From nobody Thu Dec 18 09:59:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9D6A847C for ; Sat, 18 Jan 2025 00:34:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160500; cv=none; b=rVh9X6mvRKR5o0/tSu6ay4v+QkT6gq+3kimihJvz9wXWT3w51ZPjo+Z43cvc7oo6l8by09wdIWAxxAGkMINx815NrQuHVLTq1wd8BHevzpNjFUo+gPRLEfomWNmhLo1T22hj7qZ+zGyprQGHezx1xpKxLTySk++hoZCynmPiIE0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160500; c=relaxed/simple; bh=eGHe5gF9I7lfcTZORHYZOxZxqC6xcvK6L3bhqa/xB0w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=q7ZyiBFGLmCUg+nHD2hqGlwXUBb48wGaYRX4i6IzLUxVJC6eED716HXcgF0JeH3uNx7/wFqzBop7UHHb4MrQvgyf6PFKCFggwbF1QoyRhWuKCbBJxh/U8asnPPgwVuK4ZOSvGcrAKnsvks0WIsO6CdikVH+kO5HqMrR2BV3mOF0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LvFvn/N4; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LvFvn/N4" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ee9f66cb12so5295927a91.1 for ; Fri, 17 Jan 2025 16:34:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737160498; x=1737765298; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0S5is2s74td8olw60SMBDSb7Un/PlX1cyabFTguZZXE=; b=LvFvn/N4cnBnXTt8XWxKRr2uAkshWQPaPdED1XaQZNK17ocnRViVGG+hMu4DtDVaYr 1UJZsWX/5DI0koOcIltzYkP0IGFQtf2uda1HfP30Wm+DYAKIou/X/xRVLGxWNHCyudn4 jh34rFSLApU+x++XMyqg4DbBH0yLSe/RmgTvzF7vfkb3Zo6jJ7+stK4tptjUAVdocIm5 trDWbNPgLOETevJ9V3roPn0U/hulTyTKZ0K42CvjVeDhTPxZHS8RCw/1y1Mw5TilL+Fe liZU9otEhfuQuWnhboePtbijYvwz1olhJY5PdzRCD987h600o8uDyLRFbPgr39P9oWoj bRhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737160498; x=1737765298; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0S5is2s74td8olw60SMBDSb7Un/PlX1cyabFTguZZXE=; b=AzwKN7hfarRdmxymMGjV2p1fCRHF+pzxUzuT47SMWvD8Q9T+LOYMVeYgiPumIueQHG xzo/w7Z6ftRpeKNm+DufgduexcGJUUUxwyT5TGDXrzQpvJqclXH1TO7I4+g87nsi69Ow W6tz/Ij3wl2DP11OM2iKIFJQ6gmxq0Pgz9KdaRmmcG+sOoM2pEUwCh1iNylyFFgYVSm1 KZSYIaAWH1ZqhKUck6NKFGW2Ju3tO7hsaevAo5if7gIOd61R+FydwhRnm57UTkMV2Xut on1d2woDWbotWcRcObtqSqrXCJ5UuWawThkoqMxojPoTmJG/T86sl2x+0POZ6zD6dmSZ Fw3A== X-Forwarded-Encrypted: i=1; AJvYcCUNmjb8p2OjYS9xCaJ9y9bRzcDpyP7bReskP+fJvNZkv6qxfeOjL68hkpuuGwu6bjgYFR3ZVxHoI821KgA=@vger.kernel.org X-Gm-Message-State: AOJu0YzBshUiP1hfWAEEx3f09povQe2Ar/tCJJgXyDIMObsbBRVso+JP 117FcB9B4I+7mwgiFYSx2HVFFusTEGhjPW1Naf8SACQFJNrnZIkcwnEHKO76sHTF6U5Clg0aN1w ZPQ== X-Google-Smtp-Source: AGHT+IHd4uHzHZdChMtxIJlYIYnRzZVH4GhDcfPnpmm3A9dFAICoxUGOFyvyMpEcWkNkINoiDwelqEqPznM= X-Received: from pjbdb14.prod.google.com ([2002:a17:90a:d64e:b0:2ee:3128:390f]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2e41:b0:2ee:f19b:86e5 with SMTP id 98e67ed59e1d1-2f782c71ec7mr7576221a91.14.1737160498146; Fri, 17 Jan 2025 16:34:58 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:34:51 -0800 In-Reply-To: <20250118003454.2619573-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118003454.2619573-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118003454.2619573-2-seanjc@google.com> Subject: [PATCH v2 1/4] KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel From: Sean Christopherson To: Vitaly Kuznetsov , Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Dongjie Zou Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Advertise support for Hyper-V's SEND_IPI and SEND_IPI_EX hypercalls if and only if the local API is emulated/virtualized by KVM, and explicitly reject said hypercalls if the local APIC is emulated in userspace, i.e. don't rely on userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID. Rejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if Hyper-V enlightenments are exposed to the guest without an in-kernel local APIC: dump_stack+0xbe/0xfd __kasan_report.cold+0x34/0x84 kasan_report+0x3a/0x50 __apic_accept_irq+0x3a/0x5c0 kvm_hv_send_ipi.isra.0+0x34e/0x820 kvm_hv_hypercall+0x8d9/0x9d0 kvm_emulate_hypercall+0x506/0x7e0 __vmx_handle_exit+0x283/0xb60 vmx_handle_exit+0x1d/0xd0 vcpu_enter_guest+0x16b0/0x24c0 vcpu_run+0xc0/0x550 kvm_arch_vcpu_ioctl_run+0x170/0x6d0 kvm_vcpu_ioctl+0x413/0xb20 __se_sys_ioctl+0x111/0x160 do_syscal1_64+0x30/0x40 entry_SYSCALL_64_after_hwframe+0x67/0xd1 Note, checking the sending vCPU is sufficient, as the per-VM irqchip_mode can't be modified after vCPUs are created, i.e. if one vCPU has an in-kernel local APIC, then all vCPUs have an in-kernel local APIC. Reported-by: Dongjie Zou Fixes: 214ff83d4473 ("KVM: x86: hyperv: implement PV IPI send hypercalls") Fixes: 2bc39970e932 ("x86/kvm/hyper-v: Introduce KVM_GET_SUPPORTED_HV_CPUID= ") Cc: stable@vger.kernel.org Reviewed-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- arch/x86/kvm/hyperv.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index 4f0a94346d00..44c88537448c 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -2226,6 +2226,9 @@ static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, str= uct kvm_hv_hcall *hc) u32 vector; bool all_cpus; =20 + if (!lapic_in_kernel(vcpu)) + return HV_STATUS_INVALID_HYPERCALL_INPUT; + if (hc->code =3D=3D HVCALL_SEND_IPI) { if (!hc->fast) { if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi, @@ -2852,7 +2855,8 @@ int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct kv= m_cpuid2 *cpuid, ent->eax |=3D HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED; ent->eax |=3D HV_X64_APIC_ACCESS_RECOMMENDED; ent->eax |=3D HV_X64_RELAXED_TIMING_RECOMMENDED; - ent->eax |=3D HV_X64_CLUSTER_IPI_RECOMMENDED; + if (!vcpu || lapic_in_kernel(vcpu)) + ent->eax |=3D HV_X64_CLUSTER_IPI_RECOMMENDED; ent->eax |=3D HV_X64_EX_PROCESSOR_MASKS_RECOMMENDED; if (evmcs_ver) ent->eax |=3D HV_X64_ENLIGHTENED_VMCS_RECOMMENDED; --=20 2.48.0.rc2.279.g1de40edade-goog From nobody Thu Dec 18 09:59:16 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 55C26EADA for ; Sat, 18 Jan 2025 00:35:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160501; cv=none; b=BP+fX2QDecHeW6D6AL3RTMyR5GhxmOcVtvILxfaDopc0UFTxGyM0tIPRPVtSnwJ/5iEofekN3KH+6if6lO90aG8bFcXDBKZ7gqxIbwjk9j1kTvRWMN8CLZzjYnlxwnRsdd0e4sVdMRe8ruqEkOys9dhDhXFjNyXXBv5SdQbP3+o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160501; c=relaxed/simple; bh=3gXol23ksU6JtuPr+Jw5wqjRwQCBtE1n0YCNiBf6ZKA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=jdJMaQ6aG7NWSmgAUK+6hw3jOYOza5x5qECF33vGG4XUxt/0/tNthvNZ1KFSJURpDSi9hTo5zR8U9n6yolJcpmCB/M3oj/iC1Ppj9o5zQLvSd7yQubqrT1RUNZXuOUejEEONP8I4ivBQb436mXuOK6lG4J5E+RQK3ek82nsM8qs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=TnztHx5L; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="TnztHx5L" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2f46b7851fcso7396229a91.1 for ; Fri, 17 Jan 2025 16:35:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737160499; x=1737765299; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=x0SpMfbtuEd6NqDuUr8ZNIHs/tJYq4zVu8fned3kIyQ=; b=TnztHx5LeskfwOnHnrMdzIpCqIT05XEF24TyeEbRqz0YmvudVAO0hJjLu6Y/I9JlMy 2yDcHFq3PrZdX8oxyGqkkzKAxvIl52NCp4MHhuzO84Bh6ORd+p/c/SSD7OIDPIEsO6yl lnTlDPke3NOJSI3pnX2iqUe2v+83UKR+PdqKx14wicuPh1UYOUczlgdTj6FrxaX719jf h+8PBZgHr6O1UQnuf06Y9aAKupkamWKwg33eljfm8ah1z1CNeW8fcHZ5t/xNDsJZvF2D rP2g0XuFY4K+IO1vPiJDJODpUuJ0T5crxh4ZP0RWYMPgGPUVtgzS04a/fk++S3wFprlI R5oQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737160499; x=1737765299; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=x0SpMfbtuEd6NqDuUr8ZNIHs/tJYq4zVu8fned3kIyQ=; b=K9rIW0nNZXYfw7OhqAnNuA73XveM9wQEgt/5vZ+v1z44NeS1Ri1h6/mqZT9GCU7E0F DaVS/4dOf3dXP/o5k1ddgzvbPnLa2+hPP6aGkViark7MwvhSmoWUTtxI5vVNMFCCmXsA Na3QBw9CrqqZ8M3fHrN0JdBkRathl5TeeFkO/yFxrjJxI1x2OY8vdHTwod4DzCo+eslc FyzMPsjIM9SmjZzOc7+7cXq8YYWBL7HSiBRXl5Rndnc6smSyz5IHxYbF6ewSIy8zDnRu /3Mrmuc9/ZG92lJ064LynvZEnjBwDVv5YncuhZ57GukAYrGjbVTjNivUkUtRRrV2BUyd JS+w== X-Forwarded-Encrypted: i=1; AJvYcCU/Oq4z0Qq+V7Xea3zCKom5eznRxkbAJPC/8VBGNa1cc2K3/j11wicsZjqLKhAq1t5lgzA33RZmIJhrvHQ=@vger.kernel.org X-Gm-Message-State: AOJu0Yy+cXjtAEm/WonhGEUdZ6FOBU5MJusSfAir0UwO5U8vicXLz0f/ 9MOIjmgGgp8MJ6mZv0G05d6lVLFLnW+f0jqsQdR2UeQrt6Pl+PpbOooPWrz8gpVu7SnjS+JUbl3 49g== X-Google-Smtp-Source: AGHT+IE3Wt6yS/kbMTrKenM344NMz8PKtKuVuj/WIjxML6HUjTE3l4fOSrMgi5dj9FLjUxwJCF5Kbm4FO3M= X-Received: from pfbcg12.prod.google.com ([2002:a05:6a00:290c:b0:72d:b526:23ec]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:a883:b0:725:ab14:6249 with SMTP id d2e1a72fcca58-72daf9beb73mr7702048b3a.2.1737160499666; Fri, 17 Jan 2025 16:34:59 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:34:52 -0800 In-Reply-To: <20250118003454.2619573-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118003454.2619573-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118003454.2619573-3-seanjc@google.com> Subject: [PATCH v2 2/4] KVM: selftests: Mark test_hv_cpuid_e2big() static in Hyper-V CPUID test From: Sean Christopherson To: Vitaly Kuznetsov , Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Dongjie Zou Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Make the Hyper-V CPUID test's local helper test_hv_cpuid_e2big() static, it's not used outside of the test (and isn't intended to be). Reviewed-by: Vitaly Kuznetsov Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c b/tools/test= ing/selftests/kvm/x86_64/hyperv_cpuid.c index 4f5881d4ef66..9a0fcc713350 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c @@ -111,7 +111,7 @@ static void test_hv_cpuid(const struct kvm_cpuid2 *hv_c= puid_entries, } } =20 -void test_hv_cpuid_e2big(struct kvm_vm *vm, struct kvm_vcpu *vcpu) +static void test_hv_cpuid_e2big(struct kvm_vm *vm, struct kvm_vcpu *vcpu) { static struct kvm_cpuid2 cpuid =3D {.nent =3D 0}; int ret; --=20 2.48.0.rc2.279.g1de40edade-goog From nobody Thu Dec 18 09:59:16 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E83E127701 for ; Sat, 18 Jan 2025 00:35:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160503; cv=none; b=n/jFoz+CvUHiwDSjBP6fIIgfHrTdWrDqkFuvnp5m3wHiPVHd2wJQJ7CLG0PtsevJn2aP1F27uVWjEmdubt8dy7s6Zakei5BGXSs10wapFFGnLmNDGSD3AIdprEkdAbk4WriqVV3+CAuGPJgXUNRc++/kG5g4uYAfudB46i92Za0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160503; c=relaxed/simple; bh=SHTq2kDtgw9gkfy++/oIpJp+B4zXh2grXfh3cPHx9b8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=pXu3Pqhshqw3gCsPbbrWxEri0/PAfEUsWpjcmMeqgd9Yj/FBzDhaTFPNTG9pPp2/l/+fDClkLu7DzTeqiSCCa2XH0PYLPzS0Cceaz88ph4G/4o8PWWYnOWWtfqLWCmpzJOV2jr0BgHYdTAwkp0TKYCHRtfB0SrQ1hyrFpn27fb4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LHOvN3C4; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LHOvN3C4" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2167141e00eso53890805ad.2 for ; Fri, 17 Jan 2025 16:35:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737160501; x=1737765301; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=HRXEZ2l2lIq+cPb1+bgcVVd/Y4QYpoxYvkHlcCCt+hc=; b=LHOvN3C4PjjZboGOavajjL05VF2RbaiDtiG70r5PJKFfeaSXEXiIFG+Werh0tSBAIC RQ4Ahpc4wMImD1lQaC7WrEHJlALYAVJ5xFh/nuNRrDeIQAH9YGqjQHR95PKKB0HZyBdF Neb64b3jrEtpOcedkmjas9g+ezgXCHaYyhNlOFVn83Jnxqj/obxTN75/xYRkoXZ19JQG p/3/dMhVvFs7d0UhWo/87vgAEV95elmgcWULlbxVq7PPyTwjqWD8BsvvEu2pTUCLcPGQ ScvImRliofxNo5Hc1xwEyikUy/382qQQSXx0LMq9p9+mfW/g1DcxeWbjmhYaS+lOzCHf VZMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737160501; x=1737765301; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HRXEZ2l2lIq+cPb1+bgcVVd/Y4QYpoxYvkHlcCCt+hc=; b=Uns2Hjb3Gg+cAmhckjYGmh4BeUGMbTCxsUlqyav8WLQbuYdd/7L/yxnjlvDMfUezfe 0K5i9aDakPfgLNtX8pbs096JHMy0JMwWrcN326bYONHHp0S33ibFK1QI1bjtAWkF9IJT bpK1SLOk/WY0zQhNUFNAPx1NHI6EQCKKTHa8VwPsx+7S/9X/JbTXbqlMDuSf5yu1VtZE wBGdLp3pCN144Hp5j4VsrGh1IINsb/EIoN0mx2nJWpzTY3HrKXu32KBvQQhVwSCm1COU +eqxrJodHVn55KapC60O4NGzh1CvxCBu3sWEjS9NusHcZZcvT5Ng159XufkaF3XtJebg 5sPA== X-Forwarded-Encrypted: i=1; AJvYcCW4q+afbPjflrUTOv4uPl5DTT1110iiBU+JUagW0jAaXybCH/lL4x5HEg14V7AurxuckfhGvWZjAsviiDk=@vger.kernel.org X-Gm-Message-State: AOJu0YyR/GibqxodVtUUxgSUYGa+Zj0P1tvMJERqnkK+zzyVH340T6G0 Or5p6syXR2+1z13PbensjLgKwJdinmOZqiWIrkENLUGZcZpOcMLUPOyT1j/7HNFlzz2LgU1NKZq q1g== X-Google-Smtp-Source: AGHT+IEdL1a3dtHM8hqnKo2mq4PnvT6aTyCFLyiYxbWZnYz41X4lQpTCsFqPdOa0DVupvRidoIK5scNjGvc= X-Received: from pgbcl22.prod.google.com ([2002:a05:6a02:996:b0:7fc:fac3:7df6]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:7fa5:b0:1e1:c8f5:19ee with SMTP id adf61e73a8af0-1eb214dfdddmr7213773637.25.1737160501146; Fri, 17 Jan 2025 16:35:01 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:34:53 -0800 In-Reply-To: <20250118003454.2619573-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118003454.2619573-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118003454.2619573-4-seanjc@google.com> Subject: [PATCH v2 3/4] KVM: selftests: Manage CPUID array in Hyper-V CPUID test's core helper From: Sean Christopherson To: Vitaly Kuznetsov , Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Dongjie Zou Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Allocate, get, and free the CPUID array in the Hyper-V CPUID test in the test's core helper, instead of copy+pasting code at each call site. In addition to deduplicating a small amount of code, restricting visibility of the array to a single invocation of the core test prevents "leaking" an array across test cases. Passing in @vcpu to the helper will also allow pivoting on VM-scoped information without needing to pass more booleans, e.g. to conditionally assert on features that require an in-kernel APIC. To avoid use-after-free bugs due to overzealous and careless developers, opportunstically add a comment to explain that the system-scoped helper caches the Hyper-V CPUID entries, i.e. that the caller is not responsible for freeing the memory. Cc: Vitaly Kuznetsov Signed-off-by: Sean Christopherson Reviewed-by: Vitaly Kuznetsov --- .../selftests/kvm/x86_64/hyperv_cpuid.c | 30 +++++++++++-------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c b/tools/test= ing/selftests/kvm/x86_64/hyperv_cpuid.c index 9a0fcc713350..3188749ec6e1 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c @@ -41,13 +41,18 @@ static bool smt_possible(void) return res; } =20 -static void test_hv_cpuid(const struct kvm_cpuid2 *hv_cpuid_entries, - bool evmcs_expected) +static void test_hv_cpuid(struct kvm_vcpu *vcpu, bool evmcs_expected) { + const struct kvm_cpuid2 *hv_cpuid_entries; int i; int nent_expected =3D 10; u32 test_val; =20 + if (vcpu) + hv_cpuid_entries =3D vcpu_get_supported_hv_cpuid(vcpu); + else + hv_cpuid_entries =3D kvm_get_supported_hv_cpuid(); + TEST_ASSERT(hv_cpuid_entries->nent =3D=3D nent_expected, "KVM_GET_SUPPORTED_HV_CPUID should return %d entries" " (returned %d)", @@ -109,6 +114,13 @@ static void test_hv_cpuid(const struct kvm_cpuid2 *hv_= cpuid_entries, * entry->edx); */ } + + /* + * Note, the CPUID array returned by the system-scoped helper is a one- + * time allocation, i.e. must not be freed. + */ + if (vcpu) + free((void *)hv_cpuid_entries); } =20 static void test_hv_cpuid_e2big(struct kvm_vm *vm, struct kvm_vcpu *vcpu) @@ -129,7 +141,6 @@ static void test_hv_cpuid_e2big(struct kvm_vm *vm, stru= ct kvm_vcpu *vcpu) int main(int argc, char *argv[]) { struct kvm_vm *vm; - const struct kvm_cpuid2 *hv_cpuid_entries; struct kvm_vcpu *vcpu; =20 TEST_REQUIRE(kvm_has_cap(KVM_CAP_HYPERV_CPUID)); @@ -138,10 +149,7 @@ int main(int argc, char *argv[]) =20 /* Test vCPU ioctl version */ test_hv_cpuid_e2big(vm, vcpu); - - hv_cpuid_entries =3D vcpu_get_supported_hv_cpuid(vcpu); - test_hv_cpuid(hv_cpuid_entries, false); - free((void *)hv_cpuid_entries); + test_hv_cpuid(vcpu, false); =20 if (!kvm_cpu_has(X86_FEATURE_VMX) || !kvm_has_cap(KVM_CAP_HYPERV_ENLIGHTENED_VMCS)) { @@ -149,9 +157,7 @@ int main(int argc, char *argv[]) goto do_sys; } vcpu_enable_evmcs(vcpu); - hv_cpuid_entries =3D vcpu_get_supported_hv_cpuid(vcpu); - test_hv_cpuid(hv_cpuid_entries, true); - free((void *)hv_cpuid_entries); + test_hv_cpuid(vcpu, true); =20 do_sys: /* Test system ioctl version */ @@ -161,9 +167,7 @@ int main(int argc, char *argv[]) } =20 test_hv_cpuid_e2big(vm, NULL); - - hv_cpuid_entries =3D kvm_get_supported_hv_cpuid(); - test_hv_cpuid(hv_cpuid_entries, kvm_cpu_has(X86_FEATURE_VMX)); + test_hv_cpuid(NULL, kvm_cpu_has(X86_FEATURE_VMX)); =20 out: kvm_vm_free(vm); --=20 2.48.0.rc2.279.g1de40edade-goog From nobody Thu Dec 18 09:59:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4CF5455897 for ; Sat, 18 Jan 2025 00:35:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160504; cv=none; b=Eitqk/sftnNyoctTSfsz+uVVCce9mWJbDFue68XyfgoxXCqS/Lu9Qm7bWfMuqjJK1L9tIykNnQco+Zgld8tGDWSNrvE5zWM8WlxZ4DKBCsfz+9nwF4/QhNyTveiOlAar+m3pg9DBZbMASL2eNknSTj/IIv3EhTkLr0BJDC2+lQo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737160504; c=relaxed/simple; bh=M+FM8JkgaYrZl57UPJEKqk4HTQ5og7YrE3nrBQALWz8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=I8IytaQkrVpRtbQF1kCJKq2K9IbbJbKe6sbBftGSs+iBCpBsWCHVi8PlayWi7uN7OBD1/4OaaylMiqa3DU0pqIaP3/JIQZ1UCGv3Sd2ZW5eplsyTbUB1+bgYsHVj6ot6gklmwR1+zPKc2QuStosnS4BdZwK0lX3bKh2vTZn3ZMg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=I9T1dKEG; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="I9T1dKEG" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2ef79d9c692so7717613a91.0 for ; Fri, 17 Jan 2025 16:35:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737160502; x=1737765302; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=cl05ZUliPLXN59ib2RJa1JltTQzfK7DQwuddn7WHN1A=; b=I9T1dKEGMa++wPsxcRnwtvsYyBoG/yXsyeVtwKpDs29aNfFixTKXqZrtfGh3uvDD3q +H2/wgDt0NHizMIfL0QSP/hfd040aRpupB04U8GBUthKOqfe7giPWx5IJRlCUTCp8iXB UEswX6vDmgqFYTUE+uNqF5YqSZq0BI206jIUbLaClSAbXo03Yov7Cw9aeRTGr1SgUhkd Ms4x6Yvwbpd232kKykO15iuggFuXqYPv1DT81W5xiq1mDrHUm9bGI6CtZu2yxdmbhNOR oZhp4YtqPAzmRzW6fsky/G33J1XkN0IGXnLDlKLKlsB/Lz7djSUDiOgsHl+2rp8snzU/ OyCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737160502; x=1737765302; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cl05ZUliPLXN59ib2RJa1JltTQzfK7DQwuddn7WHN1A=; b=waeT4xlyopYvKC75xMRktXy3cIkU1Qkg4DUzZtC+djsYQlujKG8AXM1rxVzC/MdtdC kKrOPdfKJkYziWWFsYiOXycdjUSRrLIZ1owdPSxtyaoyHA3fEWg8q78Dl2X5YX1vluSS PQbXZPLW81kgMBoIZKVM3DKW5leZDbd3luvIq0a+YMiyaO0YbN4Ce8EUuZ6jcCvT7zm+ ifipuOmMGsE5O2brMFvEa3CJTqKb7l5Zo6t5PunpdFL4o6kolvx/Up1sWPEZnZZl9oV7 pJSHOL/6y8Ei5rdmKk0hmIX+v9waufwXsE4o+ifQcNExxnVKllKFvF5s3gqUlcvkHEqG NHVg== X-Forwarded-Encrypted: i=1; AJvYcCVxosFKEzWuitdnF/r5ScYXf/sS2wlVJpkI16JvzVj10ixcbFGID+1xUpqWQZzaNMke/7hG/izwMzOUGqU=@vger.kernel.org X-Gm-Message-State: AOJu0Yyk/eFlwKKnUHNOS31tWx+OdHoQhZGUWsL4DRbkeMFbB3/CSoQg I4DH0UYzROGh7WD51p/149xGEmCb6XPeN4pLqR/cAic3OVApA6hPbZ4jeMscnJJndljoZ2WC6Bn b3g== X-Google-Smtp-Source: AGHT+IHQoMle06kwl/jYSacrkQ0Aw9hacjyWr7GuGkDpttr40/QHVTT717DSO+tCgrdOhmz1HhwpSzAHs+o= X-Received: from pfbkp16.prod.google.com ([2002:a05:6a00:4650:b0:728:ec44:ed90]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:b96:b0:72a:bc6a:3a85 with SMTP id d2e1a72fcca58-72dafbb6205mr6756642b3a.22.1737160502655; Fri, 17 Jan 2025 16:35:02 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Jan 2025 16:34:54 -0800 In-Reply-To: <20250118003454.2619573-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250118003454.2619573-1-seanjc@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250118003454.2619573-5-seanjc@google.com> Subject: [PATCH v2 4/4] KVM: selftests: Add CPUID tests for Hyper-V features that need in-kernel APIC From: Sean Christopherson To: Vitaly Kuznetsov , Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Dongjie Zou Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add testcases to x86's Hyper-V CPUID test to verify that KVM advertises support for features that require an in-kernel local APIC appropriately, i.e. that KVM hides support from the vCPU-scoped ioctl if the VM doesn't have an in-kernel local APIC. Cc: Vitaly Kuznetsov Signed-off-by: Sean Christopherson Reviewed-by: Vitaly Kuznetsov --- tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c b/tools/test= ing/selftests/kvm/x86_64/hyperv_cpuid.c index 3188749ec6e1..8f26130dc30d 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_cpuid.c @@ -43,6 +43,7 @@ static bool smt_possible(void) =20 static void test_hv_cpuid(struct kvm_vcpu *vcpu, bool evmcs_expected) { + const bool has_irqchip =3D !vcpu || vcpu->vm->has_irqchip; const struct kvm_cpuid2 *hv_cpuid_entries; int i; int nent_expected =3D 10; @@ -85,12 +86,19 @@ static void test_hv_cpuid(struct kvm_vcpu *vcpu, bool e= vmcs_expected) entry->eax, evmcs_expected ); break; + case 0x40000003: + TEST_ASSERT(has_irqchip || !(entry->edx & BIT(19)), + "Synthetic Timers should require in-kernel APIC"); + break; case 0x40000004: test_val =3D entry->eax & (1UL << 18); =20 TEST_ASSERT(!!test_val =3D=3D !smt_possible(), "NoNonArchitecturalCoreSharing bit" " doesn't reflect SMT setting"); + + TEST_ASSERT(has_irqchip || !(entry->eax & BIT(10)), + "Cluster IPI (i.e. SEND_IPI) should require in-kernel APIC"); break; case 0x4000000A: TEST_ASSERT(entry->eax & (1UL << 19), @@ -145,9 +153,14 @@ int main(int argc, char *argv[]) =20 TEST_REQUIRE(kvm_has_cap(KVM_CAP_HYPERV_CPUID)); =20 - vm =3D vm_create_with_one_vcpu(&vcpu, guest_code); + /* Test the vCPU ioctl without an in-kernel local APIC. */ + vm =3D vm_create_barebones(); + vcpu =3D __vm_vcpu_add(vm, 0); + test_hv_cpuid(vcpu, false); + kvm_vm_free(vm); =20 /* Test vCPU ioctl version */ + vm =3D vm_create_with_one_vcpu(&vcpu, guest_code); test_hv_cpuid_e2big(vm, vcpu); test_hv_cpuid(vcpu, false); =20 --=20 2.48.0.rc2.279.g1de40edade-goog