diff mbox series

[RFC,kvm-unit-tests,26/27] arm: realm: Add a test for shared memory

Message ID 20230127114108.10025-27-joey.gouly@arm.com (mailing list archive)
State New, archived
Headers show
Series Support for Arm Confidential Compute Architecture | expand

Commit Message

Joey Gouly Jan. 27, 2023, 11:41 a.m. UTC
From: Suzuki K Poulose <suzuki.poulose@arm.com>

Do some basic tests that trigger marking a memory region as
RIPAS_EMPTY and accessing the shared memory. Also, convert it back
to RAM and make sure the contents are scrubbed.

Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Joey Gouly <joey.gouly@arm.com>
---
 arm/Makefile.arm64    |  1 +
 arm/realm-ns-memory.c | 86 +++++++++++++++++++++++++++++++++++++++++++
 arm/unittests.cfg     |  8 ++++
 3 files changed, 95 insertions(+)
 create mode 100644 arm/realm-ns-memory.c
diff mbox series

Patch

diff --git a/arm/Makefile.arm64 b/arm/Makefile.arm64
index 0a0c4f2c..9b41e841 100644
--- a/arm/Makefile.arm64
+++ b/arm/Makefile.arm64
@@ -44,6 +44,7 @@  tests += $(TEST_DIR)/realm-rsi.flat
 tests += $(TEST_DIR)/realm-attest.flat
 tests += $(TEST_DIR)/realm-fpu.flat
 tests += $(TEST_DIR)/realm-sea.flat
+tests += $(TEST_DIR)/realm-ns-memory.flat
 
 include $(SRCDIR)/$(TEST_DIR)/Makefile.common
 
diff --git a/arm/realm-ns-memory.c b/arm/realm-ns-memory.c
new file mode 100644
index 00000000..8360c371
--- /dev/null
+++ b/arm/realm-ns-memory.c
@@ -0,0 +1,86 @@ 
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) 2022 Arm Limited.
+ * All rights reserved.
+ */
+
+#include <asm/io.h>
+#include <alloc_page.h>
+#include <bitops.h>
+
+#define GRANULE_SIZE 	0x1000
+#define BUF_SIZE	(PAGE_SIZE * 2)
+#define BUF_PAGES	(BUF_SIZE / PAGE_SIZE)
+#define BUF_GRANULES	(BUF_SIZE / GRANULE_SIZE)
+
+static char __attribute__((aligned(PAGE_SIZE))) buffer[BUF_SIZE];
+
+static void static_shared_buffer_test(void)
+{
+	int i;
+
+	set_memory_decrypted((unsigned long)buffer, sizeof(buffer));
+	for (i = 0; i < sizeof(buffer); i += GRANULE_SIZE)
+		buffer[i] = (char)i;
+
+	/*
+	 * Verify the content of the NS buffer
+	 */
+	for (i = 0; i < sizeof(buffer); i += GRANULE_SIZE) {
+		if (buffer[i] != (char)i) {
+			report(false, "Failed to set Non Secure memory");
+			return;
+		}
+	}
+
+	/* Make the buffer back to protected... */
+	set_memory_encrypted((unsigned long)buffer, sizeof(buffer));
+	/* .. and check if the contents were destroyed */
+	for (i = 0; i < sizeof(buffer); i += GRANULE_SIZE) {
+		if (buffer[i] != 0) {
+			report(false, "Failed to scrub protected memory");
+			return;
+		}
+	}
+
+	report(true, "Conversion of protected memory to shared and back");
+}
+
+static void dynamic_shared_buffer_test(void)
+{
+	char *ns_buffer;
+	int i;
+	int order = get_order(BUF_PAGES);
+
+	ns_buffer = alloc_pages_shared(order);
+	assert(ns_buffer);
+	for (i = 0; i < sizeof(buffer); i += GRANULE_SIZE)
+		ns_buffer[i] = (char)i;
+
+	/*
+	 * Verify the content of the NS buffer
+	 */
+	for (i = 0; i < sizeof(buffer); i += GRANULE_SIZE) {
+		if (ns_buffer[i] != (char)i) {
+			report(false, "Failed to set Non Secure memory");
+			return;
+		}
+	}
+	free_pages_shared(ns_buffer);
+	report(true, "Dynamic allocation and free of shared memory\n");
+}
+
+static void ns_test(void)
+{
+	static_shared_buffer_test();
+	dynamic_shared_buffer_test();
+}
+
+int main(int argc, char **argv)
+{
+	report_prefix_pushf("ns-memory");
+	ns_test();
+	report_prefix_pop();
+
+	return report_summary();
+}
diff --git a/arm/unittests.cfg b/arm/unittests.cfg
index 5e9e1cbd..8173ccfe 100644
--- a/arm/unittests.cfg
+++ b/arm/unittests.cfg
@@ -361,3 +361,11 @@  smp = 1
 extra_params = -m 32 -append 'measurement'
 accel = kvm
 arch = arm64
+
+[realm-ns-memory]
+file=realm-ns-memory.flat
+groups = nodefault realms
+smp = 1
+extra_params = -m 32
+accel = kvm
+arch = arm64