This series adds KVM selftests for Secure AVIC.
The Secure AVIC KVM support patch series is at:
https://lore.kernel.org/kvm/20250228085115.105648-1-Neeraj.Upadhyay@amd.com/...
Git tree is available at:
https://github.com/AMDESE/linux-kvm/tree/savic-host-latest
This series depends on SNP Smoke tests patch series by Pratik:
https://lore.kernel.org/lkml/20250123220100.339867-1-prsampat@amd.com/
- Patch 1-6 are taken from Peter Gonda's patch series for GHCB support for SEV-ES guests. GHCB support for SNP guests is added to these patches.
https://lore.kernel.org/lkml/Ziln_Spd6KtgVqkr@google.com/T/#m6c0fc7e2b2e35f7...
Patches 7-8 are fixes on top of Peter's series.
- Patch 9 fixes IDT vector for #VC exception (29) which has a valid error code associated with the exception.
- Patch 10 adds #VC exception handling for rdmsr/wrmsr accesses of SEV-ES guests.
- Patch 11 skips vm_is_gpa_protected() check for APIC MMIO base address in __virt_pg_map() for VMs with protected memory. This is required for xapic tests enablement for SEV VMs.
- Patch 12 and 13 are PoC patches to support MMIO #VC handling for SEV-ES guests. They add x86 instruction decoding support.
- Patch 14 adds #VC handling for MMIO accesses by SEV-ES guests.
- Patch 15 adds movabs instruction decoding for cases where compiler generates movabs for MMIO reads/writes.
- Patch 16 adds SEV guests testing support in xapic_state_test.
- Patch 17 adds x2apic mode support in xapic_ipi_test.
- Patch 18 adds SEV VMs support in xapic_ipi_test.
- Patch 19 adds a library for Secure AVIC backing page initialization and enabling Secure AVIC for a SNP guest.
- Patch 20 adds support for SVM_EXIT_AVIC_UNACCELERATED_ACCESS #VC exception handling for APIC msr reads/writes by Secure AVIC enabled VM.
- Patch 21 adds support for SVM_EXIT_AVIC_INCOMPLETE_IPI #VC error code handling for Secure AVIC enabled VM.
- Patch 22 adds args param to kvm_arch_vm_post_create() to pass vmsa features to KVM_SEV_INIT2 ioctl for SEV VMs.
- Patch 23 adds an api for passing guest APIC page GPA to Hypervisor.
- Patch 24 adds Secure AVIC VM support to xapic_ipi_test test.
- Patch 25 adds a test for verifying APIC regs MMIO/msr accesses for a Secure AVIC VM before it enables x2apic mode, in x2apic mode and after enabling Secure AVIC in the Secure AVIC control msr.
- Patch 26 adds a msr access test to verify accelerated/unaccelerated msr acceses for Secure AVIC enabled VM.
- Patch 27 tests idle hlt for Secure AVIC enabled VM.
- Patch 28 adds IOAPIC tests for Secure AVIC enabled VM.
- Patch 29 adds cross-vCPU IPI testing with various destination shorthands for Secure AVIC enabled VM.
- Patch 30 adds Hypervisor NMI injection and cross-vCPU ICR based NMI for Secure AVIC enabled VM.
- Patch 31 adds MSI injection test for Secure AVIC enabled VM.
Neeraj Upadhyay (25): KVM: selftests: Fix ghcb_entry returned in ghcb_alloc() KVM: selftests: Make GHCB entry page size aligned KVM: selftests: Add support for #VC in x86 exception handlers KVM: selftests: Add MSR VC handling support for SEV-ES VMs KVM: selftests: Skip vm_is_gpa_protected() call for APIC MMIO base KVM: selftests: Add instruction decoding support KVM: selftests: Add instruction decoding support KVM: selftests: Add MMIO VC exception handling for SEV-ES guests KVM: selftests: Add instruction decoding for movabs instructions KVM: selftests: Add SEV guests support in xapic_state_test KVM: selftests: Add x2apic mode testing in xapic_ipi_test KVM: selftests: Add SEV VM support in xapic_ipi_test KVM: selftests: Add Secure AVIC lib KVM: selftests: Add unaccelerated APIC msrs #VC handling KVM: selftests: Add IPI handling support for Secure AVIC KVM: selftests: Add args param to kvm_arch_vm_post_create() KVM: selftests: Add SAVIC GPA notification GHCB call KVM: selftests: Add Secure AVIC mode to xapic_ipi_test KVM: selftests: Add Secure AVIC APIC regs test KVM: selftests: Add test to verify APIC MSR accesses for SAVIC guest KVM: selftests: Extend savic test with idle halt testing KVM: selftests: Add IOAPIC tests for Secure AVIC KVM: selftests: Add cross-vCPU IPI testing for SAVIC guests KVM: selftests: Add NMI test for SAVIC guests KVM: selftests: Add MSI injection test for SAVIC
Peter Gonda (6): Add GHCB with setters and getters Add arch specific additional guest pages Add vm_vaddr_alloc_pages_shared() Add GHCB allocations and helpers Add is_sev_enabled() helpers Add ability for SEV-ES guests to use ucalls via GHCB
tools/arch/x86/include/asm/msr-index.h | 4 +- tools/testing/selftests/kvm/.gitignore | 3 +- tools/testing/selftests/kvm/Makefile.kvm | 16 +- .../testing/selftests/kvm/include/kvm_util.h | 14 +- .../testing/selftests/kvm/include/x86/apic.h | 57 + .../selftests/kvm/include/x86/ex_regs.h | 21 + .../selftests/kvm/include/x86/insn-eval.h | 48 + .../selftests/kvm/include/x86/processor.h | 18 +- .../testing/selftests/kvm/include/x86/savic.h | 25 + tools/testing/selftests/kvm/include/x86/sev.h | 15 + tools/testing/selftests/kvm/include/x86/svm.h | 109 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 109 +- .../testing/selftests/kvm/lib/x86/handlers.S | 4 +- .../testing/selftests/kvm/lib/x86/insn-eval.c | 1726 +++++++++++++++++ .../testing/selftests/kvm/lib/x86/processor.c | 24 +- tools/testing/selftests/kvm/lib/x86/savic.c | 490 +++++ tools/testing/selftests/kvm/lib/x86/sev.c | 598 +++++- tools/testing/selftests/kvm/lib/x86/ucall.c | 18 + tools/testing/selftests/kvm/s390/cmma_test.c | 2 +- tools/testing/selftests/kvm/x86/savic_test.c | 1549 +++++++++++++++ .../selftests/kvm/x86/sev_smoke_test.c | 40 +- .../selftests/kvm/x86/xapic_ipi_test.c | 183 +- .../selftests/kvm/x86/xapic_state_test.c | 117 +- 23 files changed, 5084 insertions(+), 106 deletions(-) create mode 100644 tools/testing/selftests/kvm/include/x86/ex_regs.h create mode 100644 tools/testing/selftests/kvm/include/x86/insn-eval.h create mode 100644 tools/testing/selftests/kvm/include/x86/savic.h create mode 100644 tools/testing/selftests/kvm/lib/x86/insn-eval.c create mode 100644 tools/testing/selftests/kvm/lib/x86/savic.c create mode 100644 tools/testing/selftests/kvm/x86/savic_test.c
base-commit: f7bafceba76e9ab475b413578c1757ee18c3e44b