From patchwork Thu Aug 10 23:59:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jing Zhang X-Patchwork-Id: 13349987 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1D3E6C001B0 for ; Thu, 10 Aug 2023 23:59:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID: Mime-Version:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=ECg3RSOFB1aQaVHWJH1YFg8PWsvLeS1UAyUidojmHC8=; b=5As JRTkQVblOlrbfj6HHRHY92SGwc2Q4q0bzOkSesroZM4mTBGjSWNTSu/UoWxq6qfsbJ0mililPvoXc z5HwZB1WnG2bHj0h0A/oRjHlRq4rQ9rVaCkZ8N32I5nbh3vCpvMLosHpZ+cEMK8MaR2++WWcGp1xd ++LRUHmcP5De7W0/8xFVG5vnUMFnHk0nLZvsQDCxY4Rz1qv77zq17fBi9I4pAlkewzhkCdOxvPXNs fCnYJVdfGcuHEkg7q1occcPBXtY6wZPVG1ZmReBtZevMBT/2MEMNcJ2zCQt9FXne1iq1GlQYSme6J A9gId1XRaPggDnfhSrX5R2hL9MqOzig==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1qUFYn-008wgS-1I; Thu, 10 Aug 2023 23:59:21 +0000 Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1qUFYk-008wfU-0V for linux-arm-kernel@lists.infradead.org; Thu, 10 Aug 2023 23:59:20 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d66c957e1b2so209687276.0 for ; Thu, 10 Aug 2023 16:59:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691711955; x=1692316755; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=/BoKZ32KwsxUQ3UINg4R8i6IlvYW9M8AXX0zSojGAm4=; b=0C3HF8qnle/LLeEH66fM9ig5ZdvKKo8LGdrshPLUpKYBXIr/96XMShFQ1U2AfPiwha /wsheGl1wc0AyqpGTzAkGBb3ZMiVTY88FhC8N/RQoBlNbxQyUaPKAbyHflv7uAltymkz Gvrsx1ph8sQ7neFRhQxOvLNQhg+794U8apnsN+yQbZe4tiOG4OwCnll9zMp/kKE0cuyx QL5EkI4DcohCwirFtGQlO/TJqXV8a9ee6W/fzgVs0AEv43nPHN3eE/IHrBzi8lGfAE1k 23B4dp8+tUnoOV8j9wuafqQT15TcuIjNMApn4vee2KYGStAyHNnBOKykuaIBfXzUXReB ebgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691711955; x=1692316755; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=/BoKZ32KwsxUQ3UINg4R8i6IlvYW9M8AXX0zSojGAm4=; b=YC+YGsBHlLeL97BpiOoBUcmzQghEPNDTgrTkQRkERLFynuvdRttBkgbWdABv6lOqyx wMIy8DEQw5CKSrVTfLKBfDYfyfKJgMb1JT5dsm+H6Z/MzuN0d0KJSQpDZb7GhaCka32R ZmW1LjthKoJrrotfv64MSDhOneYHRxQxP8+NOILyL6QZyQjV+Y2OahhTNTEJoez6WNdg VXgSiZijXoB7wfoCtNEgMcF8KGYmmBL5e/8OSNL/pP7brhfhcxCvULCpfvrztwtcGMHv vOhd7Y2GMNYJC6tYr8oBMBiOcbyzOYLFt3Jkak7mzdDG699ENa9ETHGaGNDAJWQguu3i skhA== X-Gm-Message-State: AOJu0YzoLe1SLLfqIxwuqFeEJyt6+qUrmOV6//OCGw6NH9rT6YQegZL8 DlEJMT12O9Id6sNo7aIRxNJOHO/ugXL5udNgZg== X-Google-Smtp-Source: AGHT+IEu7bAdifn1vdPJqKZTFQ2uPKUiyCCxasanbABXwq7F08t82WrqDy9YX8heD3VUzxxrV7CBhGCOKvxprS5Acw== X-Received: from jgzg.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:1acf]) (user=jingzhangos job=sendgmr) by 2002:a25:ef0b:0:b0:d01:60ec:d0e with SMTP id g11-20020a25ef0b000000b00d0160ec0d0emr3612ybd.9.1691711955639; Thu, 10 Aug 2023 16:59:15 -0700 (PDT) Date: Thu, 10 Aug 2023 16:59:12 -0700 Mime-Version: 1.0 X-Mailer: git-send-email 2.41.0.640.ga95def55d0-goog Message-ID: <20230810235912.3994457-1-jingzhangos@google.com> Subject: [PATCH v2] KVM: arm64: selftests: Test pointer authentication support in KVM guest From: Jing Zhang To: KVM , KVMARM , ARMLinux , Marc Zyngier , Oliver Upton Cc: Paolo Bonzini , James Morse , Suzuki K Poulose , Zenghui Yu , Jing Zhang X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230810_165918_243211_F4BE7E12 X-CRM114-Status: GOOD ( 20.25 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Verify the KVM guest PAuth support on H/W with FEAT_PAuth. This test will be skipped on H/W without FEAT_PAuth. Following PAuth instructions are tested: paciza, pacizb, pacdza, pacdzb, autiza, autizb, autdza, autdzb, pacga, xpaclri, xpaci, xpacd It also shows the implemented algorithm for both address authentication and generic code authentication. Signed-off-by: Jing Zhang --- tools/arch/arm64/include/asm/sysreg.h | 5 + tools/testing/selftests/kvm/Makefile | 5 + .../selftests/kvm/aarch64/pauth_test.c | 511 ++++++++++++++++++ .../selftests/kvm/include/aarch64/processor.h | 2 + 4 files changed, 523 insertions(+) create mode 100644 tools/testing/selftests/kvm/aarch64/pauth_test.c base-commit: 52a93d39b17dc7eb98b6aa3edb93943248e03b2f diff --git a/tools/arch/arm64/include/asm/sysreg.h b/tools/arch/arm64/include/asm/sysreg.h index 7640fa27be94..9d903eb8388c 100644 --- a/tools/arch/arm64/include/asm/sysreg.h +++ b/tools/arch/arm64/include/asm/sysreg.h @@ -179,6 +179,7 @@ #define SYS_ID_AA64ISAR0_EL1 sys_reg(3, 0, 0, 6, 0) #define SYS_ID_AA64ISAR1_EL1 sys_reg(3, 0, 0, 6, 1) +#define SYS_ID_AA64ISAR2_EL1 sys_reg(3, 0, 0, 6, 2) #define SYS_ID_AA64MMFR0_EL1 sys_reg(3, 0, 0, 7, 0) #define SYS_ID_AA64MMFR1_EL1 sys_reg(3, 0, 0, 7, 1) @@ -764,6 +765,10 @@ #define ID_AA64ISAR1_GPI_NI 0x0 #define ID_AA64ISAR1_GPI_IMP_DEF 0x1 +/* id_aa64isar2 */ +#define ID_AA64ISAR2_APA3_SHIFT 12 +#define ID_AA64ISAR2_GPA3_SHIFT 8 + /* id_aa64pfr0 */ #define ID_AA64PFR0_CSV3_SHIFT 60 #define ID_AA64PFR0_CSV2_SHIFT 56 diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index c692cc86e7da..0fe40fcb02ec 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -143,6 +143,7 @@ TEST_GEN_PROGS_aarch64 += aarch64/debug-exceptions TEST_GEN_PROGS_aarch64 += aarch64/get-reg-list TEST_GEN_PROGS_aarch64 += aarch64/hypercalls TEST_GEN_PROGS_aarch64 += aarch64/page_fault_test +TEST_GEN_PROGS_aarch64 += aarch64/pauth_test TEST_GEN_PROGS_aarch64 += aarch64/psci_test TEST_GEN_PROGS_aarch64 += aarch64/smccc_filter TEST_GEN_PROGS_aarch64 += aarch64/vcpu_width_config @@ -212,6 +213,10 @@ ifeq ($(ARCH),s390) CFLAGS += -march=z10 endif +ifeq ($(ARCH),arm64) + CFLAGS += -march=armv8.3-a +endif + no-pie-option := $(call try-run, echo 'int main(void) { return 0; }' | \ $(CC) -Werror $(CFLAGS) -no-pie -x c - -o "$$TMP", -no-pie) diff --git a/tools/testing/selftests/kvm/aarch64/pauth_test.c b/tools/testing/selftests/kvm/aarch64/pauth_test.c new file mode 100644 index 000000000000..c40c59e4139a --- /dev/null +++ b/tools/testing/selftests/kvm/aarch64/pauth_test.c @@ -0,0 +1,511 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * pauth_test - Test for KVM guest pointer authentication. + * Following PAuth instructions are tested: + * paciza, pacizb, pacdza, pacdzb, autiza, autizb, autdza, autdzb, + * pacga, xpaclri, xpaci, xpacd + * It also shows the implemented algorithm for both address authentication + * and generic code authentication. + * + * Copyright (c) 2023 Google LLC. + * + */ + +#define _GNU_SOURCE + +#include + +#include "kvm_util.h" +#include "processor.h" +#include "test_util.h" + +#define KEY1_LO 0x0123456789abcdefUL +#define KEY1_HI 0x123456789abcdef0UL +#define KEY2_LO 0x23456789abcdef01UL +#define KEY2_HI 0x3456789abcdef012UL +#define KEY3_LO 0x456789abcdef0123UL +#define KEY3_HI 0x56789abcdef01234UL +#define KEY4_LO 0x6789abcdef012345UL +#define KEY4_HI 0x789abcdef0123456UL +#define KEY5_LO 0x89abcdef01234567UL +#define KEY5_HI 0x9abcdef012345678UL + +enum uc_args { + WAIT_MIGRATION, + ADDR_PAUTH_ALGO, + GENERIC_PAUTH_ALGO, + FAIL_GUEST_PAUTH, +}; + +enum pauth_algo { + QARMA5, + QARMA3, + PACIMP, + NOALGO, +}; + +static const char *const algo_string[] = { + "QARMA5", "QARMA3", "PACIMP", "Undefined", +}; + +#define DEFINE_SIGN_FUNC(INSTR) \ + static size_t INSTR##_sign(size_t ptr) \ + { \ + __asm__ __volatile__( \ + #INSTR" %[p]" \ + : [p] "+r" (ptr) \ + ); \ + return ptr; \ + } + +DEFINE_SIGN_FUNC(paciza) +DEFINE_SIGN_FUNC(pacizb) +DEFINE_SIGN_FUNC(pacdza) +DEFINE_SIGN_FUNC(pacdzb) + +static size_t pacga_sign(size_t ptr) +{ + size_t dest = 0; + + __asm__ __volatile__( + "pacga %[d], %[p], %[m]" + : [d] "=r" (dest) + : [p] "r" (ptr), [m] "r" (0) + ); + + return dest; +} + +#define DEFINE_AUTH_STRIP_FUNC(AUTH, STRIP) \ + static size_t AUTH##_auth_##STRIP##_strip(size_t ptr) \ + { \ + __asm__ __volatile__( \ + #AUTH" %[p]\n" \ + #STRIP" %[p]\n" \ + : [p] "+r" (ptr) \ + ); \ + return ptr; \ + } + +DEFINE_AUTH_STRIP_FUNC(autiza, xpaci) +DEFINE_AUTH_STRIP_FUNC(autizb, xpaci) +DEFINE_AUTH_STRIP_FUNC(autdza, xpacd) +DEFINE_AUTH_STRIP_FUNC(autdzb, xpacd) + +#define GUEST_ALGO(type, algo) GUEST_SYNC_ARGS(type, algo, 0, 0, 0) + +static void check_pauth_algorithms(void) +{ + uint64_t isar1 = read_sysreg_s(SYS_ID_AA64ISAR1_EL1); + uint64_t isar2 = read_sysreg_s(SYS_ID_AA64ISAR2_EL1); + enum pauth_algo algo; + + /* Check generic authentication algorithm */ + if (isar1 & ARM64_FEATURE_MASK(ID_AA64ISAR1_GPI)) + algo = PACIMP; + else if (isar1 & ARM64_FEATURE_MASK(ID_AA64ISAR1_GPA)) + algo = QARMA5; + else if (isar2 & ARM64_FEATURE_MASK(ID_AA64ISAR2_GPA3)) + algo = QARMA3; + else + algo = NOALGO; + + GUEST_ALGO(GENERIC_PAUTH_ALGO, algo); + + /* Check address authentication algorithm */ + if (isar1 & ARM64_FEATURE_MASK(ID_AA64ISAR1_API)) + algo = PACIMP; + else if (isar1 & ARM64_FEATURE_MASK(ID_AA64ISAR1_APA)) + algo = QARMA5; + else if (isar2 & ARM64_FEATURE_MASK(ID_AA64ISAR2_APA3)) + algo = QARMA3; + else + algo = NOALGO; + + GUEST_ALGO(ADDR_PAUTH_ALGO, algo); +} + +/* Setup PAuth keys and check their retainability */ +static void check_keys_retainable(void) +{ + bool retainable = true; + + /* Address */ + write_sysreg_s(KEY1_LO, SYS_APIAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APIAKEYHI_EL1); + write_sysreg_s(KEY2_LO, SYS_APIBKEYLO_EL1); + write_sysreg_s(KEY2_HI, SYS_APIBKEYHI_EL1); + /* Data */ + write_sysreg_s(KEY3_LO, SYS_APDAKEYLO_EL1); + write_sysreg_s(KEY3_HI, SYS_APDAKEYHI_EL1); + write_sysreg_s(KEY4_LO, SYS_APDBKEYLO_EL1); + write_sysreg_s(KEY4_HI, SYS_APDBKEYHI_EL1); + /* Generic */ + write_sysreg_s(KEY5_LO, SYS_APGAKEYLO_EL1); + write_sysreg_s(KEY5_HI, SYS_APGAKEYHI_EL1); + isb(); + + GUEST_SYNC(WAIT_MIGRATION); + + /* Address */ + retainable = retainable && (read_sysreg_s(SYS_APIAKEYLO_EL1) == KEY1_LO); + retainable = retainable && (read_sysreg_s(SYS_APIAKEYHI_EL1) == KEY1_HI); + retainable = retainable && (read_sysreg_s(SYS_APIBKEYLO_EL1) == KEY2_LO); + retainable = retainable && (read_sysreg_s(SYS_APIBKEYHI_EL1) == KEY2_HI); + /* Data */ + retainable = retainable && (read_sysreg_s(SYS_APDAKEYLO_EL1) == KEY3_LO); + retainable = retainable && (read_sysreg_s(SYS_APDAKEYHI_EL1) == KEY3_HI); + retainable = retainable && (read_sysreg_s(SYS_APDBKEYLO_EL1) == KEY4_LO); + retainable = retainable && (read_sysreg_s(SYS_APDBKEYHI_EL1) == KEY4_HI); + /* Generic */ + retainable = retainable && (read_sysreg_s(SYS_APGAKEYLO_EL1) == KEY5_LO); + retainable = retainable && (read_sysreg_s(SYS_APGAKEYHI_EL1) == KEY5_HI); + + GUEST_ASSERT(retainable); +} + +#define ADDR_START 0x8000 +#define ADDR_END 0x8008 + +static void test_same_keys(void) +{ + /* Set the same keys */ + write_sysreg_s(KEY1_LO, SYS_APIAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APIAKEYHI_EL1); + write_sysreg_s(KEY1_LO, SYS_APIBKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APIBKEYHI_EL1); + write_sysreg_s(KEY1_LO, SYS_APDAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APDAKEYHI_EL1); + write_sysreg_s(KEY1_LO, SYS_APDBKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APDBKEYHI_EL1); + isb(); + + /* Same algorithm, same address, same keys should have same PAC */ + for (size_t i = ADDR_START; i < ADDR_END; i++) { + /* Assert if the PAuth instruction did nothing */ + GUEST_ASSERT(paciza_sign(i) != i); + + GUEST_ASSERT(paciza_sign(i) == pacizb_sign(i)); + GUEST_ASSERT(paciza_sign(i) == pacdza_sign(i)); + GUEST_ASSERT(paciza_sign(i) == pacdzb_sign(i)); + } +} + +static void test_different_keys(void) +{ + write_sysreg_s(KEY1_LO, SYS_APIAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APIAKEYHI_EL1); + write_sysreg_s(KEY2_LO, SYS_APIBKEYLO_EL1); + write_sysreg_s(KEY2_HI, SYS_APIBKEYHI_EL1); + write_sysreg_s(KEY3_LO, SYS_APDAKEYLO_EL1); + write_sysreg_s(KEY3_HI, SYS_APDAKEYHI_EL1); + write_sysreg_s(KEY4_LO, SYS_APDBKEYLO_EL1); + write_sysreg_s(KEY4_HI, SYS_APDBKEYHI_EL1); + isb(); + + /* Same algorithm, same address, different keys should have different PAc */ + for (size_t i = ADDR_START; i < ADDR_END; i++) { + /* Assert if the PAuth instruction did nothing */ + GUEST_ASSERT(paciza_sign(i) != i); + + GUEST_ASSERT(paciza_sign(i) != pacizb_sign(i)); + GUEST_ASSERT(paciza_sign(i) != pacdza_sign(i)); + GUEST_ASSERT(paciza_sign(i) != pacdzb_sign(i)); + } +} + +static void test_generic_sign(void) +{ + size_t ga_signs[ADDR_END - ADDR_START]; + size_t i; + + write_sysreg_s(KEY1_LO, SYS_APGAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APGAKEYHI_EL1); + isb(); + + for (i = ADDR_START; i < ADDR_END; i++) { + ga_signs[i - ADDR_START] = pacga_sign(i); + /* Assert if the PAuth instruction did nothing */ + GUEST_ASSERT(ga_signs[i - ADDR_START] != i); + } + + write_sysreg_s(KEY5_LO, SYS_APGAKEYLO_EL1); + write_sysreg_s(KEY5_HI, SYS_APGAKEYHI_EL1); + isb(); + + /* Different key should have different sign */ + for (i = ADDR_START; i < ADDR_END; i++) { + /* Assert if the PAuth instruction did nothing */ + GUEST_ASSERT(pacga_sign(i) != i); + GUEST_ASSERT(pacga_sign(i) != ga_signs[i - ADDR_START]); + } +} + +static void test_ia_auth_strip(void) +{ + size_t ptr = ADDR_START; + + write_sysreg_s(KEY2_LO, SYS_APIAKEYLO_EL1); + write_sysreg_s(KEY2_HI, SYS_APIAKEYHI_EL1); + isb(); + + ptr = paciza_sign(ptr); + + write_sysreg_s(KEY1_LO, SYS_APIAKEYLO_EL1); + write_sysreg_s(KEY1_HI, SYS_APIAKEYHI_EL1); + isb(); + + /* + * Since key has changed, the authentication would fail and be trapped. + * In the trap handler, the pauth would be disabled to avoid future trap + * for auth failure. + */ + ptr = autiza_auth_xpaci_strip(ptr); + + /* Assert if the strip instruction didn't work */ + GUEST_ASSERT(ptr == ADDR_START); +} + +static void test_ib_auth_strip(void) +{ + size_t ptr = ADDR_START; + + write_sysreg_s(KEY3_LO, SYS_APIBKEYLO_EL1); + write_sysreg_s(KEY3_HI, SYS_APIBKEYHI_EL1); + isb(); + + ptr = pacizb_sign(ptr); + + write_sysreg_s(KEY2_LO, SYS_APIBKEYLO_EL1); + write_sysreg_s(KEY2_HI, SYS_APIBKEYHI_EL1); + isb(); + + /* + * Since key has changed, the authentication would fail and be trapped. + * In the trap handler, the pauth would be disabled to avoid future trap + * for auth failure. + */ + ptr = autizb_auth_xpaci_strip(ptr); + + /* Assert if the strip instruction didn't work */ + GUEST_ASSERT(ptr == ADDR_START); +} + +static void test_da_auth_strip(void) +{ + size_t ptr = ADDR_START; + + write_sysreg_s(KEY4_LO, SYS_APDAKEYLO_EL1); + write_sysreg_s(KEY4_HI, SYS_APDAKEYHI_EL1); + isb(); + + ptr = pacdza_sign(ptr); + + write_sysreg_s(KEY3_LO, SYS_APDAKEYLO_EL1); + write_sysreg_s(KEY3_HI, SYS_APDAKEYHI_EL1); + isb(); + + /* + * Since key has changed, the authentication would fail and be trapped. + * In the trap handler, the pauth would be disabled to avoid future trap + * for auth failure. + */ + ptr = autdza_auth_xpacd_strip(ptr); + + /* Assert if the strip instruction didn't work */ + GUEST_ASSERT(ptr == ADDR_START); +} + +static void test_db_auth_strip(void) +{ + size_t ptr = ADDR_START; + + write_sysreg_s(KEY5_LO, SYS_APDBKEYLO_EL1); + write_sysreg_s(KEY5_HI, SYS_APDBKEYHI_EL1); + isb(); + + ptr = pacdzb_sign(ptr); + + write_sysreg_s(KEY4_LO, SYS_APDBKEYLO_EL1); + write_sysreg_s(KEY4_HI, SYS_APDBKEYHI_EL1); + isb(); + + /* + * Since key has changed, the authentication would fail and be trapped. + * In the trap handler, the pauth would be disabled to avoid future trap + * for auth failure. + */ + ptr = autdzb_auth_xpacd_strip(ptr); + + /* Assert if the strip instruction didn't work */ + GUEST_ASSERT(ptr == ADDR_START); +} + +static void test_auth_strip(void) +{ + test_ia_auth_strip(); + test_ib_auth_strip(); + test_da_auth_strip(); + test_db_auth_strip(); + + /* + * If all authentication instructions have failed, the PAuth enable bits + * in SCTLR should have been cleared in the trap handler. + * Otherwise, the auth instructions didn't work as expected. + */ + if (read_sysreg(sctlr_el1) & + (SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | SCTLR_ELx_ENDA | SCTLR_ELx_ENDB)) + GUEST_ASSERT(0); +} + +static void guest_code(void) +{ + uint64_t sctlr = read_sysreg(sctlr_el1); + + check_pauth_algorithms(); + check_keys_retainable(); + + /* Enable PAuth */ + sctlr |= SCTLR_ELx_ENIA | SCTLR_ELx_ENIB | SCTLR_ELx_ENDA | SCTLR_ELx_ENDB; + write_sysreg(sctlr, sctlr_el1); + isb(); + + test_same_keys(); + test_different_keys(); + test_generic_sign(); + test_auth_strip(); + + GUEST_DONE(); +} + +/* Guest will get an unknown exception (UNDEF) if guest PAuth is not enabled. */ +static void guest_unknown_handler(struct ex_regs *regs) +{ + GUEST_SYNC(FAIL_GUEST_PAUTH); + GUEST_DONE(); +} + +/* Guest will get a FPAC exception if KVM support guest PAuth */ +static void guest_fpac_handler(struct ex_regs *regs) +{ + uint64_t sctlr = read_sysreg(sctlr_el1); + + if (sctlr & SCTLR_ELx_ENIA) { + sctlr &= ~SCTLR_ELx_ENIA; + write_sysreg(sctlr, sctlr_el1); + isb(); + } else if (sctlr & SCTLR_ELx_ENIB) { + sctlr &= ~SCTLR_ELx_ENIB; + write_sysreg(sctlr, sctlr_el1); + isb(); + } else if (sctlr & SCTLR_ELx_ENDA) { + sctlr &= ~SCTLR_ELx_ENDA; + write_sysreg(sctlr, sctlr_el1); + isb(); + } else if (sctlr & SCTLR_ELx_ENDB) { + sctlr &= ~SCTLR_ELx_ENDB; + write_sysreg(sctlr, sctlr_el1); + isb(); + } +} + +int main(void) +{ + struct kvm_vcpu_init init; + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct ucall uc; + cpu_set_t cpu_mask; + bool guest_done = false; + + TEST_REQUIRE(kvm_has_cap(KVM_CAP_ARM_PTRAUTH_ADDRESS)); + TEST_REQUIRE(kvm_has_cap(KVM_CAP_ARM_PTRAUTH_GENERIC)); + + vm = vm_create(1); + + vm_ioctl(vm, KVM_ARM_PREFERRED_TARGET, &init); + init.features[0] |= ((1 << KVM_ARM_VCPU_PTRAUTH_ADDRESS) | + (1 << KVM_ARM_VCPU_PTRAUTH_GENERIC)); + + vcpu = aarch64_vcpu_add(vm, 0, &init, guest_code); + + vm_init_descriptor_tables(vm); + vcpu_init_descriptor_tables(vcpu); + + vm_install_sync_handler(vm, VECTOR_SYNC_CURRENT, + ESR_EC_UNKNOWN, guest_unknown_handler); + vm_install_sync_handler(vm, VECTOR_SYNC_CURRENT, + ESR_EC_FPAC, guest_fpac_handler); + + ksft_print_header(); + ksft_set_plan(3); + + while (!guest_done) { + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + break; + case UCALL_SYNC: + switch (uc.args[1]) { + case WAIT_MIGRATION: + sched_getaffinity(0, sizeof(cpu_mask), &cpu_mask); + CPU_CLR(sched_getcpu(), &cpu_mask); + sched_setaffinity(0, sizeof(cpu_mask), &cpu_mask); + break; + case FAIL_GUEST_PAUTH: + /* + * KVM has already claimed that both itself and + * HW support PAuth, but the guest still got the + * UNDEF with PAuth instruction. + * Usually this shouldn't happen unless KVM + * screwed up the emulation somehow or the PAuth + * was not enabled for the guest. + */ + TEST_FAIL("Geust PAuth was not enabled!\n"); + break; + case GENERIC_PAUTH_ALGO: { + enum pauth_algo algo = uc.args[2]; + + if (algo == NOALGO) { + ksft_print_msg("Make sure the VCPU feature is enabled:\n"); + ksft_print_msg("KVM_ARM_VCPU_PTRAUTH_GENERIC\n"); + TEST_FAIL("No generic PAuth algorithm in guest!\n"); + } + + ksft_test_result_pass("Generic PAuth Algorithm: %s\n", + algo_string[algo]); + break; + } + case ADDR_PAUTH_ALGO: { + enum pauth_algo algo = uc.args[2]; + + if (algo == NOALGO) { + ksft_print_msg("Make sure the VCPU feature is enabled:\n"); + ksft_print_msg("KVM_ARM_VCPU_PTRAUTH_ADDRESS\n"); + TEST_FAIL("No address PAuth algorithm in guest!\n"); + } + + ksft_test_result_pass("Address PAuth Algorithm: %s\n", + algo_string[algo]); + break; + } + default: + ksft_print_msg("Unexpected guest sync arg: 0x%016llx\n", + uc.args[1]); + break; + } + break; + case UCALL_DONE: + ksft_test_result_pass("Guest PAuth\n"); + guest_done = true; + break; + default: + TEST_FAIL("Unexpected ucall: %lu", uc.cmd); + } + } + + ksft_finished(); + kvm_vm_free(vm); +} diff --git a/tools/testing/selftests/kvm/include/aarch64/processor.h b/tools/testing/selftests/kvm/include/aarch64/processor.h index cb537253a6b9..f8d541af9c06 100644 --- a/tools/testing/selftests/kvm/include/aarch64/processor.h +++ b/tools/testing/selftests/kvm/include/aarch64/processor.h @@ -104,7 +104,9 @@ enum { #define ESR_EC_SHIFT 26 #define ESR_EC_MASK (ESR_EC_NUM - 1) +#define ESR_EC_UNKNOWN 0x00 #define ESR_EC_SVC64 0x15 +#define ESR_EC_FPAC 0x1c #define ESR_EC_IABT 0x21 #define ESR_EC_DABT 0x25 #define ESR_EC_HW_BP_CURRENT 0x31