From patchwork Thu Dec 16 17:13:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682241 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 963E9C4332F for ; Thu, 16 Dec 2021 17:16:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240124AbhLPRQm (ORCPT ); Thu, 16 Dec 2021 12:16:42 -0500 Received: from mail-dm6nam12on2079.outbound.protection.outlook.com ([40.107.243.79]:47328 "EHLO NAM12-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRQl (ORCPT ); Thu, 16 Dec 2021 12:16:41 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LKLNMWBPo7zUZo7V/xw34v4Zc9UxV1AODt3Oh+0q+sLH5N+7WVCX/RCjwXzOQeHoK1/WMrPx5f16dUO8dRhyLacAhnDpmoZ12aNl+Yg8AfovOng3slm68YWWpZyiSGvtLAqnhEO/3qkQhsi5ji516wPGQ7oQMqP4uv3aZJhlZ6NsQLXOuAjWL8wT98QANMaeA1Arb7A9jIzQdSOoEZbG4kzKMJVl/iNk87OT8mjCZVLDHNpo3joxnpkiS0BTdGoTV4HuW7Xo+kdtQRwpulz3SHXzaiP3mMtRw3B6uYQL5joSvMwJRAs7ZUjREMAYXtDGVADEO0T2CTq8VvB7pjmAyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=r4d3EJiV7+G8vrnfvVnAUGXj1uHWx1uaA+2immzxeB8=; b=LXJLvoqAK9hFJNPlbiWxueadktF6t9vbS3vfc5a9IG+fJWpFpZyz1O/T5L7QU/+f5+8b8Y16DJQaOJhl9ICJyN0MtRSIU3ecWjVY6Lc6Lt/hBIYQl57HxmE1Rwlvl3nZ6sihSy2yYdS+uPfNImZYWfV9zfbXvliEUYYkuwvSti8O3mcwgK+iPeFaYNuN3SwQgjAwjIQoHWKKASvwNfMx+mTCskrQojJi5d5W5mfec7Rsa0Uccy68CSKHhc7oBcAM1KFFqVl3NZ2g2JTb5X5Vhl49elhMaeMA8cKflo23n1B5T2YiN8LsA2ie3mFZU9pK/MMyJaI4SSpb3qD5YRLfYg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r4d3EJiV7+G8vrnfvVnAUGXj1uHWx1uaA+2immzxeB8=; b=bZSqr9taixZzwq7k1vryhVeS9w5Cn9ira9zQJKib5x0oLdOhvphqtLDFjmTX3Ir7+PPY0ewv+VT0+UUR3gxdyEmw3rJ7B424tXDni7ZHxECODP6qyR5jfKPiYQAxKQBGz93CxBO+8yq5BvA92gGgRiJQOS+ZNzN9MkWi8pz4r3U= Received: from MWHPR19CA0060.namprd19.prod.outlook.com (2603:10b6:300:94::22) by MWHPR12MB1471.namprd12.prod.outlook.com (2603:10b6:301:e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.12; Thu, 16 Dec 2021 17:16:38 +0000 Received: from CO1NAM11FT023.eop-nam11.prod.protection.outlook.com (2603:10b6:300:94:cafe::3a) by MWHPR19CA0060.outlook.office365.com (2603:10b6:300:94::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.15 via Frontend Transport; Thu, 16 Dec 2021 17:16:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT023.mail.protection.outlook.com (10.13.175.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:16:38 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:16:37 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 01/13] KVM: selftests: move vm_phy_pages_alloc() earlier in file Date: Thu, 16 Dec 2021 11:13:46 -0600 Message-ID: <20211216171358.61140-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3ed10bdb-8c16-417b-c0df-08d9c0b7d234 X-MS-TrafficTypeDiagnostic: MWHPR12MB1471:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: +66sks8HOlpMBB22RhLvpcMqI1nJcY2FaG5GOqF/uMg1M18SMqbP1TB/5QI8hCOHVv4NkwggW7sh7pM0Yzhh4rnRcZkmuJ7IVGSV+0Q68Ao6tFMMYFr/ee6LbpKcSaXIZOCX236tAu0HuE19+jvV1CpX9bPhwa0TbPjb6DAT57fmB/47e5yXE/skpddfdmmj8I2I0LpejfMesV2AHZayleLKa2mLqMiWkyftq5v0Z/AahJQw7rKZO8oYM5VM3iJDhbtkqZUKTZwco6N8ihQbv644ogcWvroRcUnw3UBob+peDG9BkCLaSZD5qVtcOxUekXg0HgZAPgkM1W/oZlD0SVSz0kMVZYVTJ/XpkNJIRL9H7dJzujbSJPjQvZgMpY30CtgP9XUtLYJ+zqWSh9cfMX8jn5UZwasifRwnmKTh25XhTtZT+NhD3vD187eyHkbX7h1siqoBB+O0bK6Rz4MTrARvRcu7uPahB4gYxPH3lnTGYqtf3t3kh21B0Xub3VJkTBm7kHhMMFd7KaO3dls7hBWgB1loSTlk7zU88unVmRKOzNxB8efJj0ziWCRL+BCcaxRFvFe9jabBsAxZ+JNe7xtKPvWWwvTyupmYXSA5ZR2MkcLUAIbnFvSmY+f8wIpAf37+lT5J+JIIHibam6CL8nCrlaw/ZzH9v/IUUHZdRGO+pELDiuOUA008PeVeU0lQzlSG1xbE6Hwvwv1hucnOd+XijxBONSw9LPvBBdynLOa8GFEwRhkIcBSJyka9yVVe9xB8jsu+iPnXFtG3p8rG5LCpnkTITyK0aLZ8hPtxJ3w= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(70586007)(2616005)(336012)(81166007)(6916009)(82310400004)(26005)(8676002)(7416002)(6666004)(86362001)(44832011)(36860700001)(83380400001)(508600001)(186003)(8936002)(316002)(2906002)(16526019)(426003)(4326008)(36756003)(40460700001)(5660300002)(54906003)(1076003)(356005)(47076005)(70206006)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:16:38.6294 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3ed10bdb-8c16-417b-c0df-08d9c0b7d234 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT023.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1471 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Subsequent patches will break some of this code out into file-local helper functions, which will be used by functions like vm_vaddr_alloc(), which currently are defined earlier in the file, so a forward declaration would be needed. Instead, move it earlier in the file, just above vm_vaddr_alloc() and and friends, which are the main users. Reviewed-by: Mingwei Zhang Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/kvm_util.c | 146 ++++++++++----------- 1 file changed, 73 insertions(+), 73 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 8f2e0bb1ef96..f0f0250847f3 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1153,6 +1153,79 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) list_add(&vcpu->list, &vm->vcpus); } +/* + * Physical Contiguous Page Allocator + * + * Input Args: + * vm - Virtual Machine + * num - number of pages + * paddr_min - Physical address minimum + * memslot - Memory region to allocate page from + * + * Output Args: None + * + * Return: + * Starting physical address + * + * Within the VM specified by vm, locates a range of available physical + * pages at or above paddr_min. If found, the pages are marked as in use + * and their base address is returned. A TEST_ASSERT failure occurs if + * not enough pages are available at or above paddr_min. + */ +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + struct userspace_mem_region *region; + sparsebit_idx_t pg, base; + + TEST_ASSERT(num > 0, "Must allocate at least one page"); + + TEST_ASSERT((paddr_min % vm->page_size) == 0, "Min physical address " + "not divisible by page size.\n" + " paddr_min: 0x%lx page_size: 0x%x", + paddr_min, vm->page_size); + + region = memslot2region(vm, memslot); + base = pg = paddr_min >> vm->page_shift; + + do { + for (; pg < base + num; ++pg) { + if (!sparsebit_is_set(region->unused_phy_pages, pg)) { + base = pg = sparsebit_next_set(region->unused_phy_pages, pg); + break; + } + } + } while (pg && pg != base + num); + + if (pg == 0) { + fprintf(stderr, "No guest physical page available, " + "paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", + paddr_min, vm->page_size, memslot); + fputs("---- vm dump ----\n", stderr); + vm_dump(stderr, vm, 2); + abort(); + } + + for (pg = base; pg < base + num; ++pg) + sparsebit_clear(region->unused_phy_pages, pg); + + return base * vm->page_size; +} + +vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, + uint32_t memslot) +{ + return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); +} + +/* Arbitrary minimum physical address used for virtual translation tables. */ +#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 + +vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) +{ + return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); +} + /* * VM Virtual Address Unused Gap * @@ -2195,79 +2268,6 @@ const char *exit_reason_str(unsigned int exit_reason) return "Unknown"; } -/* - * Physical Contiguous Page Allocator - * - * Input Args: - * vm - Virtual Machine - * num - number of pages - * paddr_min - Physical address minimum - * memslot - Memory region to allocate page from - * - * Output Args: None - * - * Return: - * Starting physical address - * - * Within the VM specified by vm, locates a range of available physical - * pages at or above paddr_min. If found, the pages are marked as in use - * and their base address is returned. A TEST_ASSERT failure occurs if - * not enough pages are available at or above paddr_min. - */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) -{ - struct userspace_mem_region *region; - sparsebit_idx_t pg, base; - - TEST_ASSERT(num > 0, "Must allocate at least one page"); - - TEST_ASSERT((paddr_min % vm->page_size) == 0, "Min physical address " - "not divisible by page size.\n" - " paddr_min: 0x%lx page_size: 0x%x", - paddr_min, vm->page_size); - - region = memslot2region(vm, memslot); - base = pg = paddr_min >> vm->page_shift; - - do { - for (; pg < base + num; ++pg) { - if (!sparsebit_is_set(region->unused_phy_pages, pg)) { - base = pg = sparsebit_next_set(region->unused_phy_pages, pg); - break; - } - } - } while (pg && pg != base + num); - - if (pg == 0) { - fprintf(stderr, "No guest physical page available, " - "paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", - paddr_min, vm->page_size, memslot); - fputs("---- vm dump ----\n", stderr); - vm_dump(stderr, vm, 2); - abort(); - } - - for (pg = base; pg < base + num; ++pg) - sparsebit_clear(region->unused_phy_pages, pg); - - return base * vm->page_size; -} - -vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, - uint32_t memslot) -{ - return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); -} - -/* Arbitrary minimum physical address used for virtual translation tables. */ -#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 - -vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) -{ - return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); -} - /* * Address Guest Virtual to Host Virtual * From patchwork Thu Dec 16 17:13:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682243 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8EA17C433FE for ; Thu, 16 Dec 2021 17:17:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240132AbhLPRRE (ORCPT ); Thu, 16 Dec 2021 12:17:04 -0500 Received: from mail-dm6nam10on2054.outbound.protection.outlook.com ([40.107.93.54]:25958 "EHLO NAM10-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRRD (ORCPT ); Thu, 16 Dec 2021 12:17:03 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eOgUPdARqR3CCMZ2NFZpSus4YnYjRe6m0mMGy0Td5hZjKEUG1AgF+w23RL98+MMTcqfmrNGY4RZUDtZO4sKBlFNsIKsSOv1fr60X4eGvwXsyraxMB/9UizL9IYQRivVKw7dCYpFOcsnz5nlAGJe1CttMyvE92a/c9GHEeehZwbmiO37Wc1+UKl1EHjPTpDryJoEgAjvaE5oYQNipwqWOpAvPSD3DxLuShbNk984pzee1XdvnDcTTuC9gkYO4lVkBKBBoJVlP+WkmqLfJTmXIXc09HPny+E2Z5bmtACr3CHxehviUmNI0cA7ZJRfAuYGTOUuwyyg1eUt/gLMhlro/Tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WN81HV8SdQNgNqPIixWndaGlHszTU/Vp03emVWp2ygo=; b=Ch90mjDjnV7sjG1ck2rTkwM+iql1gQCWVAWQNJFxWFZM5R3yzepte5DhwV1bgu67GW/ubqxJ9r42tWbpRfKr8MRsn6cjBUpUDCK83AuJses0kRA9ePPzMj+L1ZKFEiTJYp5dzPrMbeSpQ0XScK1S6b/+0fqrmo9KGKwL8UWH9ZEqXIuYOjS5aqeLw72DyiPAF1ODD3Iq98jZp9NunaPB3+eY27uvbEPvY50ge9VPRe4esdHtIfgPHR6waUmI/KH4Kfzh61yg/2nNqo3eBZwdNpMpJwXhTQPDoF9CtybrqkaaRfiLtXy/k47c/92V3OOv8ESCHvehbAAI/asNVV4yhg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WN81HV8SdQNgNqPIixWndaGlHszTU/Vp03emVWp2ygo=; b=Q5BBq4Pajmj0vDnNCBCSVF3Y8V1UJFzZ4pTbXmcDpESS8E5+OuqT7C2LaEZNF1w2omQpQYAHZMNeGsEf8ltI2e6aJn3EUTzIqh3+8Kd2H1H9Fx4BgbqTYHF7N1EmoK9DkMwJVc5vQ2vOA6KJmXkPBK32mNH9IpG1SKVf9fvixxM= Received: from MW4PR03CA0124.namprd03.prod.outlook.com (2603:10b6:303:8c::9) by CH0PR12MB5026.namprd12.prod.outlook.com (2603:10b6:610:e1::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:17:00 +0000 Received: from CO1NAM11FT058.eop-nam11.prod.protection.outlook.com (2603:10b6:303:8c:cafe::66) by MW4PR03CA0124.outlook.office365.com (2603:10b6:303:8c::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:17:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT058.mail.protection.outlook.com (10.13.174.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:17:00 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:16:58 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 02/13] KVM: selftests: sparsebit: add const where appropriate Date: Thu, 16 Dec 2021 11:13:47 -0600 Message-ID: <20211216171358.61140-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 56b53823-4f75-4c21-9b99-08d9c0b7df07 X-MS-TrafficTypeDiagnostic: CH0PR12MB5026:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4303; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wiMwX0RiLJEKOwuW0qLkIz58pr9skZ4QafhtVh9GnK9gaBrJ1fFA7ofySvyKezIATPXBLSQTtC8E4pjrqRS5/tY5HKwqEu7YQGEGxSZ5DCmOEChLvNevSXvT5tfUf/xx2qmP0+JNSBauZjs1KKFll17+zLTcElflzHEwpmXqBC/lSYh3D7Ag3LcN1aZrMYwzmMOlSuazRBAVtL20S0lqJD/pv4Ge8L3s69TaG/CurwdG/QayG8PEh2+UkqsIwhY0DOK2Tud39yOWHbkK+12RdxAnheDaou815ejsi737LRtRaYSQoRE4yw7ByUppoRg9FF9qLZ1FGDkNCeeKElCm2x7SuDQ7CBufL2W1Bg/i55hlsljBqD960kQTUVUVuYq9pgk9sPqogTCWv1qVKuhsoFQtigNyAGV1hIfeFO+Es8pHKTA5Rgh1h0VoDxsYuL6b1LIJnveKNdGp5/e6LIW2ln6sYL35t9QRE8SkLE9VFtkMzlKeBlIOA2b2fULgFer7xEJopmi72opcPgp+UjJ31NchUBedieZqp0NLDqLcnc13cFOUy5UnhfGwA7uOIRWgNFXlA6C83NwD2/s7KYRMV6WhhwmBRUknWY7BcZCXz1MeHt8XvRUrqixyEA8s3og3GEGKJqJQZB9bUS/kJOHSgtmN6xd/IvOq28+6uhaH/+8KZc+jAcR5A0MeUwjY8KkfCxxfKhO3Jp/RJYkq+02s0a4iKsf+YFmJRLBLuNLmoMajbSAOw0RX1l6KmkcqmEj1/fulXXY8G2TfvdNCZH4EtY8ongxHrIsG5ODgRqw1YQk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(4326008)(508600001)(36860700001)(6666004)(6916009)(81166007)(70586007)(26005)(7416002)(186003)(316002)(54906003)(83380400001)(70206006)(30864003)(86362001)(36756003)(16526019)(336012)(44832011)(426003)(47076005)(8676002)(1076003)(2616005)(356005)(2906002)(8936002)(40460700001)(5660300002)(82310400004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:17:00.1439 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 56b53823-4f75-4c21-9b99-08d9c0b7df07 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT058.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR12MB5026 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Subsequent patches will introduce an encryption bitmap in kvm_util that would be useful to allow tests to access in read-only fashion. This will be done via a const sparsebit*. To avoid warnings or the need to add casts everywhere, add const to the various sparsebit functions that are applicable for read-only usage of sparsebit. Signed-off-by: Michael Roth --- .../testing/selftests/kvm/include/sparsebit.h | 36 +++++++------- tools/testing/selftests/kvm/lib/sparsebit.c | 48 +++++++++---------- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/tools/testing/selftests/kvm/include/sparsebit.h b/tools/testing/selftests/kvm/include/sparsebit.h index 12a9a4b9cead..fb5170d57fcb 100644 --- a/tools/testing/selftests/kvm/include/sparsebit.h +++ b/tools/testing/selftests/kvm/include/sparsebit.h @@ -30,26 +30,26 @@ typedef uint64_t sparsebit_num_t; struct sparsebit *sparsebit_alloc(void); void sparsebit_free(struct sparsebit **sbitp); -void sparsebit_copy(struct sparsebit *dstp, struct sparsebit *src); +void sparsebit_copy(struct sparsebit *dstp, const struct sparsebit *src); -bool sparsebit_is_set(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_set_num(struct sparsebit *sbit, +bool sparsebit_is_set(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_set_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -bool sparsebit_is_clear(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_clear_num(struct sparsebit *sbit, +bool sparsebit_is_clear(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_clear_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -sparsebit_num_t sparsebit_num_set(struct sparsebit *sbit); -bool sparsebit_any_set(struct sparsebit *sbit); -bool sparsebit_any_clear(struct sparsebit *sbit); -bool sparsebit_all_set(struct sparsebit *sbit); -bool sparsebit_all_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_set(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_next_set(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *sbit, +sparsebit_num_t sparsebit_num_set(const struct sparsebit *sbit); +bool sparsebit_any_set(const struct sparsebit *sbit); +bool sparsebit_any_clear(const struct sparsebit *sbit); +bool sparsebit_all_set(const struct sparsebit *sbit); +bool sparsebit_all_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *sbit, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_set(struct sparsebit *sbitp, sparsebit_idx_t idx); @@ -62,9 +62,9 @@ void sparsebit_clear_num(struct sparsebit *sbitp, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_clear_all(struct sparsebit *sbitp); -void sparsebit_dump(FILE *stream, struct sparsebit *sbit, +void sparsebit_dump(FILE *stream, const struct sparsebit *sbit, unsigned int indent); -void sparsebit_validate_internal(struct sparsebit *sbit); +void sparsebit_validate_internal(const struct sparsebit *sbit); #ifdef __cplusplus } diff --git a/tools/testing/selftests/kvm/lib/sparsebit.c b/tools/testing/selftests/kvm/lib/sparsebit.c index 50e0cf41a7dd..6777a5b1fbd2 100644 --- a/tools/testing/selftests/kvm/lib/sparsebit.c +++ b/tools/testing/selftests/kvm/lib/sparsebit.c @@ -202,7 +202,7 @@ static sparsebit_num_t node_num_set(struct node *nodep) /* Returns a pointer to the node that describes the * lowest bit index. */ -static struct node *node_first(struct sparsebit *s) +static struct node *node_first(const struct sparsebit *s) { struct node *nodep; @@ -216,7 +216,7 @@ static struct node *node_first(struct sparsebit *s) * lowest bit index > the index of the node pointed to by np. * Returns NULL if no node with a higher index exists. */ -static struct node *node_next(struct sparsebit *s, struct node *np) +static struct node *node_next(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -244,7 +244,7 @@ static struct node *node_next(struct sparsebit *s, struct node *np) * highest index < the index of the node pointed to by np. * Returns NULL if no node with a lower index exists. */ -static struct node *node_prev(struct sparsebit *s, struct node *np) +static struct node *node_prev(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -273,7 +273,7 @@ static struct node *node_prev(struct sparsebit *s, struct node *np) * subtree and duplicates the bit settings to the newly allocated nodes. * Returns the newly allocated copy of subtree. */ -static struct node *node_copy_subtree(struct node *subtree) +static struct node *node_copy_subtree(const struct node *subtree) { struct node *root; @@ -307,7 +307,7 @@ static struct node *node_copy_subtree(struct node *subtree) * index is within the bits described by the mask bits or the number of * contiguous bits set after the mask. Returns NULL if there is no such node. */ -static struct node *node_find(struct sparsebit *s, sparsebit_idx_t idx) +static struct node *node_find(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -393,7 +393,7 @@ static struct node *node_add(struct sparsebit *s, sparsebit_idx_t idx) } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_all_set(struct sparsebit *s) +bool sparsebit_all_set(const struct sparsebit *s) { /* * If any nodes there must be at least one bit set. Only case @@ -776,7 +776,7 @@ static void node_reduce(struct sparsebit *s, struct node *nodep) /* Returns whether the bit at the index given by idx, within the * sparsebit array is set or not. */ -bool sparsebit_is_set(struct sparsebit *s, sparsebit_idx_t idx) +bool sparsebit_is_set(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -922,7 +922,7 @@ static inline sparsebit_idx_t node_first_clear(struct node *nodep, int start) * used by test cases after they detect an unexpected condition, as a means * to capture diagnostic information. */ -static void sparsebit_dump_internal(FILE *stream, struct sparsebit *s, +static void sparsebit_dump_internal(FILE *stream, const struct sparsebit *s, unsigned int indent) { /* Dump the contents of s */ @@ -970,7 +970,7 @@ void sparsebit_free(struct sparsebit **sbitp) * sparsebit_alloc(). It can though already have bits set, which * if different from src will be cleared. */ -void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) +void sparsebit_copy(struct sparsebit *d, const struct sparsebit *s) { /* First clear any bits already set in the destination */ sparsebit_clear_all(d); @@ -982,7 +982,7 @@ void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) } /* Returns whether num consecutive bits starting at idx are all set. */ -bool sparsebit_is_set_num(struct sparsebit *s, +bool sparsebit_is_set_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_cleared; @@ -1006,14 +1006,14 @@ bool sparsebit_is_set_num(struct sparsebit *s, } /* Returns whether the bit at the index given by idx. */ -bool sparsebit_is_clear(struct sparsebit *s, +bool sparsebit_is_clear(const struct sparsebit *s, sparsebit_idx_t idx) { return !sparsebit_is_set(s, idx); } /* Returns whether num consecutive bits starting at idx are all cleared. */ -bool sparsebit_is_clear_num(struct sparsebit *s, +bool sparsebit_is_clear_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_set; @@ -1042,13 +1042,13 @@ bool sparsebit_is_clear_num(struct sparsebit *s, * value. Use sparsebit_any_set(), instead of sparsebit_num_set() > 0, * to determine if the sparsebit array has any bits set. */ -sparsebit_num_t sparsebit_num_set(struct sparsebit *s) +sparsebit_num_t sparsebit_num_set(const struct sparsebit *s) { return s->num_set; } /* Returns whether any bit is set in the sparsebit array. */ -bool sparsebit_any_set(struct sparsebit *s) +bool sparsebit_any_set(const struct sparsebit *s) { /* * Nodes only describe set bits. If any nodes then there @@ -1071,20 +1071,20 @@ bool sparsebit_any_set(struct sparsebit *s) } /* Returns whether all the bits in the sparsebit array are cleared. */ -bool sparsebit_all_clear(struct sparsebit *s) +bool sparsebit_all_clear(const struct sparsebit *s) { return !sparsebit_any_set(s); } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_any_clear(struct sparsebit *s) +bool sparsebit_any_clear(const struct sparsebit *s) { return !sparsebit_all_set(s); } /* Returns the index of the first set bit. Abort if no bits are set. */ -sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *s) { struct node *nodep; @@ -1098,7 +1098,7 @@ sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) /* Returns the index of the first cleared bit. Abort if * no bits are cleared. */ -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *s) { struct node *nodep1, *nodep2; @@ -1152,7 +1152,7 @@ sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) /* Returns index of next bit set within s after the index given by prev. * Returns 0 if there are no bits after prev that are set. */ -sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1245,7 +1245,7 @@ sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, /* Returns index of next bit cleared within s after the index given by prev. * Returns 0 if there are no bits after prev that are cleared. */ -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1301,7 +1301,7 @@ sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, * and returns the index of the first sequence of num consecutively set * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1336,7 +1336,7 @@ sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, * and returns the index of the first sequence of num consecutively cleared * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1584,7 +1584,7 @@ static size_t display_range(FILE *stream, sparsebit_idx_t low, * contiguous bits. This is done because '-' is used to specify command-line * options, and sometimes ranges are specified as command-line arguments. */ -void sparsebit_dump(FILE *stream, struct sparsebit *s, +void sparsebit_dump(FILE *stream, const struct sparsebit *s, unsigned int indent) { size_t current_line_len = 0; @@ -1682,7 +1682,7 @@ void sparsebit_dump(FILE *stream, struct sparsebit *s, * s. On error, diagnostic information is printed to stderr and * abort is called. */ -void sparsebit_validate_internal(struct sparsebit *s) +void sparsebit_validate_internal(const struct sparsebit *s) { bool error_detected = false; struct node *nodep, *prev = NULL; From patchwork Thu Dec 16 17:13:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682245 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B6CB9C433FE for ; Thu, 16 Dec 2021 17:17:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240143AbhLPRRY (ORCPT ); Thu, 16 Dec 2021 12:17:24 -0500 Received: from mail-bn7nam10on2049.outbound.protection.outlook.com ([40.107.92.49]:43624 "EHLO NAM10-BN7-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S235577AbhLPRRX (ORCPT ); Thu, 16 Dec 2021 12:17:23 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=go85IwwwBVGi0dEuRWs5l89QM3fPqu/ehOu3YbkG5Rdf6TyZFwt88yNVhQnVXecrkboqoFjc+zsRaVqxfLbWI0pG9rRaiH3xSfEGh5KG0ha9xgLJiS5Db7pevf8RF2cJoyy2I1r+BZFoj8PJX1QgODCGi3V6zP4TmI4Bm6toI5+zGPdEYAtGLOsvJt0e9u7sqagrmEK1PhraPpRneycIWgwL+FnA1aem80LsQGwDbExRa7hj9Ec7LjP4id19ONKxj6CFdygn2JmN47S6NulTXKPJiOAdF3OjlAukdSzaBADFIAy82gcZ/eYy7SQpW128DDdRrzD37GuXesY8xV8KeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=k8Ct4cXEKJf82YgjFKUlhGwkdp6eG/BfpKBkyRdkKXg=; b=fY56NNVsix7XcGn/Crb87SOB4MIFpAOJcbFktuhcJImqPkUJHAbozW69ZU+Am1RxKxB+WKibyDG8KphilB27WmAA42bw4kw2BMCe+/He+pWiZQIr67ZBjT9CJ7hj5uZbSZvsrySuPVRzAiS1pOAHz/XdwRCq+Mzm7WPx5MXEEm2hucgWcIXU5HJt9BxHEL117fTcLRAQo1DRCtWCEs/Q9WPLAI8J2RKRfiUfkBpjy+ATQDGmOGdtd2F/jp5sXRcRTYYsCMcrUIky8/SMZ9VcEauBUQwyIiRCb/fDEbUZ/k8zgACSW1EYR4jJPExFR/49vinaQ1d1QmouBZBtIW1iYw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=k8Ct4cXEKJf82YgjFKUlhGwkdp6eG/BfpKBkyRdkKXg=; b=A9sUWx8isGcTOvj0Z2XGevo9XIJzrDHRDkO+e5ZJmrj5rrHlwsX03XkAqdj2Lb1jl3pduaBP7hvbXcZ18BrZx0nBzoNuhhybhKlASMFh9Aa/WeAoJKD2RdqSk86gAHKAt9jzLYxUgKab96wDu8+R+hePHdZApCQEj/RkJs7nVvA= Received: from MWHPR2201CA0060.namprd22.prod.outlook.com (2603:10b6:301:16::34) by DM4PR12MB5040.namprd12.prod.outlook.com (2603:10b6:5:38b::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.11; Thu, 16 Dec 2021 17:17:21 +0000 Received: from CO1NAM11FT035.eop-nam11.prod.protection.outlook.com (2603:10b6:301:16:cafe::95) by MWHPR2201CA0060.outlook.office365.com (2603:10b6:301:16::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17 via Frontend Transport; Thu, 16 Dec 2021 17:17:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT035.mail.protection.outlook.com (10.13.175.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:17:21 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:17:20 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 03/13] KVM: selftests: add hooks for managing encrypted guest memory Date: Thu, 16 Dec 2021 11:13:48 -0600 Message-ID: <20211216171358.61140-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4c73d17f-5117-4bb2-bed0-08d9c0b7ebc1 X-MS-TrafficTypeDiagnostic: DM4PR12MB5040:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2276; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PzVijF7XjZscgWFAfUf8FPuw1/XWgcYCwZTzTEktYbzjD5/vA5JPYT7kzdFjzRjn/jwNtwPvWqzOdbGV3hHw73aMlw2OewmKu/4+nyx3r4Qy0Q3bNiQbCiUE+dAV/79+0GWU6AKRQRnAyyALPwGHI5jnguW8RAYQLbFInIc6c3hU5cDlMJsXb6y4DOHFLHZP+DM04nAcY2+UQSXpE4eiBfhMzwntZm3Bc01kMtZTjN1Mbc3/8YProx1Dujh8RgVeJJLcy93lP6XmHCmimfW31Kn+UP9jd2mJjC8V+VglWoYoAuHLOVWYx2JlgxBikXwetxBmKp8TNU/PYh/BPWuMTHRSEGujMRztgJqbC5hddl0WLQVUGyS61HHm7pF/G6B4M4SixoRETx5aGdWdPZ02GERS34Zq1GPmcT6brHz7A5Pz0bwHZbg1sQfUl7RjOj4OI5k5VHUGfgggtLkzZK+TqIIMQHlUraiJCVZR+4jeGffwpd3gmlCqo3IaR3zxooz/XquU1GBd5qvXzNGyaEisfnbxwYFacyLJRyfsZAik3JYUo8DONKhbcmh1uTi9ure55SproM1N2/vOCYaWRLVhNou6K3JHQfA0eDqoJj03OM7MlvTOIRmU2jL9kq2HiKwmhXspWy+Z8CM4Zpq20Ffgfc9I3w4WXC4bYYjidbwL9aV5zATo7xeO/2iEs7S9gdKKdrZKLzQNP6HievScx6Awe/nKgKCUtRhwT+dVGJMCsCjNAm0GAqRS1iYebs1H7BHW52qF3QAUzHTojhNxOMIHxqaxzMHEQeAZv9qi32GGOZE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(16526019)(186003)(8936002)(26005)(6666004)(83380400001)(316002)(81166007)(336012)(70586007)(4326008)(47076005)(2906002)(6916009)(356005)(36756003)(54906003)(1076003)(426003)(508600001)(7416002)(40460700001)(36860700001)(8676002)(82310400004)(44832011)(70206006)(86362001)(2616005)(5660300002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:17:21.4808 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4c73d17f-5117-4bb2-bed0-08d9c0b7ebc1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT035.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5040 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org VM implementations that make use of encrypted memory need a way to configure things like the encryption/shared bit position for page table handling, the default encryption policy for internal allocations made by the core library, and a way to fetch the list/bitmap of encrypted pages to do the actual memory encryption. Add an interface to configure these parameters. Also introduce a sparsebit map to track allocations/mappings that should be treated as encrypted, and provide a way for VM implementations to retrieve it to handle operations related memory encryption. Reviewed-by: Mingwei Zhang Signed-off-by: Michael Roth --- .../selftests/kvm/include/kvm_util_base.h | 7 +++ tools/testing/selftests/kvm/lib/kvm_util.c | 52 +++++++++++++++++-- .../selftests/kvm/lib/kvm_util_internal.h | 10 ++++ 3 files changed, 66 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 4e2946ba3ff7..58856339210a 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -365,4 +365,11 @@ int vcpu_get_stats_fd(struct kvm_vm *vm, uint32_t vcpuid); uint32_t guest_get_vcpuid(void); +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit); + +const struct sparsebit *vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, + vm_paddr_t *gpa_start, + uint64_t *size); + #endif /* SELFTEST_KVM_UTIL_BASE_H */ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index f0f0250847f3..dfedf82207e1 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -626,6 +626,7 @@ static void __vm_mem_region_delete(struct kvm_vm *vm, "rc: %i errno: %i", ret, errno); sparsebit_free(®ion->unused_phy_pages); + sparsebit_free(®ion->encrypted_phy_pages); ret = munmap(region->mmap_start, region->mmap_size); TEST_ASSERT(ret == 0, "munmap failed, rc: %i errno: %i", ret, errno); @@ -932,6 +933,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, } region->unused_phy_pages = sparsebit_alloc(); + region->encrypted_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, guest_paddr >> vm->page_shift, npages); region->region.slot = slot; @@ -1161,6 +1163,7 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) * num - number of pages * paddr_min - Physical address minimum * memslot - Memory region to allocate page from + * encrypt - Whether to treat the pages as encrypted * * Output Args: None * @@ -1172,8 +1175,9 @@ void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid) * and their base address is returned. A TEST_ASSERT failure occurs if * not enough pages are available at or above paddr_min. */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) +static vm_paddr_t +_vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, vm_paddr_t paddr_min, + uint32_t memslot, bool encrypt) { struct userspace_mem_region *region; sparsebit_idx_t pg, base; @@ -1206,12 +1210,22 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, abort(); } - for (pg = base; pg < base + num; ++pg) + for (pg = base; pg < base + num; ++pg) { sparsebit_clear(region->unused_phy_pages, pg); + if (encrypt) + sparsebit_set(region->encrypted_phy_pages, pg); + } return base * vm->page_size; } +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + return _vm_phy_pages_alloc(vm, num, paddr_min, memslot, + vm->memcrypt.enc_by_default); +} + vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, uint32_t memslot) { @@ -2192,6 +2206,10 @@ void vm_dump(FILE *stream, struct kvm_vm *vm, uint8_t indent) region->host_mem); fprintf(stream, "%*sunused_phy_pages: ", indent + 2, ""); sparsebit_dump(stream, region->unused_phy_pages, 0); + if (vm->memcrypt.enabled) { + fprintf(stream, "%*sencrypted_phy_pages: ", indent + 2, ""); + sparsebit_dump(stream, region->encrypted_phy_pages, 0); + } } fprintf(stream, "%*sMapped Virtual Pages:\n", indent, ""); sparsebit_dump(stream, vm->vpages_mapped, indent + 2); @@ -2389,3 +2407,31 @@ int vcpu_get_stats_fd(struct kvm_vm *vm, uint32_t vcpuid) return ioctl(vcpu->fd, KVM_GET_STATS_FD, NULL); } + +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit) +{ + vm->memcrypt.enabled = true; + vm->memcrypt.enc_by_default = enc_by_default; + vm->memcrypt.has_enc_bit = has_enc_bit; + vm->memcrypt.enc_bit = enc_bit; +} + +const struct sparsebit * +vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, vm_paddr_t *gpa_start, + uint64_t *size) +{ + struct userspace_mem_region *region; + + if (!vm->memcrypt.enabled) + return NULL; + + region = memslot2region(vm, slot); + if (!region) + return NULL; + + *size = region->region.memory_size; + *gpa_start = region->region.guest_phys_addr; + + return region->encrypted_phy_pages; +} diff --git a/tools/testing/selftests/kvm/lib/kvm_util_internal.h b/tools/testing/selftests/kvm/lib/kvm_util_internal.h index a03febc24ba6..99ccab86115c 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util_internal.h +++ b/tools/testing/selftests/kvm/lib/kvm_util_internal.h @@ -16,6 +16,7 @@ struct userspace_mem_region { struct kvm_userspace_memory_region region; struct sparsebit *unused_phy_pages; + struct sparsebit *encrypted_phy_pages; int fd; off_t offset; void *host_mem; @@ -44,6 +45,14 @@ struct userspace_mem_regions { DECLARE_HASHTABLE(slot_hash, 9); }; +/* Memory encryption policy/configuration. */ +struct vm_memcrypt { + bool enabled; + int8_t enc_by_default; + bool has_enc_bit; + int8_t enc_bit; +}; + struct kvm_vm { int mode; unsigned long type; @@ -67,6 +76,7 @@ struct kvm_vm { vm_vaddr_t idt; vm_vaddr_t handlers; uint32_t dirty_ring_size; + struct vm_memcrypt memcrypt; }; struct vcpu *vcpu_find(struct kvm_vm *vm, uint32_t vcpuid); From patchwork Thu Dec 16 17:13:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682247 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 92ED3C433F5 for ; Thu, 16 Dec 2021 17:17:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240149AbhLPRR4 (ORCPT ); Thu, 16 Dec 2021 12:17:56 -0500 Received: from mail-mw2nam08on2077.outbound.protection.outlook.com ([40.107.101.77]:20673 "EHLO NAM04-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRRz (ORCPT ); Thu, 16 Dec 2021 12:17:55 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fi3HsjOjolUKsJTDZgYBXUc1YOhDX0wTsnQLvDCVV3R27tFrCG8UDhVOsH7JC0frD1BIsRHWP+xe7XyEy6TIDUVSevMHLXJXou0yy7eEgHW6V8SGJcMoZrQ2ZNPblT94oH2UiAzm6e3mZb2SZL2WZnp1CqK3wUOZWuFlBNtwEVerwz+zY7ErSN1QQS4pQfBux6gclFrAXl1uC3stJghr49JCYcNqwJgcCNEKZIv5kRFKxeS4tQUQuN8uioRDWQ2NMmgVjaow6WAVTEAgzAJO48ILx/vsV+8iBJF39tZhn+pR+hGkN8BPv0WyOG6Jak9a8EPD5j4iOdX1YAID4Zd0WA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nwkCJV5Xk6eoK4V21lSuyxRo+ySGxbX5zj3DamCXA2k=; b=ftPf+vK2glsQBXjsBvf1H4ObZ5ZUgzuWZ/FCSeLK4Y/3koQlF7eK0FwjTknNPzoFlrRQUBK3wlD17QT6irsqONYZzYjSFThUxDVy29HxgCr5lT7cfPEAjTlumJPctRy1pXbhD9QFzT/6mWh+QIT8CHwidiGrvBYarBPmIWXlCKYZqXfSILPtDJXDREIpoFLWzQnmJi+yWuF0fNkRSAnGs0LIerPHMrY2b24c5Twwk1DkMUj+taF6RtFWKQs4O/ZsAVy4L67SFYpI9hJq1Rxo0F0mw68l71HtyCIvxn9lMiAi6TdR3U9Y7doWEfhrOsitl/lDxtvaT2XomIUfsysg8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nwkCJV5Xk6eoK4V21lSuyxRo+ySGxbX5zj3DamCXA2k=; b=gS37Tc64PqVF1ZCyLEi5Tj3zgtFpWYT+coiRxj06pgRqIRgx9wjm4S4gaWDlo2JmSySl3uLG2lx8GpIaZF5iUKgX7CTNt5SW9Bpbm3RY+CGG/5kKXmBXHmfZ7Id+EPlVxhKA134AS+Epx07tilr6rvJgOrVbwoVRKMSJYX2MwzY= Received: from CO2PR04CA0125.namprd04.prod.outlook.com (2603:10b6:104:7::27) by SN1PR12MB2462.namprd12.prod.outlook.com (2603:10b6:802:28::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:17:43 +0000 Received: from CO1NAM11FT049.eop-nam11.prod.protection.outlook.com (2603:10b6:104:7:cafe::db) by CO2PR04CA0125.outlook.office365.com (2603:10b6:104:7::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17 via Frontend Transport; Thu, 16 Dec 2021 17:17:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT049.mail.protection.outlook.com (10.13.175.50) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:17:42 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:17:41 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 04/13] KVM: selftests: handle encryption bits in page tables Date: Thu, 16 Dec 2021 11:13:49 -0600 Message-ID: <20211216171358.61140-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cb94c27c-c8c9-45f5-aec3-08d9c0b7f85d X-MS-TrafficTypeDiagnostic: SN1PR12MB2462:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: x4R4H31goaCIb3lcy0VlgXIvio60qbLab7LIujHW9/Hgiaf1ecyB96ptHVCDJO9tR70JbM2Ew3utvbLewwCqnJqFJX50cIsoga7M0JTGMeh5oTxTwJkoKYtXYITWCv9AQc0X8LeJnvNd/AfrqNrbGT3rARsYRjAspuFrWLO471/dZK6qGLc98DH+WSGZ3uc8xd0mI4wM/WH5vrkX+5A7yt5PAk5IRmQ/YNpeN8G5lIgWyKNHeE0RPfKTr+DJnJqg4pmMaqXs6Qrt7C9egK2pK/MPM+QtEssbzrCP+aZFJiEVUvtzqq7EIQJQXyW4Ixopn+HNOL6SaBWi8ucgwh8aymFBzZikUIcEP7oMt8UO+m/fAhKisxxeSehxZO/kgpCEMtWNIngf/h5YQ/BbBi5p7qHyUs4MGaQzxMxb0Ors4t+hifrM886Qadnu2t2HX7lbcWspxcqR+vXc2TTmTLqbTsLd7tNtKfFpOU0LxYt/jFut2OyczylkaVq2bEau5kebnhFz/4gwmWhuUnrdyd5savJRAoDCuCCuvViEGWihubEMBwKTFNffQIkYxp3Etz0wegimsKUqLXpoybEZ7VWgMAZ4TYYFESw8NoELYeHI1VUluJvezyfDEFo5cJJp7YwvmJRBaR1eQxQVcvo1apP9aMxIo8Lqj8ysy9w+O8wjFeY29cXBWJVSKSVQA9JR4s9BJ7yIrBdBLDRRxW9X6zmJ36P/lVkdUAEtb7OifJXRkd2OYfNMX0df/6nG4atELt8WPzYGB6SORgxEPQAaIKgzzBuqV2+ifs9sHPn46wd0U5g= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(81166007)(1076003)(8676002)(7416002)(26005)(40460700001)(82310400004)(54906003)(4326008)(36860700001)(186003)(47076005)(5660300002)(2906002)(70206006)(16526019)(36756003)(8936002)(336012)(356005)(508600001)(83380400001)(70586007)(426003)(6916009)(86362001)(316002)(44832011)(2616005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:17:42.6510 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cb94c27c-c8c9-45f5-aec3-08d9c0b7f85d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT049.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2462 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org SEV guests rely on an encyption bit which resides within the range that current code treats as address bits. Guest code will expect these bits to be set appropriately in their page tables, whereas the rest of the kvm_util functions will generally expect these bits to not be present. Introduce addr_gpa2raw()/addr_raw2gpa() to add/remove these bits, then use them where appropriate. Signed-off-by: Michael Roth --- .../selftests/kvm/include/kvm_util_base.h | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 55 ++++++++++++++++++- .../selftests/kvm/lib/x86_64/processor.c | 16 +++--- 3 files changed, 65 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 58856339210a..005755837aa2 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -155,6 +155,8 @@ void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa); void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t gpa); +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_vaddr_t gpa_raw); +vm_paddr_t addr_gpa2raw(struct kvm_vm *vm, vm_vaddr_t gpa); /* * Address Guest Virtual to Guest Physical diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index dfedf82207e1..5dd36cc15420 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1445,6 +1445,58 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, } } +/* + * Mask off any special bits from raw GPA + * + * Input Args: + * vm - Virtual Machine + * gpa_raw - Raw VM physical address + * + * Output Args: None + * + * Return: + * GPA with special bits (e.g. shared/encrypted) masked off. + */ +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_paddr_t gpa_raw) +{ + if (!vm->memcrypt.has_enc_bit) + return gpa_raw; + + return gpa_raw & ~(1ULL << vm->memcrypt.enc_bit); +} + +/* + * Add special/encryption bits to a GPA based on encryption bitmap. + * + * Input Args: + * vm - Virtual Machine + * gpa - VM physical address + * + * Output Args: None + * + * Return: + * GPA with special bits (e.g. shared/encrypted) added in. + */ +vm_paddr_t addr_gpa2raw(struct kvm_vm *vm, vm_paddr_t gpa) +{ + struct userspace_mem_region *region; + sparsebit_idx_t pg; + vm_paddr_t gpa_raw = gpa; + + TEST_ASSERT(addr_raw2gpa(vm, gpa) == gpa, "Unexpected bits in GPA: %lx", + gpa); + + if (!vm->memcrypt.has_enc_bit) + return gpa; + + region = userspace_mem_region_find(vm, gpa, gpa); + pg = gpa >> vm->page_shift; + if (sparsebit_is_set(region->encrypted_phy_pages, pg)) + gpa_raw |= (1ULL << vm->memcrypt.enc_bit); + + return gpa_raw; +} + /* * Address VM Physical to Host Virtual * @@ -1462,9 +1514,10 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, * address providing the memory to the vm physical address is returned. * A TEST_ASSERT failure occurs if no region containing gpa exists. */ -void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa) +void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa_raw) { struct userspace_mem_region *region; + vm_paddr_t gpa = addr_raw2gpa(vm, gpa_raw); region = userspace_mem_region_find(vm, gpa, gpa); if (!region) { diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 82c39db91369..41aeb34c6d5d 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -181,7 +181,7 @@ void virt_pgd_alloc(struct kvm_vm *vm) /* If needed, create page map l4 table. */ if (!vm->pgd_created) { - vm->pgd = vm_alloc_page_table(vm); + vm->pgd = addr_gpa2raw(vm, vm_alloc_page_table(vm)); vm->pgd_created = true; } } @@ -203,15 +203,15 @@ static struct pageUpperEntry *virt_create_upper_pte(struct kvm_vm *vm, enum x86_page_size page_size) { struct pageUpperEntry *pte = virt_get_pte(vm, pt_pfn, vaddr, level); + uint64_t paddr_raw = addr_gpa2raw(vm, paddr); if (!pte->present) { pte->writable = true; pte->present = true; pte->page_size = (level == page_size); - if (pte->page_size) - pte->pfn = paddr >> vm->page_shift; - else - pte->pfn = vm_alloc_page_table(vm) >> vm->page_shift; + if (!pte->page_size) + paddr_raw = addr_gpa2raw(vm, vm_alloc_page_table(vm)); + pte->pfn = paddr_raw >> vm->page_shift; } else { /* * Entry already present. Assert that the caller doesn't want @@ -250,6 +250,8 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, "Physical address beyond maximum supported,\n" " paddr: 0x%lx vm->max_gfn: 0x%lx vm->page_size: 0x%x", paddr, vm->max_gfn, vm->page_size); + TEST_ASSERT(addr_raw2gpa(vm, paddr) == paddr, + "Unexpected bits in paddr: %lx", paddr); /* * Allocate upper level page tables, if not already present. Return @@ -272,7 +274,7 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, pte = virt_get_pte(vm, pde->pfn, vaddr, 0); TEST_ASSERT(!pte->present, "PTE already present for 4k page at vaddr: 0x%lx\n", vaddr); - pte->pfn = paddr >> vm->page_shift; + pte->pfn = addr_gpa2raw(vm, paddr) >> vm->page_shift; pte->writable = true; pte->present = 1; } @@ -587,7 +589,7 @@ vm_paddr_t addr_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) if (!pte[index[0]].present) goto unmapped_gva; - return (pte[index[0]].pfn * vm->page_size) + (gva & 0xfffu); + return addr_raw2gpa(vm, ((uint64_t)pte[index[0]].pfn * vm->page_size)) + (gva & 0xfffu); unmapped_gva: TEST_FAIL("No mapping for vm virtual address, gva: 0x%lx", gva); From patchwork Thu Dec 16 17:13:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682249 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E24B0C433EF for ; Thu, 16 Dec 2021 17:18:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240166AbhLPRSJ (ORCPT ); Thu, 16 Dec 2021 12:18:09 -0500 Received: from mail-dm6nam10on2088.outbound.protection.outlook.com ([40.107.93.88]:17817 "EHLO NAM10-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRSI (ORCPT ); Thu, 16 Dec 2021 12:18:08 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Es871+NXjExz9qEbTEJvBgq0HqJaiut/yooKT4I2otrsbgHS2MaY5hy8ugZZoSdkGuFiwMCmFS0F8qw56Mbd+U+ajU3yeVMtZRJccy4/RIZZnScAnS8jNp5z589/uuhOiqtPQDNmAM+KgilI13xK9t6G1VSHXP6AdN9NmqkaKrk1LoBigtWLw2EvUE/lE4lkDqqeEdPQpf/2iNK4LRzOzeXV0y5lPg6G6qmebb8mtwjrd72htQRjQnoGRaFs3zrLqkeTCSBCL8+aMOc1usZcHhM/fiqrEOeAypbcq61S8lzcpWX7zP1mp9sLS91e6w1f7Bx7a2WKNSQQ6/fWbGLOkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8eAwBIM9aPTvor/bdrrE3GAZvyZexW6t9WtVEZavh8k=; b=Rlrg+2EMD2MINjxREmFiPXN9fla/T0yuBBBNAexjT8CDU/IDziPxrfS4ZON2xWKV/4HVQGEwyxxD6BGvyVNQY/6fjdQJOBRyA/bDhdQi2vGy3gZiKijmrP7wzLPW/1VChmmMQankgimEX4GPniVV+XLmrZKGKoeg3DQHAFy6nH8icFeAwr2z1pPsnplz9VwxF2YYsuYSUDvtVhtV+Aqtbuy7XNwJNo3oV9BLd1maYgqefskPEzgNn2jjmw8TlCEkRX6vVzj4EJKEXB1EDdAKJKddsWFhc5TAIjbaW7J80JDxhS/CPRQzJl/lrJiso90Z9aGOJ7oxf8oPO6wqKojh9Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8eAwBIM9aPTvor/bdrrE3GAZvyZexW6t9WtVEZavh8k=; b=Y5EeDJj2N9L7Pr/MHTjuIRgDDXmLeJGVo15Tf2jDkHJpBknUcAtHIbLPUEDuWEBfbgXS4Mnb4n11iF+Ce67vI3njOXtoKbrzcrG917CFmGyqce7L943o3Uc2t0LucDR5qIWUmJbast5bJlD04nCgAzR8BAy8gKWWoJOfGVx1CNo= Received: from MWHPR19CA0008.namprd19.prod.outlook.com (2603:10b6:300:d4::18) by SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:18:05 +0000 Received: from CO1NAM11FT041.eop-nam11.prod.protection.outlook.com (2603:10b6:300:d4:cafe::42) by MWHPR19CA0008.outlook.office365.com (2603:10b6:300:d4::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:18:04 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT041.mail.protection.outlook.com (10.13.174.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:18:04 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:18:02 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 05/13] KVM: selftests: add support for encrypted vm_vaddr_* allocations Date: Thu, 16 Dec 2021 11:13:50 -0600 Message-ID: <20211216171358.61140-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c18e7c3b-dc85-486d-aad2-08d9c0b80592 X-MS-TrafficTypeDiagnostic: SN6PR12MB2767:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9UAYG9lh6uQtlMmrWvGkzMU/KnGS1E3ybPBsdwBq8BMOAgUpp5eXrvI/t7YJmfhmW/L5UHbkfxbCfMfK7s1IArC2fW+3mx3GBQQEbtG+BcG0PZJI5bpi+RbwHRpHGRtxCa2aQu6/4xhxMirOgTNlruOVN9Pnm74JcEPN2bVTwyw8wccAzZQnKIwtB9MmFacUHXcChSZ//9w/Qef1KGLeew+jk3aO+LEVZEmd8sDmsiqpI73T97dCaYwy9gB1Cf4rs14QWt/JGSU/FM9ACXUQx5NHtHtyUcwupQvup8D4V0Qbb20ya6biNtL8dnWajd2hsdo6d0e/Qz3p13+1uTja1BBqbZnXbfM09hbTJSLyTq+xzW6UYrFVYazrcoi3WdOt3Nh5WhWPVMcssAT0wwiw7pBwpPm6zqgnSpY06qQlivuh4+gM39BeBYIuysitJO6sLCERb86+0yGohjuVUpz15Gs5dg5jZpbCRs6ewae9tzupLxYeL2W0lw6ZYgmKtEZ/iUoleXuVuLoNsUeGL29azeHAosr6t4zsqOE95gFpOuLeFixZewJcEwGuCz0C8hhdSfp9aMqg4DKjQE2ihestFz2bxSbD1UHBv7CRnrlrCbmI49LqK74s7ZVYZECxdQX9ilLwhLEusdoxBPZpbHHxSad+h6tEzB2xeVvv/knA24RowqrRe7Tu+sVcUbsODdYtnzzktHl9kgPYxM9xV1ID3InqlBDZtRn6GdY2xJzVKqG7hBqx9TUAZHQ62MbWGiLDDELNOBJDXNzP0IWbtHKZIwTXeVwSBHp2do7WifEquHs= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(336012)(2616005)(54906003)(7416002)(6666004)(6916009)(16526019)(186003)(2906002)(356005)(4326008)(40460700001)(44832011)(81166007)(8936002)(426003)(36756003)(36860700001)(82310400004)(83380400001)(47076005)(86362001)(8676002)(1076003)(316002)(70586007)(70206006)(5660300002)(26005)(508600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:18:04.8042 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c18e7c3b-dc85-486d-aad2-08d9c0b80592 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT041.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2767 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org The default policy for whether to handle allocations as encrypted or shared pages is currently determined by vm_phy_pages_alloc(), which in turn uses the policy defined by vm->memcrypt.enc_by_default. Test programs may wish to allocate shared vaddrs for things like sharing memory with the guest. Since enc_by_default will be true in the case of SEV guests (since it's required in order to have the initial ELF binary and page table become part of the initial guest payload), an interface is needed to explicitly request shared pages. Implement this by splitting the common code out from vm_vaddr_alloc() and introducing a new vm_vaddr_alloc_shared(). Signed-off-by: Michael Roth --- .../selftests/kvm/include/kvm_util_base.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 23 ++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 005755837aa2..0e3ded265a31 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -146,6 +146,7 @@ void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); void vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpuid); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 5dd36cc15420..c387f709b6a6 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1327,14 +1327,13 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, } /* - * VM Virtual Address Allocate + * VM Virtual Address Allocate Shared/Encrypted * * Input Args: * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address - * data_memslot - Memory region slot for data pages - * pgd_memslot - Memory region slot for new virtual translation tables + * encrypt - Whether the region should be handled as encrypted * * Output Args: None * @@ -1347,13 +1346,15 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, * a unique set of pages, with the minimum real allocation being at least * a page. */ -vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +static vm_vaddr_t +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, bool encrypt) { uint64_t pages = (sz >> vm->page_shift) + ((sz % vm->page_size) != 0); virt_pgd_alloc(vm); - vm_paddr_t paddr = vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, 0); + vm_paddr_t paddr = _vm_phy_pages_alloc(vm, pages, + KVM_UTIL_MIN_PFN * vm->page_size, + 0, encrypt); /* * Find an unused range of virtual page addresses of at least @@ -1374,6 +1375,16 @@ vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) return vaddr_start; } +vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, vm->memcrypt.enc_by_default); +} + +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, false); +} + /* * VM Virtual Address Allocate Pages * From patchwork Thu Dec 16 17:13:51 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682251 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 049E4C433EF for ; Thu, 16 Dec 2021 17:18:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235830AbhLPRS2 (ORCPT ); Thu, 16 Dec 2021 12:18:28 -0500 Received: from mail-bn8nam11on2061.outbound.protection.outlook.com ([40.107.236.61]:60128 "EHLO NAM11-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S232003AbhLPRS1 (ORCPT ); Thu, 16 Dec 2021 12:18:27 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lSLXm4KZqVWfvAB5q/GphqA3FHV8JY1O4evpUm18iNfsh43dxvqoZyJa7quFuhra6l9R8f1KN4mQ/paN+EjCDUBaCf1/A4JnfxeF99xUtsek5eTXEO3G8csN0rCP5ekFnW1+UbgHZKqIP6TYW66Wrm8IVYZDA4MBSQHSGG2gS5dFK2Hf+qBCq7nL6P4gFGv720V9SJcnTIxDtPi577Fr+LuwCo3COTX1ySWLp7CDoYz5Gt08Nk1KNCDo/i1q8GGW2wpRkfEwhIOTyQsKjwyBg1qwMGWGomNrSm6zF/JVtyjeJOKm3NJcVgtX4KdmEvm11IluOmi4iM5+awFpAf7X5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Oxu8ovrayTImOrZwVNQUxYOhg50GDaSc/rK9FwX6rnA=; b=LjbDCKEGog4eHBCVWjYjdt+1X9Mrl5BceFefYwrOxC2Hd/lwqdkGrtc9nO+NEPJQETfbEnmWidCR5g3jCCcb+z67QeUgUHGLi7G+hjWYr7JRygm0ebLvxeGVZQ3eGRgh84mykhVyayh6jFwkBi6aqFEAcGaBFVOMbZ9GPuUoDYbP5Lcm4sjtqB7hf8XrHRj5Of6pyJ7psyuSC4GWQ6ev/CMF0SUaL5nxIc0bfK626npf/wmscGxBtHywY0Xy5h6lmjjQM6cNZDRE2it5bv6vHoJoiRhI82vJ71pM04dUXJ3/FF/VYXUMw86UFzd3xelVBjphpLfa8DIdQkblcnNaxA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Oxu8ovrayTImOrZwVNQUxYOhg50GDaSc/rK9FwX6rnA=; b=d6ielv9RQU4xLhupOffz2Zh56ZCd0iQXZojZAhQ3xf78zNKmGWaHinl8Eqp2sJLHR8VgZfh6SmoTgYyl8g+54I18+KVzDtWgPjRf2pKP3mCZVZ8RxOhLANzp9MPydJLL1UJJbS+Z1KKofAn2ii56+DEANXMFz3Pezc6gNZMm3aE= Received: from MWHPR08CA0038.namprd08.prod.outlook.com (2603:10b6:300:c0::12) by MN2PR12MB4470.namprd12.prod.outlook.com (2603:10b6:208:260::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14; Thu, 16 Dec 2021 17:18:24 +0000 Received: from CO1NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:300:c0:cafe::72) by MWHPR08CA0038.outlook.office365.com (2603:10b6:300:c0::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.14 via Frontend Transport; Thu, 16 Dec 2021 17:18:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT066.mail.protection.outlook.com (10.13.175.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:18:24 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:18:23 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 06/13] KVM: selftests: ensure ucall_shared_alloc() allocates shared memory Date: Thu, 16 Dec 2021 11:13:51 -0600 Message-ID: <20211216171358.61140-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7b8eb254-5d27-4b14-9242-08d9c0b81164 X-MS-TrafficTypeDiagnostic: MN2PR12MB4470:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mQnJi++cO4zAEhi2SFFrMyXsWdDgPGT2ySh2WyE1Z21u8ToHqp9+ENNLNh7i0qX5wEtnSyLHyo3kiFS6uf0EWpUybMCeURA+ghoLmVV9zMh3tLUaydESoC7efnz3lKQlfSB7PGKYmZ2i9TD8i1rFsldzsessp6mAwTwPan4WTrqF9Lqa9syWAfsMTCSWQZm65udtha1aMaJJdz/qxFCpC4yKkK++epc+vPRpFNG+xbEkul7evuwxW/Fj/nm1fEExUjUbMw3KZFqQHDvklv5nPUeM0wkkMr+4YMWBVMh7rr/pEWRJpoEnvJQ4HwBVlLFin6CrTp0hmLgnHwV8kaiHuxRDvaQVRzhCsIZzU4ANElsiRyvTheplBMITkXKZfxnqWlqUFr58B+cFvKBfPuhdsblKcVjYuIr3QlaAt/hIq/kBZRh0wptU6Sd0esfGWLFAQ1ejuNlROVpgVllaNZhqy6GjnV4ZpOkgdG0fFqxIX+Ctka/OSImCbalWGi5QSu9/cAtfebX9o6gV47QjkzDQj098yBdvy+r+/4Nago1UTujYBn0eutXSlOo2LM+JtdSXPNR/Ook3Qu/acgkrf9AJDTfU7/N6vbu4Qd4EKtHLgtJQ8WQfaR2+xNmWQblxRPZpjMnQymu6rQVj1mH/MODnGcEgWGDNBQlK08AJ7tSuVT9jZbBWJNXT981fyhjeVBp6fQ9vkSm0lVWDb7KxPaiu7FasQfNcTaxRsG5tMfoGVx6nmaFkDThd+A2yfGE11lQyMUjcSvlcrujqWq4df2IfF1kLmncfjaqq+R6LybJXEOc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(70586007)(36756003)(186003)(2616005)(8676002)(47076005)(6666004)(44832011)(54906003)(16526019)(2906002)(316002)(4326008)(36860700001)(7416002)(5660300002)(6916009)(508600001)(1076003)(70206006)(26005)(86362001)(356005)(81166007)(82310400004)(40460700001)(426003)(336012)(8936002)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:18:24.6358 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7b8eb254-5d27-4b14-9242-08d9c0b81164 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4470 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Now that vm_vaddr_alloc() allocates encrypted/private guest memory by default for confidential guests, ucall_shared_alloc() needs to be switched over to using the new vm_vaddr_alloc_shared() function to ensure that shared memory is used for the allocation. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/ucall_common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index 8e5738241a7c..54c6c159dcd5 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -97,8 +97,8 @@ uint64_t get_ucall(struct kvm_vm *vm, uint32_t vcpu_id, struct ucall *uc) /* Allocate shared memory within a guest to for a shared ucall buffer. */ vm_vaddr_t ucall_shared_alloc(struct kvm_vm *vm, int count) { - return vm_vaddr_alloc(vm, count * sizeof(struct ucall), - vm_get_page_size(vm)); + return vm_vaddr_alloc_shared(vm, count * sizeof(struct ucall), + vm_get_page_size(vm)); } /* From patchwork Thu Dec 16 17:13:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682253 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C937C433FE for ; Thu, 16 Dec 2021 17:18:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240171AbhLPRSw (ORCPT ); Thu, 16 Dec 2021 12:18:52 -0500 Received: from mail-mw2nam08on2084.outbound.protection.outlook.com ([40.107.101.84]:9107 "EHLO NAM04-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S235807AbhLPRSu (ORCPT ); Thu, 16 Dec 2021 12:18:50 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B/CpB2kq2Q86/8PZVIXgQBQ+KBWFUSxr0TylcgIG0Y0fA01e6mlDkuiC5mgMyPez9109s4fZ14vB/tGXuJT8l330z0JWze1Y/HCQpZQhJ93MmObC/IWqPN4Eg02/gEr+8uNo4JhhE8GAvwL3w/myMD03notKPoKzrqI+wr/VjXHYygH5+75WrH71pt+g5XPORSONmO7w8gAZdBk6s2lxmVWtNjlyp8i/nJt9llZwaaB7kB4GP0F70W9EKlJY8+gQrE+AZhxZViN9R3iyS1mpgH2ybu3A428HUSJKFjLblp+F3zXYl/BBaEdjLw9wbvubuJbIsDqWdj2qS8ZNXRAP0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LFfZhGFN66+QWWYSKv5ywbdVukOhsQS8QZefG2AoLTg=; b=nWTBNT9f6pk5MHDUXT6xc7KFFQMkhbsNi5O92lEAT2Wx5ZCYcZNAaj2c+5U3d98daaFwqGMk8UUiSzLxFP9hYA7Ojxkp5uPf/mKigye1IfncadzmJmOldufPnVzasHg+cFkbmGBHfrVeWWZk3AwqUnuLTRIYhhO6H1BxhxoyGniyFdM/yeTsQSfxOPHTNZACLHetpmbzKh3LEABxiL/yi1dlhpok9+2GqAXIdqU1KqN/rR+J323bPkrEAP6Ho7zzSwzn3JfkKGh/YceuG7RDJ6tUKJLKmez2/nf1wknTn2nDC/VGoKgKUqBbD4wSjxthB6XzN2ZAFnwlFRwtslJLtQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LFfZhGFN66+QWWYSKv5ywbdVukOhsQS8QZefG2AoLTg=; b=VXn7JrD2cw7o1IV7zQWrgvyQagNqsh6BnHPjCk7jKy+rGHca4U93F5x64Ms9pNrRwl2VDNIgj93vonSc1Mpw2E1qC53GD/COtS1lxOin7e0UCBiqEAFxf9b2tizQEG9B+F8xk85xXiNsweC8lFsPAkYtF3CNkm4JJ6pEHhAIaGU= Received: from MW4PR04CA0301.namprd04.prod.outlook.com (2603:10b6:303:82::6) by BN6PR12MB1459.namprd12.prod.outlook.com (2603:10b6:405:e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14; Thu, 16 Dec 2021 17:18:46 +0000 Received: from CO1NAM11FT048.eop-nam11.prod.protection.outlook.com (2603:10b6:303:82:cafe::9d) by MW4PR04CA0301.outlook.office365.com (2603:10b6:303:82::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.15 via Frontend Transport; Thu, 16 Dec 2021 17:18:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT048.mail.protection.outlook.com (10.13.175.148) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:18:45 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:18:44 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 07/13] KVM: selftests: add library for creating/interacting with SEV guests Date: Thu, 16 Dec 2021 11:13:52 -0600 Message-ID: <20211216171358.61140-8-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f841ae3a-b5d9-49ac-3800-08d9c0b81e1d X-MS-TrafficTypeDiagnostic: BN6PR12MB1459:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:295; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: SIdL5phAzTxFm8c8d7QzTdBy5RGGNR3hJsU7DBqqrKgLkmLBt2+MvhpxA8OnDYCnCtQq4tP7aJBdZZ0N54J/dQ94IQosP4Imd/insgT5L7VhBHB4wbmPLYABAL7P4rDsBbFLLulB4ZzUugAuGufehUDEdatvoL8sVowJTHN0MZ7Zg6Fmu+FXQUzfhKePteLrGilROU4SmaZgja+6q8oW1Dq7PsaN1g8rTcRb3vePLAHhE57jaGCXdvPIhRyTHKkaRFYXWrvH+Hk4IbQBPknDgZC4qod6NJUePa9cw8gu7tbhkLODYWFjh58TSptzlHjz5XnPzkrgH2+PG8hTcX/o2DzoB2OQdsmRgcsrEKfVIPvYDsQFZB+VFEWpv8lAqCyzL9z4zRl8IyHUbRamc4eNE3NvGfNJue79qP9VeEo0hnPgaEGE3bwCkyznRo0eMPpyxkfrM1duLivclp0CMySpiG6kwXmhWTTaWquCN4ieRHkLjambbjSQ/mvw/UzV4tULjVVsWGMfq9Xs+cLPffQ5HM1HP6UlRA0CagdEaotf3WlYg7mmfJBC4AXKl35i0Gan7p27eD0U3NEDtTuoY5L4fFNfFU3nxJz+Oj1QixSeQn3DiYAPvx9V4YoWPJ2NeB+WIx+ZwoltBioXtJuONHF25On5FbRi8mUuTxzdpyFwFPP1oKYeB+BtqPDviiccGrr4GEz4YUhl6zuxv4TGu0SATfLYxJDtwe/QsFTQt0r8v1OGxUnobzCZPk7sZHvbYKa8Z1v30QU8YNb3veKtJtkySGFTymsCbIWi0xzmTO5m2vQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(6666004)(70586007)(4326008)(36860700001)(54906003)(5660300002)(316002)(83380400001)(8676002)(2906002)(1076003)(26005)(7416002)(70206006)(30864003)(8936002)(6916009)(81166007)(2616005)(186003)(336012)(86362001)(426003)(47076005)(44832011)(356005)(36756003)(16526019)(508600001)(40460700001)(82310400004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:18:45.9820 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f841ae3a-b5d9-49ac-3800-08d9c0b81e1d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT048.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1459 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Add interfaces to allow tests to create/manage SEV guests. The additional state associated with these guests is encapsulated in a new struct sev_vm, which is a light wrapper around struct kvm_vm. These VMs will use vm_set_memory_encryption() and vm_get_encrypted_phy_pages() under the covers to configure and sync up with the core kvm_util library on what should/shouldn't be treated as encrypted memory. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/Makefile | 9 +- .../selftests/kvm/include/x86_64/sev.h | 44 ++++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 245 ++++++++++++++++++ 3 files changed, 297 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 412de8093e6c..ccc382a827f1 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -33,8 +33,14 @@ ifeq ($(ARCH),s390) UNAME_M := s390x endif +# On some systems the SEV device path may not be present in the standard +# location, so allow it to be configured via, e.g.: +# make TARGETS=kvm SEV_PATH=/path/to/sev_device ... +SEV_PATH=/dev/sev + LIBKVM = lib/assert.c lib/elf.c lib/io.c lib/kvm_util.c lib/rbtree.c lib/sparsebit.c lib/test_util.c lib/guest_modes.c lib/perf_test_util.c lib/ucall_common.c LIBKVM_x86_64 = lib/x86_64/apic.c lib/x86_64/processor.c lib/x86_64/vmx.c lib/x86_64/svm.c lib/x86_64/ucall.c lib/x86_64/handlers.S +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_aarch64 = lib/aarch64/processor.c lib/aarch64/ucall.c lib/aarch64/handlers.S lib/aarch64/spinlock.c lib/aarch64/gic.c lib/aarch64/gic_v3.c lib/aarch64/vgic.c LIBKVM_s390x = lib/s390x/processor.c lib/s390x/ucall.c lib/s390x/diag318_test_handler.c @@ -134,7 +140,8 @@ endif CFLAGS += -Wall -Wstrict-prototypes -Wuninitialized -O2 -g -std=gnu99 \ -fno-stack-protector -fno-PIE -I$(LINUX_TOOL_INCLUDE) \ -I$(LINUX_TOOL_ARCH_INCLUDE) -I$(LINUX_HDR_PATH) -Iinclude \ - -I$( +#include +#include "kvm_util.h" + +/* Makefile might set this separately for user-overrides */ +#ifndef SEV_DEV_PATH +#define SEV_DEV_PATH "/dev/sev" +#endif + +#define SEV_FW_REQ_VER_MAJOR 0 +#define SEV_FW_REQ_VER_MINOR 17 + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +enum { + SEV_GSTATE_UNINIT = 0, + SEV_GSTATE_LUPDATE, + SEV_GSTATE_LSECRET, + SEV_GSTATE_RUNNING, +}; + +struct sev_vm; + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data); +struct kvm_vm *sev_get_vm(struct sev_vm *sev); +uint8_t sev_get_enc_bit(struct sev_vm *sev); + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages); +void sev_vm_free(struct sev_vm *sev); +void sev_vm_launch(struct sev_vm *sev); +void sev_vm_launch_measure(struct sev_vm *sev, uint8_t *measurement); +void sev_vm_launch_finish(struct sev_vm *sev); + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..4a99862d62e6 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,245 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#include +#include +#include "kvm_util.h" +#include "linux/psp-sev.h" +#include "processor.h" +#include "sev.h" + +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1UL << PAGE_SHIFT) + +struct sev_vm { + struct kvm_vm *vm; + int fd; + int enc_bit; + uint32_t sev_policy; +}; + +/* Common SEV helpers/accessors. */ + +struct kvm_vm *sev_get_vm(struct sev_vm *sev) +{ + return sev->vm; +} + +uint8_t sev_get_enc_bit(struct sev_vm *sev) +{ + return sev->enc_bit; +} + +void sev_ioctl(int sev_fd, int cmd, void *data) +{ + int ret; + struct sev_issue_cmd arg; + + arg.cmd = cmd; + arg.data = (unsigned long)data; + ret = ioctl(sev_fd, SEV_ISSUE_CMD, &arg); + TEST_ASSERT(ret == 0, + "SEV ioctl %d failed, error: %d, fw_error: %d", + cmd, ret, arg.error); +} + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data) +{ + struct kvm_sev_cmd arg = {0}; + int ret; + + arg.id = cmd; + arg.sev_fd = sev->fd; + arg.data = (__u64)data; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_OP, &arg); + TEST_ASSERT(ret == 0, + "SEV KVM ioctl %d failed, rc: %i errno: %i (%s), fw_error: %d", + cmd, ret, errno, strerror(errno), arg.error); +} + +/* Local helpers. */ + +static void +sev_register_user_region(struct sev_vm *sev, void *hva, uint64_t size) +{ + struct kvm_enc_region range = {0}; + int ret; + + pr_debug("%s: hva: %p, size: %lu\n", __func__, hva, size); + + range.addr = (__u64)hva; + range.size = size; + + ret = ioctl(vm_get_fd(sev->vm), KVM_MEMORY_ENCRYPT_REG_REGION, &range); + TEST_ASSERT(ret == 0, "failed to register user range, errno: %i\n", errno); +} + +static void +sev_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_launch_update_data ksev_update_data = {0}; + + pr_debug("%s: addr: 0x%lx, size: %lu\n", __func__, gpa, size); + + ksev_update_data.uaddr = (__u64)addr_gpa2hva(sev->vm, gpa); + ksev_update_data.len = size; + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); +} + +static void sev_encrypt(struct sev_vm *sev) +{ + const struct sparsebit *enc_phy_pages; + struct kvm_vm *vm = sev->vm; + sparsebit_idx_t pg = 0; + vm_paddr_t gpa_start; + uint64_t memory_size; + + /* Only memslot 0 supported for now. */ + enc_phy_pages = vm_get_encrypted_phy_pages(sev->vm, 0, &gpa_start, &memory_size); + TEST_ASSERT(enc_phy_pages, "Unable to retrieve encrypted pages bitmap"); + while (pg < (memory_size / vm_get_page_size(vm))) { + sparsebit_idx_t pg_cnt; + + if (sparsebit_is_clear(enc_phy_pages, pg)) { + pg = sparsebit_next_set(enc_phy_pages, pg); + if (!pg) + break; + } + + pg_cnt = sparsebit_next_clear(enc_phy_pages, pg) - pg; + if (pg_cnt <= 0) + pg_cnt = 1; + + sev_encrypt_phy_range(sev, + gpa_start + pg * vm_get_page_size(vm), + pg_cnt * vm_get_page_size(vm)); + pg += pg_cnt; + } +} + +/* SEV VM implementation. */ + +static struct sev_vm *sev_vm_alloc(struct kvm_vm *vm) +{ + struct sev_user_data_status sev_status = {0}; + uint32_t eax, ebx, ecx, edx; + struct sev_vm *sev; + int sev_fd; + + sev_fd = open(SEV_DEV_PATH, O_RDWR); + if (sev_fd < 0) { + pr_info("Failed to open SEV device, path: %s, error: %d, skipping test.\n", + SEV_DEV_PATH, sev_fd); + return NULL; + } + + sev_ioctl(sev_fd, SEV_PLATFORM_STATUS, &sev_status); + + if (!(sev_status.api_major > SEV_FW_REQ_VER_MAJOR || + (sev_status.api_major == SEV_FW_REQ_VER_MAJOR && + sev_status.api_minor >= SEV_FW_REQ_VER_MINOR))) { + pr_info("SEV FW version too old. Have API %d.%d (build: %d), need %d.%d, skipping test.\n", + sev_status.api_major, sev_status.api_minor, sev_status.build, + SEV_FW_REQ_VER_MAJOR, SEV_FW_REQ_VER_MINOR); + return NULL; + } + + sev = calloc(1, sizeof(*sev)); + sev->fd = sev_fd; + sev->vm = vm; + + /* Get encryption bit via CPUID. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + sev->enc_bit = ebx & 0x3F; + + return sev; +} + +void sev_vm_free(struct sev_vm *sev) +{ + kvm_vm_free(sev->vm); + close(sev->fd); + free(sev); +} + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) +{ + struct sev_vm *sev; + struct kvm_vm *vm; + + /* Need to handle memslots after init, and after setting memcrypt. */ + vm = vm_create(VM_MODE_DEFAULT, 0, O_RDWR); + sev = sev_vm_alloc(vm); + if (!sev) + return NULL; + sev->sev_policy = policy; + + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + + vm_set_memory_encryption(vm, true, true, sev->enc_bit); + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); + sev_register_user_region(sev, addr_gpa2hva(vm, 0), + npages * vm_get_page_size(vm)); + + pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + sev->sev_policy, npages * vm_get_page_size(vm) / 1024); + + return sev; +} + +void sev_vm_launch(struct sev_vm *sev) +{ + struct kvm_sev_launch_start ksev_launch_start = {0}; + struct kvm_sev_guest_status ksev_status = {0}; + + /* Need to use ucall_shared for synchronization. */ + ucall_init_ops(sev_get_vm(sev), NULL, &ucall_ops_halt); + + ksev_launch_start.policy = sev->sev_policy; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_START, &ksev_launch_start); + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.policy == sev->sev_policy, "Incorrect guest policy."); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE, + "Unexpected guest state: %d", ksev_status.state); + + sev_encrypt(sev); +} + +void sev_vm_launch_measure(struct sev_vm *sev, uint8_t *measurement) +{ + struct kvm_sev_launch_measure ksev_launch_measure = {0}; + struct kvm_sev_guest_status ksev_guest_status = {0}; + + ksev_launch_measure.len = 256; + ksev_launch_measure.uaddr = (__u64)measurement; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_MEASURE, &ksev_launch_measure); + + /* Measurement causes a state transition, check that. */ + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_guest_status); + TEST_ASSERT(ksev_guest_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_guest_status.state); +} + +void sev_vm_launch_finish(struct sev_vm *sev) +{ + struct kvm_sev_guest_status ksev_status = {0}; + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE || + ksev_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_status.state); + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_FINISH, NULL); + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, + "Unexpected guest state: %d", ksev_status.state); +} From patchwork Thu Dec 16 17:13:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682255 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F015AC433F5 for ; Thu, 16 Dec 2021 17:19:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240213AbhLPRTU (ORCPT ); Thu, 16 Dec 2021 12:19:20 -0500 Received: from mail-bn7nam10on2057.outbound.protection.outlook.com ([40.107.92.57]:61504 "EHLO NAM10-BN7-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S240193AbhLPRTK (ORCPT ); Thu, 16 Dec 2021 12:19:10 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O+Qrho3d1C2vTNHi4L7J30vAK2NjchWqnlNYbIiDmZ0PpoIq/ygxAxhsnV/TftrUWVFAvsZYPZ8BIcG/e8MVsJfPa9QSqRjHOqvTQDaDM4rOnIpyDLJRjb/3sk8s1I80JUfVMccXwHFlraN0xQn88kLky3jjOwDfg/nfmfZIhUPjDcFteFn5QnSH4C9QptwXRAYowUAMzODtJidq3RB94jzPgfcGkIG+8dwemSKe3ukdI6FT8ALiULqZ3qZ9Bd0cRdVczzRBF8Y8r5h0wddXgua+nMxWOT6agKjK15fnl6qnB2xdR7k+3n5l8BLMg9IFzcy3Fl+jJ2xwjfMF/SSVuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qKcUBU4zbAu0FvRRdq6cBfs8I35aNIMc2lVXVRAXHwY=; b=Ofq878hPFgs06DFrUvEMCTL86DDqOPb4hjDo9H++FvF8HmifAC6eNJNMfJPhywH5XcNczeMTbhhxcRr5d2jZNaZ4vIegfOoaRuyRr/32gM4p2iJperZH/lTY8dktLbCTM8BwJ8DTwdUVaGI7VxyTVaXlRW8E3rRUkEaeluJuYnpFmf/lg46ph3q0FAVdgIpWQ6WvdkZVciR1vWwHTJZzb+4meQl/+YbN9nxh67shExRKNicghWbU6YRSZh6O62/yPIb74Mg0XbSi3FGD2cmIyzhzjezpZm3TzZH+WxutKUJacL4vIex8/tsnslrgMHBKae+X2q+679/1NzZVWGs9hA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qKcUBU4zbAu0FvRRdq6cBfs8I35aNIMc2lVXVRAXHwY=; b=2oeUOdlkOjO2fPKo5npUWSoBoH5LKTmn0dlThSqJYSMIZ+LvQhbP8ozLqt8iS7YkJXcSpdj46kYF2IYMNZ4An6MzdE/YkoPJSnF2y94zDpxbLtbPMuaukYumPXUwuKFD/9KrcgE7Qn9MMsE1KwKVfVViMxSevtUJSODX4WQJHeU= Received: from MWHPR17CA0051.namprd17.prod.outlook.com (2603:10b6:300:93::13) by MWHPR1201MB0144.namprd12.prod.outlook.com (2603:10b6:301:5a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14; Thu, 16 Dec 2021 17:19:07 +0000 Received: from CO1NAM11FT004.eop-nam11.prod.protection.outlook.com (2603:10b6:300:93:cafe::d2) by MWHPR17CA0051.outlook.office365.com (2603:10b6:300:93::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16 via Frontend Transport; Thu, 16 Dec 2021 17:19:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT004.mail.protection.outlook.com (10.13.175.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4778.16 via Frontend Transport; Thu, 16 Dec 2021 17:19:07 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:19:05 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 08/13] KVM: selftests: add SEV boot tests Date: Thu, 16 Dec 2021 11:13:53 -0600 Message-ID: <20211216171358.61140-9-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: edeac225-2507-4158-eb5f-08d9c0b82abb X-MS-TrafficTypeDiagnostic: MWHPR1201MB0144:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4125; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YsMJrNdXAj+GG4V6casFtPULtHQvd2JVy+lRnlHCLIM+vWGrlFdl/Q7b3fF9g/yTGsuodScif7pkwNzGXJXL7+OzKl5cv+61ICVY666H8/VA3aJzQgr+WvFltB39USGCM741unxRXq2TwGmZNlwkx5JDVMXITKqF+DTSWDeZUIcjzwu841aC0FzqRqz+b4+Z/UIaxpBByUc9d68vObeg5JbbTVulrk7QRN5LbWsfKDrSRZla8NM0klpI78ayqI6bs7BaFNl+V3taAtMPoF0a/rGAYUx6Bp1dgvGEBxyhepH+ZAiEufMIA0BkeUmIIqV3LIYFzyqFFjQRGm4R0g2qdJNey/vfF+WOJrz+MX7j7gvzsX6fUgr+FrbdLJPVG250GAT94RWovwx/U2KsOxy0BQGcnOoOWWhfFRtLi9amFwYHr6B4bV5PNm4NpyLCtEsyuGmcGnwHxMMTJEtiQ84AJbmULmawfEgHTbUYx1VwIKlryyAL4xrHBypUPKsDSTrIlAskQ8g7eg1ezTDau7a7TzKcdWxnhso0p+mnjUqYOYB98GNPt/oNsmwcxNg0HiPkVS4msTk3wZovnQ6Y97wiq5OjBpkRKRWq1EK7io5Dw2g6U6ZBzZCLT6VuTjf1vyHy/WgjAO/lOg3WvT3qNtk0Hnt3D/tMaZ9GR+fn4+w4FwpAja/R87JlTefUFhyiESGQamdHe8fg+jAFbyRm5NdbOql/9NiQA3wuVnWFiRWePRiHAKsi3wo2juxBDxnl70qgHhGuIT4a0GOHULgPLok4x0BdXePQiH2pQRPE8cerklQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(7416002)(81166007)(6916009)(70206006)(70586007)(8936002)(8676002)(356005)(5660300002)(47076005)(1076003)(83380400001)(426003)(316002)(2906002)(4326008)(86362001)(36860700001)(2616005)(82310400004)(336012)(40460700001)(186003)(54906003)(508600001)(16526019)(44832011)(36756003)(26005)(6666004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:19:07.1547 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: edeac225-2507-4158-eb5f-08d9c0b82abb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT004.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR1201MB0144 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org A common aspect of booting SEV guests is checking related CPUID/MSR bits and accessing shared/private memory. Add a basic test to cover this. This test will be expanded to cover basic boot of SEV-ES and SEV-SNP in subsequent patches. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_all_boot_test.c | 255 ++++++++++++++++++ 3 files changed, 257 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index 4a801cba9c62..cc73de938a2a 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -43,6 +43,7 @@ /x86_64/xen_vmcall_test /x86_64/xss_msr_test /x86_64/vmx_pmu_msrs_test +/x86_64/sev_all_boot_test /access_tracking_perf_test /demand_paging_test /dirty_log_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index ccc382a827f1..6f250e190fde 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -81,6 +81,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_pi_mmio_test TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests +TEST_GEN_PROGS_x86_64 += x86_64/sev_all_boot_test TEST_GEN_PROGS_x86_64 += demand_paging_test TEST_GEN_PROGS_x86_64 += dirty_log_test TEST_GEN_PROGS_x86_64 += dirty_log_perf_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c new file mode 100644 index 000000000000..329a740a7cb2 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -0,0 +1,255 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Basic SEV boot tests. + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include +#include +#include +#include + +#include "test_util.h" + +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +#define VCPU_ID 2 +#define PAGE_SIZE 4096 +#define PAGE_STRIDE 32 + +#define SHARED_PAGES 8192 +#define SHARED_VADDR_MIN 0x1000000 + +#define PRIVATE_PAGES 2048 +#define PRIVATE_VADDR_MIN (SHARED_VADDR_MIN + SHARED_PAGES * PAGE_SIZE) + +#define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) + +static void fill_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + buf[i * PAGE_SIZE + j] = val; +} + +static bool check_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) +{ + int i, j; + + for (i = 0; i < pages; i++) + for (j = 0; j < PAGE_SIZE; j += stride) + if (buf[i * PAGE_SIZE + j] != val) + return false; + + return true; +} + +static void guest_test_start(struct ucall *uc) +{ + /* Initial guest check-in. */ + GUEST_SHARED_SYNC(uc, 1); +} + +static void test_start(struct kvm_vm *vm, struct ucall *uc) +{ + vcpu_run(vm, VCPU_ID); + + /* Initial guest check-in. */ + CHECK_SHARED_SYNC(vm, VCPU_ID, uc, 1); +} + +static void +guest_test_common(struct ucall *uc, uint8_t *shared_buf, uint8_t *private_buf) +{ + bool success; + + /* Initial check-in for common. */ + GUEST_SHARED_SYNC(uc, 100); + + /* Ensure initial shared pages are intact. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x41); + GUEST_SHARED_ASSERT(uc, success); + + /* Ensure initial private pages are intact/encrypted. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); + GUEST_SHARED_ASSERT(uc, success); + + /* Ensure host userspace can't read newly-written encrypted data. */ + fill_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x43); + + GUEST_SHARED_SYNC(uc, 101); + + /* Ensure guest can read newly-written shared data from host. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x44); + GUEST_SHARED_ASSERT(uc, success); + + /* Ensure host can read newly-written shared data from guest. */ + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x45); + + GUEST_SHARED_SYNC(uc, 102); +} + +static void +test_common(struct kvm_vm *vm, struct ucall *uc, + uint8_t *shared_buf, uint8_t *private_buf) +{ + bool success; + + /* Initial guest check-in. */ + vcpu_run(vm, VCPU_ID); + CHECK_SHARED_SYNC(vm, VCPU_ID, uc, 100); + + /* Ensure initial private pages are intact/encrypted. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); + TEST_ASSERT(!success, "Initial guest memory not encrypted!"); + + vcpu_run(vm, VCPU_ID); + CHECK_SHARED_SYNC(vm, VCPU_ID, uc, 101); + + /* Ensure host userspace can't read newly-written encrypted data. */ + success = check_buf(private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x43); + TEST_ASSERT(!success, "Modified guest memory not encrypted!"); + + /* Ensure guest can read newly-written shared data from host. */ + fill_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x44); + + vcpu_run(vm, VCPU_ID); + CHECK_SHARED_SYNC(vm, VCPU_ID, uc, 102); + + /* Ensure host can read newly-written shared data from guest. */ + success = check_buf(shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x45); + TEST_ASSERT(success, "Host can't read shared guest memory!"); +} + +static void +guest_test_done(struct ucall *uc) +{ + GUEST_SHARED_DONE(uc); +} + +static void +test_done(struct kvm_vm *vm, struct ucall *uc) +{ + vcpu_run(vm, VCPU_ID); + CHECK_SHARED_DONE(vm, VCPU_ID, uc); +} + +static void __attribute__((__flatten__)) +guest_sev_code(struct ucall *uc, uint8_t *shared_buf, uint8_t *private_buf) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t sev_status; + + guest_test_start(uc); + + /* Check SEV CPUID bit. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + GUEST_SHARED_ASSERT(uc, eax & (1 << 1)); + + /* Check SEV MSR bit. */ + sev_status = rdmsr(MSR_AMD64_SEV); + GUEST_SHARED_ASSERT(uc, (sev_status & 0x1) == 1); + + guest_test_common(uc, shared_buf, private_buf); + + guest_test_done(uc); +} + +static struct sev_vm * +setup_test_common(void *guest_code, uint64_t policy, struct ucall **uc, + uint8_t **shared_buf, uint8_t **private_buf) +{ + vm_vaddr_t uc_vaddr, shared_vaddr, private_vaddr; + uint8_t measurement[512]; + struct sev_vm *sev; + struct kvm_vm *vm; + int i; + + sev = sev_vm_create(policy, TOTAL_PAGES); + if (!sev) + return NULL; + vm = sev_get_vm(sev); + + /* Set up VCPU and initial guest kernel. */ + vm_vcpu_add_default(vm, VCPU_ID, guest_code); + kvm_vm_elf_load(vm, program_invocation_name); + + /* Set up shared ucall buffer. */ + uc_vaddr = ucall_shared_alloc(vm, 1); + + /* Set up buffer for reserved shared memory. */ + shared_vaddr = vm_vaddr_alloc_shared(vm, SHARED_PAGES * PAGE_SIZE, + SHARED_VADDR_MIN); + *shared_buf = addr_gva2hva(vm, shared_vaddr); + fill_buf(*shared_buf, SHARED_PAGES, PAGE_STRIDE, 0x41); + + /* Set up buffer for reserved private memory. */ + private_vaddr = vm_vaddr_alloc(vm, PRIVATE_PAGES * PAGE_SIZE, + PRIVATE_VADDR_MIN); + *private_buf = addr_gva2hva(vm, private_vaddr); + fill_buf(*private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); + + /* Set up guest params. */ + vcpu_args_set(vm, VCPU_ID, 4, uc_vaddr, shared_vaddr, private_vaddr); + + /* + * Hand these back to test harness, translation is needed now since page + * table will be encrypted after SEV VM launch. + */ + *uc = addr_gva2hva(vm, uc_vaddr); + *shared_buf = addr_gva2hva(vm, shared_vaddr); + *private_buf = addr_gva2hva(vm, private_vaddr); + + /* Allocations/setup done. Encrypt initial guest payload. */ + sev_vm_launch(sev); + + /* Dump the initial measurement. A test to actually verify it would be nice. */ + sev_vm_launch_measure(sev, measurement); + pr_info("guest measurement: "); + for (i = 0; i < 32; ++i) + pr_info("%02x", measurement[i]); + pr_info("\n"); + + sev_vm_launch_finish(sev); + + return sev; +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + uint8_t *shared_buf, *private_buf; + struct sev_vm *sev; + struct kvm_vm *vm; + struct ucall *uc; + + sev = setup_test_common(guest_code, policy, &uc, &shared_buf, &private_buf); + if (!sev) + return; + vm = sev_get_vm(sev); + + /* Guest is ready to run. Do the tests. */ + test_start(vm, uc); + test_common(vm, uc, shared_buf, private_buf); + test_done(vm, uc); + + sev_vm_free(sev); +} + +int main(int argc, char *argv[]) +{ + /* SEV tests */ + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +} From patchwork Thu Dec 16 17:13:54 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682203 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F935C433EF for ; Thu, 16 Dec 2021 17:14:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240040AbhLPROe (ORCPT ); Thu, 16 Dec 2021 12:14:34 -0500 Received: from mail-sn1anam02on2062.outbound.protection.outlook.com ([40.107.96.62]:11649 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S235503AbhLPROc (ORCPT ); Thu, 16 Dec 2021 12:14:32 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BxYnu5v+TUo9N+9ZMkqh4ugm4kWMv66TkrUmxudUHWM8dJFNCg9ZLBVumRLvLy0O+EY8CAnoMS1jOQLNwtC+cxkxIBiEo1OKesjoupjgyVNX1eVc0bGE+XmrQkldOVrFBGGSkjkJgheffXLF51hh7SlAnPHKenjEc3F/KH02gGg/xPnPAv3vAy5gXHxbYBfju2yactjQQiL/pZqI/d5Uf0HxjroNJdSBWQIx/V+VNYN0LE4fpkihorLzi2tfpJuXjgfX4yhkATWWgVtOvbvIco2MJT5Euf2gSWjVtuKQhgMltx2R+Dp8R382M7iU6IRAO/kj6zBzBkxu0Ak4hM1/Rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qN113x5UlCSYnOdhMTV0BYu1NhwIpLHyGzI3j+MAErA=; b=F+HuKD9LSrWKfKD+hr7MHU5/hGNsgm5zvHUIvnl2tFkcsqYbW8CrZDX8/hKwBUVp2Z4T/lZ0T5GI/1PPt8CzHV172MmlZ/sYJPNY6K/zYcdhoTdKeco/KuVe7XeeFnFPHjgs8XofHqzq9rhLwVsMvUfkoD5+vMcVTnKPANtCpu5LQ+itlrDIL/Q/NO3QbtjbSpadMbav4Mbt/iTQkzPCqP87v+LypxQBkXg30DdZ9f1gYE2uq9aeaw0W9SAfRb8ykbShrk7ovcVy8Nizie1g0FXhahP6Y7bALICGGhqJsPSY2ON5BI99VXegWUlrg5IDo22kmHHWLDMvFxyEq5oP+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qN113x5UlCSYnOdhMTV0BYu1NhwIpLHyGzI3j+MAErA=; b=Ks9fhENm5ADLlKGy8iaq9bcWSIczpyo7fZc7FqsolpfwpLDOci0ecn/u0+rKo1KYC3lSQYX2pHQ8R57z/n0uHEowxnsyHkPAHoX2YHXY1IePDjR1ksOzfrKk9gtdkZ7IutzoWpF9fb0I1P2BaekThaikCbTCScOTIpK/T2cyz8A= Received: from DM5PR20CA0015.namprd20.prod.outlook.com (2603:10b6:3:93::25) by CH2PR12MB3813.namprd12.prod.outlook.com (2603:10b6:610:2c::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:14:29 +0000 Received: from DM6NAM11FT031.eop-nam11.prod.protection.outlook.com (2603:10b6:3:93:cafe::d5) by DM5PR20CA0015.outlook.office365.com (2603:10b6:3:93::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.15 via Frontend Transport; Thu, 16 Dec 2021 17:14:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by DM6NAM11FT031.mail.protection.outlook.com (10.13.172.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:14:29 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:14:28 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 09/13] KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests Date: Thu, 16 Dec 2021 11:13:54 -0600 Message-ID: <20211216171358.61140-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9d040d2e-840d-4752-12c7-08d9c0b7853b X-MS-TrafficTypeDiagnostic: CH2PR12MB3813:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2276; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: TKkTYg9HzcnhxhPeLnXWwpAvLLiebeOX1TD6aXvfkO9Vpqzv6sR9RSncO4i6Q8+Ff9Y6I+Qhp4vNza1KjtBzjTIwsl+vXTgNKskcW6vWXO6f5+ERfEI43gw37asNkRX+z+J4fyukxejy5Zf5H8PsD3rPUmWTB8N8j2mE40ICSrZwJLRU0V5JI5PyqFNYfW6bAoAPmqQMn+s8cGHGJQghsO8TJQ3t5RgED/+EnoePYNjS+F7W1VLPcFFPRfd3BM5n/PoSUMMfrSs5ROsDlLA3oO3SoDuC6RtFwbzI7BHrBdSLT4KSce01O1YW+b0OWc4GXg8+SFVQZ7Gmrq3+oH5nko3qOApGRR46V0Uj8vqHtRxq+4e3KQfnXb4yz7kPJ1Uc/pX6HdKHs9/AHlL+PGDc1b7tkW0H9OwolaBnEeKHGD+9zHzL6VfK6xBemLI/+a1l9iP+1IMXsgEo27T6FbbDINDNvQj15u++/4j5YLGQIYzVJVm5mEdB+XWw3NevM1eNYWo8q2y9GTY6r73tMqFgMtWLaZo6Ad0pb0bXgfNym/hI9ecM7b9vsE9ad2hy9fojTtmm2UQVLz8IKkLTxPkIuRyh1lfnISVFei/M0PXVHmWh69WdGW/NpWNE9KxnvZ4pkCNwSJjSA6HrzD4oUhW6mEk9V8ZXmjY0dTDAVAiRPzS90jVYBP1rTcNyaz2b347S4QOx1yDb3VyXOfAy9fe5Nc/KjdMF+k6gFu3jffuLi9E3J7Uxq8yzv5iZ/1cUDpb0W/dx6NyGR1WFTcph5soLEWTwjpZms8AgCr7k60WnG7w= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(5660300002)(356005)(6916009)(426003)(336012)(82310400004)(83380400001)(40460700001)(8936002)(36860700001)(70206006)(6666004)(4326008)(81166007)(186003)(16526019)(508600001)(7416002)(8676002)(2616005)(47076005)(86362001)(2906002)(70586007)(26005)(1076003)(54906003)(44832011)(316002)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:14:29.5643 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9d040d2e-840d-4752-12c7-08d9c0b7853b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT031.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3813 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Normally guests will set up CR3 themselves, but some guests, such as kselftests, and potentially CONFIG_PVH guests, rely on being booted with paging enabled and CR3 initialized to a pre-allocated page table. Currently CR3 updates via KVM_SET_SREGS* are not loaded into the guest VMCB until just prior to entering the guest. For SEV-ES/SEV-SNP, this is too late, since it will have switched over to using the VMSA page prior to that point, with the VMSA CR3 copied from the VMCB initial CR3 value: 0. Address this by sync'ing the CR3 value into the VMCB save area immediately when KVM_SET_SREGS* is issued so it will find it's way into the initial VMSA. Suggested-by: Tom Lendacky Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/svm/svm.c | 19 +++++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 6 ++++++ arch/x86/kvm/x86.c | 1 + 5 files changed, 28 insertions(+) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index cefe1d81e2e8..a3172bd59690 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -35,6 +35,7 @@ KVM_X86_OP(get_cpl) KVM_X86_OP(set_segment) KVM_X86_OP_NULL(get_cs_db_l_bits) KVM_X86_OP(set_cr0) +KVM_X86_OP(post_set_cr3) KVM_X86_OP(is_valid_cr4) KVM_X86_OP(set_cr4) KVM_X86_OP(set_efer) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index d5fede05eb5f..22f384320ed1 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1342,6 +1342,7 @@ struct kvm_x86_ops { struct kvm_segment *var, int seg); void (*get_cs_db_l_bits)(struct kvm_vcpu *vcpu, int *db, int *l); void (*set_cr0)(struct kvm_vcpu *vcpu, unsigned long cr0); + void (*post_set_cr3)(struct kvm_vcpu *vcpu, unsigned long cr3); bool (*is_valid_cr4)(struct kvm_vcpu *vcpu, unsigned long cr0); void (*set_cr4)(struct kvm_vcpu *vcpu, unsigned long cr4); int (*set_efer)(struct kvm_vcpu *vcpu, u64 efer); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 208566f63bce..76e906d83a84 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1792,6 +1792,24 @@ static void svm_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt) vmcb_mark_dirty(svm->vmcb, VMCB_DT); } +static void svm_post_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + /* + * For guests that don't set guest_state_protected, the cr3 update is + * handled via kvm_mmu_load() while entering the guest. For guests + * that do (SEV-ES/SEV-SNP), the cr3 update needs to be written to + * VMCB save area now, since the save area will become the initial + * contents of the VMSA, and future VMCB save area updates won't be + * seen. + */ + if (sev_es_guest(vcpu->kvm)) { + svm->vmcb->save.cr3 = cr3; + vmcb_mark_dirty(svm->vmcb, VMCB_CR); + } +} + void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0) { struct vcpu_svm *svm = to_svm(vcpu); @@ -4622,6 +4640,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .get_cpl = svm_get_cpl, .get_cs_db_l_bits = kvm_get_cs_db_l_bits, .set_cr0 = svm_set_cr0, + .post_set_cr3 = svm_post_set_cr3, .is_valid_cr4 = svm_is_valid_cr4, .set_cr4 = svm_set_cr4, .set_efer = svm_set_efer, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 63615d242bdf..075107c1b3f5 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -3124,6 +3124,11 @@ static void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, vmcs_writel(GUEST_CR3, guest_cr3); } + +void vmx_post_set_cr3(struct kvm_vcpu *vcpu, unsigned long cr3) +{ +} + static bool vmx_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) { /* @@ -7597,6 +7602,7 @@ static struct kvm_x86_ops vmx_x86_ops __initdata = { .get_cpl = vmx_get_cpl, .get_cs_db_l_bits = vmx_get_cs_db_l_bits, .set_cr0 = vmx_set_cr0, + .post_set_cr3 = vmx_post_set_cr3, .is_valid_cr4 = vmx_is_valid_cr4, .set_cr4 = vmx_set_cr4, .set_efer = vmx_set_efer, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 26cb3a4cd0e9..c0d84a4c8049 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10609,6 +10609,7 @@ static int __set_sregs_common(struct kvm_vcpu *vcpu, struct kvm_sregs *sregs, *mmu_reset_needed |= kvm_read_cr3(vcpu) != sregs->cr3; vcpu->arch.cr3 = sregs->cr3; kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3); + static_call(kvm_x86_post_set_cr3)(vcpu, sregs->cr3); kvm_set_cr8(vcpu, sregs->cr8); From patchwork Thu Dec 16 17:13:55 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682205 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F6A9C433EF for ; Thu, 16 Dec 2021 17:14:59 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240048AbhLPRO6 (ORCPT ); Thu, 16 Dec 2021 12:14:58 -0500 Received: from mail-dm6nam08on2046.outbound.protection.outlook.com ([40.107.102.46]:62176 "EHLO NAM04-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S229835AbhLPRO5 (ORCPT ); Thu, 16 Dec 2021 12:14:57 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gg7+aFva4fEc/60PpbAxePU86cWNccDszfCK9V6IPVtMpEzz224bhc6i4EnmQ9EBS+KaWFG2SyjaJ7FjbOtTDy++LyffjdKGYwxaFqZN77G3MX4dVQpPWiLmOIXijSqjDq4zZqNhSVL9DPldU8JGmGmfiezWco+N0RBC46yx/QfMfN+XiLduol2gINgXiiFpxoPgRQzV6GkoRrfWaIx6Gkr9ZeEwk88neYSNHMdg04NBud3ppme/CgvKObXIVTrBXPcGU6GT46mNN8tjFIsC37/xSYOGnk0M5X8KSVeeqmpa650jzoyoQclazsF3ZDRhNVkG/gFk439VxaNDpDkw3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=C61ZZ4VSDTm7gNgNtaN72QQgAXlZ5VHkw4OEdGMeqv8=; b=c3XVV+LrU+0CKhl49U1N5B5wcEm5voKo7CQc77M/IfPcYOcHOXc4WkDh8jpdqUAA8EhYGm5PbADSYNEPaMzhr8/qM/80Ymlh2/oOTR1PHGbrAPKIjYXjERZosoehZIhxZB3bgTdJze3VBMul0hK3YGLPMYz4VX/pNy6k2Sr+k2ZZ1OErGz+asCJn9CqcCLHdi+W7KOJ6B+D3HrpSCTgln0tisbjYBc+oUBosfnExFt66gR7I0f9ug4otTGguYkmCiNbzg/9fr5vqnpcEO0FOWVd7Ja4TtXOvHakwbUt61OSwxe9Mj8ITPIbowxzvLPEvkj9v/aNtaXqRVFGhoFb2nQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C61ZZ4VSDTm7gNgNtaN72QQgAXlZ5VHkw4OEdGMeqv8=; b=X9cUUL/h33Q0VBTpjxICvaVrv7gxkPxZGvUmG1GKgS3t0mKMa2BhheS3YT4QnGT2x+lw7T3ONlvXl8wCo3Gan9TttAcCYMRsVzi+LcpzafB50Xq27gR5Lhm8h5nzvJEg4PHr50mbrfQZAYvGxGO2hdV9+ywiiQklv+rCZFHhqF4= Received: from DM6PR04CA0025.namprd04.prod.outlook.com (2603:10b6:5:334::30) by BL0PR12MB4740.namprd12.prod.outlook.com (2603:10b6:208:84::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:14:51 +0000 Received: from DM6NAM11FT014.eop-nam11.prod.protection.outlook.com (2603:10b6:5:334:cafe::50) by DM6PR04CA0025.outlook.office365.com (2603:10b6:5:334::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17 via Frontend Transport; Thu, 16 Dec 2021 17:14:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by DM6NAM11FT014.mail.protection.outlook.com (10.13.173.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:14:50 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:14:49 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 10/13] KVM: selftests: account for error code in #VC exception frame Date: Thu, 16 Dec 2021 11:13:55 -0600 Message-ID: <20211216171358.61140-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 22a72b10-1241-4f01-b251-08d9c0b791cf X-MS-TrafficTypeDiagnostic: BL0PR12MB4740:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2399; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ra3pRQr6UyE7af5SQHY6buMBBs2sA8LNE/Yvtc3yRy1yLnpTwAQjN87E79RHBDtU0EQgo0fyeL0pty14F4BCOSnPaktFaZF/dPAF/nwHyGRG28Vm3ulb1Vp+Vnz6PSpvynEEFck4w1YrPRlVn/0ynzFf6C27sVYD1mNsnTmlyGOH/UXuOxTSAJx9JtHHGE8UpxZe0fel8ij79IKHnNifALIQUNBFI7V+wabcgtUnLEdiD+RbcahUCmW9Wvs/PvOKnbxeZX3EwsFnIP5GC1MdiYI5hIlUTWTLJL9MZeWYRIWuC+soKA4FGom5dyG/uuLF3KBVUjQHh/R8Tq6fjGVe+9q6yQmkPsHhi4JPH5ui1WtYMSl+0Yi+M3yZX9D/Ur8iR3axOp/Jb6r9F5inQS+C5zWiq6pANurVvdb3OANT2DFpbr8EzkE4sZhQaQLkxrwzPtLlNiW7Q7RnO+c7br+4x9wfipn0BBY2qrJyKGcTABuE0lsgt6nAxG43ct55deojOxXEkM0FtEc9vLL7OZ7IcF2hJGRcd7mdmPuigFfT1lXKUairvcbJCWPVW/ZzxIOLtGGxJM7C/FiariwZz/LYpaEESu3r79e/0leFOCWhtb7kNNLg/bms03iUBpJaU+aNJ50zYig89kpc/sTZpAM2HC0AjvyPsnDHeKmFRoWakDoAa0apkZdTwEVHW9AsK0StqV47rpM1hDNL5OW5M0tRwv8QklkCY9s9/9BjqTlwwtVSmd0LO6Kj1vAMGtmW32Ije7CfnMwsRQX2lLkmUMVHJnjagtvgTlh8Dzalm1bqnqA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(4744005)(36860700001)(6666004)(26005)(36756003)(81166007)(44832011)(316002)(6916009)(16526019)(2906002)(2616005)(15650500001)(7416002)(5660300002)(47076005)(336012)(1076003)(356005)(8936002)(426003)(4326008)(8676002)(82310400004)(54906003)(186003)(70206006)(70586007)(83380400001)(40460700001)(508600001)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:14:50.6710 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 22a72b10-1241-4f01-b251-08d9c0b791cf X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT014.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB4740 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Exception 29 (#VC) pushes an error_code parameter on the stack. Update the exception list to reflect this. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/x86_64/handlers.S | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/handlers.S b/tools/testing/selftests/kvm/lib/x86_64/handlers.S index 7629819734af..19715a58f5d2 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/handlers.S +++ b/tools/testing/selftests/kvm/lib/x86_64/handlers.S @@ -76,6 +76,8 @@ idt_handler_code: HANDLERS has_error=1 from=10 to=14 HANDLERS has_error=0 from=15 to=16 HANDLERS has_error=1 from=17 to=17 - HANDLERS has_error=0 from=18 to=255 + HANDLERS has_error=0 from=18 to=28 + HANDLERS has_error=1 from=29 to=29 + HANDLERS has_error=0 from=30 to=255 .section .note.GNU-stack, "", %progbits From patchwork Thu Dec 16 17:13:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682209 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC926C433FE for ; Thu, 16 Dec 2021 17:15:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240087AbhLPRPh (ORCPT ); Thu, 16 Dec 2021 12:15:37 -0500 Received: from mail-bn8nam08on2069.outbound.protection.outlook.com ([40.107.100.69]:47105 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S230032AbhLPRPg (ORCPT ); Thu, 16 Dec 2021 12:15:36 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KhaQsIDKLfOsmdP0LXcer8ZcvM00ZnjyERr8O0hs2Eo9pzmw4EpAbUNHQL/VFeeqVZgXyOOCkb3l+pq10chkJBSzeIokcOiyBmC1acbfAJh8GbJidR8TV9SiT0rPyycoQatDEPAusEFgJ0xE4NNwn6Om/yrgoVHOayr/pQdEYGReLygIzCwnUNKKjhcTEhuUTBIcfinnilbQULbI7qGGJVNX+KBFoJqVOPI77yyrapqkeP/bRcCPK8tu5mZsR9Ug+5URAfFQY1rnoryI3tmXjzvNmWLW+1QmSrvAauNkcNHAwTgxZtrWztX49ElzsAomvlFbAWHUnRndtS3QelnNLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sO47yDYKDE4YhUHaKIZZDugHukeCeW9mdk+gvtYHVe0=; b=KRjBmd8Db9E29/TH0vViXWdYHLdjx3z/bYKaG+ysh9iySDQu9+v7/wbPpKMV+bV1KYdUl4XupwDIBWV3bpMJLyFt1/rlr/s4te1+u069SYIfNpseLr+T+c8Nh5JIzrPHSYKLKINFYPjFEtYteyPCYTKo26d3hg0B9mV3mH1KVg/kIRKkJW/Ha2pZ9LF1KLV4eooE81Yb2iQZDgLKxyen3tuuNnsKvbj7DgpOJoL4vUfPJP5L+FY0BQl/JRzMXVovzLr6MHAy1XDd/c2SCpdLjKZa3DvLKXQoyIUHA6DcevmrC6gDFq257aTSQXt+lczwBLMR9tlPHx4W2R4EoNUX4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sO47yDYKDE4YhUHaKIZZDugHukeCeW9mdk+gvtYHVe0=; b=TUC8keqwGvwpejIl5VtrHUIGKUqb2/nyg/+zg8UJ1/jqUfqtttfRKRubmzwPNKG4xDalL0Bm8pRhveNdnb6gcGOURMevW3nguspObshbhML/ytt4dyEH00n/Np/q6dZRHoFHgph9YxVbX7CMyGeAcQCPeBDWxpmllUm/564h1is= Received: from DS7PR05CA0036.namprd05.prod.outlook.com (2603:10b6:8:2f::25) by CH2PR12MB4071.namprd12.prod.outlook.com (2603:10b6:610:7b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14; Thu, 16 Dec 2021 17:15:33 +0000 Received: from DM6NAM11FT054.eop-nam11.prod.protection.outlook.com (2603:10b6:8:2f:cafe::fd) by DS7PR05CA0036.outlook.office365.com (2603:10b6:8:2f::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4823.8 via Frontend Transport; Thu, 16 Dec 2021 17:15:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by DM6NAM11FT054.mail.protection.outlook.com (10.13.173.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:15:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:15:32 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 11/13] KVM: selftests: add support for creating SEV-ES guests Date: Thu, 16 Dec 2021 11:13:56 -0600 Message-ID: <20211216171358.61140-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ea365090-423f-421e-6a9d-08d9c0b7ab78 X-MS-TrafficTypeDiagnostic: CH2PR12MB4071:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4303; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: UjL+obMjaR/HFrAqRwHSt5ZmuRy54ENJLwnmwdWo2sw5n2yltVv+2acKt4oq1vqhy4fWs0zG8jgXzDPKwoWHIkxXJ4j0SBz8upE40Ub+SVKjkTD5TsQBlIUTCAMbtrQLg+unntr/JIeAHpOS50bFxMn/3bWRzQMrkChjaTST+AKxW9tI0uuVeKqotP0cWWdUFbBC8VemoPMft+douXfpbvGVRNUJm0nV8tgZDThzIfP2c59R5OkkAnAzT5Y3iSFAzOZ7TgpKwgTpDPKuxyO+sSVw1bS0lXomA/uTPCEsDdfGepUDWQcjKzUd653Zm4ifQX7xsPkVnETSpUj9RgMPbWEXofJVkNkV2enVwUotZSDewNcsUcuNuj0JdUIkFC6ZSDlNSDULSoiq/eh5JvAWeB0HkJ/Klx7wAE+xunzs7uBFUoEVa0jPgJvjp/nWJ6A0ORQLMvbcPiYj1pWoeODx3ww25TQ96k96EmxwOojiTfMArf3pHkXCWbwnsg/eHwo4Hs14DeXD5X522iZYtaChgKJuQWlNOmp93Aq3gpZRAyqKvRWwdnO3L8NcD+fRV34mctXxx0EOFKpgxKy/Gi424GS/otmLkOw7Nm8xl40ijvIGk8HyoP12Bu+BwayOILDyTVUiuGbB9QTOQtRms90zPbyMahB/+n6t218QC5lWV7C3OPtWYCDVuEqtF5Ybk1LBMacqLLtIneYJ+QtYYvKVw/JU/NP6FZ5BzszPWzS4S2C+15cXLrkVBktN5Gz6IOvEWi4QNpXk/4XXX2plBMnEXM5LUbLZ4fxXp8i6Rqwith0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(70586007)(70206006)(426003)(47076005)(1076003)(356005)(6666004)(2906002)(316002)(40460700001)(4326008)(36756003)(86362001)(82310400004)(7416002)(81166007)(44832011)(508600001)(83380400001)(54906003)(2616005)(16526019)(186003)(5660300002)(26005)(8936002)(6916009)(8676002)(36860700001)(336012)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:15:33.7198 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ea365090-423f-421e-6a9d-08d9c0b7ab78 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT054.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4071 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Only a couple KVM_SEV_* ioctls need to be handled differently for SEV-ES. Do so when the specified policy indicates SEV-ES support. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/lib/x86_64/sev.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c index 4a99862d62e6..181be03f5a10 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -182,14 +182,18 @@ struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) return NULL; sev->sev_policy = policy; - kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + if (sev->sev_policy & SEV_POLICY_ES) + kvm_sev_ioctl(sev, KVM_SEV_ES_INIT, NULL); + else + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); vm_set_memory_encryption(vm, true, true, sev->enc_bit); vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); sev_register_user_region(sev, addr_gpa2hva(vm, 0), npages * vm_get_page_size(vm)); - pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + pr_info("%s guest created, policy: 0x%x, size: %lu KB\n", + (sev->sev_policy & SEV_POLICY_ES) ? "SEV-ES" : "SEV", sev->sev_policy, npages * vm_get_page_size(vm) / 1024); return sev; @@ -211,6 +215,9 @@ void sev_vm_launch(struct sev_vm *sev) "Unexpected guest state: %d", ksev_status.state); sev_encrypt(sev); + + if (sev->sev_policy & SEV_POLICY_ES) + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); } void sev_vm_launch_measure(struct sev_vm *sev, uint8_t *measurement) From patchwork Thu Dec 16 17:13:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682237 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D2A58C433FE for ; Thu, 16 Dec 2021 17:15:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230032AbhLPRP6 (ORCPT ); Thu, 16 Dec 2021 12:15:58 -0500 Received: from mail-sn1anam02on2057.outbound.protection.outlook.com ([40.107.96.57]:14052 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRP5 (ORCPT ); Thu, 16 Dec 2021 12:15:57 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bbA6Enz/HIzp7BWRZTeKJJhxeNBZEAtFlbCcl+HfqwY/S4/SzSq5G9r026S0xBlcyr2jzKZXWmf8OVbn9CbP78lrU/W9CxVN9xA/lvuKgiXnao5PypR24pGf1ZzJ1GXKLzC7ovPh7fBhtDLK1SZcwzjnXOnNo/aVh56iKrK20KhPujkzn24wZSYQhLO2/NMnMgrg9R3A4U9BMzlU6Pxv28OPtsIr9QYlkVut7MJHR1PfIxmg++nAKuvjklpXDjaiSLKA6glZnW75uVegBWMaIwagkt5fuPR+SKeFQvGTVTPXDJT2nwf43SqGR8xsNYTTGjnct8nLqHklqum0F31A6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QVMTkYEAox+dDIbBbUL9XGo8YCMwRLxKN+fL96RQ+P0=; b=O0pv1wfOTe+ENmMC8VpZRXeimjjtp2zn0W964+sy6Ei0MSaDpQRpwgKMeVVVt92uYEfxVUYqEvkKbipeZkJuc5AQ80Wsvfz4fLGa5MOUTsYB6Q0OVdWn9Sg5jfKzQvMquwc66zX4P+6QDoTsu2+ZVPA3rKfWQA2G4oloBNT7XSINoKcBsBaew0oridTqisLwVr7HLxs9G/wdVeUe31J9WdzUfSg5xkZvyKDBwQbYNYJ4ADcsLqWv9vnoG6Q2NEZFAIdDVdis/fdXfEo+7WAxjHYa3KoFpmZQ2S2L4Ofd2ZSDGQvrKtCAUA4VJGxoPYsx6xjTuKvy62KE31ZXG+jTgw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QVMTkYEAox+dDIbBbUL9XGo8YCMwRLxKN+fL96RQ+P0=; b=E2VgXbj1NAFz48uwS/SsBRy45pL2cARft6aDgjuJy8sPgeKQXO7BFxbd000dDjDJuKngPR7iR2elk/z4b7lKpdkMrzEScpkTJ84fy8d20tvPalzv4sRHP83MLrZUtWk1x6Inp96BaxBzK9ljDi7kVOt4q1R1riubJEyrv4kdRlM= Received: from DM3PR12CA0047.namprd12.prod.outlook.com (2603:10b6:0:56::15) by BN9PR12MB5383.namprd12.prod.outlook.com (2603:10b6:408:104::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:15:55 +0000 Received: from DM6NAM11FT048.eop-nam11.prod.protection.outlook.com (2603:10b6:0:56:cafe::4f) by DM3PR12CA0047.outlook.office365.com (2603:10b6:0:56::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16 via Frontend Transport; Thu, 16 Dec 2021 17:15:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by DM6NAM11FT048.mail.protection.outlook.com (10.13.173.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:15:55 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:15:54 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 12/13] KVM: selftests: add library for handling SEV-ES-related exits Date: Thu, 16 Dec 2021 11:13:57 -0600 Message-ID: <20211216171358.61140-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 14f8176a-387b-4740-8866-08d9c0b7b84d X-MS-TrafficTypeDiagnostic: BN9PR12MB5383:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dclHwDGxTZVeNx52NQ+OV+M4onP1hyLsRPV19r6ctPd1newv4NwVGe3Z+KgL5J+HS5rQ9Y12z/kB2mN8W7oQ6/stOXvCYXXAPGOY/sfWxGZ+fUf844ep3ayrFeZcMcAS1DhYfpC1MyhIgmmXDHlSXvBCRo/Q/4mJ6PpAn42IgkVrdFxssO0XIidG3oVpYCWIqJnJP9n9wLdpqfHhqpt9/E5/0b3n3ACMpCpEO2ZvQw+EH0l+CytcPKjVkAyrTUYn8FGomwWaRAs6z0flTomvUJTnLt2ruNdMAiPA34qDN+Km7zELpV6ruXTQ/HnOxSw5LvEw1XjIBBIMbOZ0NI5wYUmhrnj6hpQt/jzFzEmhKNHjX5W3T8baoW4FWyX6lNo1IP9jZYOYAmGL3dYIx+TtOLM9cvattnwsM07CBEcSIB216L1PLTQJJY6ob1m7LQL8LBE5q49kZIBlwc3XQuBgEP6+VRT1UGByzE0uOQt0sVAadmrgYXmv5hbCkvoHdGHxLaeMqrf3nSilrxkA780t5rOs5CFt00Spr7hXdG0DUzidPWb12F1nm4izryxX4IPghmgjorgoca3HtoEhwhzRXKaYDMzj2CximmxhIKRaUs4FosOwJpzEMnqu+g7Y/dFIiI2foH1GRubArQ6/B4Lcx8nIb9mX650bXsZSGRQ2EYphSQgDLGlzU2GP04YPRALynx/9CHFRWs+ybRA8Af2xXtaGpryICctzaXJLkWYE/jXzO9yrhSWuwvXBfjp/aib2aNkIMxHnti+et3Dx9tEo1ov7wokoBRGbrhIcswVEmG0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(40470700001)(5660300002)(26005)(81166007)(356005)(83380400001)(44832011)(426003)(86362001)(70586007)(4326008)(82310400004)(2616005)(336012)(40460700001)(70206006)(508600001)(186003)(36860700001)(7416002)(6916009)(47076005)(36756003)(1076003)(30864003)(316002)(8676002)(8936002)(2906002)(54906003)(16526019)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:15:55.2491 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 14f8176a-387b-4740-8866-08d9c0b7b84d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT048.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5383 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Add (or copy from kernel) routines related to handling #VC exceptions (only for cpuid currently) or issuing vmgexits. These will be used mostly by guest code. Some of this copied code, like DEFINE_GHCB_ACCESSORS, generate GCC/clang warnings due to -Waddress-of-packed-member, so compile with -Wno-address-of-packed-member like the kernel does. Signed-off-by: Michael Roth --- tools/testing/selftests/kvm/Makefile | 4 +- .../kvm/include/x86_64/sev_exitlib.h | 14 + .../selftests/kvm/include/x86_64/svm.h | 35 +++ .../selftests/kvm/include/x86_64/svm_util.h | 1 + .../selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++++ 5 files changed, 301 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 6f250e190fde..56f845523a03 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -40,7 +40,7 @@ SEV_PATH=/dev/sev LIBKVM = lib/assert.c lib/elf.c lib/io.c lib/kvm_util.c lib/rbtree.c lib/sparsebit.c lib/test_util.c lib/guest_modes.c lib/perf_test_util.c lib/ucall_common.c LIBKVM_x86_64 = lib/x86_64/apic.c lib/x86_64/processor.c lib/x86_64/vmx.c lib/x86_64/svm.c lib/x86_64/ucall.c lib/x86_64/handlers.S -LIBKVM_x86_64 += lib/x86_64/sev.c +LIBKVM_x86_64 += lib/x86_64/sev.c lib/x86_64/sev_exitlib.c LIBKVM_aarch64 = lib/aarch64/processor.c lib/aarch64/ucall.c lib/aarch64/handlers.S lib/aarch64/spinlock.c lib/aarch64/gic.c lib/aarch64/gic_v3.c lib/aarch64/vgic.c LIBKVM_s390x = lib/s390x/processor.c lib/s390x/ucall.c lib/s390x/diag318_test_handler.c @@ -142,7 +142,7 @@ CFLAGS += -Wall -Wstrict-prototypes -Wuninitialized -O2 -g -std=gnu99 \ -fno-stack-protector -fno-PIE -I$(LINUX_TOOL_INCLUDE) \ -I$(LINUX_TOOL_ARCH_INCLUDE) -I$(LINUX_HDR_PATH) -Iinclude \ -I$( +#include /* needed by kvm_util_internal.h */ +#include "../kvm_util_internal.h" /* needed by processor.h */ +#include "processor.h" /* for struct ex_regs */ +#include "svm_util.h" /* for additional SVM_EXIT_* definitions */ +#include "svm.h" /* for VMCB/VMSA layout */ +#include "sev_exitlib.h" + +#define PAGE_SHIFT 12 + +#define MSR_SEV_ES_GHCB 0xc0010130 + +#define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } + +#define GHCB_PROTOCOL_MAX 1 +#define GHCB_DEFAULT_USAGE 0 + +/* Guest-requested termination codes */ +#define GHCB_TERMINATE 0x100UL +#define GHCB_TERMINATE_REASON(reason_set, reason_val) \ + (((((u64)reason_set) & 0x7) << 12) | \ + ((((u64)reason_val) & 0xff) << 16)) + +#define GHCB_TERMINATE_REASON_UNSPEC 0 + +/* GHCB MSR protocol for CPUID */ +#define GHCB_CPUID_REQ_EAX 0 +#define GHCB_CPUID_REQ_EBX 1 +#define GHCB_CPUID_REQ_ECX 2 +#define GHCB_CPUID_REQ_EDX 3 +#define GHCB_CPUID_REQ_CODE 0x4UL +#define GHCB_CPUID_REQ(fn, reg) \ + (GHCB_CPUID_REQ_CODE | (((uint64_t)reg & 3) << 30) | (((uint64_t)fn) << 32)) +#define GHCB_CPUID_RESP_CODE 0x5UL +#define GHCB_CPUID_RESP(resp) ((resp) & 0xfff) + +/* GHCB MSR protocol for GHCB registration */ +#define GHCB_REG_GPA_REQ_CODE 0x12UL +#define GHCB_REG_GPA_REQ(gfn) \ + (((unsigned long)((gfn) & GENMASK_ULL(51, 0)) << 12) | GHCB_REG_GPA_REQ_CODE) +#define GHCB_REG_GPA_RESP_CODE 0x13UL +#define GHCB_REG_GPA_RESP(resp) ((resp) & GENMASK_ULL(11, 0)) +#define GHCB_REG_GPA_RESP_VAL(resp) ((resp) >> 12) + +/* GHCB format/accessors */ + +struct ghcb { + struct vmcb_save_area save; + u8 reserved_save[2048 - sizeof(struct vmcb_save_area)]; + u8 shared_buffer[2032]; + u8 reserved_1[10]; + u16 protocol_version; + u32 ghcb_usage; +}; + +#define GHCB_BITMAP_IDX(field) \ + (offsetof(struct vmcb_save_area, field) / sizeof(u64)) + +#define DEFINE_GHCB_ACCESSORS(field) \ + static inline bool ghcb_##field##_is_valid(const struct ghcb *ghcb) \ + { \ + return test_bit(GHCB_BITMAP_IDX(field), \ + (unsigned long *)&ghcb->save.valid_bitmap); \ + } \ + \ + static inline u64 ghcb_get_##field(struct ghcb *ghcb) \ + { \ + return ghcb->save.field; \ + } \ + \ + static inline u64 ghcb_get_##field##_if_valid(struct ghcb *ghcb) \ + { \ + return ghcb_##field##_is_valid(ghcb) ? ghcb->save.field : 0; \ + } \ + \ + static inline void ghcb_set_##field(struct ghcb *ghcb, u64 value) \ + { \ + __set_bit(GHCB_BITMAP_IDX(field), \ + (unsigned long *)&ghcb->save.valid_bitmap); \ + ghcb->save.field = value; \ + } + +DEFINE_GHCB_ACCESSORS(cpl) +DEFINE_GHCB_ACCESSORS(rip) +DEFINE_GHCB_ACCESSORS(rsp) +DEFINE_GHCB_ACCESSORS(rax) +DEFINE_GHCB_ACCESSORS(rcx) +DEFINE_GHCB_ACCESSORS(rdx) +DEFINE_GHCB_ACCESSORS(rbx) +DEFINE_GHCB_ACCESSORS(rbp) +DEFINE_GHCB_ACCESSORS(rsi) +DEFINE_GHCB_ACCESSORS(rdi) +DEFINE_GHCB_ACCESSORS(r8) +DEFINE_GHCB_ACCESSORS(r9) +DEFINE_GHCB_ACCESSORS(r10) +DEFINE_GHCB_ACCESSORS(r11) +DEFINE_GHCB_ACCESSORS(r12) +DEFINE_GHCB_ACCESSORS(r13) +DEFINE_GHCB_ACCESSORS(r14) +DEFINE_GHCB_ACCESSORS(r15) +DEFINE_GHCB_ACCESSORS(sw_exit_code) +DEFINE_GHCB_ACCESSORS(sw_exit_info_1) +DEFINE_GHCB_ACCESSORS(sw_exit_info_2) +DEFINE_GHCB_ACCESSORS(sw_scratch) +DEFINE_GHCB_ACCESSORS(xcr0) + +static uint64_t sev_es_rdmsr_ghcb(void) +{ + uint64_t lo, hi; + + asm volatile("rdmsr" + : "=a" (lo), "=d" (hi) + : "c" (MSR_SEV_ES_GHCB)); + + return ((hi << 32) | lo); +} + +static void sev_es_wrmsr_ghcb(uint64_t val) +{ + uint64_t lo, hi; + + lo = val & 0xFFFFFFFF; + hi = val >> 32; + + asm volatile("wrmsr" + :: "c" (MSR_SEV_ES_GHCB), "a" (lo), "d" (hi) + : "memory"); +} + +void sev_es_terminate(int reason) +{ + uint64_t val = GHCB_TERMINATE; + + val |= GHCB_TERMINATE_REASON(2, reason); + + sev_es_wrmsr_ghcb(val); + VMGEXIT(); + + while (true) + asm volatile("hlt" : : : "memory"); +} + +static int sev_es_ghcb_hv_call(struct ghcb *ghcb, u64 ghcb_gpa, u64 exit_code) +{ + ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; + + ghcb_set_sw_exit_code(ghcb, exit_code); + ghcb_set_sw_exit_info_1(ghcb, 0); + ghcb_set_sw_exit_info_2(ghcb, 0); + + sev_es_wrmsr_ghcb(ghcb_gpa); + + VMGEXIT(); + + /* Only #VC exceptions are currently handled. */ + if ((ghcb->save.sw_exit_info_1 & 0xffffffff) == 1) + sev_es_terminate(GHCB_TERMINATE_REASON_UNSPEC); + + return 0; +} + +static int handle_vc_cpuid(struct ghcb *ghcb, u64 ghcb_gpa, struct ex_regs *regs) +{ + int ret; + + ghcb_set_rax(ghcb, regs->rax); + ghcb_set_rcx(ghcb, regs->rcx); + + /* ignore additional XSAVE states for now */ + ghcb_set_xcr0(ghcb, 1); + + ret = sev_es_ghcb_hv_call(ghcb, ghcb_gpa, SVM_EXIT_CPUID); + if (ret) + return ret; + + if (!(ghcb_rax_is_valid(ghcb) && + ghcb_rbx_is_valid(ghcb) && + ghcb_rcx_is_valid(ghcb) && + ghcb_rdx_is_valid(ghcb))) + return 1; + + regs->rax = ghcb->save.rax; + regs->rbx = ghcb->save.rbx; + regs->rcx = ghcb->save.rcx; + regs->rdx = ghcb->save.rdx; + + regs->rip += 2; + + return 0; +} + +static int handle_msr_vc_cpuid(struct ex_regs *regs) +{ + uint32_t fn = regs->rax & 0xFFFFFFFF; + uint64_t resp; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EAX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rax = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EBX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rbx = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_ECX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rcx = resp >> 32; + + sev_es_wrmsr_ghcb(GHCB_CPUID_REQ(fn, GHCB_CPUID_REQ_EDX)); + VMGEXIT(); + resp = sev_es_rdmsr_ghcb(); + if (GHCB_CPUID_RESP(resp) != GHCB_CPUID_RESP_CODE) + return 1; + regs->rdx = resp >> 32; + + regs->rip += 2; + + return 0; +} + +int sev_es_handle_vc(void *ghcb, u64 ghcb_gpa, struct ex_regs *regs) +{ + if (regs->error_code != SVM_EXIT_CPUID) + return 1; + + if (!ghcb) + return handle_msr_vc_cpuid(regs); + + return handle_vc_cpuid(ghcb, ghcb_gpa, regs); +} From patchwork Thu Dec 16 17:13:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12682239 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B67EFC433FE for ; Thu, 16 Dec 2021 17:16:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233424AbhLPRQW (ORCPT ); Thu, 16 Dec 2021 12:16:22 -0500 Received: from mail-mw2nam10on2041.outbound.protection.outlook.com ([40.107.94.41]:52736 "EHLO NAM10-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S233283AbhLPRQT (ORCPT ); Thu, 16 Dec 2021 12:16:19 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=obggnHIhebieTxF2mUnBso+GCpRAbTpgctpwiaXWN2uBI7jZND99KGb4X3OqJjgtPtn9qtIbTuvjkD1K3BrYOWboKDxKMFvdKXw0ZzsWZyy+yD24nQKeGcFXCGaebz9f3Hb2+i0jwh/tJ8ShW30Jo+NxoGl7AZKnRKEp/5Wy8XxCdmAfv/cRacwPt7lPoJZXGFBW5K6dhDtG+xTafPR2qXT4D7VLnvDstOFBT4H0pvp4hxefL+JV/s3xuAz93CZpIrRIBkm0+XjHPmtCnell6MGuA3R8KZuMl87zcXbOU1Fr5b83qcWsjyK2TloPdldZfodELWMxvLsKkFxRRR/wNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Z7IwfmF6j7lQ5dhDs/7vSnzQXC+YLYmxazWjCC/ZqA4=; b=gw39GLmvLD5g7Ql/pkZdfHo6CQ2itl/kkCD1vdubz5c+nD2tZ8L37+W4KkSxgAIdCpuC70kwXI8W1mW8MaHkA1fAdOhShgkc+u6kHOGyOl2E4+STdGJeK1Izn9XJwbIF04zc+tedkUz8pJlxEC/A4O3jKQ8L5vFaUF07ymf3qoJJLPEdZdrXU7lWf8uEK0bgkqyagIzOanZSyNHLInp76p2t1mJsf/fRyKR35kmdvat3/WUGiZyA+23WFlmQ8bKrmkeJ3V5meTx5T1/hpeE+O73n0zbJNSr3pxi20xyP+2SD3NbJsWCc7A/emgddKDyDBrxnk5KPZPoQQRrsC4dfXQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z7IwfmF6j7lQ5dhDs/7vSnzQXC+YLYmxazWjCC/ZqA4=; b=h9BKUpYuZQnG2Y2m+yO7kQjqCnhztb/YOuFkZVDkf7ZaiWdWXt5o81ybyClj562SYpVY2p+I8pCX/7RjCeVQ6BJzpZ938u5jC/Unzq1DRo1t0cgPNMTCTzIcSXp0AWU1+99XgmyR5Y4hOKRW7+5bJulDIfhpOcgQpRfNBUItWhc= Received: from MWHPR10CA0017.namprd10.prod.outlook.com (2603:10b6:301::27) by BN8PR12MB3555.namprd12.prod.outlook.com (2603:10b6:408:48::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.17; Thu, 16 Dec 2021 17:16:17 +0000 Received: from CO1NAM11FT053.eop-nam11.prod.protection.outlook.com (2603:10b6:301:0:cafe::fd) by MWHPR10CA0017.outlook.office365.com (2603:10b6:301::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:16:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; Received: from SATLEXMB03.amd.com (165.204.84.17) by CO1NAM11FT053.mail.protection.outlook.com (10.13.175.63) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4801.14 via Frontend Transport; Thu, 16 Dec 2021 17:16:16 +0000 Received: from localhost (10.180.168.240) by SATLEXMB03.amd.com (10.181.40.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Thu, 16 Dec 2021 11:16:15 -0600 From: Michael Roth To: CC: , , , Nathan Tempelman , Marc Orr , "Steve Rutherford" , Sean Christopherson , Mingwei Zhang , Brijesh Singh , Tom Lendacky , Varad Gautam , Shuah Khan , Vitaly Kuznetsov , "David Woodhouse" , Ricardo Koller , "Jim Mattson" , Joerg Roedel , "Thomas Gleixner" , Ingo Molnar , "Borislav Petkov" , "H . Peter Anvin" , Krish Sadhukhan , Peter Gonda Subject: [PATCH v2 13/13] KVM: selftests: add SEV-ES boot tests Date: Thu, 16 Dec 2021 11:13:58 -0600 Message-ID: <20211216171358.61140-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211216171358.61140-1-michael.roth@amd.com> References: <20211216171358.61140-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB03.amd.com (10.181.40.144) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 30dd5f56-8945-4d35-2419-08d9c0b7c548 X-MS-TrafficTypeDiagnostic: BN8PR12MB3555:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:2958; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nBHPrwZ0a85m+nRpLntjWt3ab3GjharpkPmv2m0eoMzi72MDNYKFsxEyYxZPyWhQBBHs82nn/69PRFpbosAUkz/1GDC7eLOK7Lwr/FoF3gyVqGmOLAyly7SXKkZdCPzZH/At3nnWzHkQ9DnabO39GHq4SxCmNguTyMXI1SbhbGfNhS8aftnyKCUSzjcieTqBDTrqCj6Lm6pTn0ZFe6Z0LudAL+USKrX1pAmZq24rFmMn27sGuHzPNNsg0Lv50YYtg8MtEVEJ9PF9uGNF0ZaHEXwfzqcTpxQbGQo2A8o76mOEN+X43w/SK9qUZBDl9ti75cDfjiKTTWhMZZjgIISB2Ki8NJ8rwYdtAx+1AZ32yaHwOmVvDYn9PKHJJbqLjEkjuT2dFqKPfm6GBOwtjiBv8KJTjPN2iVbv7kQkIU97ReDYp4QstPkkePe1Efnl1KZOuSJ/f7OQtgV/n9fxVer6UknQLUH02X9e6MXqD0E4tnyazHUYC/vzHO/ZtbLopF1RAQx4jypVUILFJy7hixZQLe99la1MhDo9XM7tgUq14zILaya4Kw7wcLO0cowZaDTD1eqO9n9vHMFBrRe6RclJl1/anyR3cgRKGVhWHaj53XYO827fO6/BfZW3TULYN4m4RYsPMWBQy1SINzp1yGV8usc/vHoQTQ3HcdBkR4ew3VYU9G4nFH+j4K3HfuS//OmfJT4YnAhCV+lM7cx+2t5sZg106xhCy0NzfrafoHe+nqzhuFTwtyceyowrlMI8tAcgy3D7p22558m5DXbj+mVg+FPhxBu4zYtUF1cgvhjpevk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB03.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(40470700001)(54906003)(36756003)(2906002)(83380400001)(356005)(36860700001)(70586007)(336012)(7416002)(1076003)(86362001)(4326008)(2616005)(6666004)(70206006)(6916009)(316002)(82310400004)(8936002)(81166007)(44832011)(5660300002)(426003)(16526019)(40460700001)(26005)(508600001)(186003)(8676002)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2021 17:16:16.9461 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 30dd5f56-8945-4d35-2419-08d9c0b7c548 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB03.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT053.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR12MB3555 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Extend the existing SEV boot tests to also cover SEV-ES guests. Also add some tests for handling #VC exceptions for cpuid instructions using both MSR-based and GHCB-based vmgexits. Signed-off-by: Michael Roth --- .../selftests/kvm/x86_64/sev_all_boot_test.c | 63 ++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c index 329a740a7cb2..63c26bf4ecb6 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -18,6 +18,7 @@ #include "svm_util.h" #include "linux/psp-sev.h" #include "sev.h" +#include "sev_exitlib.h" #define VCPU_ID 2 #define PAGE_SIZE 4096 @@ -31,6 +32,10 @@ #define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) +/* Globals for use by #VC handler. */ +static void *ghcb0_gva; +static vm_paddr_t ghcb0_gpa; + static void fill_buf(uint8_t *buf, size_t pages, size_t stride, uint8_t val) { int i, j; @@ -165,6 +170,47 @@ guest_sev_code(struct ucall *uc, uint8_t *shared_buf, uint8_t *private_buf) guest_test_done(uc); } +static void vc_handler(struct ex_regs *regs) +{ + sev_es_handle_vc(ghcb0_gva, ghcb0_gpa, regs); +} + +static void __attribute__((__flatten__)) +guest_sev_es_code(struct ucall *uc, uint8_t *shared_buf, + uint8_t *private_buf, uint64_t ghcb_gpa, void *ghcb_gva) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t sev_status; + + guest_test_start(uc); + +again: + /* Check CPUID values via GHCB MSR protocol. */ + eax = 0x8000001f; + ecx = 0; + cpuid(&eax, &ebx, &ecx, &edx); + + /* Check SEV bit. */ + GUEST_SHARED_ASSERT(uc, eax & (1 << 1)); + /* Check SEV-ES bit. */ + GUEST_SHARED_ASSERT(uc, eax & (1 << 3)); + + if (!ghcb0_gva) { + ghcb0_gva = ghcb_gva; + ghcb0_gpa = ghcb_gpa; + /* Check CPUID bits again using GHCB-based protocol. */ + goto again; + } + + /* Check SEV and SEV-ES enabled bits (bits 0 and 1, respectively). */ + sev_status = rdmsr(MSR_AMD64_SEV); + GUEST_SHARED_ASSERT(uc, (sev_status & 0x3) == 3); + + guest_test_common(uc, shared_buf, private_buf); + + guest_test_done(uc); +} + static struct sev_vm * setup_test_common(void *guest_code, uint64_t policy, struct ucall **uc, uint8_t **shared_buf, uint8_t **private_buf) @@ -200,7 +246,18 @@ setup_test_common(void *guest_code, uint64_t policy, struct ucall **uc, fill_buf(*private_buf, PRIVATE_PAGES, PAGE_STRIDE, 0x42); /* Set up guest params. */ - vcpu_args_set(vm, VCPU_ID, 4, uc_vaddr, shared_vaddr, private_vaddr); + if (policy & SEV_POLICY_ES) { + vm_vaddr_t ghcb_vaddr = vm_vaddr_alloc_shared(vm, PAGE_SIZE, PAGE_SIZE); + + vcpu_args_set(vm, VCPU_ID, 6, uc_vaddr, shared_vaddr, private_vaddr, + addr_gva2gpa(vm, ghcb_vaddr), ghcb_vaddr); + /* Set up VC handler. */ + vm_init_descriptor_tables(vm); + vm_install_exception_handler(vm, 29, vc_handler); + vcpu_init_descriptor_tables(vm, VCPU_ID); + } else { + vcpu_args_set(vm, VCPU_ID, 4, uc_vaddr, shared_vaddr, private_vaddr); + } /* * Hand these back to test harness, translation is needed now since page @@ -251,5 +308,9 @@ int main(int argc, char *argv[]) test_sev(guest_sev_code, SEV_POLICY_NO_DBG); test_sev(guest_sev_code, 0); + /* SEV-ES tests */ + test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev(guest_sev_es_code, SEV_POLICY_ES); + return 0; }