| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68fff9328b74_1ffdeb100d8@iweiny-mobl.notmuch>
Date: Mon, 27 Oct 2025 17:58:58 -0500
From: Ira Weiny <ira.weiny@...el.com>
To: Sean Christopherson <seanjc@...gle.com>, Sagi Shahar <sagis@...gle.com>
CC: <linux-kselftest@...r.kernel.org>, Paolo Bonzini <pbonzini@...hat.com>,
Shuah Khan <shuah@...nel.org>, Ackerley Tng <ackerleytng@...gle.com>, "Ryan
Afranji" <afranji@...gle.com>, Andrew Jones <ajones@...tanamicro.com>, "Isaku
Yamahata" <isaku.yamahata@...el.com>, Erdem Aktas <erdemaktas@...gle.com>,
Rick Edgecombe <rick.p.edgecombe@...el.com>, Roger Wang
<runanwang@...gle.com>, Binbin Wu <binbin.wu@...ux.intel.com>, Oliver Upton
<oliver.upton@...ux.dev>, "Pratik R. Sampat" <pratikrajesh.sampat@....com>,
Reinette Chatre <reinette.chatre@...el.com>, Ira Weiny <ira.weiny@...el.com>,
Chao Gao <chao.gao@...el.com>, Chenyi Qiang <chenyi.qiang@...el.com>,
<linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>
Subject: Re: [PATCH v11 21/21] KVM: selftests: Add TDX lifecycle test
Sean Christopherson wrote:
> On Thu, Sep 25, 2025, Sagi Shahar wrote:
> > diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
> > index 53cfadeff8de..714413e062fd 100644
> > --- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
> > +++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
> > @@ -328,3 +328,21 @@ void vm_tdx_finalize(struct kvm_vm *vm)
> > load_td_private_memory(vm);
> > vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL);
> > }
> > +
> > +struct kvm_vm *vm_tdx_create_with_one_vcpu(void *guest_code,
> > + struct kvm_vcpu **vcpu)
> > +{
> > + struct vm_shape shape = {
> > + .mode = VM_MODE_DEFAULT,
> > + .type = KVM_X86_TDX_VM,
> > + };
> > + struct kvm_vm *vm;
> > + struct kvm_vcpu *vcpus[1];
> > +
> > + vm = __vm_create_with_vcpus(shape, 1, 0, guest_code, vcpus);
> > + *vcpu = vcpus[0];
> > +
> > + vm_tdx_finalize(vm);
> > +
> > + return vm;
> > +}
>
> Rather than add a full wrapper, and duplicate all of vm_sev_create_with_one_vcpu(),
> we should just add macros to convert a type to a shape.
>
> E.g. with this, you can simply add:
>
> #define VM_SHAPE_TDX VM_TYPE(KVM_X86_TDX_VM)
>
> And coupled with Ira's suggestion regarding vm_tdx_finalize(), there should be
> no need for vm_tdx_create_with_one_vcpu().
All sounds reasonable to me but some questions/comments below.
[snip]
> diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h
> index af52cd938b50..af0b53987c06 100644
> --- a/tools/testing/selftests/kvm/include/kvm_util.h
> +++ b/tools/testing/selftests/kvm/include/kvm_util.h
> @@ -210,6 +210,20 @@ kvm_static_assert(sizeof(struct vm_shape) == sizeof(uint64_t));
> shape; \
> })
>
> +#define __VM_TYPE(__mode, __type) \
> +({ \
> + struct vm_shape shape = { \
> + .mode = (__mode), \
> + .type = (__type) \
> + }; \
> + \
> + shape; \
> +})
> +
> +#define VM_TYPE(__type) \
> + __VM_TYPE(VM_MODE_DEFAULT, __type)
We already have VM_SHAPE()? Why do we need this as well?
> +
> +
> #if defined(__aarch64__)
>
> extern enum vm_guest_mode vm_mode_default;
> diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/testing/selftests/kvm/include/x86/processor.h
> index 51cd84b9ca66..dd21e11e1908 100644
> --- a/tools/testing/selftests/kvm/include/x86/processor.h
> +++ b/tools/testing/selftests/kvm/include/x86/processor.h
> @@ -362,6 +362,10 @@ static inline unsigned int x86_model(unsigned int eax)
> return ((eax >> 12) & 0xf0) | ((eax >> 4) & 0x0f);
> }
>
> +#define VM_SHAPE_SEV VM_TYPE(KVM_X86_SEV_VM)
> +#define VM_SHAPE_SEV_ES VM_TYPE(KVM_X86_SEV_ES_VM)
> +#define VM_SHAPE_SNP VM_TYPE(KVM_X86_SNP_VM)
FWIW I think the SEV bits should be pulled apart from the TDX bits and the
TDX bits squashed back into this series with the SEV as a per-cursor patch.
Ira
[snip]
Powered by blists - more mailing lists