From patchwork Tue Dec 12 20:46:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sagi Shahar X-Patchwork-Id: 13489925 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B583FC4332F for ; Tue, 12 Dec 2023 20:47:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A76F6B038A; Tue, 12 Dec 2023 15:47:38 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 661536B038C; Tue, 12 Dec 2023 15:47:38 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4822B6B038D; Tue, 12 Dec 2023 15:47:38 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 325FA6B038A for ; Tue, 12 Dec 2023 15:47:38 -0500 (EST) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id E7A4CA0AB3 for ; Tue, 12 Dec 2023 20:47:37 +0000 (UTC) X-FDA: 81559352154.22.CEB8C66 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf21.hostedemail.com (Postfix) with ESMTP id 241EA1C0016 for ; Tue, 12 Dec 2023 20:47:35 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YLwMC5RJ; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf21.hostedemail.com: domain of 358Z4ZQUKCIo6ouw6u22uzs.q20zw18B-00y9oqy.25u@flex--sagis.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=358Z4ZQUKCIo6ouw6u22uzs.q20zw18B-00y9oqy.25u@flex--sagis.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1702414056; a=rsa-sha256; cv=none; b=GCrL71Y/39cec+1zgrEeu/jBx/yhD36LapnbfzUW9cBHp7KcUUCG2wxa6N4foBrF5dCqkM BC6wXWKgAK2PbJtmi9KaHC1lWo7sYnYkTgcmVMgi99Re8PSxd+4XLeWLWtRRXI1/2QeP7z YmDfF1c1A6UE0B6JhnS0Edt2d4OMPKo= ARC-Authentication-Results: i=1; imf21.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=YLwMC5RJ; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf21.hostedemail.com: domain of 358Z4ZQUKCIo6ouw6u22uzs.q20zw18B-00y9oqy.25u@flex--sagis.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=358Z4ZQUKCIo6ouw6u22uzs.q20zw18B-00y9oqy.25u@flex--sagis.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1702414056; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=OBiOJZf7KtnyH3BNNYJPAadRM1tNvWRCeEycOvMN+pU=; b=wOj3EPgF5OP7U+FLXYimsoae6iXkCcrTOPRSXV3CbpeljmVh0lPgpwlcK7alAFzeEFY+3t q9HFQok2iqyHQgCvQgfCewxqpUGrrXPPCbgRvZQKSvVLRdojVMlujEpMrX2NCLHiAP8ali slHGyEUl6ZMoTswG/csuPdvneYP4G6U= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1d341b6945dso4252275ad.0 for ; Tue, 12 Dec 2023 12:47:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1702414055; x=1703018855; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=OBiOJZf7KtnyH3BNNYJPAadRM1tNvWRCeEycOvMN+pU=; b=YLwMC5RJmLmMlFnW3qK5E/xUyANUCIRARavyyAUZr25s91SokLKKd9lfzlnRvgpIQY qoZ8Yjcf5/+I7uEZmoI8Yj3r77mSS9OIBwRkMGFn9ovXNWC02ERQUKH7X7l9OLW+y0TN SpqppVRLRNCzECX6JAbDR9BUsV1SzrTf9pfaKiK4kMyBm3sQP7eBh0k8tG9wTrWVbOZi KY9WgztyorJnk5H8TVNy6OFvb3xoL+cewrF3iP4NGWLMgAgPnVX2T1krmVmAwknMMEeV u7DU7uSRqkMqAFj0e+1JmXSyBc2cetIC0h9RfnQsPB3mVzDEZ4RJtuBvP2bxnfts7fdV BLJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702414055; x=1703018855; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=OBiOJZf7KtnyH3BNNYJPAadRM1tNvWRCeEycOvMN+pU=; b=H6G1ap44LIuo4iKBk+azM+dApDJ7pTWTq79G/IKIbFToJL8wPQXzHZLYRzeiXXOEA1 BcJf7PRC+5SdacGikerNJd6cSDSjUyMaqwL8cxE3PBiz0w2nUq4Hw9y8B/8SZTL9fCVA 1jZOAxxqCBVegokdoLzRrRL1ajp5g5Cht5QWvVtXMqEW26B5Z6rBx7Jbo/zw0WxZfDtU szCVpuZRB+imbYNYbG06hbG68kSr/iTaKTF3s1dot+lyoB9Snp0LLoqAuaWv3wz4mJah 0gCtz++urBLaO2DBNOyX7/WNyejhBIaSpOqFqrjf6SAQ1zkf7Jxzn3Z10YlW1KcKngz6 PL3w== X-Gm-Message-State: AOJu0Yw/3T1OWK8446zfhCMy3oahDuO7poFGdC24fWWWGdP646U1z1Ui 5beftohfX6PKavruzJhATzPVuU4lKA== X-Google-Smtp-Source: AGHT+IF9mFDmE+EjddG5s/SyOCpTwUm15KmEORbZmtsVTD+OTDrv2Qk/i5lTzBYVQ+p74U2xuSBWL1QG8w== X-Received: from sagi.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:241b]) (user=sagis job=sendgmr) by 2002:a17:902:cec5:b0:1d2:f388:6def with SMTP id d5-20020a170902cec500b001d2f3886defmr52709plg.10.1702414055001; Tue, 12 Dec 2023 12:47:35 -0800 (PST) Date: Tue, 12 Dec 2023 12:46:35 -0800 In-Reply-To: <20231212204647.2170650-1-sagis@google.com> Mime-Version: 1.0 References: <20231212204647.2170650-1-sagis@google.com> X-Mailer: git-send-email 2.43.0.472.g3155946c3a-goog Message-ID: <20231212204647.2170650-21-sagis@google.com> Subject: [RFC PATCH v5 20/29] KVM: selftests: TDX: Verify the behavior when host consumes a TD private memory From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Ackerley Tng , Ryan Afranji , Erdem Aktas , Sagi Shahar , Isaku Yamahata Cc: Sean Christopherson , Paolo Bonzini , Shuah Khan , Peter Gonda , Haibo Xu , Chao Peng , Vishal Annapurve , Roger Wang , Vipin Sharma , jmattson@google.com, dmatlack@google.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 241EA1C0016 X-Stat-Signature: ywfn6pekaeh9xubu6q5iy83mnzf3rudf X-HE-Tag: 1702414055-305470 X-HE-Meta: U2FsdGVkX18MNlkRWnN3TqAs1YUNpF85E2jcViyOeTzRBk203xkyRQWsD72MYcG9TK+3av4SciYOMNrx9kP6nXXyTzALAs6MiA3E5PFyW47ac4ttkcz8EoBNNOztJllGiZSaEUS2ezRSUVIgaQt8K4J7HJRxSi5J6lwvL+2EzBqaMsZheYCIPMSNcsUVtVIbj9IOKpprndEXZSuUW7GOrwAlHUlEeprAjakf2fD67eBIchIZ/bC1oWxZJ7UGDIEQ0w3NS28sJwPjj9Slxpnsy59m0wI6O24iVvPb1ggkTHOg4UXmOhAPYP1K8G/BgR/YL+0igGJVAVkr0/g/uICcU8W7Zeb1NO6wczGyU6g94qkCl/YLGIU/KD3PQsO3axrshaOefDTyyZJ1g+F03XYrFmJhFQtW6CTRRFD4Rf+Kwk3mSjKdpir8pU66fBUvR/CYkKt8EqCYTc5XvNxso/iiYxTt7mEO4hPEIf3Z0HuAQpzjV+a4VcGrkmNRx1sd+fuFN0RUEDfO2f7R1rCx54vH/ONR7bKYBwcDLCDVR8LAg/CovCdPpIJ2Cfu15KpfFK8W1X1TXZHg5dc8lRFwjb/ldrcBR55GxRO3hBCRvADEJzeGseuY9x3ae0PFWYGO7gXFl1VfLy+BxWsG3WXPIbQ8QfZoEPIoFS7ncfDwriqy2cjyxDrYXmc5LT/I1Ya4X57/ILZ8jDIf3XIGluuGtL0ry2Dxv8uDzlfa0/MeUSqiQUJcD8GRv0X8+kj6RzPHC4T4B68/DtkK7KiIAD6Q/88gQu4H+uUSmXPO48EMIeCeFnpiF2eUOffv2i3r8a6cCCUn0zCmXVJIzjRI6BpeFv+Hx01y/TpEZTXWEj4Eh79ULuW2sgFSfMuqHRSE3kUHfPEMdSK0wNJLbf41N3rvoseRPhJFHv5srmDfvsnPxko3uzUDLoixMSLqUDkNVrPoq4R3lHGiJN6JgP0mhrS3CH1 qbJWDp8o s6S7/QRdjF72OAFRJomlUjWas1yRO4tCHWpVr2w6NPdg3TuGQwNOGy+942OC0WnRJJFHHhj3u4UKAoqwrCXMuV9QdXLiD5SNfFn5cHtA3Lj6WB+pxJog9lRMKko7hE+KtsXmKttOxc1haLAHvCbTsoXcqNScv5zk17Hf+XWQay0801YMnWEQXFusRsENQymYVpL6Zo65zMvxO4tnC4rj1TqWbwudQRAxM2EXJQh/agsrCoa/XgvHG1eFHRozcFEduia1mzGnyW9qOUYoqbDumy/UXDzgiH3ezZvAuz973MF6X+GtM7zI0Jabw2/Tit4DN0yFfZOSEYu50GhHz3heR6J2BNTTgoYo8A5QpSD2OmaSldu+pZjjKmroENXGAMx2jIM5/Zyjr2DhUUqiISsdnX9vZwso1JcwiriKJdqb6gnbzMY6RJhDzyQ9yajuMH27kX6nQcPtcvuCjSvCZhhV5laNrob1Z+pL05sOY+mJE7EwtJ2iru80jS84GOp3jn5c8O4j61cgPLpqqnLB1hJlNGCknwV24TiUiwboYthw/OGFHbNhmXYg3xcszKU7pDaCiFa1j1BvtaYgU2y0xRKG/AZ8dNftNH4SDy8Rj X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ryan Afranji The test checks that host can only read fixed values when trying to access the guest's private memory. Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar Signed-off-by: Ackerley Tng --- .../selftests/kvm/x86_64/tdx_vm_tests.c | 85 +++++++++++++++++++ 1 file changed, 85 insertions(+) diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c index 6935604d768b..c977223ff871 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -1062,6 +1062,90 @@ void verify_td_cpuid_tdcall(void) printf("\t ... PASSED\n"); } +/* + * Shared variables between guest and host for host reading private mem test + */ +static uint64_t tdx_test_host_read_private_mem_addr; +#define TDX_HOST_READ_PRIVATE_MEM_PORT_TEST 0x53 + +void guest_host_read_priv_mem(void) +{ + uint64_t ret; + uint64_t placeholder = 0; + + /* Set value */ + *((uint32_t *) tdx_test_host_read_private_mem_addr) = 0xABCD; + + /* Exit so host can read value */ + ret = tdg_vp_vmcall_instruction_io( + TDX_HOST_READ_PRIVATE_MEM_PORT_TEST, 4, + TDG_VP_VMCALL_INSTRUCTION_IO_WRITE, &placeholder); + if (ret) + tdx_test_fatal(ret); + + /* Update guest_var's value and have host reread it. */ + *((uint32_t *) tdx_test_host_read_private_mem_addr) = 0xFEDC; + + tdx_test_success(); +} + +void verify_host_reading_private_mem(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + + vm_vaddr_t test_page; + uint64_t *host_virt; + uint64_t first_host_read; + uint64_t second_host_read; + + vm = td_create(); + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); + vcpu = td_vcpu_add(vm, 0, guest_host_read_priv_mem); + + test_page = vm_vaddr_alloc_page(vm); + TEST_ASSERT(test_page < BIT_ULL(32), + "Test address should fit in 32 bits so it can be sent to the guest"); + + host_virt = addr_gva2hva(vm, test_page); + TEST_ASSERT(host_virt != NULL, + "Guest address not found in guest memory regions\n"); + + tdx_test_host_read_private_mem_addr = test_page; + sync_global_to_guest(vm, tdx_test_host_read_private_mem_addr); + + td_finalize(vm); + + printf("Verifying host's behavior when reading TD private memory:\n"); + + td_vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + TDX_TEST_ASSERT_IO(vcpu, TDX_HOST_READ_PRIVATE_MEM_PORT_TEST, + 4, TDG_VP_VMCALL_INSTRUCTION_IO_WRITE); + printf("\t ... Guest's variable contains 0xABCD\n"); + + /* Host reads guest's variable. */ + first_host_read = *host_virt; + printf("\t ... Host's read attempt value: %lu\n", first_host_read); + + /* Guest updates variable and host rereads it. */ + td_vcpu_run(vcpu); + TDX_TEST_CHECK_GUEST_FAILURE(vcpu); + printf("\t ... Guest's variable updated to 0xFEDC\n"); + + second_host_read = *host_virt; + printf("\t ... Host's second read attempt value: %lu\n", + second_host_read); + + TEST_ASSERT(first_host_read == second_host_read, + "Host did not read a fixed pattern\n"); + + printf("\t ... Fixed pattern was returned to the host\n"); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { setbuf(stdout, NULL); @@ -1084,6 +1168,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_mmio_reads); run_in_new_process(&verify_mmio_writes); run_in_new_process(&verify_td_cpuid_tdcall); + run_in_new_process(&verify_host_reading_private_mem); return 0; }