June 2022 - Linux-kselftest-mirror

[PATCH v1] userfaultfd: selftests: infinite loop in faulting_process

by Edward Liaw

On Android this test is getting stuck in an infinite loop due to indeterminate behavior: The local variables steps and signalled were being reset to 1 and 0 respectively after every jump back to sigsetjmp by siglongjmp in the signal handler. The test was incrementing them and expecting them to retain their incremented values. The documentation for siglongjmp says: All accessible objects have values as of the time sigsetjmp() was called, except that the values of objects of automatic storage duration which are local to the function containing the invocation of the corresponding sigsetjmp() which do not have volatile-qualified type and which are changed between the sigsetjmp() invocation and siglongjmp() call are indeterminate. Tagging steps and signalled with volatile enabled the test to pass. Signed-off-by: Edward Liaw <edliaw(a)google.com> --- tools/testing/selftests/vm/userfaultfd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c index 0bdfc1955229..2b2a68722ae1 100644 --- a/tools/testing/selftests/vm/userfaultfd.c +++ b/tools/testing/selftests/vm/userfaultfd.c @@ -931,7 +931,7 @@ static int faulting_process(int signal_test) unsigned long split_nr_pages; unsigned long lastnr; struct sigaction act; - unsigned long signalled = 0; + volatile unsigned long signalled = 0; split_nr_pages = (nr_pages + 1) / 2; @@ -946,7 +946,7 @@ static int faulting_process(int signal_test) } for (nr = 0; nr < split_nr_pages; nr++) { - int steps = 1; + volatile int steps = 1; unsigned long offset = nr * page_size; if (signal_test) { -- 2.36.1.476.g0c4daa206d-goog

1 year, 11 months

2
1
0 0

[PATCH v4 0/4] bpf: Add bpf_verify_pkcs7_signature() helper

by Roberto Sassu

One of the desirable features in security is the ability to restrict import of data to a given system based on data authenticity. If data import can be restricted, it would be possible to enforce a system-wide policy based on the signing keys the system owner trusts. This feature is widely used in the kernel. For example, if the restriction is enabled, kernel modules can be plugged in only if they are signed with a key whose public part is in the primary or secondary keyring. For eBPF, it can be useful as well. For example, it might be useful to authenticate data an eBPF program makes security decisions on. After a discussion in the eBPF mailing list, it was decided that the stated goal should be accomplished by introducing a new helper: bpf_verify_pkcs7_signature(), dedicated to verify PKCS#7 signatures. More helpers will be introduced later, as necessary. The job of bpf_verify_pkcs7_signature() is simply to call the corresponding signature verification function verify_pkcs7_signature(). Data and signature can be provided to the new helper with two dynamic pointers, to reduce the number of parameters. The keyring containing the signature verification key can be obtained with a new helper called bpf_request_key_by_id(). For now, keyrings can be obtained with an identifier defined in verification.h (except for the special value ULONG_MAX, used for testing). In the future, keyring can be searched also by their description. This functionality has not been included here in this patch set, as would require additional care for decrementing the reference count of the keyring. It could be added later. While bpf_request_key_by_id() can be called from any program, bpf_verify_pkcs7_signature(), instead, must be called by a sleepable program, as it is doing crypto operations. For the latter, for example, lsm.s/bpf is suitable, fexit/array_map_update_elem is not. The added test, which invokes both helpers, checks the ability of an eBPF program to verify module-style appended signatures, as produced by the kernel tool sign-file, currently used to sign kernel modules. The patch set is organized as follows. Patch 1 exports bpf_dynptr_get_size(), to obtain the real size of data carried by a dynamic pointer. Patch 2 introduces the bpf_request_key_by_id() helper. Patch 3 introduces the bpf_verify_pkcs7_signature() helper. Finally, patch 4 adds a test for both helpers. Changelog v3: - Rename bpf_verify_signature() back to bpf_verify_pkcs7_signature() to avoid managing different parameters for each signature verification function in one helper (suggested by Daniel) - Use dynamic pointers and export bpf_dynptr_get_size() (suggested by Alexei) - Introduce bpf_request_key_by_id() to give more flexibility to the caller of bpf_verify_pkcs7_signature() to retrieve the appropriate keyring (suggested by Alexei) - Fix test by reordering the gcc command line, always compile sign-file - Improve helper support check mechanism in the test v2: - Rename bpf_verify_pkcs7_signature() to a more generic bpf_verify_signature() and pass the signature type (suggested by KP) - Move the helper and prototype declaration under #ifdef so that user space can probe for support for the helper (suggested by Daniel) - Describe better the keyring types (suggested by Daniel) - Include linux/bpf.h instead of vmlinux.h to avoid implicit or redeclaration - Make the test selfcontained (suggested by Alexei) v1: - Don't define new map flag but introduce simple wrapper of verify_pkcs7_signature() (suggested by Alexei and KP) Roberto Sassu (4): bpf: Export bpf_dynptr_get_size() bpf: Add bpf_request_key_by_id() helper bpf: Add bpf_verify_pkcs7_signature() helper selftests/bpf: Add test for bpf_verify_pkcs7_signature() helper include/linux/bpf.h | 1 + include/uapi/linux/bpf.h | 25 ++ kernel/bpf/bpf_lsm.c | 60 +++++ kernel/bpf/helpers.c | 2 +- scripts/bpf_doc.py | 2 + tools/include/uapi/linux/bpf.h | 25 ++ tools/testing/selftests/bpf/Makefile | 14 +- tools/testing/selftests/bpf/config | 2 + .../bpf/prog_tests/verify_pkcs7_sig.c | 217 ++++++++++++++++++ .../bpf/progs/test_verify_pkcs7_sig.c | 168 ++++++++++++++ .../testing/selftests/bpf/verify_sig_setup.sh | 100 ++++++++ 11 files changed, 612 insertions(+), 4 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/verify_pkcs7_sig.c create mode 100644 tools/testing/selftests/bpf/progs/test_verify_pkcs7_sig.c create mode 100755 tools/testing/selftests/bpf/verify_sig_setup.sh -- 2.25.1

1 year, 11 months

2
5
0 0

[PATCH] userfaultfd/selftests: Fix typo in comment

by Xiang wangx

Delete the redundant word 'in'. Signed-off-by: Xiang wangx <wangxiang(a)cdjrlc.com> --- tools/testing/selftests/vm/userfaultfd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/vm/userfaultfd.c b/tools/testing/selftests/vm/userfaultfd.c index 0bdfc1955229..4bc24581760d 100644 --- a/tools/testing/selftests/vm/userfaultfd.c +++ b/tools/testing/selftests/vm/userfaultfd.c @@ -860,7 +860,7 @@ static int stress(struct uffd_stats *uffd_stats) /* * Be strict and immediately zap area_src, the whole area has * been transferred already by the background treads. The - * area_src could then be faulted in in a racy way by still + * area_src could then be faulted in a racy way by still * running uffdio_threads reading zeropages after we zapped * area_src (but they're guaranteed to get -EEXIST from * UFFDIO_COPY without writing zero pages into area_dst -- 2.36.1

1 year, 11 months

2
1
0 0

[PATCH] selftests: Fix clang cross compilation

by Mark Brown

Unlike GCC clang uses a single compiler image to support multiple target architectures meaning that we can't simply rely on CROSS_COMPILE to select the output architecture. Instead we must pass --target to the compiler to tell it what to output, kselftest was not doing this so cross compilation of kselftest using clang resulted in kselftest being built for the host architecture. More work is required to fix tests using custom rules but this gets the bulk of things building. Signed-off-by: Mark Brown <broonie(a)kernel.org> --- tools/testing/selftests/lib.mk | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/lib.mk b/tools/testing/selftests/lib.mk index 2a2d240cdc1b..1a5cc3cd97ec 100644 --- a/tools/testing/selftests/lib.mk +++ b/tools/testing/selftests/lib.mk @@ -7,10 +7,31 @@ else ifneq ($(filter -%,$(LLVM)),) LLVM_SUFFIX := $(LLVM) endif -CC := $(LLVM_PREFIX)clang$(LLVM_SUFFIX) +CLANG_TARGET_FLAGS_arm := arm-linux-gnueabi +CLANG_TARGET_FLAGS_arm64 := aarch64-linux-gnu +CLANG_TARGET_FLAGS_hexagon := hexagon-linux-musl +CLANG_TARGET_FLAGS_m68k := m68k-linux-gnu +CLANG_TARGET_FLAGS_mips := mipsel-linux-gnu +CLANG_TARGET_FLAGS_powerpc := powerpc64le-linux-gnu +CLANG_TARGET_FLAGS_riscv := riscv64-linux-gnu +CLANG_TARGET_FLAGS_s390 := s390x-linux-gnu +CLANG_TARGET_FLAGS_x86 := x86_64-linux-gnu +CLANG_TARGET_FLAGS := $(CLANG_TARGET_FLAGS_$(ARCH)) + +ifeq ($(CROSS_COMPILE),) +ifeq ($(CLANG_TARGET_FLAGS),) +$(error Specify CROSS_COMPILE or add '--target=' option to lib.mk +else +CLANG_FLAGS += --target=$(CLANG_TARGET_FLAGS) +endif # CLANG_TARGET_FLAGS +else +CLANG_FLAGS += --target=$(notdir $(CROSS_COMPILE:%-=%)) +endif # CROSS_COMPILE + +CC := $(LLVM_PREFIX)clang$(LLVM_SUFFIX) $(CLANG_FLAGS) -fintegrated-as else CC := $(CROSS_COMPILE)gcc -endif +endif # LLVM ifeq (0,$(MAKELEVEL)) ifeq ($(OUTPUT),) -- 2.30.2

1 year, 11 months

2
1
0 0

[PATCH v4 0/4] KVM: s390: selftests: Provide TAP output in tests

by Thomas Huth

This patch series is motivated by Shuah's suggestion here: https://lore.kernel.org/kvm/d576d8f7-980f-3bc6-87ad-5a6ae45609b8@linuxfound… Many s390x KVM selftests do not output any information about which tests have been run, so it's hard to say whether a test binary contains a certain sub-test or not. To improve this situation let's add some TAP output via the kselftest.h interface to these tests, so that it easier to understand what has been executed or not. v4: - Rebased to include test_termination() now in the memop test - Reworked the extension capability check in the memop test v3: - Added comments / fixed cosmetics according to Janosch's and Janis' reviews of the v2 series - Added Reviewed-by tags from the v2 series v2: - Reworked the extension checking in the first patch - Make sure to always print the TAP 13 header in the second patch - Reworked the SKIP printing in the third patch Thomas Huth (4): KVM: s390: selftests: Use TAP interface in the memop test KVM: s390: selftests: Use TAP interface in the sync_regs test KVM: s390: selftests: Use TAP interface in the tprot test KVM: s390: selftests: Use TAP interface in the reset test tools/testing/selftests/kvm/s390x/memop.c | 95 +++++++++++++++---- tools/testing/selftests/kvm/s390x/resets.c | 38 ++++++-- .../selftests/kvm/s390x/sync_regs_test.c | 87 +++++++++++++---- tools/testing/selftests/kvm/s390x/tprot.c | 29 +++++- 4 files changed, 197 insertions(+), 52 deletions(-) -- 2.31.1

1 year, 11 months

4
10
0 0

[PATCH] KVM: selftests: Remove the mismatched parameter comments

by shaoqin.huang＠intel.com

From: Shaoqin Huang <shaoqin.huang(a)intel.com> There are some parameter being removed in function but the parameter comments still exist, so remove them. Signed-off-by: Shaoqin Huang <shaoqin.huang(a)intel.com> --- tools/testing/selftests/kvm/lib/kvm_util.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 1665a220abcb..58fdc82b20f4 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1336,8 +1336,6 @@ static vm_vaddr_t vm_vaddr_unused_gap(struct kvm_vm *vm, size_t sz, * vm - Virtual Machine * sz - Size in bytes * vaddr_min - Minimum starting virtual address - * data_memslot - Memory region slot for data pages - * pgd_memslot - Memory region slot for new virtual translation tables * * Output Args: None * @@ -1423,7 +1421,6 @@ vm_vaddr_t vm_vaddr_alloc_page(struct kvm_vm *vm) * vaddr - Virtuall address to map * paddr - VM Physical Address * npages - The number of pages to map - * pgd_memslot - Memory region slot for new virtual translation tables * * Output Args: None * -- 2.30.2

1 year, 11 months

4
4
0 0

[PATCH MANUALSEL 5.15 3/4] KVM: selftests: Make hyperv_clock selftest more stable

by Sasha Levin

From: Vitaly Kuznetsov <vkuznets(a)redhat.com> [ Upstream commit eae260be3a0111a28fe95923e117a55dddec0384 ] hyperv_clock doesn't always give a stable test result, especially with AMD CPUs. The test compares Hyper-V MSR clocksource (acquired either with rdmsr() from within the guest or KVM_GET_MSRS from the host) against rdtsc(). To increase the accuracy, increase the measured delay (done with nop loop) by two orders of magnitude and take the mean rdtsc() value before and after rdmsr()/KVM_GET_MSRS. Reported-by: Maxim Levitsky <mlevitsk(a)redhat.com> Signed-off-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Reviewed-by: Maxim Levitsky <mlevitsk(a)redhat.com> Tested-by: Maxim Levitsky <mlevitsk(a)redhat.com> Message-Id: <20220601144322.1968742-1-vkuznets(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/kvm/x86_64/hyperv_clock.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c index e0b2bb1339b1..3330fb183c68 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c @@ -44,7 +44,7 @@ static inline void nop_loop(void) { int i; - for (i = 0; i < 1000000; i++) + for (i = 0; i < 100000000; i++) asm volatile("nop"); } @@ -56,12 +56,14 @@ static inline void check_tsc_msr_rdtsc(void) tsc_freq = rdmsr(HV_X64_MSR_TSC_FREQUENCY); GUEST_ASSERT(tsc_freq > 0); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer rdmsr() */ r1 = rdtsc(); t1 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; GUEST_ASSERT(r2 > r1 && t2 > t1); @@ -181,12 +183,14 @@ static void host_check_tsc_msr_rdtsc(struct kvm_vm *vm) tsc_freq = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TSC_FREQUENCY); TEST_ASSERT(tsc_freq > 0, "TSC frequency must be nonzero"); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer ioctl */ r1 = rdtsc(); t1 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; TEST_ASSERT(t2 > t1, "Time reference MSR is not monotonic (%ld <= %ld)", t1, t2); -- 2.35.1

1 year, 11 months

1
0
0 0

[PATCH MANUALSEL 5.17 3/4] KVM: selftests: Make hyperv_clock selftest more stable

by Sasha Levin

From: Vitaly Kuznetsov <vkuznets(a)redhat.com> [ Upstream commit eae260be3a0111a28fe95923e117a55dddec0384 ] hyperv_clock doesn't always give a stable test result, especially with AMD CPUs. The test compares Hyper-V MSR clocksource (acquired either with rdmsr() from within the guest or KVM_GET_MSRS from the host) against rdtsc(). To increase the accuracy, increase the measured delay (done with nop loop) by two orders of magnitude and take the mean rdtsc() value before and after rdmsr()/KVM_GET_MSRS. Reported-by: Maxim Levitsky <mlevitsk(a)redhat.com> Signed-off-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Reviewed-by: Maxim Levitsky <mlevitsk(a)redhat.com> Tested-by: Maxim Levitsky <mlevitsk(a)redhat.com> Message-Id: <20220601144322.1968742-1-vkuznets(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/kvm/x86_64/hyperv_clock.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c index e0b2bb1339b1..3330fb183c68 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c @@ -44,7 +44,7 @@ static inline void nop_loop(void) { int i; - for (i = 0; i < 1000000; i++) + for (i = 0; i < 100000000; i++) asm volatile("nop"); } @@ -56,12 +56,14 @@ static inline void check_tsc_msr_rdtsc(void) tsc_freq = rdmsr(HV_X64_MSR_TSC_FREQUENCY); GUEST_ASSERT(tsc_freq > 0); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer rdmsr() */ r1 = rdtsc(); t1 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; GUEST_ASSERT(r2 > r1 && t2 > t1); @@ -181,12 +183,14 @@ static void host_check_tsc_msr_rdtsc(struct kvm_vm *vm) tsc_freq = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TSC_FREQUENCY); TEST_ASSERT(tsc_freq > 0, "TSC frequency must be nonzero"); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer ioctl */ r1 = rdtsc(); t1 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; TEST_ASSERT(t2 > t1, "Time reference MSR is not monotonic (%ld <= %ld)", t1, t2); -- 2.35.1

1 year, 11 months

1
0
0 0

[PATCH MANUALSEL 5.18 3/6] KVM: selftests: Make hyperv_clock selftest more stable

by Sasha Levin

From: Vitaly Kuznetsov <vkuznets(a)redhat.com> [ Upstream commit eae260be3a0111a28fe95923e117a55dddec0384 ] hyperv_clock doesn't always give a stable test result, especially with AMD CPUs. The test compares Hyper-V MSR clocksource (acquired either with rdmsr() from within the guest or KVM_GET_MSRS from the host) against rdtsc(). To increase the accuracy, increase the measured delay (done with nop loop) by two orders of magnitude and take the mean rdtsc() value before and after rdmsr()/KVM_GET_MSRS. Reported-by: Maxim Levitsky <mlevitsk(a)redhat.com> Signed-off-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Reviewed-by: Maxim Levitsky <mlevitsk(a)redhat.com> Tested-by: Maxim Levitsky <mlevitsk(a)redhat.com> Message-Id: <20220601144322.1968742-1-vkuznets(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/testing/selftests/kvm/x86_64/hyperv_clock.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c index e0b2bb1339b1..3330fb183c68 100644 --- a/tools/testing/selftests/kvm/x86_64/hyperv_clock.c +++ b/tools/testing/selftests/kvm/x86_64/hyperv_clock.c @@ -44,7 +44,7 @@ static inline void nop_loop(void) { int i; - for (i = 0; i < 1000000; i++) + for (i = 0; i < 100000000; i++) asm volatile("nop"); } @@ -56,12 +56,14 @@ static inline void check_tsc_msr_rdtsc(void) tsc_freq = rdmsr(HV_X64_MSR_TSC_FREQUENCY); GUEST_ASSERT(tsc_freq > 0); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer rdmsr() */ r1 = rdtsc(); t1 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; GUEST_ASSERT(r2 > r1 && t2 > t1); @@ -181,12 +183,14 @@ static void host_check_tsc_msr_rdtsc(struct kvm_vm *vm) tsc_freq = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TSC_FREQUENCY); TEST_ASSERT(tsc_freq > 0, "TSC frequency must be nonzero"); - /* First, check MSR-based clocksource */ + /* For increased accuracy, take mean rdtsc() before and afrer ioctl */ r1 = rdtsc(); t1 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r1 = (r1 + rdtsc()) / 2; nop_loop(); r2 = rdtsc(); t2 = vcpu_get_msr(vm, VCPU_ID, HV_X64_MSR_TIME_REF_COUNT); + r2 = (r2 + rdtsc()) / 2; TEST_ASSERT(t2 > t1, "Time reference MSR is not monotonic (%ld <= %ld)", t1, t2); -- 2.35.1

1 year, 11 months

1
0
0 0

[RFC V1 PATCH 0/3] selftests: KVM: sev: selftests for fd-based approach of supporting private memory

by Vishal Annapurve

This series implements selftests targeting the feature floated by Chao via: https://lore.kernel.org/linux-mm/20220519153713.819591-1-chao.p.peng@linux.… Below changes aim to test the fd based approach for guest private memory in context of SEV/SEV-ES VMs executing on AMD SEV/SEV-ES compatible platforms. This series has dependency on following patch series: 1) V6 series patches from Chao mentioned above. 2) https://lore.kernel.org/all/20211210164620.11636-1-michael.roth@amd.com/T/ - KVM: selftests: Add support for test-selectable ucall implementations series by Michael Roth 3) https://lore.kernel.org/kvm/20220104234129.dvpv3o3tihvzsqcr@amd.com/T/ - KVM: selftests: Add tests for SEV and SEV-ES guests series by Michael Roth And few additional patches: * https://github.com/vishals4gh/linux/commit/2cb215cb6b4dff7fdf70349816517962… - Confidential platforms along with the confidentiality aware software stack support a notion of private/shared accesses from the confidential VMs. Generally, a bit in the GPA conveys the shared/private-ness of the access. SEV/SEV-ES implementation doesn't expose the encryption bit information via fault address to KVM and so this hack is still needed to signal private/shared access ranges to the kvm. * https://github.com/vishals4gh/linux/commit/81a7d24231f6b8fb4174bbf97ed73368… Github link for the patches posted as part of this series: https://github.com/vishals4gh/linux/commits/sev_upm_selftests_rfc_v1 sev_priv_memfd_test.c file adds a suite of selftests to access private memory from the SEV/SEV-ES guests via private/shared accesses and checking if the contents can be leaked to/accessed by vmm via shared memory view. To allow SEV/SEV-ES VMs to toggle the encryption bit during memory conversion, support is added for mapping guest pagetables to guest va ranges and passing the mapping information to guests via shared pages. Vishal Annapurve (3): selftests: kvm: x86_64: Add support for pagetable tracking selftests: kvm: sev: Handle hypercall exit selftests: kvm: sev: Port UPM selftests onto SEV/SEV-ES VMs tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/include/kvm_util_base.h | 98 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 81 +- .../selftests/kvm/lib/kvm_util_internal.h | 9 + .../selftests/kvm/lib/x86_64/processor.c | 36 + .../selftests/kvm/lib/x86_64/sev_exitlib.c | 39 +- .../kvm/x86_64/sev_priv_memfd_test.c | 1511 +++++++++++++++++ 8 files changed, 1770 insertions(+), 6 deletions(-) create mode 100644 tools/testing/selftests/kvm/x86_64/sev_priv_memfd_test.c -- 2.36.1.124.g0e6072fb45-goog

1 year, 11 months

2
7
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror June 2022