| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Aug 2022 16:14:02 -0700
From: "Chang S. Bae" <chang.seok.bae@...el.com>
To: kvm@...r.kernel.org, pbonzini@...hat.com
Cc: linux-kernel@...r.kernel.org, yang.zhong@...el.com,
chang.seok.bae@...el.com, linux-kselftest@...r.kernel.org
Subject: [RFC PATCH 2/2] selftests: kvm: Use the KVM API to enable dynamic XSTATE features
Use the KVM_X86_XCOMP_GUEST_PERM attribute, instead of the x86-specific prctl()
options.
Signed-off-by: Chang S. Bae <chang.seok.bae@...el.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>
Cc: Yang Zhong <yang.zhong@...el.com>
Cc: linux-kernel@...r.kernel.org
Cc: kvm@...r.kernel.org
Cc: linux-kselftest@...r.kernel.org
---
tools/arch/x86/include/uapi/asm/kvm.h | 1 +
.../selftests/kvm/lib/x86_64/processor.c | 22 ++++++++++++++-----
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/tools/arch/x86/include/uapi/asm/kvm.h b/tools/arch/x86/include/uapi/asm/kvm.h
index 46de10a809ec..6ab9a2b38061 100644
--- a/tools/arch/x86/include/uapi/asm/kvm.h
+++ b/tools/arch/x86/include/uapi/asm/kvm.h
@@ -461,6 +461,7 @@ struct kvm_sync_regs {
/* attributes for system fd (group 0) */
#define KVM_X86_XCOMP_GUEST_SUPP 0
+#define KVM_X86_XCOMP_GUEST_PERM 1
struct kvm_vmx_nested_state_data {
__u8 vmcs12[KVM_STATE_NESTED_VMX_VMCS_SIZE];
diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c
index 2e6e61bbe81b..b67f28676d15 100644
--- a/tools/testing/selftests/kvm/lib/x86_64/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c
@@ -593,8 +593,6 @@ void __vm_xsave_require_permission(int bit, const char *name)
kvm_fd = open_kvm_dev_path_or_exit();
rc = __kvm_ioctl(kvm_fd, KVM_GET_DEVICE_ATTR, &attr);
- close(kvm_fd);
-
if (rc == -1 && (errno == ENXIO || errno == EINVAL))
__TEST_REQUIRE(0, "KVM_X86_XCOMP_GUEST_SUPP not supported");
@@ -603,13 +601,25 @@ void __vm_xsave_require_permission(int bit, const char *name)
__TEST_REQUIRE(bitmask & (1ULL << bit),
"Required XSAVE feature '%s' not supported", name);
- TEST_REQUIRE(!syscall(SYS_arch_prctl, ARCH_REQ_XCOMP_GUEST_PERM, bit));
+ attr.attr = KVM_X86_XCOMP_GUEST_PERM;
+ attr.addr = (unsigned long) bit;
+ rc = __kvm_ioctl(kvm_fd, KVM_SET_DEVICE_ATTR, &attr);
+ if (rc == -1 && (errno == ENXIO || errno == EINVAL))
+ __TEST_REQUIRE(0, "KVM_X86_XCOMP_GUEST_PERM not supported");
- rc = syscall(SYS_arch_prctl, ARCH_GET_XCOMP_GUEST_PERM, &bitmask);
- TEST_ASSERT(rc == 0, "prctl(ARCH_GET_XCOMP_GUEST_PERM) error: %ld", rc);
+ TEST_ASSERT(rc == 0, "KVM_SET_DEVICE_ATTR(0, KVM_X86_XCOMP_GUEST_PERM) error: %ld", rc);
+
+ attr.addr = (unsigned long) &bitmask;
+ rc = __kvm_ioctl(kvm_fd, KVM_GET_DEVICE_ATTR, &attr);
+ if (rc == -1 && (errno == ENXIO || errno == EINVAL))
+ __TEST_REQUIRE(0, "KVM_X86_XCOMP_GUEST_PERM not supported");
+
+ TEST_ASSERT(rc == 0, "KVM_GET_DEVICE_ATTR(0, KVM_X86_XCOMP_GUEST_PERM) error: %ld", rc);
TEST_ASSERT(bitmask & (1ULL << bit),
- "prctl(ARCH_REQ_XCOMP_GUEST_PERM) failure bitmask=0x%lx",
+ "KVM_GET_DEVICE_ATTR(0, KVM_X86_XCOMP_GUEST_PERM) failure bitmask=0x%lx",
bitmask);
+
+ close(kvm_fd);
}
struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id,
--
2.17.1
Powered by blists - more mailing lists