Re: [PATCH kvm-unit-tests 1/2] VMX: checks for validity of vmxon region

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jan Kiszka <jan.kiszka@siemens.com>
To: Bandan Das <bsd@redhat.com>, kvm@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH kvm-unit-tests 1/2] VMX: checks for validity of vmxon region
Date: Thu, 05 Jun 2014 09:00:03 +0200	[thread overview]
Message-ID: <53901573.4020004@siemens.com> (raw)
In-Reply-To: <1401916675-1568-2-git-send-email-bsd@redhat.com>

On 2014-06-04 23:17, Bandan Das wrote:
> Verify that vmon fails with unaligned vmxon region or
> any bits set beyong the physical address width. Also verify
> failure with an invalid revision identifier.
> 
> Signed-off-by: Bandan Das <bsd@redhat.com>
> ---
>  x86/vmx.c | 46 +++++++++++++++++++++++++++++++++++++++++++---
>  1 file changed, 43 insertions(+), 3 deletions(-)
> 
> diff --git a/x86/vmx.c b/x86/vmx.c
> index 1182eef..207eb81 100644
> --- a/x86/vmx.c
> +++ b/x86/vmx.c
> @@ -37,7 +37,7 @@
>  #include "smp.h"
>  #include "io.h"
>  
> -u32 *vmxon_region;
> +u64 *vmxon_region;
>  struct vmcs *vmcs_root;
>  u32 vpid_cnt;
>  void *guest_stack, *guest_syscall_stack;
> @@ -598,13 +598,53 @@ static int test_vmx_feature_control(void)
>  
>  static int test_vmxon(void)
>  {
> -	int ret;
> +	int ret, ret1;
>  	u64 rflags;
> +	u64 *tmp_region = vmxon_region;
> +	int width = cpuid(0x80000008).a & 0xff;
> +
> +	/* Unaligned page access */
> +	vmxon_region = (u64 *)((intptr_t)vmxon_region + 1);
> +	rflags = read_rflags() | X86_EFLAGS_CF | X86_EFLAGS_ZF;
> +	write_rflags(rflags);
> +	ret1 = vmx_on();

Can we ensure that the compiler doesn't inject any ops between
write_rflags and the vmxon that overwrite CF or ZF? If you want those
flags in a specific state, maybe it's better to pass that to vmx_on and
do this in the assembly block with vmxon.

> +	report("test vmxon with unaligned vmxon region", ret1);
> +	if (!ret1) {
> +		ret = 1;
> +		goto out;
> +	}
>  
> +	/* gpa bits beyond physical address width are set*/
> +	vmxon_region = (u64 *)((intptr_t)tmp_region | ((u64)1 << (width+1)));
> +	rflags = read_rflags() | X86_EFLAGS_CF | X86_EFLAGS_ZF;
> +	write_rflags(rflags);
> +	ret1 = vmx_on();
> +	report("test vmxon with bits set beyond physical address width", ret1);
> +	if (!ret1) {
> +		ret = 1;
> +		goto out;
> +	}
> +
> +	/* invalid revision indentifier */
> +	vmxon_region = tmp_region;
> +	*vmxon_region = 0xba9da9;
> +	rflags = read_rflags() | X86_EFLAGS_CF | X86_EFLAGS_ZF;
> +	write_rflags(rflags);
> +	ret1 = vmx_on();
> +	report("test vmxon with invalid revision identifier", ret1);
> +	if (!ret1) {
> +		ret = 1;
> +		goto out;
> +	}
> +
> +	/* and finally a valid region */
> +	*vmxon_region = basic.revision;
>  	rflags = read_rflags() | X86_EFLAGS_CF | X86_EFLAGS_ZF;
>  	write_rflags(rflags);
>  	ret = vmx_on();

Oh, this pattern is not by you! OK, but let's address this first, then
add the new tests on top.

Jan

> -	report("test vmxon", !ret);
> +	report("test vmxon with valid vmxon region", !ret);
> +
> +out:
>  	return ret;
>  }
>  
> 

-- 
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux

next prev parent reply	other threads:[~2014-06-05  7:00 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-04 21:17 [PATCH kvm-unit-tests 0/2] More nvmx unit tests changes Bandan Das
2014-06-04 21:17 ` [PATCH kvm-unit-tests 1/2] VMX: checks for validity of vmxon region Bandan Das
2014-06-05  7:00   ` Jan Kiszka [this message]
2014-06-05 10:35     ` Paolo Bonzini
2014-06-04 21:17 ` [PATCH kvm-unit-tests 2/2] VMX: Check for validity of vmcs region when calling vmclear/vmptrld Bandan Das

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53901573.4020004@siemens.com \
    --to=jan.kiszka@siemens.com \
    --cc=bsd@redhat.com \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.