From patchwork Wed Aug 10 15:20:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940678 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E6D8C25B07 for ; Wed, 10 Aug 2022 15:20:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233110AbiHJPUq (ORCPT ); Wed, 10 Aug 2022 11:20:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37044 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233156AbiHJPUj (ORCPT ); Wed, 10 Aug 2022 11:20:39 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CF8142409A for ; Wed, 10 Aug 2022 08:20:38 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id kb4-20020a17090ae7c400b001f783657496so1328540pjb.6 for ; Wed, 10 Aug 2022 08:20:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=pTM3VLICBKkRJLIraoN2yuH4ndpvQ9iDrH4IB8fss5I=; b=lCGx5tQ+dKIhHpZkyE+MZbxrlQvpioxRjZ7bmh7+2m+A0y8AOoy+W0jF7eMd1jtOxG EPwXD8JyVuI39oh8FkykSP6/0ABy9z9fM6g8JewNekobOp8MC3aLOcho/pZhpuDjrn6w ptsFU/fy+YOt5n7VbGx7o0YHKZNcIvBFj2RjaOklj8awdiEYiygkBJFs0tZ7Z0cp9Fz3 R65Ki0oRTXX7HsmlSUJ29CAOwgwzGNKzEu8s1F+Who4sHJH2OVf1+1WW5ndUY/TKUf5s CPkGIOeV/O5QjBIkAOtA6zHVYnwqmAztNVVTLaYwDFjI00pJ+celv8dtE4aMadvd3r2t NAsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=pTM3VLICBKkRJLIraoN2yuH4ndpvQ9iDrH4IB8fss5I=; b=6N72OVHZGbPFammDopPB8iM9IvW3wCAfoefgtS+lcgF+i8wWE4rsqSuGPX0JfV1csN 4wJ3JoUlzxhqH2dMwL0+J0EPjUiCvelxl9lwkn4VAQ1h8Ut1SStaW6U5uyWq5h9NkLJO Rg6k2+Yh1rtKDHT5RkaYgwuzaOkL9ZvMnfMRd1d1VybKFpIoETPxcj3U72McNGmujmyS YXqo/6J9XbCQiDH7PABDMyOfuW4WrFuk6Up+wYtEct76laF3Bh64lea5y5tkw3f2arZs mdYaGNZ+OoeQRARW6+8UVxAs5UWHM8vDa3pcUX12WFn4cRJe6w1nkZL6S3TFyHRagayk f6yQ== X-Gm-Message-State: ACgBeo3P6ot4MHijlSUwXDyCvq5jeRPVIOGie1DZJxZ2+ceL+fi7g9qJ FpFIZaERBAoIBX6yvAiCRvTQNlWN3/a5Ym4RFRi+7ev9eUbZkH7LRTqNtvTRzfNXm+rg4tKeWaZ SdtwfKGpfoBvLNkHTjTRGQxZB1t6mHEEB5/U+C5EFTjAwEsxyHZf4HDycFA== X-Google-Smtp-Source: AA6agR5u7bmiuslS/TLDZgTUSpRz4B0WdpLYWlxKyrIDhaQ9QjML9QMkKIBFIKhsAyG6j9iqiUlyAhJl8fk= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a17:902:ccd0:b0:16c:5d4f:99f3 with SMTP id z16-20020a170902ccd000b0016c5d4f99f3mr27993747ple.139.1660144838210; Wed, 10 Aug 2022 08:20:38 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:23 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-2-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 01/11] KVM: selftests: move vm_phy_pages_alloc() earlier in file From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth Subsequent patches will break some of this code out into file-local helper functions, which will be used by functions like vm_vaddr_alloc(), which currently are defined earlier in the file, so a forward declaration would be needed. Instead, move it earlier in the file, just above vm_vaddr_alloc() and and friends, which are the main users. Reviewed-by: Mingwei Zhang Reviewed-by: Andrew Jones Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- tools/testing/selftests/kvm/lib/kvm_util.c | 145 ++++++++++----------- 1 file changed, 72 insertions(+), 73 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 9889fe0d8919..cb3a5f8a53b7 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1089,6 +1089,78 @@ struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) return vcpu; } +/* + * Physical Contiguous Page Allocator + * + * Input Args: + * vm - Virtual Machine + * num - number of pages + * paddr_min - Physical address minimum + * memslot - Memory region to allocate page from + * + * Output Args: None + * + * Return: + * Starting physical address + * + * Within the VM specified by vm, locates a range of available physical + * pages at or above paddr_min. If found, the pages are marked as in use + * and their base address is returned. A TEST_ASSERT failure occurs if + * not enough pages are available at or above paddr_min. + */ +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + struct userspace_mem_region *region; + sparsebit_idx_t pg, base; + + TEST_ASSERT(num > 0, "Must allocate at least one page"); + + TEST_ASSERT((paddr_min % vm->page_size) == 0, + "Min physical address not divisible by page size.\n paddr_min: 0x%lx page_size: 0x%x", + paddr_min, vm->page_size); + + region = memslot2region(vm, memslot); + base = pg = paddr_min >> vm->page_shift; + + do { + for (; pg < base + num; ++pg) { + if (!sparsebit_is_set(region->unused_phy_pages, pg)) { + base = pg = sparsebit_next_set(region->unused_phy_pages, pg); + break; + } + } + } while (pg && pg != base + num); + + if (pg == 0) { + fprintf(stderr, + "No guest physical page available, paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", + paddr_min, vm->page_size, memslot); + fputs("---- vm dump ----\n", stderr); + vm_dump(stderr, vm, 2); + abort(); + } + + for (pg = base; pg < base + num; ++pg) + sparsebit_clear(region->unused_phy_pages, pg); + + return base * vm->page_size; +} + +vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, + uint32_t memslot) +{ + return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); +} + +/* Arbitrary minimum physical address used for virtual translation tables. */ +#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 + +vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) +{ + return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); +} + /* * VM Virtual Address Unused Gap * @@ -1735,79 +1807,6 @@ const char *exit_reason_str(unsigned int exit_reason) return "Unknown"; } -/* - * Physical Contiguous Page Allocator - * - * Input Args: - * vm - Virtual Machine - * num - number of pages - * paddr_min - Physical address minimum - * memslot - Memory region to allocate page from - * - * Output Args: None - * - * Return: - * Starting physical address - * - * Within the VM specified by vm, locates a range of available physical - * pages at or above paddr_min. If found, the pages are marked as in use - * and their base address is returned. A TEST_ASSERT failure occurs if - * not enough pages are available at or above paddr_min. - */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) -{ - struct userspace_mem_region *region; - sparsebit_idx_t pg, base; - - TEST_ASSERT(num > 0, "Must allocate at least one page"); - - TEST_ASSERT((paddr_min % vm->page_size) == 0, "Min physical address " - "not divisible by page size.\n" - " paddr_min: 0x%lx page_size: 0x%x", - paddr_min, vm->page_size); - - region = memslot2region(vm, memslot); - base = pg = paddr_min >> vm->page_shift; - - do { - for (; pg < base + num; ++pg) { - if (!sparsebit_is_set(region->unused_phy_pages, pg)) { - base = pg = sparsebit_next_set(region->unused_phy_pages, pg); - break; - } - } - } while (pg && pg != base + num); - - if (pg == 0) { - fprintf(stderr, "No guest physical page available, " - "paddr_min: 0x%lx page_size: 0x%x memslot: %u\n", - paddr_min, vm->page_size, memslot); - fputs("---- vm dump ----\n", stderr); - vm_dump(stderr, vm, 2); - abort(); - } - - for (pg = base; pg < base + num; ++pg) - sparsebit_clear(region->unused_phy_pages, pg); - - return base * vm->page_size; -} - -vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, - uint32_t memslot) -{ - return vm_phy_pages_alloc(vm, 1, paddr_min, memslot); -} - -/* Arbitrary minimum physical address used for virtual translation tables. */ -#define KVM_GUEST_PAGE_TABLE_MIN_PADDR 0x180000 - -vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm) -{ - return vm_phy_page_alloc(vm, KVM_GUEST_PAGE_TABLE_MIN_PADDR, 0); -} - /* * Address Guest Virtual to Host Virtual * From patchwork Wed Aug 10 15:20:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940681 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D63F6C19F2A for ; Wed, 10 Aug 2022 15:20:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233146AbiHJPUw (ORCPT ); Wed, 10 Aug 2022 11:20:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37144 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233052AbiHJPUo (ORCPT ); Wed, 10 Aug 2022 11:20:44 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01E04205E4 for ; Wed, 10 Aug 2022 08:20:41 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id h13-20020a056a00000d00b0052de2e258dbso6593809pfk.7 for ; Wed, 10 Aug 2022 08:20:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=8MDrSSJN+twKU+OeXMyRukiKOgXhLxaOcHYuErNp7kg=; b=bVg0A9k4nTZXk9cUYmLQAyaprpUDijfnsfhz4q3ZJ5s/GDur2t6kXw3a1jxkLtmT/8 w0F7VBHVBAFYD4K0DByNbg/nNSkbiVOQEN4ZFoht2BGexM+6qAzlqUSLeauMVAl/Qs2I xAVeIrfMHjRpVwAQBW+xxwdMpte0inRJXRlhw0luw0QjMmNMfmREFDPwO7Bhmu5SM/W1 3HES9gJ3/dI3hqggZpYxQXI5awb39Jl4eWvLkFd0vl/MgVQclthf8Oxuekhq2THbMTAJ ahztWKZFqIwq+bvTnapMkXYaj+URPdE/qQw+pZtXSKhc3lEQzcSfPm2BcwQpSuYM9sI4 VwrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=8MDrSSJN+twKU+OeXMyRukiKOgXhLxaOcHYuErNp7kg=; b=KxdRRzZeM3vkdxSiEF8vfvluRu5szb3e9slxgS6XGCneK8OuOIdbxivrasYfsHMUft j9GzwiVKckdy48gIbexENADHgguCsr9TMV7rGMHgsGvtbKfBNgH2QBvoBiPp79yQPdQV iiF8jMaOVzAkdgiXQMFevt3nZYmVtOPfZQt+zeAf/c0jsxst7pYXj0cnpmcz22b89Jtn DARTz+CB7THRy26vgXUXcZX2P4GS8/VF2tn8JUBy5SADL5fjKfUICZraxhw9p4xRwpsc w8v1jyiPddD3MH0cS29aEtFWRom2SGHN/9NDio7EAVE2rLRiSF2uxVQ/qY3uZdSOWtPi M2jw== X-Gm-Message-State: ACgBeo0IBxno9CbVXvn41LYlUdJCSd6RWSOY9M2TsKZgLCEaN6R7VFWs Bz5rxk2/ESuaXG08Kt8CdTxUQ0Rnac8OyCxEGBPLMk0utoh6keqreRDvv5cBKJJhBWXcWypo8xn aUheP3cw7lgXwlFrhHAB207EtuOXDUowDDfxAo4mG1SPn4OFSHiiF9gNtoA== X-Google-Smtp-Source: AA6agR6EEc6XwQcl9wb0htEgAIfdj0xZNuVFEo2DFTOVbdDfYs8aB+KqHw7JFYYjlNtQJ1FoctRC2dy4kVo= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a05:6a00:140e:b0:52f:8d74:4b77 with SMTP id l14-20020a056a00140e00b0052f8d744b77mr10294619pfu.39.1660144840311; Wed, 10 Aug 2022 08:20:40 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:24 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-3-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 02/11] KVM: selftests: sparsebit: add const where appropriate From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth Subsequent patches will introduce an encryption bitmap in kvm_util that would be useful to allow tests to access in read-only fashion. This will be done via a const sparsebit*. To avoid warnings or the need to add casts everywhere, add const to the various sparsebit functions that are applicable for read-only usage of sparsebit. Reviewed-by: Andrew Jones Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../testing/selftests/kvm/include/sparsebit.h | 36 +++++++------- tools/testing/selftests/kvm/lib/sparsebit.c | 48 +++++++++---------- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/tools/testing/selftests/kvm/include/sparsebit.h b/tools/testing/selftests/kvm/include/sparsebit.h index 12a9a4b9cead..fb5170d57fcb 100644 --- a/tools/testing/selftests/kvm/include/sparsebit.h +++ b/tools/testing/selftests/kvm/include/sparsebit.h @@ -30,26 +30,26 @@ typedef uint64_t sparsebit_num_t; struct sparsebit *sparsebit_alloc(void); void sparsebit_free(struct sparsebit **sbitp); -void sparsebit_copy(struct sparsebit *dstp, struct sparsebit *src); +void sparsebit_copy(struct sparsebit *dstp, const struct sparsebit *src); -bool sparsebit_is_set(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_set_num(struct sparsebit *sbit, +bool sparsebit_is_set(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_set_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -bool sparsebit_is_clear(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_clear_num(struct sparsebit *sbit, +bool sparsebit_is_clear(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_clear_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -sparsebit_num_t sparsebit_num_set(struct sparsebit *sbit); -bool sparsebit_any_set(struct sparsebit *sbit); -bool sparsebit_any_clear(struct sparsebit *sbit); -bool sparsebit_all_set(struct sparsebit *sbit); -bool sparsebit_all_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_set(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_next_set(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *sbit, +sparsebit_num_t sparsebit_num_set(const struct sparsebit *sbit); +bool sparsebit_any_set(const struct sparsebit *sbit); +bool sparsebit_any_clear(const struct sparsebit *sbit); +bool sparsebit_all_set(const struct sparsebit *sbit); +bool sparsebit_all_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *sbit, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_set(struct sparsebit *sbitp, sparsebit_idx_t idx); @@ -62,9 +62,9 @@ void sparsebit_clear_num(struct sparsebit *sbitp, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_clear_all(struct sparsebit *sbitp); -void sparsebit_dump(FILE *stream, struct sparsebit *sbit, +void sparsebit_dump(FILE *stream, const struct sparsebit *sbit, unsigned int indent); -void sparsebit_validate_internal(struct sparsebit *sbit); +void sparsebit_validate_internal(const struct sparsebit *sbit); #ifdef __cplusplus } diff --git a/tools/testing/selftests/kvm/lib/sparsebit.c b/tools/testing/selftests/kvm/lib/sparsebit.c index 50e0cf41a7dd..6777a5b1fbd2 100644 --- a/tools/testing/selftests/kvm/lib/sparsebit.c +++ b/tools/testing/selftests/kvm/lib/sparsebit.c @@ -202,7 +202,7 @@ static sparsebit_num_t node_num_set(struct node *nodep) /* Returns a pointer to the node that describes the * lowest bit index. */ -static struct node *node_first(struct sparsebit *s) +static struct node *node_first(const struct sparsebit *s) { struct node *nodep; @@ -216,7 +216,7 @@ static struct node *node_first(struct sparsebit *s) * lowest bit index > the index of the node pointed to by np. * Returns NULL if no node with a higher index exists. */ -static struct node *node_next(struct sparsebit *s, struct node *np) +static struct node *node_next(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -244,7 +244,7 @@ static struct node *node_next(struct sparsebit *s, struct node *np) * highest index < the index of the node pointed to by np. * Returns NULL if no node with a lower index exists. */ -static struct node *node_prev(struct sparsebit *s, struct node *np) +static struct node *node_prev(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -273,7 +273,7 @@ static struct node *node_prev(struct sparsebit *s, struct node *np) * subtree and duplicates the bit settings to the newly allocated nodes. * Returns the newly allocated copy of subtree. */ -static struct node *node_copy_subtree(struct node *subtree) +static struct node *node_copy_subtree(const struct node *subtree) { struct node *root; @@ -307,7 +307,7 @@ static struct node *node_copy_subtree(struct node *subtree) * index is within the bits described by the mask bits or the number of * contiguous bits set after the mask. Returns NULL if there is no such node. */ -static struct node *node_find(struct sparsebit *s, sparsebit_idx_t idx) +static struct node *node_find(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -393,7 +393,7 @@ static struct node *node_add(struct sparsebit *s, sparsebit_idx_t idx) } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_all_set(struct sparsebit *s) +bool sparsebit_all_set(const struct sparsebit *s) { /* * If any nodes there must be at least one bit set. Only case @@ -776,7 +776,7 @@ static void node_reduce(struct sparsebit *s, struct node *nodep) /* Returns whether the bit at the index given by idx, within the * sparsebit array is set or not. */ -bool sparsebit_is_set(struct sparsebit *s, sparsebit_idx_t idx) +bool sparsebit_is_set(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -922,7 +922,7 @@ static inline sparsebit_idx_t node_first_clear(struct node *nodep, int start) * used by test cases after they detect an unexpected condition, as a means * to capture diagnostic information. */ -static void sparsebit_dump_internal(FILE *stream, struct sparsebit *s, +static void sparsebit_dump_internal(FILE *stream, const struct sparsebit *s, unsigned int indent) { /* Dump the contents of s */ @@ -970,7 +970,7 @@ void sparsebit_free(struct sparsebit **sbitp) * sparsebit_alloc(). It can though already have bits set, which * if different from src will be cleared. */ -void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) +void sparsebit_copy(struct sparsebit *d, const struct sparsebit *s) { /* First clear any bits already set in the destination */ sparsebit_clear_all(d); @@ -982,7 +982,7 @@ void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) } /* Returns whether num consecutive bits starting at idx are all set. */ -bool sparsebit_is_set_num(struct sparsebit *s, +bool sparsebit_is_set_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_cleared; @@ -1006,14 +1006,14 @@ bool sparsebit_is_set_num(struct sparsebit *s, } /* Returns whether the bit at the index given by idx. */ -bool sparsebit_is_clear(struct sparsebit *s, +bool sparsebit_is_clear(const struct sparsebit *s, sparsebit_idx_t idx) { return !sparsebit_is_set(s, idx); } /* Returns whether num consecutive bits starting at idx are all cleared. */ -bool sparsebit_is_clear_num(struct sparsebit *s, +bool sparsebit_is_clear_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_set; @@ -1042,13 +1042,13 @@ bool sparsebit_is_clear_num(struct sparsebit *s, * value. Use sparsebit_any_set(), instead of sparsebit_num_set() > 0, * to determine if the sparsebit array has any bits set. */ -sparsebit_num_t sparsebit_num_set(struct sparsebit *s) +sparsebit_num_t sparsebit_num_set(const struct sparsebit *s) { return s->num_set; } /* Returns whether any bit is set in the sparsebit array. */ -bool sparsebit_any_set(struct sparsebit *s) +bool sparsebit_any_set(const struct sparsebit *s) { /* * Nodes only describe set bits. If any nodes then there @@ -1071,20 +1071,20 @@ bool sparsebit_any_set(struct sparsebit *s) } /* Returns whether all the bits in the sparsebit array are cleared. */ -bool sparsebit_all_clear(struct sparsebit *s) +bool sparsebit_all_clear(const struct sparsebit *s) { return !sparsebit_any_set(s); } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_any_clear(struct sparsebit *s) +bool sparsebit_any_clear(const struct sparsebit *s) { return !sparsebit_all_set(s); } /* Returns the index of the first set bit. Abort if no bits are set. */ -sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *s) { struct node *nodep; @@ -1098,7 +1098,7 @@ sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) /* Returns the index of the first cleared bit. Abort if * no bits are cleared. */ -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *s) { struct node *nodep1, *nodep2; @@ -1152,7 +1152,7 @@ sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) /* Returns index of next bit set within s after the index given by prev. * Returns 0 if there are no bits after prev that are set. */ -sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1245,7 +1245,7 @@ sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, /* Returns index of next bit cleared within s after the index given by prev. * Returns 0 if there are no bits after prev that are cleared. */ -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1301,7 +1301,7 @@ sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, * and returns the index of the first sequence of num consecutively set * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1336,7 +1336,7 @@ sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, * and returns the index of the first sequence of num consecutively cleared * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1584,7 +1584,7 @@ static size_t display_range(FILE *stream, sparsebit_idx_t low, * contiguous bits. This is done because '-' is used to specify command-line * options, and sometimes ranges are specified as command-line arguments. */ -void sparsebit_dump(FILE *stream, struct sparsebit *s, +void sparsebit_dump(FILE *stream, const struct sparsebit *s, unsigned int indent) { size_t current_line_len = 0; @@ -1682,7 +1682,7 @@ void sparsebit_dump(FILE *stream, struct sparsebit *s, * s. On error, diagnostic information is printed to stderr and * abort is called. */ -void sparsebit_validate_internal(struct sparsebit *s) +void sparsebit_validate_internal(const struct sparsebit *s) { bool error_detected = false; struct node *nodep, *prev = NULL; From patchwork Wed Aug 10 15:20:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940679 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 376B5C00140 for ; Wed, 10 Aug 2022 15:20:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233122AbiHJPUr (ORCPT ); Wed, 10 Aug 2022 11:20:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37136 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232999AbiHJPUo (ORCPT ); Wed, 10 Aug 2022 11:20:44 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2594227149 for ; Wed, 10 Aug 2022 08:20:43 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id j11-20020a05690212cb00b006454988d225so12472423ybu.10 for ; Wed, 10 Aug 2022 08:20:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=gpjaSxcl3Da89SJa9UoDRS3ZGGXqWVjkkBkYPyI+780=; b=XJoI09594WaiQ53jiHyTNQfPp9yp8DnWtffWrcDrOQnqNS/FpuLusgXXnuuqHUMzfi R82gi5Z6cHm9AlElWeE3cDiol/0mo2jTSghCKfxRsPtvaW+GygWsquUM6k1QrsfQ89R8 lgN4lDGpGdDdZjlbc7Dxi25fNoEHOBF5Xmo2HUalXctwpric/ajLprnX3slghqWcHSOD xgt3Hthe5iY8VySqFRnaH511Usno2FbB730cytQELyjUUN7Ja5orcooBFeehIfJrJigm TpfzjPR0/1vUPuXKV+hGts9g/ZynWz7mpl/lx/CImvWN/MifeRzBnUBBSA5J5bNEB7+y mR5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=gpjaSxcl3Da89SJa9UoDRS3ZGGXqWVjkkBkYPyI+780=; b=a8yAS846iLN239cJmks0A9lf6um4OP3ypZTFuxzqOUCXol5XBVi+/oMjfS5mfB/Ueq 9Rb2UzOrhE5RAQr6FrzUs0Vd4oipOvG3Owyv95JphJF8TLkDOLTbbogqmSHHRkFGM7J7 Cz/7aSLuV1pmT9x4BI7Kt5gP/L6kQHSUqkRj0ThaN/ujYsaZ9+ir4QZYVCpj0Fa7sf59 oKqPb67jAY3RxQR138MtcTbxM9qhbTKo0Ahxb3CiU+TKrluzUJ/A59lceE9AfBOWBc+C D2t70kq7ln2sQfNDlc1p2QBvQDbIDIeiMz4/HMaOZILh7jhaTYcm03XgCsUhcGO+NIIB NukA== X-Gm-Message-State: ACgBeo0vWQySVrIYX7Oy7qsRwkSL45lLyFn+crS4CAZQbl2mLVaNujUj AXw/QQfH3uFUaijwEWKzToUOMxwKtC0YWVuzjCXSBQ88HwVVk/JmTcZdSxf/DO+0MIjy0dfojiw dKHC2nv7ASYZaiHgja8HMT1z8PVovdLi1JLiYzT/BPwvEv+LlocOhb72R+g== X-Google-Smtp-Source: AA6agR5fUTj03bLY58ZNaat8U+xhcpjGEo7XLVmz9Eo7sO6V0+JjCLuRNpxPlGVvP6TPvR7+8HIRCrnX8mk= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a5b:745:0:b0:670:8cf9:3a92 with SMTP id s5-20020a5b0745000000b006708cf93a92mr23346562ybq.503.1660144842375; Wed, 10 Aug 2022 08:20:42 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:25 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-4-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 03/11] KVM: selftests: add hooks for managing encrypted guest memory From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth VM implementations that make use of encrypted memory need a way to configure things like the encryption/shared bit position for page table handling, the default encryption policy for internal allocations made by the core library, and a way to fetch the list/bitmap of encrypted pages to do the actual memory encryption. Add an interface to configure these parameters. Also introduce a sparsebit map to track allocations/mappings that should be treated as encrypted, and provide a way for VM implementations to retrieve it to handle operations related memory encryption. Reviewed-by: Mingwei Zhang Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 17 ++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 52 +++++++++++++++++-- 2 files changed, 66 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 24fde97f6121..3928351e497e 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -32,6 +32,7 @@ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ struct userspace_mem_region { struct kvm_userspace_memory_region region; struct sparsebit *unused_phy_pages; + struct sparsebit *encrypted_phy_pages; int fd; off_t offset; void *host_mem; @@ -64,6 +65,14 @@ struct userspace_mem_regions { DECLARE_HASHTABLE(slot_hash, 9); }; +/* Memory encryption policy/configuration. */ +struct vm_memcrypt { + bool enabled; + int8_t enc_by_default; + bool has_enc_bit; + int8_t enc_bit; +}; + struct kvm_vm { int mode; unsigned long type; @@ -87,6 +96,7 @@ struct kvm_vm { vm_vaddr_t idt; vm_vaddr_t handlers; uint32_t dirty_ring_size; + struct vm_memcrypt memcrypt; /* Cache of information for binary stats interface */ int stats_fd; @@ -834,4 +844,11 @@ static inline int __vm_disable_nx_huge_pages(struct kvm_vm *vm) return __vm_enable_cap(vm, KVM_CAP_VM_DISABLE_NX_HUGE_PAGES, 0); } +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit); + +const struct sparsebit *vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, + vm_paddr_t *gpa_start, + uint64_t *size); + #endif /* SELFTEST_KVM_UTIL_BASE_H */ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index cb3a5f8a53b7..c6b87b411186 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -542,6 +542,7 @@ static void __vm_mem_region_delete(struct kvm_vm *vm, vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region); sparsebit_free(®ion->unused_phy_pages); + sparsebit_free(®ion->encrypted_phy_pages); ret = munmap(region->mmap_start, region->mmap_size); TEST_ASSERT(!ret, __KVM_SYSCALL_ERROR("munmap()", ret)); @@ -882,6 +883,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, } region->unused_phy_pages = sparsebit_alloc(); + region->encrypted_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, guest_paddr >> vm->page_shift, npages); region->region.slot = slot; @@ -1097,6 +1099,7 @@ struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) * num - number of pages * paddr_min - Physical address minimum * memslot - Memory region to allocate page from + * encrypt - Whether to treat the pages as encrypted * * Output Args: None * @@ -1108,8 +1111,9 @@ struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id) * and their base address is returned. A TEST_ASSERT failure occurs if * not enough pages are available at or above paddr_min. */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) +static vm_paddr_t +_vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, vm_paddr_t paddr_min, + uint32_t memslot, bool encrypt) { struct userspace_mem_region *region; sparsebit_idx_t pg, base; @@ -1141,12 +1145,22 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, abort(); } - for (pg = base; pg < base + num; ++pg) + for (pg = base; pg < base + num; ++pg) { sparsebit_clear(region->unused_phy_pages, pg); + if (encrypt) + sparsebit_set(region->encrypted_phy_pages, pg); + } return base * vm->page_size; } +vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + return _vm_phy_pages_alloc(vm, num, paddr_min, memslot, + vm->memcrypt.enc_by_default); +} + vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, uint32_t memslot) { @@ -1730,6 +1744,10 @@ void vm_dump(FILE *stream, struct kvm_vm *vm, uint8_t indent) region->host_mem); fprintf(stream, "%*sunused_phy_pages: ", indent + 2, ""); sparsebit_dump(stream, region->unused_phy_pages, 0); + if (vm->memcrypt.enabled) { + fprintf(stream, "%*sencrypted_phy_pages: ", indent + 2, ""); + sparsebit_dump(stream, region->encrypted_phy_pages, 0); + } } fprintf(stream, "%*sMapped Virtual Pages:\n", indent, ""); sparsebit_dump(stream, vm->vpages_mapped, indent + 2); @@ -1978,3 +1996,31 @@ void __vm_get_stat(struct kvm_vm *vm, const char *stat_name, uint64_t *data, break; } } + +void vm_set_memory_encryption(struct kvm_vm *vm, bool enc_by_default, bool has_enc_bit, + uint8_t enc_bit) +{ + vm->memcrypt.enabled = true; + vm->memcrypt.enc_by_default = enc_by_default; + vm->memcrypt.has_enc_bit = has_enc_bit; + vm->memcrypt.enc_bit = enc_bit; +} + +const struct sparsebit * +vm_get_encrypted_phy_pages(struct kvm_vm *vm, int slot, vm_paddr_t *gpa_start, + uint64_t *size) +{ + struct userspace_mem_region *region; + + if (!vm->memcrypt.enabled) + return NULL; + + region = memslot2region(vm, slot); + if (!region) + return NULL; + + *size = region->region.memory_size; + *gpa_start = region->region.guest_phys_addr; + + return region->encrypted_phy_pages; +} From patchwork Wed Aug 10 15:20:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940680 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0364C00140 for ; Wed, 10 Aug 2022 15:20:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233121AbiHJPUt (ORCPT ); Wed, 10 Aug 2022 11:20:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233111AbiHJPUq (ORCPT ); Wed, 10 Aug 2022 11:20:46 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9BEB82C134 for ; Wed, 10 Aug 2022 08:20:44 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id o69-20020a17090a0a4b00b001f527012a46so1177332pjo.5 for ; Wed, 10 Aug 2022 08:20:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=wUnNC45e2hnxoz0Q2Km6sVkIgu+FYYkWmLFW62kGR4A=; b=bE6EN2CKvCbMW6GRrrudOdbMe33OYr4fP/ZpAiuVlu4yctMBqSwGIK16Wi7w3hCQHd mjOAV8gTzcg7LJH9bk7/WLBHw2/VC3MwgYCtsHvV6VOL9uJLUSdj3KloYm4IuxKLtU2x R8vWMrpZE7CGKf0qi+hpELvBOiLNEiDi9ZLGakaMbrUhafmXca5Hrxt8XzQDN/2nPnb6 xDw6k8NRvixy5FNufjHklnLRQsTtioVX9sQ4e7iOZTinzK+ZJosL+MOewei8ECwkIaNs M7RlDU7xoq+2CAC/fycg8CQi/vQ8pixKaYJ0vD3VtRsv7blNgszBK67kwtx/dHRVq/pw 9Q0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=wUnNC45e2hnxoz0Q2Km6sVkIgu+FYYkWmLFW62kGR4A=; b=5qAwQ/9RMcTWXqp68f7PNZclEemNwI4gGDKvtDwBUc9j4WubBnPmQTCHaNXEigI4Ka nha/8nxQ/o8bQPM5IRJRv5Q9j7R87j4lSXiDHsxI4Uvg6rdaKDr9Gud5JaDKOzOYohJQ 8V4W1AqZl3J4EbazYP1pQVdC8d01wWzMdCQzMuX0xaqzQl+iV+o1awavHxc2nZXkuYj8 KOzngU/25Dh0EXtlRWYMYU8r+z+v5QW3gQfDtwD1BtwMSPwl7A5fyvr6LNvQgG1z7FuX jAqOGkgNGvEcT2GNy1EpPkEtH4mbaDFsmiBl++t24Z2YxvXOZAvKVpumr/8bXaApc8bS njDQ== X-Gm-Message-State: ACgBeo2/Y6Slg3/N5hcdYnj/p/sml3YkHxZ2Xqo/5K3V8GzT91f/iC54 KT5FW3LcsLGsjRyUKk0Wb5QeFjjmJUN+vQgnFLmCCgDnCGsCLeLvcQH+k1qCbV3E3rhEk6u/BbG MhveIYLToP+4A8zfCFFUcCQLqek+z/thh69rzbGs+R6KmVZLgS40IJUWCZw== X-Google-Smtp-Source: AA6agR4kVXd/NdDCSVVCawPQsiv66EqvY8xWY/SBh432v2Bp2mnV7vaZNiumoN5iLQoCK7KKKpTo+0hqrKU= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a17:90b:1e50:b0:1f5:4f69:d6b8 with SMTP id pi16-20020a17090b1e5000b001f54f69d6b8mr4371150pjb.34.1660144844030; Wed, 10 Aug 2022 08:20:44 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:26 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-5-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 04/11] KVM: selftests: handle encryption bits in page tables From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth SEV guests rely on an encyption bit which resides within the range that current code treats as address bits. Guest code will expect these bits to be set appropriately in their page tables, whereas the rest of the kvm_util functions will generally expect these bits to not be present. Introduce addr_gpa2raw()/addr_raw2gpa() to add/remove these bits, then use them where appropriate. Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 55 ++++++++++++++++++- .../selftests/kvm/lib/x86_64/processor.c | 15 +++-- 3 files changed, 66 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 3928351e497e..de769b3de274 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -399,6 +399,8 @@ void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa); void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t gpa); +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_vaddr_t gpa_raw); +vm_paddr_t addr_gpa2raw(struct kvm_vm *vm, vm_vaddr_t gpa); void vcpu_run(struct kvm_vcpu *vcpu); int _vcpu_run(struct kvm_vcpu *vcpu); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index c6b87b411186..87772e23d1b5 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1377,6 +1377,58 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, } } +/* + * Mask off any special bits from raw GPA + * + * Input Args: + * vm - Virtual Machine + * gpa_raw - Raw VM physical address + * + * Output Args: None + * + * Return: + * GPA with special bits (e.g. shared/encrypted) masked off. + */ +vm_paddr_t addr_raw2gpa(struct kvm_vm *vm, vm_paddr_t gpa_raw) +{ + if (!vm->memcrypt.has_enc_bit) + return gpa_raw; + + return gpa_raw & ~(1ULL << vm->memcrypt.enc_bit); +} + +/* + * Add special/encryption bits to a GPA based on encryption bitmap. + * + * Input Args: + * vm - Virtual Machine + * gpa - VM physical address + * + * Output Args: None + * + * Return: + * GPA with special bits (e.g. shared/encrypted) added in. + */ +vm_paddr_t addr_gpa2raw(struct kvm_vm *vm, vm_paddr_t gpa) +{ + struct userspace_mem_region *region; + sparsebit_idx_t pg; + vm_paddr_t gpa_raw = gpa; + + TEST_ASSERT(addr_raw2gpa(vm, gpa) == gpa, "Unexpected bits in GPA: %lx", + gpa); + + if (!vm->memcrypt.has_enc_bit) + return gpa; + + region = userspace_mem_region_find(vm, gpa, gpa); + pg = gpa >> vm->page_shift; + if (sparsebit_is_set(region->encrypted_phy_pages, pg)) + gpa_raw |= (1ULL << vm->memcrypt.enc_bit); + + return gpa_raw; +} + /* * Address VM Physical to Host Virtual * @@ -1394,9 +1446,10 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, * address providing the memory to the vm physical address is returned. * A TEST_ASSERT failure occurs if no region containing gpa exists. */ -void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa) +void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa_raw) { struct userspace_mem_region *region; + vm_paddr_t gpa = addr_raw2gpa(vm, gpa_raw); region = userspace_mem_region_find(vm, gpa, gpa); if (!region) { diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index f35626df1dea..55855594d26d 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -118,7 +118,7 @@ void virt_arch_pgd_alloc(struct kvm_vm *vm) /* If needed, create page map l4 table. */ if (!vm->pgd_created) { - vm->pgd = vm_alloc_page_table(vm); + vm->pgd = addr_gpa2raw(vm, vm_alloc_page_table(vm)); vm->pgd_created = true; } } @@ -140,13 +140,15 @@ static uint64_t *virt_create_upper_pte(struct kvm_vm *vm, int target_level) { uint64_t *pte = virt_get_pte(vm, pt_pfn, vaddr, current_level); + uint64_t paddr_raw = addr_gpa2raw(vm, paddr); if (!(*pte & PTE_PRESENT_MASK)) { *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK; if (current_level == target_level) - *pte |= PTE_LARGE_MASK | (paddr & PHYSICAL_PAGE_MASK); + *pte |= PTE_LARGE_MASK | (paddr_raw & PHYSICAL_PAGE_MASK); else - *pte |= vm_alloc_page_table(vm) & PHYSICAL_PAGE_MASK; + *pte |= addr_gpa2raw(vm, vm_alloc_page_table(vm)) & PHYSICAL_PAGE_MASK; + } else { /* * Entry already present. Assert that the caller doesn't want @@ -184,6 +186,8 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) "Physical address beyond maximum supported,\n" " paddr: 0x%lx vm->max_gfn: 0x%lx vm->page_size: 0x%x", paddr, vm->max_gfn, vm->page_size); + TEST_ASSERT(addr_raw2gpa(vm, paddr) == paddr, + "Unexpected bits in paddr: %lx", paddr); /* * Allocate upper level page tables, if not already present. Return @@ -206,7 +210,8 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) pte = virt_get_pte(vm, PTE_GET_PFN(*pde), vaddr, PG_LEVEL_4K); TEST_ASSERT(!(*pte & PTE_PRESENT_MASK), "PTE already present for 4k page at vaddr: 0x%lx\n", vaddr); - *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK | (paddr & PHYSICAL_PAGE_MASK); + *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK | + (addr_gpa2raw(vm, paddr) & PHYSICAL_PAGE_MASK); } void virt_arch_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr) @@ -515,7 +520,7 @@ vm_paddr_t addr_arch_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) if (!(pte[index[0]] & PTE_PRESENT_MASK)) goto unmapped_gva; - return (PTE_GET_PFN(pte[index[0]]) * vm->page_size) + (gva & ~PAGE_MASK); + return addr_raw2gpa(vm, PTE_GET_PFN(pte[index[0]]) * vm->page_size) + (gva & ~PAGE_MASK); unmapped_gva: TEST_FAIL("No mapping for vm virtual address, gva: 0x%lx", gva); From patchwork Wed Aug 10 15:20:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940682 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DFC6EC00140 for ; Wed, 10 Aug 2022 15:20:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233143AbiHJPUy (ORCPT ); Wed, 10 Aug 2022 11:20:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37280 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233126AbiHJPUr (ORCPT ); Wed, 10 Aug 2022 11:20:47 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A6EBB2C134 for ; Wed, 10 Aug 2022 08:20:46 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id 185-20020a6218c2000000b0052d4852d3f6so6573092pfy.5 for ; Wed, 10 Aug 2022 08:20:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=inMFi1r68yo31MqDSQUW1MrXqR/Fsx7sJdQYcs3nA2A=; b=TciIvPL7Ok+MSMHHNnoV/S0cgh2k0O7YEE2UsWpJOjO2Rl++7/d0rE41bp4ZXn1PH0 uC2fGCuG8t4TfYR/fweWXYFKFz54IjdqRzrz6snAfpyzRN1k5JCfKxQJslr3Zayg3R+Y P1pqjrirg5eH7BgdvLq39bCWRjlQbL1Oa+aDeB1azAHtr1zaeZJ1nzBueHNPbwYhAP1H TsRxCNNAwogvZyAk9vaECyOXChzMlYC6soRz45PbfvGAv7kNgH7ezCmIKK1JLPf+6gpR orydod/QVAKzUVkTTqz5XICsC/MBfCNRKMGWenNL4G3hstq1tPgY6MT/D+OkWusnFqLM ueEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=inMFi1r68yo31MqDSQUW1MrXqR/Fsx7sJdQYcs3nA2A=; b=HNzWqi5mpyNPhju2a4EoV6HQoZTIXE/7fbe/lS1NXqlEC5P/kgc+Wl+u/b8n3AwLqA DwnN1yZJWogI1vIIfYV8xrCzo1e5p7G1sYC8ylSkMmdu3LivpXoHm8elwbxPZpFXiN9q sKHbjZiahcBEYSWwU67RjXbXjftZD4uf2ibadKH/Cq1SWHa15wRIoRJSS/aeOtsNkXV6 M9lV7n4F5TKIB8V/Z/tDa9hMxaMb0YDiC60E5+qBq4SVgF/dS/d1xjIFV204FOskJ9ek JMgeQ3ieu8q7peF7X5N8/l1KMMVOesGRoZ2XivyLyRtiyRNIbOBvuanboyyaaJyQtmFO +pEw== X-Gm-Message-State: ACgBeo086YfjhNI3BCgOLeK0/yU+3oUCE5sMr7CA9NZOKwREgI3L7kui 9WWVrCCGPCc7Ox5I1ru4UHprwBTYsXOu18IkZZuRv4JJ8Q8BfV3INaz7DiPgookhz8gXHA1K2Nz eT4Xrecp7OWzPZS0UgyiS6bak8uCnDL1Di0re2Bzd16jhOXDaC4zCijNv7g== X-Google-Smtp-Source: AA6agR4LZb7Yqyy32FN1fTAMq1aUHEh23ROTvttgThhcctl+d6SGj9/jccM5pfWDzrr/y4eX7dO9nFTkkzI= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a05:6a00:8c8:b0:52c:887d:fa25 with SMTP id s8-20020a056a0008c800b0052c887dfa25mr27953088pfu.86.1660144846015; Wed, 10 Aug 2022 08:20:46 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:27 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-6-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 05/11] KVM: selftests: add support for encrypted vm_vaddr_* allocations From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth The default policy for whether to handle allocations as encrypted or shared pages is currently determined by vm_phy_pages_alloc(), which in turn uses the policy defined by vm->memcrypt.enc_by_default. Test programs may wish to allocate shared vaddrs for things like sharing memory with the guest. Since enc_by_default will be true in the case of SEV guests (since it's required in order to have the initial ELF binary and page table become part of the initial guest payload), an interface is needed to explicitly request shared pages. Implement this by splitting the common code out from vm_vaddr_alloc() and introducing a new vm_vaddr_alloc_shared(). Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 1 + tools/testing/selftests/kvm/lib/kvm_util.c | 21 +++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index de769b3de274..8ce9e5be70a3 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -390,6 +390,7 @@ void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); struct kvm_vcpu *__vm_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id); vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 87772e23d1b5..4e4b28e4e890 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1262,12 +1262,13 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, } /* - * VM Virtual Address Allocate + * VM Virtual Address Allocate Shared/Encrypted * * Input Args: * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address + * encrypt - Whether the region should be handled as encrypted * * Output Args: None * @@ -1280,13 +1281,15 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, * a unique set of pages, with the minimum real allocation being at least * a page. */ -vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +static vm_vaddr_t +_vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, bool encrypt) { uint64_t pages = (sz >> vm->page_shift) + ((sz % vm->page_size) != 0); virt_pgd_alloc(vm); - vm_paddr_t paddr = vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, 0); + vm_paddr_t paddr = _vm_phy_pages_alloc(vm, pages, + KVM_UTIL_MIN_PFN * vm->page_size, + 0, encrypt); /* * Find an unused range of virtual page addresses of at least @@ -1307,6 +1310,16 @@ vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) return vaddr_start; } +vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, vm->memcrypt.enc_by_default); +} + +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min) +{ + return _vm_vaddr_alloc(vm, sz, vaddr_min, false); +} + /* * VM Virtual Address Allocate Pages * From patchwork Wed Aug 10 15:20:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940683 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 84377C19F2A for ; Wed, 10 Aug 2022 15:21:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233150AbiHJPVW (ORCPT ); Wed, 10 Aug 2022 11:21:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233136AbiHJPUu (ORCPT ); Wed, 10 Aug 2022 11:20:50 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1E35649B66 for ; Wed, 10 Aug 2022 08:20:48 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-31f5960500bso127979267b3.14 for ; Wed, 10 Aug 2022 08:20:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=f1sWvGdk1uxiMKqJEu787yRUpub80oX121BOUSyrpTM=; b=Jyfvx6uQ+DfrGWA4dNLLyjf+2ZcoVhCDALg8yyauB4KByGLFKs3uNWtqgHcEVcu1SK jetksmgnx/td+h1uuXKYjHp8WofNgWxoey2s+ucAEGD1ugazKXitJrwG6gsDdncFft9Q U6mlVDXyNRPEIACGKUDVVmyi1agFs8cwcTqyjC+440XD3g/xNFbodLIUBov0Sx0z+MTq 9OjOhvabPbv0Ey3f7jn7aFYMoUVjt4Qm1EaEehsDVLCzRrYmqhBfGcHLFbZ7104Q+ECM FEIaye+3bF85NKzeSwYn8GHtLBjVSZUwMIMZrckcCXRHXya3H8Q0qbkKcsShjRpBC3mk v0Wg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=f1sWvGdk1uxiMKqJEu787yRUpub80oX121BOUSyrpTM=; b=pKNmy1/gPLCQxH1qZi748zb5hrJYoYyjlRwLHYmEhTmjvs8uWvpFvqAsgBr0jameiK gb1hYoe0vSNIEErhKoDrqRK6xjUrpucBcWHkN/N9n3Ezau8skrNdizKrPO2/hzd7IJrI t1Xf5b9tk1MzLeFAkmBZoY8/1e83QU8iOs2PmXZSzt/IBTsobdRP5zAr+iGB3x4MQ9AC 4r6d+dYKCXMCTY6t/Aj2h5kUxvUQfwnyYZN1HhkwdD/Idu1H1fkXEFQhgFEIDH0Z6lHA +Uiea44sWTxKM+7Sk2HCytp/8qPJp3xVDedI38j4fhISjTjQ/2SHPJmpuPYNEa6/Dg7N xJLQ== X-Gm-Message-State: ACgBeo0NMAhiweqSRS6D8lSstaEG2ZQscFmnRzyDned4IqIiF81Q15AR 0LZ+YwVPy4PbgdOXDD6fL41nFxYbmhN9GJ0wFtzQv30m8e6vIjlwa6jUpbH1joCwbX2m2JteabB mCZsyCEsZ6swEIEXBRMJ7fgjC7mAaingysWH7rz8oudlsfs02YwRkfwD7pw== X-Google-Smtp-Source: AA6agR7Q1FAtKjiwgud9zSYzbsYCta3I5UV8laQEmEG9abJ/Ot9U1uHnBW7PKd+nmql4tasaTlNbq0Zspmo= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a81:52c1:0:b0:329:da4b:bd4c with SMTP id g184-20020a8152c1000000b00329da4bbd4cmr12158869ywb.471.1660144847904; Wed, 10 Aug 2022 08:20:47 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:28 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-7-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 06/11] KVM: selftests: Consolidate common code for popuplating From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Colton Lewis , Andrew Jones , Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Make ucall() a common helper that populates struct ucall, and only calls into arch code to make the actually call out to userspace. Rename all arch-specific helpers to make it clear they're arch-specific, and to avoid collisions with common helpers (one more on its way...) Add WRITE_ONCE() to stores in ucall() code to as already done to aarch64 code in commit 9e2f6498efbb ("selftests: KVM: Handle compiler optimizations in ucall") to prevent clang optimizations breaking ucalls. Cc: Colton Lewis Cc: Andrew Jones Signed-off-by: Sean Christopherson Signed-off-by: Peter Gonda Reviewed-by: Andrew Jones --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/ucall_common.h | 23 ++++++++++++++++--- .../testing/selftests/kvm/lib/aarch64/ucall.c | 20 ++++------------ tools/testing/selftests/kvm/lib/riscv/ucall.c | 23 ++++--------------- tools/testing/selftests/kvm/lib/s390x/ucall.c | 23 ++++--------------- .../testing/selftests/kvm/lib/ucall_common.c | 20 ++++++++++++++++ .../testing/selftests/kvm/lib/x86_64/ucall.c | 23 ++++--------------- 7 files changed, 60 insertions(+), 73 deletions(-) create mode 100644 tools/testing/selftests/kvm/lib/ucall_common.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 690b499c3471..39fc5e8e5594 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -46,6 +46,7 @@ LIBKVM += lib/perf_test_util.c LIBKVM += lib/rbtree.c LIBKVM += lib/sparsebit.c LIBKVM += lib/test_util.c +LIBKVM += lib/ucall_common.c LIBKVM_x86_64 += lib/x86_64/apic.c LIBKVM_x86_64 += lib/x86_64/handlers.S diff --git a/tools/testing/selftests/kvm/include/ucall_common.h b/tools/testing/selftests/kvm/include/ucall_common.h index ee79d180e07e..5a85f5318bbe 100644 --- a/tools/testing/selftests/kvm/include/ucall_common.h +++ b/tools/testing/selftests/kvm/include/ucall_common.h @@ -24,10 +24,27 @@ struct ucall { uint64_t args[UCALL_MAX_ARGS]; }; -void ucall_init(struct kvm_vm *vm, void *arg); -void ucall_uninit(struct kvm_vm *vm); +void ucall_arch_init(struct kvm_vm *vm, void *arg); +void ucall_arch_uninit(struct kvm_vm *vm); +void ucall_arch_do_ucall(vm_vaddr_t uc); +uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc); + void ucall(uint64_t cmd, int nargs, ...); -uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc); + +static inline void ucall_init(struct kvm_vm *vm, void *arg) +{ + ucall_arch_init(vm, arg); +} + +static inline void ucall_uninit(struct kvm_vm *vm) +{ + ucall_arch_uninit(vm); +} + +static inline uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +{ + return ucall_arch_get_ucall(vcpu, uc); +} #define GUEST_SYNC_ARGS(stage, arg1, arg2, arg3, arg4) \ ucall(UCALL_SYNC, 6, "hello", stage, arg1, arg2, arg3, arg4) diff --git a/tools/testing/selftests/kvm/lib/aarch64/ucall.c b/tools/testing/selftests/kvm/lib/aarch64/ucall.c index ed237b744690..1c81a6a5c1f2 100644 --- a/tools/testing/selftests/kvm/lib/aarch64/ucall.c +++ b/tools/testing/selftests/kvm/lib/aarch64/ucall.c @@ -21,7 +21,7 @@ static bool ucall_mmio_init(struct kvm_vm *vm, vm_paddr_t gpa) return true; } -void ucall_init(struct kvm_vm *vm, void *arg) +void ucall_arch_init(struct kvm_vm *vm, void *arg) { vm_paddr_t gpa, start, end, step, offset; unsigned int bits; @@ -64,30 +64,18 @@ void ucall_init(struct kvm_vm *vm, void *arg) TEST_FAIL("Can't find a ucall mmio address"); } -void ucall_uninit(struct kvm_vm *vm) +void ucall_arch_uninit(struct kvm_vm *vm) { ucall_exit_mmio_addr = 0; sync_global_to_guest(vm, ucall_exit_mmio_addr); } -void ucall(uint64_t cmd, int nargs, ...) +void ucall_arch_do_ucall(vm_vaddr_t uc) { - struct ucall uc = {}; - va_list va; - int i; - - WRITE_ONCE(uc.cmd, cmd); - nargs = min(nargs, UCALL_MAX_ARGS); - - va_start(va, nargs); - for (i = 0; i < nargs; ++i) - WRITE_ONCE(uc.args[i], va_arg(va, uint64_t)); - va_end(va); - WRITE_ONCE(*ucall_exit_mmio_addr, (vm_vaddr_t)&uc); } -uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) { struct kvm_run *run = vcpu->run; struct ucall ucall = {}; diff --git a/tools/testing/selftests/kvm/lib/riscv/ucall.c b/tools/testing/selftests/kvm/lib/riscv/ucall.c index 087b9740bc8f..b1598f418c1f 100644 --- a/tools/testing/selftests/kvm/lib/riscv/ucall.c +++ b/tools/testing/selftests/kvm/lib/riscv/ucall.c @@ -10,11 +10,11 @@ #include "kvm_util.h" #include "processor.h" -void ucall_init(struct kvm_vm *vm, void *arg) +void ucall_arch_init(struct kvm_vm *vm, void *arg) { } -void ucall_uninit(struct kvm_vm *vm) +void ucall_arch_uninit(struct kvm_vm *vm) { } @@ -44,27 +44,14 @@ struct sbiret sbi_ecall(int ext, int fid, unsigned long arg0, return ret; } -void ucall(uint64_t cmd, int nargs, ...) +void ucall_arch_do_ucall(vm_vaddr_t uc) { - struct ucall uc = { - .cmd = cmd, - }; - va_list va; - int i; - - nargs = min(nargs, UCALL_MAX_ARGS); - - va_start(va, nargs); - for (i = 0; i < nargs; ++i) - uc.args[i] = va_arg(va, uint64_t); - va_end(va); - sbi_ecall(KVM_RISCV_SELFTESTS_SBI_EXT, KVM_RISCV_SELFTESTS_SBI_UCALL, - (vm_vaddr_t)&uc, 0, 0, 0, 0, 0); + uc, 0, 0, 0, 0, 0); } -uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) { struct kvm_run *run = vcpu->run; struct ucall ucall = {}; diff --git a/tools/testing/selftests/kvm/lib/s390x/ucall.c b/tools/testing/selftests/kvm/lib/s390x/ucall.c index 73dc4e21190f..114cb4af295f 100644 --- a/tools/testing/selftests/kvm/lib/s390x/ucall.c +++ b/tools/testing/selftests/kvm/lib/s390x/ucall.c @@ -6,34 +6,21 @@ */ #include "kvm_util.h" -void ucall_init(struct kvm_vm *vm, void *arg) +void ucall_arch_init(struct kvm_vm *vm, void *arg) { } -void ucall_uninit(struct kvm_vm *vm) +void ucall_arch_uninit(struct kvm_vm *vm) { } -void ucall(uint64_t cmd, int nargs, ...) +void ucall_arch_do_ucall(vm_vaddr_t uc) { - struct ucall uc = { - .cmd = cmd, - }; - va_list va; - int i; - - nargs = min(nargs, UCALL_MAX_ARGS); - - va_start(va, nargs); - for (i = 0; i < nargs; ++i) - uc.args[i] = va_arg(va, uint64_t); - va_end(va); - /* Exit via DIAGNOSE 0x501 (normally used for breakpoints) */ - asm volatile ("diag 0,%0,0x501" : : "a"(&uc) : "memory"); + asm volatile ("diag 0,%0,0x501" : : "a"(uc) : "memory"); } -uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) { struct kvm_run *run = vcpu->run; struct ucall ucall = {}; diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c new file mode 100644 index 000000000000..2395c7f1d543 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include "kvm_util.h" + +void ucall(uint64_t cmd, int nargs, ...) +{ + struct ucall uc = {}; + va_list va; + int i; + + WRITE_ONCE(uc.cmd, cmd); + + nargs = min(nargs, UCALL_MAX_ARGS); + + va_start(va, nargs); + for (i = 0; i < nargs; ++i) + WRITE_ONCE(uc.args[i], va_arg(va, uint64_t)); + va_end(va); + + ucall_arch_do_ucall((vm_vaddr_t)&uc); +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/ucall.c b/tools/testing/selftests/kvm/lib/x86_64/ucall.c index e5f0f9e0d3ee..9f532dba1003 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/ucall.c +++ b/tools/testing/selftests/kvm/lib/x86_64/ucall.c @@ -8,34 +8,21 @@ #define UCALL_PIO_PORT ((uint16_t)0x1000) -void ucall_init(struct kvm_vm *vm, void *arg) +void ucall_arch_init(struct kvm_vm *vm, void *arg) { } -void ucall_uninit(struct kvm_vm *vm) +void ucall_arch_uninit(struct kvm_vm *vm) { } -void ucall(uint64_t cmd, int nargs, ...) +void ucall_arch_do_ucall(vm_vaddr_t uc) { - struct ucall uc = { - .cmd = cmd, - }; - va_list va; - int i; - - nargs = min(nargs, UCALL_MAX_ARGS); - - va_start(va, nargs); - for (i = 0; i < nargs; ++i) - uc.args[i] = va_arg(va, uint64_t); - va_end(va); - asm volatile("in %[port], %%al" - : : [port] "d" (UCALL_PIO_PORT), "D" (&uc) : "rax", "memory"); + : : [port] "d" (UCALL_PIO_PORT), "D" (uc) : "rax", "memory"); } -uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) { struct kvm_run *run = vcpu->run; struct ucall ucall = {}; From patchwork Wed Aug 10 15:20:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940684 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D026C00140 for ; Wed, 10 Aug 2022 15:21:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233178AbiHJPVY (ORCPT ); Wed, 10 Aug 2022 11:21:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37340 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233067AbiHJPUx (ORCPT ); Wed, 10 Aug 2022 11:20:53 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 63E735D0EB for ; Wed, 10 Aug 2022 08:20:50 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id o12-20020a170902d4cc00b0016e81c62cc8so9982130plg.13 for ; Wed, 10 Aug 2022 08:20:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=+ciazqpjV1jQm50yVPOpkxQh2xkGg5GkO+tFYJaL3ck=; b=eGa+rGN5BunXwgiJcdHszFWc3mIjKJPcPHd54XRsgZdIHQn1FwkJ9ESAE2KPRmG1uY oXnYNL9aStWM+0NaKqCKLONS+q/QG9jzOQBWQSBf4p4wosSaSjYdZz0+BVO941ejtoYx FMbP3LDK1dsWpZqgDA5EiQoKJTV0xQMWnwIxlGnOwrAyAJtAW2Cgcpt/5LexKLRKE0/S C3RYsK4J/QY3zPa/lUaPspHylsGt2Cc/XQCpck70o+MXl/6iMnX8ieiblPx7jRXCVRuM GSws0brc4Q6/Tm5dq/MpQQeYGlWUIkmdtzJ7R+jemistHHj8KO0kPPPdy4b97EKpblqg f4vA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=+ciazqpjV1jQm50yVPOpkxQh2xkGg5GkO+tFYJaL3ck=; b=Wek8mreAWy031qoq6C1KtNu8wp581q4T1gyS23r3Ju5gnRKAfQfFKpkfVXoNkwP4Ml 0Xfn906SRln8+ZPgilt6xh3tffv6LUffK5c0RVNZBSXd/3bS1o2SR5sF2n27Rhlyzs3l pvuVBpzV1zEmbONY7evYRjFhIkwo66fed4nVQZ/M81FB59DdFnHxUJepi3M/l0cz/NwI +BC3yA21COvbNcKeV/lCsoQ7tn6lZZiP0bPprab0eEmUQWv89PFsXJSEeJA3gBoLVALl 10IEzTP6ZbegeiWMSXQML4/hlBDmFrZxmixEVw+PqywUIObFLwB38JxIaIzZnEEETpxg jaKA== X-Gm-Message-State: ACgBeo22oYgCto9dPjIHcqTH3cDb9a13BcOofxH6wo64pwk+XfZMDu4R Hw77gSEu0aisl7jydd3ZgXwP4UJG395KsuEQMhjLTlEum2DNjnKM34T2veuV/t+ZpyNmi4RlPyi rFsvK6MzaBRA2ElGxz4bCnEmY3QV9BGMBYzXuxkMHxfRP70uXoLxOl7bG1Q== X-Google-Smtp-Source: AA6agR6z5l0ixZb9nEJXga+3E/JUEYAWhkrC8r2SuglZB9uV73r1XZ6c12lFMU7w5M8cFFnBf1ewFT4mvvU= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a05:6a00:b8d:b0:52d:dead:5570 with SMTP id g13-20020a056a000b8d00b0052ddead5570mr27662260pfj.56.1660144849538; Wed, 10 Aug 2022 08:20:49 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:29 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-8-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 07/11] KVM: selftests: Consolidate boilerplate code in get_ucall() From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Consolidate the actual copying of a ucall struct from guest=>host into the common get_ucall(). Return a host virtual address instead of a guest virtual address even though the addr_gva2hva() part could be moved to get_ucall() too. Conceptually, get_ucall() is invoked from the host and should return a host virtual address (and returning NULL for "nothing to see here" is far superior to returning 0). Use pointer shenanigans instead of an unnecessary bounce buffer when the caller of get_ucall() provides a valid pointer. Signed-off-by: Sean Christopherson Signed-off-by: Peter Gonda Reviewed-by: Andrew Jones --- .../selftests/kvm/include/ucall_common.h | 8 ++------ .../testing/selftests/kvm/lib/aarch64/ucall.c | 14 +++----------- tools/testing/selftests/kvm/lib/riscv/ucall.c | 19 +++---------------- tools/testing/selftests/kvm/lib/s390x/ucall.c | 16 +++------------- .../testing/selftests/kvm/lib/ucall_common.c | 19 +++++++++++++++++++ .../testing/selftests/kvm/lib/x86_64/ucall.c | 16 +++------------- 6 files changed, 33 insertions(+), 59 deletions(-) diff --git a/tools/testing/selftests/kvm/include/ucall_common.h b/tools/testing/selftests/kvm/include/ucall_common.h index 5a85f5318bbe..63bfc60be995 100644 --- a/tools/testing/selftests/kvm/include/ucall_common.h +++ b/tools/testing/selftests/kvm/include/ucall_common.h @@ -27,9 +27,10 @@ struct ucall { void ucall_arch_init(struct kvm_vm *vm, void *arg); void ucall_arch_uninit(struct kvm_vm *vm); void ucall_arch_do_ucall(vm_vaddr_t uc); -uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc); +void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu); void ucall(uint64_t cmd, int nargs, ...); +uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc); static inline void ucall_init(struct kvm_vm *vm, void *arg) { @@ -41,11 +42,6 @@ static inline void ucall_uninit(struct kvm_vm *vm) ucall_arch_uninit(vm); } -static inline uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) -{ - return ucall_arch_get_ucall(vcpu, uc); -} - #define GUEST_SYNC_ARGS(stage, arg1, arg2, arg3, arg4) \ ucall(UCALL_SYNC, 6, "hello", stage, arg1, arg2, arg3, arg4) #define GUEST_SYNC(stage) ucall(UCALL_SYNC, 2, "hello", stage) diff --git a/tools/testing/selftests/kvm/lib/aarch64/ucall.c b/tools/testing/selftests/kvm/lib/aarch64/ucall.c index 1c81a6a5c1f2..132c0e98bf49 100644 --- a/tools/testing/selftests/kvm/lib/aarch64/ucall.c +++ b/tools/testing/selftests/kvm/lib/aarch64/ucall.c @@ -75,13 +75,9 @@ void ucall_arch_do_ucall(vm_vaddr_t uc) WRITE_ONCE(*ucall_exit_mmio_addr, (vm_vaddr_t)&uc); } -uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) { struct kvm_run *run = vcpu->run; - struct ucall ucall = {}; - - if (uc) - memset(uc, 0, sizeof(*uc)); if (run->exit_reason == KVM_EXIT_MMIO && run->mmio.phys_addr == (uint64_t)ucall_exit_mmio_addr) { @@ -90,12 +86,8 @@ uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) TEST_ASSERT(run->mmio.is_write && run->mmio.len == 8, "Unexpected ucall exit mmio address access"); memcpy(&gva, run->mmio.data, sizeof(gva)); - memcpy(&ucall, addr_gva2hva(vcpu->vm, gva), sizeof(ucall)); - - vcpu_run_complete_io(vcpu); - if (uc) - memcpy(uc, &ucall, sizeof(ucall)); + return addr_gva2hva(vcpu->vm, gva); } - return ucall.cmd; + return NULL; } diff --git a/tools/testing/selftests/kvm/lib/riscv/ucall.c b/tools/testing/selftests/kvm/lib/riscv/ucall.c index b1598f418c1f..37e091d4366e 100644 --- a/tools/testing/selftests/kvm/lib/riscv/ucall.c +++ b/tools/testing/selftests/kvm/lib/riscv/ucall.c @@ -51,27 +51,15 @@ void ucall_arch_do_ucall(vm_vaddr_t uc) uc, 0, 0, 0, 0, 0); } -uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) { struct kvm_run *run = vcpu->run; - struct ucall ucall = {}; - - if (uc) - memset(uc, 0, sizeof(*uc)); if (run->exit_reason == KVM_EXIT_RISCV_SBI && run->riscv_sbi.extension_id == KVM_RISCV_SELFTESTS_SBI_EXT) { switch (run->riscv_sbi.function_id) { case KVM_RISCV_SELFTESTS_SBI_UCALL: - memcpy(&ucall, - addr_gva2hva(vcpu->vm, run->riscv_sbi.args[0]), - sizeof(ucall)); - - vcpu_run_complete_io(vcpu); - if (uc) - memcpy(uc, &ucall, sizeof(ucall)); - - break; + return addr_gva2hva(vcpu->vm, run->riscv_sbi.args[0]); case KVM_RISCV_SELFTESTS_SBI_UNEXP: vcpu_dump(stderr, vcpu, 2); TEST_ASSERT(0, "Unexpected trap taken by guest"); @@ -80,6 +68,5 @@ uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) break; } } - - return ucall.cmd; + return NULL; } diff --git a/tools/testing/selftests/kvm/lib/s390x/ucall.c b/tools/testing/selftests/kvm/lib/s390x/ucall.c index 114cb4af295f..0f695a031d35 100644 --- a/tools/testing/selftests/kvm/lib/s390x/ucall.c +++ b/tools/testing/selftests/kvm/lib/s390x/ucall.c @@ -20,13 +20,9 @@ void ucall_arch_do_ucall(vm_vaddr_t uc) asm volatile ("diag 0,%0,0x501" : : "a"(uc) : "memory"); } -uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) { struct kvm_run *run = vcpu->run; - struct ucall ucall = {}; - - if (uc) - memset(uc, 0, sizeof(*uc)); if (run->exit_reason == KVM_EXIT_S390_SIEIC && run->s390_sieic.icptcode == 4 && @@ -34,13 +30,7 @@ uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) (run->s390_sieic.ipb >> 16) == 0x501) { int reg = run->s390_sieic.ipa & 0xf; - memcpy(&ucall, addr_gva2hva(vcpu->vm, run->s.regs.gprs[reg]), - sizeof(ucall)); - - vcpu_run_complete_io(vcpu); - if (uc) - memcpy(uc, &ucall, sizeof(ucall)); + return addr_gva2hva(vcpu->vm, run->s.regs.gprs[reg]); } - - return ucall.cmd; + return NULL; } diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index 2395c7f1d543..ced480860746 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -18,3 +18,22 @@ void ucall(uint64_t cmd, int nargs, ...) ucall_arch_do_ucall((vm_vaddr_t)&uc); } + +uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +{ + struct ucall ucall; + void *addr; + + if (!uc) + uc = &ucall; + + addr = ucall_arch_get_ucall(vcpu); + if (addr) { + memcpy(uc, addr, sizeof(*uc)); + vcpu_run_complete_io(vcpu); + } else { + memset(uc, 0, sizeof(*uc)); + } + + return uc->cmd; +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/ucall.c b/tools/testing/selftests/kvm/lib/x86_64/ucall.c index 9f532dba1003..ead9946399ab 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/ucall.c +++ b/tools/testing/selftests/kvm/lib/x86_64/ucall.c @@ -22,25 +22,15 @@ void ucall_arch_do_ucall(vm_vaddr_t uc) : : [port] "d" (UCALL_PIO_PORT), "D" (uc) : "rax", "memory"); } -uint64_t ucall_arch_get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) +void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) { struct kvm_run *run = vcpu->run; - struct ucall ucall = {}; - - if (uc) - memset(uc, 0, sizeof(*uc)); if (run->exit_reason == KVM_EXIT_IO && run->io.port == UCALL_PIO_PORT) { struct kvm_regs regs; vcpu_regs_get(vcpu, ®s); - memcpy(&ucall, addr_gva2hva(vcpu->vm, (vm_vaddr_t)regs.rdi), - sizeof(ucall)); - - vcpu_run_complete_io(vcpu); - if (uc) - memcpy(uc, &ucall, sizeof(ucall)); + return addr_gva2hva(vcpu->vm, regs.rdi); } - - return ucall.cmd; + return NULL; } From patchwork Wed Aug 10 15:20:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940686 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55237C00140 for ; Wed, 10 Aug 2022 15:21:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233185AbiHJPVZ (ORCPT ); Wed, 10 Aug 2022 11:21:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233199AbiHJPVG (ORCPT ); Wed, 10 Aug 2022 11:21:06 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5783D2C107 for ; Wed, 10 Aug 2022 08:20:53 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id w124-20020a627b82000000b0052d8ebfc055so6631556pfc.19 for ; Wed, 10 Aug 2022 08:20:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=MYDneT9H7RvPrT4sQm2b7/RZ8hQa6oRFixYULN4aLD0=; b=ADHokTmJ6vmz+4RmPqJu6qZDkzj4Eqrp2Hx9s7Rw3Fp60TLKLE8P0thDD6vw95FSNV Kbht5qTLyRrPjAKP2OGYPaBBOB+aVcXj1q4OxykCo1oC6QwXobn597NfQ+FmzOlNtEYq 19M2P413wWe8FL8djY1FZieP3hKyyg+ABV7E+VVJulOPLaRyEmJDjgYYsNXrByL+8Dqh +l8zQFEyUC6av/1j2tNikD2PKqXpje8QOn6bZbYNSvnnjrjA0R+fdX2E5p2jUWKRBqOe Gb/+T8YF81kiLdoJ6rcpSOHFSh3Kv1OVBH1BURAIYaIKnw18dr3SUKdXI+J+K2DdLgkc Khtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=MYDneT9H7RvPrT4sQm2b7/RZ8hQa6oRFixYULN4aLD0=; b=o2bAQh6TbO6il9eht4EwwqNjEmQFUVQocP4BnzmljzVzXhZXgxWs12XRE7cfSwrbVu BXR3QUmXYjgRRqR1yY28n1rzYwK0AExNAXtDKkbVuU8MFkZQMsFCGjYi3SbSk6ebb/+y B+X1nJ6a26eXaMfv8GV3pQCbx092mfo1izdcDAm3zCPnhqy0JGu4NNjWIDz0NzAko7Q2 jvNsr7mYAxhj4vB/0MNdfqGCOZgykmpoK6e2u0nRhtkxu5RtVQ5pl4YDhuYKLdBkZ0yG q9Msa/lFh71ZTUn/AIG5lVbVNxCuelr26Ps4DMs8qOAWdIn3cziB2iDZCyfeq7qFiEo/ 6/KA== X-Gm-Message-State: ACgBeo3qZr7pVmbWb7FsxNrnda11PoeH9lzBRcd7jgIv5svP+UpD/yEU 7Wqv3H1R5Nrma2wXCY1UKTs0zfrDk+rBV6VAYadwfjguyCiViDzhjQGIRCdUqNlJ8b7L0lVUw8T wsY3J4m/APNGA2iRl2fSPNLh+hR2bNUV6jfHMTnT19qVmzAq2BiEyAaTHTA== X-Google-Smtp-Source: AA6agR6bY879bHVdbLdyS0jOQNYO9JhQy28/k9lofXPwQi+SIhVs99xzPzu4nxWxFIPFCfgxw19CHcz/lEY= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a17:90a:df03:b0:1f3:396c:dd94 with SMTP id gp3-20020a17090adf0300b001f3396cdd94mr250371pjb.1.1660144851264; Wed, 10 Aug 2022 08:20:51 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:30 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-9-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 08/11] KVM: selftests: add library for creating/interacting with SEV guests From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Michael Roth Add interfaces to allow tests to create/manage SEV guests. The additional state associated with these guests is encapsulated in a new struct sev_vm, which is a light wrapper around struct kvm_vm. These VMs will use vm_set_memory_encryption() and vm_get_encrypted_phy_pages() under the covers to configure and sync up with the core kvm_util library on what should/shouldn't be treated as encrypted memory. Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/kvm_util_base.h | 3 + .../selftests/kvm/include/x86_64/sev.h | 44 +++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 251 ++++++++++++++++++ 4 files changed, 299 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 39fc5e8e5594..b247c4b595af 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -55,6 +55,7 @@ LIBKVM_x86_64 += lib/x86_64/processor.c LIBKVM_x86_64 += lib/x86_64/svm.c LIBKVM_x86_64 += lib/x86_64/ucall.c LIBKVM_x86_64 += lib/x86_64/vmx.c +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_aarch64 += lib/aarch64/gic.c LIBKVM_aarch64 += lib/aarch64/gic_v3.c diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 8ce9e5be70a3..1a84d2d1d85b 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -68,6 +68,7 @@ struct userspace_mem_regions { /* Memory encryption policy/configuration. */ struct vm_memcrypt { bool enabled; + bool encrypted; int8_t enc_by_default; bool has_enc_bit; int8_t enc_bit; @@ -816,6 +817,8 @@ vm_paddr_t addr_arch_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva); static inline vm_paddr_t addr_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) { + TEST_ASSERT(!vm->memcrypt.encrypted, + "Encrypted guests have their page tables encrypted so gva2gpa conversions are not possible."); return addr_arch_gva2gpa(vm, gva); } diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h new file mode 100644 index 000000000000..2f7f7c741b12 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#ifndef SELFTEST_KVM_SEV_H +#define SELFTEST_KVM_SEV_H + +#include +#include +#include "kvm_util.h" + +/* Makefile might set this separately for user-overrides */ +#ifndef SEV_DEV_PATH +#define SEV_DEV_PATH "/dev/sev" +#endif + +#define SEV_FW_REQ_VER_MAJOR 0 +#define SEV_FW_REQ_VER_MINOR 17 + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +enum { + SEV_GSTATE_UNINIT = 0, + SEV_GSTATE_LUPDATE, + SEV_GSTATE_LSECRET, + SEV_GSTATE_RUNNING, +}; + +struct sev_vm; + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data); +struct kvm_vm *sev_get_vm(struct sev_vm *sev); +uint8_t sev_get_enc_bit(struct sev_vm *sev); + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages); +void sev_vm_free(struct sev_vm *sev); +void sev_vm_launch(struct sev_vm *sev); +void sev_vm_launch_measure(struct sev_vm *sev, uint8_t *measurement); +void sev_vm_launch_finish(struct sev_vm *sev); + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..3abcf50c0b5d --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,251 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Helpers used for SEV guests + * + * Copyright (C) 2021 Advanced Micro Devices + */ + +#include +#include +#include "kvm_util.h" +#include "linux/psp-sev.h" +#include "processor.h" +#include "sev.h" + +#define PAGE_SHIFT 12 +#define CPUID_MEM_ENC_LEAF 0x8000001f +#define CPUID_EBX_CBIT_MASK 0x3f + +struct sev_vm { + struct kvm_vm *vm; + int fd; + int enc_bit; + uint32_t sev_policy; +}; + +/* Common SEV helpers/accessors. */ + +struct kvm_vm *sev_get_vm(struct sev_vm *sev) +{ + return sev->vm; +} + +uint8_t sev_get_enc_bit(struct sev_vm *sev) +{ + return sev->enc_bit; +} + +void sev_ioctl(int sev_fd, int cmd, void *data) +{ + int ret; + struct sev_issue_cmd arg; + + arg.cmd = cmd; + arg.data = (unsigned long)data; + ret = ioctl(sev_fd, SEV_ISSUE_CMD, &arg); + TEST_ASSERT(ret == 0, + "SEV ioctl %d failed, error: %d, fw_error: %d", + cmd, ret, arg.error); +} + +void kvm_sev_ioctl(struct sev_vm *sev, int cmd, void *data) +{ + struct kvm_sev_cmd arg = {0}; + int ret; + + arg.id = cmd; + arg.sev_fd = sev->fd; + arg.data = (__u64)data; + + ret = ioctl(sev->vm->fd, KVM_MEMORY_ENCRYPT_OP, &arg); + TEST_ASSERT(ret == 0, + "SEV KVM ioctl %d failed, rc: %i errno: %i (%s), fw_error: %d", + cmd, ret, errno, strerror(errno), arg.error); +} + +/* Local helpers. */ + +static void +sev_register_user_region(struct sev_vm *sev, void *hva, uint64_t size) +{ + struct kvm_enc_region range = {0}; + int ret; + + pr_debug("%s: hva: %p, size: %lu\n", __func__, hva, size); + + range.addr = (__u64)hva; + range.size = size; + + ret = ioctl(sev->vm->fd, KVM_MEMORY_ENCRYPT_REG_REGION, &range); + TEST_ASSERT(ret == 0, "failed to register user range, errno: %i\n", errno); +} + +static void +sev_encrypt_phy_range(struct sev_vm *sev, vm_paddr_t gpa, uint64_t size) +{ + struct kvm_sev_launch_update_data ksev_update_data = {0}; + + pr_debug("%s: addr: 0x%lx, size: %lu\n", __func__, gpa, size); + + ksev_update_data.uaddr = (__u64)addr_gpa2hva(sev->vm, gpa); + ksev_update_data.len = size; + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_UPDATE_DATA, &ksev_update_data); +} + +static void sev_encrypt(struct sev_vm *sev) +{ + const struct sparsebit *enc_phy_pages; + struct kvm_vm *vm = sev->vm; + sparsebit_idx_t pg = 0; + vm_paddr_t gpa_start; + uint64_t memory_size; + + /* Only memslot 0 supported for now. */ + enc_phy_pages = vm_get_encrypted_phy_pages(sev->vm, 0, &gpa_start, &memory_size); + TEST_ASSERT(enc_phy_pages, "Unable to retrieve encrypted pages bitmap"); + while (pg < (memory_size / vm->page_size)) { + sparsebit_idx_t pg_cnt; + + if (sparsebit_is_clear(enc_phy_pages, pg)) { + pg = sparsebit_next_set(enc_phy_pages, pg); + if (!pg) + break; + } + + pg_cnt = sparsebit_next_clear(enc_phy_pages, pg) - pg; + if (pg_cnt <= 0) + pg_cnt = 1; + + sev_encrypt_phy_range(sev, + gpa_start + pg * vm->page_size, + pg_cnt * vm->page_size); + pg += pg_cnt; + } + + sev->vm->memcrypt.encrypted = true; +} + +/* SEV VM implementation. */ + +static struct sev_vm *sev_vm_alloc(struct kvm_vm *vm) +{ + struct sev_user_data_status sev_status = {0}; + uint32_t eax, ebx, ecx, edx; + struct sev_vm *sev; + int sev_fd; + + sev_fd = open(SEV_DEV_PATH, O_RDWR); + if (sev_fd < 0) { + pr_info("Failed to open SEV device, path: %s, error: %d, skipping test.\n", + SEV_DEV_PATH, sev_fd); + return NULL; + } + + sev_ioctl(sev_fd, SEV_PLATFORM_STATUS, &sev_status); + + if (!(sev_status.api_major > SEV_FW_REQ_VER_MAJOR || + (sev_status.api_major == SEV_FW_REQ_VER_MAJOR && + sev_status.api_minor >= SEV_FW_REQ_VER_MINOR))) { + pr_info("SEV FW version too old. Have API %d.%d (build: %d), need %d.%d, skipping test.\n", + sev_status.api_major, sev_status.api_minor, sev_status.build, + SEV_FW_REQ_VER_MAJOR, SEV_FW_REQ_VER_MINOR); + return NULL; + } + + sev = calloc(1, sizeof(*sev)); + sev->fd = sev_fd; + sev->vm = vm; + + /* Get encryption bit via CPUID. */ + cpuid(CPUID_MEM_ENC_LEAF, &eax, &ebx, &ecx, &edx); + sev->enc_bit = ebx & CPUID_EBX_CBIT_MASK; + + return sev; +} + +void sev_vm_free(struct sev_vm *sev) +{ + ucall_uninit(sev->vm); + kvm_vm_free(sev->vm); + close(sev->fd); + free(sev); +} + +struct sev_vm *sev_vm_create(uint32_t policy, uint64_t npages) +{ + struct sev_vm *sev; + struct kvm_vm *vm; + + /* Need to handle memslots after init, and after setting memcrypt. */ + vm = vm_create_barebones(); + sev = sev_vm_alloc(vm); + if (!sev) + return NULL; + sev->sev_policy = policy; + + kvm_sev_ioctl(sev, KVM_SEV_INIT, NULL); + + vm->vpages_mapped = sparsebit_alloc(); + vm_set_memory_encryption(vm, true, true, sev->enc_bit); + pr_info("SEV cbit: %d\n", sev->enc_bit); + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, npages, 0); + sev_register_user_region(sev, addr_gpa2hva(vm, 0), + npages * vm->page_size); + + pr_info("SEV guest created, policy: 0x%x, size: %lu KB\n", + sev->sev_policy, npages * vm->page_size / 1024); + + return sev; +} + +void sev_vm_launch(struct sev_vm *sev) +{ + struct kvm_sev_launch_start ksev_launch_start = {0}; + struct kvm_sev_guest_status ksev_status = {0}; + + /* Need to use ucall_shared for synchronization. */ + //ucall_init_ops(sev_get_vm(sev), NULL, &ucall_ops_halt); + + ksev_launch_start.policy = sev->sev_policy; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_START, &ksev_launch_start); + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.policy == sev->sev_policy, "Incorrect guest policy."); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE, + "Unexpected guest state: %d", ksev_status.state); + + ucall_init(sev->vm, NULL); + + sev_encrypt(sev); +} + +void sev_vm_launch_measure(struct sev_vm *sev, uint8_t *measurement) +{ + struct kvm_sev_launch_measure ksev_launch_measure = {0}; + struct kvm_sev_guest_status ksev_guest_status = {0}; + + ksev_launch_measure.len = 256; + ksev_launch_measure.uaddr = (__u64)measurement; + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_MEASURE, &ksev_launch_measure); + + /* Measurement causes a state transition, check that. */ + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_guest_status); + TEST_ASSERT(ksev_guest_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_guest_status.state); +} + +void sev_vm_launch_finish(struct sev_vm *sev) +{ + struct kvm_sev_guest_status ksev_status = {0}; + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_LUPDATE || + ksev_status.state == SEV_GSTATE_LSECRET, + "Unexpected guest state: %d", ksev_status.state); + + kvm_sev_ioctl(sev, KVM_SEV_LAUNCH_FINISH, NULL); + + kvm_sev_ioctl(sev, KVM_SEV_GUEST_STATUS, &ksev_status); + TEST_ASSERT(ksev_status.state == SEV_GSTATE_RUNNING, + "Unexpected guest state: %d", ksev_status.state); +} From patchwork Wed Aug 10 15:20:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940685 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E956C3F6B0 for ; Wed, 10 Aug 2022 15:21:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233197AbiHJPV2 (ORCPT ); Wed, 10 Aug 2022 11:21:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38132 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233237AbiHJPVJ (ORCPT ); Wed, 10 Aug 2022 11:21:09 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A52DF491E2 for ; Wed, 10 Aug 2022 08:20:54 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id o6-20020a17090ab88600b001f30b8c11c5so1341408pjr.2 for ; Wed, 10 Aug 2022 08:20:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=ZH7CdRWCIwNg0rfB6pUeUyBV2qfCWplRtlLFdh/iMUI=; b=apwXC/ww4j5CUuVFoJyNaoq+BSpD4U+4DscUXqUrLk78d+ARYidpwEa5ihZfml/1pS RF9y0n45tYrpC3MIhhZk0erLNzoxOIB7yzKbM9hLF4yWG1H6+9Be3jII4QPCzX71NspY 8ER7PYUunxvMsZrp0iN+lF1j90zPZWLsyqTjoMMP+PVuK77dG36lodOSzGEJgc44BByN tMp2OicDylCbNQIB+0UYfBDeESFY7Ao0DoUwQ8bcyxrduRXq6sMIbzo34wx5Hsjgwe+l Rh0mEqgTh4Trsb8m8VoKxipFaGY2oEPhPnr0B4daIm7vKJzhcnby9pV09OHAUFyG4oEQ zHgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=ZH7CdRWCIwNg0rfB6pUeUyBV2qfCWplRtlLFdh/iMUI=; b=DdwK64bzDs1fea+02kh33bUtzmBglb6nr0aIq3xlVfCO2lfbfNQQIL1g5ROJhQz3ty y4vkAx+iex3PzXA3hLgQeLkFXSSE3k9uv6aNcpWjHsM2SGpixy5GIoapHoBX38awEsCx wTTEvQi/R8E3n6wCDuxgvMLznL0WmCBsa7sTh3l9hDfnUjZ53lww8UlnoKUfGPA/FWkc 4fqwTmXCpMaR7bRxe5UvfMSazUvIK5Mtauk7mGxPd8Tsvq5tY4OZQqMjSQhWYd4O5BPg XIU+jCLDJL6OCVXEfY5EZaYx4ApVTTVSTCuQdQQOJRABIEqwdl/wmgIQcHsnvTNa4hkB 971g== X-Gm-Message-State: ACgBeo2H2XOCA5ak7m+C3Cj003hrzph5oGPTJWeJtuD2q5MapocrTN2/ uBj6qaV5uJFNZeaI+EGRPOHVZptjz4Ai0OMAUK4DqXeLYYdOXO7fmubZHB/MLmt+npEfNTWka0J Jx0+nKZy6jYxEBHAbMAqag5cfeo4ysRaDmy7Nn84rCQTL/AWq8gjSr1AeoA== X-Google-Smtp-Source: AA6agR7/peE3sNp+8R/sQNztbFbtY9gi/ShTyBHi6GxvE2QcV08n2v2+coOQi5Gc9nYsEInoAH6es2+2RJY= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a63:6cc4:0:b0:41a:ff04:661f with SMTP id h187-20020a636cc4000000b0041aff04661fmr23530639pgc.600.1660144853502; Wed, 10 Aug 2022 08:20:53 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:31 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-10-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 09/11] tools: Add atomic_test_and_set_bit() From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org atomic_test_and_set_bit() allows for atomic bitmap usage from KVM selftests. Signed-off-by: Peter Gonda Suggested-by: Sean Christopherson --- tools/arch/x86/include/asm/atomic.h | 7 +++++++ tools/include/asm-generic/atomic-gcc.h | 15 +++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/tools/arch/x86/include/asm/atomic.h b/tools/arch/x86/include/asm/atomic.h index 1f5e26aae9fc..01cc27ec4520 100644 --- a/tools/arch/x86/include/asm/atomic.h +++ b/tools/arch/x86/include/asm/atomic.h @@ -8,6 +8,7 @@ #define LOCK_PREFIX "\n\tlock; " +#include #include /* @@ -70,4 +71,10 @@ static __always_inline int atomic_cmpxchg(atomic_t *v, int old, int new) return cmpxchg(&v->counter, old, new); } +static inline int atomic_test_and_set_bit(long nr, unsigned long *addr) +{ + GEN_BINARY_RMWcc(LOCK_PREFIX __ASM_SIZE(bts), *addr, "Ir", nr, "%0", "c"); + +} + #endif /* _TOOLS_LINUX_ASM_X86_ATOMIC_H */ diff --git a/tools/include/asm-generic/atomic-gcc.h b/tools/include/asm-generic/atomic-gcc.h index 4c1966f7c77a..8d9b2d1768bf 100644 --- a/tools/include/asm-generic/atomic-gcc.h +++ b/tools/include/asm-generic/atomic-gcc.h @@ -4,6 +4,7 @@ #include #include +#include /* * Atomic operations that C can't guarantee us. Useful for @@ -69,4 +70,18 @@ static inline int atomic_cmpxchg(atomic_t *v, int oldval, int newval) return cmpxchg(&(v)->counter, oldval, newval); } +static inline int atomic_test_and_set_bit(long nr, unsigned long *addr) +{ + long old, val; + unsigned long mask = BIT_MASK(nr); + + addr += BIT_WORD(nr); + val = READ_ONCE(*addr); + if (val & mask) + return 1; + + old = cmpxchg(addr, val, val & mask); + return !!(old & mask); +} + #endif /* __TOOLS_ASM_GENERIC_ATOMIC_H */ From patchwork Wed Aug 10 15:20:32 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940687 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8C405C25B0C for ; Wed, 10 Aug 2022 15:21:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233210AbiHJPV3 (ORCPT ); Wed, 10 Aug 2022 11:21:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233245AbiHJPVK (ORCPT ); Wed, 10 Aug 2022 11:21:10 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2036E785A8 for ; Wed, 10 Aug 2022 08:20:56 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id s18-20020a170902ea1200b0016f11bfefe4so9910980plg.14 for ; Wed, 10 Aug 2022 08:20:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=1bJnjZzG51Rg4FKSx2zZTcHWIUVVwczNqrIXz3SXrt0=; b=jr5IRsKwa9b5GEx36QBldnNldpQ1VyHMxngtx3BWtaLlllInHFAsefTGBieRedvrKJ KWSCD3zWbi70JuuYNc9z5gMuJdpgxy53NeQh4zt7FdxJq2rlvvS596qvqxO8eT9wgOMI /VNpiR+ZXy9OkXsWJj9q1dGuVqYxFdPNd+zVtOTbeHwrchI2ine2ZfGQ5jzpYJeMHIJk x805tyEPfo12+W7loGccs5XWrxNdX5sFrBR7cRU4DS8hhGGEXWZVMqSRShqaPx5ETMcY q6Fy4+U3x5GxvXoO4EUA8/yA1EwFi3+7LI2OhnlbYQB9Yy3j7STzn0oaf5G4lS4mpVje Igrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=1bJnjZzG51Rg4FKSx2zZTcHWIUVVwczNqrIXz3SXrt0=; b=NkvvdQEKD1ZXOedRF5QOWZKr12R+DKrXCsAeHbOqioiqsF++367gXuSUEMOgqXis9w ZZ5s0GAhP3sEmJagZHCqdiXZKGxu1TXrL0D3zrBXL5hkRu4XVSzuVPrUYXUgUFP70hQS T8zltSJTDetcYo091CqCnSFn6JJI2HYs9nYzhEOEwgiRqDgrSCtPtE1t99XCB+AqPwej Fq+iOPh0+qAwdNhK4/UHLlxzsBJQAzLLewQ44hTRLfcQK/4YbcKVvJvBIgb9+s+/abES ARp8UeiaADz4qmLdk2jSg2ktjbD+RKz6rcCNKoYawx+hHHe+3Wfceuf4qawWCE27Yt2y r8Bw== X-Gm-Message-State: ACgBeo18EPQu8DPjgG92ZuxdWu9I6abKRY4Z9CrccuqxLiJZmfOTbkpL F3z5LECrCHhVCEiEGO3XhlRViBJGnIEl4yV2hacoWRkMMOd7QYfA3rx+ejTPUEH6pYxZfRB+7Zx Oqe69NRSOcX4vmboA3xkemVNkndp7X92Wak3ulGQsmVeUconMkPjGo7Lnvw== X-Google-Smtp-Source: AA6agR5CWuMFLA0UiEriC2+JGPiBqHahtIiZ/TWwaGGuDyDblnNAqKNFM4HUKLDEVFsCqCLBy+MkC3fN0EA= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a63:d047:0:b0:41d:d4e9:e182 with SMTP id s7-20020a63d047000000b0041dd4e9e182mr5206386pgi.328.1660144855753; Wed, 10 Aug 2022 08:20:55 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:32 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-11-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 10/11] KVM: selftests: Add ucall pool based implementation From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org To add support for encrypted, SEV, guests in the ucall framework introduce a new "ucall pool" implementation. This was suggested in the thread on "[RFC PATCH 00/10] KVM: selftests: Add support for test-selectable ucall implementations". Using a listed as suggested there doesn't work well because the list is setup using HVAs not GVAs so use a bitmap + array solution instead to get the same pool of ucall structs result. This allows for guests with encryption enabled set up a pool of ucall structs in the guest's shared memory region. Suggested-by: Sean Christopherson Signed-off-by: Peter Gonda --- .../selftests/kvm/include/kvm_util_base.h | 2 + .../selftests/kvm/include/ucall_common.h | 13 +-- .../testing/selftests/kvm/lib/aarch64/ucall.c | 10 +- tools/testing/selftests/kvm/lib/riscv/ucall.c | 5 +- tools/testing/selftests/kvm/lib/s390x/ucall.c | 5 +- .../testing/selftests/kvm/lib/ucall_common.c | 108 +++++++++++++++++- .../testing/selftests/kvm/lib/x86_64/ucall.c | 6 +- 7 files changed, 131 insertions(+), 18 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 1a84d2d1d85b..baede0d118c5 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -103,6 +103,8 @@ struct kvm_vm { int stats_fd; struct kvm_stats_header stats_header; struct kvm_stats_desc *stats_desc; + + bool use_ucall_pool; }; diff --git a/tools/testing/selftests/kvm/include/ucall_common.h b/tools/testing/selftests/kvm/include/ucall_common.h index 63bfc60be995..002a22e1cd1d 100644 --- a/tools/testing/selftests/kvm/include/ucall_common.h +++ b/tools/testing/selftests/kvm/include/ucall_common.h @@ -22,6 +22,9 @@ enum { struct ucall { uint64_t cmd; uint64_t args[UCALL_MAX_ARGS]; + + /* For ucall pool usage. */ + struct ucall *hva; }; void ucall_arch_init(struct kvm_vm *vm, void *arg); @@ -32,15 +35,9 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu); void ucall(uint64_t cmd, int nargs, ...); uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc); -static inline void ucall_init(struct kvm_vm *vm, void *arg) -{ - ucall_arch_init(vm, arg); -} +void ucall_init(struct kvm_vm *vm, void *arg); -static inline void ucall_uninit(struct kvm_vm *vm) -{ - ucall_arch_uninit(vm); -} +void ucall_uninit(struct kvm_vm *vm); #define GUEST_SYNC_ARGS(stage, arg1, arg2, arg3, arg4) \ ucall(UCALL_SYNC, 6, "hello", stage, arg1, arg2, arg3, arg4) diff --git a/tools/testing/selftests/kvm/lib/aarch64/ucall.c b/tools/testing/selftests/kvm/lib/aarch64/ucall.c index 132c0e98bf49..ee70531e8e51 100644 --- a/tools/testing/selftests/kvm/lib/aarch64/ucall.c +++ b/tools/testing/selftests/kvm/lib/aarch64/ucall.c @@ -81,12 +81,16 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) if (run->exit_reason == KVM_EXIT_MMIO && run->mmio.phys_addr == (uint64_t)ucall_exit_mmio_addr) { - vm_vaddr_t gva; + uint64_t ucall_addr; TEST_ASSERT(run->mmio.is_write && run->mmio.len == 8, "Unexpected ucall exit mmio address access"); - memcpy(&gva, run->mmio.data, sizeof(gva)); - return addr_gva2hva(vcpu->vm, gva); + memcpy(&ucall_addr, run->mmio.data, sizeof(ucall_addr)); + + if (vcpu->vm->use_ucall_pool) + return (void *)ucall_addr; + else + return addr_gva2hva(vcpu->vm, ucall_addr); } return NULL; diff --git a/tools/testing/selftests/kvm/lib/riscv/ucall.c b/tools/testing/selftests/kvm/lib/riscv/ucall.c index 37e091d4366e..4bb5616df29f 100644 --- a/tools/testing/selftests/kvm/lib/riscv/ucall.c +++ b/tools/testing/selftests/kvm/lib/riscv/ucall.c @@ -59,7 +59,10 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) run->riscv_sbi.extension_id == KVM_RISCV_SELFTESTS_SBI_EXT) { switch (run->riscv_sbi.function_id) { case KVM_RISCV_SELFTESTS_SBI_UCALL: - return addr_gva2hva(vcpu->vm, run->riscv_sbi.args[0]); + if (vcpu->vm->use_ucall_pool) + return (void *)run->riscv_sbi.args[0]; + else + return addr_gva2hva(vcpu->vm, run->riscv_sbi.args[0]); case KVM_RISCV_SELFTESTS_SBI_UNEXP: vcpu_dump(stderr, vcpu, 2); TEST_ASSERT(0, "Unexpected trap taken by guest"); diff --git a/tools/testing/selftests/kvm/lib/s390x/ucall.c b/tools/testing/selftests/kvm/lib/s390x/ucall.c index 0f695a031d35..b24c6649877a 100644 --- a/tools/testing/selftests/kvm/lib/s390x/ucall.c +++ b/tools/testing/selftests/kvm/lib/s390x/ucall.c @@ -30,7 +30,10 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) (run->s390_sieic.ipb >> 16) == 0x501) { int reg = run->s390_sieic.ipa & 0xf; - return addr_gva2hva(vcpu->vm, run->s.regs.gprs[reg]); + if (vcpu->vm->use_ucall_pool) + return (void *)run->s.regs.gprs[reg]; + else + return addr_gva2hva(vcpu->vm, run->s.regs.gprs[reg]); } return NULL; } diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index ced480860746..b6502a9420c4 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -1,22 +1,122 @@ // SPDX-License-Identifier: GPL-2.0-only #include "kvm_util.h" +#include "linux/types.h" +#include "linux/bitmap.h" +#include "linux/atomic.h" + +struct ucall_header { + DECLARE_BITMAP(in_use, KVM_MAX_VCPUS); + struct ucall ucalls[KVM_MAX_VCPUS]; +}; + +static bool use_ucall_pool; +static struct ucall_header *ucall_pool; + +void ucall_init(struct kvm_vm *vm, void *arg) +{ + struct ucall *uc; + struct ucall_header *hdr; + vm_vaddr_t vaddr; + int i; + + use_ucall_pool = vm->use_ucall_pool; + sync_global_to_guest(vm, use_ucall_pool); + if (!use_ucall_pool) + goto out; + + TEST_ASSERT(!ucall_pool, "Only a single encrypted guest at a time for ucalls."); + vaddr = vm_vaddr_alloc_shared(vm, sizeof(*hdr), vm->page_size); + hdr = (struct ucall_header *)addr_gva2hva(vm, vaddr); + memset(hdr, 0, sizeof(*hdr)); + + for (i = 0; i < KVM_MAX_VCPUS; ++i) { + uc = &hdr->ucalls[i]; + uc->hva = uc; + } + + ucall_pool = (struct ucall_header *)vaddr; + sync_global_to_guest(vm, ucall_pool); + +out: + ucall_arch_init(vm, arg); +} + +void ucall_uninit(struct kvm_vm *vm) +{ + use_ucall_pool = false; + ucall_pool = NULL; + + if (!vm->memcrypt.encrypted) { + sync_global_to_guest(vm, use_ucall_pool); + sync_global_to_guest(vm, ucall_pool); + } + + ucall_arch_uninit(vm); +} + +static struct ucall *ucall_alloc(void) +{ + struct ucall *uc = NULL; + int i; + + if (!use_ucall_pool) + goto out; + + for (i = 0; i < KVM_MAX_VCPUS; ++i) { + if (!atomic_test_and_set_bit(i, ucall_pool->in_use)) { + uc = &ucall_pool->ucalls[i]; + memset(uc->args, 0, sizeof(uc->args)); + break; + } + } +out: + return uc; +} + +static inline size_t uc_pool_idx(struct ucall *uc) +{ + return uc->hva - ucall_pool->ucalls; +} + +static void ucall_free(struct ucall *uc) +{ + if (!use_ucall_pool) + return; + + clear_bit(uc_pool_idx(uc), ucall_pool->in_use); +} void ucall(uint64_t cmd, int nargs, ...) { - struct ucall uc = {}; + struct ucall *uc; + struct ucall tmp = {}; va_list va; int i; - WRITE_ONCE(uc.cmd, cmd); + uc = ucall_alloc(); + if (!uc) + uc = &tmp; + + WRITE_ONCE(uc->cmd, cmd); nargs = min(nargs, UCALL_MAX_ARGS); va_start(va, nargs); for (i = 0; i < nargs; ++i) - WRITE_ONCE(uc.args[i], va_arg(va, uint64_t)); + WRITE_ONCE(uc->args[i], va_arg(va, uint64_t)); va_end(va); - ucall_arch_do_ucall((vm_vaddr_t)&uc); + /* + * When using the ucall pool implementation the @hva member of the ucall + * structs in the pool has been initialized to the hva of the ucall + * object. + */ + if (use_ucall_pool) + ucall_arch_do_ucall((vm_vaddr_t)uc->hva); + else + ucall_arch_do_ucall((vm_vaddr_t)uc); + + ucall_free(uc); } uint64_t get_ucall(struct kvm_vcpu *vcpu, struct ucall *uc) diff --git a/tools/testing/selftests/kvm/lib/x86_64/ucall.c b/tools/testing/selftests/kvm/lib/x86_64/ucall.c index ead9946399ab..07c1bc41fa5c 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/ucall.c +++ b/tools/testing/selftests/kvm/lib/x86_64/ucall.c @@ -30,7 +30,11 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu) struct kvm_regs regs; vcpu_regs_get(vcpu, ®s); - return addr_gva2hva(vcpu->vm, regs.rdi); + + if (vcpu->vm->use_ucall_pool) + return (void *)regs.rdi; + else + return addr_gva2hva(vcpu->vm, regs.rdi); } return NULL; } From patchwork Wed Aug 10 15:20:33 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Gonda X-Patchwork-Id: 12940688 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 21E35C25B0E for ; Wed, 10 Aug 2022 15:21:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233279AbiHJPVx (ORCPT ); Wed, 10 Aug 2022 11:21:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233285AbiHJPVN (ORCPT ); Wed, 10 Aug 2022 11:21:13 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AD949792CC for ; Wed, 10 Aug 2022 08:20:58 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id y20-20020a170903011400b0016f06421a83so9973039plc.12 for ; Wed, 10 Aug 2022 08:20:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:from:to:cc; bh=7Cb3xK7C8A3dKOEhtON3+5DVL3Y0hKSgmYKmNcGLqP0=; b=b8Fn3IpLxI54p6QHEIARrG3UnZQqAKm07QEdu8urKrTa5fP/KEzJBSUa7E2yWrBCJP gBVZlmfDEHznQbBR9XsMhGvmvGqfH0l5rKqOPlS0gO1jeuVyVT4X7B8X+KeXWdJh9zOH cvGmFTL7oXm/9lh4/8uF13jSVSDg5scSLdwp4EAOGJZ71fYOwx4jOy4X1ZXHinPwUizb Sicb9txiHTH8pFnncE/APbSI5oPHswOeLHfaQXY1AOBSmwzlYkbXAbCtOzjx7qfBoEqc vB5E3P6V9QGfvQd35rvMNiiaFPYnIecYZD+YR/25Q+8QA8pOJA+iDtAkmoTqCG6n1Qsx odpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:references:mime-version:message-id:in-reply-to :date:x-gm-message-state:from:to:cc; bh=7Cb3xK7C8A3dKOEhtON3+5DVL3Y0hKSgmYKmNcGLqP0=; b=l5mPYAz3FrCEsu9HGjlGQrsCDmYuU+MUFV/UIpSXm5NOzjj96hs/AQpGzm/+bb973h ponhyniFXVsK45MmgeoO+ObE86m2kLCjwOm1Oky4vUYXy029Fn5F0XQtuCPUiGGBYKDY AfjFCXnhxsIm6Ip3Oc3QsSZmPVLoV3rv1LEhItiilCRuJrHuAEu26m03ckG3J57Vqwza EHL4QiPdRt6HRM3imUIfK9Ze/gvVSKBWj/dsm8WLSgt3uA8/i11FA6HO+JyTR1KR6NSy S07opPKjPAm94oi7lXio4ZhQS/Kx+EWMaq5mcIO/ST9Rj8gbIrqnbkOXHIxlbvEWpSc+ wLnw== X-Gm-Message-State: ACgBeo0Ev40mu8KMBzNmN6qlqylyIFwcxH4Ftrvmw9nTvQ2rn0YQxino YXhjKYAWUA7uP8J6hrqGDslvOQS/PwPo4SS1WCxSD5UMAUJukfOoud6+Fij+jXZpfsVkwzSMxbj JTgWXseAEtpnyyEmYeB1nIxjZq9yrw1k4rvVXZ+Aw+VP5Cma53tCl79WN0g== X-Google-Smtp-Source: AA6agR4np9E2GdxSrWaYSbcobydcrRmlzA1Z3m/LeqPX//hxxwNp1p23D8O/po1r4EyzClYY0r1+JOxAAys= X-Received: from pgonda1.kir.corp.google.com ([2620:15c:29:203:b185:1827:5b23:bbe2]) (user=pgonda job=sendgmr) by 2002:a05:6a00:22c6:b0:52f:4d67:b370 with SMTP id f6-20020a056a0022c600b0052f4d67b370mr14395559pfj.58.1660144857469; Wed, 10 Aug 2022 08:20:57 -0700 (PDT) Date: Wed, 10 Aug 2022 08:20:33 -0700 In-Reply-To: <20220810152033.946942-1-pgonda@google.com> Message-Id: <20220810152033.946942-12-pgonda@google.com> Mime-Version: 1.0 References: <20220810152033.946942-1-pgonda@google.com> X-Mailer: git-send-email 2.37.1.559.g78731f0fdb-goog Subject: [V3 11/11] KVM: selftests: Add simple sev vm testing From: Peter Gonda To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, marcorr@google.com, seanjc@google.com, michael.roth@amd.com, thomas.lendacky@amd.com, joro@8bytes.org, mizhang@google.com, pbonzini@redhat.com, andrew.jones@linux.dev, vannapurve@google.com, Peter Gonda Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org A very simple of booting SEV guests that checks related CPUID bits. This is a stripped down version of "[PATCH v2 08/13] KVM: selftests: add SEV boot tests" from Michael but much simpler. Signed-off-by: Michael Roth Signed-off-by: Peter Gonda --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/x86_64/sev.h | 3 + tools/testing/selftests/kvm/lib/x86_64/sev.c | 2 - .../selftests/kvm/x86_64/sev_all_boot_test.c | 131 ++++++++++++++++++ 5 files changed, 136 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index d625a3f83780..ca57969a0923 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -33,6 +33,7 @@ /x86_64/pmu_event_filter_test /x86_64/set_boot_cpu_id /x86_64/set_sregs_test +/x86_64/sev_all_boot_test /x86_64/sev_migrate_tests /x86_64/smm_test /x86_64/state_test diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index b247c4b595af..73b083f93b46 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -122,6 +122,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/tsc_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_caps_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test +TEST_GEN_PROGS_x86_64 += x86_64/sev_all_boot_test TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests TEST_GEN_PROGS_x86_64 += x86_64/amx_test TEST_GEN_PROGS_x86_64 += x86_64/max_vcpuid_cap_test diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h index 2f7f7c741b12..b6552ea1c716 100644 --- a/tools/testing/selftests/kvm/include/x86_64/sev.h +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -22,6 +22,9 @@ #define SEV_POLICY_NO_DBG (1UL << 0) #define SEV_POLICY_ES (1UL << 2) +#define CPUID_MEM_ENC_LEAF 0x8000001f +#define CPUID_EBX_CBIT_MASK 0x3f + enum { SEV_GSTATE_UNINIT = 0, SEV_GSTATE_LUPDATE, diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c index 3abcf50c0b5d..8f9f55c685a7 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -13,8 +13,6 @@ #include "sev.h" #define PAGE_SHIFT 12 -#define CPUID_MEM_ENC_LEAF 0x8000001f -#define CPUID_EBX_CBIT_MASK 0x3f struct sev_vm { struct kvm_vm *vm; diff --git a/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c new file mode 100644 index 000000000000..b319d18bdb60 --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c @@ -0,0 +1,131 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Basic SEV boot tests. + * + * Copyright (C) 2021 Advanced Micro Devices + */ +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include +#include +#include +#include + +#include "test_util.h" + +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +#define VCPU_ID 2 +#define PAGE_STRIDE 32 + +#define SHARED_PAGES 8192 +#define SHARED_VADDR_MIN 0x1000000 + +#define PRIVATE_PAGES 2048 +#define PRIVATE_VADDR_MIN (SHARED_VADDR_MIN + SHARED_PAGES * PAGE_SIZE) + +#define TOTAL_PAGES (512 + SHARED_PAGES + PRIVATE_PAGES) + +#define NR_SYNCS 1 + +static void guest_run_loop(struct kvm_vcpu *vcpu) +{ + struct ucall uc; + int i; + + for (i = 0; i <= NR_SYNCS; ++i) { + vcpu_run(vcpu); + switch (get_ucall(vcpu, &uc)) { + case UCALL_SYNC: + continue; + case UCALL_DONE: + return; + case UCALL_ABORT: + TEST_ASSERT(false, "%s at %s:%ld\n\tvalues: %#lx, %#lx", + (const char *)uc.args[0], __FILE__, + uc.args[1], uc.args[2], uc.args[3]); + default: + TEST_ASSERT( + false, "Unexpected exit: %s", + exit_reason_str(vcpu->run->exit_reason)); + } + } +} + +static void __attribute__((__flatten__)) guest_sev_code(void) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t sev_status; + + GUEST_SYNC(1); + + cpuid(CPUID_MEM_ENC_LEAF, &eax, &ebx, &ecx, &edx); + GUEST_ASSERT(eax & (1 << 1)); + + sev_status = rdmsr(MSR_AMD64_SEV); + GUEST_ASSERT((sev_status & 0x1) == 1); + + GUEST_DONE(); +} + +static struct sev_vm *setup_test_common(void *guest_code, uint64_t policy, + struct kvm_vcpu **vcpu) +{ + uint8_t measurement[512]; + struct sev_vm *sev; + struct kvm_vm *vm; + int i; + + sev = sev_vm_create(policy, TOTAL_PAGES); + if (!sev) + return NULL; + vm = sev_get_vm(sev); + + /* Set up VCPU and initial guest kernel. */ + *vcpu = vm_vcpu_add(vm, VCPU_ID, guest_code); + kvm_vm_elf_load(vm, program_invocation_name); + + /* Allocations/setup done. Encrypt initial guest payload. */ + sev_vm_launch(sev); + + /* Dump the initial measurement. A test to actually verify it would be nice. */ + sev_vm_launch_measure(sev, measurement); + pr_info("guest measurement: "); + for (i = 0; i < 32; ++i) + pr_info("%02x", measurement[i]); + pr_info("\n"); + + sev_vm_launch_finish(sev); + + return sev; +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + struct sev_vm *sev; + struct kvm_vcpu *vcpu; + + sev = setup_test_common(guest_code, policy, &vcpu); + if (!sev) + return; + + /* Guest is ready to run. Do the tests. */ + guest_run_loop(vcpu); + + pr_info("guest ran successfully\n"); + + sev_vm_free(sev); +} + +int main(int argc, char *argv[]) +{ + /* SEV tests */ + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +}