| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Feb 2020 10:59:43 +0100
From: Auger Eric <eric.auger@...hat.com>
To: Vitaly Kuznetsov <vkuznets@...hat.com>
Cc: thuth@...hat.com, drjones@...hat.com, wei.huang2@....com,
eric.auger.pro@...il.com, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, pbonzini@...hat.com
Subject: Re: [PATCH v2 2/2] selftests: KVM: SVM: Add vmcall test
Hi,
On 2/3/20 10:44 AM, Vitaly Kuznetsov wrote:
> Eric Auger <eric.auger@...hat.com> writes:
>
>> L2 guest calls vmcall and L1 checks the exit status does
>> correspond.
>>
>> Signed-off-by: Eric Auger <eric.auger@...hat.com>
>> ---
>> tools/testing/selftests/kvm/Makefile | 1 +
>> .../selftests/kvm/x86_64/svm_vmcall_test.c | 86 +++++++++++++++++++
>> 2 files changed, 87 insertions(+)
>> create mode 100644 tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c
>>
>> diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile
>> index 2e770f554cae..b529d3b42c02 100644
>> --- a/tools/testing/selftests/kvm/Makefile
>> +++ b/tools/testing/selftests/kvm/Makefile
>> @@ -26,6 +26,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/vmx_dirty_log_test
>> TEST_GEN_PROGS_x86_64 += x86_64/vmx_set_nested_state_test
>> TEST_GEN_PROGS_x86_64 += x86_64/vmx_tsc_adjust_test
>> TEST_GEN_PROGS_x86_64 += x86_64/xss_msr_test
>> +TEST_GEN_PROGS_x86_64 += x86_64/svm_vmcall_test
>> TEST_GEN_PROGS_x86_64 += clear_dirty_log_test
>> TEST_GEN_PROGS_x86_64 += dirty_log_test
>> TEST_GEN_PROGS_x86_64 += kvm_create_max_vcpus
>> diff --git a/tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c b/tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c
>> new file mode 100644
>> index 000000000000..75e66f3bbbc0
>> --- /dev/null
>> +++ b/tools/testing/selftests/kvm/x86_64/svm_vmcall_test.c
>> @@ -0,0 +1,86 @@
>> +// SPDX-License-Identifier: GPL-2.0-only
>> +/*
>> + * svm_vmcall_test
>> + *
>> + * Copyright (C) 2020, Red Hat, Inc.
>> + *
>> + * Nested SVM testing: VMCALL
>> + */
>> +
>> +#include "test_util.h"
>> +#include "kvm_util.h"
>> +#include "processor.h"
>> +#include "svm.h"
>> +
>> +#include <string.h>
>> +#include <sys/ioctl.h>
>> +
>> +#include "kselftest.h"
>> +#include <linux/kernel.h>
>> +
>> +#define VCPU_ID 5
>> +
>> +/* The virtual machine object. */
>
> I'm not sure this comment is any helpful, the virus is probably
> spreading from vmx_close_while_nested_test.c/vmx_tsc_adjust_test.c :-)
;-)
>
>> +static struct kvm_vm *vm;
>> +
>> +static inline void l2_vmcall(struct svm_test_data *svm)
>> +{
>> + __asm__ __volatile__("vmcall");
>> +}
>> +
>> +static void l1_guest_code(struct svm_test_data *svm)
>> +{
>> + #define L2_GUEST_STACK_SIZE 64
>> + unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE];
>> + struct vmcb *vmcb = svm->vmcb;
>> +
>> + /* Prepare for L2 execution. */
>> + generic_svm_setup(svm, l2_vmcall,
>> + &l2_guest_stack[L2_GUEST_STACK_SIZE]);
>> +
>> + run_guest(vmcb, svm->vmcb_gpa);
>> +
>> + GUEST_ASSERT(vmcb->control.exit_code == SVM_EXIT_VMMCALL);
>> + GUEST_DONE();
>> +}
>> +
>> +int main(int argc, char *argv[])
>> +{
>> + vm_vaddr_t svm_gva;
>> +
>> + nested_svm_check_supported();
>> +
>> + vm = vm_create_default(VCPU_ID, 0, (void *) l1_guest_code);
>> + vcpu_set_cpuid(vm, VCPU_ID, kvm_get_supported_cpuid());
>> +
>> + vcpu_alloc_svm(vm, &svm_gva);
>> + vcpu_args_set(vm, VCPU_ID, 1, svm_gva);
>> +
>> + for (;;) {
>> + volatile struct kvm_run *run = vcpu_state(vm, VCPU_ID);
>> + struct ucall uc;
>> +
>> + vcpu_run(vm, VCPU_ID);
>> + TEST_ASSERT(run->exit_reason == KVM_EXIT_IO,
>> + "Got exit_reason other than KVM_EXIT_IO: %u (%s)\n",
>> + run->exit_reason,
>> + exit_reason_str(run->exit_reason));
>> +
>> + switch (get_ucall(vm, VCPU_ID, &uc)) {
>> + case UCALL_ABORT:
>> + TEST_ASSERT(false, "%s",
>> + (const char *)uc.args[0]);
>> + /* NOT REACHED */
>> + case UCALL_SYNC:
>> + break;
>> + case UCALL_DONE:
>> + goto done;
>> + default:
>> + TEST_ASSERT(false,
>> + "Unknown ucall 0x%x.", uc.cmd);
>> + }
>> + }
>> +done:
>> + kvm_vm_free(vm);
>> + return 0;
>> +}
>
> Reviewed-by: Vitaly Kuznetsov <vkuznets@...hat.com>
Thanks!
I will respin quickly
Eric
>
> Thanks!
>
Powered by blists - more mailing lists