February 2022 - Linux-kselftest-mirror

[PATCH net-next v3 0/5] Add support for locked bridge ports (for 802.1X)

by Hans Schultz

This series starts by adding support for SA filtering to the bridge, which is then allowed to be offloaded to switchdev devices. Furthermore an offloading implementation is supplied for the mv88e6xxx driver. Public Local Area Networks are often deployed such that there is a risk of unauthorized or unattended clients getting access to the LAN. To prevent such access we introduce SA filtering, such that ports designated as secure ports are set in locked mode, so that only authorized source MAC addresses are given access by adding them to the bridges forwarding database. Incoming packets with source MAC addresses that are not in the forwarding database of the bridge are discarded. It is then the task of user space daemons to populate the bridge's forwarding database with static entries of authorized entities. The most common approach is to use the IEEE 802.1X protocol to take care of the authorization of allowed users to gain access by opening for the source address of the authorized host. With the current use of the bridge parameter in hostapd, there is a limitation in using this for IEEE 802.1X port authentication. It depends on hostapd attaching the port on which it has a successful authentication to the bridge, but that only allows for a single authentication per port. This patch set allows for the use of IEEE 802.1X port authentication in a more general network context with multiple 802.1X aware hosts behind a single port as depicted, which is a commonly used commercial use-case, as it is only the number of available entries in the forwarding database that limits the number of authenticated clients. +--------------------------------+ | | | Bridge/Authenticator | | | +-------------+------------------+ 802.1X port | | | +------+-------+ | | | Hub/Switch | | | +-+----------+-+ | | +--+--+ +--+--+ | | | | Hosts | a | | b | . . . | | | | +-----+ +-----+ The 802.1X standard involves three different components, a Supplicant (Host), an Authenticator (Network Access Point) and an Authentication Server which is typically a Radius server. This patch set thus enables the bridge module together with an authenticator application to serve as an Authenticator on designated ports. For the bridge to become an IEEE 802.1X Authenticator, a solution using hostapd with the bridge driver can be found at https://github.com/westermo/hostapd/tree/bridge_driver . The relevant components work transparently in relation to if it is the bridge module or the offloaded switchcore case that is in use. Hans Schultz (5): net: bridge: Add support for bridge port in locked mode net: bridge: Add support for offloading of locked port flag net: dsa: Add support for offloaded locked port flag net: dsa: mv88e6xxx: Add support for bridge port locked mode selftests: forwarding: tests of locked port feature drivers/net/dsa/mv88e6xxx/chip.c | 9 +- drivers/net/dsa/mv88e6xxx/port.c | 33 ++++ drivers/net/dsa/mv88e6xxx/port.h | 9 +- include/linux/if_bridge.h | 1 + include/uapi/linux/if_link.h | 1 + net/bridge/br_input.c | 10 +- net/bridge/br_netlink.c | 6 +- net/bridge/br_switchdev.c | 2 +- net/dsa/port.c | 4 +- .../testing/selftests/net/forwarding/Makefile | 1 + .../net/forwarding/bridge_locked_port.sh | 174 ++++++++++++++++++ tools/testing/selftests/net/forwarding/lib.sh | 16 ++ 12 files changed, 259 insertions(+), 7 deletions(-) create mode 100755 tools/testing/selftests/net/forwarding/bridge_locked_port.sh -- 2.30.2

2 years, 2 months

5
17
0 0

[PATCH 0/3] s390: Ultravisor device

by Steffen Eiden

This series adds an Ultravisor(UV) device letting the userspace send some Ultravisor calls to the UV. Currently two calls are supported. Query Ultravisor Information (QUI) and Receive Attestation Measurement (Attest[ation]). The UV device is implemented as a miscdevice accepting only IOCTLs. The IOCTL cmd specifies the UV call and the IOCTL arg the request and response data depending on the UV call. The device driver writes the UV response in the ioctl argument data. The 'uvdevice' does no checks on the request beside faulty userspace addresses, if sizes are in a sane range before allocating in kernel space, and other tests that prevent the system from corruption. Especially, no checks are made, that will be performed by the UV anyway (E.g. 'invalid command' in case of attestation on unsupported hardware). These errors are reported back to Userspace using the UV return code field. Steffen Eiden (3): drivers/s390/char: Add Ultravisor io device drivers/s390/char: Add Ultravisor attestation to uvdevice selftests: drivers/s390x: Add uvdevice tests MAINTAINERS | 3 + arch/s390/include/asm/uv.h | 23 +- arch/s390/include/uapi/asm/uvdevice.h | 46 +++ drivers/s390/char/Kconfig | 9 + drivers/s390/char/Makefile | 1 + drivers/s390/char/uvdevice.c | 325 ++++++++++++++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/drivers/.gitignore | 1 + .../selftests/drivers/s390x/uvdevice/Makefile | 22 ++ .../selftests/drivers/s390x/uvdevice/config | 1 + .../drivers/s390x/uvdevice/test_uvdevice.c | 280 +++++++++++++++ 11 files changed, 711 insertions(+), 1 deletion(-) create mode 100644 arch/s390/include/uapi/asm/uvdevice.h create mode 100644 drivers/s390/char/uvdevice.c create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/Makefile create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/config create mode 100644 tools/testing/selftests/drivers/s390x/uvdevice/test_uvdevice.c -- 2.25.1

2 years, 2 months

3
7
0 0

[PATCH] selftests: kvm: Check whether SIDA memop fails for normal guests

by Thomas Huth

Commit 2c212e1baedc ("KVM: s390: Return error on SIDA memop on normal guest") fixed the behavior of the SIDA memops for normal guests. It would be nice to have a way to test whether the current kernel has the fix applied or not. Thus add a check to the KVM selftests for these two memops. Signed-off-by: Thomas Huth <thuth(a)redhat.com> --- tools/testing/selftests/kvm/s390x/memop.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/tools/testing/selftests/kvm/s390x/memop.c b/tools/testing/selftests/kvm/s390x/memop.c index 9f49ead380ab..d19c3ffdea3f 100644 --- a/tools/testing/selftests/kvm/s390x/memop.c +++ b/tools/testing/selftests/kvm/s390x/memop.c @@ -160,6 +160,21 @@ int main(int argc, char *argv[]) run->psw_mask &= ~(3UL << (63 - 17)); /* Disable AR mode */ vcpu_run(vm, VCPU_ID); /* Run to sync new state */ + /* Check that the SIDA calls are rejected for non-protected guests */ + ksmo.gaddr = 0; + ksmo.flags = 0; + ksmo.size = 8; + ksmo.op = KVM_S390_MEMOP_SIDA_READ; + ksmo.buf = (uintptr_t)mem1; + ksmo.sida_offset = 0x1c0; + rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + TEST_ASSERT(rv == -1 && errno == EINVAL, + "ioctl does not reject SIDA_READ in non-protected mode"); + ksmo.op = KVM_S390_MEMOP_SIDA_WRITE; + rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + TEST_ASSERT(rv == -1 && errno == EINVAL, + "ioctl does not reject SIDA_WRITE in non-protected mode"); + kvm_vm_free(vm); return 0; -- 2.27.0

2 years, 2 months

5
7
0 0

[PATCH 0/2] selftests: sgx: Fix build of test_sgx

by Muhammad Usama Anjum

CC can have multiple sub-strings like "ccache gcc". Build system of sgx selftest is unable to support this use case and test_sgx isn't built. Then rsync gives an erorr: rsync: [sender] link_stat "//linux/build/kselftest/sgx/test_sgx" failed: No such file or directory (2) rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1333) [sender=3.2.3] This can be fixed if CC is considered to have one string while passing to check_cc.sh script and inside this script, CC is expanded before execution. Following build tests have been performed to confirm that these patches don't break anything else. The verification has also been done through KernelCI scripts locally as KernelCI has caught this bug: 1) cd tools/testing/selftests && make 2) make -C tools/testing/selftests 3) make -C tools/testing/selftests O=build 4) make -C tools/testing/selftests O=build CC="ccache gcc" 5) ./kci_build make_kselftest Muhammad Usama Anjum (2): selftests: x86: allow expansion of $(CC) selftests: sgx: Treat CC as one argument tools/testing/selftests/sgx/Makefile | 2 +- tools/testing/selftests/x86/check_cc.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) -- 2.30.2

2 years, 2 months

3
7
0 0

[REGRESSION] lkft kselftest for next-20220203

by lkft＠linaro.org

## Build * kernel: 5.17.0-rc2 * git: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next * git branch: master * git commit: 2d3d8c7643a56bfe2e808f97d5a4360d49f3b45b * git describe: next-20220203 * test details: https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220203 ## Test Regressions (compared to next-20220124) * hi6220-hikey, kselftest-timers - timers.set-timer-lat * i386, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * juno-r2, kselftest-net - net.tls.tls.12_aes_gcm.shutdown_reuse * juno-r2, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * qemu_x86_64, kselftest-seccomp - seccomp.seccomp_bpf - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * x15, kselftest-capabilities - capabilities.test_execve * x15, kselftest-cgroup - cgroup.test_freezer - cgroup.test_kill - cgroup.test_kill.test_cgkill_simple * x15, kselftest-core - core.close_range_test * x15, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * x86, kselftest-net - net.gro.sh * x86, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err ## Metric Regressions (compared to next-20220124) No metric regressions found. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Test Fixes (compared to next-20220124) * hi6220-hikey, kselftest-rtc - rtc.rtctest * i386, kselftest-rtc - rtc.rtctest * juno-r2, kselftest-cgroup - cgroup.test_freezer - cgroup.test_freezer.test_cgfreezer_ptrace * juno-r2, kselftest-cpufreq - cpufreq.main.sh * juno-r2, kselftest-mincore - mincore.mincore_selftest * qemu_arm, kselftest-cpufreq - cpufreq.main.sh * qemu_arm, kselftest-rtc - rtc.rtctest * qemu_i386, kselftest-cpufreq - cpufreq.main.sh * qemu_i386, kselftest-rtc - rtc.rtctest * qemu_x86_64, kselftest-cpufreq - cpufreq.main.sh * x15, kselftest-capabilities - capabilities.test_execve * x15, kselftest-cgroup - cgroup.test_freezer - cgroup.test_kill - cgroup.test_kill.test_cgkill_simple * x15, kselftest-core - core.close_range_test * x15, kselftest-rtc - rtc.rtctest - rtc.rtctest.rtc.alarm_alm_set - rtc.rtctest.rtc.alarm_alm_set_minute - rtc.rtctest.rtc.alarm_wkalm_set - rtc.rtctest.rtc.alarm_wkalm_set_minute - rtc.rtctest.rtc.date_read * x15, kselftest-sync - sync.sync_test * x86, kselftest-lkdtm - lkdtm.ARRAY_BOUNDS.sh * x86, kselftest-rtc - rtc.rtctest ## Metric Fixes (compared to next-20220124) No metric fixes found. ## Test result summary total: 5110, pass: 3395, fail: 609, skip: 1106, xfail: 0 ## Build Summary ## Test suites summary * kselftest-android * kselftest-arm64 * kselftest-arm64/arm64.btitest.bti_c_func * kselftest-arm64/arm64.btitest.bti_j_func * kselftest-arm64/arm64.btitest.bti_jc_func * kselftest-arm64/arm64.btitest.bti_none_func * kselftest-arm64/arm64.btitest.nohint_func * kselftest-arm64/arm64.btitest.paciasp_func * kselftest-arm64/arm64.nobtitest.bti_c_func * kselftest-arm64/arm64.nobtitest.bti_j_func * kselftest-arm64/arm64.nobtitest.bti_jc_func * kselftest-arm64/arm64.nobtitest.bti_none_func * kselftest-arm64/arm64.nobtitest.nohint_func * kselftest-arm64/arm64.nobtitest.paciasp_func * kselftest-bpf * kselftest-breakpoints * kselftest-capabilities * kselftest-cgroup * kselftest-clone3 * kselftest-core * kselftest-cpu-hotplug * kselftest-cpufreq * kselftest-drivers * kselftest-efivarfs * kselftest-filesystems * kselftest-firmware * kselftest-fpu * kselftest-futex * kselftest-gpio * kselftest-intel_pstate * kselftest-ipc * kselftest-ir * kselftest-kcmp * kselftest-kexec * kselftest-kvm * kselftest-lib * kselftest-livepatch * kselftest-lkdtm * kselftest-membarrier * kselftest-memfd * kselftest-memory-hotplug * kselftest-mincore * kselftest-mount * kselftest-mqueue * kselftest-net * kselftest-netfilter * kselftest-nsfs * kselftest-openat2 * kselftest-pid_namespace * kselftest-pidfd * kselftest-proc * kselftest-pstore * kselftest-ptrace * kselftest-rseq * kselftest-rtc * kselftest-seccomp * kselftest-sigaltstack * kselftest-size * kselftest-splice * kselftest-static_keys * kselftest-sync * kselftest-sysctl * kselftest-tc-testing * kselftest-timens * kselftest-timers * kselftest-tmpfs * kselftest-tpm2 * kselftest-user * kselftest-vm * kselftest-x86 * kselftest-zram -- Linaro LKFT https://lkft.linaro.org

2 years, 2 months

1
0
0 0

[REGRESSION] lkft kselftest for next-20220202

by lkft＠linaro.org

## Build * kernel: 5.17.0-rc2 * git: https://gitlab.com/Linaro/lkft/mirrors/next/linux-next * git branch: master * git commit: 6abab1b81b657ca74b7c443e832d95c87901e75b * git describe: next-20220202 * test details: https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20220202 ## Test Regressions (compared to next-20220124) * i386, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * juno-r2, kselftest-net - net.tls.tls.13_sm4_ccm.recv_lowat * juno-r2, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * qemu_x86_64, kselftest-seccomp - seccomp.seccomp_bpf - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * x15, kselftest-capabilities - capabilities.test_execve * x15, kselftest-cgroup - cgroup.test_freezer - cgroup.test_kill - cgroup.test_kill.test_cgkill_simple * x15, kselftest-core - core.close_range_test * x15, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err * x86, kselftest-seccomp - seccomp.seccomp_bpf.TSYNC.siblings_fail_prctl - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence - seccomp.seccomp_bpf.TSYNC.two_siblings_with_one_divergence_no_tid_in_err ## Metric Regressions (compared to next-20220124) No metric regressions found. Reported-by: Linux Kernel Functional Testing <lkft(a)linaro.org> ## Test Fixes (compared to next-20220124) * i386, kselftest-rtc - rtc.rtctest * juno-r2, kselftest-cgroup - cgroup.test_freezer - cgroup.test_freezer.test_cgfreezer_ptrace * juno-r2, kselftest-cpufreq - cpufreq.main.sh * juno-r2, kselftest-lkdtm - lkdtm.ARRAY_BOUNDS.sh * juno-r2, kselftest-mincore - mincore.mincore_selftest * qemu_arm, kselftest-cpufreq - cpufreq.main.sh * qemu_arm, kselftest-rtc - rtc.rtctest * qemu_arm, kselftest-zram - zram.zram.sh * qemu_i386, kselftest-cpufreq - cpufreq.main.sh * qemu_i386, kselftest-rtc - rtc.rtctest * qemu_x86_64, kselftest-cpufreq - cpufreq.main.sh * x15, kselftest-capabilities - capabilities.test_execve * x15, kselftest-cgroup - cgroup.test_freezer - cgroup.test_kill - cgroup.test_kill.test_cgkill_simple * x15, kselftest-core - core.close_range_test * x15, kselftest-rtc - rtc.rtctest - rtc.rtctest.rtc.alarm_alm_set - rtc.rtctest.rtc.alarm_alm_set_minute - rtc.rtctest.rtc.alarm_wkalm_set - rtc.rtctest.rtc.alarm_wkalm_set_minute - rtc.rtctest.rtc.date_read * x86, kselftest-lkdtm - lkdtm.ARRAY_BOUNDS.sh * x86, kselftest-rtc - rtc.rtctest ## Metric Fixes (compared to next-20220124) No metric fixes found. ## Test result summary total: 4318, pass: 2787, fail: 524, skip: 1007, xfail: 0 ## Build Summary ## Test suites summary * kselftest-android * kselftest-bpf * kselftest-breakpoints * kselftest-capabilities * kselftest-cgroup * kselftest-clone3 * kselftest-core * kselftest-cpu-hotplug * kselftest-cpufreq * kselftest-drivers * kselftest-efivarfs * kselftest-filesystems * kselftest-firmware * kselftest-fpu * kselftest-futex * kselftest-gpio * kselftest-intel_pstate * kselftest-ipc * kselftest-ir * kselftest-kcmp * kselftest-kexec * kselftest-kvm * kselftest-lib * kselftest-livepatch * kselftest-lkdtm * kselftest-membarrier * kselftest-memfd * kselftest-memory-hotplug * kselftest-mincore * kselftest-mount * kselftest-mqueue * kselftest-net * kselftest-netfilter * kselftest-nsfs * kselftest-openat2 * kselftest-pid_namespace * kselftest-pidfd * kselftest-proc * kselftest-pstore * kselftest-ptrace * kselftest-rseq * kselftest-rtc * kselftest-seccomp * kselftest-sigaltstack * kselftest-size * kselftest-splice * kselftest-static_keys * kselftest-sync * kselftest-sysctl * kselftest-tc-testing * kselftest-timens * kselftest-timers * kselftest-tmpfs * kselftest-tpm2 * kselftest-user * kselftest-vm * kselftest-x86 * kselftest-zram -- Linaro LKFT https://lkft.linaro.org

2 years, 2 months

1
0
0 0

[PATCH 0/4] kunit,um: Fix kunit.py build --alltests

by David Gow

kunit_tool's --alltests option uses UML and make allyesconfig to produce a configuration which enables as many tests as possible. However, make ARCH=um allyesconfig is broken for a number of reasons. Fix a few different UML build breakages, and disable a few config options in kunit_tool in order to get this kernel compiling again. Note that the resulting kernel still doesn't run, but having it compile is the first step to fixing that. David Gow (3): drm/amdgpu: Make smu7_hwmgr build on UML IB/qib: Compile under User-Mode Linux kunit: tool: Disable broken options for --alltests Randy Dunlap (1): drm/amdgpu: Fix compilation under UML drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 6 +++--- drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 2 +- drivers/gpu/drm/amd/pm/powerplay/hwmgr/smu7_hwmgr.c | 2 +- drivers/infiniband/hw/qib/qib_wc_x86_64.c | 4 ++++ tools/testing/kunit/configs/broken_on_uml.config | 5 +++++ 5 files changed, 14 insertions(+), 5 deletions(-) -- 2.35.1.265.g69c8d7142f-goog

2 years, 2 months

5
11
0 0

[PATCH 0/2] selftests/damon: trivial fixes

by Yuanchu Xie

These patches fixes trivial errors with building and running DAMON selftests. Yuanchu Xie (2): selftests/damon: add damon to selftests root Makefile selftests/damon: make selftests executable tools/testing/selftests/Makefile | 1 + tools/testing/selftests/damon/debugfs_attrs.sh | 0 tools/testing/selftests/damon/debugfs_empty_targets.sh | 0 tools/testing/selftests/damon/debugfs_huge_count_read_write.sh | 0 tools/testing/selftests/damon/debugfs_schemes.sh | 0 tools/testing/selftests/damon/debugfs_target_ids.sh | 0 6 files changed, 1 insertion(+) mode change 100644 => 100755 tools/testing/selftests/damon/debugfs_attrs.sh mode change 100644 => 100755 tools/testing/selftests/damon/debugfs_empty_targets.sh mode change 100644 => 100755 tools/testing/selftests/damon/debugfs_huge_count_read_write.sh mode change 100644 => 100755 tools/testing/selftests/damon/debugfs_schemes.sh mode change 100644 => 100755 tools/testing/selftests/damon/debugfs_target_ids.sh -- 2.35.1.265.g69c8d7142f-goog

2 years, 2 months

4
7
0 0

[PATCH 1/2] KVM: s390: selftests: Refactor memop test

by Janis Schoetterl-Glausch

Introduce macro for performing MEM_OP ioctls in a concise way. Split test cases into multiple host/guest pairs making them independent. Make various minor improvements. All in all this lays the groundwork for future extensions. Signed-off-by: Janis Schoetterl-Glausch <scgl(a)linux.ibm.com> --- tools/testing/selftests/kvm/s390x/memop.c | 427 ++++++++++++++++------ 1 file changed, 309 insertions(+), 118 deletions(-) diff --git a/tools/testing/selftests/kvm/s390x/memop.c b/tools/testing/selftests/kvm/s390x/memop.c index d19c3ffdea3f..4510418d73e6 100644 --- a/tools/testing/selftests/kvm/s390x/memop.c +++ b/tools/testing/selftests/kvm/s390x/memop.c @@ -13,169 +13,360 @@ #include "test_util.h" #include "kvm_util.h" +enum mop_target { + LOGICAL, + SIDA, + ABSOLUTE, + INVALID, +}; + +enum mop_access_mode { + READ, + WRITE, +}; + +struct mop_desc { + uintptr_t gaddr; + uintptr_t gaddr_v; + uint64_t set_flags; + unsigned int f_check : 1; + unsigned int f_inject : 1; + unsigned int f_key : 1; + unsigned int _gaddr_v : 1; + unsigned int _set_flags : 1; + unsigned int _sida_offset : 1; + unsigned int _ar : 1; + uint32_t size; + enum mop_target target; + enum mop_access_mode mode; + void *buf; + uint32_t sida_offset; + uint8_t ar; + uint8_t key; +}; + +static struct kvm_s390_mem_op ksmo_from_desc(struct mop_desc desc) +{ + struct kvm_s390_mem_op ksmo = { + .gaddr = (uintptr_t)desc.gaddr, + .size = desc.size, + .buf = ((uintptr_t)desc.buf), + .reserved = "ignored_ignored_ignored_ignored" + }; + + switch (desc.target) { + case LOGICAL: + if (desc.mode == READ) + ksmo.op = KVM_S390_MEMOP_LOGICAL_READ; + if (desc.mode == WRITE) + ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; + break; + case SIDA: + if (desc.mode == READ) + ksmo.op = KVM_S390_MEMOP_SIDA_READ; + if (desc.mode == WRITE) + ksmo.op = KVM_S390_MEMOP_SIDA_WRITE; + break; + case ABSOLUTE: + if (desc.mode == READ) + ksmo.op = KVM_S390_MEMOP_ABSOLUTE_READ; + if (desc.mode == WRITE) + ksmo.op = KVM_S390_MEMOP_ABSOLUTE_WRITE; + break; + case INVALID: + ksmo.op = -1; + } + if (desc.f_check) + ksmo.flags |= KVM_S390_MEMOP_F_CHECK_ONLY; + if (desc.f_inject) + ksmo.flags |= KVM_S390_MEMOP_F_INJECT_EXCEPTION; + if (desc._set_flags) + ksmo.flags = desc.set_flags; + if (desc.f_key) { + ksmo.flags |= KVM_S390_MEMOP_F_SKEY_PROTECTION; + ksmo.key = desc.key; + } + if (desc._ar) + ksmo.ar = desc.ar; + else + ksmo.ar = 0; + if (desc._sida_offset) + ksmo.sida_offset = desc.sida_offset; + + return ksmo; +} + +/* vcpu dummy id signifying that vm instead of vcpu ioctl is to occur */ +const uint32_t VM_VCPU_ID = (uint32_t)-1; + +struct test_vcpu { + struct kvm_vm *vm; + uint32_t id; +}; + +#define PRINT_MEMOP false +static void print_memop(uint32_t vcpu_id, const struct kvm_s390_mem_op *ksmo) +{ + if (!PRINT_MEMOP) + return; + + if (vcpu_id == VM_VCPU_ID) + printf("vm memop("); + else + printf("vcpu memop("); + switch (ksmo->op) { + case KVM_S390_MEMOP_LOGICAL_READ: + printf("LOGICAL, READ, "); + break; + case KVM_S390_MEMOP_LOGICAL_WRITE: + printf("LOGICAL, WRITE, "); + break; + case KVM_S390_MEMOP_SIDA_READ: + printf("SIDA, READ, "); + break; + case KVM_S390_MEMOP_SIDA_WRITE: + printf("SIDA, WRITE, "); + break; + case KVM_S390_MEMOP_ABSOLUTE_READ: + printf("ABSOLUTE, READ, "); + break; + case KVM_S390_MEMOP_ABSOLUTE_WRITE: + printf("ABSOLUTE, WRITE, "); + break; + } + printf("gaddr=%llu, size=%u, buf=%llu, ar=%u, key=%u", + ksmo->gaddr, ksmo->size, ksmo->buf, ksmo->ar, ksmo->key); + if (ksmo->flags & KVM_S390_MEMOP_F_CHECK_ONLY) + printf(", CHECK_ONLY"); + if (ksmo->flags & KVM_S390_MEMOP_F_INJECT_EXCEPTION) + printf(", INJECT_EXCEPTION"); + if (ksmo->flags & KVM_S390_MEMOP_F_SKEY_PROTECTION) + printf(", SKEY_PROTECTION"); + puts(")"); +} + +static void memop_ioctl(struct test_vcpu vcpu, struct kvm_s390_mem_op *ksmo) +{ + if (vcpu.id == VM_VCPU_ID) + vm_ioctl(vcpu.vm, KVM_S390_MEM_OP, ksmo); + else + vcpu_ioctl(vcpu.vm, vcpu.id, KVM_S390_MEM_OP, ksmo); +} + +static int err_memop_ioctl(struct test_vcpu vcpu, struct kvm_s390_mem_op *ksmo) +{ + if (vcpu.id == VM_VCPU_ID) + return _vm_ioctl(vcpu.vm, KVM_S390_MEM_OP, ksmo); + else + return _vcpu_ioctl(vcpu.vm, vcpu.id, KVM_S390_MEM_OP, ksmo); +} + +#define MEMOP(err, vcpu_p, mop_target_p, access_mode_p, buf_p, size_p, ...) \ +({ \ + struct test_vcpu __vcpu = (vcpu_p); \ + struct mop_desc __desc = { \ + .target = (mop_target_p), \ + .mode = (access_mode_p), \ + .buf = (buf_p), \ + .size = (size_p), \ + __VA_ARGS__ \ + }; \ + struct kvm_s390_mem_op __ksmo; \ + \ + if (__desc._gaddr_v) { \ + if (__desc.target == ABSOLUTE) \ + __desc.gaddr = addr_gva2gpa(__vcpu.vm, __desc.gaddr_v); \ + else \ + __desc.gaddr = __desc.gaddr_v; \ + } \ + __ksmo = ksmo_from_desc(__desc); \ + print_memop(__vcpu.id, &__ksmo); \ + err##memop_ioctl(__vcpu, &__ksmo); \ +}) + +#define MOP(...) MEMOP(, __VA_ARGS__) +#define ERR_MOP(...) MEMOP(err_, __VA_ARGS__) + +#define GADDR(a) .gaddr = ((uintptr_t)a) +#define GADDR_V(v) ._gaddr_v = 1, .gaddr_v = ((uintptr_t)v) +#define CHECK_ONLY .f_check = 1 +#define SET_FLAGS(f) ._set_flags = 1, .set_flags = (f) +#define SIDA_OFFSET(o) ._sida_offset = 1, .sida_offset = (o) +#define AR(a) ._ar = 1, .ar = (a) +#define KEY(a) .f_key = 1, .key = (a) + +#define CHECK_N_DO(f, ...) ({ f(__VA_ARGS__, CHECK_ONLY); f(__VA_ARGS__); }) + #define VCPU_ID 1 +#define PAGE_SHIFT 12 +#define PAGE_SIZE (1ULL << PAGE_SHIFT) +#define PAGE_MASK (~(PAGE_SIZE - 1)) + +#define ASSERT_MEM_EQ(p1, p2, size) \ + TEST_ASSERT(!memcmp(p1, p2, size), "Memory contents do not match!") static uint8_t mem1[65536]; static uint8_t mem2[65536]; -static void guest_code(void) +static void prepare_mem12(void) { int i; - for (;;) { - for (i = 0; i < sizeof(mem2); i++) - mem2[i] = mem1[i]; - GUEST_SYNC(0); - } + for (i = 0; i < sizeof(mem1); i++) + mem1[i] = rand(); + memset(mem2, 0xaa, sizeof(mem2)); } -int main(int argc, char *argv[]) -{ - struct kvm_vm *vm; +struct test_default { + struct test_vcpu vm; + struct test_vcpu vcpu; struct kvm_run *run; - struct kvm_s390_mem_op ksmo; - int rv, i, maxsize; + int size; +}; - setbuf(stdout, NULL); /* Tell stdout not to buffer its content */ +static struct test_default test_default_init(void *guest_code) +{ + struct test_default t; - maxsize = kvm_check_cap(KVM_CAP_S390_MEM_OP); - if (!maxsize) { - print_skip("CAP_S390_MEM_OP not supported"); - exit(KSFT_SKIP); - } - if (maxsize > sizeof(mem1)) - maxsize = sizeof(mem1); + t.size = min((size_t)kvm_check_cap(KVM_CAP_S390_MEM_OP), sizeof(mem1)); + t.vm = (struct test_vcpu) { vm_create_default(VCPU_ID, 0, guest_code), VM_VCPU_ID }; + t.vcpu = (struct test_vcpu) { t.vm.vm, VCPU_ID }; + t.run = vcpu_state(t.vm.vm, VCPU_ID); + return t; +} - /* Create VM */ - vm = vm_create_default(VCPU_ID, 0, guest_code); - run = vcpu_state(vm, VCPU_ID); +static void test_vm_free(struct test_vcpu vm) +{ + kvm_vm_free(vm.vm); +} - for (i = 0; i < sizeof(mem1); i++) - mem1[i] = i * i + i; - - /* Set the first array */ - ksmo.gaddr = addr_gva2gpa(vm, (uintptr_t)mem1); - ksmo.flags = 0; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); - - /* Let the guest code copy the first array to the second */ - vcpu_run(vm, VCPU_ID); - TEST_ASSERT(run->exit_reason == KVM_EXIT_S390_SIEIC, - "Unexpected exit reason: %u (%s)\n", - run->exit_reason, - exit_reason_str(run->exit_reason)); +#define HOST_SYNC(vcpu_p, stage) \ +({ \ + struct test_vcpu __vcpu = (vcpu_p); \ + struct ucall uc; \ + int __stage = (stage); \ + \ + vcpu_run(__vcpu.vm, __vcpu.id); \ + get_ucall(__vcpu.vm, __vcpu.id, &uc); \ + ASSERT_EQ(uc.cmd, UCALL_SYNC); \ + ASSERT_EQ(uc.args[1], __stage); \ +}) \ - memset(mem2, 0xaa, sizeof(mem2)); +enum stage { + /* Synced state set by host, e.g. DAT */ + STAGE_INITED, + /* Guest did nothing */ + STAGE_IDLED, + /* Guest copied memory (locations up to test case) */ + STAGE_COPIED, +}; + +#define DEFAULT_WRITE_READ(copy_cpu, mop_cpu, mop_target_p, size, ...) \ +({ \ + struct test_vcpu __copy_cpu = (copy_cpu), __mop_cpu = (mop_cpu); \ + enum mop_target __target = (mop_target_p); \ + uint32_t __size = (size); \ + \ + prepare_mem12(); \ + CHECK_N_DO(MOP, __mop_cpu, __target, WRITE, mem1, __size, \ + GADDR_V(mem1), ##__VA_ARGS__); \ + HOST_SYNC(__copy_cpu, STAGE_COPIED); \ + CHECK_N_DO(MOP, __mop_cpu, __target, READ, mem2, __size, \ + GADDR_V(mem2), ##__VA_ARGS__); \ + ASSERT_MEM_EQ(mem1, mem2, __size); \ +}) + +static void guest_copy(void) +{ + GUEST_SYNC(STAGE_INITED); + memcpy(&mem2, &mem1, sizeof(mem2)); + GUEST_SYNC(STAGE_COPIED); +} + +static void test_copy(void) +{ + struct test_default t = test_default_init(guest_copy); + + HOST_SYNC(t.vcpu, STAGE_INITED); + + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size); + + test_vm_free(t.vm); +} - /* Get the second array */ - ksmo.gaddr = (uintptr_t)mem2; - ksmo.flags = 0; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_READ; - ksmo.buf = (uintptr_t)mem2; - ksmo.ar = 0; - vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); - - TEST_ASSERT(!memcmp(mem1, mem2, maxsize), - "Memory contents do not match!"); - - /* Check error conditions - first bad size: */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = 0; - ksmo.size = -1; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); +static void guest_idle(void) +{ + GUEST_SYNC(STAGE_INITED); + for (;;) + GUEST_SYNC(STAGE_IDLED); +} + +static void test_errors(void) +{ + struct test_default t = test_default_init(guest_idle); + int rv; + + HOST_SYNC(t.vcpu, STAGE_INITED); + + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, -1, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && errno == E2BIG, "ioctl allows insane sizes"); /* Zero size: */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = 0; - ksmo.size = 0; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, 0, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && (errno == EINVAL || errno == ENOMEM), "ioctl allows 0 as size"); /* Bad flags: */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = -1; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), SET_FLAGS(-1)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows all flags"); /* Bad operation: */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = 0; - ksmo.size = maxsize; - ksmo.op = -1; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, INVALID, WRITE, mem1, t.size, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); /* Bad guest address: */ - ksmo.gaddr = ~0xfffUL; - ksmo.flags = KVM_S390_MEMOP_F_CHECK_ONLY; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR((void *)~0xfffUL), CHECK_ONLY); TEST_ASSERT(rv > 0, "ioctl does not report bad guest memory access"); /* Bad host address: */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = 0; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = 0; - ksmo.ar = 0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, 0, t.size, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && errno == EFAULT, "ioctl does not report bad host memory address"); /* Bad access register: */ - run->psw_mask &= ~(3UL << (63 - 17)); - run->psw_mask |= 1UL << (63 - 17); /* Enable AR mode */ - vcpu_run(vm, VCPU_ID); /* To sync new state to SIE block */ - ksmo.gaddr = (uintptr_t)mem1; - ksmo.flags = 0; - ksmo.size = maxsize; - ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; - ksmo.buf = (uintptr_t)mem1; - ksmo.ar = 17; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + t.run->psw_mask &= ~(3UL << (63 - 17)); + t.run->psw_mask |= 1UL << (63 - 17); /* Enable AR mode */ + HOST_SYNC(t.vcpu, STAGE_IDLED); + rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR(mem1), AR(17)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows ARs > 15"); - run->psw_mask &= ~(3UL << (63 - 17)); /* Disable AR mode */ - vcpu_run(vm, VCPU_ID); /* Run to sync new state */ + t.run->psw_mask &= ~(3UL << (63 - 17)); /* Disable AR mode */ + HOST_SYNC(t.vcpu, STAGE_IDLED); /* Check that the SIDA calls are rejected for non-protected guests */ - ksmo.gaddr = 0; - ksmo.flags = 0; - ksmo.size = 8; - ksmo.op = KVM_S390_MEMOP_SIDA_READ; - ksmo.buf = (uintptr_t)mem1; - ksmo.sida_offset = 0x1c0; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, SIDA, READ, mem1, 8, GADDR(0), SIDA_OFFSET(0x1c0)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl does not reject SIDA_READ in non-protected mode"); - ksmo.op = KVM_S390_MEMOP_SIDA_WRITE; - rv = _vcpu_ioctl(vm, VCPU_ID, KVM_S390_MEM_OP, &ksmo); + rv = ERR_MOP(t.vcpu, SIDA, WRITE, mem1, 8, GADDR(0), SIDA_OFFSET(0x1c0)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl does not reject SIDA_WRITE in non-protected mode"); - kvm_vm_free(vm); + test_vm_free(t.vm); +} + +int main(int argc, char *argv[]) +{ + int memop_cap; + + setbuf(stdout, NULL); /* Tell stdout not to buffer its content */ + + memop_cap = kvm_check_cap(KVM_CAP_S390_MEM_OP); + if (!memop_cap) { + print_skip("CAP_S390_MEM_OP not supported"); + exit(KSFT_SKIP); + } + + test_copy(); + test_errors(); return 0; } -- 2.32.0

2 years, 2 months

2
3
0 0

[PATCH 2/2] KVM: s390: selftests: Test vm and vcpu memop with keys

by Janis Schoetterl-Glausch

Test storage key checking for both vm and vcpu MEM_OP ioctls. Test both error and non error conditions. Signed-off-by: Janis Schoetterl-Glausch <scgl(a)linux.ibm.com> --- tools/testing/selftests/kvm/s390x/memop.c | 342 +++++++++++++++++++++- 1 file changed, 328 insertions(+), 14 deletions(-) diff --git a/tools/testing/selftests/kvm/s390x/memop.c b/tools/testing/selftests/kvm/s390x/memop.c index 4510418d73e6..bc12a9238967 100644 --- a/tools/testing/selftests/kvm/s390x/memop.c +++ b/tools/testing/selftests/kvm/s390x/memop.c @@ -201,6 +201,8 @@ static int err_memop_ioctl(struct test_vcpu vcpu, struct kvm_s390_mem_op *ksmo) #define PAGE_SHIFT 12 #define PAGE_SIZE (1ULL << PAGE_SHIFT) #define PAGE_MASK (~(PAGE_SIZE - 1)) +#define CR0_FETCH_PROTECTION_OVERRIDE (1UL << (63 - 38)) +#define CR0_STORAGE_PROTECTION_OVERRIDE (1UL << (63 - 39)) #define ASSERT_MEM_EQ(p1, p2, size) \ TEST_ASSERT(!memcmp(p1, p2, size), "Memory contents do not match!") @@ -235,6 +237,11 @@ static struct test_default test_default_init(void *guest_code) return t; } +static vm_vaddr_t test_vaddr_alloc(struct test_vcpu vm, size_t size, vm_vaddr_t vaddr_min) +{ + return vm_vaddr_alloc(vm.vm, size, vaddr_min); +} + static void test_vm_free(struct test_vcpu vm) { kvm_vm_free(vm.vm); @@ -257,6 +264,8 @@ enum stage { STAGE_INITED, /* Guest did nothing */ STAGE_IDLED, + /* Guest set storage keys (specifics up to test case) */ + STAGE_SKEYS_SET, /* Guest copied memory (locations up to test case) */ STAGE_COPIED, }; @@ -276,6 +285,20 @@ enum stage { ASSERT_MEM_EQ(mem1, mem2, __size); \ }) +#define DEFAULT_READ(copy_cpu, mop_cpu, mop_target_p, size, ...) \ +({ \ + struct test_vcpu __copy_cpu = (copy_cpu), __mop_cpu = (mop_cpu); \ + enum mop_target __target = (mop_target_p); \ + uint32_t __size = (size); \ + \ + prepare_mem12(); \ + CHECK_N_DO(MOP, __mop_cpu, __target, WRITE, mem1, __size, \ + GADDR_V(mem1)); \ + HOST_SYNC(__copy_cpu, STAGE_COPIED); \ + CHECK_N_DO(MOP, __mop_cpu, __target, READ, mem2, __size, ##__VA_ARGS__);\ + ASSERT_MEM_EQ(mem1, mem2, __size); \ +}) + static void guest_copy(void) { GUEST_SYNC(STAGE_INITED); @@ -294,6 +317,269 @@ static void test_copy(void) test_vm_free(t.vm); } +static void set_storage_key_range(void *addr, size_t len, uint8_t key) +{ + uintptr_t _addr, abs, i; + int not_mapped = 0; + + _addr = (uintptr_t)addr; + for (i = _addr & PAGE_MASK; i < _addr + len; i += PAGE_SIZE) { + abs = i; + asm volatile ( + "lra %[abs], 0(0,%[abs])\n" + " jz 0f\n" + " llill %[not_mapped],1\n" + " j 1f\n" + "0: sske %[key], %[abs]\n" + "1:" + : [abs] "+&a" (abs), [not_mapped] "+r" (not_mapped) + : [key] "r" (key) + : "cc" + ); + GUEST_ASSERT_EQ(not_mapped, 0); + } +} + +static void guest_copy_key(void) +{ + set_storage_key_range(mem1, sizeof(mem1), 0x90); + set_storage_key_range(mem2, sizeof(mem2), 0x90); + GUEST_SYNC(STAGE_SKEYS_SET); + + for (;;) { + memcpy(&mem2, &mem1, sizeof(mem2)); + GUEST_SYNC(STAGE_COPIED); + } +} + +static void test_copy_key(void) +{ + struct test_default t = test_default_init(guest_copy_key); + + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vm, no key */ + DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size); + + /* vm/vcpu, machting key or key 0 */ + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(0)); + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(9)); + DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size, KEY(0)); + DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size, KEY(9)); + /* + * There used to be different code paths for key handling depending on + * if the region crossed a page boundary. + * There currently are not, but the more tests the merrier. + */ + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, 1, KEY(0)); + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, 1, KEY(9)); + DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, 1, KEY(0)); + DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, 1, KEY(9)); + + /* vm/vcpu, mismatching keys on read, but no fetch protection */ + DEFAULT_READ(t.vcpu, t.vcpu, LOGICAL, t.size, GADDR_V(mem2), KEY(2)); + DEFAULT_READ(t.vcpu, t.vm, ABSOLUTE, t.size, GADDR_V(mem1), KEY(2)); + + test_vm_free(t.vm); +} + +static void guest_copy_key_fetch_prot(void) +{ + /* + * For some reason combining the first sync with override enablement + * results in an exception when calling HOST_SYNC. + */ + GUEST_SYNC(STAGE_INITED); + /* Storage protection override applies to both store and fetch. */ + set_storage_key_range(mem1, sizeof(mem1), 0x98); + set_storage_key_range(mem2, sizeof(mem2), 0x98); + GUEST_SYNC(STAGE_SKEYS_SET); + + for (;;) { + memcpy(&mem2, &mem1, sizeof(mem2)); + GUEST_SYNC(STAGE_COPIED); + } +} + +static void test_copy_key_storage_prot_override(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot); + + HOST_SYNC(t.vcpu, STAGE_INITED); + t.run->s.regs.crs[0] |= CR0_STORAGE_PROTECTION_OVERRIDE; + t.run->kvm_dirty_regs = KVM_SYNC_CRS; + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vcpu, mismatching keys, storage protection override in effect */ + DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(2)); + + test_vm_free(t.vm); +} + +static void test_copy_key_fetch_prot(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot); + + HOST_SYNC(t.vcpu, STAGE_INITED); + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vm/vcpu, matching key, fetch protection in effect */ + DEFAULT_READ(t.vcpu, t.vcpu, LOGICAL, t.size, GADDR_V(mem2), KEY(9)); + DEFAULT_READ(t.vcpu, t.vm, ABSOLUTE, t.size, GADDR_V(mem2), KEY(9)); + + test_vm_free(t.vm); +} + +#define ERR_PROT_MOP(...) \ +({ \ + int rv; \ + \ + rv = ERR_MOP(__VA_ARGS__); \ + TEST_ASSERT(rv == 4, "Should result in protection exception"); \ +}) + +static void test_errors_key(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot); + + HOST_SYNC(t.vcpu, STAGE_INITED); + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vm/vcpu, mismatching keys, fetch protection in effect */ + CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); + + test_vm_free(t.vm); +} + +static void test_errors_key_storage_prot_override(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot); + + HOST_SYNC(t.vcpu, STAGE_INITED); + t.run->s.regs.crs[0] |= CR0_STORAGE_PROTECTION_OVERRIDE; + t.run->kvm_dirty_regs = KVM_SYNC_CRS; + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vm, mismatching keys, storage protection override not applicable to vm */ + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); + + test_vm_free(t.vm); +} + +const uint64_t last_page_addr = -PAGE_SIZE; + +static void guest_copy_key_fetch_prot_override(void) +{ + int i; + char *page_0 = 0; + + GUEST_SYNC(STAGE_INITED); + set_storage_key_range(0, PAGE_SIZE, 0x18); + set_storage_key_range((void *)last_page_addr, PAGE_SIZE, 0x0); + asm volatile ("sske %[key],%[addr]\n" :: [addr] "r"(0), [key] "r"(0x18) : "cc"); + GUEST_SYNC(STAGE_SKEYS_SET); + + for (;;) { + for (i = 0; i < PAGE_SIZE; i++) + page_0[i] = mem1[i]; + GUEST_SYNC(STAGE_COPIED); + } +} + +static void test_copy_key_fetch_prot_override(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); + vm_vaddr_t guest_0_page, guest_last_page; + + guest_0_page = test_vaddr_alloc(t.vm, PAGE_SIZE, 0); + guest_last_page = test_vaddr_alloc(t.vm, PAGE_SIZE, last_page_addr); + if (guest_0_page != 0 || guest_last_page != last_page_addr) { + print_skip("did not allocate guest pages at required positions"); + goto out; + } + + HOST_SYNC(t.vcpu, STAGE_INITED); + t.run->s.regs.crs[0] |= CR0_FETCH_PROTECTION_OVERRIDE; + t.run->kvm_dirty_regs = KVM_SYNC_CRS; + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vcpu, mismatching keys on fetch, fetch protection override applies */ + prepare_mem12(); + MOP(t.vcpu, LOGICAL, WRITE, mem1, PAGE_SIZE, GADDR_V(mem1)); + HOST_SYNC(t.vcpu, STAGE_COPIED); + CHECK_N_DO(MOP, t.vcpu, LOGICAL, READ, mem2, 2048, GADDR_V(guest_0_page), KEY(2)); + ASSERT_MEM_EQ(mem1, mem2, 2048); + + /* + * vcpu, mismatching keys on fetch, fetch protection override applies, + * wraparound + */ + prepare_mem12(); + MOP(t.vcpu, LOGICAL, WRITE, mem1, 2 * PAGE_SIZE, GADDR_V(guest_last_page)); + HOST_SYNC(t.vcpu, STAGE_COPIED); + CHECK_N_DO(MOP, t.vcpu, LOGICAL, READ, mem2, PAGE_SIZE + 2048, + GADDR_V(guest_last_page), KEY(2)); + ASSERT_MEM_EQ(mem1, mem2, 2048); + +out: + test_vm_free(t.vm); +} + +static void test_errors_key_fetch_prot_override_not_enabled(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); + vm_vaddr_t guest_0_page, guest_last_page; + + guest_0_page = test_vaddr_alloc(t.vm, PAGE_SIZE, 0); + guest_last_page = test_vaddr_alloc(t.vm, PAGE_SIZE, last_page_addr); + if (guest_0_page != 0 || guest_last_page != last_page_addr) { + print_skip("did not allocate guest pages at required positions"); + goto out; + } + HOST_SYNC(t.vcpu, STAGE_INITED); + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* vcpu, mismatching keys on fetch, fetch protection override not enabled */ + CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, 2048, GADDR_V(0), KEY(2)); + +out: + test_vm_free(t.vm); +} + +static void test_errors_key_fetch_prot_override_enabled(void) +{ + struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); + vm_vaddr_t guest_0_page, guest_last_page; + + guest_0_page = test_vaddr_alloc(t.vm, PAGE_SIZE, 0); + guest_last_page = test_vaddr_alloc(t.vm, PAGE_SIZE, last_page_addr); + if (guest_0_page != 0 || guest_last_page != last_page_addr) { + print_skip("did not allocate guest pages at required positions"); + goto out; + } + HOST_SYNC(t.vcpu, STAGE_INITED); + t.run->s.regs.crs[0] |= CR0_FETCH_PROTECTION_OVERRIDE; + t.run->kvm_dirty_regs = KVM_SYNC_CRS; + HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); + + /* + * vcpu, mismatching keys on fetch, + * fetch protection override does not apply because memory range acceeded + */ + CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, 2048 + 1, GADDR_V(0), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, PAGE_SIZE + 2048 + 1, + GADDR_V(guest_last_page), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, 2048, GADDR(0), KEY(2)); + CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, 2048, GADDR_V(guest_0_page), KEY(2)); + +out: + test_vm_free(t.vm); +} + static void guest_idle(void) { GUEST_SYNC(STAGE_INITED); @@ -301,38 +587,53 @@ static void guest_idle(void) GUEST_SYNC(STAGE_IDLED); } -static void test_errors(void) +static void _test_errors_common(struct test_vcpu vcpu, enum mop_target target, int size) { - struct test_default t = test_default_init(guest_idle); int rv; - HOST_SYNC(t.vcpu, STAGE_INITED); - - rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, -1, GADDR_V(mem1)); + rv = ERR_MOP(vcpu, target, WRITE, mem1, -1, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && errno == E2BIG, "ioctl allows insane sizes"); /* Zero size: */ - rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, 0, GADDR_V(mem1)); + rv = ERR_MOP(vcpu, target, WRITE, mem1, 0, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && (errno == EINVAL || errno == ENOMEM), "ioctl allows 0 as size"); /* Bad flags: */ - rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), SET_FLAGS(-1)); + rv = ERR_MOP(vcpu, target, WRITE, mem1, size, GADDR_V(mem1), SET_FLAGS(-1)); TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows all flags"); - /* Bad operation: */ - rv = ERR_MOP(t.vcpu, INVALID, WRITE, mem1, t.size, GADDR_V(mem1)); - TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); - /* Bad guest address: */ - rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR((void *)~0xfffUL), CHECK_ONLY); + rv = ERR_MOP(vcpu, target, WRITE, mem1, size, GADDR((void *)~0xfffUL), CHECK_ONLY); TEST_ASSERT(rv > 0, "ioctl does not report bad guest memory access"); /* Bad host address: */ - rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, 0, t.size, GADDR_V(mem1)); + rv = ERR_MOP(vcpu, target, WRITE, 0, size, GADDR_V(mem1)); TEST_ASSERT(rv == -1 && errno == EFAULT, "ioctl does not report bad host memory address"); + /* Bad key: */ + rv = ERR_MOP(vcpu, target, WRITE, mem1, size, GADDR_V(mem1), KEY(17)); + TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows invalid key"); +} + +static void test_errors(void) +{ + struct test_default t = test_default_init(guest_idle); + int rv; + + HOST_SYNC(t.vcpu, STAGE_INITED); + + _test_errors_common(t.vcpu, LOGICAL, t.size); + _test_errors_common(t.vm, ABSOLUTE, t.size); + + /* Bad operation: */ + rv = ERR_MOP(t.vcpu, INVALID, WRITE, mem1, t.size, GADDR_V(mem1)); + TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); + /* virtual addresses are not translated when passing INVALID */ + rv = ERR_MOP(t.vm, INVALID, WRITE, mem1, PAGE_SIZE, GADDR(0)); + TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); + /* Bad access register: */ t.run->psw_mask &= ~(3UL << (63 - 17)); t.run->psw_mask |= 1UL << (63 - 17); /* Enable AR mode */ @@ -355,17 +656,30 @@ static void test_errors(void) int main(int argc, char *argv[]) { - int memop_cap; + int memop_cap, extension_cap; setbuf(stdout, NULL); /* Tell stdout not to buffer its content */ memop_cap = kvm_check_cap(KVM_CAP_S390_MEM_OP); + extension_cap = kvm_check_cap(KVM_CAP_S390_MEM_OP_EXTENSION); if (!memop_cap) { print_skip("CAP_S390_MEM_OP not supported"); exit(KSFT_SKIP); } test_copy(); + if (extension_cap > 0) { + test_copy_key(); + test_copy_key_storage_prot_override(); + test_copy_key_fetch_prot(); + test_copy_key_fetch_prot_override(); + test_errors_key(); + test_errors_key_storage_prot_override(); + test_errors_key_fetch_prot_override_not_enabled(); + test_errors_key_fetch_prot_override_enabled(); + } else { + print_skip("storage key memop extension not supported"); + } test_errors(); return 0; -- 2.32.0

2 years, 2 months

2
3
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror February 2022