From patchwork Thu Nov  8 20:58:21 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jim Mattson <jmattson@google.com>
X-Patchwork-Id: 10675011
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7890F109C
	for <patchwork-kvm@patchwork.kernel.org>;
 Thu,  8 Nov 2018 20:58:29 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 656922A87B
	for <patchwork-kvm@patchwork.kernel.org>;
 Thu,  8 Nov 2018 20:58:29 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 5579E2A83B; Thu,  8 Nov 2018 20:58:29 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.5 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,
	USER_IN_DEF_DKIM_WL autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CBA082A2FB
	for <patchwork-kvm@patchwork.kernel.org>;
 Thu,  8 Nov 2018 20:58:28 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726813AbeKIGfl (ORCPT
        <rfc822;patchwork-kvm@patchwork.kernel.org>);
        Fri, 9 Nov 2018 01:35:41 -0500
Received: from mail-yw1-f73.google.com ([209.85.161.73]:53310 "EHLO
        mail-yw1-f73.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725723AbeKIGfl (ORCPT <rfc822;kvm@vger.kernel.org>);
        Fri, 9 Nov 2018 01:35:41 -0500
Received: by mail-yw1-f73.google.com with SMTP id p130-v6so8804086ywg.20
        for <kvm@vger.kernel.org>; Thu, 08 Nov 2018 12:58:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:in-reply-to:message-id:mime-version:references:subject:from:to
         :cc;
        bh=yNRfAxvC2JnKU1DuRcg9Ks1vaweRP3EfC0QsUoy5I4I=;
        b=EtZGxPXEicZl9Mm1Ezle9ZyHdb9iWvJrYMLuBe1teqAShXFrojhQNaE31a0DL4ajmU
         bYWoPVbXBh74ncXM+EzaCPLWUyep3b/seycD5gRQMQxELjrrkN6MQxaoknRHB4cex/Cd
         2PJbj4w7RVU2d0pR8cxmEpvHIQaZS1eyUj8N1VCPtoxIypK6Ww/WMSG8+itALpCFV0Vp
         XLrUQvAt82/9/IM/fvHQHZJWYPvjF7rM9+BWgj2TJkODAOaeaVylYKP4DcsR746/7UXU
         EIHq/l5VytA3pATfXkv9TS6Ve0Y0uRHNK+kdBp9Gahk1FxP8diEpdD9C3Oh0p4zUZZcW
         siKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:in-reply-to:message-id:mime-version
         :references:subject:from:to:cc;
        bh=yNRfAxvC2JnKU1DuRcg9Ks1vaweRP3EfC0QsUoy5I4I=;
        b=etBWLWPxBewXb7zwqSDhWo8TC7eyf273PIi0MrMrpDHlhsAsQCecQCG07c4LQvgvsf
         SQ9SWMnaR/aUWM4Z/2lAbfoUFFOfFMKsii6e+mxUdQWMw8ns2uLgWrrUEJFOdhWnXsqG
         QlNYvySPz+U8GDKXbLGsgq/RW1PrNNO39wMiHvI7RXQGPXAKmGKaF07dcW/G3tLf+icF
         7PeBuH8xU+TyhhmFYNSw2HJNkuREUmG4r92XX3OfYBn6x8l8z7Y4XYzbLbWf4qi5yYOQ
         EpXcleYFrm8hKhORmLBE7WkJvIWNuRbzI0fS0fw0T2TglJURErwazh1/MPBEg9aIfFu3
         frGA==
X-Gm-Message-State: AGRZ1gJJJRAGIkndry2Y7CM2iMXT/t7pHbbtR6iXRVsC2/aH5CF3LhRQ
        AL/ET0NxP4I4by3nonha8iyt3BHsdmffp9/a+jffPtPdvTJLRjcG/8cwKI7jHFQ7C7AOUZWgAt5
        G9+60aTqP9Gysfnv7KWURBHbD+tQAdiC5/vfbKyIKjNGdf7PyTwpkCAQmo1saAME=
X-Google-Smtp-Source: 
 AJdET5eGu3x/pDmlaU1M2RbRkWThfnAhTy0zL5rM6dwc7RRBnc1eKQxk14s1TVxwU1Ik9yNJYXDqPsYKojkXwg==
X-Received: by 2002:a25:e78c:: with SMTP id
 e134-v6mr3004980ybh.90.1541710706276;
 Thu, 08 Nov 2018 12:58:26 -0800 (PST)
Date: Thu,  8 Nov 2018 12:58:21 -0800
In-Reply-To: 
 <CALMp9eQ3aersxVTWdRxCa9V1PSKXjWYcpj6jYdjzFzJGWvLtiQ@mail.gmail.com>
Message-Id: <20181108205821.80525-1-jmattson@google.com>
Mime-Version: 1.0
References: 
 <CALMp9eQ3aersxVTWdRxCa9V1PSKXjWYcpj6jYdjzFzJGWvLtiQ@mail.gmail.com>
X-Mailer: git-send-email 2.19.1.930.g4563a0d9d0-goog
Subject: [kvm-unit-tests PATCH v2] x86: nVMX: Test of IA32_TSC on VM-exit
 MSR-store list
From: Jim Mattson <jmattson@google.com>
To: kvm@vger.kernel.org
Cc: Marc Orr <marcorr@google.com>, Peter Shier <pshier@google.com>,
        Liran Alon <liran.alon@oracle.com>,
        Jim Mattson <jmattson@google.com>
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

When IA32_TSC is on the VM-exit MSR-store list, the value saved is not
subject to the "use TSC offsetting" VM-execution control for the
current VMCS.

Prior to commit e79f245ddec17 ("X86/KVM: Properly update 'tsc_offset'
to represent the running guest"), kvm did not handle this situation
properly.

Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Marc Orr <marcorr@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
---
 x86/unittests.cfg |  6 ++++++
 x86/vmx.h         |  1 +
 x86/vmx_tests.c   | 45 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 52 insertions(+)

diff --git a/x86/unittests.cfg b/x86/unittests.cfg
index 3b21a85..9448409 100644
--- a/x86/unittests.cfg
+++ b/x86/unittests.cfg
@@ -572,6 +572,12 @@ extra_params = -cpu host,+vmx -m 2560 -append vmx_pending_event_hlt_test
 arch = x86_64
 groups = vmx
 
+[vmx_store_tsc_test]
+file = vmx.flat
+extra_params = -cpu host,+vmx -m 2560 -append vmx_store_tsc_test
+arch = x86_64
+groups = vmx
+
 [vmx_db_test]
 file = vmx.flat
 extra_params = -cpu host,+vmx -m 2560 -append vmx_db_test
diff --git a/x86/vmx.h b/x86/vmx.h
index ba47455..8a00f73 100644
--- a/x86/vmx.h
+++ b/x86/vmx.h
@@ -384,6 +384,7 @@ enum Ctrl_pin {
 
 enum Ctrl0 {
 	CPU_INTR_WINDOW		= 1ul << 2,
+	CPU_USE_TSC_OFFSET	= 1ul << 3,
 	CPU_HLT			= 1ul << 7,
 	CPU_INVLPG		= 1ul << 9,
 	CPU_MWAIT		= 1ul << 10,
diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
index b105b23..bcdc611 100644
--- a/x86/vmx_tests.c
+++ b/x86/vmx_tests.c
@@ -5031,6 +5031,50 @@ static void vmx_pending_event_hlt_test(void)
 	vmx_pending_event_test_core(true);
 }
 
+#define GUEST_TSC_OFFSET (1u << 30)
+
+static u64 guest_tsc;
+
+static void vmx_store_tsc_test_guest(void)
+{
+	guest_tsc = rdtsc();
+}
+
+/*
+ * This test ensures that when IA32_TSC is in the VM-exit MSR-store
+ * list, the value saved is not subject to the TSC offset that is
+ * applied to RDTSC/RDTSCP/RDMSR(IA32_TSC) in guest execution.
+ */
+static void vmx_store_tsc_test(void)
+{
+	struct vmx_msr_entry msr_entry = { .index = MSR_IA32_TSC };
+	u64 low, high;
+
+	if (!(ctrl_cpu_rev[0].clr & CPU_USE_TSC_OFFSET)) {
+		report_skip("'Use TSC offsetting' not supported");
+		return;
+	}
+
+	test_set_guest(vmx_store_tsc_test_guest);
+
+	vmcs_set_bits(CPU_EXEC_CTRL0, CPU_USE_TSC_OFFSET);
+	vmcs_write(EXI_MSR_ST_CNT, 1);
+	vmcs_write(EXIT_MSR_ST_ADDR, virt_to_phys(&msr_entry));
+	vmcs_write(TSC_OFFSET, GUEST_TSC_OFFSET);
+
+	low = rdtsc();
+	enter_guest();
+	high = rdtsc();
+
+	report("RDTSC value in the guest (%lu) is in range [%lu, %lu]",
+	       low + GUEST_TSC_OFFSET <= guest_tsc &&
+	       guest_tsc <= high + GUEST_TSC_OFFSET,
+	       guest_tsc, low + GUEST_TSC_OFFSET, high + GUEST_TSC_OFFSET);
+	report("IA32_TSC value saved in the VM-exit MSR-store list (%lu) is in range [%lu, %lu]",
+	       low <= msr_entry.value && msr_entry.value <= high,
+	       msr_entry.value, low, high);
+}
+
 static void vmx_db_test_guest(void)
 {
 	/*
@@ -5835,6 +5879,7 @@ struct vmx_test vmx_tests[] = {
 	TEST(vmx_db_test),
 	TEST(vmx_pending_event_test),
 	TEST(vmx_pending_event_hlt_test),
+	TEST(vmx_store_tsc_test),
 	/* EPT access tests. */
 	TEST(ept_access_test_not_present),
 	TEST(ept_access_test_read_only),