@@ -63,6 +63,8 @@ struct test_run_helper {
guest_code_fn guest_fn;
void *shared_mem;
int priv_memfd;
+ bool disallow_boot_shared_access;
+ bool toggle_shared_mem_state;
};
enum page_size {
@@ -779,6 +781,151 @@ static void pspahct_guest_code(void)
GUEST_DONE();
}
+/* Test to verify guest accesses without double allocation:
+ * Guest starts with shared memory access disallowed by default.
+ * 1) Guest writes the private memory privately via a known pattern
+ * 3) Guest reads the private memory privately and verifies that the contents
+ * are same as written.
+ * 4) Guest invokes KVM_HC_MAP_GPA_RANGE to map the hpa range as shared
+ * and marks the range to be accessed via shared access.
+ * 5) Guest writes shared memory with another pattern and signals VMM
+ * 6) VMM verifies the memory contents to be same as written by guest in step
+ * 5 and updates the memory with a different pattern
+ * 7) Guest verifies the memory contents to be same as written in step 6.
+ * 8) Guest invokes KVM_HC_MAP_GPA_RANGE to map the hpa range as private
+ * and marks the range to be accessed via private access.
+ * 9) Guest writes a known pattern to the test memory and verifies the contents
+ * to be same as written.
+ * 10) Guest invokes KVM_HC_MAP_GPA_RANGE to map the hpa range as shared
+ * and marks the range to be accessed via shared access.
+ * 11) Guest writes shared memory with another pattern and signals VMM
+ * 12) VMM verifies the memory contents to be same as written by guest in step
+ * 5 and updates the memory with a different pattern
+ * 13) Guest verifies the memory contents to be same as written in step 6.
+ */
+#define PSAWDAT_ID 7
+#define PSAWDAT_DESC "PrivateSharedAccessWithoutDoubleAllocationTest"
+
+#define PSAWDAT_GUEST_SHARED_MEM_UPDATED1 1ULL
+#define PSAWDAT_GUEST_SHARED_MEM_UPDATED2 2ULL
+
+static bool psawdat_handle_vm_stage(struct kvm_vm *vm,
+ void *test_info,
+ uint64_t stage)
+{
+ void *shared_mem = ((struct test_run_helper *)test_info)->shared_mem;
+
+ switch (stage) {
+ case PSAWDAT_GUEST_SHARED_MEM_UPDATED1: {
+ /* verify data to be same as what guest wrote earlier */
+ TEST_ASSERT(do_mem_op(VERIFY_PAT, shared_mem,
+ TEST_MEM_DATA_PAT2, test_mem_size),
+ "Shared memory view mismatch");
+ TEST_ASSERT(do_mem_op(SET_PAT, shared_mem,
+ TEST_MEM_DATA_PAT1, test_mem_size),
+ "Shared mem update Failure");
+ VM_STAGE_PROCESSED(PSAWDAT_GUEST_SHARED_MEM_UPDATED);
+ break;
+ }
+ case PSAWDAT_GUEST_SHARED_MEM_UPDATED2: {
+ /* verify data to be same as what guest wrote earlier */
+ TEST_ASSERT(do_mem_op(VERIFY_PAT, shared_mem,
+ TEST_MEM_DATA_PAT3, test_mem_size),
+ "Shared memory view mismatch");
+ TEST_ASSERT(do_mem_op(SET_PAT, shared_mem,
+ TEST_MEM_DATA_PAT4, test_mem_size),
+ "Shared mem update Failure");
+ VM_STAGE_PROCESSED(PSAWDAT_GUEST_SHARED_MEM_UPDATED2);
+ break;
+ }
+ default:
+ printf("Unhandled VM stage %ld\n", stage);
+ return false;
+ }
+
+ return true;
+}
+
+static void psawdat_guest_code(void)
+{
+ void *test_mem = (void *)TEST_MEM_GPA;
+ int ret;
+
+ const size_t mem_size = *((size_t *)MEM_SIZE_MMIO_ADDRESS);
+
+ /* Mark the GPA range to be treated as always accessed privately */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, TEST_MEM_GPA,
+ mem_size >> MIN_PAGE_SHIFT,
+ KVM_MARK_GPA_RANGE_ENC_ACCESS, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+ GUEST_ASSERT(do_mem_op(SET_PAT, test_mem,
+ TEST_MEM_DATA_PAT1, mem_size));
+
+ GUEST_ASSERT(do_mem_op(VERIFY_PAT, test_mem,
+ TEST_MEM_DATA_PAT1, mem_size));
+
+ /* Map the GPA range to be treated as shared */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, TEST_MEM_GPA,
+ mem_size >> MIN_PAGE_SHIFT,
+ KVM_MAP_GPA_RANGE_DECRYPTED | KVM_MAP_GPA_RANGE_PAGE_SZ_4K, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ /* Mark the GPA range to be treated as always accessed via shared
+ * access
+ */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, 0, 0,
+ KVM_MARK_GPA_RANGE_ENC_ACCESS, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ GUEST_ASSERT(do_mem_op(SET_PAT, test_mem,
+ TEST_MEM_DATA_PAT2, mem_size));
+ GUEST_SYNC(PSAWDAT_GUEST_SHARED_MEM_UPDATED1);
+
+ GUEST_ASSERT(do_mem_op(VERIFY_PAT, test_mem,
+ TEST_MEM_DATA_PAT1, mem_size));
+
+ /* Map the GPA range to be treated as private */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, TEST_MEM_GPA,
+ mem_size >> MIN_PAGE_SHIFT,
+ KVM_MAP_GPA_RANGE_ENCRYPTED | KVM_MAP_GPA_RANGE_PAGE_SZ_4K, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ /* Mark the GPA range to be treated as always accessed via private
+ * access
+ */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, TEST_MEM_GPA,
+ mem_size >> MIN_PAGE_SHIFT,
+ KVM_MARK_GPA_RANGE_ENC_ACCESS, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ GUEST_ASSERT(do_mem_op(SET_PAT, test_mem,
+ TEST_MEM_DATA_PAT2, mem_size));
+ GUEST_ASSERT(do_mem_op(VERIFY_PAT, test_mem,
+ TEST_MEM_DATA_PAT2, mem_size));
+
+ /* Map the GPA range to be treated as shared */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, TEST_MEM_GPA,
+ mem_size >> MIN_PAGE_SHIFT,
+ KVM_MAP_GPA_RANGE_DECRYPTED | KVM_MAP_GPA_RANGE_PAGE_SZ_4K, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ /* Mark the GPA range to be treated as always accessed via shared
+ * access
+ */
+ ret = kvm_hypercall(KVM_HC_MAP_GPA_RANGE, 0, 0,
+ KVM_MARK_GPA_RANGE_ENC_ACCESS, 0);
+ GUEST_ASSERT_1(ret == 0, ret);
+
+ GUEST_ASSERT(do_mem_op(SET_PAT, test_mem,
+ TEST_MEM_DATA_PAT3, mem_size));
+ GUEST_SYNC(PSAWDAT_GUEST_SHARED_MEM_UPDATED2);
+
+ GUEST_ASSERT(do_mem_op(VERIFY_PAT, test_mem,
+ TEST_MEM_DATA_PAT4, mem_size));
+
+ GUEST_DONE();
+}
+
static struct test_run_helper priv_memfd_testsuite[] = {
[PMPAT_ID] = {
.test_desc = PMPAT_DESC,
@@ -815,6 +962,13 @@ static struct test_run_helper priv_memfd_testsuite[] = {
.vmst_handler = pspahct_handle_vm_stage,
.guest_fn = pspahct_guest_code,
},
+ [PSAWDAT_ID] = {
+ .test_desc = PSAWDAT_DESC,
+ .vmst_handler = psawdat_handle_vm_stage,
+ .guest_fn = psawdat_guest_code,
+ .toggle_shared_mem_state = true,
+ .disallow_boot_shared_access = true,
+ },
};
static void handle_vm_exit_hypercall(struct kvm_run *run,
@@ -825,6 +979,10 @@ static void handle_vm_exit_hypercall(struct kvm_run *run,
priv_memfd_testsuite[test_id].priv_memfd;
int ret;
int fallocate_mode;
+ void *shared_mem = priv_memfd_testsuite[test_id].shared_mem;
+ bool toggle_shared_mem_state =
+ priv_memfd_testsuite[test_id].toggle_shared_mem_state;
+ int mprotect_mode;
if (run->hypercall.nr != KVM_HC_MAP_GPA_RANGE) {
TEST_FAIL("Unhandled Hypercall %lld\n",
@@ -842,11 +1000,13 @@ static void handle_vm_exit_hypercall(struct kvm_run *run,
gpa, npages);
}
- if (attrs & KVM_MAP_GPA_RANGE_ENCRYPTED)
+ if (attrs & KVM_MAP_GPA_RANGE_ENCRYPTED) {
fallocate_mode = 0;
- else {
+ mprotect_mode = PROT_NONE;
+ } else {
fallocate_mode = (FALLOC_FL_PUNCH_HOLE |
FALLOC_FL_KEEP_SIZE);
+ mprotect_mode = PROT_READ | PROT_WRITE;
}
pr_info("Converting off 0x%lx pages 0x%lx to %s\n",
(gpa - TEST_MEM_GPA), npages,
@@ -857,6 +1017,17 @@ static void handle_vm_exit_hypercall(struct kvm_run *run,
npages << MIN_PAGE_SHIFT);
TEST_ASSERT(ret != -1,
"fallocate failed in hc handling");
+ if (toggle_shared_mem_state) {
+ if (fallocate_mode) {
+ ret = madvise(shared_mem, test_mem_size,
+ MADV_DONTNEED);
+ TEST_ASSERT(ret != -1,
+ "madvise failed in hc handling");
+ }
+ ret = mprotect(shared_mem, test_mem_size, mprotect_mode);
+ TEST_ASSERT(ret != -1,
+ "mprotect failed in hc handling");
+ }
run->hypercall.ret = 0;
}
@@ -867,7 +1038,11 @@ static void handle_vm_exit_memory_error(struct kvm_run *run,
int ret;
int priv_memfd =
priv_memfd_testsuite[test_id].priv_memfd;
+ void *shared_mem = priv_memfd_testsuite[test_id].shared_mem;
+ bool toggle_shared_mem_state =
+ priv_memfd_testsuite[test_id].toggle_shared_mem_state;
int fallocate_mode;
+ int mprotect_mode;
gpa = run->memory.gpa;
size = run->memory.size;
@@ -880,11 +1055,13 @@ static void handle_vm_exit_memory_error(struct kvm_run *run,
gpa, size);
}
- if (flags & KVM_MEMORY_EXIT_FLAG_PRIVATE)
+ if (flags & KVM_MEMORY_EXIT_FLAG_PRIVATE) {
fallocate_mode = 0;
- else {
+ mprotect_mode = PROT_NONE;
+ } else {
fallocate_mode = (FALLOC_FL_PUNCH_HOLE |
FALLOC_FL_KEEP_SIZE);
+ mprotect_mode = PROT_READ | PROT_WRITE;
}
pr_info("Converting off 0x%lx size 0x%lx to %s\n",
(gpa - TEST_MEM_GPA), size,
@@ -894,6 +1071,18 @@ static void handle_vm_exit_memory_error(struct kvm_run *run,
(gpa - TEST_MEM_GPA), size);
TEST_ASSERT(ret != -1,
"fallocate failed in memory error handling");
+
+ if (toggle_shared_mem_state) {
+ if (fallocate_mode) {
+ ret = madvise(shared_mem, test_mem_size,
+ MADV_DONTNEED);
+ TEST_ASSERT(ret != -1,
+ "madvise failed in memory error handling");
+ }
+ ret = mprotect(shared_mem, test_mem_size, mprotect_mode);
+ TEST_ASSERT(ret != -1,
+ "mprotect failed in memory error handling");
+ }
}
static void vcpu_work(struct kvm_vm *vm, uint32_t test_id)
@@ -924,14 +1113,14 @@ static void vcpu_work(struct kvm_vm *vm, uint32_t test_id)
if (run->exit_reason == KVM_EXIT_MMIO) {
if (run->mmio.phys_addr == MEM_SIZE_MMIO_ADDRESS) {
- // tell the guest the size of the memory
- // it's been allocated
+ /* tell the guest the size of the memory it's
+ * been allocated
+ */
int shift_amount = 0;
for (int i = 0; i < sizeof(uint64_t); ++i) {
- run->mmio.data[i] =
- (test_mem_size >>
- shift_amount) & BYTE_MASK;
+ run->mmio.data[i] = (test_mem_size >>
+ shift_amount) & BYTE_MASK;
shift_amount += CHAR_BIT;
}
}
@@ -985,6 +1174,9 @@ static void setup_and_execute_test(uint32_t test_id,
int ret;
void *shared_mem;
struct kvm_enable_cap cap;
+ bool disallow_boot_shared_access =
+ priv_memfd_testsuite[test_id].disallow_boot_shared_access;
+ int prot_flags = PROT_READ | PROT_WRITE;
vm = vm_create_default(VCPU_ID, 0,
priv_memfd_testsuite[test_id].guest_fn);
@@ -1036,10 +1228,12 @@ static void setup_and_execute_test(uint32_t test_id,
// set global for mem size to use later
test_mem_size = mem_size;
+ if (disallow_boot_shared_access)
+ prot_flags = PROT_NONE;
+
/* Allocate shared memory */
shared_mem = mmap(NULL, mem_size,
- PROT_READ | PROT_WRITE,
- mmap_flags, -1, 0);
+ prot_flags, mmap_flags, -1, 0);
TEST_ASSERT(shared_mem != MAP_FAILED, "Failed to mmap() host");
if (using_hugepages) {
@@ -1166,7 +1360,8 @@ int main(int argc, char *argv[])
for (uint32_t i = 0; i < ARRAY_SIZE(priv_memfd_testsuite); i++) {
for (uint32_t j = 0; j < ARRAY_SIZE(page_size_matrix); j++) {
- const struct page_combo current_page_matrix = page_size_matrix[j];
+ const struct page_combo current_page_matrix =
+ page_size_matrix[j];
if (should_skip_test(current_page_matrix,
use_2mb_pages, use_1gb_pages))
@@ -1174,8 +1369,10 @@ int main(int argc, char *argv[])
pr_info("=== Starting test %s... ===\n",
priv_memfd_testsuite[i].test_desc);
pr_info("using page sizes shared: %s private: %s\n",
- page_size_to_str(current_page_matrix.shared),
- page_size_to_str(current_page_matrix.private));
+ page_size_to_str(
+ current_page_matrix.shared),
+ page_size_to_str(
+ current_page_matrix.private));
hugepage_requirements_text(current_page_matrix);
setup_and_execute_test(i, current_page_matrix.shared,
current_page_matrix.private);
Add a memory conversion test without leading to double allocation of memory backing gpa ranges. Signed-off-by: Vishal Annapurve <vannapurve@google.com> --- tools/testing/selftests/kvm/priv_memfd_test.c | 225 ++++++++++++++++-- 1 file changed, 211 insertions(+), 14 deletions(-)