lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 23 Dec 2022 00:13:44 +0000
From:   Vishal Annapurve <vannapurve@...gle.com>
To:     x86@...nel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-kselftest@...r.kernel.org
Cc:     pbonzini@...hat.com, vkuznets@...hat.com, wanpengli@...cent.com,
        jmattson@...gle.com, joro@...tes.org, tglx@...utronix.de,
        mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
        hpa@...or.com, shuah@...nel.org, yang.zhong@...el.com,
        drjones@...hat.com, ricarkol@...gle.com, aaronlewis@...gle.com,
        wei.w.wang@...el.com, kirill.shutemov@...ux.intel.com,
        corbet@....net, hughd@...gle.com, jlayton@...nel.org,
        bfields@...ldses.org, akpm@...ux-foundation.org,
        chao.p.peng@...ux.intel.com, yu.c.zhang@...ux.intel.com,
        jun.nakajima@...el.com, dave.hansen@...el.com,
        michael.roth@....com, qperret@...gle.com, steven.price@....com,
        ak@...ux.intel.com, david@...hat.com, luto@...nel.org,
        vbabka@...e.cz, marcorr@...gle.com, erdemaktas@...gle.com,
        pgonda@...gle.com, nikunj@....com, seanjc@...gle.com,
        diviness@...gle.com, maz@...nel.org, dmatlack@...gle.com,
        axelrasmussen@...gle.com, maciej.szmigiero@...cle.com,
        mizhang@...gle.com, bgardon@...gle.com, ackerleytng@...gle.com,
        Vishal Annapurve <vannapurve@...gle.com>
Subject: [V3 PATCH 0/8] KVM: selftests: SEV: selftests for fd-based private memory

This series implements selftests executing SEV VMs to target the feature
implemented by Chao via:
https://lore.kernel.org/lkml/20221220074318.GC1724933@chaop.bj.intel.com/T/

Below changes aim to test the fd based approach for guest private memory
in context of SEV VMs executing on AMD SEV compatible platforms.

sev_private_mem_test.c file adds selftest to access private memory from
the guest via private/shared accesses and checking if the contents can be
leaked to/accessed by vmm via shared memory view before/after
conversions.

To allow SEV/SEV-ES VMs to toggle the encryption bit during memory
conversion, support is added for mapping guest pagetables to guest va
ranges and passing the mapping information to guests via shared pages.

Updates in v3:
1) Dropped RFC tag.
2) Pagetable mapping logic is revisited to reduce the APIs and passing
the information to guest is simplified.
3) Additional changes to execute hypercall as per cpu type are added
4) Selftest implementation is based on revised non-confidential VM
selftests.

Link to RFC v2:
https://lore.kernel.org/lkml/20220830224259.412342-8-vannapurve@google.com/T/

This series has dependency on following patch series:
1) Series mentioned above from Chao
2) Selftests testing fd based memory for non-confidential VMs:
https://lore.kernel.org/lkml/20221205232341.4131240-5-vannapurve@google.com/T/
3) Selftests to add SEV VM creation and execution from Peter and Michael:
https://lore.kernel.org/lkml/20221018205845.770121-3-pgonda@google.com/T/
4) Series to execute hypercall natively:
https://lore.kernel.org/lkml/20221222230458.3828342-1-vannapurve@google.com/

Github link for the patches posted as part of this series:
https://github.com/vishals4gh/linux/commits/sev_upm_selftests_rfc_v3

Vishal Annapurve (8):
  KVM: selftests: private_mem: Use native hypercall
  KVM: selftests: Support mapping pagetables to guest virtual memory
  KVM: selftests: x86: Support changing gpa encryption masks
  KVM: selftests: Split SEV VM creation logic
  KVM: selftests: Enable pagetable mapping for SEV VMs
  KVM: selftests: Refactor private_mem_test
  KVM: selftests: private_mem_test: Add support for SEV VMs
  KVM: selftests: Add private mem test for SEV VMs

 tools/testing/selftests/kvm/.gitignore        |   1 +
 tools/testing/selftests/kvm/Makefile          |   2 +
 .../selftests/kvm/include/kvm_util_base.h     |  88 +++++++
 .../include/x86_64/private_mem_test_helper.h  |  18 ++
 .../selftests/kvm/include/x86_64/processor.h  |   4 +
 .../selftests/kvm/include/x86_64/sev.h        |   4 +
 tools/testing/selftests/kvm/lib/kvm_util.c    |  88 ++++++-
 .../selftests/kvm/lib/x86_64/private_mem.c    |   2 +-
 .../kvm/lib/x86_64/private_mem_test_helper.c  | 228 ++++++++++++++++++
 .../selftests/kvm/lib/x86_64/processor.c      |  80 ++++++
 tools/testing/selftests/kvm/lib/x86_64/sev.c  |  25 +-
 .../selftests/kvm/x86_64/private_mem_test.c   | 187 +-------------
 .../kvm/x86_64/sev_private_mem_test.c         |  26 ++
 13 files changed, 562 insertions(+), 191 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86_64/private_mem_test_helper.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86_64/private_mem_test_helper.c
 create mode 100644 tools/testing/selftests/kvm/x86_64/sev_private_mem_test.c

-- 
2.39.0.314.g84b9a713c41-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ