There are conflicts between glibc system headers sys/ptrace.h and
linux/ptrace.h that can likely cause seccomp_metadata not be
defined depending on what version versions are installed, leading
to compile errors.
A solution to make this test more resitant to these system header
differences is to rely on defintions inside of the file by
unconditionally defining seccomp_metadata and removing the
linux/ptrace.h include where a defintion of seccomp_metadata
exists for certain headers.
Signed-off-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger(a)canonical.com>
---
tools/testing/selftests/seccomp/seccomp_bpf.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c
index d425688cf59c..67e2c3c001a0 100644
--- a/tools/testing/selftests/seccomp/seccomp_bpf.c
+++ b/tools/testing/selftests/seccomp/seccomp_bpf.c
@@ -26,7 +26,6 @@
#include <sys/ptrace.h>
#include <sys/user.h>
#include <linux/prctl.h>
-#include <linux/ptrace.h>
#include <linux/seccomp.h>
#include <pthread.h>
#include <semaphore.h>
@@ -171,12 +170,12 @@ struct seccomp_data {
#ifndef PTRACE_SECCOMP_GET_METADATA
#define PTRACE_SECCOMP_GET_METADATA 0x420d
+#endif
struct seccomp_metadata {
__u64 filter_off; /* Input: which filter */
__u64 flags; /* Output: filter's flags */
};
-#endif
#ifndef SECCOMP_FILTER_FLAG_NEW_LISTENER
#define SECCOMP_FILTER_FLAG_NEW_LISTENER (1UL << 3)
--
2.32.0
In some platforms the numa node numbers are not necessarily consecutive,
meaning that not all nodes from 0 to the value returned by
numa_max_node() are available on the system. Using node numbers which
are not available results on errors from libnuma such as:
---- IPv4 UDP ----
send node 0, receive socket 0
libnuma: Warning: Cannot read node cpumask from sysfs
./reuseport_bpf_numa: failed to pin to node: No such file or directory
Fix it by checking if the node number bit is set on numa_nodes_ptr,
which is defined on libnuma as "Set with all nodes the kernel has
exposed to userspace".
Signed-off-by: Kleber Sacilotto de Souza <kleber.souza(a)canonical.com>
---
tools/testing/selftests/net/reuseport_bpf_numa.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tools/testing/selftests/net/reuseport_bpf_numa.c b/tools/testing/selftests/net/reuseport_bpf_numa.c
index c9f478b40996..b2eebf669b8c 100644
--- a/tools/testing/selftests/net/reuseport_bpf_numa.c
+++ b/tools/testing/selftests/net/reuseport_bpf_numa.c
@@ -211,12 +211,16 @@ static void test(int *rcv_fd, int len, int family, int proto)
/* Forward iterate */
for (node = 0; node < len; ++node) {
+ if (!numa_bitmask_isbitset(numa_nodes_ptr, node))
+ continue;
send_from_node(node, family, proto);
receive_on_node(rcv_fd, len, epfd, node, proto);
}
/* Reverse iterate */
for (node = len - 1; node >= 0; --node) {
+ if (!numa_bitmask_isbitset(numa_nodes_ptr, node))
+ continue;
send_from_node(node, family, proto);
receive_on_node(rcv_fd, len, epfd, node, proto);
}
--
2.30.2
These patches and are also available at:
https://github.com/mdroth/linux/commits/sev-selftests-rfc1
They are based on top of v5 of Brijesh's SEV-SNP hypervisor patches[1]
to allow for SEV-SNP testing and provide some context for the overall
design, but the SEV/SEV-ES patches can be carved out into a separate
series as needed.
== OVERVIEW ==
This series introduces a set of memory encryption-related parameter/hooks
in the core kselftest library, then uses the hooks to implement a small
library for creating/managing SEV, SEV-ES, SEV-SNP guests. This library
is then used to implement a basic boot/memory test that's run for all
variants of SEV/SEV-ES/SEV-SNP guest types, as well as a set of SEV-SNP
tests that cover various permutations of pvalidate/page-state changes.
- Patches 1-7 implement SEV boot tests and should run against existing
kernels
- Patch 8 is a KVM changes that's required to allow SEV-ES/SEV-SNP
guests to boot with an externally generated page table, and is a
host kernel prequisite for the remaining patches in the series.
- Patches 9-12 extend the boot tests to cover SEV-ES
- Patches 13-16 extend the boot testst to cover SEV-SNP, and introduce
an additional test for page-state changes.
Any review/comments are greatly appreciated!
[1] https://lore.kernel.org/linux-mm/20210820155918.7518-1-brijesh.singh@amd.co…
----------------------------------------------------------------
Michael Roth (16):
KVM: selftests: move vm_phy_pages_alloc() earlier in file
KVM: selftests: add hooks for managing encrypted guest memory
KVM: selftests: handle encryption bits in page tables
KVM: selftests: set CPUID before setting sregs in vcpu creation
KVM: selftests: add support for encrypted vm_vaddr_* allocations
KVM: selftests: add library for creating/interacting with SEV guests
KVM: selftests: add SEV boot tests
KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests
KVM: selftests: account for error code in #VC exception frame
KVM: selftests: add support for creating SEV-ES guests
KVM: selftests: add library for handling SEV-ES-related exits
KVM: selftests: add SEV-ES boot tests
KVM: selftests: add support for creating SEV-SNP guests
KVM: selftests: add helpers for SEV-SNP-related instructions/exits
KVM: selftests: add SEV-SNP boot tests
KVM: selftests: add SEV-SNP tests for page-state changes
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/svm/svm.c | 22 ++
arch/x86/kvm/vmx/vmx.c | 8 +
arch/x86/kvm/x86.c | 3 +-
tools/testing/selftests/kvm/.gitignore | 2 +
tools/testing/selftests/kvm/Makefile | 3 +
tools/testing/selftests/kvm/include/kvm_util.h | 8 +
tools/testing/selftests/kvm/include/x86_64/sev.h | 70 ++++
.../selftests/kvm/include/x86_64/sev_exitlib.h | 20 ++
tools/testing/selftests/kvm/include/x86_64/svm.h | 35 ++
.../selftests/kvm/include/x86_64/svm_util.h | 2 +
tools/testing/selftests/kvm/lib/kvm_util.c | 249 +++++++++-----
.../testing/selftests/kvm/lib/kvm_util_internal.h | 10 +
tools/testing/selftests/kvm/lib/x86_64/handlers.S | 4 +-
tools/testing/selftests/kvm/lib/x86_64/processor.c | 30 +-
tools/testing/selftests/kvm/lib/x86_64/sev.c | 381 +++++++++++++++++++++
.../testing/selftests/kvm/lib/x86_64/sev_exitlib.c | 326 ++++++++++++++++++
.../selftests/kvm/x86_64/sev_all_boot_test.c | 367 ++++++++++++++++++++
.../selftests/kvm/x86_64/sev_snp_psc_test.c | 378 ++++++++++++++++++++
20 files changed, 1820 insertions(+), 100 deletions(-)
create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h
create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c
create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c
create mode 100644 tools/testing/selftests/kvm/x86_64/sev_snp_psc_test.c
Commit ddbd60c779b4 ("kunit: use --build_dir=.kunit as default") changed
the default --build_dir, which had the side effect of making
`.kunitconfig` move to `.kunit/.kunitconfig`.
However, the first few lines of kunit/start.rst never got updated, oops.
Fix this by telling people to run kunit.py first, which will
automatically generate the .kunit directory and .kunitconfig file, and
then edit the file manually as desired.
Reported-by: Yifan Yuan <alpc_metic(a)live.com>
Signed-off-by: Daniel Latypov <dlatypov(a)google.com>
---
Documentation/dev-tools/kunit/start.rst | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/Documentation/dev-tools/kunit/start.rst b/Documentation/dev-tools/kunit/start.rst
index 1e00f9226f74..65f4ef6c1f4c 100644
--- a/Documentation/dev-tools/kunit/start.rst
+++ b/Documentation/dev-tools/kunit/start.rst
@@ -31,14 +31,15 @@ This file essentially contains the regular Kernel config, with the specific
test targets as well. The ``.kunitconfig`` should also contain any other config
options required by the tests.
-A good starting point for a ``.kunitconfig`` is the KUnit defconfig:
+If you run KUnit, it'll generate one automatically for you.
.. code-block:: bash
cd $PATH_TO_LINUX_REPO
- cp tools/testing/kunit/configs/default.config .kunitconfig
+ ./tools/testing/kunit/kunit.py run
+ cat .kunit/.kunitconfig
-You can then add any other Kconfig options you wish, e.g.:
+You can then edit that file to add any other Kconfig options you wish, e.g.:
.. code-block:: none
base-commit: 52a5d80a2225e2d0b2a8f4656b76aead2a443b2a
--
2.33.1.1089.g2158813163f-goog