Re: [kvm-unit-tests PATCH 1/2] nVMX: Restore active host RIP/CR4 after test_host_addr_size()

[Sean Christopherson <sean.j.christopherson@intel.com>]

On Wed, Jul 15, 2020 at 02:34:23PM -0700, Krish Sadhukhan wrote:
> 
> On 7/15/20 11:48 AM, Sean Christopherson wrote:
> >On Wed, Jul 15, 2020 at 11:34:46AM -0700, Krish Sadhukhan wrote:
> >>On 7/13/20 5:23 PM, Sean Christopherson wrote:
> >>>Perform one last VMX transition to actually load the host's RIP and CR4
> >>>at the end of test_host_addr_size().  Simply writing the VMCS doesn't
> >>>restore the values in hardware, e.g. as is, CR4.PCIDE can be left set,
> >>>which causes spectacularly confusing explosions when other misguided
> >>>tests assume setting bit 63 in CR3 will cause a non-canonical #GP.
> >>>
> >>>Fixes: 0786c0316ac05 ("kvm-unit-test: nVMX: Check Host Address Space Size on vmentry of nested guests")
> >>>Cc: Krish Sadhukhan <krish.sadhukhan@oracle.com>
> >>>Cc: Karl Heubaum <karl.heubaum@oracle.com>
> >>>Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> >>>---
> >>>  x86/vmx_tests.c | 5 +++++
> >>>  1 file changed, 5 insertions(+)
> >>>
> >>>diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
> >>>index 29f3d0e..cb42a2d 100644
> >>>--- a/x86/vmx_tests.c
> >>>+++ b/x86/vmx_tests.c
> >>>@@ -7673,6 +7673,11 @@ static void test_host_addr_size(void)
> >>>  		vmcs_write(ENT_CONTROLS, entry_ctrl_saved | ENT_GUEST_64);
> >>>  		vmcs_write(HOST_RIP, rip_saved);
> >>>  		vmcs_write(HOST_CR4, cr4_saved);
> >>>+
> >>>+		/* Restore host's active RIP and CR4 values. */
> >>>+		report_prefix_pushf("restore host state");
> >>>+		test_vmx_vmlaunch(0);
> >>>+		report_prefix_pop();
> >>>  	}
> >>>  }
> >>Just for my understanding.  When you say, "other misguided tests", which
> >>tests are you referring to ?  In the current sequence of tests in
> >>vmx_host_state_area_test(), test_load_host_perf_global_ctrl() is the  one
> >>that follows and it runs fine.
> >See test_mtf_guest() in patch 2/2.  https://patchwork.kernel.org/patch/11661189/
> 
> I ran the two tests as follows but couldn't reproduce it:
> 
>     ./x86/run x86/vmx.flat  -smp 1 -cpu host,+vmx -append
> "vmx_host_state_area_test vmx_mtf_test"
> 
> 
> How did you run the them ?

I ran the VMX testcase from x86/unittest.cfg (below) on HSW.  I eventually
narrowed it down to just test_host_addr_size() and the MTF test.  Note, the
failure signature will change depending on whether vmx_cr_load_test() is
run between those two.  If it's not run, the failure is a straightforward
triple fault.  If it is run, for me the failure morphed into a an emulation
error because the unit test was able to generate a valid translation out of
CR3=0 and hit a non-existent memslot, which was all kinds of confusing.

./x86/run x86/vmx.flat -smp 1 -cpu host,+vmx -append "-exit_monitor_from_l2_test -ept_access* -vmx_smp* -vmx_vmcs_shadow_test -atomic_switch_overflow_msrs_test -vmx_init_signal_test -vmx_apic_passthrough_tpr_threshold_test"