From patchwork Fri Feb 23 00:42:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568399 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E9F13C47DD9 for ; Fri, 23 Feb 2024 00:43:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=38vuBdR+FSE14+MfjN/64JXWl+g5qx7qzNp0QVIVBcA=; b=pgxfH2zd47nTKc /L/yZ6K2L/lMTpQve+Ht/FK0q2K0x8RZhokCPjS+0z/dAq+oNaaTOvmRlVywfsy1WDXAgMt5TEd8r YOCB5argr0LGxLQ2iaU2Ngh2SlUNBfwnRLdkZ29Zr8WmBV54BlOcFDXs0NqNHh+HJSZwFFARsDLR/ jRkR3ooHCmXRaclC9ZOsdlmOtXpyo7gL6GkgvGlR3ypYB+hCVlgINJ1P2WShS6w0z0SZEQsGFGccX RkFbNx3sai7/88ho2PdJa5zIIQBFLeOqKMWGNDx4N6V2mB46nULlwJ2PP9rdHq5deMhYd+7+c9RIn 20baiI+iVi4f7LrVDKtQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJel-00000007DtP-1A8d; Fri, 23 Feb 2024 00:43:15 +0000 Received: from mail-pl1-x649.google.com ([2607:f8b0:4864:20::649]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJeg-00000007Do6-2Y62 for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:12 +0000 Received: by mail-pl1-x649.google.com with SMTP id d9443c01a7336-1dc5c7b0399so2820245ad.2 for ; Thu, 22 Feb 2024 16:43:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648983; x=1709253783; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=S8c8bYa8F6WSgYnQg5Ml3mIasYavsfmgJ65i8xz9FOg=; b=smtQAPvFgZ3msXZbZXey+NdaEzFERKPM3evHRsIV/E8zeolup7W754dvqnIa/XNCn5 xGHX9iC4ZJ6P4ZkHA8Qi1Tioy3YC8z5PAZ86kgDjjk6BgyXCj8QhhW1KbYJThdiURG+X BxOk9DUWsqk417OmX0NfmACtYEK/hNUikKHNgDyfkfp0tshZ7fhIpVZ1iNzW+QFBJ0bq RqJUhLC4600w1S31RsVOkYAqgImAqIv7pGndmJWnQDkoo9sFypPTrVzMrcpEG7Tujeha WhOWczfxzhuiflF3ICKH0TC60jJNKeaY3kVxDtb0utuW+SLhy111yRWXA5sxIxd+RYb9 BNvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648983; x=1709253783; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=S8c8bYa8F6WSgYnQg5Ml3mIasYavsfmgJ65i8xz9FOg=; b=Chc14/4V9jkKGiq/5N5QR7rljJ8GB5EZ5sk9oALFTjS2w+DP3LXm5bcR6g0G86zGTn ENDs1cNYnQGjlw2FVHv0yIxQNARjSTC66F4E2TgXDGbA2UUYNj93RCWthLWJiKVG6tRr PDTxIYLFcDIrERumRnF1eq3o6Ve7Vw+gM2sFzbeKXu6H43ig0xL4FdhfkxC4JQ0zcBIU hyfnm9+w7Ftu7ww75QHF6l6ox7+gfI/Ch9M6GAUceL3HigS7SeL5v1QVBLiZSb43Mxzl CgJiMBumRHnQbpdLiBczfyAogaGzDKOLaOIPrymbAWpXhE+XOZWSyaWXwbItEy9IGW6u m7QQ== X-Forwarded-Encrypted: i=1; AJvYcCVd7bKoDwO8J6qTZ4FeoUdbYE9SVyXZ4euXzYY7F0T+zq1/D48iMw1hZr+eyrFuGLTFdJp7B9bY9ut1GraB3eFJ6l+LZGNW87IGewDcerqsoLg/1Wg= X-Gm-Message-State: AOJu0YyvPnojVmAUIlDrqCX96t052tAIIQth4Z/lfnLbsYuzAOkQM9Xw miN6EcitD9pA1BXX40ckA6O+B1F3nLSR+l2zywPnA7vOD6dl6f7DCvR4RjvFbqIkbS/F8UOLSMQ HQA== X-Google-Smtp-Source: AGHT+IEpcCEeeYEZT1g6/yIIR7SqlJXRiXUY/d+cOATbynjlJc6ZG004EnWI8Es0Ckg1caDaoicixhIztHg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d2d2:b0:1db:d810:89a5 with SMTP id n18-20020a170902d2d200b001dbd81089a5mr26791plc.0.1708648983559; Thu, 22 Feb 2024 16:43:03 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:48 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-2-seanjc@google.com> Subject: [PATCH v9 01/11] KVM: selftests: Extend VM creation's @shape to allow control of VM subtype From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164310_695633_8A2F7837 X-CRM114-Status: GOOD ( 12.30 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Carve out space in the @shape passed to the various VM creation helpers to allow using the shape to control the subtype of VM, e.g. to identify x86's SEV VMs (which are "regular" VMs as far as KVM is concerned). Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerley Tng Cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Tested-by: Carlos Bilbao Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/include/kvm_util_base.h | 9 +++++++-- tools/testing/selftests/kvm/lib/kvm_util.c | 1 + 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 070f250036fc..d9dc31af2f96 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -90,6 +90,7 @@ enum kvm_mem_region_type { struct kvm_vm { int mode; unsigned long type; + uint8_t subtype; int kvm_fd; int fd; unsigned int pgtable_levels; @@ -191,10 +192,14 @@ enum vm_guest_mode { }; struct vm_shape { - enum vm_guest_mode mode; - unsigned int type; + uint32_t type; + uint8_t mode; + uint8_t subtype; + uint16_t padding; }; +kvm_static_assert(sizeof(struct vm_shape) == sizeof(uint64_t)); + #define VM_TYPE_DEFAULT 0 #define VM_SHAPE(__mode) \ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 4994afbdab40..a53caf81eb87 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -276,6 +276,7 @@ struct kvm_vm *____vm_create(struct vm_shape shape) vm->mode = shape.mode; vm->type = shape.type; + vm->subtype = shape.subtype; vm->pa_bits = vm_guest_mode_params[vm->mode].pa_bits; vm->va_bits = vm_guest_mode_params[vm->mode].va_bits; From patchwork Fri Feb 23 00:42:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568413 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 22F86C54798 for ; Fri, 23 Feb 2024 00:44:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=AyHR3pkWZJfmPjGWPsKPyYvS/Ix9IjmcXwXrTbXsh3c=; b=EHdYlhROVZkyd+ N8jdRPvtYLxWY10Z4LHfTjQDrNNiELZb6IEjsJLE399sPvu/kbZfiCS1+kZGUA/une/O7hJ4mSW4s D7TbzGgXbxlMWgLcNj2TT7tpXGZxsdM4FYjWVsuvNHCCNvXKLTwFAmaLBGHRQydjfL2J+DJWRlGTO JMMj6E33XdwzDJzsFWnntPU1sHAg+iHCMXE5ENdwVRaW/blLG+w7jJ0APXtIka3aX7D9Cjlkhb7SV 2/cCnmEQDs3qOrARsE+oKs3FqCGeg7dvcasRAaMtnkXlr/kW578UWWIE+c/2TeNN/HA3XYJDAlCOE yLp4fEJ39Na0cBlBhcng==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJf6-00000007E9X-2ygj; Fri, 23 Feb 2024 00:43:44 +0000 Received: from mail-yb1-xb4a.google.com ([2607:f8b0:4864:20::b4a]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJeg-00000007DoI-4A1u for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:13 +0000 Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d9a541b720aso521436276.0 for ; Thu, 22 Feb 2024 16:43:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648985; x=1709253785; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=SI4FhPnJU4nZML1luEnjHNpkKZ26vwmW3AcD0Kd2orU=; b=GisrR1Rib6s8EigYoO4z5btNi06e0h1Xoj87fesKpbn6VsfbRP+I6ZZDVC25dDX5KX MX3bzWnUuyNOAWefvNNWfD2LJgxpNtRoBHcXSO/j/dvgxdMFwEJw4JyLgf5J6hWvfXGS jYhd9jqjzJu+QFONA7a+1kcaBjDZCZMYKDZIGiURAeVdD9BPTb8lOAgN6FZjTTDqDsJI pUrIjEybVnq/YrgDemDeDQ/p51VmyH3KctoC78+wNjgiwgyYsY5SzyfY0HuX+0l7N5gY C2VYfjD04bfViDwSU6rZ9FAoGd/tKk9eR3FKgX8mjUxsOEffrt3Bf7uFMWG72WXoiuA8 ZbOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648985; x=1709253785; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=SI4FhPnJU4nZML1luEnjHNpkKZ26vwmW3AcD0Kd2orU=; b=AwdCX0dQXs7j4xxzNRMaRrBE8Kxqs78cHkP9LJjbM0fJPEdRHjAKXn521PVi+KBrbd 0hGJPJm3Pz2mSrsUoe9PCEehhKLAL0FfZJElzQt19sG/1Cpd5Vah4G3zWIAJPuVO4nuE DiGkfK6xIv1LvWHpZ8iV8gUT6HLX1kxjtOAK1Hjgwz3fVbLTv94bK2S8r37xiwTPFwEh 8/669b6BFK4awuM2qeuZqc9qGHcpW9pmQPT41Mo0ogBWH5o8HF1+Nt8DGgEtbgFpJN/f wO537Ggb0w+F6MNKx5IKS6MaKqTP9R7vtQ76SJLbFzH2NcUwEuZ8fCdCyi4nmUunLx7s osPg== X-Forwarded-Encrypted: i=1; AJvYcCVQdHCwzGzoFtpUAX+5QfqocV9lCK+3mjS2EQwICUqwcJ1JGJ3Kboo9sp79hoyWOG2X3u+P7FHdqY2CSfQ2GsrrPQtKe6z1XXNYgObuX6OMBCLmx7k= X-Gm-Message-State: AOJu0YzHOr8YHSsq4Bcx1oVEfKynQDAdnxCNjzObv8mtaVbdV+eFR25S TiOqYh5zIbOvYWdKdsLAQ1o5FdUUDDTYpG7qAtr9ZwuUCi6CX6NhQUbM9vaK2cMzKfTHkzUqGQe CwQ== X-Google-Smtp-Source: AGHT+IHD3+7I/VQogICp+Lx2GunatcNelK6eH/6PzCNTKbWzTAqV/14Zod1Eg8Z5t3djgfTUa1EQyLDC2fY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:100b:b0:dc6:207e:e8b1 with SMTP id w11-20020a056902100b00b00dc6207ee8b1mr207570ybt.2.1708648985595; Thu, 22 Feb 2024 16:43:05 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:49 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-3-seanjc@google.com> Subject: [PATCH v9 02/11] KVM: selftests: Make sparsebit structs const where appropriate From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164311_090074_64D1012D X-CRM114-Status: GOOD ( 18.31 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Michael Roth Make all sparsebit struct pointers "const" where appropriate. This will allow adding a bitmap to track protected/encrypted physical memory that tests can access in a read-only fashion. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerley Tng Cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Tested-by: Carlos Bilbao Signed-off-by: Michael Roth Signed-off-by: Peter Gonda [sean: massage changelog] Signed-off-by: Sean Christopherson --- .../testing/selftests/kvm/include/sparsebit.h | 36 +++++++------- tools/testing/selftests/kvm/lib/sparsebit.c | 48 +++++++++---------- 2 files changed, 42 insertions(+), 42 deletions(-) diff --git a/tools/testing/selftests/kvm/include/sparsebit.h b/tools/testing/selftests/kvm/include/sparsebit.h index 12a9a4b9cead..fb5170d57fcb 100644 --- a/tools/testing/selftests/kvm/include/sparsebit.h +++ b/tools/testing/selftests/kvm/include/sparsebit.h @@ -30,26 +30,26 @@ typedef uint64_t sparsebit_num_t; struct sparsebit *sparsebit_alloc(void); void sparsebit_free(struct sparsebit **sbitp); -void sparsebit_copy(struct sparsebit *dstp, struct sparsebit *src); +void sparsebit_copy(struct sparsebit *dstp, const struct sparsebit *src); -bool sparsebit_is_set(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_set_num(struct sparsebit *sbit, +bool sparsebit_is_set(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_set_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -bool sparsebit_is_clear(struct sparsebit *sbit, sparsebit_idx_t idx); -bool sparsebit_is_clear_num(struct sparsebit *sbit, +bool sparsebit_is_clear(const struct sparsebit *sbit, sparsebit_idx_t idx); +bool sparsebit_is_clear_num(const struct sparsebit *sbit, sparsebit_idx_t idx, sparsebit_num_t num); -sparsebit_num_t sparsebit_num_set(struct sparsebit *sbit); -bool sparsebit_any_set(struct sparsebit *sbit); -bool sparsebit_any_clear(struct sparsebit *sbit); -bool sparsebit_all_set(struct sparsebit *sbit); -bool sparsebit_all_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_set(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *sbit); -sparsebit_idx_t sparsebit_next_set(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *sbit, sparsebit_idx_t prev); -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *sbit, +sparsebit_num_t sparsebit_num_set(const struct sparsebit *sbit); +bool sparsebit_any_set(const struct sparsebit *sbit); +bool sparsebit_any_clear(const struct sparsebit *sbit); +bool sparsebit_all_set(const struct sparsebit *sbit); +bool sparsebit_all_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *sbit); +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *sbit, sparsebit_idx_t prev); +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *sbit, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *sbit, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_set(struct sparsebit *sbitp, sparsebit_idx_t idx); @@ -62,9 +62,9 @@ void sparsebit_clear_num(struct sparsebit *sbitp, sparsebit_idx_t start, sparsebit_num_t num); void sparsebit_clear_all(struct sparsebit *sbitp); -void sparsebit_dump(FILE *stream, struct sparsebit *sbit, +void sparsebit_dump(FILE *stream, const struct sparsebit *sbit, unsigned int indent); -void sparsebit_validate_internal(struct sparsebit *sbit); +void sparsebit_validate_internal(const struct sparsebit *sbit); #ifdef __cplusplus } diff --git a/tools/testing/selftests/kvm/lib/sparsebit.c b/tools/testing/selftests/kvm/lib/sparsebit.c index 88cb6b84e6f3..cfed9d26cc71 100644 --- a/tools/testing/selftests/kvm/lib/sparsebit.c +++ b/tools/testing/selftests/kvm/lib/sparsebit.c @@ -202,7 +202,7 @@ static sparsebit_num_t node_num_set(struct node *nodep) /* Returns a pointer to the node that describes the * lowest bit index. */ -static struct node *node_first(struct sparsebit *s) +static struct node *node_first(const struct sparsebit *s) { struct node *nodep; @@ -216,7 +216,7 @@ static struct node *node_first(struct sparsebit *s) * lowest bit index > the index of the node pointed to by np. * Returns NULL if no node with a higher index exists. */ -static struct node *node_next(struct sparsebit *s, struct node *np) +static struct node *node_next(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -244,7 +244,7 @@ static struct node *node_next(struct sparsebit *s, struct node *np) * highest index < the index of the node pointed to by np. * Returns NULL if no node with a lower index exists. */ -static struct node *node_prev(struct sparsebit *s, struct node *np) +static struct node *node_prev(const struct sparsebit *s, struct node *np) { struct node *nodep = np; @@ -273,7 +273,7 @@ static struct node *node_prev(struct sparsebit *s, struct node *np) * subtree and duplicates the bit settings to the newly allocated nodes. * Returns the newly allocated copy of subtree. */ -static struct node *node_copy_subtree(struct node *subtree) +static struct node *node_copy_subtree(const struct node *subtree) { struct node *root; @@ -307,7 +307,7 @@ static struct node *node_copy_subtree(struct node *subtree) * index is within the bits described by the mask bits or the number of * contiguous bits set after the mask. Returns NULL if there is no such node. */ -static struct node *node_find(struct sparsebit *s, sparsebit_idx_t idx) +static struct node *node_find(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -393,7 +393,7 @@ static struct node *node_add(struct sparsebit *s, sparsebit_idx_t idx) } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_all_set(struct sparsebit *s) +bool sparsebit_all_set(const struct sparsebit *s) { /* * If any nodes there must be at least one bit set. Only case @@ -775,7 +775,7 @@ static void node_reduce(struct sparsebit *s, struct node *nodep) /* Returns whether the bit at the index given by idx, within the * sparsebit array is set or not. */ -bool sparsebit_is_set(struct sparsebit *s, sparsebit_idx_t idx) +bool sparsebit_is_set(const struct sparsebit *s, sparsebit_idx_t idx) { struct node *nodep; @@ -921,7 +921,7 @@ static inline sparsebit_idx_t node_first_clear(struct node *nodep, int start) * used by test cases after they detect an unexpected condition, as a means * to capture diagnostic information. */ -static void sparsebit_dump_internal(FILE *stream, struct sparsebit *s, +static void sparsebit_dump_internal(FILE *stream, const struct sparsebit *s, unsigned int indent) { /* Dump the contents of s */ @@ -969,7 +969,7 @@ void sparsebit_free(struct sparsebit **sbitp) * sparsebit_alloc(). It can though already have bits set, which * if different from src will be cleared. */ -void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) +void sparsebit_copy(struct sparsebit *d, const struct sparsebit *s) { /* First clear any bits already set in the destination */ sparsebit_clear_all(d); @@ -981,7 +981,7 @@ void sparsebit_copy(struct sparsebit *d, struct sparsebit *s) } /* Returns whether num consecutive bits starting at idx are all set. */ -bool sparsebit_is_set_num(struct sparsebit *s, +bool sparsebit_is_set_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_cleared; @@ -1005,14 +1005,14 @@ bool sparsebit_is_set_num(struct sparsebit *s, } /* Returns whether the bit at the index given by idx. */ -bool sparsebit_is_clear(struct sparsebit *s, +bool sparsebit_is_clear(const struct sparsebit *s, sparsebit_idx_t idx) { return !sparsebit_is_set(s, idx); } /* Returns whether num consecutive bits starting at idx are all cleared. */ -bool sparsebit_is_clear_num(struct sparsebit *s, +bool sparsebit_is_clear_num(const struct sparsebit *s, sparsebit_idx_t idx, sparsebit_num_t num) { sparsebit_idx_t next_set; @@ -1041,13 +1041,13 @@ bool sparsebit_is_clear_num(struct sparsebit *s, * value. Use sparsebit_any_set(), instead of sparsebit_num_set() > 0, * to determine if the sparsebit array has any bits set. */ -sparsebit_num_t sparsebit_num_set(struct sparsebit *s) +sparsebit_num_t sparsebit_num_set(const struct sparsebit *s) { return s->num_set; } /* Returns whether any bit is set in the sparsebit array. */ -bool sparsebit_any_set(struct sparsebit *s) +bool sparsebit_any_set(const struct sparsebit *s) { /* * Nodes only describe set bits. If any nodes then there @@ -1070,20 +1070,20 @@ bool sparsebit_any_set(struct sparsebit *s) } /* Returns whether all the bits in the sparsebit array are cleared. */ -bool sparsebit_all_clear(struct sparsebit *s) +bool sparsebit_all_clear(const struct sparsebit *s) { return !sparsebit_any_set(s); } /* Returns whether all the bits in the sparsebit array are set. */ -bool sparsebit_any_clear(struct sparsebit *s) +bool sparsebit_any_clear(const struct sparsebit *s) { return !sparsebit_all_set(s); } /* Returns the index of the first set bit. Abort if no bits are set. */ -sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_set(const struct sparsebit *s) { struct node *nodep; @@ -1097,7 +1097,7 @@ sparsebit_idx_t sparsebit_first_set(struct sparsebit *s) /* Returns the index of the first cleared bit. Abort if * no bits are cleared. */ -sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) +sparsebit_idx_t sparsebit_first_clear(const struct sparsebit *s) { struct node *nodep1, *nodep2; @@ -1151,7 +1151,7 @@ sparsebit_idx_t sparsebit_first_clear(struct sparsebit *s) /* Returns index of next bit set within s after the index given by prev. * Returns 0 if there are no bits after prev that are set. */ -sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1244,7 +1244,7 @@ sparsebit_idx_t sparsebit_next_set(struct sparsebit *s, /* Returns index of next bit cleared within s after the index given by prev. * Returns 0 if there are no bits after prev that are cleared. */ -sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear(const struct sparsebit *s, sparsebit_idx_t prev) { sparsebit_idx_t lowest_possible = prev + 1; @@ -1300,7 +1300,7 @@ sparsebit_idx_t sparsebit_next_clear(struct sparsebit *s, * and returns the index of the first sequence of num consecutively set * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_set_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1335,7 +1335,7 @@ sparsebit_idx_t sparsebit_next_set_num(struct sparsebit *s, * and returns the index of the first sequence of num consecutively cleared * bits. Returns a value of 0 of no such sequence exists. */ -sparsebit_idx_t sparsebit_next_clear_num(struct sparsebit *s, +sparsebit_idx_t sparsebit_next_clear_num(const struct sparsebit *s, sparsebit_idx_t start, sparsebit_num_t num) { sparsebit_idx_t idx; @@ -1583,7 +1583,7 @@ static size_t display_range(FILE *stream, sparsebit_idx_t low, * contiguous bits. This is done because '-' is used to specify command-line * options, and sometimes ranges are specified as command-line arguments. */ -void sparsebit_dump(FILE *stream, struct sparsebit *s, +void sparsebit_dump(FILE *stream, const struct sparsebit *s, unsigned int indent) { size_t current_line_len = 0; @@ -1681,7 +1681,7 @@ void sparsebit_dump(FILE *stream, struct sparsebit *s, * s. On error, diagnostic information is printed to stderr and * abort is called. */ -void sparsebit_validate_internal(struct sparsebit *s) +void sparsebit_validate_internal(const struct sparsebit *s) { bool error_detected = false; struct node *nodep, *prev = NULL; From patchwork Fri Feb 23 00:42:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568416 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 046B9C54E41 for ; Fri, 23 Feb 2024 00:45:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HRsJsn+GOylZuPDABgjgxGxbv2bUtZR9NiKUC4z4OnU=; b=AAtAacs7w/vZtb W5DaZO1BGkaedFatSibxUKmSPno8wFc21nTUsbvSbykzRx5+KzLqvOMrIi7yQS8agwuGzigZ86651 KFJabP3/JxFVwrM2NCIR0hptwgQs9967waUz/aplmHM82BiVkn+K6ccYbwUq+gLO0u1Dy7bkc71RT zewQnep9kEoqfLKvvqKUmE/GzA0FzzP5yYfug3ADYszoE9rRjhQ5MFqiq9rV9PMvEJJ4SWQmPWXp4 sBIF9bDH+QEDfggsrrHmrAXL3XP2hD0iXGhD9Sitg14ihHy9jIyiIpoeBxTn6RG96u5SnGml+9nF3 D+NTzSlgEGlGK/+UsM/w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJgT-00000007Ei8-0tLA; Fri, 23 Feb 2024 00:45:01 +0000 Received: from mail-pf1-x449.google.com ([2607:f8b0:4864:20::449]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJeh-00000007Doq-2C8f for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:16 +0000 Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-6e4597a3ff3so236317b3a.0 for ; Thu, 22 Feb 2024 16:43:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648987; x=1709253787; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=jhSBUfusWJ3ofLKWMGpg2YDRgo1XDnuJP2HRidQqwH4=; b=EVRQFYwZWLh0Yw8Qp4ksR19DJRYuKltIYM7FQ4nR26r9xOcx05GgCHEX0yLgtcBZza Kdq0Nit72SDS6sXLwrqKUf3FYuuDN/EpPrcpebEvVJuQuYID7eGlvs0Tquxl3myMwoEB YrhEpCUu8NCU/QsVoEH/6W3slpQ7fkVIgUZYICGtSDnApMdessE0bFm1MV+PQ6XqatBs dqoiMjc1DWyL9JNS4PWsT6wy+u4fMCiH/GM7OJ36icwwWVKnxPxCOXDUNFgqN6GUM6Nc T5OaeVVnGREkkjX3OOXjkJbsg+HHFy3cnquMLNKBLI6dLZZ7ReaU2WxvHu3Z+oUTZ17U gF5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648987; x=1709253787; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jhSBUfusWJ3ofLKWMGpg2YDRgo1XDnuJP2HRidQqwH4=; b=LuywSKXXJq9sPlFsnjr10zbDZ1WXN8QJ+fJr5km5EshqQ0x9VmRcYu1etqVbyiGuPH W4waGusAXaVp5L7atJvaJdAWBJdlem7dS+aG038j4rrJkpDxztWKKkStDGedNUf9Zobe 4d5ib2Y8FwJ3bV1R8Y4p99gLOP/Ovr/7G5HzaH7K1L3d/fu25KvG1y4rJb98uxtxDesJ d4RTjiqxNYAz651Jfc3KSIAhwKK4tsTa2E3o487oaNaSDAmlVgKUTsN3z7hlqvboJ79+ DTWN130E2C+MATCCGAmW/kVoCdWa7r6YgsMtG0qLhBo09V8bZEMx9gtlHNgiA5HFXlRh Zx9Q== X-Forwarded-Encrypted: i=1; AJvYcCXXONhQX2zq84R32Y/ianLCmbO4RLGlsF1ctmKBjEkJSh1C7VGMdOneOTvn5iTmc2FyxYxLuFUxUjWIWF80uVDhL+EqLHwaUd0kUvrmIF6LIuu75ZA= X-Gm-Message-State: AOJu0YzOwpLbFhdgMij17mbbCuXPwOVrhZYL+KRthnmJ0swmGLV93jY4 14NhQrqy+83gPb7VkN96V2VMHxNtaWuSrYDzlD/kGeS/W++cf1uUD1MIqr/+RS1pfx76Rjb1qwK kIw== X-Google-Smtp-Source: AGHT+IHIxuf373oGf69Al+lWSIf6Q+TRpWLvL/aYM1tJ8IvZSlPzsioXOjltEzRkvK0lvpvWJZPUowBn/iU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:22cd:b0:6e4:643e:e215 with SMTP id f13-20020a056a0022cd00b006e4643ee215mr24254pfj.3.1708648987517; Thu, 22 Feb 2024 16:43:07 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:50 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-4-seanjc@google.com> Subject: [PATCH v9 03/11] KVM: selftests: Add a macro to iterate over a sparsebit range From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164312_290529_89FD944B X-CRM114-Status: GOOD ( 12.18 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Ackerley Tng Add sparsebit_for_each_set_range() to allow iterator over a range of set bits in a range. This will be used by x86 SEV guests to process protected physical pages (each such page needs to be encrypted _after_ being "added" to the VM). Tested-by: Carlos Bilbao Signed-off-by: Ackerley Tng [sean: split to separate patch] Signed-off-by: Sean Christopherson --- .../testing/selftests/kvm/include/sparsebit.h | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tools/testing/selftests/kvm/include/sparsebit.h b/tools/testing/selftests/kvm/include/sparsebit.h index fb5170d57fcb..bc760761e1a3 100644 --- a/tools/testing/selftests/kvm/include/sparsebit.h +++ b/tools/testing/selftests/kvm/include/sparsebit.h @@ -66,6 +66,26 @@ void sparsebit_dump(FILE *stream, const struct sparsebit *sbit, unsigned int indent); void sparsebit_validate_internal(const struct sparsebit *sbit); +/* + * Iterate over an inclusive ranges within sparsebit @s. In each iteration, + * @range_begin and @range_end will take the beginning and end of the set + * range, which are of type sparsebit_idx_t. + * + * For example, if the range [3, 7] (inclusive) is set, within the + * iteration,@range_begin will take the value 3 and @range_end will take + * the value 7. + * + * Ensure that there is at least one bit set before using this macro with + * sparsebit_any_set(), because sparsebit_first_set() will abort if none + * are set. + */ +#define sparsebit_for_each_set_range(s, range_begin, range_end) \ + for (range_begin = sparsebit_first_set(s), \ + range_end = sparsebit_next_clear(s, range_begin) - 1; \ + range_begin && range_end; \ + range_begin = sparsebit_next_set(s, range_end), \ + range_end = sparsebit_next_clear(s, range_begin) - 1) + #ifdef __cplusplus } #endif From patchwork Fri Feb 23 00:42:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568415 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A5CEDC54798 for ; Fri, 23 Feb 2024 00:45:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=cojJPhk+ekBaagEgW+UijDNPa+0GodLAE8RJx7zYOdY=; b=nhAKzYy3+Z5pLi EkzwGN0mC3GEiPKVV2AK8A+E0rlX82nVBNalRC+ORF5Pgb45P+N9e2u3EZY36E8L4QWGl6gYdS4b8 YwbiJGQFnAEuqK36TIEIrJtrJcW4hCi/WM9lHnwHbTtCUyJANGjXi6Ic/OltACP+EM+D1xq4fVVab 9n/HuYGNOHhhUze103nzDQBSfcN4l1mlia7CH2/GZnmB/VGgi/FgY+YHoNXl3SQxo0+KXJ70qRTMF 3eHtxhjj0SYSr1Xnmv90YDSmcFnlZNXisiECA4S/XLXve3WnzxHpKJlYqK1da9A6ZqCgu3oY5W5rI aQY8HW6uTQgDheE8xv+Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJgO-00000007EeK-07uU; Fri, 23 Feb 2024 00:44:56 +0000 Received: from mail-yw1-x114a.google.com ([2607:f8b0:4864:20::114a]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJeh-00000007Dox-0KaG for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:16 +0000 Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-60832a48684so5526257b3.1 for ; Thu, 22 Feb 2024 16:43:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648989; x=1709253789; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=HqrOgwqdeyKlRqEiiRXs7cvS3neUx0UIcneX8OI5QMg=; b=4ObXghkZZW5IJN2CO0V3fykZIlPBGC3ejXoEqvjAaJQAVhYV5AOp/gbDb0fUHgEGSG KYKOSndE5lmQNB6GuMMAorBLMsjB5uq22Z8DRREP3ooBQ8XqhsOFRx5r/60vGrKG3OVD kVwI5vjBNUa/2nsqnOm+Q1vb+7/7t0PsT1OxJbzza6GuCXDh5PsV1LMPXNMvT3uk8kbV vLuEQTJ+nbQSY7I3NjB97cQZaHIG0anI7Jru91CnD6zfG300CVuSgGTzfLG45DS+DQgq ok2o9cFPI78sUK5xj2xQ9cr9S1TYswCUkJ+IqW26L+YCDA1d6CeUEwYo5Tc2YVGX/URs whdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648989; x=1709253789; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HqrOgwqdeyKlRqEiiRXs7cvS3neUx0UIcneX8OI5QMg=; b=YrciZAOJyU3wj6whMf7Rl/WY1Pfv72YA+9w4kwyJIZEsAcRpKsdBR+EVqYlLsHdSYJ uBaxrL0IvJqUnCwh0AHWeLNO29cqINXFAmPgzNdgIhXV3yl94zF1lAP2xylIKcHtUkuw INhJeMltAftXlYRKOBhxCsYY8p6uDjr4LYr2HuXK0ph7K/VCCrtQNwMYlKxK+mqdPdho BijukQ4rkDQjR/1AQNP04pdh7lCT90pPsJddWHY+dHr569rorwPOWj0XPfBMBWEHGR2X 5oaOezXKC4IbTrhAqKgAbpYuR4jfpiaWBt5sVhQhrjcm6EN5CJEHylnME5SHAugGVpCq fs5A== X-Forwarded-Encrypted: i=1; AJvYcCUlMW5D9XHYV64u6DzBvEG2J3e2DQ9bo+Bc+2KsMo6yQUceq9KY8eH6nF4cRNml844ivQkZ65P9ibbFjzP5uof7zYLjZ2aba2JJYSraNRC6pkV4ZRw= X-Gm-Message-State: AOJu0YxhXsW3gY5mUMZs5kmYD5zQVLh/7NBVlxghwyKILrET+xxHs1yC 9QNy/+bPrD0UACmOFYpfYA7hResXXUamzHh6aBn5SbZM9/KAtF212hh3YPo19rcOPVn72tO7X3r A+A== X-Google-Smtp-Source: AGHT+IHAocQThc2nDGuTHCVQAHxE7aFJD+GhXyIt2aJYre2j8M6mtpdSWTf/tdU8cZ1cYJDcvyTMlv2LL8I= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:181f:b0:dcc:94b7:a7a3 with SMTP id cf31-20020a056902181f00b00dcc94b7a7a3mr21587ybb.12.1708648989306; Thu, 22 Feb 2024 16:43:09 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:51 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-5-seanjc@google.com> Subject: [PATCH v9 04/11] KVM: selftests: Add support for allocating/managing protected guest memory From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164311_342136_F50D1E04 X-CRM114-Status: GOOD ( 15.82 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Add support for differentiating between protected (a.k.a. private, a.k.a. encrypted) memory and normal (a.k.a. shared) memory for VMs that support protected guest memory, e.g. x86's SEV. Provide and manage a common bitmap for tracking whether a given physical page resides in protected memory, as support for protected memory isn't x86 specific, i.e. adding a arch hook would be a net negative now, and in the future. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerley Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Reviewed-by: Itaru Kitayama Tested-by: Carlos Bilbao Originally-by: Michael Roth Signed-off-by: Peter Gonda Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson --- .../selftests/kvm/include/kvm_util_base.h | 25 +++++++++++++++++-- tools/testing/selftests/kvm/lib/kvm_util.c | 22 +++++++++++++--- 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index d9dc31af2f96..a82149305349 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -46,6 +46,7 @@ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ struct userspace_mem_region { struct kvm_userspace_memory_region2 region; struct sparsebit *unused_phy_pages; + struct sparsebit *protected_phy_pages; int fd; off_t offset; enum vm_mem_backing_src_type backing_src_type; @@ -573,6 +574,13 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, uint64_t guest_paddr, uint32_t slot, uint64_t npages, uint32_t flags, int guest_memfd_fd, uint64_t guest_memfd_offset); +#ifndef vm_arch_has_protected_memory +static inline bool vm_arch_has_protected_memory(struct kvm_vm *vm) +{ + return false; +} +#endif + void vm_mem_region_set_flags(struct kvm_vm *vm, uint32_t slot, uint32_t flags); void vm_mem_region_move(struct kvm_vm *vm, uint32_t slot, uint64_t new_gpa); void vm_mem_region_delete(struct kvm_vm *vm, uint32_t slot); @@ -836,10 +844,23 @@ const char *exit_reason_str(unsigned int exit_reason); vm_paddr_t vm_phy_page_alloc(struct kvm_vm *vm, vm_paddr_t paddr_min, uint32_t memslot); -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot); +vm_paddr_t __vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot, + bool protected); vm_paddr_t vm_alloc_page_table(struct kvm_vm *vm); +static inline vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot) +{ + /* + * By default, allocate memory as protected for VMs that support + * protected memory, as the majority of memory for such VMs is + * protected, i.e. using shared memory is effectively opt-in. + */ + return __vm_phy_pages_alloc(vm, num, paddr_min, memslot, + vm_arch_has_protected_memory(vm)); +} + /* * ____vm_create() does KVM_CREATE_VM and little else. __vm_create() also * loads the test binary into guest memory and creates an IRQ chip (x86 only). diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index a53caf81eb87..ea677aa019ef 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -717,6 +717,7 @@ static void __vm_mem_region_delete(struct kvm_vm *vm, vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION2, ®ion->region); sparsebit_free(®ion->unused_phy_pages); + sparsebit_free(®ion->protected_phy_pages); ret = munmap(region->mmap_start, region->mmap_size); TEST_ASSERT(!ret, __KVM_SYSCALL_ERROR("munmap()", ret)); if (region->fd >= 0) { @@ -1098,6 +1099,8 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, } region->unused_phy_pages = sparsebit_alloc(); + if (vm_arch_has_protected_memory(vm)) + region->protected_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, guest_paddr >> vm->page_shift, npages); region->region.slot = slot; @@ -1924,6 +1927,10 @@ void vm_dump(FILE *stream, struct kvm_vm *vm, uint8_t indent) region->host_mem); fprintf(stream, "%*sunused_phy_pages: ", indent + 2, ""); sparsebit_dump(stream, region->unused_phy_pages, 0); + if (region->protected_phy_pages) { + fprintf(stream, "%*sprotected_phy_pages: ", indent + 2, ""); + sparsebit_dump(stream, region->protected_phy_pages, 0); + } } fprintf(stream, "%*sMapped Virtual Pages:\n", indent, ""); sparsebit_dump(stream, vm->vpages_mapped, indent + 2); @@ -2025,6 +2032,7 @@ const char *exit_reason_str(unsigned int exit_reason) * num - number of pages * paddr_min - Physical address minimum * memslot - Memory region to allocate page from + * protected - True if the pages will be used as protected/private memory * * Output Args: None * @@ -2036,8 +2044,9 @@ const char *exit_reason_str(unsigned int exit_reason) * and their base address is returned. A TEST_ASSERT failure occurs if * not enough pages are available at or above paddr_min. */ -vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, - vm_paddr_t paddr_min, uint32_t memslot) +vm_paddr_t __vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, + vm_paddr_t paddr_min, uint32_t memslot, + bool protected) { struct userspace_mem_region *region; sparsebit_idx_t pg, base; @@ -2050,8 +2059,10 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, paddr_min, vm->page_size); region = memslot2region(vm, memslot); + TEST_ASSERT(!protected || region->protected_phy_pages, + "Region doesn't support protected memory"); + base = pg = paddr_min >> vm->page_shift; - do { for (; pg < base + num; ++pg) { if (!sparsebit_is_set(region->unused_phy_pages, pg)) { @@ -2070,8 +2081,11 @@ vm_paddr_t vm_phy_pages_alloc(struct kvm_vm *vm, size_t num, abort(); } - for (pg = base; pg < base + num; ++pg) + for (pg = base; pg < base + num; ++pg) { sparsebit_clear(region->unused_phy_pages, pg); + if (protected) + sparsebit_set(region->protected_phy_pages, pg); + } return base * vm->page_size; } From patchwork Fri Feb 23 00:42:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568423 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id DD207C54798 for ; Fri, 23 Feb 2024 00:49:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=2K5bdM2WtGyGOA4IiGvSFsZwjMVfpolKvXP07ldVgvA=; b=pECWhDWobqMYtY WRlcNpsfYYltZffBFF4abcIYF2rD1JsAtTJE40e2LBSzJP2nsZNNhUlx8SC5DaK0IHV/1MbX2ogSS GQ+tbqBVBAH0e3dgPJd08RGvvmu0gPovMV4oGfIigxuO0ivAIJdJawYKaC7Is9yL2CIXvM1lcmvL+ MDfzDSKjVAsavnsmNvImt7rIBmR4c9V41zdfdKWZftbm+29e/g69r2PMIK7gxwsLwSFv/27sedZwd vnEF55JJ/C1btsocr3NsanQ38pSc5b5SGh9QGUcxtapyXWYtvd8i5VxpOLX2JJz4uzPMv4OnKLbWe AccAzcgCCi7lS001fFfQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJje-00000007GIW-0fFK; Fri, 23 Feb 2024 00:48:25 +0000 Received: from casper.infradead.org ([2001:8b0:10b:1236::1]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJfq-00000007ELM-1lGD for linux-arm-kernel@bombadil.infradead.org; Fri, 23 Feb 2024 00:44:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:Cc:To:From:Subject: Message-ID:References:Mime-Version:In-Reply-To:Date:Reply-To:Sender: Content-Transfer-Encoding:Content-ID:Content-Description; bh=eb0yDEaAWass5g0hMAU4JrW6cOWG3HVfWM81wBHq82s=; b=pGJ5leWFV428cw9Ymp6uLbINy5 WHc6zbNp2SLbJSEqMK7vnuHIVI+DU3f+n1yaKMQ7HH/2yXBkAtDQx2wDQeybP49PQgoGFi6AiLKN3 vslHTB1w8K07zLaW4iowRK/xnaKpLROKE11yHmCI4oUmgVB7NJtl/4pKHfVN9hk6YiibxSEjqyzEN 6c//uLyxlo7R1qhIDlQjzTkmLQmQWyVYPyOu5HQG3XXjVC5J/pXgK35epVzppfFzyTIylgCg+hZA9 XkpBLmAgSc81zvdSPBKlZZ7/klmRbiRGMfjP3S2mwVV60Bt/jJHAaGr92cr7zj5FcfHatfr1rz5k3 guw7Y01g==; Received: from mail-yw1-x1149.google.com ([2607:f8b0:4864:20::1149]) by casper.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJfl-00000005DSt-3HEX for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:44:21 +0000 Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-6087ffdac8cso6390877b3.2 for ; Thu, 22 Feb 2024 16:44:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648991; x=1709253791; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=eb0yDEaAWass5g0hMAU4JrW6cOWG3HVfWM81wBHq82s=; b=FOA1bp52oowO0XY/95+gA8p12/pQX3+47v0zF20zxj5yVHlybeUpGt36WuEVs3VaNt VqW2sl3gXICNcRyLpeVaAkCraz7HQRQQ5GtmTvyP3dRABme4SqiH7NoTKp8wwpoNFFOO WdN1vYpvwx2tC23/DldiZnRWvZFE1qdAq7JptVh3Lz3TXugDB6D0ubZ4rQHt33uBdq9y Ik+esJ7SWOstTwtTRGksCFtV04Ki7xIVB/9azt4mz3mhQIEuHsN07xge1kwDAb6a+DYh RClTcFlDLBKaEBWzNMhvffgxKO8GcwEcOlbdA1t+f6ngCg6kOhUizIUNHslPYyYtFvlz SgUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648991; x=1709253791; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eb0yDEaAWass5g0hMAU4JrW6cOWG3HVfWM81wBHq82s=; b=D4vtZX/xnoNGSedxS19dYwdvfhZ65YCiaUXjGO0+4Z6F+/Nuw04z3Krjt3FSP+mvLd 6AG6I0a2OvnzXvPHN74KVjm75bEFfA/Sfx49/hNrmByawm8bwLaJbXus7anr7YCI2D5S WbuxRNjIcpflMXxmb4EBZefquzfWRNwlE6rEEjFq2yCskjX5b208zDqJ624pFKOilfNr +/0v94c4vDDkVG2SSDbR5rI1i26ol7z8gETf2aovgRb+GespZ9R3saknpPqqBFid/VLl 1hmJsngeu0riCT69vp4RuUhtqE+F4nW3KZreX833KkFEU0y9hRx8zyJl2jNgnXKiC7DV WW8g== X-Forwarded-Encrypted: i=1; AJvYcCVqHB+Ja4Huj6G2dA0c2ltgimA5hbF6cm1dkPgWeFzk58bdmmkSpr/hXWXwy6G5b6kOn8VIztXBOPB+Wfr5z1JL/TgdWDe5Q7hJj3A1m7inS762nbs= X-Gm-Message-State: AOJu0YwKgu14tMqxtq4v7O+A/WIim5M3g5RHZr8a8mChEdLAwcjaQf5U fDCYlcn3svhXu6D5UG1vrepFyMZBbIdcStV8smvMgYYGwvFuK9S8gfPecQlMTXeYr16lIEIh7Qx BOg== X-Google-Smtp-Source: AGHT+IEvW2bccUqWBEeaPsTnJwBxNY/mUnw/8/lv9jsw5DgwqMPifxEtIyNZjQiEUvn62uClAIUzEpQ2hsE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1007:b0:dc7:48ce:d17f with SMTP id w7-20020a056902100700b00dc748ced17fmr187858ybt.10.1708648991200; Thu, 22 Feb 2024 16:43:11 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:52 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-6-seanjc@google.com> Subject: [PATCH v9 05/11] KVM: selftests: Add support for protected vm_vaddr_* allocations From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240223_004417_838524_A986740D X-CRM114-Status: GOOD ( 10.99 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Michael Roth Test programs may wish to allocate shared vaddrs for things like sharing memory with the guest. Since protected vms will have their memory encrypted by default an interface is needed to explicitly request shared pages. Implement this by splitting the common code out from vm_vaddr_alloc() and introducing a new vm_vaddr_alloc_shared(). Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Reviewed-by: Itaru Kitayama Tested-by: Carlos Bilbao Signed-off-by: Michael Roth Signed-off-by: Peter Gonda Signed-off-by: Sean Christopherson --- .../selftests/kvm/include/kvm_util_base.h | 3 +++ tools/testing/selftests/kvm/lib/kvm_util.c | 26 +++++++++++++++---- 2 files changed, 24 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index a82149305349..cb3159af6db3 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -590,6 +590,9 @@ vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_mi vm_vaddr_t vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min); vm_vaddr_t __vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, enum kvm_mem_region_type type); +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, + vm_vaddr_t vaddr_min, + enum kvm_mem_region_type type); vm_vaddr_t vm_vaddr_alloc_pages(struct kvm_vm *vm, int nr_pages); vm_vaddr_t __vm_vaddr_alloc_page(struct kvm_vm *vm, enum kvm_mem_region_type type); diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index ea677aa019ef..e7f4f84f2e68 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1431,15 +1431,17 @@ vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, return pgidx_start * vm->page_size; } -vm_vaddr_t __vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, - enum kvm_mem_region_type type) +static vm_vaddr_t ____vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, + vm_vaddr_t vaddr_min, + enum kvm_mem_region_type type, + bool protected) { uint64_t pages = (sz >> vm->page_shift) + ((sz % vm->page_size) != 0); virt_pgd_alloc(vm); - vm_paddr_t paddr = vm_phy_pages_alloc(vm, pages, - KVM_UTIL_MIN_PFN * vm->page_size, - vm->memslots[type]); + vm_paddr_t paddr = __vm_phy_pages_alloc(vm, pages, + KVM_UTIL_MIN_PFN * vm->page_size, + vm->memslots[type], protected); /* * Find an unused range of virtual page addresses of at least @@ -1459,6 +1461,20 @@ vm_vaddr_t __vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, return vaddr_start; } +vm_vaddr_t __vm_vaddr_alloc(struct kvm_vm *vm, size_t sz, vm_vaddr_t vaddr_min, + enum kvm_mem_region_type type) +{ + return ____vm_vaddr_alloc(vm, sz, vaddr_min, type, + vm_arch_has_protected_memory(vm)); +} + +vm_vaddr_t vm_vaddr_alloc_shared(struct kvm_vm *vm, size_t sz, + vm_vaddr_t vaddr_min, + enum kvm_mem_region_type type) +{ + return ____vm_vaddr_alloc(vm, sz, vaddr_min, type, false); +} + /* * VM Virtual Address Allocate * From patchwork Fri Feb 23 00:42:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568420 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2BC91C54798 for ; Fri, 23 Feb 2024 00:48:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ZSG6jywRxmqQSszthJ2Ve4dqmvRVy9nMFaYIbUXr0vU=; b=gbQXawfNc0B+iH UIuSr7NfxHZ3nA81WnG3X1sLBx1ms+1W78mAtHyV/RZWHNu8b1+Xj2zApFEmNMbY27DkmkeQYFN7z tmv82dfJ9KDm8qJgW1W9L1A1P3XYuO9gG6LK/z8Duam5Bc9AEH+3QJglhT4aiZN96svxeOUO/ZxyJ 0XzYw0a4SfSj/iEkdmWT2guIDCtk6L8VsPZ4JctFCbtDP6eTUh+NmqaYJa96YRasV6l7X1znzcDl5 FDS6rkWI/ijMAUNp9/hSYonNZLz2D4/h4LVxVw7P+ufUzTm0Q4SKO427YjRhlewTjDwAoacYpEjZZ /vGoN4aye2YcbkaxaVCQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJjP-00000007GAL-1QAL; Fri, 23 Feb 2024 00:48:03 +0000 Received: from mail-pg1-x549.google.com ([2607:f8b0:4864:20::549]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJek-00000007Dt2-40rO for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:18 +0000 Received: by mail-pg1-x549.google.com with SMTP id 41be03b00d2f7-5d8bdadc79cso255599a12.2 for ; Thu, 22 Feb 2024 16:43:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648993; x=1709253793; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=VHEHpfFT3fq5ZUYVbA7KHyxL3TWLbo6jAAmdD67Ha7M=; b=teEwxduQ15sV93Z4ZY6Tc3Ghh9OoepNcbNmbKOv4UG/IGAj7FBQy0e3vvuIHiaPHmP hwEN6pDz7BwbmMrV/x7i4nhDfL+aDGagFUhHqGb0B/Zmx/kDOdm2sN2AuT7fReE17a8P UVPBvhWSlFRtX1S02ZDMhY2khEfxwWh4QIyrEQh9+ieSQeHBVtNY8lz3adL2FoBmP1JS ZhNKsRthwOW0uIQ1JTYTJdGspy5sAS5jMup5sgEo58DWwCnM6zE4sD0987YHwZjfJ/cG uSloqfAP9dJo6fo0HUxKcbL5DYt1zakCAAHL28wYNb7Vg3TUWspeENCQJSLnYckItXCt 72Qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648993; x=1709253793; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VHEHpfFT3fq5ZUYVbA7KHyxL3TWLbo6jAAmdD67Ha7M=; b=SiwQb8WY00bYsAnry6xizoqKqhtem1O7A4B83oMz6+Fm1BLIFpwiGJ8W0C5ouE89Ex LwsVqaawiFecJTJdxyMyQptARjOno8oafXY6mVCBlbK1VOuMUM7svhK5RFgkaZ/8IVJ3 2FD0RhNtcJG5duvTQS+v0ASsIUPCiIlWoxkkXKfOrSvWqH9vI4pdpFoQlkAott/kyaKj ynejz1gKeVu+QVSXjObrMmuuQyZT6/B1S0YIubQPiKWP8JgHfMJmgGuuvGA0PPwV1ziw 0LJk8gKjazZ0D/6wL5bT36v4vO439cgwRYk4oMsjyfFnvWKWeq3IIii7CwL5EeeheJit ys4A== X-Forwarded-Encrypted: i=1; AJvYcCXIqzw3uth7RbcdiKc/MOnLg6uDsqiXnYQUku5gveXr+/9Se6oQRL8W7IYGOcQI0/DpGQcCkM1EiiBU3p8l4v5eI+jLvjkXW2u8tOwgYDv/q74YnG0= X-Gm-Message-State: AOJu0YyqHW3P4cZpy0OQazEIVO7zt8lYF7gXb0REEgDNpM71ffLlv39w z2IF6m86OAHuJdDdgOMm78j9ddEkZfpgD8s9rECZj1ppfymR3KLR+7zkng4ry0x/xi0gPDilWeU BJw== X-Google-Smtp-Source: AGHT+IHOzHa69AmDUbZ+OQC4gdWd8eKNcA+4/Rl+KkHknT13uIbfHPqOmsB/BAUR4nyvpq5uPcFzKjJ/Uj0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a65:6d14:0:b0:5cd:9ea4:c99 with SMTP id bf20-20020a656d14000000b005cd9ea40c99mr900pgb.6.1708648993312; Thu, 22 Feb 2024 16:43:13 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:53 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-7-seanjc@google.com> Subject: [PATCH v9 06/11] KVM: selftests: Explicitly ucall pool from shared memory From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164315_218545_C8519F33 X-CRM114-Status: UNSURE ( 9.12 ) X-CRM114-Notice: Please train this message. X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Allocate the common ucall pool using vm_vaddr_alloc_shared() so that the ucall structures will be placed in shared (unencrypted) memory for VMs with support for protected (encrypted) memory, e.g. x86's SEV. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Tested-by: Carlos Bilbao Signed-off-by: Peter Gonda [sean: massage changelog] Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/lib/ucall_common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/lib/ucall_common.c b/tools/testing/selftests/kvm/lib/ucall_common.c index 816a3fa109bf..f5af65a41c29 100644 --- a/tools/testing/selftests/kvm/lib/ucall_common.c +++ b/tools/testing/selftests/kvm/lib/ucall_common.c @@ -29,7 +29,8 @@ void ucall_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa) vm_vaddr_t vaddr; int i; - vaddr = __vm_vaddr_alloc(vm, sizeof(*hdr), KVM_UTIL_MIN_VADDR, MEM_REGION_DATA); + vaddr = vm_vaddr_alloc_shared(vm, sizeof(*hdr), KVM_UTIL_MIN_VADDR, + MEM_REGION_DATA); hdr = (struct ucall_header *)addr_gva2hva(vm, vaddr); memset(hdr, 0, sizeof(*hdr)); From patchwork Fri Feb 23 00:42:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568421 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E6088C54E41 for ; Fri, 23 Feb 2024 00:48:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=STqjhhPpGhjyr1iBSdvMkhm02lXt/+foHNUpWrUoTXo=; b=JbtBvJye6tpoS2 UPnhbZ0qtk3H/mELzm6PTUQ8oqEoO5N+XHJ86x5F4s+Kk1+EZ0DwTkuXD9Ju7WpM3DJqUsrcM9gVu p92rutmSZUnlwx2Fbv4v8BOjTTe9A2IGGeJyx9emOci3qOpA4xMV9GNFkIrdRYrsFWZ+xZqKYf4ul hRI1fqWDvEpmlWAs4KPwM/FtlH/ood05W6hb4LDAANWjF9W5GLlcd0+S7tH6JkfZZl6PurbPQoMCs MYVqsKiIdqmsMi65/C7EwMKjAREWBa1zrcpu7rsr4vYiRyvfzT7KK7yY50MtEX+1c/hewlOSXLUfq BuG+2d+Jw/mgVIdwkJJg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJjR-00000007GCI-1var; Fri, 23 Feb 2024 00:48:05 +0000 Received: from mail-pf1-x449.google.com ([2607:f8b0:4864:20::449]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJem-00000007Dtt-2Oip for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:21 +0000 Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-6e4c6240704so150258b3a.0 for ; Thu, 22 Feb 2024 16:43:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648995; x=1709253795; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=5xSck0kmkPmdifT3b5IqGmDzhnUFDNPygC9r66kostc=; b=sqMZa+CY714d9T+PSaPpTgJBH6B9jLzGbrX278O6nIM8OGsPZb/ewa2VOtteAH+SMM yiZQMr2Mc/1BRza0Evzg0RGL0m/1xlnd1r52O9gAB5dvhQUHlZ02qkQEObrxIX5nanx/ See3zkdxSmzi2lmdO0fbCu68TzCA3KZ/iimmksc1d5D1pO3PU+3VVwOmj9I2uGNLrH/V HJnzIN6Ck9L0fRTe1/qgG0OsV9BEpg59wCIP23TkPkQXM1wAVNhiVhct3aF8TjXzsynz OOC2SyYfJmivC2lObw3JJ008JH261I1Tz/RirU0JtsVIRlxH/9gt1wdIlF/qCDaa0CW0 AhpA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648995; x=1709253795; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=5xSck0kmkPmdifT3b5IqGmDzhnUFDNPygC9r66kostc=; b=SfX6N0OKijKew3qIajeW3ZBtZoc1f+iA4vziDN2HC3/6Ymo5cY3toBm8EcRzcZz0hR CqR+vtx5U8ZOwf1syTfPjOGjn+xGbyVFuPXjk/Wmbi30wHl8v+JfISXRZXzIiteKR0/p UGC5uAhBr4OsGy1HWF9G2cd3vDqqm8QmsIXpOmhp2Wnq0nl4rTq1eKErCgVBMf3WcYsL 5F1VT32pJJ0rxPMnbp9UzzL2lZrbkOy5c3RKRm7k4ovK5yt73YHi13OtUlBhMBJnNw8y WJNegt/OFU7XMcEpG1pMGyMSjePpRujXMKeByExUREcwvF+jtoVOCCfRPLgyg/Y+KoBt Y4dg== X-Forwarded-Encrypted: i=1; AJvYcCVilcu8JdvF250StcNQz9gPJ0ySwiM0Kh3SY6Lf7+KgBH36fJCFdgPhzmlMzXO5ipcExjwMOj+CCY0Oa7CoVh0uz5mH0vkxJNR5EpuIukfiAMfLQ4U= X-Gm-Message-State: AOJu0Yw/27vIAdt3ABCo+27EuNhoONP3rIvY78gkmJeOFEh9yNCQjXx5 3Z1SpK0uZDdJ1O2PtGAbP9QUVEv+qKikUaQgyPy390pOwEirWrII8wNAfQnxYfRRcudWoKxUZhR WVA== X-Google-Smtp-Source: AGHT+IFB6M2rOVCDVxCF+KOWKQZKQwIJ1lp1wD007XU4N9VSw/D1xYHfznSXOlgl1HSeFtLBBbcKp5MS4rw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:23c7:b0:6e4:d2ba:b4c4 with SMTP id g7-20020a056a0023c700b006e4d2bab4c4mr40112pfc.3.1708648995172; Thu, 22 Feb 2024 16:43:15 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:54 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-8-seanjc@google.com> Subject: [PATCH v9 07/11] KVM: selftests: Allow tagging protected memory in guest page tables From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164316_775285_2632329F X-CRM114-Status: GOOD ( 21.22 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Add support for tagging and untagging guest physical address, e.g. to allow x86's SEV and TDX guests to embed shared vs. private information in the GPA. SEV (encryption, a.k.a. C-bit) and TDX (shared, a.k.a. S-bit) steal bits from the guest's physical address space that is consumed by the CPU metadata, i.e. effectively aliases the "real" GPA. Implement generic "tagging" so that the shared vs. private metadata can be managed by x86 without bleeding too many details into common code. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Tested-by: Carlos Bilbao Originally-by: Michael Roth Signed-off-by: Peter Gonda Signed-off-by: Sean Christopherson --- .../kvm/include/aarch64/kvm_util_arch.h | 7 +++++++ .../selftests/kvm/include/kvm_util_base.h | 13 ++++++++++++ .../kvm/include/riscv/kvm_util_arch.h | 7 +++++++ .../kvm/include/s390x/kvm_util_arch.h | 7 +++++++ .../kvm/include/x86_64/kvm_util_arch.h | 21 +++++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 17 +++++++++++++++ .../selftests/kvm/lib/x86_64/processor.c | 15 ++++++++++++- 7 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h create mode 100644 tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h create mode 100644 tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h create mode 100644 tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h diff --git a/tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h b/tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h new file mode 100644 index 000000000000..218f5cdf0d86 --- /dev/null +++ b/tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H +#define _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_ARM64_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index cb3159af6db3..4b266dc0c9bd 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -18,9 +18,11 @@ #include #include +#include #include +#include "kvm_util_arch.h" #include "sparsebit.h" /* @@ -113,6 +115,9 @@ struct kvm_vm { vm_vaddr_t idt; vm_vaddr_t handlers; uint32_t dirty_ring_size; + uint64_t gpa_tag_mask; + + struct kvm_vm_arch arch; /* Cache of information for binary stats interface */ int stats_fd; @@ -605,6 +610,12 @@ void *addr_gva2hva(struct kvm_vm *vm, vm_vaddr_t gva); vm_paddr_t addr_hva2gpa(struct kvm_vm *vm, void *hva); void *addr_gpa2alias(struct kvm_vm *vm, vm_paddr_t gpa); + +static inline vm_paddr_t vm_untag_gpa(struct kvm_vm *vm, vm_paddr_t gpa) +{ + return gpa & ~vm->gpa_tag_mask; +} + void vcpu_run(struct kvm_vcpu *vcpu); int _vcpu_run(struct kvm_vcpu *vcpu); @@ -1114,4 +1125,6 @@ void kvm_selftest_arch_init(void); void kvm_arch_vm_post_create(struct kvm_vm *vm); +bool vm_is_gpa_protected(struct kvm_vm *vm, vm_paddr_t paddr); + #endif /* SELFTEST_KVM_UTIL_BASE_H */ diff --git a/tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h b/tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h new file mode 100644 index 000000000000..c8280d5659ce --- /dev/null +++ b/tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H +#define _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_RISCV_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h b/tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h new file mode 100644 index 000000000000..4c4c1c1e4bf8 --- /dev/null +++ b/tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_S390_KVM_HOST_H +#define _TOOLS_LINUX_ASM_S390_KVM_HOST_H + +struct kvm_vm_arch {}; + +#endif // _TOOLS_LINUX_ASM_S390_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h b/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h new file mode 100644 index 000000000000..17bb38236d97 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _TOOLS_LINUX_ASM_X86_KVM_HOST_H +#define _TOOLS_LINUX_ASM_X86_KVM_HOST_H + +#include +#include + +struct kvm_vm_arch { + uint64_t c_bit; + uint64_t s_bit; +}; + +static inline bool __vm_arch_has_protected_memory(struct kvm_vm_arch *arch) +{ + return arch->c_bit || arch->s_bit; +} + +#define vm_arch_has_protected_memory(vm) \ + __vm_arch_has_protected_memory(&(vm)->arch) + +#endif // _TOOLS_LINUX_ASM_X86_KVM_HOST_H diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index e7f4f84f2e68..19511137d1ae 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1597,6 +1597,8 @@ void *addr_gpa2hva(struct kvm_vm *vm, vm_paddr_t gpa) { struct userspace_mem_region *region; + gpa = vm_untag_gpa(vm, gpa); + region = userspace_mem_region_find(vm, gpa, gpa); if (!region) { TEST_FAIL("No vm physical memory at 0x%lx", gpa); @@ -2305,3 +2307,18 @@ void __attribute((constructor)) kvm_selftest_init(void) kvm_selftest_arch_init(); } + +bool vm_is_gpa_protected(struct kvm_vm *vm, vm_paddr_t paddr) +{ + sparsebit_idx_t pg = 0; + struct userspace_mem_region *region; + + if (!vm_arch_has_protected_memory(vm)) + return false; + + region = userspace_mem_region_find(vm, paddr, paddr); + TEST_ASSERT(region, "No vm physical memory at 0x%lx", paddr); + + pg = paddr >> vm->page_shift; + return sparsebit_is_set(region->protected_phy_pages, pg); +} diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 615d05247470..6c1d2c0ec584 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -157,6 +157,8 @@ static uint64_t *virt_create_upper_pte(struct kvm_vm *vm, { uint64_t *pte = virt_get_pte(vm, parent_pte, vaddr, current_level); + paddr = vm_untag_gpa(vm, paddr); + if (!(*pte & PTE_PRESENT_MASK)) { *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK; if (current_level == target_level) @@ -200,6 +202,8 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) "Physical address beyond maximum supported,\n" " paddr: 0x%lx vm->max_gfn: 0x%lx vm->page_size: 0x%x", paddr, vm->max_gfn, vm->page_size); + TEST_ASSERT(vm_untag_gpa(vm, paddr) == paddr, + "Unexpected bits in paddr: %lx", paddr); /* * Allocate upper level page tables, if not already present. Return @@ -222,6 +226,15 @@ void __virt_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr, int level) TEST_ASSERT(!(*pte & PTE_PRESENT_MASK), "PTE already present for 4k page at vaddr: 0x%lx", vaddr); *pte = PTE_PRESENT_MASK | PTE_WRITABLE_MASK | (paddr & PHYSICAL_PAGE_MASK); + + /* + * Neither SEV nor TDX supports shared page tables, so only the final + * leaf PTE needs manually set the C/S-bit. + */ + if (vm_is_gpa_protected(vm, paddr)) + *pte |= vm->arch.c_bit; + else + *pte |= vm->arch.s_bit; } void virt_arch_pg_map(struct kvm_vm *vm, uint64_t vaddr, uint64_t paddr) @@ -496,7 +509,7 @@ vm_paddr_t addr_arch_gva2gpa(struct kvm_vm *vm, vm_vaddr_t gva) * No need for a hugepage mask on the PTE, x86-64 requires the "unused" * address bits to be zero. */ - return PTE_GET_PA(*pte) | (gva & ~HUGEPAGE_MASK(level)); + return vm_untag_gpa(vm, PTE_GET_PA(*pte)) | (gva & ~HUGEPAGE_MASK(level)); } static void kvm_setup_gdt(struct kvm_vm *vm, struct kvm_dtable *dt) From patchwork Fri Feb 23 00:42:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568422 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E601DC54798 for ; Fri, 23 Feb 2024 00:48:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=OM3kxRQNZU+ijiidXf/GChmpCnPb9MbgILA/4tKRtyE=; b=1S3s1g+TedhRVH OOrwFafWarY+aBjjRXlYgfyU2VByfIdcZh61sn4pW3LBHvTTPAv+Uf2jjesqLV7Q6O8LPnJyW5et9 wug3c5b4Ruo870AfXaRFinzJMkDWi1lVxzyeLndypxUdGGQGtOCUZZ3tLFUL4NgxqMICJpMvgtfRv djiILzhL++5rajvpC71DuTTqyiXJVIW0RdDJ/NKPcsDXdEH1N8Ai3GnUJaSHODY997tt7qLuX1fmw oAJ2fidHtygoVxn7teQSo1jPzS4Aq413O2oLgyEe09nbTRSOk0yFEjWIRoMBj2F/dox4loArUXU0P 80nbmoR542NhMkNbphkw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJjT-00000007GDS-0kUC; Fri, 23 Feb 2024 00:48:07 +0000 Received: from mail-pg1-x54a.google.com ([2607:f8b0:4864:20::54a]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJeo-00000007DwB-2qRx for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:22 +0000 Received: by mail-pg1-x54a.google.com with SMTP id 41be03b00d2f7-5cfda2f4716so240424a12.3 for ; Thu, 22 Feb 2024 16:43:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648997; x=1709253797; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=QrUKJwHQx6OZ5c5u7S9Sq3lEDPXCQDh1cyYXS22x5bg=; b=3OaZq4v1K6NWhuOWqFTOT8c2jPRJQT0puIMwKEew1MVJKyqrMskzYMbPuffikYP+9S 4FDZS0MNw7+dBf24WZT7/EebSfjmk0DiqwY/685ENLebNkG/PXeXb6SpQO+uUdp0pFo0 2i5UEhbCNK+dOVMdh5EMdAWT94faUbGd8bqVGhXjTbeBrF2Rs+OQvKahHpkKUbuIAumB 8+r/o/VaiYVwwuezdrJj6TkMV0k1EyOACObxV89VGWK4hP91IWRBTUlmJsrKXsMqNm88 fY09iQJjZrlj3FZRRUji0KpzCAXTi9SvXo2eYOTKjoFIW9stRkpH5tJ8z7Pfx7k1kZsH An+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648997; x=1709253797; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QrUKJwHQx6OZ5c5u7S9Sq3lEDPXCQDh1cyYXS22x5bg=; b=FOmN2oM0P7PIaMEfK2Ot4RX1VRCrK3vebX2b/qSTwksfuKXOVWqkk+KHKEIA9Qf2Xt 0jm0L/705nxU5joQ7FrG1eZiR57k6Gi43+UJpKu6q9tgMvPtGGPXMX5w+cra4gsOeZFf voTqPZuCP5cIri+9hQnaI//muL82rIpnj0oFwXKzLg18swWqpQYkpzvN09W11yamBwuJ ev/6jGaod/+nZfYLVZUige/qX2fqgD6BmOehLLSimcMC1fQXKn6kepLYwWQKQsgE6cBu lR6Sb8SYNeSvl+KouUuORbv2889JFwTQ0Ghr4Nw2oIes2J0FlHyu7NocQNgsUSS399X4 6pHQ== X-Forwarded-Encrypted: i=1; AJvYcCV/bvC0tT/iykN4JNPHRX4Ei1ydg0WP5s1/jYOM6igqPdDAw+xcIsGRzSAacsbokdeEvZUllXlMMVmSizAKRbSrqpEEoFqfZu5BP0AYBQg/6nseZEA= X-Gm-Message-State: AOJu0YxpscMc2N87gWSupRVcS5ht8TG+a5HFdefOxfsMSuj+dCagnL8p Fd+DgY/P6XMDF8bvk6CwD1jmM27u8BJVfBYw0sZhrpdq6WAhZcWhzIJbz4Me5r83XhlXNC7JN4E HbQ== X-Google-Smtp-Source: AGHT+IEgZ6Xp4G0QNWZNXsSNaAdKPYaYAdXhVJMDIaBglQolhzxGBOSmSPQxMCreq2B5dM1DsELErPwgM6A= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a02:a0e:b0:5dc:85a6:d74d with SMTP id cm14-20020a056a020a0e00b005dc85a6d74dmr962pgb.2.1708648997232; Thu, 22 Feb 2024 16:43:17 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:55 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-9-seanjc@google.com> Subject: [PATCH v9 08/11] KVM: selftests: Add library for creating and interacting with SEV guests From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164318_925169_EF4B8D19 X-CRM114-Status: GOOD ( 27.50 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Add a library/APIs for creating and interfacing with SEV guests, all of which need some amount of common functionality, e.g. an open file handle for the SEV driver (/dev/sev), ioctl() wrappers to pass said file handle to KVM, tracking of the C-bit, etc. Add an x86-specific hook to initialize address properties, a.k.a. the location of the C-bit. An arch specific hook is rather gross, but x86 already has a dedicated #ifdef-protected kvm_get_cpu_address_width() hook, i.e. the ugliest code already exists. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Tested-by: Carlos Bilbao Originally-by: Michael Roth Signed-off-by: Peter Gonda Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/Makefile | 1 + .../kvm/include/x86_64/kvm_util_arch.h | 2 + .../selftests/kvm/include/x86_64/processor.h | 8 ++ .../selftests/kvm/include/x86_64/sev.h | 105 +++++++++++++++++ tools/testing/selftests/kvm/lib/kvm_util.c | 1 + .../selftests/kvm/lib/x86_64/processor.c | 17 +++ tools/testing/selftests/kvm/lib/x86_64/sev.c | 110 ++++++++++++++++++ 7 files changed, 244 insertions(+) create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index ce58098d80fd..169b6ee8f733 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -38,6 +38,7 @@ LIBKVM_x86_64 += lib/x86_64/hyperv.c LIBKVM_x86_64 += lib/x86_64/memstress.c LIBKVM_x86_64 += lib/x86_64/pmu.c LIBKVM_x86_64 += lib/x86_64/processor.c +LIBKVM_x86_64 += lib/x86_64/sev.c LIBKVM_x86_64 += lib/x86_64/svm.c LIBKVM_x86_64 += lib/x86_64/ucall.c LIBKVM_x86_64 += lib/x86_64/vmx.c diff --git a/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h b/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h index 17bb38236d97..205ed788aeb8 100644 --- a/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h +++ b/tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h @@ -8,6 +8,8 @@ struct kvm_vm_arch { uint64_t c_bit; uint64_t s_bit; + int sev_fd; + bool is_pt_protected; }; static inline bool __vm_arch_has_protected_memory(struct kvm_vm_arch *arch) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools/testing/selftests/kvm/include/x86_64/processor.h index 0f4792083d01..3bd03b088dda 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -23,6 +23,12 @@ extern bool host_cpu_is_intel; extern bool host_cpu_is_amd; +enum vm_guest_x86_subtype { + VM_SUBTYPE_NONE = 0, + VM_SUBTYPE_SEV, + VM_SUBTYPE_SEV_ES, +}; + /* Forced emulation prefix, used to invoke the emulator unconditionally. */ #define KVM_FEP "ud2; .byte 'k', 'v', 'm';" @@ -276,6 +282,7 @@ struct kvm_x86_cpu_property { #define X86_PROPERTY_MAX_EXT_LEAF KVM_X86_CPU_PROPERTY(0x80000000, 0, EAX, 0, 31) #define X86_PROPERTY_MAX_PHY_ADDR KVM_X86_CPU_PROPERTY(0x80000008, 0, EAX, 0, 7) #define X86_PROPERTY_MAX_VIRT_ADDR KVM_X86_CPU_PROPERTY(0x80000008, 0, EAX, 8, 15) +#define X86_PROPERTY_SEV_C_BIT KVM_X86_CPU_PROPERTY(0x8000001F, 0, EBX, 0, 5) #define X86_PROPERTY_PHYS_ADDR_REDUCTION KVM_X86_CPU_PROPERTY(0x8000001F, 0, EBX, 6, 11) #define X86_PROPERTY_MAX_CENTAUR_LEAF KVM_X86_CPU_PROPERTY(0xC0000000, 0, EAX, 0, 31) @@ -1093,6 +1100,7 @@ do { \ } while (0) void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits); +void kvm_init_vm_address_properties(struct kvm_vm *vm); bool vm_is_unrestricted_guest(struct kvm_vm *vm); struct ex_regs { diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h new file mode 100644 index 000000000000..de5283bef752 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -0,0 +1,105 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Helpers used for SEV guests + * + */ +#ifndef SELFTEST_KVM_SEV_H +#define SELFTEST_KVM_SEV_H + +#include +#include + +#include "linux/psp-sev.h" + +#include "kvm_util.h" +#include "svm_util.h" +#include "processor.h" + +enum sev_guest_state { + SEV_GUEST_STATE_UNINITIALIZED = 0, + SEV_GUEST_STATE_LAUNCH_UPDATE, + SEV_GUEST_STATE_LAUNCH_SECRET, + SEV_GUEST_STATE_RUNNING, +}; + +#define SEV_POLICY_NO_DBG (1UL << 0) +#define SEV_POLICY_ES (1UL << 2) + +void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); +void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); +void sev_vm_launch_finish(struct kvm_vm *vm); + +struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, + struct kvm_vcpu **cpu); + +kvm_static_assert(SEV_RET_SUCCESS == 0); + +/* + * The KVM_MEMORY_ENCRYPT_OP uAPI is utter garbage and takes an "unsigned long" + * instead of a proper struct. The size of the parameter is embedded in the + * ioctl number, i.e. is ABI and thus immutable. Hack around the mess by + * creating an overlay to pass in an "unsigned long" without a cast (casting + * will make the compiler unhappy due to dereferencing an aliased pointer). + */ +#define __vm_sev_ioctl(vm, cmd, arg) \ +({ \ + int r; \ + \ + union { \ + struct kvm_sev_cmd c; \ + unsigned long raw; \ + } sev_cmd = { .c = { \ + .id = (cmd), \ + .data = (uint64_t)(arg), \ + .sev_fd = (vm)->arch.sev_fd, \ + } }; \ + \ + r = __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_OP, &sev_cmd.raw); \ + r ?: sev_cmd.c.error; \ +}) + +#define vm_sev_ioctl(vm, cmd, arg) \ +({ \ + int ret = __vm_sev_ioctl(vm, cmd, arg); \ + \ + __TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd, ret, vm); \ +}) + +static inline void sev_vm_init(struct kvm_vm *vm) +{ + vm->arch.sev_fd = open_sev_dev_path_or_exit(); + + vm_sev_ioctl(vm, KVM_SEV_INIT, NULL); +} + + +static inline void sev_es_vm_init(struct kvm_vm *vm) +{ + vm->arch.sev_fd = open_sev_dev_path_or_exit(); + + vm_sev_ioctl(vm, KVM_SEV_ES_INIT, NULL); +} + +static inline void sev_register_encrypted_memory(struct kvm_vm *vm, + struct userspace_mem_region *region) +{ + struct kvm_enc_region range = { + .addr = region->region.userspace_addr, + .size = region->region.memory_size, + }; + + vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, &range); +} + +static inline void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, + uint64_t size) +{ + struct kvm_sev_launch_update_data update_data = { + .uaddr = (unsigned long)addr_gpa2hva(vm, gpa), + .len = size, + }; + + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &update_data); +} + +#endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 19511137d1ae..b2262b5fad9e 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -317,6 +317,7 @@ struct kvm_vm *____vm_create(struct vm_shape shape) case VM_MODE_PXXV48_4K: #ifdef __x86_64__ kvm_get_cpu_address_width(&vm->pa_bits, &vm->va_bits); + kvm_init_vm_address_properties(vm); /* * Ignore KVM support for 5-level paging (vm->va_bits == 57), * it doesn't take effect unless a CR4.LA57 is set, which it diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index 6c1d2c0ec584..aa92220bf5da 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -9,6 +9,7 @@ #include "test_util.h" #include "kvm_util.h" #include "processor.h" +#include "sev.h" #ifndef NUM_INTERRUPTS #define NUM_INTERRUPTS 256 @@ -278,6 +279,9 @@ uint64_t *__vm_get_page_table_entry(struct kvm_vm *vm, uint64_t vaddr, { uint64_t *pml4e, *pdpe, *pde; + TEST_ASSERT(!vm->arch.is_pt_protected, + "Walking page tables of protected guests is impossible"); + TEST_ASSERT(*level >= PG_LEVEL_NONE && *level < PG_LEVEL_NUM, "Invalid PG_LEVEL_* '%d'", *level); @@ -573,6 +577,11 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm) vm_create_irqchip(vm); sync_global_to_guest(vm, host_cpu_is_intel); sync_global_to_guest(vm, host_cpu_is_amd); + + if (vm->subtype == VM_SUBTYPE_SEV) + sev_vm_init(vm); + else if (vm->subtype == VM_SUBTYPE_SEV_ES) + sev_es_vm_init(vm); } struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id, @@ -1063,6 +1072,14 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits) } } +void kvm_init_vm_address_properties(struct kvm_vm *vm) +{ + if (vm->subtype == VM_SUBTYPE_SEV) { + vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); + vm->gpa_tag_mask = vm->arch.c_bit; + } +} + static void set_idt_entry(struct kvm_vm *vm, int vector, unsigned long addr, int dpl, unsigned short selector) { diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c new file mode 100644 index 000000000000..9f5a3dbb5e65 --- /dev/null +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -0,0 +1,110 @@ +// SPDX-License-Identifier: GPL-2.0-only +#define _GNU_SOURCE /* for program_invocation_short_name */ +#include +#include + +#include "sev.h" + +/* + * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and the + * -1 would then cause an underflow back to 2**64 - 1. This is expected and + * correct. + * + * If the last range in the sparsebit is [x, y] and we try to iterate, + * sparsebit_next_set() will return 0, and sparsebit_next_clear() will try + * and find the first range, but that's correct because the condition + * expression would cause us to quit the loop. + */ +static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region) +{ + const struct sparsebit *protected_phy_pages = region->protected_phy_pages; + const vm_paddr_t gpa_base = region->region.guest_phys_addr; + const sparsebit_idx_t lowest_page_in_region = gpa_base >> vm->page_shift; + sparsebit_idx_t i, j; + + if (!sparsebit_any_set(protected_phy_pages)) + return; + + sev_register_encrypted_memory(vm, region); + + sparsebit_for_each_set_range(protected_phy_pages, i, j) { + const uint64_t size = (j - i + 1) * vm->page_size; + const uint64_t offset = (i - lowest_page_in_region) * vm->page_size; + + sev_launch_update_data(vm, gpa_base + offset, size); + } +} + +void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) +{ + struct kvm_sev_launch_start launch_start = { + .policy = policy, + }; + struct userspace_mem_region *region; + struct kvm_sev_guest_status status; + int ctr; + + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_START, &launch_start); + vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &status); + + TEST_ASSERT_EQ(status.policy, policy); + TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_LAUNCH_UPDATE); + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) + encrypt_region(vm, region); + + vm->arch.is_pt_protected = true; +} + +void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement) +{ + struct kvm_sev_launch_measure launch_measure; + struct kvm_sev_guest_status guest_status; + + launch_measure.len = 256; + launch_measure.uaddr = (__u64)measurement; + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_MEASURE, &launch_measure); + + vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &guest_status); + TEST_ASSERT_EQ(guest_status.state, SEV_GUEST_STATE_LAUNCH_SECRET); +} + +void sev_vm_launch_finish(struct kvm_vm *vm) +{ + struct kvm_sev_guest_status status; + + vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &status); + TEST_ASSERT(status.state == SEV_GUEST_STATE_LAUNCH_UPDATE || + status.state == SEV_GUEST_STATE_LAUNCH_SECRET, + "Unexpected guest state: %d", status.state); + + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_FINISH, NULL); + + vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &status); + TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_RUNNING); +} + +struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, + struct kvm_vcpu **cpu) +{ + struct vm_shape shape = { + .type = VM_TYPE_DEFAULT, + .mode = VM_MODE_DEFAULT, + .subtype = VM_SUBTYPE_SEV, + }; + struct kvm_vm *vm; + struct kvm_vcpu *cpus[1]; + uint8_t measurement[512]; + + vm = __vm_create_with_vcpus(shape, 1, 0, guest_code, cpus); + *cpu = cpus[0]; + + sev_vm_launch(vm, policy); + + /* TODO: Validate the measurement is as expected. */ + sev_vm_launch_measure(vm, measurement); + + sev_vm_launch_finish(vm); + + return vm; +} From patchwork Fri Feb 23 00:42:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568417 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 88DB7C54798 for ; Fri, 23 Feb 2024 00:46:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=4V/5jk9du0UscOSlomzTv63wd0umEAxtZ0q5q+slNhQ=; b=rRk5qVwhRD3GGM iWjcgwS3bi7ZlYXutgU37xy3V0TBOEtnll0YCJwaY90in+90fTrpQKZ0K+4iZdc5KwqKZ4bjZJhyc 0675KAv0qGqs10IYTcha4mL1pM6BAdSPeo9vxIj2I8BrozGSp/xgSu9yaI99D075YuSgQMpXRd85m RX+7HYCAxYclcMNvHNaKN/DXB2HfjOOvmuUesNryr6ufYhV1GLP/w0lP1rJr5E4qCFHyUo6N8ySAH A2O8Y/l+lGlLaUGNiWsZeBHa/oujO0lEsSNmojguSDI7NNsEUttrhCZR0z/NIbHvLs5qSbm/9jJmr foVnWQnIr/ecmhbMDkjg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJhb-00000007FMN-3ZGT; Fri, 23 Feb 2024 00:46:11 +0000 Received: from mail-pj1-x1049.google.com ([2607:f8b0:4864:20::1049]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJer-00000007Dxu-3fZG for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:26 +0000 Received: by mail-pj1-x1049.google.com with SMTP id 98e67ed59e1d1-2995140840eso305165a91.1 for ; Thu, 22 Feb 2024 16:43:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708648999; x=1709253799; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=lRpse7Hgpajlk57C2H5vth1Tg0pkPPWc04aEOHzQOwA=; b=j0YlS0GvmQ3ACq/oIUPdy2VkDN0v2flsrSuvhPlm6ePCWPlZVIy67BS6atO66ZJkP5 pzjRSpFKl2nJVfdqv8WK0lHmWKUeOGVHYYOIVDeuGpvDJSH5iQkZl3old5KBe7WembeE 8AGLEqO5056f5WbjyBtWKMO0T4RcJ9S0ju6IQf52fCJwN4wlQDhYW7TRRFTwpuEegvSM Xo5JPudBv7wa/I0lS+ekSnjDANW9lRGvpUJ6/kaIOXXjizeFTwQmjGv33MXEgZOCCRiU TD0rl4KiwLPWF08NA4XIn2ZmDED/4g01eMgfcHu1lqQMN9SaAWJfj3yOu76j9Dr/laV0 WVKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708648999; x=1709253799; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lRpse7Hgpajlk57C2H5vth1Tg0pkPPWc04aEOHzQOwA=; b=fQLlQWFWx3yxS4GJOYIJZo50MxMI4YT895tfzuaT5olo4g1t/fTMmxRWsonQsqPy0B 6PZN2Gemd3+yqlEBXsfSy4g8rjfy7Ig5n7g6AMMsG1VfTfLAKp1ousZsLMfLLgCO7qvL nhi1iKoj3iXLR0OWGMgdRJugZnqHPOA+AB0CWpuMThctN6vupq9IwPLuL2CPoTSGWXxc hgKilgZU0JF7bwiAEjSEH2YjltX++Prggn9gb64oiup7AWrGcTkXVRTouZliOrcXEinh X+J3Od30t8hSPTeiRGZeOI8Fnaqg0fvQ9U6M4ipR2Zstl0+ZfySOnw2NEHKRxz0KpfY2 7kKg== X-Forwarded-Encrypted: i=1; AJvYcCUKJ07FKT3HFe7gZ1l7R3k0Lsn2WfJ3WHR4Jwp3fb8vCZSj2GTVXqirBp8Gs9CpDE47p8ewYrL6eT1VPaEXFaCPsPvgjV2jhOXsqG0sRQvha/J79fg= X-Gm-Message-State: AOJu0YyCVvvaJ7OyBe/U5LV3UYbMswR2Ma1qnOZgoJhAHCQuwUpsMS1f JV8WfIp8xo2zg0cPuC5Afc3A7aL59lL9imZkwkmfUFpzjsuoARwYELnYJ/pUplDi74ZeuWsxuTB ilw== X-Google-Smtp-Source: AGHT+IHDQETePQetxa/9bLHgOPQ91WhsyrAdMFKDkfvyNMFp3v4runbA1w2m83674UspLgdjLo+hqAFR40U= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:3d01:b0:299:942e:6634 with SMTP id pt1-20020a17090b3d0100b00299942e6634mr1218pjb.1.1708648999474; Thu, 22 Feb 2024 16:43:19 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:56 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-10-seanjc@google.com> Subject: [PATCH v9 09/11] KVM: selftests: Use the SEV library APIs in the intra-host migration test From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164322_080731_8DCC8F15 X-CRM114-Status: GOOD ( 14.03 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Port the existing intra-host SEV(-ES) migration test to the recently added SEV library, which handles much of the boilerplate needed to create and configure SEV guests. Tested-by: Carlos Bilbao Signed-off-by: Sean Christopherson --- .../selftests/kvm/x86_64/sev_migrate_tests.c | 67 ++++++------------- 1 file changed, 21 insertions(+), 46 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/sev_migrate_tests.c b/tools/testing/selftests/kvm/x86_64/sev_migrate_tests.c index a49828adf294..d6f7428e42c6 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_migrate_tests.c +++ b/tools/testing/selftests/kvm/x86_64/sev_migrate_tests.c @@ -10,11 +10,9 @@ #include "test_util.h" #include "kvm_util.h" #include "processor.h" -#include "svm_util.h" +#include "sev.h" #include "kselftest.h" -#define SEV_POLICY_ES 0b100 - #define NR_MIGRATE_TEST_VCPUS 4 #define NR_MIGRATE_TEST_VMS 3 #define NR_LOCK_TESTING_THREADS 3 @@ -22,46 +20,24 @@ bool have_sev_es; -static int __sev_ioctl(int vm_fd, int cmd_id, void *data, __u32 *fw_error) -{ - struct kvm_sev_cmd cmd = { - .id = cmd_id, - .data = (uint64_t)data, - .sev_fd = open_sev_dev_path_or_exit(), - }; - int ret; - - ret = ioctl(vm_fd, KVM_MEMORY_ENCRYPT_OP, &cmd); - *fw_error = cmd.error; - return ret; -} - -static void sev_ioctl(int vm_fd, int cmd_id, void *data) -{ - int ret; - __u32 fw_error; - - ret = __sev_ioctl(vm_fd, cmd_id, data, &fw_error); - TEST_ASSERT(ret == 0 && fw_error == SEV_RET_SUCCESS, - "%d failed: return code: %d, errno: %d, fw error: %d", - cmd_id, ret, errno, fw_error); -} - static struct kvm_vm *sev_vm_create(bool es) { struct kvm_vm *vm; - struct kvm_sev_launch_start start = { 0 }; int i; vm = vm_create_barebones(); - sev_ioctl(vm->fd, es ? KVM_SEV_ES_INIT : KVM_SEV_INIT, NULL); + if (!es) + sev_vm_init(vm); + else + sev_es_vm_init(vm); + for (i = 0; i < NR_MIGRATE_TEST_VCPUS; ++i) __vm_vcpu_add(vm, i); + + sev_vm_launch(vm, es ? SEV_POLICY_ES : 0); + if (es) - start.policy |= SEV_POLICY_ES; - sev_ioctl(vm->fd, KVM_SEV_LAUNCH_START, &start); - if (es) - sev_ioctl(vm->fd, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); return vm; } @@ -181,7 +157,7 @@ static void test_sev_migrate_parameters(void) sev_vm = sev_vm_create(/* es= */ false); sev_es_vm = sev_vm_create(/* es= */ true); sev_es_vm_no_vmsa = vm_create_barebones(); - sev_ioctl(sev_es_vm_no_vmsa->fd, KVM_SEV_ES_INIT, NULL); + sev_es_vm_init(sev_es_vm_no_vmsa); __vm_vcpu_add(sev_es_vm_no_vmsa, 1); ret = __sev_migrate_from(sev_vm, sev_es_vm); @@ -230,13 +206,13 @@ static void sev_mirror_create(struct kvm_vm *dst, struct kvm_vm *src) TEST_ASSERT(!ret, "Copying context failed, ret: %d, errno: %d", ret, errno); } -static void verify_mirror_allowed_cmds(int vm_fd) +static void verify_mirror_allowed_cmds(struct kvm_vm *vm) { struct kvm_sev_guest_status status; + int cmd_id; - for (int cmd_id = KVM_SEV_INIT; cmd_id < KVM_SEV_NR_MAX; ++cmd_id) { + for (cmd_id = KVM_SEV_INIT; cmd_id < KVM_SEV_NR_MAX; ++cmd_id) { int ret; - __u32 fw_error; /* * These commands are allowed for mirror VMs, all others are @@ -256,14 +232,13 @@ static void verify_mirror_allowed_cmds(int vm_fd) * These commands should be disallowed before the data * parameter is examined so NULL is OK here. */ - ret = __sev_ioctl(vm_fd, cmd_id, NULL, &fw_error); - TEST_ASSERT( - ret == -1 && errno == EINVAL, - "Should not be able call command: %d. ret: %d, errno: %d", - cmd_id, ret, errno); + ret = __vm_sev_ioctl(vm, cmd_id, NULL); + TEST_ASSERT(ret == -1 && errno == EINVAL, + "Should not be able call command: %d. ret: %d, errno: %d", + cmd_id, ret, errno); } - sev_ioctl(vm_fd, KVM_SEV_GUEST_STATUS, &status); + vm_sev_ioctl(vm, KVM_SEV_GUEST_STATUS, &status); } static void test_sev_mirror(bool es) @@ -281,9 +256,9 @@ static void test_sev_mirror(bool es) __vm_vcpu_add(dst_vm, i); if (es) - sev_ioctl(dst_vm->fd, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); + vm_sev_ioctl(dst_vm, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); - verify_mirror_allowed_cmds(dst_vm->fd); + verify_mirror_allowed_cmds(dst_vm); kvm_vm_free(src_vm); kvm_vm_free(dst_vm); From patchwork Fri Feb 23 00:42:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568418 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6D1EAC47DD9 for ; Fri, 23 Feb 2024 00:47:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=pGYZwW2B6fm0Touh+SsiCBTngq30Qg/SotRg4GRMOU4=; b=HzLH8vcDkvvorX gPkYP0f6PgW0QUciLqMimtdl8eYW/+fcp9SAsg2Ruv7v/EXpLL9JI0lnCmWRoVEIUmI8frbNPr64x pedkprs8sVkVDQRcyPXfIE+3gu67r9lH/Atq/sbhyFJHATWb7c/voTvRLqavcsmtXoVnqqnvUwzXL 02i9pD0f2ULoUp8S6uyhxklm6DyPhLU9SOAryjgQqQykmcI47iAgIKodgqzxjnKPeGGc/GLPRgn+B tWglV29OYad48yt6goUFHvbDHFxqmeqDdJheVpi5aPAKcX8o6lkxTtvfspmR2n35Jvhn1M/uSQwDm 6wQih5cdNvsAJc4PJ4Fg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJho-00000007FS2-1giz; Fri, 23 Feb 2024 00:46:29 +0000 Received: from mail-pl1-x649.google.com ([2607:f8b0:4864:20::649]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJet-00000007Dyo-2RiK for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:26 +0000 Received: by mail-pl1-x649.google.com with SMTP id d9443c01a7336-1dbcf75fe1bso2806295ad.2 for ; Thu, 22 Feb 2024 16:43:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708649001; x=1709253801; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=ufdAB/OIgPR6sk1BH6tXU4Lb92iEyKpRUAsMWFh65lo=; b=m4geC0X49TUmAshGfUTPSxJsyPwR9hPYrexz0Vkq5LfWk11kG/wVJKMxG2xP9M29mi wb7MtrfHdSQeYM99bBaPc5L/h1ZhaJ5PoWcKyyb3xG2/gn4JQAwmau1N2OSLH5JTXJNq ntxDNpJOuKeI11hHwL5r4vb8WNHWehho34X4O/EDy2x7Gt5QQfG14wgyozNqZDvk1YMe 8UIebCisMOgh1KupX4IhSE4MdsvfvbDDsecfrkwdPo6RrzM1FJ2Mpkx/WmEdpZ5J4vNb ssOgRlR46hI+HHm8PkQoHhQafgVdL7GVqRyelpwBE8BEKTDm049teb/WcWsn3u1rJ9WJ hA0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708649001; x=1709253801; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ufdAB/OIgPR6sk1BH6tXU4Lb92iEyKpRUAsMWFh65lo=; b=LfqxJ5EqQu04S8YaGYnTr6YaZzJFfPZcyqqaKGb2rW38B9W2Jg1P0xVqcAPALmmqSV g5bqBpXeOkGtk12vED0b1CzBhG9bAwtTr4cV2Rq5BP9cfZPvL7ojw3qaK/Od7t5uI4r1 wsFPLfItQu0zawBUpBk9NU+dPNtWUAMbPup7ynERbKcMO42mXT26wYhAgS7IQpiQhPcE C+15liG8/HpFi04r6+1YKX7T+IBWlGnoTlK8n6qunYpCt3Xuhhl7II5lXk8tGnalc5eb Z0oNdUbEJHhTk9oPdTnEUXXjkPmeeo1tJGfoNFkbup+JdRrWLTcaPNtYeG3YQWg3gH4D RxMA== X-Forwarded-Encrypted: i=1; AJvYcCVBl5IDl/F7gBvqiFoqlF8t6764/dgfXh1tC6/yvsCGp68q6MNcKlqiJN/7LTYEquw30HZObH9Ju+XRfZgW3tIKSii9t2Cv/qFr6CLCPX4Ke7QjvPA= X-Gm-Message-State: AOJu0YymvBZYVQ8XllLWUkV/5J0NG6aRsoMPHG20evQF9BdkuBLQwtu/ 3LclTesSnpFazfHoq55OlTCzE8E5FVMeHTLt/4gOvFN2vP/eoI6q084bHOgtok3S4WizrsQXKtP 9ug== X-Google-Smtp-Source: AGHT+IG8+r/xpCHDcIabTu60pIgBwVS8FUp4lQYZJVuuCn7QXyTR4BHnC5QtDdnTL8fekJtdMeUpyEN6qt8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:234c:b0:1dc:1c81:1b2a with SMTP id c12-20020a170903234c00b001dc1c811b2amr1699plh.1.1708649001454; Thu, 22 Feb 2024 16:43:21 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:57 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-11-seanjc@google.com> Subject: [PATCH v9 10/11] KVM: selftests: Add a basic SEV smoke test From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164323_965777_C717D1FB X-CRM114-Status: GOOD ( 14.09 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Peter Gonda Add a basic smoke test for SEV guests to verify that KVM can launch an SEV guest and run a few instructions without exploding. To verify that SEV is indeed enabled, assert that SEV is reported as enabled in MSR_AMD64_SEV, a.k.a. SEV_STATUS, which cannot be intercepted by KVM (architecturally enforced). Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Vishal Annapurve Cc: Ackerly Tng cc: Andrew Jones Cc: Tom Lendacky Cc: Michael Roth Suggested-by: Michael Roth Tested-by: Carlos Bilbao Signed-off-by: Peter Gonda [sean: rename to "sev_smoke_test"] Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/x86_64/sev_smoke_test.c | 58 +++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_smoke_test.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 169b6ee8f733..da20e6bb43ed 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -120,6 +120,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_caps_test TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests +TEST_GEN_PROGS_x86_64 += x86_64/sev_smoke_test TEST_GEN_PROGS_x86_64 += x86_64/amx_test TEST_GEN_PROGS_x86_64 += x86_64/max_vcpuid_cap_test TEST_GEN_PROGS_x86_64 += x86_64/triple_fault_event_test diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c new file mode 100644 index 000000000000..54d72efd9b4d --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c @@ -0,0 +1,58 @@ +// SPDX-License-Identifier: GPL-2.0-only +#include +#include +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "processor.h" +#include "svm_util.h" +#include "linux/psp-sev.h" +#include "sev.h" + +static void guest_sev_code(void) +{ + GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); + GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); + + GUEST_DONE(); +} + +static void test_sev(void *guest_code, uint64_t policy) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct ucall uc; + + vm = vm_sev_create_with_one_vcpu(policy, guest_code, &vcpu); + + for (;;) { + vcpu_run(vcpu); + + switch (get_ucall(vcpu, &uc)) { + case UCALL_SYNC: + continue; + case UCALL_DONE: + return; + case UCALL_ABORT: + REPORT_GUEST_ASSERT(uc); + default: + TEST_FAIL("Unexpected exit: %s", + exit_reason_str(vcpu->run->exit_reason)); + } + } + + kvm_vm_free(vm); +} + +int main(int argc, char *argv[]) +{ + TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV)); + + test_sev(guest_sev_code, SEV_POLICY_NO_DBG); + test_sev(guest_sev_code, 0); + + return 0; +} From patchwork Fri Feb 23 00:42:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13568419 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 37877C54798 for ; Fri, 23 Feb 2024 00:47:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=N4TltCyd7IHTjt3qPqi2oXh5ICBLOJWQ5Muu0wUZkw0=; b=B5kR2qluj6+wHR QOLwhbPCczNI2AsiJFB+N4WfYzlMsNo9NtiKTiZ/MHHIEIQLuMbna1Cz60YNnNXk5TKRAW5vIEGat HUx1ynvKABtx+r76LiGpXY2TChfxJnSh2J8w8tZVxt3FbMhc4BEcI88Xx1pPrWCEOtvdKKjGPhP+M TuRwy6UYn/tD+hFJCpgQGT12/fJOAfz/90BIoE5cN5RaJwLK82REUeAZWjj9C1E98zIdsgLfhaYxn 67yi+z+4K30kplP+fnyKEYCG/qyOdHE/jvx/MEBcaW6SlFkYJMr70IM2qlCApt5XsHJ4mFWxfc4Xy vzWwQpe8tKcXCNDvPbqg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJiU-00000007Fie-1aBF; Fri, 23 Feb 2024 00:47:06 +0000 Received: from mail-pf1-x449.google.com ([2607:f8b0:4864:20::449]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rdJew-00000007E0U-1MuE for linux-arm-kernel@lists.infradead.org; Fri, 23 Feb 2024 00:43:28 +0000 Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-6e476b2010cso171137b3a.2 for ; Thu, 22 Feb 2024 16:43:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708649003; x=1709253803; darn=lists.infradead.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Gc43wBFyEWO0ZO0dpPNQ+d7W+GksBMsxe3wuyqOBBYI=; b=KHnWjbOH97BipXVTsnvxUta2npIsvt5m+jbz5/ulrtQ1vbgFDBewQafCaWvJWxQ7IR sCMac6ttfhbWI1xrNr3WttHqD6p670i8JqBkp5HFTyDfTR9TD9fXvweb1NXWaLwXTyb6 uoWtA199CHlf4k4RCjVI7RpLEnsg9QD7l6YmSQSauop2Y7D600QXQO5bL88YOTbCPUJ0 k4DncfboXHiVgi/BzLdiEEgpxch0Bpb2rX/+0pn7sqBn5MVb1Y5VwEj4o1wkq1JOowz9 +lulVHuYgwT6L8htrWLKn6+EPD9qzm2533qW5PVJQ2zGQZpfRY0tJuNhe75CH799JIi8 YsOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708649003; x=1709253803; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Gc43wBFyEWO0ZO0dpPNQ+d7W+GksBMsxe3wuyqOBBYI=; b=LOGYQGtsSk1Jvmt42oA6KsE+4+MxZFsGoQQYBhFJelcdw0KureRjmCF92fLsBoKXP/ 1ReigWo7ywLrzYb+z6U9IQgY25CvkSPnj9C9oo1oH/4sO3m4sp55ccGWg0b3xiiaBsjA zqdSBm6Pb16rVy1doBhxNzx6qw2QNLKuSvHZcN+9sxdOkw5u6nRE2r6X7YiSX6DDTYqG 53awhCGTUOzZA6JVHyhQT3miCTyUymL+7uw+61mZ10BmWmBKBadeoVGIk8i5UlKOQ/L6 ZTN4TaETsI/PhCzmLQyoefWrCjUkgBjjlg/7FlJI//LRRKkDDMkBx1C/PcaEXjG3D9+c RimA== X-Forwarded-Encrypted: i=1; AJvYcCWn1W20tilecaBiJL2M33oMT1bO3MX232bpggGFo3Nu2pNRpA8tNST5h7pX4rsbXuyS2Ru5CX6leRmYfSZivvod39d/cMTNfBQlOaVcDeqVsKdFAww= X-Gm-Message-State: AOJu0YwE9k+DSUg47/C2sfSFMIAJnTe5/CoXzKQR5yfAuSMgTzRwrRyd 79ALCJjhbaXlnnz8g/lBeiHzT2d2IzdtNfXZzjgMCHPGEsbXh/hcMqDqSqvmIWLc5AEI9+5Inzy F/A== X-Google-Smtp-Source: AGHT+IH8J8hOUDN/iwRypevdW7KRyW+a1uJn7645jMv/ZgZVJ0iWo7rJ7snpuFhqmTRKnqRT0U6drKpAx6Q= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:188b:b0:6e4:8b79:f5be with SMTP id x11-20020a056a00188b00b006e48b79f5bemr32117pfh.3.1708649003443; Thu, 22 Feb 2024 16:43:23 -0800 (PST) Date: Thu, 22 Feb 2024 16:42:58 -0800 In-Reply-To: <20240223004258.3104051-1-seanjc@google.com> Mime-Version: 1.0 References: <20240223004258.3104051-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240223004258.3104051-12-seanjc@google.com> Subject: [PATCH v9 11/11] KVM: selftests: Add a basic SEV-ES smoke test From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, Vishal Annapurve , Ackerley Tng , Andrew Jones , Tom Lendacky , Michael Roth , Carlos Bilbao , Peter Gonda , Itaru Kitayama X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240222_164326_599614_5C641D5F X-CRM114-Status: GOOD ( 16.48 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Extend sev_smoke_test to also run a minimal SEV-ES smoke test so that it's possible to test KVM's unique VMRUN=>#VMEXIT path for SEV-ES guests without needing a full blown SEV-ES capable VM, which requires a rather absurd amount of properly configured collateral. Punt on proper GHCB and ucall support, and instead use the GHCB MSR protocol to signal test completion. The most important thing at this point is to have _any_ kind of testing of KVM's __svm_sev_es_vcpu_run(). Cc: Tom Lendacky Cc: Michael Roth Cc: Peter Gonda Cc: Carlos Bilbao Signed-off-by: Sean Christopherson --- .../selftests/kvm/include/x86_64/sev.h | 2 ++ .../selftests/kvm/lib/x86_64/processor.c | 2 +- tools/testing/selftests/kvm/lib/x86_64/sev.c | 6 +++- .../selftests/kvm/x86_64/sev_smoke_test.c | 30 +++++++++++++++++++ 4 files changed, 38 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/sev.h b/tools/testing/selftests/kvm/include/x86_64/sev.h index de5283bef752..8a1bf88474c9 100644 --- a/tools/testing/selftests/kvm/include/x86_64/sev.h +++ b/tools/testing/selftests/kvm/include/x86_64/sev.h @@ -25,6 +25,8 @@ enum sev_guest_state { #define SEV_POLICY_NO_DBG (1UL << 0) #define SEV_POLICY_ES (1UL << 2) +#define GHCB_MSR_TERM_REQ 0x100 + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c index aa92220bf5da..a33289a5b89a 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/processor.c +++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c @@ -1074,7 +1074,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits) void kvm_init_vm_address_properties(struct kvm_vm *vm) { - if (vm->subtype == VM_SUBTYPE_SEV) { + if (vm->subtype == VM_SUBTYPE_SEV || vm->subtype == VM_SUBTYPE_SEV_ES) { vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); vm->gpa_tag_mask = vm->arch.c_bit; } diff --git a/tools/testing/selftests/kvm/lib/x86_64/sev.c b/tools/testing/selftests/kvm/lib/x86_64/sev.c index 9f5a3dbb5e65..e248d3364b9c 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/sev.c +++ b/tools/testing/selftests/kvm/lib/x86_64/sev.c @@ -53,6 +53,9 @@ void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) encrypt_region(vm, region); + if (policy & SEV_POLICY_ES) + vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); + vm->arch.is_pt_protected = true; } @@ -90,7 +93,8 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t policy, void *guest_code, struct vm_shape shape = { .type = VM_TYPE_DEFAULT, .mode = VM_MODE_DEFAULT, - .subtype = VM_SUBTYPE_SEV, + .subtype = policy & SEV_POLICY_ES ? VM_SUBTYPE_SEV_ES : + VM_SUBTYPE_SEV, }; struct kvm_vm *vm; struct kvm_vcpu *cpus[1]; diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c index 54d72efd9b4d..026779f3ed06 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c @@ -12,6 +12,21 @@ #include "linux/psp-sev.h" #include "sev.h" + +static void guest_sev_es_code(void) +{ + /* TODO: Check CPUID after GHCB-based hypercall support is added. */ + GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); + GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED); + + /* + * TODO: Add GHCB and ucall support for SEV-ES guests. For now, simply + * force "termination" to signal "done" via the GHCB MSR protocol. + */ + wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); + __asm__ __volatile__("rep; vmmcall"); +} + static void guest_sev_code(void) { GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); @@ -31,6 +46,16 @@ static void test_sev(void *guest_code, uint64_t policy) for (;;) { vcpu_run(vcpu); + if (policy & SEV_POLICY_ES) { + TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT, + "Wanted SYSTEM_EVENT, got %s", + exit_reason_str(vcpu->run->exit_reason)); + TEST_ASSERT_EQ(vcpu->run->system_event.type, KVM_SYSTEM_EVENT_SEV_TERM); + TEST_ASSERT_EQ(vcpu->run->system_event.ndata, 1); + TEST_ASSERT_EQ(vcpu->run->system_event.data[0], GHCB_MSR_TERM_REQ); + break; + } + switch (get_ucall(vcpu, &uc)) { case UCALL_SYNC: continue; @@ -54,5 +79,10 @@ int main(int argc, char *argv[]) test_sev(guest_sev_code, SEV_POLICY_NO_DBG); test_sev(guest_sev_code, 0); + if (kvm_cpu_has(X86_FEATURE_SEV_ES)) { + test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev(guest_sev_es_code, SEV_POLICY_ES); + } + return 0; }