From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6464B2505AF for ; Thu, 21 Aug 2025 04:29:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750567; cv=none; b=sHMjDx2cxGMYpUlkHkeiRh2FncwBnnrJgwMoVi84TWosgr83g4ZnghuPuLp0HWTAkAqvFSzhBSH7RU4x2Rz2SdXWi4kJcSiQhAdCP/YxwErFFm2GojD/AE2UVbRDEl6IcMblLkCgSLR6l2cL+VelHn9xYuaJ+BsuwA0se9BxHRY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750567; c=relaxed/simple; bh=CNyH3iLKYyXM2PucLKJJexKys2GtwF+RYJ7BGDIxHvI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=LvP3XxGAuKD29h0H3fA+4oBMMFw1HzCWkJmaQnTRRCzmBLnFHwBxpBIeIL1YAvmh1gdVsVyBSTcWugC8lH6aIkXJlA+vQxds5uCQiywIt12jyhgbXqsst9QVi3H2CkO3QIgtfa4guZTMPf28W+9nH5r0YAxODyiYj2DlTTkMpYo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=v3Dw/nm7; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="v3Dw/nm7" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-323266b700cso1374805a91.0 for ; Wed, 20 Aug 2025 21:29:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750566; x=1756355366; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=SBEsUjopqWPQAb2i5kfB0Dt1bw+I4tk4XbZtWvO+5Q0=; b=v3Dw/nm7XhpT2vIgkIS+HxkDU0KefU4c71Ml2M79+EhZW8l+R99SMV7nyzREXe8FR9 dZGOKABFzriGUxoW2+Vg7g4z/DPgiL1YLkZjCKIBgKz6OZdx6dMf+kq90qCCUK2eoeHG O7NQR9Upxd8ZYBokBOevCTCo2cuzJBd+An3w8ntIZqwBqNfjrFxw9lOFaB1YJ/Bn45Ji rFQ89z1gRfEYesyeO3r2VKpk/mFU1xAW64uE29J08sdQY+VQMMTUX09juWdWgvJPN+l6 cWGC2JOIPAcjJEWQKdHF279kJfoj3QQtjI9khoN6emTXHP4ZET7TqvKi0j8r/8eevl/V GFOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750566; x=1756355366; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=SBEsUjopqWPQAb2i5kfB0Dt1bw+I4tk4XbZtWvO+5Q0=; b=raIRC6NtV1kZi+LQnCA+Xgm1h0Lx5IxCV4aIrvjeBjzXzoD5eKkQNnLsopirVXl6Fc M3WB/V5XFieltRfXNJ77OCIxWCzqcIEtbNd4EzR3E9NUPqzSmnqb8HbskUOT2b6Eyu/N JLPBYGl+ssZL7iEl4vtYiiwrphKpfoESsMzRFOVjPC1qr6rG+DmEbtMtE+9Zw2f4hima BL6Ck5kyp5VovxupE3u3P5h5l/ff7733tN/94G0+ZNLhBWcwLjQeJfWN0M36b2GhGlCa bRToCcTijJt85xTwucARWXhU74/pW7+nNw9JNsZtFFFwM9SEDHnppDaxVCBS50RVtvfb f9GQ== X-Gm-Message-State: AOJu0YwBkPso0JITeAEj96Uk0NT+VIXhYlHe4RTTOhTnlaSDHnUCPDs5 C6AzyrX68wiqoHcfE/kXpZscNUHD9NzJ9D/Y7K9dioPu3gfeIHWs+vewTyLG/7rxL/rW3PL1b+O TgQ== X-Google-Smtp-Source: AGHT+IFYWwfWRedCl4TaEHt8DsZOpI9aKhsO1LVwtOPR4LokBo0OPUYbdS7T4gGWHlqrRzQ2RYeoQBN9pA== X-Received: from pjbqx8.prod.google.com ([2002:a17:90b:3e48:b0:321:b354:6b5c]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:53c7:b0:312:1ae9:152b with SMTP id 98e67ed59e1d1-324ed114c90mr1478574a91.23.1755750565556; Wed, 20 Aug 2025 21:29:25 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:54 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-2-sagis@google.com> Subject: [PATCH v9 01/19] KVM: selftests: Include overflow.h instead of redefining is_signed_type() From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Redefinition of is_signed_type() causes compilation warning for tests which use kselftest_harness. Replace the definition with linux/overflow.h Signed-off-by: Sagi Shahar Reviewed-by: Ira Weiny Tested-by: Ira Weiny --- tools/testing/selftests/kselftest_harness.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/testing/selftests/kselftest_harness.h b/tools/testing/se= lftests/kselftest_harness.h index 2925e47db995..a580a0d33c65 100644 --- a/tools/testing/selftests/kselftest_harness.h +++ b/tools/testing/selftests/kselftest_harness.h @@ -56,6 +56,7 @@ #include #include #include +#include #include #include #include @@ -751,8 +752,6 @@ for (; _metadata->trigger; _metadata->trigger =3D \ __bail(_assert, _metadata)) =20 -#define is_signed_type(var) (!!(((__typeof__(var))(-1)) < (__typeof_= _(var))1)) - #define __EXPECT(_expected, _expected_str, _seen, _seen_str, _t, _assert) = do { \ /* Avoid multiple evaluation of the cases */ \ __typeof__(_expected) __exp =3D (_expected); \ --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D34D927A108 for ; Thu, 21 Aug 2025 04:29:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750569; cv=none; b=o96K6zHoyQ/8yZDFnHkRnU+/MMsPQbU5THeuY1VnrzD46zSDjAUev+DTZ2wdRx7VqdMyYxM1uyGrtTPGPj62OXFLRfmpAS+jgg4uJncEXNXO5jcfHtlWk++aUeh1F2JGJ4HpSuKi63U0hbfXpT6ChsZ0hZsBvfqKovhCvE7YkF0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750569; c=relaxed/simple; bh=zv6FIq6T2D4dzhmzgUAB2L3Ur5jBTL/fvuA0Mkkyy30=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=g4NbXJHMkgkUGwJ2p8TMGwyEUl58USNtZZL9KqNUJMNnojv2Bcom5xgr3mNnSKfjAefhsG/xx+Os0/fskU7AhAlFsslJoz88pwJ7SmFi0SrW+hitEUezX3rx6jlv3xmxPGJbwGeckbpzuuo91Der+1WiyZjzB8R3H50TAzimtlM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=OA/XPXwc; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="OA/XPXwc" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b474d5ff588so429575a12.2 for ; Wed, 20 Aug 2025 21:29:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750567; x=1756355367; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=pSoL5yGq80yHyQhliQTZCs8Xn2sZ4IJIZQ/AIr3ktz0=; b=OA/XPXwcy6AL4rewcNCblLJxyhf5wdO+T9BWdbJtTT2jBG4ncEMHJZiskR40p0nZkQ A/NOkhNT6lM+6XlbAKRuGBo98iwzRSeVtlBV72yQbtqb9zk8Vs0oaD3AMqOuv0mCo/bJ jtD5mUyJ/UDg/h5cB3u3YuN0JT9ie8GC8/xrwogNsWv8aW3XnOdCiAsUB31sd/bWS8gx qFzJ0MfxvKCRldAa9HSIhS3HzIVeoautAl32BojAyytWNQRXV5+/EFUVmpyJ9qG4JvC3 gexVhUa2rdTu7rVTbsAsrTJiK5aJ7G8pRQT1yA5WEvSh1TAHqNS9hQzB3VYwB4dkcDaR deTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750567; x=1756355367; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pSoL5yGq80yHyQhliQTZCs8Xn2sZ4IJIZQ/AIr3ktz0=; b=tSei342TglNUeQOnBPkPl+9xiks4j/qlHU67jbpfVle4LTav6QBbtvGH3sDDaf4HXl t06p4uwQCE7o3msmAYw90zw9SA1Rrhq4EIh0kKP2QXOuART6pBVuqUPEqU++tgCYwCf4 GNaUy0BtkulhfBAtLEVn23dWP0YuRORKHx3EDqhgwsUDRLfrKB+8fsvFU6LgrjaaV0Ki D3qY1tvmbLAf3NSE+qDLvfh87CnqJJMJDclIdrROuii1tOxM0VUxSogMPmVEHsoo4UF0 c+ug58SFSyHttSAVQR/4GMSyKj+nVMyh4E0Lh0z42qOSp2yduMfWYzTT8bx4f/YLj0uO yYQg== X-Gm-Message-State: AOJu0YydiMzEhZaIc4NpYeXLv0npodm/cYxgsAraHeeEjqnBAIw59222 OrQF8tTyWbtqHfnW1nXZ/nJDJIYQtElzhTcuc37yqcaPA5izI9/BtgU/VPDt3Lz2xL6amHXafzy n+Q== X-Google-Smtp-Source: AGHT+IFzy47sIgRRcuXNryiWz69eC2dqNE9p2/+PJhLwuwKSwGj1Za3Zb8r/eXfaTtlojCZl+N9VPBLMvA== X-Received: from pjj13.prod.google.com ([2002:a17:90b:554d:b0:31f:b2f:aeed]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:3383:b0:243:78a:82b6 with SMTP id adf61e73a8af0-24330aaaee3mr1322859637.48.1755750567082; Wed, 20 Aug 2025 21:29:27 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:55 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-3-sagis@google.com> Subject: [PATCH v9 02/19] KVM: selftests: Allocate pgd in virt_map() as necessary From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" If virt_map() is called before any call to ____vm_vaddr_alloc() it will create the mapping using an invalid pgd. Add call to virt_pgd_alloc() as part of virt_map() before creating the mapping, similarly to ____vm_vaddr_alloc() Signed-off-by: Sagi Shahar Reviewed-by: Binbin Wu Reviewed-by: Ira Weiny --- tools/testing/selftests/kvm/lib/kvm_util.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index c3f5142b0a54..b4c8702ba4bd 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1609,6 +1609,7 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint= 64_t paddr, TEST_ASSERT(vaddr + size > vaddr, "Vaddr overflow"); TEST_ASSERT(paddr + size > paddr, "Paddr overflow"); =20 + virt_pgd_alloc(vm); while (npages--) { virt_pg_map(vm, vaddr, paddr); sparsebit_set(vm->vpages_mapped, vaddr >> vm->page_shift); --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 685492E266E for ; Thu, 21 Aug 2025 04:29:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750571; cv=none; b=Wi2kvnzGRJfhcXdRwyJ3+TKI6C0Xx9nZdbfD0y5QcTN3UDLAC1AZvsYfgQip/D5aTmai5aP5s7qc3JN5e5TlAVNGYXBzujtSr6ruQAwbCUC6J4Nv/YLbs4YHt5aj2MsXSjb4QgMWQHqKBSKHSufmWdTqBxcRbAoQ25MT9q/nJ9w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750571; c=relaxed/simple; bh=oza6hx2ntzUZXObmix0KiLo9V3JboBdBQCO1cnzK8hQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=NdkQfvBWjBExWvQL9M3yyXk87HGjZGWC3nGK/PCNKLJfFqJF6syKLfYWaKbyWWn05Qsn7kkbRosU01wRVXmXCPzSNQouzjPqVFIh+gsaByuFGz9ZGHZ1EaHpe9vMDJD9E+g9so7bkQi1y2zNKvawrDdVPWFoOnl/jhMyEOATGYc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=eqN1UGq7; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="eqN1UGq7" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-323266c83f6so644357a91.0 for ; Wed, 20 Aug 2025 21:29:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750568; x=1756355368; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FRFEjTGnGKNT/7J5APntzZoA6CylwPAhIKfI752BiBs=; b=eqN1UGq77WT4zjkWFh+zFFBywaJjTNbP3Z8lGFQ3U5hJA7VM4Dhzn5uWV/C1mY6tp+ URcn/hAFcDkasv5MtTym9v4nZSRRZgl2t0UTpjRh+6KjFHcIE+Z/0bKlBPbhoWEPNPMj VYReKi8ToNBOiGDYMykMNCX7/ak+rFRlEuFRCEFQeLMroBxNnCV6FW3b/alCQQ2q70m9 4Dinxy/r6kEOJKWIHVTNYYgO4In1lNZ8PD1yOllUIl0nX4mM+oksFgW/HgqwHqPV0UQA P/X1N3G/XFbShmk2pPDjwxzdUBvOdHU6P6fvEKtUrGP6OihhzbIbtCWPtMffPeeWFwlk H9Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750568; x=1756355368; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FRFEjTGnGKNT/7J5APntzZoA6CylwPAhIKfI752BiBs=; b=pN5he5kvCjh7SwBILqbLt+QGTqEsUvkn15o1czft8rQRepegTrF/Ibz92t9GACRD1h flNsH4r/g3TAqwKz4zQe/iFPMpc8bxL6n66qM2OZCXKk0NKhuMYtiPMMt46LRfrEf5oB fEi8ZdQAh/iU57awmL7mkvCtIL6eZXON/CJrS1NHK+RnbqkcJbbIamDVbRsKtoEH/M55 BEurbP/8xtvTWzDT0229ufmsrxb2WA+o7uGirUXmxLAsVtf9Lqv+SLzWq0bO1okpCFHN mbpunsbvc//v3wFzFPVyNbRCBCPuIQyig+B6AR+GPT0FwKkXTV/cLPq1xYoBmH81FkDK oipA== X-Gm-Message-State: AOJu0YwFL//T1ie8sJrLIyZ5xHteAaA18r2HzjjbQBHPn8BJqitxLOiP aK0qu8d6uKxapbQhR8tNAkCtPwl0Cj2dTT3uPyChhmM60lmR6O9OB+6cLewAYFM0B+z6hnv8bL2 FaA== X-Google-Smtp-Source: AGHT+IGgXv0HXZJEaeYeMRs0Tu4Cdx9jcHbVap6aLHFdU7b6D7sdqdWyIH1R2tQe7TkoFGhR8InX65S0gA== X-Received: from pjbsl4.prod.google.com ([2002:a17:90b:2e04:b0:312:ea08:fa64]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2c90:b0:30a:3e8e:ea30 with SMTP id 98e67ed59e1d1-324eedf50bfmr1190919a91.11.1755750568559; Wed, 20 Aug 2025 21:29:28 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:56 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-4-sagis@google.com> Subject: [PATCH v9 03/19] KVM: selftests: Expose functions to get default sregs values From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX can't set sregs values directly using KVM_SET_SREGS. Expose the default values of certain sregs used by TDX VMs so they can be set manually. Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/processor.h | 6 +++ .../testing/selftests/kvm/lib/x86/processor.c | 41 +++++++++++++++---- 2 files changed, 40 insertions(+), 7 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te= sting/selftests/kvm/include/x86/processor.h index 2efb05c2f2fb..5c16507f9b2d 100644 --- a/tools/testing/selftests/kvm/include/x86/processor.h +++ b/tools/testing/selftests/kvm/include/x86/processor.h @@ -1026,6 +1026,12 @@ static inline struct kvm_cpuid2 *allocate_kvm_cpuid2= (int nr_entries) =20 void vcpu_init_cpuid(struct kvm_vcpu *vcpu, const struct kvm_cpuid2 *cpuid= ); =20 +uint16_t kvm_get_default_idt_limit(void); +uint16_t kvm_get_default_gdt_limit(void); +uint64_t kvm_get_default_cr0(void); +uint64_t kvm_get_default_cr4(void); +uint64_t kvm_get_default_efer(void); + static inline void vcpu_get_cpuid(struct kvm_vcpu *vcpu) { vcpu_ioctl(vcpu, KVM_GET_CPUID2, vcpu->cpuid); diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin= g/selftests/kvm/lib/x86/processor.c index d4c19ac885a9..b2a4b11ac8c0 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -488,6 +488,35 @@ static void kvm_seg_set_tss_64bit(vm_vaddr_t base, str= uct kvm_segment *segp) segp->present =3D 1; } =20 +uint16_t kvm_get_default_idt_limit(void) +{ + return NUM_INTERRUPTS * sizeof(struct idt_entry) - 1; +} + +uint16_t kvm_get_default_gdt_limit(void) +{ + return getpagesize() - 1; +} + +uint64_t kvm_get_default_cr0(void) +{ + return X86_CR0_PE | X86_CR0_NE | X86_CR0_PG; +} + +uint64_t kvm_get_default_cr4(void) +{ + uint64_t cr4 =3D X86_CR4_PAE | X86_CR4_OSFXSR; + + if (kvm_cpu_has(X86_FEATURE_XSAVE)) + cr4 |=3D X86_CR4_OSXSAVE; + return cr4; +} + +uint64_t kvm_get_default_efer(void) +{ + return EFER_LME | EFER_LMA | EFER_NX; +} + static void vcpu_init_sregs(struct kvm_vm *vm, struct kvm_vcpu *vcpu) { struct kvm_sregs sregs; @@ -498,15 +527,13 @@ static void vcpu_init_sregs(struct kvm_vm *vm, struct= kvm_vcpu *vcpu) vcpu_sregs_get(vcpu, &sregs); =20 sregs.idt.base =3D vm->arch.idt; - sregs.idt.limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1; + sregs.idt.limit =3D kvm_get_default_idt_limit(); sregs.gdt.base =3D vm->arch.gdt; - sregs.gdt.limit =3D getpagesize() - 1; + sregs.gdt.limit =3D kvm_get_default_gdt_limit(); =20 - sregs.cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG; - sregs.cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR; - if (kvm_cpu_has(X86_FEATURE_XSAVE)) - sregs.cr4 |=3D X86_CR4_OSXSAVE; - sregs.efer |=3D (EFER_LME | EFER_LMA | EFER_NX); + sregs.cr0 =3D kvm_get_default_cr0(); + sregs.cr4 |=3D kvm_get_default_cr4(); + sregs.efer |=3D kvm_get_default_efer(); =20 kvm_seg_set_unusable(&sregs.ldt); kvm_seg_set_kernel_code_64bit(&sregs.cs); --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D91E42E888C for ; Thu, 21 Aug 2025 04:29:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750572; cv=none; b=rXyARfQhI3mMf7y8hT8xrx5E8MFNiYNP1E7Cq2AWtIe/htPPMXvotIYpUDNbGRkHB3aIYhJDyp6DW3lp2ti8JvCM/lwEPAn8Rx/OG4HHEObEVV3qdyNnsXYFwtVuzFVYb1j2JfaqOMfEmYly5AIQ2avaCQRN90XXcYls72jCxxY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750572; c=relaxed/simple; bh=0Jrb3Ji8Kdw7g+EvrXjQHEn0QPEdvq7OtxqdSz4cQ/k=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XVR1OO/YYKFrwTa7s5MPjO5f3Fo4e1I4t81sZjI0OrNEkh21mLYL8aMIYukoZQAoxNPRMku8KuylGA9JMzDBcmqQDX7PQNIUBaxCqTyJWbaIXLCJXw0iV1bBmeo+lcu18RYxMlh/VsazCY6QlOOYavrBHtVya6fZ2n+lxf43W6E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=2ispsQFY; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="2ispsQFY" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-324f81677d7so122310a91.0 for ; Wed, 20 Aug 2025 21:29:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750570; x=1756355370; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Q7p1w/0nGP2+nuE3Sj/o2pc3RbjAseJgFmPLpSNz8fQ=; b=2ispsQFYbopr2DkXLfKyn5aWtHDMYvgnUWGAAJpU5CThp/+oCRajZYtUOMXyEcU6C2 wQwr7m+Wygu7Y4x+IOE3DhBU4OSromTgPSYAd3PmQIdsZb26I6NWtOVtewS9wk3QszOA NvcM1WbJEHgDmCj2qWwz1KpVR1O/gNBMKxDBlhiSKVSjit5Y5f/lgK7t7ec17cMje4gf +hBmyLCuPdgwq6qKXiADZ7FKmYSyrI4qoZ/2FTlRbYLP683RuXyWA2pHSorAUPDLtvzJ Ixzr7XVSJIReYJq02c83kbH1IDAtEbgXFNAkdUzzzP1TinCwbrwtNIRkIYpQD2kfAV/O v3eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750570; x=1756355370; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Q7p1w/0nGP2+nuE3Sj/o2pc3RbjAseJgFmPLpSNz8fQ=; b=qRqFMrcdIcnvrUxin1krYM9quWizLC6inN8QKjZPBvI3Sl98hEAP0YsLNbBL5mLSbH HTW2HUdeBOkicqvsGXZTlbMJq3MrEqMDZdox/F6/Z0abzt3HlbxwSoUs1tM8H7pMo3jq wjB+x06As4RSlEnIRvLE9At6ZUN2CJa2XyTGyYnISiEeKO3aXIW84twk7dxVtGXk91b6 zR2k4yi8lfDY4f+fwafnhbuXilfc9ujUn4NUwbCd1bstFXSWerACQMJJ0AaY74xSUa6W Y6B0Xsi8JnC/2oqJIJJRPTHZor9ZtQRYDgfvUvMdXwEUG498uIL2TSt3B9qP1bcpvRm/ X6Sw== X-Gm-Message-State: AOJu0Yzj0uvP7Lp2XhK+Itih7M6GcYRgvPen9ixwBbyiEVsPZi6CFFpi JJ3UwMZsb4f0mS5g0QiYcyQk9oT+fCTI0MUKvq3lmiflLvviECFd71ZWqDbckyN/65kkU39gBmt QLQ== X-Google-Smtp-Source: AGHT+IFYyHng4eo+BL8OQ8lBS0tjB4dYQ5kbVU0qukLxLoDrhgSCiNMa6RXzrgJnUdi0EatgPpu1Ry6ljA== X-Received: from pjbsd14.prod.google.com ([2002:a17:90b:514e:b0:321:78e7:57fb]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:1d4d:b0:312:1c83:58e7 with SMTP id 98e67ed59e1d1-324ed07eeb5mr1323651a91.1.1755750570205; Wed, 20 Aug 2025 21:29:30 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:57 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-5-sagis@google.com> Subject: [PATCH v9 04/19] KVM: selftests: Expose function to allocate guest vCPU stack From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX guests' registers cannot be initialized directly using vcpu_regs_set(), hence the stack pointer needs to be initialized by the guest itself, running boot code beginning at the reset vector. Expose the function to allocate the guest stack so that TDX initialization code can allocate it itself and skip the allocation in vm_arch_vcpu_add() in that case. Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/processor.h | 2 ++ tools/testing/selftests/kvm/lib/x86/processor.c | 17 ++++++++++++----- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te= sting/selftests/kvm/include/x86/processor.h index 5c16507f9b2d..8fcc5118683e 100644 --- a/tools/testing/selftests/kvm/include/x86/processor.h +++ b/tools/testing/selftests/kvm/include/x86/processor.h @@ -1111,6 +1111,8 @@ static inline void vcpu_clear_cpuid_feature(struct kv= m_vcpu *vcpu, vcpu_set_or_clear_cpuid_feature(vcpu, feature, false); } =20 +vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm); + uint64_t vcpu_get_msr(struct kvm_vcpu *vcpu, uint64_t msr_index); int _vcpu_set_msr(struct kvm_vcpu *vcpu, uint64_t msr_index, uint64_t msr_= value); =20 diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin= g/selftests/kvm/lib/x86/processor.c index b2a4b11ac8c0..1eae92957456 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -687,12 +687,9 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, = void *guest_code) vcpu_regs_set(vcpu, ®s); } =20 -struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) +vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm) { - struct kvm_mp_state mp_state; - struct kvm_regs regs; vm_vaddr_t stack_vaddr; - struct kvm_vcpu *vcpu; =20 stack_vaddr =3D __vm_vaddr_alloc(vm, DEFAULT_STACK_PGS * getpagesize(), DEFAULT_GUEST_STACK_VADDR_MIN, @@ -713,6 +710,15 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u= int32_t vcpu_id) "__vm_vaddr_alloc() did not provide a page-aligned address"); stack_vaddr -=3D 8; =20 + return stack_vaddr; +} + +struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) +{ + struct kvm_mp_state mp_state; + struct kvm_regs regs; + struct kvm_vcpu *vcpu; + vcpu =3D __vm_vcpu_add(vm, vcpu_id); vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid()); vcpu_init_sregs(vm, vcpu); @@ -721,7 +727,8 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, ui= nt32_t vcpu_id) /* Setup guest general purpose registers */ vcpu_regs_get(vcpu, ®s); regs.rflags =3D regs.rflags | 0x2; - regs.rsp =3D stack_vaddr; + if (vm->type !=3D KVM_X86_TDX_VM) + regs.rsp =3D kvm_allocate_vcpu_stack(vm); vcpu_regs_set(vcpu, ®s); =20 /* Setup the MP state */ --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54C892E8B77 for ; Thu, 21 Aug 2025 04:29:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750573; cv=none; b=I7I0tFp1wDxVc3QUhgW9vJK4fCi0ZwdbQQgEgyE6oBiXhM8u35fRGj9Vcz7CLEcMR0MfhtnP9/yB5eqFfM8piYqAIb6fb/oiN400R3lhunmkOD1XCQix4j/KsV7xIrz0EUbw1ZGVeeNS62wOE9HBeex7eOya60AocRKLFKnQcVE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750573; c=relaxed/simple; bh=tr/kYasvhaM7kVMspgyv9tdsJx7ARbBqJCQJSG2OYi0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=P1zgSxcOxBB5uhW5PCWhIzhOJ2zzJZY9AQPrZPSM/3Ai0d5v9mVcdMuiGN4SF9yzrd69e3CBXox6mo5QFiMMbx6PAAxnIh5BJta4axcYip/lTEgOXl681IiqUOWPa30t7mXj8LNuAnN/2kFXdL+OcAnJg+8BfWEbyu0WAPhkVSc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Ostrz5e6; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Ostrz5e6" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b47253319b8so383122a12.3 for ; Wed, 20 Aug 2025 21:29:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750571; x=1756355371; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=0NNhncePcfevR9BqJj7luu3cgXc4QyqZzLOry8PLvlQ=; b=Ostrz5e69/1I4BGr7xqfykKD8DXxoNG4gstXZp9p0ewTu/PZRZhtav5GrBUSLDlzy6 f06I5SvLSvU3WrkWskdL6bGqBwikz7TeSRIgvmB+FfJaWRagK+HsK/3UkdAfeHuH0nVp XNuqnO+sLK4wS7NL7z2P+zoODGHb/iICOu0XzbyeFkR6fWRXeOC9PhnZDZR669CNNN2v DVrvMR3DDbE7VPSxzsF+YmbxCpdOo/PFpN7PTomyHNyBQLKaYvcagFifVTGiTZzq15uo gwMnreUyuuXlUFvU3wNkwGeo7mdmDxkMToEmr5ABdO1TqIFT3HTTGS2qhv28LZAp4pJj t62Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750571; x=1756355371; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0NNhncePcfevR9BqJj7luu3cgXc4QyqZzLOry8PLvlQ=; b=WkQ2hDacghCciVJxxsWueD5bcnJwuaofEOVm/T14tDtMDq4Z+rj8baYmjhKImM/wyU ZRLFiu3dFTbUW0uw1w4sAUuPEpurWsFDsQrJbbiCeLMdfLt2g/9MuyswE0sjRseFPzyS dQM8oCwjCjZo3CPB4ILyy5mfne0J56VhProNSp3cSvY3ZwDxwUqjjlchknQgpLKwEszV QEQYryls3VgECOiJDjFHKwFWx2+pBwj63J33BgkdCkdxOdn1cPXvfk5qXxNVveeNi/1N 1HUslaulkcyvanIqhSWMDB539jfD1kmZsS/+SrfEZOtPphbfh/3Y6pW72n0vImonF2to 9Ocw== X-Gm-Message-State: AOJu0Ywc4nP70ZOTUIO2WOmVX2QTXxdEpsUqabvtIpPwsyPmjf891L6C RnNQG/+0LjTpkBZdmxoQ+uVIVyicL0Q3Cd11zS1CgRPf7XYONQEvlbBQ84bggI28l7kspCNEZCr N2A== X-Google-Smtp-Source: AGHT+IFHt8bMa7jB5MANhdG47UreNFuDH8fmYAoZds65ocGLlqKumuv8qls/N0mgvNCEDLrPY4SlSjc9EQ== X-Received: from pjyp4.prod.google.com ([2002:a17:90a:e704:b0:321:6924:af9a]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:f68b:b0:240:2145:e51f with SMTP id d9443c01a7336-245febe11dcmr17946895ad.3.1755750571576; Wed, 20 Aug 2025 21:29:31 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:58 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-6-sagis@google.com> Subject: [PATCH v9 05/19] KVM: selftests: Update kvm_init_vm_address_properties() for TDX From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Adrian Hunter Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata Let kvm_init_vm_address_properties() initialize vm->arch.{s_bit, tag_mask} similar to SEV. TDX sets the shared bit based on the guest physical address width and currently supports 48 and 52 widths. Co-developed-by: Adrian Hunter Signed-off-by: Adrian Hunter Signed-off-by: Isaku Yamahata Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/tdx/tdx_util.h | 14 ++++++++++++++ tools/testing/selftests/kvm/lib/x86/processor.c | 12 ++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h new file mode 100644 index 000000000000..286d5e3c24b1 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTESTS_TDX_TDX_UTIL_H +#define SELFTESTS_TDX_TDX_UTIL_H + +#include + +#include "kvm_util.h" + +static inline bool is_tdx_vm(struct kvm_vm *vm) +{ + return vm->type =3D=3D KVM_X86_TDX_VM; +} + +#endif // SELFTESTS_TDX_TDX_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin= g/selftests/kvm/lib/x86/processor.c index 1eae92957456..6dbf40cbbc2a 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -8,6 +8,7 @@ #include "kvm_util.h" #include "processor.h" #include "sev.h" +#include "tdx/tdx_util.h" =20 #ifndef NUM_INTERRUPTS #define NUM_INTERRUPTS 256 @@ -1190,12 +1191,19 @@ void kvm_get_cpu_address_width(unsigned int *pa_bit= s, unsigned int *va_bits) =20 void kvm_init_vm_address_properties(struct kvm_vm *vm) { + uint32_t gpa_bits =3D kvm_cpu_property(X86_PROPERTY_GUEST_MAX_PHY_ADDR); + + vm->arch.sev_fd =3D -1; + if (is_sev_vm(vm)) { vm->arch.sev_fd =3D open_sev_dev_path_or_exit(); vm->arch.c_bit =3D BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); vm->gpa_tag_mask =3D vm->arch.c_bit; - } else { - vm->arch.sev_fd =3D -1; + } else if (is_tdx_vm(vm)) { + TEST_ASSERT(gpa_bits =3D=3D 48 || gpa_bits =3D=3D 52, + "TDX: bad X86_PROPERTY_GUEST_MAX_PHY_ADDR value: %u", gpa_bits); + vm->arch.s_bit =3D 1ULL << (gpa_bits - 1); + vm->gpa_tag_mask =3D vm->arch.s_bit; } } =20 --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 87AAF2E8B97 for ; Thu, 21 Aug 2025 04:29:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750575; cv=none; b=kQlv+3s+SihnUSMSXL8ivxr0abhLXIh9yqWERIrLZTijhm+VTmxTRbvf+igtDw/aFyarxvEsmsbc3JNfP7iN/0zDNtwl0TIGRmT04tq9yjB4gH8Av/aga1ZNsGj8Q5H3djTMJid4OtQ73X2Y+zxfzk76ropyJuF13mzfdzqW7vQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750575; c=relaxed/simple; bh=1b3afp9FciLsZc7hNSUjoTR4x2Fj/jtBIEBYZswIO9M=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HBPVJ9ax6lDi4ZOdSKqnX7PO0TjAn4sNt3QZOir/3l2RoA/GCE2iVAcB0Rkduh/JXFEnzwT5QoI+EOTEpWVolQJTL+mBT/RhHhVK5TZ8oSAld4WKJ8j6vbS6+wldUK+tvY43/5rHN1HpMY7t/hGQXrpreznfTuftE6WxfuP28TA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=oLFexyJx; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="oLFexyJx" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-32326e21dd6so1272270a91.2 for ; Wed, 20 Aug 2025 21:29:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750573; x=1756355373; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=iXqpuVKtEF41FrGVua569uHSTz6fPFI9wc+GO39yc4A=; b=oLFexyJxZlVGYsNoIxhlKSE/A/JvLrhdfa8kdZg2DZfixb62JK/WFbK6VthmADl5Ye RuTL2rpRBa60pL2IbkVAf5rZ4wD1gXisw5J4W7OLeUcgP0nhqcikL2W0oeTt0iSpzUC/ rHo3RvEvFDbM8o2GS32XGNTM3Srle/0MVGGw7RIe8JzdfqNWGSOdIQ2oMHux+m/MNw4P +Joky79r0Ubi+3C0WJ18iECoqeGB7pySXfP07QEl68DhqiHWGMuvGceFEqJ5nQeSONgi qLMAZG4szzIfcy/q4nsW/DSa17ENKcV1/1koZ4ICbEX5enPV+BhCRhxCwIkrdOmIwbMh L0vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750573; x=1756355373; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=iXqpuVKtEF41FrGVua569uHSTz6fPFI9wc+GO39yc4A=; b=hZsPJqrWlnuzuexEuiZ7IFxblnf8EEvFGDFepvoh9SLXWYJFr6AAZjd6gE/RF3lroi jFv9PAy1nmnc049eIYumr+knTQmM4Xh4/sBKCMw5ug28PHxWDAvmxoCf+6e7+VT8FDvT r4m8YU+zuVKRe/ik0nh9gSKJmC0y3AXRjb4m0MFqXBAeumA48n6QHhg0F5MOK+LQRD0Z 2cTkLuz6qcKSlbA3Oih/89apuLBYRsxRa5KAMXW1YvL3B1iqCxwRFxZMdRCS5UZsuv9c BEaRHRbk0Fbe8WLzysEn7LP1rlnPmFHV1NzL3J0zmhSb8qt2drpWt9Mb84L2agEbujcI 7JkA== X-Gm-Message-State: AOJu0YyWz9Op5QZQuizQs9B7KoGYJG+VUb7+PA6+cpx4IZnArt3ecJnP ML8kC6dv5b/Tj/a15HQQUdaHR/Xhho1EALuJtbVQMCvOCIdPdNdP4udg90ObI1xEMgMvP2T0R6F 2iQ== X-Google-Smtp-Source: AGHT+IGzVARSsi6nHDnbmGE89/cao5FFITyy6Jqk7M5ZqZA+Zo+RcWCXp4Ofq+yExOFUmttBBEOz2ZSVvw== X-Received: from pjbnd12.prod.google.com ([2002:a17:90b:4ccc:b0:31c:2fe4:33b7]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:37c5:b0:311:e605:f60e with SMTP id 98e67ed59e1d1-324ed195f2emr1687094a91.20.1755750573060; Wed, 20 Aug 2025 21:29:33 -0700 (PDT) Date: Wed, 20 Aug 2025 21:28:59 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-7-sagis@google.com> Subject: [PATCH v9 06/19] KVM: selftests: Expose segment definitons to assembly files From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move kernel segment definitons to a separate file which can be included from assembly files. Signed-off-by: Sagi Shahar Reviewed-by: Ira Weiny --- .../selftests/kvm/include/x86/processor_asm.h | 12 ++++++++++++ tools/testing/selftests/kvm/lib/x86/processor.c | 5 +---- 2 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86/processor_asm.h diff --git a/tools/testing/selftests/kvm/include/x86/processor_asm.h b/tool= s/testing/selftests/kvm/include/x86/processor_asm.h new file mode 100644 index 000000000000..7e5386a85ca8 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/processor_asm.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Used for storing defines used by both processor.c and assembly code. + */ +#ifndef SELFTEST_KVM_PROCESSOR_ASM_H +#define SELFTEST_KVM_PROCESSOR_ASM_H + +#define KERNEL_CS 0x8 +#define KERNEL_DS 0x10 +#define KERNEL_TSS 0x18 + +#endif // SELFTEST_KVM_PROCESSOR_ASM_H diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin= g/selftests/kvm/lib/x86/processor.c index 6dbf40cbbc2a..4802fc81bea7 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -7,6 +7,7 @@ #include "test_util.h" #include "kvm_util.h" #include "processor.h" +#include "processor_asm.h" #include "sev.h" #include "tdx/tdx_util.h" =20 @@ -14,10 +15,6 @@ #define NUM_INTERRUPTS 256 #endif =20 -#define KERNEL_CS 0x8 -#define KERNEL_DS 0x10 -#define KERNEL_TSS 0x18 - vm_vaddr_t exception_handlers; bool host_cpu_is_amd; bool host_cpu_is_intel; --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 185072E8E0D for ; Thu, 21 Aug 2025 04:29:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750577; cv=none; b=XW5XK/38As9eHSoKcvwllv+3JK5+xkrNrluspay2UQxwm2sYJacLXm8sUOC37MV1Azr99s+iMHHqdUj6e10IjGPne0NyIt+nh6uhyvH3dHZ3Oory/ieOfLBBScP3ae4GWnyZkZ2GB76mrY7zSvWflnv7cg5eVCpXHJB4PAly8lk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750577; c=relaxed/simple; bh=vURJuaTJgpJrNoJtPEWt6WiaWS4FRfHo+2y+TWkm0fY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Mvbuj1U7Ol/tFGHXYEVmc5B92YFN4LK1xpFg/KHmB/0E/ebYZR7ZW09dwjaa6SeG0NYls4rTdBKidFJS+yzsUn4fzahGcdJk8m/eE0shj+t4txgJUIizh9EWHy6IGefhzE/ddwJEIWfRG873RAnB9mP93bA8ovTtQ31mJDS1FbI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=V2C72277; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="V2C72277" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e7ef21d52so1361386b3a.1 for ; Wed, 20 Aug 2025 21:29:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750574; x=1756355374; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=bHTIOBYSzMnE6EOZqw7vJKgl7xxjhcrY2TbGVLNzD4g=; b=V2C72277vkf/x+Ezh412qvmFQc8r/81Jmo52XfaMNV24hwbnnyk82h70KTSJ0b9sCI BZQyxWNNNZfGej4Tvi5IzTrfE0/mIC1utn/W9IcybBdFWT6ceieYKsR8uWfBRzq7EbK4 m0RGdE40KsPCWsjozVXcVVabGhhUw2rBMD8k4vUVQ3NeHtD0zP5gCOebrSS+3I4k8qDe 2koPoYxWuUYQTH5n+0VN6Gc9HU9kWvg+lodvSdeX2kxq8Rdy18QEdsqWrHTBN4H7Ydmv l0m2I63GHQsKPw2f07yLb+KpJG12UA+JwFuzDyVKiOsXgH9vmC77LGQ7zxTh6jGQogOx JMAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750574; x=1756355374; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bHTIOBYSzMnE6EOZqw7vJKgl7xxjhcrY2TbGVLNzD4g=; b=cmLLaTRfkWmjbm9uRu9gOQBVESreJX6vLdiFLsLBKuORoCDCEYPp6VwZ4pSTT9U8SS 16xI5N/iIiN1Pn1Ou8s0iBj8XpQiZ/fUMR3Ma3bDAqvcktlC004BDshZwETENf8Jy3NB y/ulVynpS0RfhwC2oehx1uU+WKg8e9dRMpNVFCnp1YwCIMWaS57SZLZc5/WwIKqOA2wm k4bULuXYTMKDsnl7Di755j4i+ktumIGXikhVSkkljPPZoS9fLukeqThxwrBq+/MuolOf IR6KFfiQ9pZyyJEaZjWh8Fwn3u8t5gnvn+72tySlXj5LERczfJQg5POCkU8lQuvUp6tt kGwg== X-Gm-Message-State: AOJu0YwQeSNGmMaTZBTEysS0ZgpUDcFx7uuyKf2liZaSqTPq9nNwQoSK ImjDFBfmc2g1WbuwHOVT3hHt8l60ZcRb/mA9Y6awyOCRXM2SBvr8CAYrE9Q0MKIPF5df/KCvAfk 1og== X-Google-Smtp-Source: AGHT+IEogHLnsU59K+YhiS8GmhysBJljBZUNk59MXmsUmcznnLFTw8hp+ugeBcYKsTqkVN1vpDAhUqwJkw== X-Received: from pjbta12.prod.google.com ([2002:a17:90b:4ecc:b0:311:c197:70a4]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:2446:b0:243:78a:82b3 with SMTP id adf61e73a8af0-24330ae0a9cmr1475818637.59.1755750574463; Wed, 20 Aug 2025 21:29:34 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:00 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-8-sagis@google.com> Subject: [PATCH v9 07/19] KVM: selftests: Add kbuild definitons From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add kbuild.h that can be used by files under tools/ Definitions are taken from the original definitions at include/linux/kbuild.h This is needed to expose values from c code to assembly code. Signed-off-by: Sagi Shahar --- tools/include/linux/kbuild.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 tools/include/linux/kbuild.h diff --git a/tools/include/linux/kbuild.h b/tools/include/linux/kbuild.h new file mode 100644 index 000000000000..62e20ba9380e --- /dev/null +++ b/tools/include/linux/kbuild.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef __TOOLS_LINUX_KBUILD_H +#define __TOOLS_LINUX_KBUILD_H + +#include + +#define DEFINE(sym, val) \ + asm volatile("\n.ascii \"->" #sym " %0 " #val "\"" : : "i" (val)) + +#define BLANK() asm volatile("\n.ascii \"->\"" : : ) + +#define OFFSET(sym, str, mem) \ + DEFINE(sym, offsetof(struct str, mem)) + +#define COMMENT(x) \ + asm volatile("\n.ascii \"->#" x "\"") + +#endif /* __TOOLS_LINUX_KBUILD_H */ --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DBCC9244685 for ; Thu, 21 Aug 2025 04:29:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750581; cv=none; b=g/sIlCmrD3sx3qc+KSAauxAYoNITn1dU32nowKXLanbslmEVHnHEhV//oyhCwybdaq7MI2qu/ItEeRuIXhRAT/BFzEtuzmTbzq/te79LcRo+iYA9IiybZa06mIoaLjoc5LlPh0hLAG0tEV/8qfoqx2cQ/UO1xnYwnAJ8Jd5sbgg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750581; c=relaxed/simple; bh=ZVougY0dY2ceOBEi33N2vgqPtFJB9JaguczwRJ00Jt0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=r+2yicuSKrBEjLXki1/WoiNUEXkEEOzS1v2wTO61wyhezQjcUhkIPwd6G2IHAIcb9ZocG7E9HiW+ubrMNALkwDuWCG8X7VRZt3WH5SJ6DJ0EbNPjAx+dmcPX+eu4E5DqLuaIt0jcBQS0M4S5vuRjN4z8PHgzIXehkPBtZ8Qg83g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=4Auc1pgo; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="4Auc1pgo" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-76e2eac3650so1891336b3a.2 for ; Wed, 20 Aug 2025 21:29:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750576; x=1756355376; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=qxaWAzbRUzLCtzcho8oC+x5AUN01HLmIiDUYO6cqfgU=; b=4Auc1pgo2ImEG6nvhTX6Gw5N/JP3kZd3qsWtWLGXe8Q7F4se6mQ6YES/6iMvE4Fovo 21CPmWBFNDdczswRCLWWW56rKtrOG1Bza/PYLII+An5GbQhetICFgN5o5s2Tozt3mdNK z8aAOb6Xca4vYbyHgRSKzHY4+4TURfbR8JjicV7dLMeij8ArP2UvL4WPlRqTL7t44M2I vbq7fxXPVqLA59ogOXMG7kK6WpimBsvRz72zsMx/pWGNi6vYJwtU/MeEgxhhuzU5TGYX w/vEP4I9Kk+vCROPyW9dGIx/WhCbM9jljC6tDjntPdE7iKrr+A5F/Cg8I+VWHkoM6qLF +TtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750576; x=1756355376; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=qxaWAzbRUzLCtzcho8oC+x5AUN01HLmIiDUYO6cqfgU=; b=OBDATkgq1Ill3a4YpZBTGbVEyMKKu/puD47d/EDJMX6Yz5IiCGAjiJqEZZPDvjONcU gCbc1JfpFXbas8ZfwTH8B8iHs7PSHUHnPXCkhOFAJXOJxAMyoTU+HnYcsWFboDDlHVfA 5RZaqGhjtkvFoktIk2Ojcgs+wvJGl/ybMhTMn+Two++0/UsGKR3YOXSKcokBYJetgREb XWPS8filZK0dsPOTEnjq6e08ikuBHe/aGqPp3BOB9EZYivHSQUtjOrpMuas5t+HTtiMW NsGtHmZLpdmy1bYVlVDoUcGuQpEh7CDa1G31Krd1Fazco6W9zvD+jvMZC78Uiejg1K/+ Eeqw== X-Gm-Message-State: AOJu0Yyc2LdwIXcJBQXUXpv+LkruoZRHt1KGZgvxDMhMgfEwJZNSwasF cU+4yhOOPY7w6ESsQZ0TEPjKpcPINtUOhxnTY3ugzAH6koOxdXTAYV2biGDWC3TZNxHd06MzYfr pdQ== X-Google-Smtp-Source: AGHT+IHnjpFoTbfwDN7Mg8/PDSYsq+ZuUsM1vByP70khuw6E+rVAxKF66kUKvJSM3bENe4ub1NMjckWTzQ== X-Received: from pfuv10.prod.google.com ([2002:a05:6a00:148a:b0:76e:2713:9ad0]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:238c:b0:749:b41:2976 with SMTP id d2e1a72fcca58-76ea30efd03mr1081092b3a.3.1755750575792; Wed, 20 Aug 2025 21:29:35 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:01 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-9-sagis@google.com> Subject: [PATCH v9 08/19] KVM: selftests: Define structs to pass parameters to TDX boot code From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX registers are inaccesible to KVM. Therefore we need a different mechanism to load boot parameters for TDX code. TDX boot code will read the registers values from memory and set the registers manually. This patch defines the data structures used to communicate between c code and the TDX assembly boot code which will be added in a later patch. Use kbuild.h to expose the offsets into the structs from c code to assembly code. Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 18 +++++ .../selftests/kvm/include/x86/tdx/td_boot.h | 76 +++++++++++++++++++ .../kvm/lib/x86/tdx/td_boot_offsets.c | 21 +++++ 3 files changed, 115 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot.h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets= .c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index f6fe7a07a0a2..f4686445c197 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -19,6 +19,8 @@ LIBKVM +=3D lib/userfaultfd_util.c =20 LIBKVM_STRING +=3D lib/string_override.c =20 +LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c + LIBKVM_x86 +=3D lib/x86/apic.c LIBKVM_x86 +=3D lib/x86/handlers.S LIBKVM_x86 +=3D lib/x86/hyperv.c @@ -229,6 +231,10 @@ OVERRIDE_TARGETS =3D 1 include ../lib.mk include ../cgroup/lib/libcgroup.mk =20 +# Enable Kbuild tools. +include $(top_srcdir)/scripts/Kbuild.include +include $(top_srcdir)/scripts/Makefile.lib + INSTALL_HDR_PATH =3D $(top_srcdir)/usr LINUX_HDR_PATH =3D $(INSTALL_HDR_PATH)/include/ LINUX_TOOL_INCLUDE =3D $(top_srcdir)/tools/include @@ -281,6 +287,7 @@ LIBKVM_S :=3D $(filter %.S,$(LIBKVM)) LIBKVM_C_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_C)) LIBKVM_S_OBJ :=3D $(patsubst %.S, $(OUTPUT)/%.o, $(LIBKVM_S)) LIBKVM_STRING_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_STRING)) +LIBKVM_ASM_DEFS_OBJ +=3D $(patsubst %.c, $(OUTPUT)/%.s, $(LIBKVM_ASM_DEFS)) LIBKVM_OBJS =3D $(LIBKVM_C_OBJ) $(LIBKVM_S_OBJ) $(LIBKVM_STRING_OBJ) $(LIB= CGROUP_O) SPLIT_TEST_GEN_PROGS :=3D $(patsubst %, $(OUTPUT)/%, $(SPLIT_TESTS)) SPLIT_TEST_GEN_OBJ :=3D $(patsubst %, $(OUTPUT)/$(ARCH)/%.o, $(SPLIT_TESTS= )) @@ -307,6 +314,7 @@ $(SPLIT_TEST_GEN_OBJ): $(OUTPUT)/$(ARCH)/%.o: $(ARCH)/%= .c =20 EXTRA_CLEAN +=3D $(GEN_HDRS) \ $(LIBKVM_OBJS) \ + $(LIBKVM_ASM_DEFS_OBJ) \ $(SPLIT_TEST_GEN_OBJ) \ $(TEST_DEP_FILES) \ $(TEST_GEN_OBJ) \ @@ -318,18 +326,28 @@ $(LIBKVM_C_OBJ): $(OUTPUT)/%.o: %.c $(GEN_HDRS) $(LIBKVM_S_OBJ): $(OUTPUT)/%.o: %.S $(GEN_HDRS) $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ =20 +$(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE + $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -S $< -o $@ + # Compile the string overrides as freestanding to prevent the compiler from # generating self-referential code, e.g. without "freestanding" the compil= er may # "optimize" memcmp() by invoking memcmp(), thus causing infinite recursio= n. $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@ =20 +$(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot= _offsets.s FORCE + $(call filechk,offsets,__TDX_BOOT_OFFSETS_H__) + +EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h + $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS)))) $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS) $(TEST_GEN_PROGS): $(LIBKVM_OBJS) $(TEST_GEN_PROGS_EXTENDED): $(LIBKVM_OBJS) $(TEST_GEN_OBJ): $(GEN_HDRS) =20 +FORCE: + cscope: include_paths =3D $(LINUX_TOOL_INCLUDE) $(LINUX_HDR_PATH) include = lib .. cscope: $(RM) cscope.* diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/= testing/selftests/kvm/include/x86/tdx/td_boot.h new file mode 100644 index 000000000000..5cce671586e9 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h @@ -0,0 +1,76 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TD_BOOT_H +#define SELFTEST_TDX_TD_BOOT_H + +#include + +#include +#include + +/* + * Layout for boot section (not to scale) + * + * GPA + * _________________________________ 0x1_0000_0000 (4GB) + * | Boot code trampoline | + * |___________________________|____ 0x0_ffff_fff0: Reset vector (16B belo= w 4GB) + * | Boot code | + * |___________________________|____ td_boot will be copied here, so that = the + * | | jmp to td_boot is exactly at the rese= t vector + * | Empty space | + * | | + * |=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80| + * | | + * | | + * | Boot parameters | + * | | + * | | + * |___________________________|____ 0x0_ffff_0000: TD_BOOT_PARAMETERS_GPA + */ +#define FOUR_GIGABYTES_GPA (SZ_4G) + +/* + * The exact memory layout for LGDT or LIDT instructions. + */ +struct __packed td_boot_parameters_dtr { + uint16_t limit; + uint32_t base; +}; + +/* + * Allows each vCPU to be initialized with different eip and esp. + * + * __packed is used since the offsets are hardcoded in td_boot.S + * + * TODO: Replace hardcoded offsets with OFFSET(). This requires getting the + * neccesry Kbuild scripts working in KVM selftests. + */ +struct td_per_vcpu_parameters { + uint32_t esp_gva; + uint64_t guest_code; +}; + +/* + * Boot parameters for the TD. + * + * Unlike a regular VM, KVM cannot set registers such as esp, eip, etc + * before boot, so to run selftests, these registers' values have to be + * initialized by the TD. + * + * This struct is loaded in TD private memory at TD_BOOT_PARAMETERS_GPA. + * + * The TD boot code will read off parameters from this struct and set up t= he + * vCPU for executing selftests. + * + * __packed is used since the offsets are hardcoded in td_boot.S + */ +struct td_boot_parameters { + uint32_t cr0; + uint32_t cr3; + uint32_t cr4; + struct td_boot_parameters_dtr gdtr; + struct td_boot_parameters_dtr idtr; + struct td_per_vcpu_parameters per_vcpu[]; +}; + +#endif /* SELFTEST_TDX_TD_BOOT_H */ diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c b/to= ols/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c new file mode 100644 index 000000000000..7f76a3585b99 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: GPL-2.0 +#define COMPILE_OFFSETS + +#include + +#include "tdx/td_boot.h" + +static void __attribute__((used)) common(void) +{ + OFFSET(TD_BOOT_PARAMETERS_CR0, td_boot_parameters, cr0); + OFFSET(TD_BOOT_PARAMETERS_CR3, td_boot_parameters, cr3); + OFFSET(TD_BOOT_PARAMETERS_CR4, td_boot_parameters, cr4); + OFFSET(TD_BOOT_PARAMETERS_GDT, td_boot_parameters, gdtr); + OFFSET(TD_BOOT_PARAMETERS_IDT, td_boot_parameters, idtr); + OFFSET(TD_BOOT_PARAMETERS_PER_VCPU, td_boot_parameters, per_vcpu); + OFFSET(TD_PER_VCPU_PARAMETERS_ESP_GVA, td_per_vcpu_parameters, esp_gva); + OFFSET(TD_PER_VCPU_PARAMETERS_GUEST_CODE, td_per_vcpu_parameters, + guest_code); + DEFINE(SIZEOF_TD_PER_VCPU_PARAMETERS, + sizeof(struct td_per_vcpu_parameters)); +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 345BB29B781 for ; Thu, 21 Aug 2025 04:29:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750580; cv=none; b=KP3uhjz7uXLvlgB4nCfBmGSOXXSCGiSCumKa7YKuUp1BIN8Y5JF1wqfcaO5IGAwlnHHYxDWTMAXOLY/EyTSQWl19rk29sQoJo4fFwnNNFLUlnCJgoW2RDvob6OcpQjDpuocanRO8vjf3BSQ43iq3lIlTI8o1SKftSEPFg7oiwi0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750580; c=relaxed/simple; bh=WYSCahPc97Dp7a3hSBhRkaF2q4QSaC9BvZop9GqIJq0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Kb9+zvggdDxdOuq6GhzcWAeTgt1Fpvd1ZrcddwxWP+y2S2wgnQBdVj5c2Vp6Qc9o2ao9VL9KJTYfSL6hwVkysY8/M2wLDi+fNJhfIk0ED2oHf1ZgROcuEqAd4u9ckM0ykebAVTki5vIE551w+I00fGTvBc7g40XK9DuM7Kk5x1k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ALNRhTeW; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ALNRhTeW" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-32326e0c0baso640799a91.2 for ; Wed, 20 Aug 2025 21:29:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750577; x=1756355377; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=BuALvT5ZGfbYX3094HPDKOt5yW9fOwijgOQDunJFIKs=; b=ALNRhTeWIFz36ge7zoevUo40OoFy4wSdKP81Q+abYvV+k9QTHT9fmKlX4yqTlS+6wF UQnKYN3oTtHM3a4GMmC9KIsQjgvOqDX43R/goRksT47BwXO6mBB9VCdXBAll5in7SMuf ai3WtxLd9fMwT/ZtrIU+vgKLmVUDxMT8978auHnquT+HV9V6Ujhnj+0MYAA1m2DWavf5 FH/x9strnn/uGkpBwro5Gnf8X6Kz3c1y2GQsIrWMQVgg/tV9o2BI0I25OE6LIRb0l4tw Gp+CitOdT4N7FSV2cI3dO4qTt25Rg2Cm50ERxiewNukiEVdhBv6Ja+cpsM+b9FE0Lmry 2ZYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750577; x=1756355377; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=BuALvT5ZGfbYX3094HPDKOt5yW9fOwijgOQDunJFIKs=; b=efl+OMr8kar8AQAIQxGElXVyP+jcrMW26HYtAj8nOKv+N68+9dT99P7aK1ugKXJ8YZ 6/99bwtABLNK1UbPwh3HTmD5rPYKRsfZViA1I0pzDoTzdWCufZ3WxttMRVZLt2DUvFh4 h4mSZMunMP1pZzaj+aoq5AHnOUOD+X1prTM2bbfrrTCHwflh2IMnmf6e8ncHrbBn2pFa glP6ykMplX/aUmNvKU3n+rtmGRcp4sNJqJLTho1NPG3Hc25sGD0t9q/Upmt4j/qRwXd3 A4XEYulrB7i0UiflTw0u45F448Ovq1KrE1N/0F/dHaRUZP/qV5baTF0SxKKfe5IxIhxm 7p1A== X-Gm-Message-State: AOJu0Yzut1O29IOsxUr1BYoZ9P4DoX7bW3kEr8cqXZPvWHOiAEFVx0Q4 pyPxbCAZwhbek1bDWU6geY26DnYNISjNyJIdhcaQqiPl6nPxA9iYCfepZgrGU+/RrpZhOCOs76P uoQ== X-Google-Smtp-Source: AGHT+IFZTl3845re2w3FRi4UAPbxQNxCvZuTkjGFe41nQW/+9ddI/TXSY0XRR/XmOyMduRY3I8tioIhDfA== X-Received: from pjbsd6.prod.google.com ([2002:a17:90b:5146:b0:321:c475:716e]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:4c0a:b0:321:b953:85ad with SMTP id 98e67ed59e1d1-324ed12de31mr1451034a91.30.1755750577515; Wed, 20 Aug 2025 21:29:37 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:02 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-10-sagis@google.com> Subject: [PATCH v9 09/19] KVM: selftests: Add TDX boot code From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Erdem Aktas Add code to boot a TDX test VM. Since TDX registers are inaccesible to KVM, the boot code loads the relevant values from memory into the registers before jumping to the guest code. Signed-off-by: Erdem Aktas Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 3 + .../selftests/kvm/include/x86/tdx/td_boot.h | 5 ++ .../kvm/include/x86/tdx/td_boot_asm.h | 16 +++++ .../selftests/kvm/lib/x86/tdx/td_boot.S | 60 +++++++++++++++++++ 4 files changed, 84 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm= .h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index f4686445c197..03754ce2e983 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c LIBKVM_x86 +=3D lib/x86/svm.c LIBKVM_x86 +=3D lib/x86/ucall.c LIBKVM_x86 +=3D lib/x86/vmx.c +LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S =20 LIBKVM_arm64 +=3D lib/arm64/gic.c LIBKVM_arm64 +=3D lib/arm64/gic_v3.c @@ -335,6 +336,8 @@ $(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c $(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@ =20 +$(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86/tdx/td_boot_offsets= .h + $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot= _offsets.s FORCE $(call filechk,offsets,__TDX_BOOT_OFFSETS_H__) =20 diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/= testing/selftests/kvm/include/x86/tdx/td_boot.h index 5cce671586e9..65ccc65efaeb 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h @@ -73,4 +73,9 @@ struct td_boot_parameters { struct td_per_vcpu_parameters per_vcpu[]; }; =20 +void td_boot(void); +void td_boot_code_end(void); + +#define TD_BOOT_CODE_SIZE (td_boot_code_end - td_boot) + #endif /* SELFTEST_TDX_TD_BOOT_H */ diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h b/to= ols/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h new file mode 100644 index 000000000000..10b4b527595c --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTEST_TDX_TD_BOOT_ASM_H +#define SELFTEST_TDX_TD_BOOT_ASM_H + +/* + * GPA where TD boot parameters will be loaded. + * + * TD_BOOT_PARAMETERS_GPA is arbitrarily chosen to + * + * + be within the 4GB address space + * + provide enough contiguous memory for the struct td_boot_parameters su= ch + * that there is one struct td_per_vcpu_parameters for KVM_MAX_VCPUS + */ +#define TD_BOOT_PARAMETERS_GPA 0xffff0000 + +#endif // SELFTEST_TDX_TD_BOOT_ASM_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S b/tools/test= ing/selftests/kvm/lib/x86/tdx/td_boot.S new file mode 100644 index 000000000000..7aa33caa9a78 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S @@ -0,0 +1,60 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include "tdx/td_boot_asm.h" +#include "tdx/td_boot_offsets.h" +#include "processor_asm.h" + +.code32 + +.globl td_boot +td_boot: + /* In this procedure, edi is used as a temporary register. */ + cli + + /* Paging is off. */ + + movl $TD_BOOT_PARAMETERS_GPA, %ebx + + /* + * Find the address of struct td_per_vcpu_parameters for this + * vCPU based on esi (TDX spec: initialized with vCPU id). Put + * struct address into register for indirect addressing. + */ + movl $SIZEOF_TD_PER_VCPU_PARAMETERS, %eax + mul %esi + leal TD_BOOT_PARAMETERS_PER_VCPU(%ebx), %edi + addl %edi, %eax + + /* Setup stack. */ + movl TD_PER_VCPU_PARAMETERS_ESP_GVA(%eax), %esp + + /* Setup GDT. */ + leal TD_BOOT_PARAMETERS_GDT(%ebx), %edi + lgdt (%edi) + + /* Setup IDT. */ + leal TD_BOOT_PARAMETERS_IDT(%ebx), %edi + lidt (%edi) + + /* + * Set up control registers (There are no instructions to mov from + * memory to control registers, hence use edi as a scratch register). + */ + movl TD_BOOT_PARAMETERS_CR4(%ebx), %edi + movl %edi, %cr4 + movl TD_BOOT_PARAMETERS_CR3(%ebx), %edi + movl %edi, %cr3 + movl TD_BOOT_PARAMETERS_CR0(%ebx), %edi + movl %edi, %cr0 + + /* Switching to 64bit mode after ljmp and then jump to guest code */ + ljmp $(KERNEL_CS),$1f +1: + jmp *TD_PER_VCPU_PARAMETERS_GUEST_CODE(%eax) + +/* Leave marker so size of td_boot code can be computed. */ +.globl td_boot_code_end +td_boot_code_end: + +/* Disable executable stack. */ +.section .note.GNU-stack,"",%progbits --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 95BB42EA146 for ; Thu, 21 Aug 2025 04:29:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750581; cv=none; b=UvrLs5vhVAcKe8ChvfrK5dbEcWOtAyJ7YnNWZo6UmmcBWfFgvuAyA4U6wG+/RVvh57hw/qBbQJMrWg2TMCQHKc9HWVuqCFhwurrzzEWfkW6TgSljUMXLBjOz7mxA4cqVQHwESTSqqJbku97g7ERz9jg7iA0xJCTLfkfEV777RYA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750581; c=relaxed/simple; bh=NUi+wLh63XmU2/9e9btG6TTRvY/VrCTLCEnPp7jjenQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XljaoKwQ6lOIXhH6ZA+hsW5r0uUE2guti5mNvJGh2erjCLf9JAFq2P4P+M9rvH944mvfj0lR3SbtExGXcbRpBDpULiDY2/Of9wNi/e7hbNl+P5ZjlDNTij8BMGJc/6/E169u4ad4sEccWfY041XZST8hlPxViRcohCRnjHgSNuE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=CobjnBMe; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="CobjnBMe" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-24457ef983fso12959455ad.0 for ; Wed, 20 Aug 2025 21:29:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750579; x=1756355379; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=6Vju2IXdyDSNF7xuvLEH3C0LRA97fTr3t18ZFMFBtRU=; b=CobjnBMexNnMsTbdsljf+BxlCFI8X0URwqwLbgeUHN4JyGJNosiHmi91CvtvHslMI1 EXefOgxVhHdRkr8DtT4Ett+89JSB9OY0yNHDNNTBuDaU8e5oBpMLd58lty0gX0hxiNyu E6XllGuJ0UNvQTb/c5zPW54KvJEBGqlU34Sxfm7vS6S5z899Kjh3ts3qli1+qAEP6kZ+ s44gABaLKIc23oil7GZT7Cfhb42t5EgCjJkdgjZ0CSs1upkRcHysvqI1LOa2jWNOiRJA rpGOL75sQrsMozWVTkqTte1pALPvMSIbxqaYFiCP3ujHQBOyhOqdqfqMRvt3HAjsJ5k/ YkNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750579; x=1756355379; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=6Vju2IXdyDSNF7xuvLEH3C0LRA97fTr3t18ZFMFBtRU=; b=sCtc1bZVsPd5j3kLCx5D55s7wihDmUDa5m/hLWXgRWJG0OLas2BVl5gLZYdmdXnf7z 5VEHR+X/BobTDEVmjbMNcaSGQhBYPQ634AJkG7vYRocddvitBiQCmTP9I1niSwK+aPEk tikYa0CLHFiB/Qv1CdS9Azoc9PHjEmpZktMn98humFIObm9e13xtHpNwK1ruavuJVJfU fsl84H9vx7diDR4u5mS8sGVgoTYLe6NZjGj8TIKUOZfTJxSaj7QYxYrNj9eZ2gwoDeWZ +OS9kt0dhEVjY2aWjXb/KsVWh82S5fQUZRF5jBrPDNfb1AlBMXGkBWMOvBf0Dob2qBJc by1g== X-Gm-Message-State: AOJu0YwApcY0cNM23Afpk2lMlx0cdgK2gp2kkZLIYz+4eIVge21r/wFI uNJDfZRKI+kuM1gRQb2kPH96eJo1rvfxzah8IQdUNdToAXe2Z27zoe3jD+AarU7r7OHYgU5H1I6 kdw== X-Google-Smtp-Source: AGHT+IHtx93Wr+8FjzBgy9E/bSjt5H5ghDMawbNoFrIZtX1PPjx+tQDbbekIaI8BQILiBI45ztn0MUZiPA== X-Received: from pjbpl10.prod.google.com ([2002:a17:90b:268a:b0:321:44d1:ebab]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:f78b:b0:240:bf59:26ae with SMTP id d9443c01a7336-245fedb04abmr16890325ad.36.1755750578963; Wed, 20 Aug 2025 21:29:38 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:03 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-11-sagis@google.com> Subject: [PATCH v9 10/19] KVM: selftests: Set up TDX boot code region From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add memory for TDX boot code in a separate memslot. Use virt_map() to get identity map in this memory region to allow for seamless transition from paging disabled to paging enabled code. Copy the boot code into the memory region and set up the reset vectors at this point. While it's possible to separate the memory allocation and boot code initialization into separate functions, having all the calculations for memory size and offsets in one place simplifies the code and avoids duplications. Handcode the reset vector as suggested by Sean Christopherson. Suggested-by: Sean Christopherson Co-developed-by: Erdem Aktas Signed-off-by: Erdem Aktas Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/include/x86/tdx/tdx_util.h | 2 + .../selftests/kvm/lib/x86/tdx/tdx_util.c | 54 +++++++++++++++++++ 3 files changed, 57 insertions(+) create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 03754ce2e983..c42b579fb7c5 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c LIBKVM_x86 +=3D lib/x86/svm.c LIBKVM_x86 +=3D lib/x86/ucall.c LIBKVM_x86 +=3D lib/x86/vmx.c +LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S =20 LIBKVM_arm64 +=3D lib/arm64/gic.c diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h index 286d5e3c24b1..ec05bcd59145 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -11,4 +11,6 @@ static inline bool is_tdx_vm(struct kvm_vm *vm) return vm->type =3D=3D KVM_X86_TDX_VM; } =20 +void vm_tdx_setup_boot_code_region(struct kvm_vm *vm); + #endif // SELFTESTS_TDX_TDX_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c new file mode 100644 index 000000000000..15833b9eb5d5 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -0,0 +1,54 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include + +#include "kvm_util.h" +#include "processor.h" +#include "tdx/td_boot.h" +#include "tdx/tdx_util.h" + +/* Arbitrarily selected to avoid overlaps with anything else */ +#define TD_BOOT_CODE_SLOT 20 + +#define X86_RESET_VECTOR 0xfffffff0ul +#define X86_RESET_VECTOR_SIZE 16 + +void vm_tdx_setup_boot_code_region(struct kvm_vm *vm) +{ + size_t total_code_size =3D TD_BOOT_CODE_SIZE + X86_RESET_VECTOR_SIZE; + vm_paddr_t boot_code_gpa =3D X86_RESET_VECTOR - TD_BOOT_CODE_SIZE; + vm_paddr_t alloc_gpa =3D round_down(boot_code_gpa, PAGE_SIZE); + size_t nr_pages =3D DIV_ROUND_UP(total_code_size, PAGE_SIZE); + vm_paddr_t gpa; + uint8_t *hva; + + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, + alloc_gpa, + TD_BOOT_CODE_SLOT, nr_pages, + KVM_MEM_GUEST_MEMFD); + + gpa =3D vm_phy_pages_alloc(vm, nr_pages, alloc_gpa, TD_BOOT_CODE_SLOT); + TEST_ASSERT(gpa =3D=3D alloc_gpa, "Failed vm_phy_pages_alloc\n"); + + virt_map(vm, alloc_gpa, alloc_gpa, nr_pages); + hva =3D addr_gpa2hva(vm, boot_code_gpa); + memcpy(hva, td_boot, TD_BOOT_CODE_SIZE); + + hva +=3D TD_BOOT_CODE_SIZE; + TEST_ASSERT(hva =3D=3D addr_gpa2hva(vm, X86_RESET_VECTOR), + "Expected RESET vector at hva 0x%lx, got %lx", + (unsigned long)addr_gpa2hva(vm, X86_RESET_VECTOR), (unsigned long)hv= a); + + /* + * Handcode "JMP rel8" at the RESET vector to jump back to the TD boot + * code, as there are only 16 bytes at the RESET vector before RIP will + * wrap back to zero. Insert a trailing int3 so that the vCPU crashes + * in case the JMP somehow falls through. Note! The target address is + * relative to the end of the instruction! + */ + TEST_ASSERT(TD_BOOT_CODE_SIZE < 256, + "TD boot code not addressable by 'JMP rel8'"); + hva[0] =3D 0xeb; + hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE; + hva[2] =3D 0xcc; +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0CA172EA46B for ; Thu, 21 Aug 2025 04:29:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750582; cv=none; b=CxChTomWqfcNvrxwz015cLu+az5Hk9aPgGe6nyGHKpgia0psahnnAcbVSOE3fg7G0NHDYceOJCLp11VfuAg3ZBuExyUgmPK3LHHakLW3Jdj2bMaKR2nIzxuEYVaIl8joPG+ZFrAKQD9V2ilS0yQPR6qj1v5t8cVyZXlMyBQkQvQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750582; c=relaxed/simple; bh=FpYo1ms5I2w2FSdE2WWD0f2b2tjuJeIdKXug1uiSfdI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=aL8NGrk2Dk2Y73WPBG0+o0d7ak2GJ5rC0WfIvfGeIt3+gA985TOBwKoZs5p4HT9f4ukCaJsBK+IwdPYTD6hfDbrbnQ/+jpaludEbDrGQZSnY2fTE0rH4xQIirDxnmCHFF6uBFP8ngiIDawySIcWzAB8NHD3It47ZMrq4IuxJXIg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=TMCLAx3J; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="TMCLAx3J" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-323267bf596so736502a91.1 for ; Wed, 20 Aug 2025 21:29:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750580; x=1756355380; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=vSLWtY+GKeQEYDQMa4cXM5mk60zIsuzRFHdNMwLX5Fs=; b=TMCLAx3JI0xN3zGEV5FhYmjQZE6fKNaCDNmXH84zb8uyRdEO9TSKIGyknS5+4u5Cu+ bvF5NcnjtQUp9NxqW7hW1byu3dPAc+EAIaWun+GzUiFF0n7tn6afA9+AB5QBnnqSYAW/ azy23GO5lF2P9Enxk98InR/I2iZKNgjLIMpb6whlwNk18sxGcN8DfmaEJACu+KB5nyvy /D9jgTr8Z198qAdcMeoy2jVHc/caM10kzdwN/B6RNKkpCbNS7EHp8NwzvKq/MTV9SdgH 1CD4jw/3zsvz0P/dZMESuE5v//cCOz53inJ4v2yMZVSqgI3CjISVyOSE0LlIVoIcZoj1 EKpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750580; x=1756355380; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vSLWtY+GKeQEYDQMa4cXM5mk60zIsuzRFHdNMwLX5Fs=; b=XNd620WfMXKMRLq3V/u7jOsKI98qfO0pIh54BStLECw5cS/Iy8AQgk/nv9VwJ7/66p KitFErSX83NUChTYQwpp/QAZN9/6g5nUrC0Mw9cjBCW0LopxfuN36U3hR5tSd2GCOryd q1Bz4E/CK/w0dQuAXlU/94f6ZMXJ01lGLClZj33GKIlP+8mBS1Sx3dIlfSGRg3ntbENx ZLPPe/EQkOyv8A7PBvaikwKaLyzAnsXsc+mBXSJhhCcBbF7RYR6iOV4X8PXIkYkuk8Mj jv+8ZAuF5d8VgxjfoaxYJEUpiI3HfwAiHezbNqSUHyfaOGS51oMo1FWERjmC0ZOak8iQ ostg== X-Gm-Message-State: AOJu0YzEMJp+SqhDI56pwhQDtzuOMzB0i+N79srPE3SsL17l/ie72jPy E7IwHlJGfYDpp4ar3XPo0VMy+2RPxNOepcEuDmLQa7h03/BqIitNIcsgKYdNH4++xuulwiburWa oYA== X-Google-Smtp-Source: AGHT+IGE2GEJUcGNKEQmBkApaYqJ8IVfqmnRGMrQ0Rbu+EA1KbNaVBMaF+VhfLNDi6fLEoJVkODux/wMuA== X-Received: from pjboh13.prod.google.com ([2002:a17:90b:3a4d:b0:31f:26b:cc66]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:4a0e:b0:31a:ab75:6e45 with SMTP id 98e67ed59e1d1-324ed12d30emr1584154a91.28.1755750580482; Wed, 20 Aug 2025 21:29:40 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:04 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-12-sagis@google.com> Subject: [PATCH v9 11/19] KVM: selftests: Set up TDX boot parameters region From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Allocate memory for TDX boot parameters and define the utility functions necessary to fill this memory with the boot parameters. Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/tdx/tdx_util.h | 4 + .../selftests/kvm/lib/x86/tdx/tdx_util.c | 73 +++++++++++++++++++ 2 files changed, 77 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h index ec05bcd59145..dafdc7e46abe 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -12,5 +12,9 @@ static inline bool is_tdx_vm(struct kvm_vm *vm) } =20 void vm_tdx_setup_boot_code_region(struct kvm_vm *vm); +void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru= nnable_vcpus); +void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm); +void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *= vcpu); +void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code); =20 #endif // SELFTESTS_TDX_TDX_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c index 15833b9eb5d5..52dc25e0cce4 100644 --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -5,10 +5,12 @@ #include "kvm_util.h" #include "processor.h" #include "tdx/td_boot.h" +#include "tdx/td_boot_asm.h" #include "tdx/tdx_util.h" =20 /* Arbitrarily selected to avoid overlaps with anything else */ #define TD_BOOT_CODE_SLOT 20 +#define TD_BOOT_PARAMETERS_SLOT 21 =20 #define X86_RESET_VECTOR 0xfffffff0ul #define X86_RESET_VECTOR_SIZE 16 @@ -52,3 +54,74 @@ void vm_tdx_setup_boot_code_region(struct kvm_vm *vm) hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE; hva[2] =3D 0xcc; } + +void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru= nnable_vcpus) +{ + size_t boot_params_size =3D + sizeof(struct td_boot_parameters) + + nr_runnable_vcpus * sizeof(struct td_per_vcpu_parameters); + int npages =3D DIV_ROUND_UP(boot_params_size, PAGE_SIZE); + vm_paddr_t gpa; + + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, + TD_BOOT_PARAMETERS_GPA, + TD_BOOT_PARAMETERS_SLOT, npages, + KVM_MEM_GUEST_MEMFD); + gpa =3D vm_phy_pages_alloc(vm, npages, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PA= RAMETERS_SLOT); + TEST_ASSERT(gpa =3D=3D TD_BOOT_PARAMETERS_GPA, "Failed vm_phy_pages_alloc= \n"); + + virt_map(vm, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PARAMETERS_GPA, npages); +} + +void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm) +{ + struct td_boot_parameters *params =3D + addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA); + uint32_t cr4; + + TEST_ASSERT_EQ(vm->mode, VM_MODE_PXXV48_4K); + + cr4 =3D kvm_get_default_cr4(); + + /* TDX spec 11.6.2: CR4 bit MCE is fixed to 1 */ + cr4 |=3D X86_CR4_MCE; + + /* Set this because UEFI also sets this up, to handle XMM exceptions */ + cr4 |=3D X86_CR4_OSXMMEXCPT; + + /* TDX spec 11.6.2: CR4 bit VMXE and SMXE are fixed to 0 */ + cr4 &=3D ~(X86_CR4_VMXE | X86_CR4_SMXE); + + /* Set parameters! */ + params->cr0 =3D kvm_get_default_cr0(); + params->cr3 =3D vm->pgd; + params->cr4 =3D cr4; + params->idtr.base =3D vm->arch.idt; + params->idtr.limit =3D kvm_get_default_idt_limit(); + params->gdtr.base =3D vm->arch.gdt; + params->gdtr.limit =3D kvm_get_default_gdt_limit(); + + TEST_ASSERT(params->cr0 !=3D 0, "cr0 should not be 0"); + TEST_ASSERT(params->cr3 !=3D 0, "cr3 should not be 0"); + TEST_ASSERT(params->cr4 !=3D 0, "cr4 should not be 0"); + TEST_ASSERT(params->gdtr.base !=3D 0, "gdt base address should not be 0"); + TEST_ASSERT(params->idtr.base !=3D 0, "idt base address should not be 0"); +} + +void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *= vcpu) +{ + struct td_boot_parameters *params =3D + addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA); + struct td_per_vcpu_parameters *vcpu_params =3D + ¶ms->per_vcpu[vcpu->id]; + + vcpu_params->esp_gva =3D kvm_allocate_vcpu_stack(vm); +} + +void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code) +{ + struct td_boot_parameters *params =3D addr_gpa2hva(vcpu->vm, TD_BOOT_PARA= METERS_GPA); + struct td_per_vcpu_parameters *vcpu_params =3D ¶ms->per_vcpu[vcpu->id= ]; + + vcpu_params->guest_code =3D (uint64_t)guest_code; +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0C582EA732 for ; Thu, 21 Aug 2025 04:29:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750584; cv=none; b=AClBmVhEq296f/deaFK8RH8ZxWeXdh1/Ax4JxvQvPoGIbiVlUBkKrjyg2ondzK27xerP7SvZUGNxz+rO4MQ1ENf6nmdfjozQ/3AiQhRrH9j0Qv5v0KLFRDnen1d6dZotSOCS+MC2VjiutGkW6bqtIRnrK3HptxFwxSelXST3040= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750584; c=relaxed/simple; bh=lkWYI2eQ0TehZPSXSZi03dGPvv9GRnxw4MX+39Qfpbo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ub1fnrv3Kl9kNDJxFjgHg3TxhywFZkAM/qcW8GZXm7AO5cVu1xsavDTY86RsiNWauf0+HwzSUuBkvDZ4xr3bXKWFy9Bb7Rg/IL/wf1+sy/9Z0MH88O3LuEbU4/2nigfmYQJX/Gyr02tyHrIlDplph0Wr/p/va8vgcWm3RIMjI3I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Q1oS4jmV; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Q1oS4jmV" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-76e2eaecf8dso560247b3a.2 for ; Wed, 20 Aug 2025 21:29:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750582; x=1756355382; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=NDeNE5iAonDlUL7Pct+6ZOd+K+xrGXc16uekd91Q/5I=; b=Q1oS4jmVFg3KQV17ZJLIs5HkEQiNvO4PtV++LKtWOsdEioGYw99zV9jnDTgyD3u9Lw ddB0dNsRA6ta6p8BzeRZKzo0Go1TnCl7ca4/7Y/SVBr8HXjQEZsspewCWjDM7HQJ4Qsi vmvpwHeiYMLsyipQg0WiZ7smGYo1M0VsYqXhO8UK0XbfWvytp4UVxIgyF+XYg+oXrB9F gmDQsz8M30tmZnEUFasfTfOPNmAKx2LiA9kr8Ynn2h6noE4k/O3W63Plu7o3LxP0uW5L N6D4jNAPVqRKI0rAOoRUwhMdl87ZBSmisl1mvVsf++3xWDiregVaZ0SP0zpBe9hiszNF 0IBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750582; x=1756355382; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=NDeNE5iAonDlUL7Pct+6ZOd+K+xrGXc16uekd91Q/5I=; b=GoMp04fGaudnuEidWBW63pDuT/iwjYpCEI2CEHHlI4E0vDif9IHga7gPu9AkRQ9FF7 wceK+2BPy6slB+F96H9jiItUCylTqqwUE8LKgGZKR1xG5Ag48NwxEyOwMHMam3KOoQ3c bd5MRPymsKrPU7+fUDvPtTldEkk6geHJGi0A8n4klNjqWek5hTrCfeClH98QdW/3hYkw vkYIwQmF/ogh1mLHBLALXO7XdJZ1KmvSyXSnGHiTEHJMiPBdORST0jW6S4deU1jX4cIn T9Qtn5jqMYR0rd6LLG0gMx+yvoGSy1LPzo+F6Ni53Dp/2P7/etMi9d++xPWOPQSEPDKd cruQ== X-Gm-Message-State: AOJu0Yx9BUriuaeOJX5rVT18fFZGZY49JWB10k/L+GeW+Q8zcPzw+VUs 3wPNDvPTtfI+ruxthByfEPxowXfaTF4PoqGaueubiHRGQbvnFTt573iGgHWWt90IzTsThs0V6q6 xXQ== X-Google-Smtp-Source: AGHT+IHKRDJjcyAhzLb1tn5Uvi6wgzpSkDCOSrOrbDP+zZSi1YfnWwimSTZGf4qDx95GmmmvgAD4Y+Orjw== X-Received: from pfbdi1.prod.google.com ([2002:a05:6a00:4801:b0:76b:eff0:e9b7]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:3c8a:b0:76e:885a:c33e with SMTP id d2e1a72fcca58-76ea32708d5mr1139526b3a.28.1755750582085; Wed, 20 Aug 2025 21:29:42 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:05 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-13-sagis@google.com> Subject: [PATCH v9 12/19] KVM: selftests: Add helper to initialize TDX VM From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM_TDX_INIT_VM needs to be called after KVM_CREATE_VM and before creating any VCPUs, thus before KVM_SET_CPUID2. KVM_TDX_INIT_VM accepts the CPUID values directly. Since KVM_GET_CPUID2 can't be used at this point, calculate the CPUID values manually by using kvm_get_supported_cpuid() and filter the returned CPUIDs against the supported CPUID values read from the TDX module. Co-developed-by: Isaku Yamahata Signed-off-by: Isaku Yamahata Co-developed-by: Rick Edgecombe Signed-off-by: Rick Edgecombe Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/tdx/tdx_util.h | 54 +++++++ .../selftests/kvm/lib/x86/tdx/tdx_util.c | 132 ++++++++++++++++++ 2 files changed, 186 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h index dafdc7e46abe..a2509959c7ce 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -11,6 +11,60 @@ static inline bool is_tdx_vm(struct kvm_vm *vm) return vm->type =3D=3D KVM_X86_TDX_VM; } =20 +/* + * TDX ioctls + */ + +#define __vm_tdx_vm_ioctl(vm, cmd, metadata, arg) \ +({ \ + int r; \ + \ + union { \ + struct kvm_tdx_cmd c; \ + unsigned long raw; \ + } tdx_cmd =3D { .c =3D { \ + .id =3D (cmd), \ + .flags =3D (uint32_t)(metadata), \ + .data =3D (uint64_t)(arg), \ + } }; \ + \ + r =3D __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw); \ + r ?: tdx_cmd.c.hw_error; \ +}) + +#define vm_tdx_vm_ioctl(vm, cmd, flags, arg) \ +({ \ + int ret =3D __vm_tdx_vm_ioctl(vm, cmd, flags, arg); \ + \ + __TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd, ret, vm); \ +}) + +#define __vm_tdx_vcpu_ioctl(vcpu, cmd, metadata, arg) \ +({ \ + int r; \ + \ + union { \ + struct kvm_tdx_cmd c; \ + unsigned long raw; \ + } tdx_cmd =3D { .c =3D { \ + .id =3D (cmd), \ + .flags =3D (uint32_t)(metadata), \ + .data =3D (uint64_t)(arg), \ + } }; \ + \ + r =3D __vcpu_ioctl(vcpu, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw); \ + r ?: tdx_cmd.c.hw_error; \ +}) + +#define vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg) \ +({ \ + int ret =3D __vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg); \ + \ + __TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd, ret, (vcpu)->vm); \ +}) + +void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes); + void vm_tdx_setup_boot_code_region(struct kvm_vm *vm); void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru= nnable_vcpus); void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c index 52dc25e0cce4..3869756a5641 100644 --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -125,3 +125,135 @@ void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcp= u, void *guest_code) =20 vcpu_params->guest_code =3D (uint64_t)guest_code; } + +static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v= m) +{ + struct kvm_tdx_capabilities *tdx_cap =3D NULL; + int nr_cpuid_configs =3D 4; + int rc =3D -1; + int i; + + do { + nr_cpuid_configs *=3D 2; + + tdx_cap =3D realloc(tdx_cap, sizeof(*tdx_cap) + + sizeof(tdx_cap->cpuid) + + (sizeof(struct kvm_cpuid_entry2) * nr_cpuid_configs)); + TEST_ASSERT(tdx_cap, + "Could not allocate memory for tdx capability nr_cpuid_configs %d\n= ", + nr_cpuid_configs); + + tdx_cap->cpuid.nent =3D nr_cpuid_configs; + rc =3D __vm_tdx_vm_ioctl(vm, KVM_TDX_CAPABILITIES, 0, tdx_cap); + } while (rc < 0 && errno =3D=3D E2BIG); + + TEST_ASSERT(rc =3D=3D 0, "KVM_TDX_CAPABILITIES failed: %d %d", + rc, errno); + + pr_debug("tdx_cap: supported_attrs: 0x%016llx\n" + "tdx_cap: supported_xfam 0x%016llx\n", + tdx_cap->supported_attrs, tdx_cap->supported_xfam); + + for (i =3D 0; i < tdx_cap->cpuid.nent; i++) { + const struct kvm_cpuid_entry2 *config =3D &tdx_cap->cpuid.entries[i]; + + pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08= x ecx 0x%08x edx 0x%08x\n", + i, config->function, config->index, + config->eax, config->ebx, config->ecx, config->edx); + } + + return tdx_cap; +} + +static struct kvm_cpuid_entry2 *tdx_find_cpuid_config(struct kvm_tdx_capab= ilities *cap, + uint32_t leaf, uint32_t sub_leaf) +{ + struct kvm_cpuid_entry2 *config; + uint32_t i; + + for (i =3D 0; i < cap->cpuid.nent; i++) { + config =3D &cap->cpuid.entries[i]; + + if (config->function =3D=3D leaf && config->index =3D=3D sub_leaf) + return config; + } + + return NULL; +} + +/* + * Filter CPUID based on TDX supported capabilities + * + * Input Args: + * vm - Virtual Machine + * cpuid_data - CPUID fileds to filter + * + * Output Args: None + * + * Return: None + * + * For each CPUID leaf, filter out non-supported bits based on the capabil= ities reported + * by the TDX module + */ +static void vm_tdx_filter_cpuid(struct kvm_vm *vm, + struct kvm_cpuid2 *cpuid_data) +{ + struct kvm_tdx_capabilities *tdx_cap; + struct kvm_cpuid_entry2 *config; + struct kvm_cpuid_entry2 *e; + int i; + + tdx_cap =3D tdx_read_capabilities(vm); + + i =3D 0; + while (i < cpuid_data->nent) { + e =3D cpuid_data->entries + i; + config =3D tdx_find_cpuid_config(tdx_cap, e->function, e->index); + + if (!config) { + int left =3D cpuid_data->nent - i - 1; + + if (left > 0) + memmove(cpuid_data->entries + i, + cpuid_data->entries + i + 1, + sizeof(*cpuid_data->entries) * left); + cpuid_data->nent--; + continue; + } + + e->eax &=3D config->eax; + e->ebx &=3D config->ebx; + e->ecx &=3D config->ecx; + e->edx &=3D config->edx; + + i++; + } + + free(tdx_cap); +} + +void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes) +{ + struct kvm_tdx_init_vm *init_vm; + const struct kvm_cpuid2 *tmp; + struct kvm_cpuid2 *cpuid; + + tmp =3D kvm_get_supported_cpuid(); + + cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES); + memcpy(cpuid, tmp, kvm_cpuid2_size(tmp->nent)); + vm_tdx_filter_cpuid(vm, cpuid); + + init_vm =3D calloc(1, sizeof(*init_vm) + + sizeof(init_vm->cpuid.entries[0]) * cpuid->nent); + TEST_ASSERT(init_vm, "init_vm allocation failed"); + + memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent)); + free(cpuid); + + init_vm->attributes =3D attributes; + + vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm); + + free(init_vm); +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 66C912EAB89 for ; Thu, 21 Aug 2025 04:29:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750586; cv=none; b=hKhOkmV3EKWhAW1Elp9DrmvTgSAHDDatWGwYz4OqZD5+4OYtJ+ApfQsdcTOXUQkOoxU1raVcgwUZfRqkIamoxfxcqt6UVrJQB5IDQhUyM97MfpAeGDaTy4Fi2xQtn5GU2N5qeUZXPrySZj8N0zWySBFQhUHPtJxsC390bwYZXUc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750586; c=relaxed/simple; bh=8LW9fPqlqltwsHHnngmKu/oedqkqhCGSJV7BughN2D8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=jg69qWN0BrRfO62ByC6o869rz1TRy2jYOWKJqFWAefxQwlURrKIf+H9LbWEHOV/tJlemRzXZy7dy3PClTkAHHqwRzOQffaJXnCTQMZ1xhW1ibQI0oCDHIpz2KVKgPkPZ9TkrPj8BJHJH/hKoMw+iWpyVaUVdVdhu2lyYNjrARhI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Xs8hNWM/; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Xs8hNWM/" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b471757d82fso462987a12.3 for ; Wed, 20 Aug 2025 21:29:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750584; x=1756355384; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=0v8Xhqku7JbLYSzHfxNxFV/zNuQzZHa6ydPXR+w0a3o=; b=Xs8hNWM/wbZOpxKY2rua9bKgcOvvGUATzpLjyBXCipood0F923RUDdzy3y4NKMpYGs NlEzcblJ7v/cOhmmGIWzN7bpxKdUWgcEiE7/EXeV971Wmi1bWnxKwq7RpzZikyjF0LX9 I6Auj6Eb03Iic5LNBLXeg/7knEz2tTvHbKIQ+2TW4imekMVnv7xs5Jhd+QiCpylC5VvF +x7Si4aq0/+HxHj3m9daV+v526hPdYz9093Pxdi7vH34WesGp4+baHBTxgVOd/H2s8SI t5re4iOvxptjb2B4gTp4V4R48BEOxnUlB9BZV+h/BV2k+vBACTZGK4Hp791Yepa5Fqnm UX2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750584; x=1756355384; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=0v8Xhqku7JbLYSzHfxNxFV/zNuQzZHa6ydPXR+w0a3o=; b=AaBIMjWOXOxdk7rKXfImgcJzED6FdMYAT9y9/sBDf7ZJtE6Scz1v/VkCL2jcEUXkX0 Noyxj85emOSAB2yYDanPEZASqbG5wsWak+CiIq/kQMQvf0PwUMDETk7FxkpRmLnVucbT /ShaVbIwJhhuRtJx3sjEueaZ/QicUUReO9R5lCJtUKienKZTRGImIghkClKatel1YYFO UQsDoyx31oOPYQtBfhYBpQIGRhTXIncuD1+Qk/kGYoEfzwTbf31oG+98igMcoYXJE/MK I6EO77tSrAJI2ALyYA7tUimJ79ZypxC2LDtqj0CUkvbFSYmdAanLJZugMDvgPIU3St++ U/Uw== X-Gm-Message-State: AOJu0YwZdfAG3E2P0Z2cY0C8fZQFBk2FHrBVmXN+gab8nHnlTf0LSpPY sTnT1Q02JYzKvo4sC50TxOnfh6CGtskNK2C89Rtmvz9uhNKp0vzPYLsEOf0topcvE9nn8PJNDkz 5Tg== X-Google-Smtp-Source: AGHT+IHoYEwP7EzZ53USD2mIjc5qGUC3k55bBLYh38dEin6rSVJ2mTGlfcHpGpSYs073s+UjtI+o0y1iHQ== X-Received: from pjbli15.prod.google.com ([2002:a17:90b:48cf:b0:31f:1a3e:fe3b]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:3ca7:b0:243:755:58ae with SMTP id adf61e73a8af0-24330acb929mr1268174637.47.1755750583705; Wed, 20 Aug 2025 21:29:43 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:06 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-14-sagis@google.com> Subject: [PATCH v9 13/19] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Isaku Yamahata This also exercises the KVM_TDX_CAPABILITIES ioctl. Signed-off-by: Isaku Yamahata Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- .../selftests/kvm/lib/x86/tdx/tdx_util.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c index 3869756a5641..d8eab99d9333 100644 --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -232,6 +232,21 @@ static void vm_tdx_filter_cpuid(struct kvm_vm *vm, free(tdx_cap); } =20 +static void tdx_check_attributes(struct kvm_vm *vm, uint64_t attributes) +{ + struct kvm_tdx_capabilities *tdx_cap; + + tdx_cap =3D tdx_read_capabilities(vm); + + /* TDX spec: any bits 0 in supported_attrs must be 0 in attributes */ + TEST_ASSERT_EQ(attributes & ~tdx_cap->supported_attrs, 0); + + /* TDX spec: any bits 1 in attributes must be 1 in supported_attrs */ + TEST_ASSERT_EQ(attributes & tdx_cap->supported_attrs, attributes); + + free(tdx_cap); +} + void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes) { struct kvm_tdx_init_vm *init_vm; @@ -251,6 +266,8 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attribu= tes) memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent)); free(cpuid); =20 + tdx_check_attributes(vm, attributes); + init_vm->attributes =3D attributes; =20 vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm); --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C95062EB5B0 for ; Thu, 21 Aug 2025 04:29:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750587; cv=none; b=EmIE38vdpdUpqxYw9DBa2jkQ2sUGxKiJ6u3JuWUOFpAznaZfvZSAmtk+rFf+9qfrhxzH8prvuch3WXzMe1wRN3jYz9bm23ALofNGJn/BMRGizQLaJu5sXIV/hb/4T0RBop+h3urvG8c/Ls5bGRKXo9BVKUJ/8+43+wMDFa0pElQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750587; c=relaxed/simple; bh=m3Ri8EOCJWQEZ/4FSF9yjTz3eDvfep4JMqgy1mWrXGs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=H8vsTuMR0kNiQpqS9f3OCWAQsN0KRsCSfgmo2K2QDU8u9oY+XrFK2fekN50aE97+Ot/0120uVdowQUdFZ1007PKBp/fRQCE9Vi9Eb1voFpzR1IV25p2Mky2LzJRA1Ozasqa7o2Gb7dN8rI9KDkEd6yObWWAf3z1yQZ4AwiaTcBw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=s4v+XJUm; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="s4v+XJUm" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e364afb44so502027b3a.3 for ; Wed, 20 Aug 2025 21:29:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750585; x=1756355385; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=tBQFuFZYWge8bx60kNf5qVNyqDjFsXjzBvHdLVsh8nI=; b=s4v+XJUmoD1HLXSXDRYfdy4vQf3KxFIIOtK4yoA7JBDkOrStfYs/KRhBQ199LhCVFH vuqxTK7k7aj6C9/WNh4VVeR3ly08zJoW+j5c6TKKTqWL92dMvujK3iPyYbKlUBqvy3qF D/JQV0RXQoO3UUOrd2pl5tSO5jxqpg4RN1LVxug+qrCuKSyh4/FuJdOx8A5ST+dVl/9U EI2xsC5N9CohbrAyb8Rxbu+GBrKxgr/vIsn/aLV1mQTYH/s5o4dNUzG5txgMLIpynRB7 vZXuk3r53dIci5WQOLhRg5a7KGBNp1d4HAQIHTRXttBfYVBaADzdDO8+t2q/DrQy9as3 djHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750585; x=1756355385; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=tBQFuFZYWge8bx60kNf5qVNyqDjFsXjzBvHdLVsh8nI=; b=Ct2Uv0ku1GpMCZIs3MMIL9I8laHe3mfstLzKbJkoXtN90nabtem+FoBXSuqpA2yoV6 rMghHiIO1pwvjoOiiGPW28cvGKINOCnaXtBIPnzunlfi+CMMuYxSbOQx9PV+dFva5287 ic/P4Mq0WNRkdw6xEzQ9fRNBYP/+/NWpHv2P6p7+wWvPL7a2uWxdVu2OtoBYC4VQASvr H2PS2M2kolzl7mWymDCTqvfKyrP6OKy/X2U9fUlrw3Ue4GFS2uFzHwCT+sW6tcxdYAhB J3srZm3pLZEbR4N9hQ0hOZ6Z7a+tcN6gMN4dVovwlryuRV065humn607jn+uOLqtM9C4 mJUg== X-Gm-Message-State: AOJu0YwrxOfbJjKhb7l9aQBHeE2d5o5h3nC5HhPnIRjbEYM8VCuj6cW1 RMNXfWBQ3tS4M+JihDt/gtxE+KWqa3IGQwKN/f0bSIiDzVhK6FGoM1nbSb6CTtMGzi+FqhJj+eP K7w== X-Google-Smtp-Source: AGHT+IH/I8if9wLwMPgXY315eQh/FR5Hg8ZLke7otIfPDonF6CjXt5sWEqVQ5gJKNGQL276+i/A2sjmXLw== X-Received: from pfbna33.prod.google.com ([2002:a05:6a00:3e21:b0:76e:9907:3909]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:23d1:b0:76e:885a:c334 with SMTP id d2e1a72fcca58-76ea326634bmr1164724b3a.26.1755750585082; Wed, 20 Aug 2025 21:29:45 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:07 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-15-sagis@google.com> Subject: [PATCH v9 14/19] KVM: selftests: Add helpers to init TDX memory and finalize VM From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ackerley Tng TDX protected memory needs to be measured and encrypted before it can be used by the guest. Traverse the VM's memory regions and initialize all the protected ranges by calling KVM_TDX_INIT_MEM_REGION. Once all the memory is initialized, the VM can be finalized by calling KVM_TDX_FINALIZE_VM. Signed-off-by: Ackerley Tng Co-developed-by: Erdem Aktas Signed-off-by: Erdem Aktas Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- .../selftests/kvm/include/x86/tdx/tdx_util.h | 2 + .../selftests/kvm/lib/x86/tdx/tdx_util.c | 97 +++++++++++++++++++ 2 files changed, 99 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h index a2509959c7ce..2467b6c35557 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -71,4 +71,6 @@ void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm= ); void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *= vcpu); void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code); =20 +void vm_tdx_finalize(struct kvm_vm *vm); + #endif // SELFTESTS_TDX_TDX_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c index d8eab99d9333..4024587ed3c2 100644 --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -274,3 +274,100 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attri= butes) =20 free(init_vm); } + +static void tdx_init_mem_region(struct kvm_vm *vm, void *source_pages, + uint64_t gpa, uint64_t size) +{ + uint32_t metadata =3D KVM_TDX_MEASURE_MEMORY_REGION; + struct kvm_tdx_init_mem_region mem_region =3D { + .source_addr =3D (uint64_t)source_pages, + .gpa =3D gpa, + .nr_pages =3D size / PAGE_SIZE, + }; + struct kvm_vcpu *vcpu; + + vcpu =3D list_first_entry_or_null(&vm->vcpus, struct kvm_vcpu, list); + + TEST_ASSERT((mem_region.nr_pages > 0) && + ((mem_region.nr_pages * PAGE_SIZE) =3D=3D size), + "Cannot add partial pages to the guest memory.\n"); + TEST_ASSERT(((uint64_t)source_pages & (PAGE_SIZE - 1)) =3D=3D 0, + "Source memory buffer is not page aligned\n"); + vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_MEM_REGION, metadata, &mem_region); +} + +static void tdx_init_pages(struct kvm_vm *vm, void *hva, uint64_t gpa, + uint64_t size) +{ + void *scratch_page =3D calloc(1, PAGE_SIZE); + uint64_t nr_pages =3D size / PAGE_SIZE; + int i; + + TEST_ASSERT(scratch_page, + "Could not allocate memory for loading memory region"); + + for (i =3D 0; i < nr_pages; i++) { + memcpy(scratch_page, hva, PAGE_SIZE); + + tdx_init_mem_region(vm, scratch_page, gpa, PAGE_SIZE); + + hva +=3D PAGE_SIZE; + gpa +=3D PAGE_SIZE; + } + + free(scratch_page); +} + +static void load_td_private_memory(struct kvm_vm *vm) +{ + struct userspace_mem_region *region; + int ctr; + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + const struct sparsebit *protected_pages =3D region->protected_phy_pages; + const vm_paddr_t gpa_base =3D region->region.guest_phys_addr; + const uint64_t hva_base =3D region->region.userspace_addr; + const sparsebit_idx_t lowest_page_in_region =3D gpa_base >> vm->page_shi= ft; + + sparsebit_idx_t i; + sparsebit_idx_t j; + + if (!sparsebit_any_set(protected_pages)) + continue; + + sparsebit_for_each_set_range(protected_pages, i, j) { + const uint64_t size_to_load =3D (j - i + 1) * vm->page_size; + const uint64_t offset =3D + (i - lowest_page_in_region) * vm->page_size; + const uint64_t hva =3D hva_base + offset; + const uint64_t gpa =3D gpa_base + offset; + + vm_set_memory_attributes(vm, gpa, size_to_load, + KVM_MEMORY_ATTRIBUTE_PRIVATE); + + /* + * Here, memory is being loaded from hva to gpa. If the memory + * mapped to hva is also used to back gpa, then a copy has to be + * made just for loading, since KVM_TDX_INIT_MEM_REGION ioctl + * cannot encrypt memory in place. + * + * To determine if memory mapped to hva is also used to back + * gpa, use a heuristic: + * + * If this memslot has guest_memfd, then this memslot should + * have memory backed from two sources: hva for shared memory + * and gpa will be backed by guest_memfd. + */ + if (region->region.guest_memfd =3D=3D -1) + tdx_init_pages(vm, (void *)hva, gpa, size_to_load); + else + tdx_init_mem_region(vm, (void *)hva, gpa, size_to_load); + } + } +} + +void vm_tdx_finalize(struct kvm_vm *vm) +{ + load_td_private_memory(vm); + vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL); +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EBA42EB84E for ; Thu, 21 Aug 2025 04:29:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750589; cv=none; b=pEYLbT3PBBfM5ivlcYKUjmfxP41FD8HLkY0Zf5vNlHpfEWBYyScfvwuvRtqr+WoX4cA/TVIQ6navmv86ID2/SLbsyNcVFQlRgAFjtOZwr4Zg/l3JMQOC49mSunimSxMaU0rpUdzCdIrc3GXHMRtMUZXM3CxF3YDm/XZRKA8X0cs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750589; c=relaxed/simple; bh=yodyfNMQNj0kY+Qn43ES1XKohbDNg1JVE9Wu+qtAF5w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=FVUaMU7s1y5zGBiOyPL9BGrr72WQg/G9+EG9MVKVgMeysPjsXxUXbEuxW+abukKhX/r9eRonwP6JmWfFwZA8DBMFE1AFefmcELAhZq22OlRC6FlIEcKh8fbqodWJshhbZRuCISRVrCpeBlKwr1TA1nGx3DeB5/HZ20pi1lB6e6k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hu2dQQHB; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hu2dQQHB" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e2e9a98b4so550081b3a.1 for ; Wed, 20 Aug 2025 21:29:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750587; x=1756355387; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=gj0ks3SkrjBXeSwymW22ZOEkAWDcXT2SUAzCPyMJDk0=; b=hu2dQQHBxX509O5IFospb/+67IEPLhO+D9rUZJbBXjc2ViV3v59Jq8hd4s4xIGH29W Ur+57E4Hy7VhWo+RUmPRiLiukFNJMYh+2vtSEZa28Xlnh/SPKdoR6PCqVtCIXskjp2vS 8DJyjFcVyznP2N0hNNRQAP90bupg8wWIzub7sp3hezf70oLy3XyRYLNxAyZA0duc0liC ygftDMuWTzTgLgmNVY6rgLhGI6a0IS0PBjlFLemts14sJQ1muBXn1MKume2Zst06fiwy 0Xghpwbc2a7lc1Rvc6B6BF07KTBSW+UDBUSY6cQVq/9h9KpbncbxbZWQ5uCcLddY1WiO SirQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750587; x=1756355387; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=gj0ks3SkrjBXeSwymW22ZOEkAWDcXT2SUAzCPyMJDk0=; b=NqBCAzyprPiPwudHamPPI2nNRotGgYoz7jnxin7Sk0QISkVOaJGY5oOZ8fMdQkPuU/ Cp5oDSIdExoTr1vVbduK1un1fb1JJDWJLWTx4jafY2/cxR6thGkijpVn60Kh+WXwLGFw EXLKYp22Hj8A9OIbtlmer/X/xV/P7uij/jOW7RYGr9IAw+q7q8j7KYeoULegZdnIseor UwbbGwIw1hiffhqd8ogrBomRt56ul5+YDkLxrliVF15xAh4FLGpfSUDNNgmnHA6c9r5e i87pjJe6ZD30eUffsCMIngIeuaiV2XGwh7QhDK0fBUlA4VGDrMqcqLKqYjrphr0zXEW9 PemQ== X-Gm-Message-State: AOJu0YwtdmyveiijFg7Qz/K7mOWwBasABVDAm8ZAFRYfj3rpIqFv2e1q TVEYZmkVmoU6TtB/ocGnYZ2iTMEzj+QxBPeR6JEIh+tUt/FVtqTCfu6JJ0gpLSJ8od6ZSaPUpgE REw== X-Google-Smtp-Source: AGHT+IFLKU7nQShOfjFNm85Vb/F4qNeM/zFFNY9j+AyoBkTSscow67QaxUSRWnDKVpnn460c5wYSFgcfHA== X-Received: from pfbkh4.prod.google.com ([2002:a05:6a00:9444:b0:76e:8bc4:bb9a]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:3392:b0:746:195b:bf1c with SMTP id d2e1a72fcca58-76ea30ca590mr1175415b3a.10.1755750586674; Wed, 20 Aug 2025 21:29:46 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:08 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-16-sagis@google.com> Subject: [PATCH v9 15/19] KVM: selftests: Hook TDX support to vm and vcpu creation From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX require special handling for VM and VCPU initialization for various reasons: - Special ioctlss for creating VM and VCPU. - TDX registers are inaccessible to KVM. - TDX require special boot code trampoline for loading parameters. - TDX only supports KVM_CAP_SPLIT_IRQCHIP. Hook this special handling into __vm_create() and vm_arch_vcpu_add() using the utility functions added in previous patches. Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/lib/kvm_util.c | 24 ++++++++- .../testing/selftests/kvm/lib/x86/processor.c | 49 ++++++++++++++----- 2 files changed, 61 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel= ftests/kvm/lib/kvm_util.c index b4c8702ba4bd..d9f0ff97770d 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -4,6 +4,7 @@ * * Copyright (C) 2018, Google LLC. */ +#include "tdx/tdx_util.h" #include "test_util.h" #include "kvm_util.h" #include "processor.h" @@ -465,7 +466,7 @@ void kvm_set_files_rlimit(uint32_t nr_vcpus) static bool is_guest_memfd_required(struct vm_shape shape) { #ifdef __x86_64__ - return shape.type =3D=3D KVM_X86_SNP_VM; + return (shape.type =3D=3D KVM_X86_SNP_VM || shape.type =3D=3D KVM_X86_TDX= _VM); #else return false; #endif @@ -499,6 +500,12 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint= 32_t nr_runnable_vcpus, for (i =3D 0; i < NR_MEM_REGIONS; i++) vm->memslots[i] =3D 0; =20 + if (is_tdx_vm(vm)) { + /* Setup additional mem regions for TDX. */ + vm_tdx_setup_boot_code_region(vm); + vm_tdx_setup_boot_parameters_region(vm, nr_runnable_vcpus); + } + kvm_vm_elf_load(vm, program_invocation_name); =20 /* @@ -1728,11 +1735,26 @@ void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t = gpa) return (void *) ((uintptr_t) region->host_alias + offset); } =20 +static bool is_split_irqchip_required(struct kvm_vm *vm) +{ +#ifdef __x86_64__ + return is_tdx_vm(vm); +#else + return false; +#endif +} + /* Create an interrupt controller chip for the specified VM. */ void vm_create_irqchip(struct kvm_vm *vm) { int r; =20 + if (is_split_irqchip_required(vm)) { + vm_enable_cap(vm, KVM_CAP_SPLIT_IRQCHIP, 24); + vm->has_irqchip =3D true; + return; + } + /* * Allocate a fully in-kernel IRQ chip by default, but fall back to a * split model (x86 only) if that fails (KVM x86 allows compiling out diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin= g/selftests/kvm/lib/x86/processor.c index 4802fc81bea7..5cf14f09c1b6 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -670,6 +670,11 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm) vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); } =20 + if (is_tdx_vm(vm)) { + vm_tdx_init_vm(vm, 0); + vm_tdx_load_common_boot_parameters(vm); + } + r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL); TEST_ASSERT(r > 0, "KVM_GET_TSC_KHZ did not provide a valid TSC frequency= ."); guest_tsc_khz =3D r; @@ -680,9 +685,13 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, = void *guest_code) { struct kvm_regs regs; =20 - vcpu_regs_get(vcpu, ®s); - regs.rip =3D (unsigned long) guest_code; - vcpu_regs_set(vcpu, ®s); + if (is_tdx_vm(vcpu->vm)) + vm_tdx_set_vcpu_entry_point(vcpu, guest_code); + else { + vcpu_regs_get(vcpu, ®s); + regs.rip =3D (unsigned long) guest_code; + vcpu_regs_set(vcpu, ®s); + } } =20 vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm) @@ -711,6 +720,19 @@ vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm) return stack_vaddr; } =20 +static void vm_tdx_vcpu_add(struct kvm_vm *vm, struct kvm_vcpu *vcpu) +{ + struct kvm_cpuid2 *cpuid; + + cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES); + vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_GET_CPUID, 0, cpuid); + vcpu_init_cpuid(vcpu, cpuid); + free(cpuid); + vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_VCPU, 0, NULL); + + vm_tdx_load_vcpu_boot_parameters(vm, vcpu); +} + struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) { struct kvm_mp_state mp_state; @@ -718,16 +740,21 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, = uint32_t vcpu_id) struct kvm_vcpu *vcpu; =20 vcpu =3D __vm_vcpu_add(vm, vcpu_id); - vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid()); - vcpu_init_sregs(vm, vcpu); - vcpu_init_xcrs(vm, vcpu); =20 - /* Setup guest general purpose registers */ - vcpu_regs_get(vcpu, ®s); - regs.rflags =3D regs.rflags | 0x2; - if (vm->type !=3D KVM_X86_TDX_VM) + if (is_tdx_vm(vm)) { + vm_tdx_vcpu_add(vm, vcpu); + } else { + vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid()); + + vcpu_init_sregs(vm, vcpu); + vcpu_init_xcrs(vm, vcpu); + + /* Setup guest general purpose registers */ + vcpu_regs_get(vcpu, ®s); + regs.rflags =3D regs.rflags | 0x2; regs.rsp =3D kvm_allocate_vcpu_stack(vm); - vcpu_regs_set(vcpu, ®s); + vcpu_regs_set(vcpu, ®s); + } =20 /* Setup the MP state */ mp_state.mp_state =3D 0; --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B00692EBB86 for ; Thu, 21 Aug 2025 04:29:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750590; cv=none; b=gO27vEmMk5qnt9Ddc8wWvtK8piqO5/uT61DMsOhkCPEB5gtDDiE2jilmpotXcerki7+IM95P1Ild5qLU9cDNlEVkOMk3ot0hOsusYLtD9Chhl1hV9sIxNtM5SxuzvTeSR4OYUb7uNjkKk+YjybamXXvo9hKo/Fwc06eyOg8ai9g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750590; c=relaxed/simple; bh=y8Vols72ZQhlj0l+6WTptcdRQFq1i7yPnNlJzlRJXrY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=WM2iOfqwThFfEh4JONUQgeYWOEGksJPgUyBWLIVFolpFCRuzApcSWh1rewogoGH3FF1qKiTLPg8DEz0NtKkLWaEheMnWoiqhTwwwHK1PTJqcfmVm4zVQmwL3v6Sva7PcB1nYxeHfnwjattJicd6CkoKxT5NQOVyIfV4IaZwrvIQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=e59N1kPf; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="e59N1kPf" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-32326e21dd6so1272519a91.2 for ; Wed, 20 Aug 2025 21:29:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750588; x=1756355388; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=aiVoDGgEeLvUi3qC9mIhMkvq5pJI4LiCXk4BBs01jkQ=; b=e59N1kPfkmbhY+1O1+zo6DEYJAKwhINJZEQc5Z3/CU2jk9/5Hzhxi1Ivku7v23IwXH g1Dl/zaabfqLwvMv//yE2hYzpC9R+EL+lwraKROKHMXHubWNTTstcuq1j4gBnYG/5dOh iqYQWJZd12BSrtKStbXJEv3C0D28EIxAuErMbD9oHRBa7uyTg5wEbzcyh+qmFv3frQXF DvoXBKpvHUiLziXJSAMYt2m8Pv1i2O0Bd+eVYXrnz7SKpkEA6shzeJwpNFmn2h3R11WE iJmT8p6g6ecPk7FO8Ga8PAXCd80XEUR4E5a2DA82nRXvNJCncSmh12EPXB0D7BG412tE +ZKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750588; x=1756355388; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=aiVoDGgEeLvUi3qC9mIhMkvq5pJI4LiCXk4BBs01jkQ=; b=U/pSiKLIsT5IB9pELBUUK4WnLxUGL8VJq8ogOIzdTAoEYA2c0v7H/8FthyoL53WOIO 9aZDTp5qMGGGHcTXico5ngKw8v0oc06fOHpaRwWEChb9fjHgljrs1lRY2G0eHr0NcQkw ejnshd0WLk/ry8KQq2whLLtE20m8wIGOB9Nv14pEzJ291p43B2xiwan0RjjFkMlNtBZu sSlwQsprCtp8qxeCe6sS2MGPvDYE7jSejBcwOZpsSN2a8slmHCJqtu+TrejnTRh9sKWz EKKMWBUMuJSzJBImYp6a+QXwqzZigPwH6TWZ+gMOI51/XcGiOGtycMI2G7/NCwo4zqAg +DyQ== X-Gm-Message-State: AOJu0Yw2RGUGKAMITLmtIA8qwou46Xy6FsgMS3NQ077xFa+PARH5wCHS lxF7IexxJMPWDKMWyGAMZYAFxzIZCWfK+CSNQfINO2aXb/nv3DRexlW9EITO0SA0FuJQ/iGxnSp 5RQ== X-Google-Smtp-Source: AGHT+IErJwTZOKyoD2ts5dTjB0McW+Hh6jBxGcP0NTGQvZrMLA6J98I9qWeiwLxm184dh8JB/IRNnG3o6Q== X-Received: from pjbqa2.prod.google.com ([2002:a17:90b:4fc2:b0:321:c441:a0a]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2549:b0:313:1769:eb49 with SMTP id 98e67ed59e1d1-324ed0da408mr1632742a91.8.1755750588087; Wed, 20 Aug 2025 21:29:48 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:09 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-17-sagis@google.com> Subject: [PATCH v9 16/19] KVM: selftests: Add support for TDX TDCALL from guest From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Erdem Aktas Add support for TDX guests to issue TDCALLs to the TDX module. Signed-off-by: Erdem Aktas Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 8 ++ .../selftests/kvm/include/x86/tdx/tdcall.h | 34 +++++++ .../selftests/kvm/lib/x86/tdx/tdcall.S | 93 +++++++++++++++++++ .../kvm/lib/x86/tdx/tdcall_offsets.c | 16 ++++ 4 files changed, 151 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdcall.h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index c42b579fb7c5..1f541c0d4fe1 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -20,6 +20,7 @@ LIBKVM +=3D lib/userfaultfd_util.c LIBKVM_STRING +=3D lib/string_override.c =20 LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c +LIBKVM_ASM_DEFS +=3D lib/x86/tdx/tdcall_offsets.c =20 LIBKVM_x86 +=3D lib/x86/apic.c LIBKVM_x86 +=3D lib/x86/handlers.S @@ -33,6 +34,7 @@ LIBKVM_x86 +=3D lib/x86/ucall.c LIBKVM_x86 +=3D lib/x86/vmx.c LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S +LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S =20 LIBKVM_arm64 +=3D lib/arm64/gic.c LIBKVM_arm64 +=3D lib/arm64/gic_v3.c @@ -342,7 +344,13 @@ $(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86= /tdx/td_boot_offsets.h $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot= _offsets.s FORCE $(call filechk,offsets,__TDX_BOOT_OFFSETS_H__) =20 +$(OUTPUT)/lib/x86/tdx/tdcall.o: $(OUTPUT)/include/x86/tdx/tdcall_offsets.h + +$(OUTPUT)/include/x86/tdx/tdcall_offsets.h: $(OUTPUT)/lib/x86/tdx/tdcall_o= ffsets.s FORCE + $(call filechk,offsets,__TDCALL__OFFSETS_H__) + EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h +EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/tdcall_offsets.h =20 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS)))) $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS) diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h b/tools/t= esting/selftests/kvm/include/x86/tdx/tdcall.h new file mode 100644 index 000000000000..60c70646f876 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h @@ -0,0 +1,34 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* Adapted from arch/x86/include/asm/shared/tdx.h */ + +#ifndef SELFTESTS_TDX_TDCALL_H +#define SELFTESTS_TDX_TDCALL_H + +#include + +#define TDX_TDCALL_HAS_OUTPUT BIT(0) + +#ifndef __ASSEMBLY__ + +#include + +/* + * Used in __tdx_tdcall() to pass down and get back registers' values of + * the TDCALL instruction when requesting services from the VMM. + * + * This is a software only structure and not part of the TDX module/VMM AB= I. + */ +struct tdx_tdcall_args { + u64 r10; + u64 r11; + u64 r12; + u64 r13; + u64 r14; + u64 r15; +}; + +/* Used to request services from the VMM */ +u64 __tdx_tdcall(struct tdx_tdcall_args *args, unsigned long flags); + +#endif // __ASSEMBLY__ +#endif // SELFTESTS_TDX_TDCALL_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S b/tools/testi= ng/selftests/kvm/lib/x86/tdx/tdcall.S new file mode 100644 index 000000000000..05869e86b9d8 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S @@ -0,0 +1,93 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* Adapted from arch/x86/virt/vmx/tdx/tdxcall.S */ + +#ifndef __ASSEMBLY__ +#define __ASSEMBLY__ +#endif + +#include +#include "tdx/tdcall.h" +#include "tdx/tdcall_offsets.h" + +/* + * TDCALL is supported in Binutils >=3D 2.36, add it for older version. + */ +#define tdcall .byte 0x66,0x0f,0x01,0xcc + +/* + * Bitmasks of exposed registers (with VMM). + */ +#define TDX_R10 BIT(10) +#define TDX_R11 BIT(11) +#define TDX_R12 BIT(12) +#define TDX_R13 BIT(13) +#define TDX_R14 BIT(14) +#define TDX_R15 BIT(15) + +/* + * These registers are clobbered to hold arguments for each + * TDVMCALL. They are safe to expose to the VMM. + * Each bit in this mask represents a register ID. Bit field + * details can be found in TDX GHCI specification, section + * titled "TDCALL [TDG.VP.VMCALL] leaf". + */ +#define TDVMCALL_EXPOSE_REGS_MASK \ + (TDX_R10 | TDX_R11 | TDX_R12 | TDX_R13 | TDX_R14 | TDX_R15) + +.code64 +.section .text + +.globl __tdx_tdcall +.type __tdx_tdcall, @function +__tdx_tdcall: + /* Set up stack frame */ + push %rbp + movq %rsp, %rbp + + /* Save callee-saved GPRs as mandated by the x86_64 ABI */ + push %r15 + push %r14 + push %r13 + push %r12 + + /* Mangle function call ABI into TDCALL ABI: */ + /* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */ + xor %eax, %eax + + /* Copy tdcall registers from arg struct: */ + movq TDX_TDCALL_R10(%rdi), %r10 + movq TDX_TDCALL_R11(%rdi), %r11 + movq TDX_TDCALL_R12(%rdi), %r12 + movq TDX_TDCALL_R13(%rdi), %r13 + movq TDX_TDCALL_R14(%rdi), %r14 + movq TDX_TDCALL_R15(%rdi), %r15 + + movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx + + tdcall + + /* TDVMCALL leaf return code is in R10 */ + movq %r10, %rax + + /* Copy tdcall result registers to arg struct if needed */ + testq $TDX_TDCALL_HAS_OUTPUT, %rsi + jz .Lout + + movq %r10, TDX_TDCALL_R10(%rdi) + movq %r11, TDX_TDCALL_R11(%rdi) + movq %r12, TDX_TDCALL_R12(%rdi) + movq %r13, TDX_TDCALL_R13(%rdi) + movq %r14, TDX_TDCALL_R14(%rdi) + movq %r15, TDX_TDCALL_R15(%rdi) +.Lout: + /* Restore callee-saved GPRs as mandated by the x86_64 ABI */ + pop %r12 + pop %r13 + pop %r14 + pop %r15 + + pop %rbp + ret + +/* Disable executable stack */ +.section .note.GNU-stack,"",%progbits diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c b/too= ls/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c new file mode 100644 index 000000000000..dcd4457be6e5 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c @@ -0,0 +1,16 @@ +// SPDX-License-Identifier: GPL-2.0 +#define COMPILE_OFFSETS + +#include + +#include "tdx/tdcall.h" + +static void __attribute__((used)) common(void) +{ + OFFSET(TDX_TDCALL_R10, tdx_tdcall_args, r10); + OFFSET(TDX_TDCALL_R11, tdx_tdcall_args, r11); + OFFSET(TDX_TDCALL_R12, tdx_tdcall_args, r12); + OFFSET(TDX_TDCALL_R13, tdx_tdcall_args, r13); + OFFSET(TDX_TDCALL_R14, tdx_tdcall_args, r14); + OFFSET(TDX_TDCALL_R15, tdx_tdcall_args, r15); +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 587542EBDDC for ; Thu, 21 Aug 2025 04:29:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750592; cv=none; b=eznw9bNBw4RbHfvGGTjnDnPovYj19MwXHQNLTE0G4Q88ar8jqwY21hQrTswFqSl0tGOiV6AVOyrSIsygAiN+wP3n5jZy03T3GJhSZESv6DtOT4w0yH4Y+mZmqdEmCro1hY3MwiPLuzSj/1PbhjGaNkPVXF9WBethwrHo9G2AYdo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750592; c=relaxed/simple; bh=YfCKtl1oYUHFl63/I/l0XnKZWiM4Uj8GywSB9cp0jjE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=rAkriMbrTRE5Uu6g7lfMtw6jutfmO1oqZP8Egj9Q1MeCrPJcYT1R3zHa6/QHkOayprQKNkBfEhVfEDHEg9JYOWd9F53zgakeGchnJ0Qe9R0DzEKMaAVQLdIRhVP42nMtn6pvlLdk8JN3xv5Q7oDQ3RZDtdhtAFSMqr3zjAEcQ/o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=O52GhE5q; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="O52GhE5q" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-b47174bdce2so465128a12.2 for ; Wed, 20 Aug 2025 21:29:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750589; x=1756355389; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=17hgKbvgVoShstlAaX3KPF4mBrZKhgeiLGz5GZxS0HI=; b=O52GhE5qK4AMD2GXcRnwmN5F4wVV5RohZRhH5L1ughC0WR6OrXZddN64EFUx8ZZvoZ jmgvqnlyqsXJuQBzpXeDyKxu1AYglzOfdnuJBsfZxzDFSSgodPJaydfnPNMXc9KLcdmN 33wQLkl8Pfx3UwUNj15M+9/7RFyoRXdn3UOPNl9CZWjYUqt41+7Xik/R5Rl3bCMlvnuE NYX9S6RSgLfouq4gL81jmg5BjNu2jJTE83wPx2r+gJ6And613amn9Q3M52GGYjaXkVeZ tfaqRVepyXmH04DlPtKXZ9ZXYDQvMSs9lTEx4KbkDTx0KXePqNAEag7pSp+2kOibeobI MS0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750589; x=1756355389; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=17hgKbvgVoShstlAaX3KPF4mBrZKhgeiLGz5GZxS0HI=; b=g05or8FOF/CvpN9kUQ4ObWFrGPVzm2Z1D2e2ck2fmG4WpVV0awcRkCPT8xyxv2Xtpk oIcJWX4pl387NRIZXRHVAuuKZngCsPRYN3DM0I6ldSGEOhwF2WOFHsqRp4WwAlNsgMMI cNSJENr4E134j26L/bwcSEjBqB8KE3pFHNgRMS1YT3vtmlyuAOlX950Z7+z+sJb+lTmR Xt3xXtl8WDnCMsTjSYrekJJ0x7NVvwPCc7OxhSN5cHLsQjdSJe+ZCDz4oMwAPtCZRex/ tiCKyryerzqJBYnDo7StCOKzzgHKL5acQDVIE2MGXXzS1ayJXvwOYET7KpMPq3k77X4q 6BaA== X-Gm-Message-State: AOJu0Yw+dcshflZoIIYmb6mNcVsWsgMJyO/bsXTOQzzxkxvgcuETVN+z Um00CWayfHmksM30M0aLwqC6Ocb3xfLjT9E6gcquALe5Pi/P7H8u8cGGTQc8M6dLTNsupEU1PiC WHg== X-Google-Smtp-Source: AGHT+IGF5a5kRZmxUiR0v1iGU7vvhEaAdIOjYi1z34R/ceiLYsiE+HhRHvw9xVKXOykbRjsvm8/UnJbeaw== X-Received: from pgbl17.prod.google.com ([2002:a63:5711:0:b0:b47:9d0:bf72]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:6a0c:b0:240:101c:4428 with SMTP id adf61e73a8af0-243308364d2mr1563120637.10.1755750589607; Wed, 20 Aug 2025 21:29:49 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:10 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-18-sagis@google.com> Subject: [PATCH v9 17/19] KVM: selftests: Add wrapper for TDX MMIO from guest From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add utility function to issue MMIO TDCALL from TDX guests. Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/include/x86/tdx/tdx.h | 14 ++++++++++++ tools/testing/selftests/kvm/lib/x86/tdx/tdx.c | 22 +++++++++++++++++++ 3 files changed, 37 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx.h create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 1f541c0d4fe1..8d1aaebd746e 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -35,6 +35,7 @@ LIBKVM_x86 +=3D lib/x86/vmx.c LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S +LIBKVM_x86 +=3D lib/x86/tdx/tdx.c =20 LIBKVM_arm64 +=3D lib/arm64/gic.c LIBKVM_arm64 +=3D lib/arm64/gic_v3.c diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx.h b/tools/test= ing/selftests/kvm/include/x86/tdx/tdx.h new file mode 100644 index 000000000000..22b096402998 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef SELFTESTS_TDX_TDX_H +#define SELFTESTS_TDX_TDX_H + +#include + +/* MMIO direction */ +#define MMIO_READ 0 +#define MMIO_WRITE 1 + +uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si= ze, + uint64_t data_in); + +#endif // SELFTESTS_TDX_TDX_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c b/tools/testing/= selftests/kvm/lib/x86/tdx/tdx.c new file mode 100644 index 000000000000..12df30ac1ceb --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c @@ -0,0 +1,22 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include "tdx/tdcall.h" +#include "tdx/tdx.h" + +#define TDG_VP_VMCALL 0 + +#define TDG_VP_VMCALL_VE_REQUEST_MMIO 48 + +uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si= ze, + uint64_t data_in) +{ + struct tdx_tdcall_args args =3D { + .r11 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO, + .r12 =3D size, + .r13 =3D MMIO_WRITE, + .r14 =3D address, + .r15 =3D data_in, + }; + + return __tdx_tdcall(&args, 0); +} --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A375A2ECD26 for ; Thu, 21 Aug 2025 04:29:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750593; cv=none; b=XeYko4N060Tyn9fT/KX3LLtknyDAR2OkKNup6zhu9h9KOGUdkC895CztfwiZodzlzamd3MUkw02pa+yXSJFQvPYWMZdaVAIHwNuY393h7/yV0EaXSsI4yHvFqgUAVVa+o4nktapO0adayWSnRw7YS4zQAkp3bnXwLyl4vrwz3NY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750593; c=relaxed/simple; bh=9+eQprqBsQ6gxSE3z+RPqS3r7N8HYybLZbylKvd7iWA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=owNOyrtBLXKdL9282K1I7atsngSzAvCNc9KuOuKL/xTOyreJVgjMe881Xc6iA4WZ65hdQn3JPpomvkvqMZbDl9KzPmtY6w4HrVnxt/tTZcXSeKGideUDRZHi/3Lu5L4OwGS9XCfZRGz93/7xO57D5ZdVGz3/XC8tqq1Y2yYQT/M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=loPsoVTU; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="loPsoVTU" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-32326bf571bso1409592a91.2 for ; Wed, 20 Aug 2025 21:29:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750591; x=1756355391; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=C+Vn2dydaOWO4V7Wr4fQ6A3nnlLiDSULKiE6J6INVZA=; b=loPsoVTU0O3ATp7otV70VbPJxJuQk/2j0ZPoKXZ7mXN/l8hLXHisNus9Blll0W/gAg KHLKOseGeE5pktXeHWprdojDfjfdRRwUQNVSfzrvfFwn0SCC8MoY2bPDC6G9y/wrMVQu aocGGX8Up9RJGxaXGuuQoVzpE7rLvLUTxMY44QT4Gbmj70I6uhYvknsBVR6hybkzq6OR 6Av+rmdPtPtENUv2HaMa1EA5brrq4ESDMxNaHxgJCAWoExiZlLQycnLuv/VSYwBlLmLU +4YBRiheOJ+sQ/aFAoPwyAmTqvrWl3vkLp+8fGTRkc7qVsVQia8wSHL5/WfSzZt2xPFy nBeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750591; x=1756355391; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=C+Vn2dydaOWO4V7Wr4fQ6A3nnlLiDSULKiE6J6INVZA=; b=E5wuedxob679MM9tusPX803BusIyZ7sTLImxRbueA6qLoO4qfP4R9QTU0XFC1JpEpi 0AA2RZik5vZWnS0SVH4IfOyKi1gmOjNGp5lbW0oVJp9d11lP3XfhD2DNnNk0BlElKTCA aGJZggYox8AeLmC1eAhMCvm7tZZ1wtCycVjEzBKsm9XFXIZcLsvGfZhS9UHL+NfoE56W xXI8JpRFqYThwuhxAUFFziZJhl4BqlJxMC4vy0cE5LUxY3rHixnRKCJiGXWKHAmAz7K0 HNMYuYZrldmnkurcudx42D/r/coiImOWG12h6m8xAubqbCMahxAnMgoyRY3qUOIy7Ohu ZC2A== X-Gm-Message-State: AOJu0Ywe+gxS+c7ZQMXt2iT8vbIaLvcl7+7mAnHZTD/dursk7JjBWL5z 4+OoAsE1qbZYU8bCLiUhaP+MgoPQ79GEzFjrRXvZg/4GUz/ZxCEeo9jlMNu6/MUlbOgMXG0c5fR 9Ug== X-Google-Smtp-Source: AGHT+IHnoZkxggDv6fXD1tHDt5+rOVqRbveDiJ7W0a/Y7B0nOodBtUYvH6G1D7HFbnYFBe8qgKggtU4fUA== X-Received: from pjbnb18.prod.google.com ([2002:a17:90b:35d2:b0:321:c36d:1b8a]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2e0e:b0:31e:d929:5ca5 with SMTP id 98e67ed59e1d1-324ed06131bmr1483288a91.1.1755750591038; Wed, 20 Aug 2025 21:29:51 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:11 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-19-sagis@google.com> Subject: [PATCH v9 18/19] KVM: selftests: Add ucall support for TDX From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ackerley Tng ucalls for non-Coco VMs work by having the guest write to the rdi register, then perform an io instruction to exit to the host. The host then reads rdi using kvm_get_regs(). CPU registers can't be read using kvm_get_regs() for TDX, so TDX guests use MMIO to pass the struct ucall's hva to the host. MMIO was chosen because it is one of the simplest (hence unlikely to fail) mechanisms that support passing 8 bytes from guest to host. Signed-off-by: Ackerley Tng Co-developed-by: Sagi Shahar Signed-off-by: Sagi Shahar --- .../testing/selftests/kvm/include/x86/ucall.h | 4 +- tools/testing/selftests/kvm/lib/x86/ucall.c | 45 ++++++++++++++++--- 2 files changed, 41 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/ucall.h b/tools/testin= g/selftests/kvm/include/x86/ucall.h index d3825dcc3cd9..0494a4a21557 100644 --- a/tools/testing/selftests/kvm/include/x86/ucall.h +++ b/tools/testing/selftests/kvm/include/x86/ucall.h @@ -6,8 +6,6 @@ =20 #define UCALL_EXIT_REASON KVM_EXIT_IO =20 -static inline void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa) -{ -} +void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa); =20 #endif diff --git a/tools/testing/selftests/kvm/lib/x86/ucall.c b/tools/testing/se= lftests/kvm/lib/x86/ucall.c index 1265cecc7dd1..0ad24baaa3c4 100644 --- a/tools/testing/selftests/kvm/lib/x86/ucall.c +++ b/tools/testing/selftests/kvm/lib/x86/ucall.c @@ -5,11 +5,34 @@ * Copyright (C) 2018, Red Hat, Inc. */ #include "kvm_util.h" +#include "tdx/tdx.h" =20 #define UCALL_PIO_PORT ((uint16_t)0x1000) =20 +static uint8_t vm_type; +static vm_paddr_t host_ucall_mmio_gpa; +static vm_paddr_t ucall_mmio_gpa; + +void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa) +{ + vm_type =3D vm->type; + sync_global_to_guest(vm, vm_type); + + host_ucall_mmio_gpa =3D ucall_mmio_gpa =3D mmio_gpa; + + if (vm_type =3D=3D KVM_X86_TDX_VM) + ucall_mmio_gpa |=3D vm->arch.s_bit; + + sync_global_to_guest(vm, ucall_mmio_gpa); +} + void ucall_arch_do_ucall(vm_vaddr_t uc) { + if (vm_type =3D=3D KVM_X86_TDX_VM) { + tdg_vp_vmcall_ve_request_mmio_write(ucall_mmio_gpa, 8, uc); + return; + } + /* * FIXME: Revert this hack (the entire commit that added it) once nVMX * preserves L2 GPRs across a nested VM-Exit. If a ucall from L2, e.g. @@ -46,11 +69,23 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) { struct kvm_run *run =3D vcpu->run; =20 - if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO_= PORT) { - struct kvm_regs regs; + switch (vm_type) { + case KVM_X86_TDX_VM: + if (vcpu->run->exit_reason =3D=3D KVM_EXIT_MMIO && + vcpu->run->mmio.phys_addr =3D=3D host_ucall_mmio_gpa && + vcpu->run->mmio.len =3D=3D 8 && vcpu->run->mmio.is_write) { + uint64_t data =3D *(uint64_t *)vcpu->run->mmio.data; + + return (void *)data; + } + return NULL; + default: + if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO= _PORT) { + struct kvm_regs regs; =20 - vcpu_regs_get(vcpu, ®s); - return (void *)regs.rdi; + vcpu_regs_get(vcpu, ®s); + return (void *)regs.rdi; + } + return NULL; } - return NULL; } --=20 2.51.0.rc1.193.gad69d77794-goog From nobody Sat Oct 4 01:44:54 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 23C252ED17D for ; Thu, 21 Aug 2025 04:29:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750595; cv=none; b=qeAiuwfEeRw6lFmA1yiu9kCgnHCEbOvYmooy1z9qYeTl2hyZxGWyK57AmXi0lWXCacwKWn4en1dlWFIWLND4IvqEQnyE5k7H2ND2O0Kee71RfhbajMLN/EnPDCRBypVP7JVbNjYkYCZi2lhodqz6wAeuXDkWtVK2l6BUSwhFCdo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755750595; c=relaxed/simple; bh=SCj5vpqbGdcyeL9WchYjYHXxlh3Syca50DvMtgJYdEE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BooDo2/u2e8q3xy5IBHah/3VkMHpg7Ac1/RhNiKssQSk8Wk97NZ7RtNrrVcQ73L5xotpdSirwU9f4z4BoLKrmIlrRdC2466SFmVikbK8+iZzPnmYw5xEWqS5b7fEXfiOBNJoykSjYsl6KHGOv+rrTU/+I4CsdBUtAhYTIpGyy0Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=xuET/TSC; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--sagis.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="xuET/TSC" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b47174c667aso477263a12.2 for ; Wed, 20 Aug 2025 21:29:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755750592; x=1756355392; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=3ni6/1QBXYyjIXVNXrHE6sKBQ7BBSjz5QhIiIQ0TLw0=; b=xuET/TSCt6PFuCOdPi5Z5y/dEg4sD+i1qImMcL8xRCpzIteliZY7RHdmsP2bqQU+lc u21EwRPxhc+sztMv88mB1xQ4UjxULkCX3tAxGel/FGYMfbauo6W+875bYXLNLnfSPbdx rc0P+CBxcDFrMmlhjoTSYv5UmoIN+nQCyXTI8NdQ9BD1+dfLcm8yLvtVEGuxiaSYnTLZ vmPPJiHQ6DywPtdHHhbRvnYjst/RafYe+SzK3hzPWLkjw2cRpfzsaxz0FfkWs3/A3nXN T6M4XgPm1IONtDJJy61IRzQwlSoKpauwlkK3ceTf3ANG148w/IyzXpeqg1z7dI1R+9j1 vB+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755750592; x=1756355392; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3ni6/1QBXYyjIXVNXrHE6sKBQ7BBSjz5QhIiIQ0TLw0=; b=NQGH13m37deY0lhSdXOnyapBBJ8HYN6ki9qQCIlf67PTe0Zox6vg7x5oEyBnULjQjQ zHc0EpIBmxv93bDNRkIHthR6EHInLMhzqu+gai1j7kqhftiQEtnEO1nzMaXj2OxCNOsX +9nPEQp/8Bjw2Ph/UoU+eEgWm1hrPIXXSCOH6ZNzAuKWr9HL1siJfwOH5Mp6shoGtYPa ORiHyvM9sKagNPQKwP7HFfmyW4F5Uywto3zBoigufSUJ4frcYOYvzowjLRlRkwmG15RS vqDSgqxtPF+CAa6Xw8e+aOKXK6IkBqycXajo7zoH9cMX7U3wrNZ4AxIDzBDFgyDO+wxq SLhA== X-Gm-Message-State: AOJu0YxtIO5GflH+JFXBilFl0emVmqcpoK72qr2OQYnzReXDHLEYY7Qr ON7SqXk3HSZ0W++buorFFOoi0B5YUUEUwBF4HVyFfoeMBOBXTSQqoVz9QoxF4unPQ6RjbRvwQ1c pAQ== X-Google-Smtp-Source: AGHT+IF47pIKGfWNf380vL880YXdNEf+FWPdQExp1mJvaZsLgHJ8I4ZDENH3hqy/aqETue6DuLS1LEQ09w== X-Received: from pgbdp6.prod.google.com ([2002:a05:6a02:f06:b0:b47:61f6:dd10]) (user=sagis job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:734a:b0:240:30c:276a with SMTP id adf61e73a8af0-24330aa5c52mr1472690637.39.1755750592600; Wed, 20 Aug 2025 21:29:52 -0700 (PDT) Date: Wed, 20 Aug 2025 21:29:12 -0700 In-Reply-To: <20250821042915.3712925-1-sagis@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250821042915.3712925-1-sagis@google.com> X-Mailer: git-send-email 2.51.0.rc1.193.gad69d77794-goog Message-ID: <20250821042915.3712925-20-sagis@google.com> Subject: [PATCH v9 19/19] KVM: selftests: Add TDX lifecycle test From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Paolo Bonzini , Shuah Khan , Sean Christopherson , Ackerley Tng , Ryan Afranji , Andrew Jones , Isaku Yamahata , Erdem Aktas , Rick Edgecombe , Sagi Shahar , Roger Wang , Binbin Wu , Oliver Upton , "Pratik R. Sampat" , Reinette Chatre , Ira Weiny , Chao Gao , Chenyi Qiang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Adding a test to verify TDX lifecycle by creating a simple TD. Signed-off-by: Sagi Shahar --- tools/testing/selftests/kvm/Makefile.kvm | 1 + .../selftests/kvm/include/x86/tdx/tdx_util.h | 10 ++++++ .../selftests/kvm/lib/x86/tdx/tdx_util.c | 18 +++++++++++ tools/testing/selftests/kvm/x86/tdx_vm_test.c | 31 +++++++++++++++++++ 4 files changed, 60 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86/tdx_vm_test.c diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 8d1aaebd746e..86c101fbe1a0 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -155,6 +155,7 @@ TEST_GEN_PROGS_x86 +=3D rseq_test TEST_GEN_PROGS_x86 +=3D steal_time TEST_GEN_PROGS_x86 +=3D system_counter_offset_test TEST_GEN_PROGS_x86 +=3D pre_fault_memory_test +TEST_GEN_PROGS_x86 +=3D x86/tdx_vm_test =20 # Compiled outputs used by test targets TEST_GEN_PROGS_EXTENDED_x86 +=3D x86/nx_huge_pages_test diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools= /testing/selftests/kvm/include/x86/tdx/tdx_util.h index 2467b6c35557..775ca249f74d 100644 --- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h @@ -11,6 +11,14 @@ static inline bool is_tdx_vm(struct kvm_vm *vm) return vm->type =3D=3D KVM_X86_TDX_VM; } =20 +/* + * Verify that TDX is supported by KVM. + */ +static inline bool is_tdx_enabled(void) +{ + return !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM)); +} + /* * TDX ioctls */ @@ -72,5 +80,7 @@ void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, = struct kvm_vcpu *vcpu); void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code); =20 void vm_tdx_finalize(struct kvm_vm *vm); +struct kvm_vm *vm_tdx_create_with_one_vcpu(void *guest_code, + struct kvm_vcpu **vcpu); =20 #endif // SELFTESTS_TDX_TDX_UTIL_H diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes= ting/selftests/kvm/lib/x86/tdx/tdx_util.c index 4024587ed3c2..8b18f1a8da62 100644 --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c @@ -371,3 +371,21 @@ void vm_tdx_finalize(struct kvm_vm *vm) load_td_private_memory(vm); vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL); } + +struct kvm_vm *vm_tdx_create_with_one_vcpu(void *guest_code, + struct kvm_vcpu **vcpu) +{ + struct vm_shape shape =3D { + .mode =3D VM_MODE_DEFAULT, + .type =3D KVM_X86_TDX_VM, + }; + struct kvm_vm *vm; + struct kvm_vcpu *vcpus[1]; + + vm =3D __vm_create_with_vcpus(shape, 1, 0, guest_code, vcpus); + *vcpu =3D vcpus[0]; + + vm_tdx_finalize(vm); + + return vm; +} diff --git a/tools/testing/selftests/kvm/x86/tdx_vm_test.c b/tools/testing/= selftests/kvm/x86/tdx_vm_test.c new file mode 100644 index 000000000000..a9ee489eea1a --- /dev/null +++ b/tools/testing/selftests/kvm/x86/tdx_vm_test.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: GPL-2.0-only + +#include "kvm_util.h" +#include "tdx/tdx_util.h" +#include "ucall_common.h" +#include "kselftest_harness.h" + +static void guest_code_lifecycle(void) +{ + GUEST_DONE(); +} + +TEST(verify_td_lifecycle) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct ucall uc; + + vm =3D vm_tdx_create_with_one_vcpu(guest_code_lifecycle, &vcpu); + + vcpu_run(vcpu); + TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_DONE); + + kvm_vm_free(vm); +} + +int main(int argc, char **argv) +{ + TEST_REQUIRE(is_tdx_enabled()); + return test_harness_run(argc, argv); +} --=20 2.51.0.rc1.193.gad69d77794-goog