lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220511000811.384766-1-vannapurve@google.com>
Date:   Wed, 11 May 2022 00:08:02 +0000
From:   Vishal Annapurve <vannapurve@...gle.com>
To:     x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-kselftest@...r.kernel.org
Cc:     pbonzini@...hat.com, vkuznets@...hat.com, wanpengli@...cent.com,
        jmattson@...gle.com, joro@...tes.org, tglx@...utronix.de,
        mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
        hpa@...or.com, shauh@...nel.org, yang.zhong@...el.com,
        drjones@...hat.com, ricarkol@...gle.com, aaronlewis@...gle.com,
        wei.w.wang@...el.com, kirill.shutemov@...ux.intel.com,
        corbet@....net, hughd@...gle.com, jlayton@...nel.org,
        bfields@...ldses.org, akpm@...ux-foundation.org,
        chao.p.peng@...ux.intel.com, yu.c.zhang@...ux.intel.com,
        jun.nakajima@...el.com, dave.hansen@...el.com,
        michael.roth@....com, qperret@...gle.com, steven.price@....com,
        ak@...ux.intel.com, david@...hat.com, luto@...nel.org,
        vbabka@...e.cz, marcorr@...gle.com, erdemaktas@...gle.com,
        pgonda@...gle.com, nikunj@....com, seanjc@...gle.com,
        diviness@...gle.com, Vishal Annapurve <vannapurve@...gle.com>
Subject: [RFC V2 PATCH 0/8] selftests: KVM: selftests for fd-based approach of
 supporting private memory

This v2 series implements selftests targeting the feature floated by Chao
via:
https://lore.kernel.org/linux-mm/20220310140911.50924-1-chao.p.peng@linux.intel.com/

Below changes aim to test the fd based approach for guest private memory
in context of normal (non-confidential) VMs executing on non-confidential
platforms.

priv_memfd_test.c file adds a suite of selftests to access private memory
from the guest via private/shared accesses and checking if the contents
can be leaked to/accessed by vmm via shared memory view.

Updates in V2:
1) Tests are added to exercise implicit/explicit memory conversion paths.
2) Test is added to exercise UPM feature without double memory allocation.

This series has dependency on following patches:
1) V5 series patches from Chao mentioned above.
2) https://github.com/vishals4gh/linux/commit/b9adedf777ad84af39042e9c19899600a4add68a
  - Fixes host kernel crash with current implementation
3) https://github.com/vishals4gh/linux/commit/0577e351ee36d52c1f6cdcb1b8de7aa6b5f760fe
  - Confidential platforms along with the confidentiality aware software stack
    support a notion of private/shared accesses from the confidential VMs.
    Generally, a bit in the GPA conveys the shared/private-ness of the access.

    Non-confidential platforms don't have a notion of private or shared accesses
    from the guest VMs. To support this notion, KVM_HC_MAP_GPA_RANGE is modified
    to allow marking an access from a VM within a GPA range as always shared or
    private. There is an ongoing discussion about adding support for
    software-only confidential VMs, which should replace this patch.
4) https://github.com/vishals4gh/linux/commit/8d46aea9a7d72e4b1b998066ce0dde085fb963a7
  - Temporary placeholder to be able to test memory conversion paths
    till the memory conversion exit error code is finalized.
5) https://github.com/vishals4gh/linux/commit/4c36706477c62d9416d635fa6ac4ef6484014dfc
  - Fixes GFN calculation during memory conversion path.

Github link for the patches posted as part of this series:
https://github.com/vishals4gh/linux/commits/priv_memfd_selftests_rfc_v2

Austin Diviness (1):
  selftests: kvm: Add hugepage support to priv_memfd_test suite.

Vishal Annapurve (7):
  selftests: kvm: Fix inline assembly for hypercall
  selftests: kvm: Add a basic selftest to test private memory
  selftests: kvm: priv_memfd_test: Add support for memory conversion
  selftests: kvm: priv_memfd_test: Add shared access test
  selftests: kvm: Add implicit memory conversion tests
  selftests: kvm: Add KVM_HC_MAP_GPA_RANGE hypercall test
  selftests: kvm: priv_memfd: Add test avoiding double allocation

 tools/testing/selftests/kvm/Makefile          |    1 +
 .../selftests/kvm/lib/x86_64/processor.c      |    2 +-
 tools/testing/selftests/kvm/priv_memfd_test.c | 1359 +++++++++++++++++
 3 files changed, 1361 insertions(+), 1 deletion(-)
 create mode 100644 tools/testing/selftests/kvm/priv_memfd_test.c

-- 
2.36.0.512.ge40c2bad7a-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ