On 11/15/2024 5:10 AM, Pratik R. Sampat wrote:
> This patch series extends the sev_init2 and the sev_smoke test to
> exercise the SEV-SNP VM launch workflow.
>
> Primarily, it introduces the architectural defines, its support in the SEV
> library and extends the tests to interact with the SEV-SNP ioctl()
> wrappers.
>
> Patch 1 - Do not advertize SNP on incompatible firmware
> Patch 2 - SNP test for KVM_SEV_INIT2
> Patch 3 - Add VMGEXIT helper
> Patch 4 - Introduce SEV+ VM type check
> Patch 5 - SNP iotcl() plumbing for the SEV library
> Patch 6 - Force set GUEST_MEMFD for SNP
> Patch 7 - Cleanups of smoke test - Decouple policy from type
> Patch 8 - SNP smoke test
>
> v4:
> 1. Remove SNP FW API version check in the test and ensure the KVM
> capability advertizes the presence of the feature. Retain the minimum
> version definitions to exercise these API versions in the smoke test.
> 2. Retained only the SNP smoke test and SNP_INIT2 test
> 3. The SNP architectural defined merged with SNP_INIT2 test patch
> 4. SNP shutdown merged with SNP smoke test patch
> 5. Add SEV VM type check to abstract comparisons and reduce clutter
> 6. Define a SNP default policy which sets bits based on the presence of
> SMT
> 7. Decouple privatization and encryption for it to be SNP agnostic
> 8. Assert for only positive tests using vm_ioctl()
> 9. Dropped tested-by tags
>
Tested-by: Srikanth Aithal <sraithal@amd.com>
> In summary - based on comments from Sean, I have primarily reduced the
> scope of this patch series to focus on breaking down the SNP smoke test
> patch (v3 - patch2) to first introduce SEV-SNP support and use this
> interface to extend the sev_init2 and the sev_smoke test.
>
> The rest of the v3 patchset that introduces ioctl, pre fault, fallocate
> and negative tests, will be re-worked and re-introduced subsequently in
> future patch series post addressing the issues discussed.
>
> v3:
> https://lore.kernel.org/kvm/20240905124107.6954-1-pratikrajesh.sampat@amd.com/
> 1. Remove the assignments for the prefault and fallocate test type
> enums.
> 2. Fix error message for sev launch measure and finish.
> 3. Collect tested-by tags [Peter, Srikanth]
>
> Any feedback/review is highly appreciated!
>
> Pratik R. Sampat (8):
> KVM: SEV: Disable SEV-SNP on FW validation failure
> KVM: selftests: SEV-SNP test for KVM_SEV_INIT2
> KVM: selftests: Add VMGEXIT helper
> KVM: selftests: Introduce SEV VM type check
> KVM: selftests: Add library support for interacting with SNP
> KVM: selftests: Force GUEST_MEMFD flag for SNP VM type
> KVM: selftests: Abstractions for SEV to decouple policy from type
> KVM: selftests: Add a basic SEV-SNP smoke test
>
> arch/x86/kvm/svm/sev.c | 4 +-
> drivers/crypto/ccp/sev-dev.c | 6 ++
> include/linux/psp-sev.h | 3 +
> .../selftests/kvm/include/x86_64/processor.h | 1 +
> .../selftests/kvm/include/x86_64/sev.h | 55 ++++++++++-
> tools/testing/selftests/kvm/lib/kvm_util.c | 7 +-
> .../selftests/kvm/lib/x86_64/processor.c | 4 +-
> tools/testing/selftests/kvm/lib/x86_64/sev.c | 98 ++++++++++++++++++-
> .../selftests/kvm/x86_64/sev_init2_tests.c | 13 +++
> .../selftests/kvm/x86_64/sev_smoke_test.c | 96 ++++++++++++++----
> 10 files changed, 258 insertions(+), 29 deletions(-)
>