t tdg_vp_vmcall_instruction_cpuid(uint32_t eax,= uint32_t ecx, return ret; } + +uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, + uint64_t *r8, uint64_t *r9, + uint64_t *r10, uint64_t *r11) +{ + uint64_t ret; + struct tdx_module_output out; + + memset(&out, 0, sizeof(struct tdx_module_output)); + + ret =3D __tdx_module_call(TDG_VP_INFO, 0, 0, 0, 0, &out); + + if (rcx) + *rcx =3D out.rcx; + if (rdx) + *rdx =3D out.rdx; + if (r8) + *r8 =3D out.r8; + if (r9) + *r9 =3D out.r9; + if (r10) + *r10 =3D out.r10; + if (r11) + *r11 =3D out.r11; + + return ret; +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/test= ing/selftests/kvm/x86_64/tdx_vm_tests.c index 4c338206dbaf2..e2dba3b5ee63e 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -1153,6 +1153,153 @@ void verify_host_reading_private_mem(void) printf("\t ... PASSED\n"); } +/* + * Do a TDG.VP.INFO call from the guest + */ +void guest_tdcall_vp_info(void) +{ + uint64_t err; + uint64_t rcx, rdx, r8, r9, r10, r11; + + err =3D tdg_vp_info(&rcx, &rdx, &r8, &r9, &r10, &r11); + if (err) + tdx_test_fatal(err); + + /* return values to user space host */ + err =3D tdx_test_report_64bit_to_user_space(rcx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(rdx); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r8); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r9); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r10); + if (err) + tdx_test_fatal(err); + + err =3D tdx_test_report_64bit_to_user_space(r11); + if (err) + tdx_test_fatal(err); + + tdx_test_success(); +} + +/* + * TDG.VP.INFO call from the guest. Verify the right values are returned + */ +void verify_tdcall_vp_info(void) +{ + const int num_vcpus =3D 2; + struct kvm_vcpu *vcpus[num_vcpus]; + struct kvm_vm *vm; + + uint64_t rcx, rdx, r8, r9, r10, r11; + uint32_t ret_num_vcpus, ret_max_vcpus; + uint64_t attributes; + uint32_t i; + const struct kvm_cpuid_entry2 *cpuid_entry; + int max_pa =3D -1; + int ret; + + vm =3D td_create(); + + /* Set value for kvm->max_vcpus to be checked later */ +#define TEST_VP_INFO_MAX_VCPUS 75 + ret =3D kvm_check_cap(KVM_CAP_MAX_VCPUS); + TEST_ASSERT(ret, "TDX: KVM_CAP_MAX_VCPUS is not supported!"); + vm_enable_cap(vm, KVM_CAP_MAX_VCPUS, TEST_VP_INFO_MAX_VCPUS); + +#define TDX_TDPARAM_ATTR_SEPT_VE_DISABLE_BIT (1UL << 28) +#define TDX_TDPARAM_ATTR_PKS_BIT (1UL << 30) + /* Setting attributes parameter used by TDH.MNG.INIT to 0x50000000 */ + attributes =3D TDX_TDPARAM_ATTR_SEPT_VE_DISABLE_BIT | + TDX_TDPARAM_ATTR_PKS_BIT; + + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, attributes); + + for (i =3D 0; i < num_vcpus; i++) + vcpus[i] =3D td_vcpu_add(vm, i, guest_tdcall_vp_info); + + td_finalize(vm); + + printf("Verifying TDG.VP.INFO call:\n"); + + /* Get KVM CPUIDs for reference */ + cpuid_entry =3D kvm_get_supported_cpuid_entry(0x80000008); + TEST_ASSERT(cpuid_entry, "CPUID entry missing\n"); + max_pa =3D cpuid_entry->eax & 0xff; + + for (i =3D 0; i < num_vcpus; i++) { + struct kvm_vcpu *vcpu =3D vcpus[i]; + + /* Wait for guest to report rcx value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + rcx =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report rdx value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + rdx =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r8 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r8 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r9 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r9 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r10 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r10 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + /* Wait for guest to report r11 value */ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + r11 =3D tdx_test_read_64bit_report_from_guest(vcpu); + + ret_num_vcpus =3D r8 & 0xFFFFFFFF; + ret_max_vcpus =3D (r8 >> 32) & 0xFFFFFFFF; + + /* first bits 5:0 of rcx represent the GPAW */ + ASSERT_EQ(rcx & 0x3F, max_pa); + /* next 63:6 bits of rcx is reserved and must be 0 */ + ASSERT_EQ(rcx >> 6, 0); + ASSERT_EQ(rdx, attributes); + ASSERT_EQ(ret_num_vcpus, num_vcpus); + ASSERT_EQ(ret_max_vcpus, TEST_VP_INFO_MAX_VCPUS); + /* VCPU_INDEX =3D i */ + ASSERT_EQ(r9, i); + /* verify reserved registers are 0 */ + ASSERT_EQ(r10, 0); + ASSERT_EQ(r11, 0); + + /* Wait for guest to complete execution */ + vcpu_run(vcpu); + + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + printf("\t ... Guest completed run on VCPU=3D%u\n", i); + } + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -1176,6 +1323,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_mmio_writes); run_in_new_process(&verify_td_cpuid_tdcall); run_in_new_process(&verify_host_reading_private_mem); + run_in_new_process(&verify_tdcall_vp_info); return 0; } -- 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7E7E5C05027 for ; Sat, 21 Jan 2023 00:19:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230130AbjAUATW (ORCPT ); Fri, 20 Jan 2023 19:19:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55656 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229761AbjAUATP (ORCPT ); Fri, 20 Jan 2023 19:19:15 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 99F7873AF5 for ; Fri, 20 Jan 2023 16:18:40 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id i10-20020a25f20a000000b006ea4f43c0ddso7518162ybe.21 for ; Fri, 20 Jan 2023 16:18:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=4QuTb5nJFi65iX4g5W97FE6Ea1XkyHs5XNPvTOgo3Cc=; b=UoN7oYNcB9ZUXUj3VLUqEeWAjd8WXjLLKIujASWCpcXv/6MPWiGRy5E/XLLQHp5T7B ZIPa1MBys1QdPhnVC4ggNbBbjf4vb6C+We5ac3X0eP1xz0g2+qhzRQPJELPYbgEDixMz 0huqMRfYOYunOazIE6WAabUyUmZkKLUFO6zid/0U0mJPhgiSdEQq4EyHUbju1rDArI+H p5ymSLoP/1Cwb9fLopazeO5V6ekY6zQChnXld2Wv0n9dB/FhUHUAERBCanS2glAs37wO bY5G5xC0mDc1fcHbDMKNz1PGfVIE0EAlUm+Ch8vTOHLsdzhVOKDtxmT5ia6MwvbBQG9R OV8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=4QuTb5nJFi65iX4g5W97FE6Ea1XkyHs5XNPvTOgo3Cc=; b=5LztrFWkqTxYxIL1NM5IQQT/wy94QmGZXI889p0+58s4EB9zJ/ACP/swN4pqoya+6i gNZelg0z+kXFik9YnLsTb5ptajVBjcyBnhkQRUWdPH329ojSEsl4aYuMzyNnueGVILtl 3XBo+wBSX8KDLc12kZDwEyFVe2JaXznDzfXZXwhuFxD7Tw+haxzVWxyT0oO9m6YzT8aj ulgFrZZgp5Pf4iyyohph6lj9TUsHqWUXLXhX8Pmh7jzIDXcrJMmvvKvwMQKyfTPOSMKu ZcktstlWVNQyHxQBnTaxV/jUOPkvysY2uPN9bXMY61w9ed6ZFyF2YbCmhT/U+6nsoyZE cJyw== X-Gm-Message-State: AFqh2kq6aQz3alpc6gat5kPf1DfLulWzjANQ10IzeFtvmTB8LbgGUHmZ MM5NzMd9OyASFOJnCZtO0ZMVsVdOQqsnkmBb1Q== X-Google-Smtp-Source: AMrXdXu0Z7p75YPFEyvZbtns+Bd9M7tYH4RDhZvbQxl9sIu16jxUrfhxXrbM/MdWbzpsvJ8jl1ncX/5TgmKDpJ7mwQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:f446:0:b0:4fb:4e3e:e01a with SMTP id d67-20020a0df446000000b004fb4e3ee01amr832327ywf.55.1674260272954; Fri, 20 Jan 2023 16:17:52 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:34 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-24-ackerleytng@google.com> Subject: [RFC PATCH v3 23/31] KVM: selftests: Add functions to allow mapping as shared From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/kvm_util_base.h | 24 ++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 32 +++++++++++++++++++ .../selftests/kvm/lib/x86_64/processor.c | 15 +++++++-- 3 files changed, 69 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index cdc204cfeb4c2..30453e2de8396 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -412,6 +412,8 @@ vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); =20 void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, unsigned int npages); +void virt_map_shared(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, + unsigned int npages); void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa); void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); @@ -843,6 +845,28 @@ static inline void virt_pg_map(struct kvm_vm *vm, uint= 64_t vaddr, uint64_t paddr virt_arch_pg_map(vm, vaddr, paddr); } =20 +/* + * VM Virtual Page Map as Shared + * + * Input Args: + * vm - Virtual Machine + * vaddr - VM Virtual Address + * paddr - VM Physical Address + * memslot - Memory region slot for new virtual translation tables + * + * Output Args: None + * + * Return: None + * + * Within @vm, creates a virtual translation for the page starting + * at @vaddr to the page starting at @paddr. + */ +void virt_arch_pg_map_shared(struct kvm_vm *vm, uint64_t vaddr, uint64_t p= addr); + +static inline void virt_pg_map_shared(struct kvm_vm *vm, uint64_t vaddr, u= int64_t paddr) +{ + virt_arch_pg_map_shared(vm, vaddr, paddr); +} =20 /* * Address Guest Virtual to Guest Physical diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index 14246f0fd2e78..6673be2f49c31 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1384,6 +1384,38 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uin= t64_t paddr, } } =20 +/* + * Map a range of VM virtual address to the VM's physical address as shared + * + * Input Args: + * vm - Virtual Machine + * vaddr - Virtuall address to map + * paddr - VM Physical Address + * npages - The number of pages to map + * + * Output Args: None + * + * Return: None + * + * Within the VM given by @vm, creates a virtual translation for + * @npages starting at @vaddr to the page range starting at @paddr. + */ +void virt_map_shared(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, + unsigned int npages) +{ + size_t page_size =3D vm->page_size; + size_t size =3D npages * page_size; + + TEST_ASSERT(vaddr + size > vaddr, "Vaddr overflow"); + TEST_ASSERT(paddr + size > paddr, "Paddr overflow"); + + while (npages--) { + virt_pg_map_shared(vm, vaddr, paddr); + vaddr +=3D page_size; + paddr +=3D page_size; + } +} + /* * Address VM Physical to Host Virtual * diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/tes= ting/selftests/kvm/lib/x86_64/processor.c index 1ea1019d48c13..b4c18f7335dab 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -176,7 +176,8 @@ static uint64_t *virt_create_upper_pte(struct kvm_vm *v= m, return pte; } =20 -void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int = level) +static void ___virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t pad= dr, + int level, bool protected) { const uint64_t pg_size =3D PG_LEVEL_SIZE(level); uint64_t *pml4e, *pdpe, *pde; @@ -223,17 +224,27 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr,= uint64_t paddr, int level) "PTE already present for 4k page at vaddr: 0x%lx\n", vaddr); *pte =3D PTE_PRESENT_MASK | PTE_WRITABLE_MASK | (paddr & PHYSICAL_PAGE_MA= SK); =20 - if (vm_is_gpa_protected(vm, paddr)) + if (protected) *pte |=3D vm->arch.c_bit; else *pte |=3D vm->arch.s_bit; } =20 +void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int = level) +{ + ___virt_pg_map(vm, vaddr, paddr, level, vm_is_gpa_protected(vm, paddr)); +} + void virt_arch_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr) { __virt_pg_map(vm, vaddr, paddr, PG_LEVEL_4K); } =20 +void virt_arch_pg_map_shared(struct kvm_vm *vm, uint64_t vaddr, uint64_t p= addr) +{ + ___virt_pg_map(vm, vaddr, paddr, PG_LEVEL_4K, false); +} + void virt_map_level(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, uint64_t nr_bytes, int level) { --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF2FCC25B50 for ; Sat, 21 Jan 2023 00:19:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229675AbjAUATi (ORCPT ); Fri, 20 Jan 2023 19:19:38 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229553AbjAUATg (ORCPT ); Fri, 20 Jan 2023 19:19:36 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C574D90B1A for ; Fri, 20 Jan 2023 16:18:57 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-4ff7c6679f2so31664347b3.12 for ; Fri, 20 Jan 2023 16:18:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=qgs5pu4Pv7Wf9vNe8L7K5ZmvD76+tBP6dpa2LmoyCUU=; b=T4NQVLwp+ULAZcEcdAw57oxiGpFr/RONT531Im2TPN67OLpKTwUfxzgpkZZ8uunSMX dkyNSWQ/L7Tu+So5I7wbrkFzVfaW9IuwmY+yYJ7qhgKkvByN0obxXFtnIHEgPL0i2eq3 pxeBePkZ1l8I89pHNrMgnwBHqoIu/vblkDyBozkoTYEdRBBG/TCOQrvVBmYdEE8Tf9wv uYdu7UgfIp9qYPbySTgxB+/J1i2FKhYpbntfaEeg2V4tvmFHzv8sOdlAXRM6V2NcGvmv bt2gylOZJ/pfE1OfUAoscnV4B9H2qlJSiU1SlaRdBqlstu/GEr5FfLq7FB0Y9qcmlHMg e/wQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=qgs5pu4Pv7Wf9vNe8L7K5ZmvD76+tBP6dpa2LmoyCUU=; b=rGR50pb42abHdjBnWk4enPQK8P1N5Ly+RhzwCDj9yhREfUUViFdscOdstD2nimM6Z1 J5Py5CY4avT9DTRClgL9dbTy+XgI+pBwgLUNJh3DXwFXVr9DX96zEa8WXhBAgE1pYbEM IOFo7YEfPB5BUG4RoOwDLTXZC7Mj8ndVbboz1iaS/bbhCC9ldRehCW46XrbUVFo11ENo SG0n7BgaHb4h1G9hc1Dz+qkFtCaVBjbtKYLa2N3QXhz/UfVLSuiK4xIn0S0BIEC06oOg +wFXIKlPM92TtGJCo/PMdyEmK5bQqHTG+ESryuA6eMpFCAEuHBr1cKGYwl6pTVFiPoI0 SnSw== X-Gm-Message-State: AFqh2krAftLVSwlV1vKx4dEukHHLXbbHAYp8RLUnGmK622ZgL07cbzTs 41+334r73iKkyWKpRXJkVI5QiI241iMNqosmlw== X-Google-Smtp-Source: AMrXdXtBuwm+DqlckwCu71vZzLrG1Vgb32MTZndSh1dDwCy2nUyHqG8XU7x+YA1HKtT/8c5uvm3Q7OnQwe0YOQpoyw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:e786:0:b0:500:b5eb:cdd with SMTP id q128-20020a0de786000000b00500b5eb0cddmr446822ywe.95.1674260277278; Fri, 20 Jan 2023 16:17:57 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:35 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-25-ackerleytng@google.com> Subject: [RFC PATCH v3 24/31] KVM: selftests: TDX: Add shared memory test From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ryan Afranji Adds a test that sets up shared memory between the host and guest. Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/x86_64/tdx/tdx.h | 2 + .../kvm/include/x86_64/tdx/tdx_util.h | 3 + .../selftests/kvm/lib/x86_64/tdx/tdx.c | 16 ++ .../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 30 ++++ .../kvm/x86_64/tdx_shared_mem_test.c | 137 ++++++++++++++++++ 7 files changed, 190 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/tdx_shared_mem_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftes= ts/kvm/.gitignore index 370d6430b32b4..e1663b0f809b4 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -66,6 +66,7 @@ /x86_64/vmx_pmu_caps_test /x86_64/triple_fault_event_test /x86_64/tdx_vm_tests +/x86_64/tdx_shared_mem_test /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests= /kvm/Makefile index 9f289322a4933..27e9148212fa5 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -152,6 +152,7 @@ TEST_GEN_PROGS_x86_64 +=3D steal_time TEST_GEN_PROGS_x86_64 +=3D kvm_binary_stats_test TEST_GEN_PROGS_x86_64 +=3D system_counter_offset_test TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_vm_tests +TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_shared_mem_test =20 # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 +=3D x86_64/nx_huge_pages_test diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index ffab2c3ca312b..857a297e51ac6 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -7,6 +7,7 @@ #define TDG_VP_INFO 1 =20 #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 +#define TDG_VP_VMCALL_MAP_GPA 0x10001 #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 =20 #define TDG_VP_VMCALL_INSTRUCTION_CPUID 10 @@ -36,5 +37,6 @@ uint64_t tdg_vp_vmcall_instruction_cpuid(uint32_t eax, ui= nt32_t ecx, uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, uint64_t *r8, uint64_t *r9, uint64_t *r10, uint64_t *r11); +uint64_t tdg_vp_vmcall_map_gpa(uint64_t address, uint64_t size, uint64_t *= data_out); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h b/to= ols/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h index 274b245f200bf..58374453b4b7e 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx_util.h @@ -13,4 +13,7 @@ void td_initialize(struct kvm_vm *vm, enum vm_mem_backing= _src_type src_type, uint64_t attributes); void td_finalize(struct kvm_vm *vm); =20 +void handle_memory_conversion(struct kvm_vm *vm, uint64_t gpa, uint64_t si= ze, + bool shared_to_private); + #endif // SELFTESTS_TDX_KVM_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index a280136634d3b..e0a39f29a0662 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -189,3 +189,19 @@ uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, =20 return ret; } + +uint64_t tdg_vp_vmcall_map_gpa(uint64_t address, uint64_t size, uint64_t *= data_out) +{ + uint64_t ret; + struct tdx_hypercall_args args =3D { + .r11 =3D TDG_VP_VMCALL_MAP_GPA, + .r12 =3D address, + .r13 =3D size + }; + + ret =3D __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT); + + if (data_out) + *data_out =3D args.r11; + return ret; +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/= testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c index 2e9679d24a843..4d6615b97770a 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c @@ -505,3 +505,33 @@ void td_finalize(struct kvm_vm *vm) =20 tdx_td_finalizemr(vm); } + +/** + * Handle conversion of memory with @size beginning @gpa for @vm. Set + * @shared_to_private to true for shared to private conversions and false + * otherwise. + * + * Since this is just for selftests, we will just keep both pieces of back= ing + * memory allocated and not deallocate/allocate memory; we'll just do the + * minimum of calling KVM_MEMORY_ENCRYPT_REG_REGION and + * KVM_MEMORY_ENCRYPT_UNREG_REGION. + */ +void handle_memory_conversion(struct kvm_vm *vm, uint64_t gpa, uint64_t si= ze, + bool shared_to_private) +{ + struct kvm_enc_region range; + char *ioctl_string =3D shared_to_private + ? "KVM_MEMORY_ENCRYPT_REG_REGION" + : "KVM_MEMORY_ENCRYPT_UNREG_REGION"; + + range.addr =3D gpa; + range.size =3D size; + + printf("\t ... calling %s ioctl with gpa=3D%#lx, size=3D%#lx\n", + ioctl_string, gpa, size); + + if (shared_to_private) + vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, &range); + else + vm_ioctl(vm, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range); +} diff --git a/tools/testing/selftests/kvm/x86_64/tdx_shared_mem_test.c b/too= ls/testing/selftests/kvm/x86_64/tdx_shared_mem_test.c new file mode 100644 index 0000000000000..eb4cf64ae83a8 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/tdx_shared_mem_test.c @@ -0,0 +1,137 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include +#include + +#include "kvm_util_base.h" +#include "processor.h" +#include "tdx/tdcall.h" +#include "tdx/tdx.h" +#include "tdx/tdx_util.h" +#include "tdx/test_util.h" +#include "test_util.h" + +#define TDX_SHARED_MEM_TEST_PRIVATE_GVA (0x80000000) +#define TDX_SHARED_MEM_TEST_VADDR_SHARED_MASK BIT_ULL(30) +#define TDX_SHARED_MEM_TEST_SHARED_GVA \ + (TDX_SHARED_MEM_TEST_PRIVATE_GVA | \ + TDX_SHARED_MEM_TEST_VADDR_SHARED_MASK) + +#define TDX_SHARED_MEM_TEST_GUEST_WRITE_VALUE (0xcafecafe) +#define TDX_SHARED_MEM_TEST_HOST_WRITE_VALUE (0xabcdabcd) + +#define TDX_SHARED_MEM_TEST_INFO_PORT 0x87 + +/* + * Shared variables between guest and host + */ +static uint64_t test_mem_private_gpa; +static uint64_t test_mem_shared_gpa; + +void guest_shared_mem(void) +{ + uint32_t *test_mem_shared_gva =3D + (uint32_t *)TDX_SHARED_MEM_TEST_SHARED_GVA; + + uint64_t placeholder; + uint64_t ret; + + /* Map gpa as shared */ + ret =3D tdg_vp_vmcall_map_gpa(test_mem_shared_gpa, PAGE_SIZE, + &placeholder); + if (ret) + tdx_test_fatal_with_data(ret, __LINE__); + + *test_mem_shared_gva =3D TDX_SHARED_MEM_TEST_GUEST_WRITE_VALUE; + + /* Exit so host can read shared value */ + ret =3D tdg_vp_vmcall_instruction_io(TDX_SHARED_MEM_TEST_INFO_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + &placeholder); + if (ret) + tdx_test_fatal_with_data(ret, __LINE__); + + /* Read value written by host and send it back out for verification */ + ret =3D tdg_vp_vmcall_instruction_io(TDX_SHARED_MEM_TEST_INFO_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, + (uint64_t *)test_mem_shared_gva); + if (ret) + tdx_test_fatal_with_data(ret, __LINE__); +} + +int verify_shared_mem(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm_vaddr_t test_mem_private_gva; + uint32_t *test_mem_hva; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_shared_mem); + + /* + * Set up shared memory page for testing by first allocating as private + * and then mapping the same GPA again as shared. This way, the TD does + * not have to remap its page tables at runtime. + */ + test_mem_private_gva =3D vm_vaddr_alloc(vm, vm->page_size, + TDX_SHARED_MEM_TEST_PRIVATE_GVA); + ASSERT_EQ(test_mem_private_gva, TDX_SHARED_MEM_TEST_PRIVATE_GVA); + + test_mem_hva =3D addr_gva2hva(vm, test_mem_private_gva); + TEST_ASSERT(test_mem_hva !=3D NULL, + "Guest address not found in guest memory regions\n"); + + test_mem_private_gpa =3D addr_gva2gpa(vm, test_mem_private_gva); + virt_pg_map_shared(vm, TDX_SHARED_MEM_TEST_SHARED_GVA, + test_mem_private_gpa); + + test_mem_shared_gpa =3D test_mem_private_gpa | BIT_ULL(vm->pa_bits - 1); + sync_global_to_guest(vm, test_mem_private_gpa); + sync_global_to_guest(vm, test_mem_shared_gpa); + + td_finalize(vm); + + printf("Verifying shared memory accesses for TDX\n"); + + /* Begin guest execution; guest writes to shared memory. */ + printf("\t ... Starting guest execution\n"); + + /* Handle map gpa as shared */ + /* TODO: MapGPA should exit to the host VMM, but now it doesn't */ + // vcpu_run(vcpu); + // ASSERT_EQ(vcpu->run->exit_reason, KVM_EXIT_MEMORY_FAULT); + // handle_memory_conversion(vm, vcpu->run->memory.gpa, vcpu->run->memory.= size, + // vcpu->run->memory.flags =3D=3D KVM_MEMORY_EXI= T_FLAG_PRIVATE); + + vcpu_run(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_SHARED_MEM_TEST_INFO_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ASSERT_EQ(*test_mem_hva, TDX_SHARED_MEM_TEST_GUEST_WRITE_VALUE); + + *test_mem_hva =3D TDX_SHARED_MEM_TEST_HOST_WRITE_VALUE; + vcpu_run(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_SHARED_MEM_TEST_INFO_PORT, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ASSERT_EQ(*(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset), + TDX_SHARED_MEM_TEST_HOST_WRITE_VALUE); + + printf("\t ... PASSED\n"); + + kvm_vm_free(vm); + + return 0; +} + +int main(int argc, char **argv) +{ + if (!is_tdx_enabled()) { + printf("TDX is not supported by the KVM\n" + "Skipping the TDX tests.\n"); + return 0; + } + + return verify_shared_mem(); +} --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 819B7C27C76 for ; Sat, 21 Jan 2023 00:19:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229972AbjAUATr (ORCPT ); Fri, 20 Jan 2023 19:19:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56482 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229558AbjAUATp (ORCPT ); Fri, 20 Jan 2023 19:19:45 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9690173ADE for ; Fri, 20 Jan 2023 16:19:07 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-4faa8f4bfb9so62583937b3.17 for ; Fri, 20 Jan 2023 16:19:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=g5VuYA7TfsmgF2IHsazybR3ND1uceEDVTzczLitCcAI=; b=AELPrk1zBkNIV9cP+6+WXe2bVRfYoHvxNjoMs7iwc+ivh9gsI07Q+Bc/tiz/KjOul6 fDPoOU+FuoKeDVcWBv8OSHis/6i5iGmPc7YfJqjbM2IuEsKAVmO2YCXUslLxkpb5dDdg AOCiOLWNIb0NxWYVQZn4WUQwpXoAiLzKvjEGNXInDpjjzWkSasuDKjTa822uYkaHxbBG V0omf+WQMWPjk66vRiouDdId4GvlaMLGQw2CEqaurBUIl1DYGcpF9TOjjRG+uKF7mKIO LAqJ5Ie9Dz0YYsaqeX0PLyjoow/xxe4R0LzNB4BEa3C8eAaFZDOGS0Ak6U29A4+ubDOV 8JOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=g5VuYA7TfsmgF2IHsazybR3ND1uceEDVTzczLitCcAI=; b=1tXFcyyF/ETqe6jnoDCfy1pnQ/PtAO7XBl4/GsN0gn6nnYjGPBIVkKTfk5cB+Va0/z WCbBA2BFgIsftnGfoC9nZ4X5sN0aaY7poQX/ouOj57wowwfcXcfl0l+BvZMbKmV1c5mD /KRTrSkLsR+TP4fyV2tAVd1NOq3uShaxeGC0RkDwGCszzETxx/xXUHnAKJ+MjnUs5dNB jUMokkSMvcxpXam8P2Y2q5K/jMtOdSBSViLURuIsNEzTuTnK03/X3YWejydq5LlBk9Lc MftCDi7A0b6S/dmLN5odRU1CJZlcqsuf9hnxgIX3udsDbNF2trLexaNsure2OoP6BOuj 7UvQ== X-Gm-Message-State: AFqh2kqkk4xF0hK8cckN+YXoVbuVdGn2pdHtxmVA9YPUCZ11xaAOzfQQ KrkrAiN+vhg7vO6KEdcBd/IkIFVbeCpCZ65Esg== X-Google-Smtp-Source: AMrXdXvuSjsl6TR8kJdBnnBblDEK81ds6Q5bjRNVFbE846CCJXHQ5fcuyFgRXnB7ys47BAOCndeG1//KafcQ1cJ9ZQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:1754:0:b0:4fd:ff18:de6c with SMTP id 81-20020a811754000000b004fdff18de6cmr436255ywx.227.1674260281776; Fri, 20 Jan 2023 16:18:01 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:36 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-26-ackerleytng@google.com> Subject: [RFC PATCH v3 25/31] KVM: selftests: Add support for restricted memory From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With this, vm_userspace_mem_region_add() can use restricted memory to back guest memory. Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/kvm_util_base.h | 7 ++- .../testing/selftests/kvm/include/test_util.h | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 48 ++++++++++++++++--- tools/testing/selftests/kvm/lib/test_util.c | 7 +++ 4 files changed, 55 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index 30453e2de8396..950fd337898e1 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -33,7 +33,10 @@ typedef uint64_t vm_paddr_t; /* Virtual Machine (Guest) = physical address */ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ =20 struct userspace_mem_region { - struct kvm_userspace_memory_region region; + union { + struct kvm_userspace_memory_region region; + struct kvm_userspace_memory_region_ext region_ext; + }; struct sparsebit *unused_phy_pages; struct sparsebit *protected_phy_pages; int fd; @@ -214,7 +217,7 @@ static inline bool kvm_has_cap(long cap) =20 #define kvm_do_ioctl(fd, cmd, arg) \ ({ \ - static_assert(!_IOC_SIZE(cmd) || sizeof(*arg) =3D=3D _IOC_SIZE(cmd), "");= \ + static_assert(!_IOC_SIZE(cmd) || sizeof(*arg) >=3D _IOC_SIZE(cmd), ""); \ ioctl(fd, cmd, arg); \ }) =20 diff --git a/tools/testing/selftests/kvm/include/test_util.h b/tools/testin= g/selftests/kvm/include/test_util.h index befc754ce9b3b..01456a78b3a2e 100644 --- a/tools/testing/selftests/kvm/include/test_util.h +++ b/tools/testing/selftests/kvm/include/test_util.h @@ -94,6 +94,7 @@ enum vm_mem_backing_src_type { VM_MEM_SRC_ANONYMOUS_HUGETLB_1GB, VM_MEM_SRC_ANONYMOUS_HUGETLB_2GB, VM_MEM_SRC_ANONYMOUS_HUGETLB_16GB, + VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD, VM_MEM_SRC_SHMEM, VM_MEM_SRC_SHARED_HUGETLB, NUM_SRC_TYPES, @@ -104,6 +105,7 @@ enum vm_mem_backing_src_type { struct vm_mem_backing_src_alias { const char *name; uint32_t flag; + bool need_restricted_memfd; }; =20 #define MIN_RUN_DELAY_NS 200000UL diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index 6673be2f49c31..4e5928fa71c44 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -15,7 +15,6 @@ #include #include #include -#include =20 #define KVM_UTIL_MIN_PFN 2 =20 @@ -799,6 +798,27 @@ void vm_set_user_memory_region(struct kvm_vm *vm, uint= 32_t slot, uint32_t flags, errno, strerror(errno)); } =20 +/** + * Initialize memory in restricted_fd with size @memory_region_size and re= turn + * the fd. + * + * Errors out if there's any error + */ +static int initialize_restricted_memfd(uint64_t memory_region_size) +{ + int ret; + int mfd =3D -1; + + mfd =3D syscall(__NR_memfd_restricted, 0); + TEST_ASSERT(mfd !=3D -1, "Failed to create private memfd"); + ret =3D ftruncate(mfd, memory_region_size); + TEST_ASSERT(ret !=3D -1, "Failed to resize memfd %d to %lx", mfd, memory_= region_size); + ret =3D fallocate(mfd, 0, 0, memory_region_size); + TEST_ASSERT(ret !=3D -1, "Failed to allocate %lx bytes in memfd %d", memo= ry_region_size, mfd); + + return mfd; +} + /* * VM Userspace Memory Region Add * @@ -830,6 +850,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, struct userspace_mem_region *region; size_t backing_src_pagesz =3D get_backing_src_pagesz(src_type); size_t alignment; + int restricted_memfd =3D -1; =20 TEST_ASSERT(vm_adjust_num_guest_pages(vm->mode, npages) =3D=3D npages, "Number of guest pages is not compatible with the host. " @@ -927,14 +948,24 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, =20 /* As needed perform madvise */ if ((src_type =3D=3D VM_MEM_SRC_ANONYMOUS || - src_type =3D=3D VM_MEM_SRC_ANONYMOUS_THP) && thp_configured()) { - ret =3D madvise(region->host_mem, npages * vm->page_size, - src_type =3D=3D VM_MEM_SRC_ANONYMOUS ? MADV_NOHUGEPAGE : MADV_HUG= EPAGE); + src_type =3D=3D VM_MEM_SRC_ANONYMOUS_THP || + src_type =3D=3D VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD) && thp_co= nfigured()) { + int advice =3D src_type =3D=3D VM_MEM_SRC_ANONYMOUS_THP + ? MADV_HUGEPAGE + : MADV_NOHUGEPAGE; + ret =3D madvise(region->host_mem, npages * vm->page_size, advice); TEST_ASSERT(ret =3D=3D 0, "madvise failed, addr: %p length: 0x%lx src_ty= pe: %s", region->host_mem, npages * vm->page_size, vm_mem_backing_src_alias(src_type)->name); } =20 + if (vm_mem_backing_src_alias(src_type)->need_restricted_memfd) { + restricted_memfd =3D initialize_restricted_memfd(npages * vm->page_size); + TEST_ASSERT(restricted_memfd !=3D -1, + "Failed to create restricted memfd"); + flags |=3D KVM_MEM_PRIVATE; + } + region->unused_phy_pages =3D sparsebit_alloc(); region->protected_phy_pages =3D sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, @@ -944,13 +975,16 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, region->region.guest_phys_addr =3D guest_paddr; region->region.memory_size =3D npages * vm->page_size; region->region.userspace_addr =3D (uintptr_t) region->host_mem; - ret =3D __vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region); + region->region_ext.restricted_fd =3D restricted_memfd; + region->region_ext.restricted_offset =3D 0; + ret =3D __vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region_ext); TEST_ASSERT(ret =3D=3D 0, "KVM_SET_USER_MEMORY_REGION IOCTL failed,\n" " rc: %i errno: %i\n" " slot: %u flags: 0x%x\n" - " guest_phys_addr: 0x%lx size: 0x%lx", + " guest_phys_addr: 0x%lx size: 0x%lx restricted_fd: %d", ret, errno, slot, flags, - guest_paddr, (uint64_t) region->region.memory_size); + guest_paddr, (uint64_t) region->region.memory_size, + restricted_memfd); =20 /* Add to quick lookup data structures */ vm_userspace_mem_region_gpa_insert(&vm->regions.gpa_tree, region); diff --git a/tools/testing/selftests/kvm/lib/test_util.c b/tools/testing/se= lftests/kvm/lib/test_util.c index 6d23878bbfe1a..2d53e55d13565 100644 --- a/tools/testing/selftests/kvm/lib/test_util.c +++ b/tools/testing/selftests/kvm/lib/test_util.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -254,6 +255,11 @@ const struct vm_mem_backing_src_alias *vm_mem_backing_= src_alias(uint32_t i) */ .flag =3D MAP_SHARED, }, + [VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD] =3D { + .name =3D "anonymous_and_restricted_memfd", + .flag =3D ANON_FLAGS, + .need_restricted_memfd =3D true, + }, }; _Static_assert(ARRAY_SIZE(aliases) =3D=3D NUM_SRC_TYPES, "Missing new backing src types?"); @@ -272,6 +278,7 @@ size_t get_backing_src_pagesz(uint32_t i) switch (i) { case VM_MEM_SRC_ANONYMOUS: case VM_MEM_SRC_SHMEM: + case VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD: return getpagesize(); case VM_MEM_SRC_ANONYMOUS_THP: return get_trans_hugepagesz(); --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3F72CC25B50 for ; Sat, 21 Jan 2023 00:19:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229525AbjAUAT6 (ORCPT ); Fri, 20 Jan 2023 19:19:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230218AbjAUATy (ORCPT ); Fri, 20 Jan 2023 19:19:54 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0B8FF73152 for ; Fri, 20 Jan 2023 16:19:23 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-4c11ae6ab25so65351727b3.8 for ; Fri, 20 Jan 2023 16:19:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=CoXS9NR8J0lCDisdrTAQ77xqlurQK2TuY0Fdg8pUOxU=; b=E5VrJv2Hh0RmxBs1CPSwmu8xgt4qiqRciYcrXNA3andiehTlbQBzyXo+3IpgYQcFos uV4sCqmIxagqP/MnjPBDi0bAGuK0MDw0xKibN0uIeISt3SPn19Y3cYm9HWjtaq9KSG+6 Os2YgJr/XOBiIvcyGQ5QQ00hTP3uTT3ZZpoxL/UMb1wrjKZ9NrenmHZ+OXWIH9G8GEgq bLxNJVQgtdLYNyR7MrtyYZHSTpt4Is23wEhQbbtNNhI3suLr17GaEy3TFlHDk9jwtSi+ hDwvwsuG+iSlsogJYU+6ILeI+CiHuZQzrMVPV9gNi7X0emnR2Hy6GdmvLbpmMFUJz/k8 BTVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CoXS9NR8J0lCDisdrTAQ77xqlurQK2TuY0Fdg8pUOxU=; b=nBkgpK1+b/bBX1xQ1LVf6JSgMvWTRbSRKWJhbcAkE0CDMniHQe2PAwSLV59UyYIuZU YCaNjwbeqEKUXCtNi/tbZqgkZaJwij7pFk6AQpPs28pR31D7chqUmzD+BlqU7tNWlM7s uKJcp67Tz0DnkKR6kGQpPFiQfhnuzBF8cN8mw/qmoImJO0ofMu5OUVnin/14PDBgxCPw Vx5ipVY+h6KrgwtbIJeOVjSEnEl6zMD8VGkCsAiUD99orS1u9hJ4QxE2b9iF4f0HWyjY +RHxpQ2Ls8RXLP2KSe7RtCYQ5XniEIjEDDENRgDDm5Cb78aBvFrl5xsU5PG9Wq1h1dNi DdJg== X-Gm-Message-State: AFqh2koYZJf7+jxrf8NOEdF8J64GVCIZsxrgTAs7LGgldYRe18Z4ROHd addU/WcEJhbhm9FiL5QkHzVWYDSqubJOEA0klg== X-Google-Smtp-Source: AMrXdXurazezYjrKpa5c/030vxFCh3UjbXOe7Br4b1qlVLdlxJrd3xlTjXikwWEVFysI/oB8UEaKP5KBcn41GK/9+Q== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:8943:0:b0:46f:daaf:f81f with SMTP id z64-20020a818943000000b0046fdaaff81fmr2058115ywf.161.1674260285954; Fri, 20 Jan 2023 16:18:05 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:37 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-27-ackerleytng@google.com> Subject: [RFC PATCH v3 26/31] KVM: selftests: TDX: Update load_td_memory_region for VM memory backed by restricted memfd From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If guest memory is backed by restricted memfd + UPM is being used, hence encrypted memory region has to be registered + Can avoid making a copy of guest memory before getting TDX to initialize the memory region Signed-off-by: Ackerley Tng --- .../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 43 +++++++++++++++---- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/= testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c index 4d6615b97770a..77803b7a1d739 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c @@ -207,6 +207,23 @@ static void tdx_td_finalizemr(struct kvm_vm *vm) tdx_ioctl(vm->fd, KVM_TDX_FINALIZE_VM, 0, NULL); } =20 +/* + * Other ioctls + */ + +/** + * Register a memory region that may contain encrypted data in KVM. + */ +static void register_encrypted_memory_region( + struct kvm_vm *vm, struct userspace_mem_region *region) +{ + struct kvm_enc_region range =3D { + .addr =3D region->region.guest_phys_addr, + .size =3D region->region.memory_size, + }; + vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, &range); +} + /* * TD creation/setup/finalization */ @@ -393,30 +410,38 @@ static void load_td_memory_region(struct kvm_vm *vm, if (!sparsebit_any_set(pages)) return; =20 + + if (region->region_ext.restricted_fd !=3D -1) + register_encrypted_memory_region(vm, region); + sparsebit_for_each_set_range(pages, i, j) { const uint64_t size_to_load =3D (j - i + 1) * vm->page_size; const uint64_t offset =3D (i - lowest_page_in_region) * vm->page_size; const uint64_t hva =3D hva_base + offset; const uint64_t gpa =3D gpa_base + offset; - void *source_addr; + void *source_addr =3D (void *)hva; =20 /* * KVM_TDX_INIT_MEM_REGION ioctl cannot encrypt memory in place, * hence we have to make a copy if there's only one backing * memory source */ - source_addr =3D mmap(NULL, size_to_load, PROT_READ | PROT_WRITE, - MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); - TEST_ASSERT( - source_addr, - "Could not allocate memory for loading memory region"); - - memcpy(source_addr, (void *)hva, size_to_load); + if (region->region_ext.restricted_fd =3D=3D -1) { + source_addr =3D mmap(NULL, size_to_load, PROT_READ | PROT_WRITE, + MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); + TEST_ASSERT( + source_addr, + "Could not allocate memory for loading memory region"); + + memcpy(source_addr, (void *)hva, size_to_load); + memset((void *)hva, 0, size_to_load); + } =20 tdx_init_mem_region(vm, source_addr, gpa, size_to_load); =20 - munmap(source_addr, size_to_load); + if (region->region_ext.restricted_fd =3D=3D -1) + munmap(source_addr, size_to_load); } } =20 --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3A2DBC25B50 for ; Sat, 21 Jan 2023 00:20:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230173AbjAUAUB (ORCPT ); Fri, 20 Jan 2023 19:20:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230223AbjAUAT4 (ORCPT ); Fri, 20 Jan 2023 19:19:56 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 87C8A73AE8 for ; Fri, 20 Jan 2023 16:19:27 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-4faa8f4bfb9so62585787b3.17 for ; Fri, 20 Jan 2023 16:19:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=k1cq5TEY5bFZVJppj5PKXCCtP6lFgiUZJ/1ln+dN3QA=; b=d1BYzlQoyUn3i39+FvKM79uWm+WNumy+bfjZlFFt/ZeDDVwQWpIuwDbs8iEHxMAwsW KemJHYCtN/DXYLLL7eQMUQ5YoGIbIKVJyQbpifPKbv5sHtgugbasOAGzialVGpfRPQBs h4GLFakYbatPvZVmKsx9xS1aKnfRLeWB6nL2XS489S1AQ0FPgdgYIeaomBRx5A/5KSq4 5zmugkm9l1T4am+6d1w08U/IbwUDhbYYWwsov9TNA0OnGuXEi3eq6lgMQXFz9PW276mF Eb19dt3W55wzwsgepb006ykB8rV/nTqzjPvPN8ndjJB2tcFRGQs2nt8kfwwiLKEajqtm 2wZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=k1cq5TEY5bFZVJppj5PKXCCtP6lFgiUZJ/1ln+dN3QA=; b=rQfn6flSI2naafSEm/x+eG1RAqag7MoVNEf5P9GztyFYyRWJpJEP/jH0v9RgzFPYwE p/4fqrIB+0F9xY9X2kx36lg0zAbXSA9ChOj1hPh4x/QYqnRbjR2JgePlP31ZnHxZ+Cv8 UzTZsrhPxLIsFEhxaYbDCiOk39J3w73Q4cmnypPC/1cbqwIMEy4JGZtCGXgBwmOCVL2o xwOcfBEscrS/eXbrobNm5M4vgKO5LDQvolLmkwG11epQJMcfQNP8gDOSKsIOFgNyHfTs plQKd0v4ml8tTzUif3Kc7P/9+ebcu6U1kJl79RWGPdOWCsg4BmQ/mb+6rrYaX1TCjwVT VIaQ== X-Gm-Message-State: AFqh2kqSTLxnYCtfLF77gaXKkjxohfXVdm3+y70c5unWT2CeeOZuKLD1 o6VtpWYDMvUZ7xkt4JrW+caQKH5jiD2sb43Hng== X-Google-Smtp-Source: AMrXdXsKPQ7RdQsZJh0HCn7FotF1wMUoexsS6TfkTsPP/Sd5BeAcVkKJWPwo+TQ+YiggVLrbHck2EozyECapRFWA7A== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:f908:0:b0:4fa:fa3a:72e with SMTP id x8-20020a81f908000000b004fafa3a072emr858885ywm.231.1674260290351; Fri, 20 Jan 2023 16:18:10 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:38 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-28-ackerleytng@google.com> Subject: [RFC PATCH v3 27/31] KVM: selftests: Expose _vm_vaddr_alloc From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" vm_vaddr_alloc always allocates memory in memslot 0. This allows users of this function to choose which memslot to allocate virtual memory in. Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/include/kvm_util_base.h | 3 +++ tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/te= sting/selftests/kvm/include/kvm_util_base.h index 950fd337898e1..abeffa5a47e88 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -406,6 +406,9 @@ void vm_mem_region_set_flags(struct kvm_vm *vm, uint32_= t slot, uint32_t flags); void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa= ); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id); +vm_vaddr_t +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, + vm_paddr_t paddr_min, uint32_t data_memslot, bool encrypt); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_m= in); vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t = vaddr_min); vm_vaddr_t vm_vaddr_alloc_1to1(struct kvm_vm *vm, size_t sz, vm_vaddr_t va= ddr_min, diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index 4e5928fa71c44..2f1e592d29dfd 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1286,7 +1286,7 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *= vm, size_t sz, * a unique set of pages, with the minimum real allocation being at least * a page. */ -static vm_vaddr_t +vm_vaddr_t _vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, vm_paddr_t paddr_min, uint32_t data_memslot, bool encrypt) { --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 999F0C25B50 for ; Sat, 21 Jan 2023 00:20:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229773AbjAUAUT (ORCPT ); Fri, 20 Jan 2023 19:20:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230234AbjAUAUN (ORCPT ); Fri, 20 Jan 2023 19:20:13 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6F7979574B for ; Fri, 20 Jan 2023 16:19:48 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id a4-20020a5b0004000000b006fdc6aaec4fso7506666ybp.20 for ; Fri, 20 Jan 2023 16:19:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=OSbqzQIHhtOUZi+XNLRvr0hBcTc63rTSHvkLvHdhRjs=; b=j+nuqFxlj28fkfuax2AYTnMDYPRfm95o2qjUDWXSKBksDH8jYemCh9w0e7ftn6QOsw vpC45E1/+deGYoDby3+FGoPiHS/LxF8nPJlBFrNMv7dO3xcEw9B5XVWgl0O5VgU3jgOn erfriF1fdySfCtOnV7cj/oaFKAgRrxKVOEzhHDO25dAOE3ttKTo9UtZOYVLCEg0QEyXW wA+NvIShIINGq/JGFEvnFz+GRzfD3HO9/HUL0rGzM1JR3hW/+R0Skr5OAs3FZLV6eI/I +q4fhfZYPwBOyIYJbBA4rPW7OYqyLr9hI0S+wNSVgcM3BAOP0WApHvrLpY4CzghElk6I t/1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=OSbqzQIHhtOUZi+XNLRvr0hBcTc63rTSHvkLvHdhRjs=; b=UjhGg9dDcW/q/yxQCz5EmcKKB9SZRGQsiACIrSBppdCNwL+0H4h/3NC6QDTYAG64yn UzjuDKvT3vqn8UEzOC1s7rQA7a6vQ8XAwXLfiTF8IXQoqa6OP0jsA+61Haa6xojtJtYv wn6mkFyaAX1T72R3x6H66R3rwaVZ5M20ss4uzSYVi4Vx0kgRvtoCQ4ZUfxLHrCIaLsue AsqPRXHgrtdbsqJm9hXuX7acS0vLTfzNqubwqfIPTsrFfo2gn4IgldPTkO4at9iW46ai zpm+ID6CdEQCDjUMd9iS7fYCMQym3g83jM5X/fYCaUpqRvtkHVaPRgWYAPIzYCIOfODZ yPUQ== X-Gm-Message-State: AFqh2kpWMjph1KngBX/ojAVKih/kmHG0T1Vuyoi4zxpGyHkopu5GTCA7 ICbvOboIUjF4+HIKy+XzdI/0lvSixEH2o28+4g== X-Google-Smtp-Source: AMrXdXu1DCnVzLJkLaux9FqMEFGGeDFnVXCqWlSa4HMsaQ9DZUE7PtkSZ+oUJjuui87VSyvC9iSnO+Q32CJrzh9ORQ== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a0d:eb93:0:b0:4fb:2084:1f62 with SMTP id u141-20020a0deb93000000b004fb20841f62mr956118ywe.513.1674260294752; Fri, 20 Jan 2023 16:18:14 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:39 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-29-ackerleytng@google.com> Subject: [RFC PATCH v3 28/31] KVM: selftests: TDX: Add support for TDG.MEM.PAGE.ACCEPT From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h | 2 ++ tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index 857a297e51ac6..c8e4b9ce795ea 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -5,6 +5,7 @@ #include =20 #define TDG_VP_INFO 1 +#define TDG_MEM_PAGE_ACCEPT 6 =20 #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 #define TDG_VP_VMCALL_MAP_GPA 0x10001 @@ -38,5 +39,6 @@ uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, uint64_t *r8, uint64_t *r9, uint64_t *r10, uint64_t *r11); uint64_t tdg_vp_vmcall_map_gpa(uint64_t address, uint64_t size, uint64_t *= data_out); +uint64_t tdg_mem_page_accept(uint64_t gpa, uint8_t level); =20 #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index e0a39f29a0662..2ebc47e268779 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -205,3 +205,8 @@ uint64_t tdg_vp_vmcall_map_gpa(uint64_t address, uint64= _t size, uint64_t *data_o *data_out =3D args.r11; return ret; } + +uint64_t tdg_mem_page_accept(uint64_t gpa, uint8_t level) +{ + return __tdx_module_call(TDG_MEM_PAGE_ACCEPT, gpa | level, 0, 0, 0, NULL); +} --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A27D2C05027 for ; Sat, 21 Jan 2023 00:20:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230272AbjAUAUX (ORCPT ); Fri, 20 Jan 2023 19:20:23 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57454 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230255AbjAUAUQ (ORCPT ); Fri, 20 Jan 2023 19:20:16 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E964B740 for ; Fri, 20 Jan 2023 16:19:53 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id x188-20020a2531c5000000b00716de19d76bso7432124ybx.19 for ; Fri, 20 Jan 2023 16:19:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=AoLQ6HYLr8hLhvXe0so57mY+HUAjh6mBgI+e1/IQeng=; b=QDv9eBq1lt7YIEJZzgzCx+7X/eRNoD6R+YX07ysF2YQEyCGPjLbpF2Zk/+B6V0JmYp iOhVBV4999QsqCJ2dtSGxhRkxLnJJBBreJTZVdsAnpE+VZ17j7iDfuvsh03Lkp8iyJeA aARFOPNZjnB2E4meZsGWwu0ob3tJGhfB1jLd8eR9wfUu7xEapJC2W4LTPxaw/u7sO29Q cHWamv2K+Q9MUkeGpSmm/v/SRdJyZpZx2Vfpzpsqe6Oy4umv0qn3QDdMZjYnRVczl7PS dBzSBedrLPL6zYX5K6SpUnot+4hCMshgzariewcc9LqId9QonvzYc1b8RuZfzfk5sdif PtLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=AoLQ6HYLr8hLhvXe0so57mY+HUAjh6mBgI+e1/IQeng=; b=4/hVBA65Mr34zRoKdMFsPnQhuqS5kpfbucbiyiL97YfYIxxzVpDSCW1y0Id+/DNJTq +FmN9Tn2s+m20NINprnjEY8zScBriMJoJu6AyIuAzkWwNm7mKx9E7YcPTeI9bVe85tzn DC9QuRyeZWzNuC9JDaXSCFGvCsLCrMbBNTh/vK/gS0n3Uuzq0k39FntloW/O47D6nxsZ Hl0SVcaWsyk6lFm/QbeTJvtwNDbS4JdGh5FIU2xyXEHmcjUjyo7zQ9RN6vMxm2LIZ0Hs PiM24uiON+A13ACLQqYu0lCnnrhWv5rwJ/PUWzpyWYt+2+FyOAbw8sZec9WcUalOzUVj 2FCA== X-Gm-Message-State: AFqh2kop3bZM6txuRYDAKB0MFuPWBSpjBg5P6HmDJBordbcirnGYfJc/ 4SdRhP6fqw/PdvGKf4yU7R3pcOkRNkK3aCLTvw== X-Google-Smtp-Source: AMrXdXuI5KPIV+1bAjgQ7xtMLOmJeYkGw4nxJcYtu8wp10aKsTdw8pXY00wl8grNtb1i7r3jEL1o+T0AVWCvuDgM2w== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:bdce:0:b0:801:88a9:d5f with SMTP id g14-20020a25bdce000000b0080188a90d5fmr446952ybk.71.1674260299258; Fri, 20 Jan 2023 16:18:19 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:40 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-30-ackerleytng@google.com> Subject: [RFC PATCH v3 29/31] KVM: selftests: TDX: Add support for TDG.VP.VEINFO.GET From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/x86_64/tdx/tdx.h | 21 +++++++++++++++++++ .../selftests/kvm/lib/x86_64/tdx/tdx.c | 19 +++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/tools/t= esting/selftests/kvm/include/x86_64/tdx/tdx.h index c8e4b9ce795ea..2dfb9432c32f9 100644 --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h @@ -5,6 +5,7 @@ #include =20 #define TDG_VP_INFO 1 +#define TDG_VP_VEINFO_GET 3 #define TDG_MEM_PAGE_ACCEPT 6 =20 #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 @@ -41,4 +42,24 @@ uint64_t tdg_vp_info(uint64_t *rcx, uint64_t *rdx, uint64_t tdg_vp_vmcall_map_gpa(uint64_t address, uint64_t size, uint64_t *= data_out); uint64_t tdg_mem_page_accept(uint64_t gpa, uint8_t level); =20 +/* + * Used by the #VE exception handler to gather the #VE exception + * info from the TDX module. This is a software only structure + * and not part of the TDX module/VMM ABI. + * + * Adapted from arch/x86/include/asm/tdx.h + */ +struct ve_info { + uint64_t exit_reason; + uint64_t exit_qual; + /* Guest Linear (virtual) Address */ + uint64_t gla; + /* Guest Physical Address */ + uint64_t gpa; + uint32_t instr_len; + uint32_t instr_info; +}; + +uint64_t tdg_vp_veinfo_get(struct ve_info *ve); + #endif // SELFTEST_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools/testi= ng/selftests/kvm/lib/x86_64/tdx/tdx.c index 2ebc47e268779..11a19832758bb 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c @@ -210,3 +210,22 @@ uint64_t tdg_mem_page_accept(uint64_t gpa, uint8_t lev= el) { return __tdx_module_call(TDG_MEM_PAGE_ACCEPT, gpa | level, 0, 0, 0, NULL); } + +uint64_t tdg_vp_veinfo_get(struct ve_info *ve) +{ + uint64_t ret; + struct tdx_module_output out; + + memset(&out, 0, sizeof(struct tdx_module_output)); + + ret =3D __tdx_module_call(TDG_VP_VEINFO_GET, 0, 0, 0, 0, &out); + + ve->exit_reason =3D out.rcx; + ve->exit_qual =3D out.rdx; + ve->gla =3D out.r8; + ve->gpa =3D out.r9; + ve->instr_len =3D out.r10 & 0xffffffff; + ve->instr_info =3D out.r10 >> 32; + + return ret; +} --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CD13CC05027 for ; Sat, 21 Jan 2023 00:20:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230243AbjAUAUb (ORCPT ); Fri, 20 Jan 2023 19:20:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229761AbjAUAUV (ORCPT ); Fri, 20 Jan 2023 19:20:21 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 285D573AC0 for ; Fri, 20 Jan 2023 16:19:58 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-4d5097a95f5so65196157b3.1 for ; Fri, 20 Jan 2023 16:19:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Vk93+I6OSUVBwh4z5UqKhx2Qsqvlb7tzifbo6JQZrLA=; b=QSt/BGsIAVFgQS4TFoM+/Ns9P7myw95OR2fCkvn8AnXU5Qn4Ec/4VwQyL46QnjhOpx 88xKxceOjjsJUusCS3YtMySzB+tHJO3V4nvhLzHoYYcYMGba+zt/ST72NKlaIuTPft17 nho8JSX6MFo66QDC73OS16hJr7JbB9zkYHsu28VDDXJufKHFFU8DgHUWIB/vFjLD93sV xlDcmT9S1VTMxx9kXIGS6etIBjwfqRUz9f4kVnBpyrELjgcC9H5hsFiX/jAY/o6WEojr DjoIc2ny8sRKK56QsbR6DiN6oVOO7BJN5ZksftSU+pvwlQtqCT6Ggw7XbM+dUWiJdtcC DitQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Vk93+I6OSUVBwh4z5UqKhx2Qsqvlb7tzifbo6JQZrLA=; b=Z+r2qzy3LPTOVZ75nXJee+SZKSEWzMOUOVsaCoRnoM/ec0BT9QAbahxEEvhJL0LIp9 vTX2spWFtdDOb6hGePiVhZCiGMOnqkxvTXT2AMQZTbhi5hAYrMgFXyvH79hQKdQAI46q NQepc5mteKwGQDPH8RXFGknboJIdAzXoK/eEWVHHwY5TPnhXV2pPjBv7l90EaeWqC1Rv ydkJ5rUJBJ8zUNplsbDss9wrs+3DDZSQqBOh7vojfOQydVK2JJPGEShAkFwiaJdF9XJa WssXFZfROmff7En7v5KC+ruwCp7k1xR9xSRJJlhbY4bG/yasCKztU3CmPEzvUNiNolIE lejA== X-Gm-Message-State: AFqh2kqdSnHK1iQu1ZT9ozs+hqJy1UJ1oTXqo9xF/dNCY5SyEBYU4yB5 JxiMfnfktuI+AWKFGEhbu3AZbLNe2hEklyBQBA== X-Google-Smtp-Source: AMrXdXvbhFjIbngJm8ErEeG/qhphnIdjZioJjL96XNDZforpLrNZ6apT1jSjI/H9OjskWAY5+lRmFIaj8cab5havgw== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a05:6902:11cd:b0:7d3:55e0:1cc6 with SMTP id n13-20020a05690211cd00b007d355e01cc6mr1843208ybu.435.1674260303753; Fri, 20 Jan 2023 16:18:23 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:41 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-31-ackerleytng@google.com> Subject: [RFC PATCH v3 30/31] KVM: selftests: TDX: Add TDX UPM selftest From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This tests the use of restricted memory with explicit MapGPA calls. Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/tdx_upm_test.c | 392 ++++++++++++++++++ 3 files changed, 394 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/tdx_upm_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftes= ts/kvm/.gitignore index e1663b0f809b4..c1def2271f4cd 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -67,6 +67,7 @@ /x86_64/triple_fault_event_test /x86_64/tdx_vm_tests /x86_64/tdx_shared_mem_test +/x86_64/tdx_upm_test /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests= /kvm/Makefile index 27e9148212fa5..2b1434368a0f2 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -153,6 +153,7 @@ TEST_GEN_PROGS_x86_64 +=3D kvm_binary_stats_test TEST_GEN_PROGS_x86_64 +=3D system_counter_offset_test TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_vm_tests TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_shared_mem_test +TEST_GEN_PROGS_x86_64 +=3D x86_64/tdx_upm_test =20 # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86_64 +=3D x86_64/nx_huge_pages_test diff --git a/tools/testing/selftests/kvm/x86_64/tdx_upm_test.c b/tools/test= ing/selftests/kvm/x86_64/tdx_upm_test.c new file mode 100644 index 0000000000000..13914aebd7da7 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/tdx_upm_test.c @@ -0,0 +1,392 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include +#include +#include +#include +#include + +#include "kvm_util_base.h" +#include "processor.h" +#include "tdx/tdcall.h" +#include "tdx/tdx.h" +#include "tdx/tdx_util.h" +#include "tdx/test_util.h" +#include "test_util.h" + +/* TDX UPM test patterns */ +#define PATTERN_CONFIDENCE_CHECK (0x11) +#define PATTERN_HOST_FOCUS (0x22) +#define PATTERN_GUEST_GENERAL (0x33) +#define PATTERN_GUEST_FOCUS (0x44) + +/* + * 0x80000000 is arbitrarily selected. The selected address need not be th= e same + * as TDX_UPM_TEST_AREA_GVA_PRIVATE, but it should not overlap with selfte= st + * code or boot page. + */ +#define TDX_UPM_TEST_AREA_GPA (0x80000000) +/* Test area GPA is arbitrarily selected */ +#define TDX_UPM_TEST_AREA_GVA_PRIVATE (0x90000000) +/* Select any bit that can be used as a flag */ +#define TDX_UPM_TEST_AREA_GVA_SHARED_BIT (32) +/* + * TDX_UPM_TEST_AREA_GVA_SHARED is used to map the same GPA twice into the + * guest, once as shared and once as private + */ +#define TDX_UPM_TEST_AREA_GVA_SHARED \ + (TDX_UPM_TEST_AREA_GVA_PRIVATE | \ + BIT_ULL(TDX_UPM_TEST_AREA_GVA_SHARED_BIT)) + +/* The test area is 2MB in size */ +#define TDX_UPM_TEST_AREA_SIZE (2 << 20) +/* 0th general area is 1MB in size */ +#define TDX_UPM_GENERAL_AREA_0_SIZE (1 << 20) +/* Focus area is 40KB in size */ +#define TDX_UPM_FOCUS_AREA_SIZE (40 << 10) +/* 1st general area is the rest of the space in the test area */ +#define TDX_UPM_GENERAL_AREA_1_SIZE \ + (TDX_UPM_TEST_AREA_SIZE - TDX_UPM_GENERAL_AREA_0_SIZE - \ + TDX_UPM_FOCUS_AREA_SIZE) + +/* + * The test memory area is set up as two general areas, sandwiching a focus + * area. The general areas act as control areas. After they are filled, t= hey + * are not expected to change throughout the tests. The focus area is memo= ry + * permissions change from private to shared and vice-versa. + * + * The focus area is intentionally small, and sandwiched to test that when= the + * focus area's permissions change, the other areas' permissions are not + * affected. + */ +struct __packed tdx_upm_test_area { + uint8_t general_area_0[TDX_UPM_GENERAL_AREA_0_SIZE]; + uint8_t focus_area[TDX_UPM_FOCUS_AREA_SIZE]; + uint8_t general_area_1[TDX_UPM_GENERAL_AREA_1_SIZE]; +}; + +static void fill_test_area(struct tdx_upm_test_area *test_area_base, + uint8_t pattern) +{ + memset(test_area_base, pattern, sizeof(*test_area_base)); +} + +static void fill_focus_area(struct tdx_upm_test_area *test_area_base, + uint8_t pattern) +{ + memset(test_area_base->focus_area, pattern, + sizeof(test_area_base->focus_area)); +} + +static bool check_area(uint8_t *base, uint64_t size, uint8_t expected_patt= ern) +{ + size_t i; + + for (i =3D 0; i < size; i++) { + if (base[i] !=3D expected_pattern) + return false; + } + + return true; +} + +static bool check_general_areas(struct tdx_upm_test_area *test_area_base, + uint8_t expected_pattern) +{ + return (check_area(test_area_base->general_area_0, + sizeof(test_area_base->general_area_0), + expected_pattern) && + check_area(test_area_base->general_area_1, + sizeof(test_area_base->general_area_1), + expected_pattern)); +} + +static bool check_focus_area(struct tdx_upm_test_area *test_area_base, + uint8_t expected_pattern) +{ + return check_area(test_area_base->focus_area, + sizeof(test_area_base->focus_area), expected_pattern); +} + +static bool check_test_area(struct tdx_upm_test_area *test_area_base, + uint8_t expected_pattern) +{ + return (check_general_areas(test_area_base, expected_pattern) && + check_focus_area(test_area_base, expected_pattern)); +} + +static bool fill_and_check(struct tdx_upm_test_area *test_area_base, uint8= _t pattern) +{ + fill_test_area(test_area_base, pattern); + + return check_test_area(test_area_base, pattern); +} + +#define TDX_UPM_TEST_ASSERT(x) \ + do { \ + if (!(x)) \ + tdx_test_fatal(__LINE__); \ + } while (0) + +/* + * Shared variables between guest and host + */ +static struct tdx_upm_test_area *test_area_gpa_private; +static struct tdx_upm_test_area *test_area_gpa_shared; + +/* + * Test stages for syncing with host + */ +enum { + SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST =3D 1, + SYNC_CHECK_READ_SHARED_MEMORY_FROM_HOST, + SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST_AGAIN, +}; + +#define TDX_UPM_TEST_ACCEPT_PRINT_PORT 0x87 + +/** + * Does vcpu_run, and also manages memory conversions if requested by the = TD. + */ +void vcpu_run_and_manage_memory_conversions(struct kvm_vm *vm, + struct kvm_vcpu *vcpu) +{ + for (;;) { + vcpu_run(vcpu); + if ( + vcpu->run->exit_reason =3D=3D KVM_EXIT_IO && + vcpu->run->io.port =3D=3D TDX_UPM_TEST_ACCEPT_PRINT_PORT) { + uint64_t gpa =3D tdx_test_read_64bit( + vcpu, TDX_UPM_TEST_ACCEPT_PRINT_PORT); + printf("\t ... guest accepting 1 page at GPA: 0x%lx\n", gpa); + continue; + } + + break; + } +} + +static void guest_upm_explicit(void) +{ + uint64_t ret =3D 0; + uint64_t failed_gpa; + + struct tdx_upm_test_area *test_area_gva_private =3D + (struct tdx_upm_test_area *)TDX_UPM_TEST_AREA_GVA_PRIVATE; + struct tdx_upm_test_area *test_area_gva_shared =3D + (struct tdx_upm_test_area *)TDX_UPM_TEST_AREA_GVA_SHARED; + + /* Check: host reading private memory does not modify guest's view */ + fill_test_area(test_area_gva_private, PATTERN_GUEST_GENERAL); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST); + + TDX_UPM_TEST_ASSERT( + check_test_area(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + /* Remap focus area as shared */ + ret =3D tdg_vp_vmcall_map_gpa((uint64_t)test_area_gpa_shared->focus_area, + sizeof(test_area_gpa_shared->focus_area), + &failed_gpa); + TDX_UPM_TEST_ASSERT(!ret); + + /* General areas should be unaffected by remapping */ + TDX_UPM_TEST_ASSERT( + check_general_areas(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + /* + * Use memory contents to confirm that the memory allocated using mmap + * is used as backing memory for shared memory - PATTERN_CONFIDENCE_CHECK + * was written by the VMM at the beginning of this test. + */ + TDX_UPM_TEST_ASSERT( + check_focus_area(test_area_gva_shared, PATTERN_CONFIDENCE_CHECK)); + + /* Guest can use focus area after remapping as shared */ + fill_focus_area(test_area_gva_shared, PATTERN_GUEST_FOCUS); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_SHARED_MEMORY_FROM_HOST); + + /* Check that guest has the same view of shared memory */ + TDX_UPM_TEST_ASSERT( + check_focus_area(test_area_gva_shared, PATTERN_HOST_FOCUS)); + + /* Remap focus area back to private */ + ret =3D tdg_vp_vmcall_map_gpa((uint64_t)test_area_gpa_private->focus_area, + sizeof(test_area_gpa_private->focus_area), + &failed_gpa); + TDX_UPM_TEST_ASSERT(!ret); + + /* General areas should be unaffected by remapping */ + TDX_UPM_TEST_ASSERT( + check_general_areas(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + /* Focus area should be zeroed after remapping */ + TDX_UPM_TEST_ASSERT(check_focus_area(test_area_gva_private, 0)); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST_AG= AIN); + + /* Check that guest can use private memory after focus area is remapped a= s private */ + TDX_UPM_TEST_ASSERT( + fill_and_check(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + tdx_test_success(); +} + +static void run_selftest(struct kvm_vm *vm, struct kvm_vcpu *vcpu, + struct tdx_upm_test_area *test_area_base_hva) +{ + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, TDX_TEST_REPORT_SIZE, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ASSERT_EQ(*(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset), + SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST); + + /* + * Check that host should read PATTERN_CONFIDENCE_CHECK from guest's + * private memory. This confirms that regular memory (userspace_addr in + * struct kvm_userspace_memory_region) is used to back the host's view + * of private memory, since PATTERN_CONFIDENCE_CHECK was written to that + * memory before starting the guest. + */ + TEST_ASSERT(check_test_area(test_area_base_hva, PATTERN_CONFIDENCE_CHECK), + "Host should read PATTERN_CONFIDENCE_CHECK from guest's private memory."= ); + + vcpu_run_and_manage_memory_conversions(vm, vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, TDX_TEST_REPORT_SIZE, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ASSERT_EQ(*(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset), + SYNC_CHECK_READ_SHARED_MEMORY_FROM_HOST); + + TEST_ASSERT(check_focus_area(test_area_base_hva, PATTERN_GUEST_FOCUS), + "Host should have the same view of shared memory as guest."); + TEST_ASSERT(check_general_areas(test_area_base_hva, PATTERN_CONFIDENCE_CH= ECK), + "Host's view of private memory should still be backed by regular memory.= "); + + /* Check that host can use shared memory */ + fill_focus_area(test_area_base_hva, PATTERN_HOST_FOCUS); + TEST_ASSERT(check_focus_area(test_area_base_hva, PATTERN_HOST_FOCUS), + "Host should be able to use shared memory."); + + vcpu_run_and_manage_memory_conversions(vm, vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, TDX_TEST_REPORT_SIZE, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + ASSERT_EQ(*(uint32_t *)((void *)vcpu->run + vcpu->run->io.data_offset), + SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST_AGAIN); + + TEST_ASSERT(check_general_areas(test_area_base_hva, PATTERN_CONFIDENCE_CH= ECK), + "Host's view of private memory should be backed by regular memory."); + TEST_ASSERT(check_focus_area(test_area_base_hva, PATTERN_HOST_FOCUS), + "Host's view of private memory should be backed by regular memory."); + + vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_SUCCESS(vcpu); + + printf("\t ... PASSED\n"); +} + +static bool address_between(uint64_t addr, void *lo, void *hi) +{ + return (uint64_t)lo <=3D addr && addr < (uint64_t)hi; +} + +static void guest_ve_handler(struct ex_regs *regs) +{ + uint64_t ret; + struct ve_info ve; + + ret =3D tdg_vp_veinfo_get(&ve); + TDX_UPM_TEST_ASSERT(!ret); + + /* For this test, we will only handle EXIT_REASON_EPT_VIOLATION */ + TDX_UPM_TEST_ASSERT(ve.exit_reason =3D=3D EXIT_REASON_EPT_VIOLATION); + + /* Validate GPA in fault */ + TDX_UPM_TEST_ASSERT( + address_between(ve.gpa, + test_area_gpa_private->focus_area, + test_area_gpa_private->general_area_1)); + + tdx_test_send_64bit(TDX_UPM_TEST_ACCEPT_PRINT_PORT, ve.gpa); + +#define MEM_PAGE_ACCEPT_LEVEL_4K 0 +#define MEM_PAGE_ACCEPT_LEVEL_2M 1 + ret =3D tdg_mem_page_accept(ve.gpa, MEM_PAGE_ACCEPT_LEVEL_4K); + TDX_UPM_TEST_ASSERT(!ret); +} + +static void verify_upm_test(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm_vaddr_t test_area_gva_private; + struct tdx_upm_test_area *test_area_base_hva; + uint64_t test_area_npages; + + vm =3D td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu =3D td_vcpu_add(vm, 0, guest_upm_explicit); + + vm_install_exception_handler(vm, VE_VECTOR, guest_ve_handler); + + /* + * Set up shared memory page for testing by first allocating as private + * and then mapping the same GPA again as shared. This way, the TD does + * not have to remap its page tables at runtime. + */ + test_area_npages =3D TDX_UPM_TEST_AREA_SIZE / vm->page_size; + vm_userspace_mem_region_add(vm, + VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD, + TDX_UPM_TEST_AREA_GPA, 3, test_area_npages, + 0); + + test_area_gva_private =3D _vm_vaddr_alloc( + vm, TDX_UPM_TEST_AREA_SIZE, TDX_UPM_TEST_AREA_GVA_PRIVATE, + TDX_UPM_TEST_AREA_GPA, 3, true); + ASSERT_EQ(test_area_gva_private, TDX_UPM_TEST_AREA_GVA_PRIVATE); + + test_area_gpa_private =3D (struct tdx_upm_test_area *) + addr_gva2gpa(vm, test_area_gva_private); + virt_map_shared(vm, TDX_UPM_TEST_AREA_GVA_SHARED, + (uint64_t)test_area_gpa_private, + test_area_npages); + ASSERT_EQ(addr_gva2gpa(vm, TDX_UPM_TEST_AREA_GVA_SHARED), + (vm_paddr_t)test_area_gpa_private); + + test_area_base_hva =3D addr_gva2hva(vm, TDX_UPM_TEST_AREA_GVA_PRIVATE); + + TEST_ASSERT(fill_and_check(test_area_base_hva, PATTERN_CONFIDENCE_CHECK), + "Failed to mark memory intended as backing memory for TD shared memory"); + + sync_global_to_guest(vm, test_area_gpa_private); + test_area_gpa_shared =3D (struct tdx_upm_test_area *) + ((uint64_t)test_area_gpa_private | BIT_ULL(vm->pa_bits - 1)); + sync_global_to_guest(vm, test_area_gpa_shared); + + td_finalize(vm); + + printf("Verifying UPM functionality: explicit MapGPA\n"); + + run_selftest(vm, vcpu, test_area_base_hva); + + kvm_vm_free(vm); +} + +int main(int argc, char **argv) +{ + /* Disable stdout buffering */ + setbuf(stdout, NULL); + + if (!is_tdx_enabled()) { + printf("TDX is not supported by the KVM\n" + "Skipping the TDX tests.\n"); + return 0; + } + + run_in_new_process(&verify_upm_test); +} --=20 2.39.0.246.g2a6d74b583-goog From nobody Sun Sep 14 12:59:40 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D74FC25B50 for ; Sat, 21 Jan 2023 00:30:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229879AbjAUAaJ (ORCPT ); Fri, 20 Jan 2023 19:30:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229804AbjAUAaH (ORCPT ); Fri, 20 Jan 2023 19:30:07 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BD4BE6E407 for ; Fri, 20 Jan 2023 16:29:35 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id z9-20020a25ba49000000b007d4416e3667so7534196ybj.23 for ; Fri, 20 Jan 2023 16:29:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=7DCwT0vOmg1kvE5C/ZmiO0Q3IunPA+bJBAyC1WliYPU=; b=UKfUq51zNuwJ1s8RoAy4DKxdjfKNX60WlC3mQo2LPz454muDFSLBiSU6Lg104sdJ3h 1D2D4ZWi3MlujhpVjBeBYy/DVsxaYDDG/xY+ZTE6SUwCV/W5nixFHUH47KzNY5O5nMUd +V6OnoU5yuGHvDak/bGBvLf4EfNcXGq08rHgjcTSGe3laadp8N3fU+rNhnJeBAx2V2wG 0s9W8l12xEGM1MZTkc4KzrpQeVEM2/HVoThePaCNd5+yBm2BAHcuk3v31tMnCgAr0uzB x9w2hDFjNf1T0v4gBms5OXgjSUtaIvdZvNnZkKfqiru7e8/AXLVj/kDoihEnAvAM/ErV nRLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=7DCwT0vOmg1kvE5C/ZmiO0Q3IunPA+bJBAyC1WliYPU=; b=Ai7Eo6w/0YMTkeFC198divALLvnwv+bu6tzX+fo6RY4gxynXY+L8NC5jvuY/mfUdoR c6/OmxwTbLsuAr7jVIlvTSjCF3G+HNqhA7ou9iH+NWF4bPDxvCb1LjGhD9gVgsND4bsn jqLoo+IIVghmeV7sNEARAmlqnnxdDdFW63Zqzv7Pu5wL74OhrnWNJJehJyC/ZzMQIke/ 0wBooLC9pa4GG86d6H/sDCxL8pXx3rynNAxgHkc93l9opRVtyXf/fiIpAMQIC3Oo9+K6 NBEMLCyMzP1KZ3p/UIw+F80Xoeq6oFnuLK+2mdU66FJnkRgju1wri3asQnT+WLWCZ4DS YGZw== X-Gm-Message-State: AFqh2kqFTzWlFjups13rsecsNTMUiD4zXlLvYgc2BWZQoNLiUoFQQZFB d3ayQIx6vCBptt5htOhWrlkc+ecQo7IjDtlNFA== X-Google-Smtp-Source: AMrXdXuLbmhgtGWdFAgKnD+yNqKI8Xaq12OTyFBCP0UJI16En+uZ/3BxfhP5lOEKrFWt/DwBqtrpjBp5AD2mFLoVxA== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a25:8d03:0:b0:7a0:7cd5:602d with SMTP id n3-20020a258d03000000b007a07cd5602dmr2002572ybl.426.1674260308219; Fri, 20 Jan 2023 16:18:28 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:42 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-32-ackerleytng@google.com> Subject: [RFC PATCH v3 31/31] KVM: selftests: TDX: Add TDX UPM selftests for implicit conversion From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This tests the use of restricted memory without explicit MapGPA calls. Signed-off-by: Ackerley Tng --- .../selftests/kvm/x86_64/tdx_upm_test.c | 88 ++++++++++++++++--- 1 file changed, 78 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/tdx_upm_test.c b/tools/test= ing/selftests/kvm/x86_64/tdx_upm_test.c index 13914aebd7da7..56ba3d4fb15a5 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_upm_test.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_upm_test.c @@ -149,11 +149,18 @@ enum { * Does vcpu_run, and also manages memory conversions if requested by the = TD. */ void vcpu_run_and_manage_memory_conversions(struct kvm_vm *vm, - struct kvm_vcpu *vcpu) + struct kvm_vcpu *vcpu, bool handle_conversions) { for (;;) { vcpu_run(vcpu); - if ( + if (handle_conversions && + vcpu->run->exit_reason =3D=3D KVM_EXIT_MEMORY_FAULT) { + handle_memory_conversion( + vm, vcpu->run->memory.gpa, + vcpu->run->memory.size, + vcpu->run->memory.flags =3D=3D KVM_MEMORY_EXIT_FLAG_PRIVATE); + continue; + } else if ( vcpu->run->exit_reason =3D=3D KVM_EXIT_IO && vcpu->run->io.port =3D=3D TDX_UPM_TEST_ACCEPT_PRINT_PORT) { uint64_t gpa =3D tdx_test_read_64bit( @@ -233,8 +240,53 @@ static void guest_upm_explicit(void) tdx_test_success(); } =20 +static void guest_upm_implicit(void) +{ + struct tdx_upm_test_area *test_area_gva_private =3D + (struct tdx_upm_test_area *)TDX_UPM_TEST_AREA_GVA_PRIVATE; + struct tdx_upm_test_area *test_area_gva_shared =3D + (struct tdx_upm_test_area *)TDX_UPM_TEST_AREA_GVA_SHARED; + + /* Check: host reading private memory does not modify guest's view */ + fill_test_area(test_area_gva_private, PATTERN_GUEST_GENERAL); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST); + + TDX_UPM_TEST_ASSERT( + check_test_area(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + /* Use focus area as shared */ + fill_focus_area(test_area_gva_shared, PATTERN_GUEST_FOCUS); + + /* General areas should not be affected */ + TDX_UPM_TEST_ASSERT( + check_general_areas(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_SHARED_MEMORY_FROM_HOST); + + /* Check that guest has the same view of shared memory */ + TDX_UPM_TEST_ASSERT( + check_focus_area(test_area_gva_shared, PATTERN_HOST_FOCUS)); + + /* Use focus area as private */ + fill_focus_area(test_area_gva_private, PATTERN_GUEST_FOCUS); + + /* General areas should be unaffected by remapping */ + TDX_UPM_TEST_ASSERT( + check_general_areas(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + tdx_test_report_to_user_space(SYNC_CHECK_READ_PRIVATE_MEMORY_FROM_HOST_AG= AIN); + + /* Check that guest can use private memory after focus area is remapped a= s private */ + TDX_UPM_TEST_ASSERT( + fill_and_check(test_area_gva_private, PATTERN_GUEST_GENERAL)); + + tdx_test_success(); +} + static void run_selftest(struct kvm_vm *vm, struct kvm_vcpu *vcpu, - struct tdx_upm_test_area *test_area_base_hva) + struct tdx_upm_test_area *test_area_base_hva, + bool implicit) { vcpu_run(vcpu); TDX_TEST_CHECK_GUEST_FAILURE(vcpu); @@ -253,7 +305,7 @@ static void run_selftest(struct kvm_vm *vm, struct kvm_= vcpu *vcpu, TEST_ASSERT(check_test_area(test_area_base_hva, PATTERN_CONFIDENCE_CHECK), "Host should read PATTERN_CONFIDENCE_CHECK from guest's private memory."= ); =20 - vcpu_run_and_manage_memory_conversions(vm, vcpu); + vcpu_run_and_manage_memory_conversions(vm, vcpu, implicit); TDX_TEST_CHECK_GUEST_FAILURE(vcpu); TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, TDX_TEST_REPORT_SIZE, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); @@ -270,7 +322,7 @@ static void run_selftest(struct kvm_vm *vm, struct kvm_= vcpu *vcpu, TEST_ASSERT(check_focus_area(test_area_base_hva, PATTERN_HOST_FOCUS), "Host should be able to use shared memory."); =20 - vcpu_run_and_manage_memory_conversions(vm, vcpu); + vcpu_run_and_manage_memory_conversions(vm, vcpu, implicit); TDX_TEST_CHECK_GUEST_FAILURE(vcpu); TDX_TEST_ASSERT_IO(vcpu, TDX_TEST_REPORT_PORT, TDX_TEST_REPORT_SIZE, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); @@ -319,18 +371,20 @@ static void guest_ve_handler(struct ex_regs *regs) TDX_UPM_TEST_ASSERT(!ret); } =20 -static void verify_upm_test(void) +static void verify_upm_test(bool implicit) { struct kvm_vm *vm; struct kvm_vcpu *vcpu; =20 + void *guest_code; vm_vaddr_t test_area_gva_private; struct tdx_upm_test_area *test_area_base_hva; uint64_t test_area_npages; =20 vm =3D td_create(); td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); - vcpu =3D td_vcpu_add(vm, 0, guest_upm_explicit); + guest_code =3D implicit ? guest_upm_implicit : guest_upm_explicit; + vcpu =3D td_vcpu_add(vm, 0, guest_code); =20 vm_install_exception_handler(vm, VE_VECTOR, guest_ve_handler); =20 @@ -370,13 +424,26 @@ static void verify_upm_test(void) =20 td_finalize(vm); =20 - printf("Verifying UPM functionality: explicit MapGPA\n"); + if (implicit) + printf("Verifying UPM functionality: implicit conversion\n"); + else + printf("Verifying UPM functionality: explicit MapGPA\n"); =20 - run_selftest(vm, vcpu, test_area_base_hva); + run_selftest(vm, vcpu, test_area_base_hva, implicit); =20 kvm_vm_free(vm); } =20 +void verify_upm_test_explicit(void) +{ + verify_upm_test(false); +} + +void verify_upm_test_implicit(void) +{ + verify_upm_test(true); +} + int main(int argc, char **argv) { /* Disable stdout buffering */ @@ -388,5 +455,6 @@ int main(int argc, char **argv) return 0; } =20 - run_in_new_process(&verify_upm_test); + run_in_new_process(&verify_upm_test_explicit); + run_in_new_process(&verify_upm_test_implicit); } --=20 2.39.0.246.g2a6d74b583-goog