Re: [PATCH v3 5/6] VMX: Validate capability MSRs

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Paolo Bonzini <pbonzini@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: kvm <kvm@vger.kernel.org>, Bandan Das <bsd@redhat.com>
Subject: Re: [PATCH v3 5/6] VMX: Validate capability MSRs
Date: Wed, 18 Jun 2014 11:38:22 +0200	[thread overview]
Message-ID: <53A15E0E.4030500@redhat.com> (raw)
In-Reply-To: <53A12454.7@siemens.com>

Il 18/06/2014 07:32, Jan Kiszka ha scritto:
> Check for required-0 or required-1 bits as well as known field value
> restrictions. Also check the consistency between VMX_*_CTLS and
> VMX_TRUE_*_CTLS and between CR0/4_FIXED0 and CR0/4_FIXED1.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>
> Changes in v3:
> - integrated suggestions of Paolo
>
>  x86/vmx.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
>  x86/vmx.h |  5 +++--
>  2 files changed, 76 insertions(+), 3 deletions(-)
>
> diff --git a/x86/vmx.c b/x86/vmx.c
> index f01e443..5bb5969 100644
> --- a/x86/vmx.c
> +++ b/x86/vmx.c
> @@ -661,6 +661,77 @@ static void test_vmptrst(void)
>  	report("test vmptrst", (!ret) && (vmcs1 == vmcs2));
>  }
>
> +struct vmx_ctl_msr {
> +	const char *name;
> +	u32 index, true_index;
> +	u32 default1;
> +} vmx_ctl_msr[] = {
> +	{ "MSR_IA32_VMX_PINBASED_CTLS", MSR_IA32_VMX_PINBASED_CTLS,
> +	  MSR_IA32_VMX_TRUE_PIN, 0x16 },
> +	{ "MSR_IA32_VMX_PROCBASED_CTLS", MSR_IA32_VMX_PROCBASED_CTLS,
> +	  MSR_IA32_VMX_TRUE_PROC, 0x401e172 },
> +	{ "MSR_IA32_VMX_PROCBASED_CTLS2", MSR_IA32_VMX_PROCBASED_CTLS2,
> +	  MSR_IA32_VMX_PROCBASED_CTLS2, 0 },
> +	{ "MSR_IA32_VMX_EXIT_CTLS", MSR_IA32_VMX_EXIT_CTLS,
> +	  MSR_IA32_VMX_TRUE_EXIT, 0x36dff },
> +	{ "MSR_IA32_VMX_ENTRY_CTLS", MSR_IA32_VMX_ENTRY_CTLS,
> +	  MSR_IA32_VMX_TRUE_ENTRY, 0x11ff },
> +};
> +
> +static void test_vmx_caps(void)
> +{
> +	u64 val, default1, fixed0, fixed1;
> +	union vmx_ctrl_msr ctrl, true_ctrl;
> +	unsigned int n;
> +	bool ok;
> +
> +	printf("\nTest suite: VMX capability reporting\n");
> +
> +	report("MSR_IA32_VMX_BASIC",
> +	       (basic.revision & (1ul << 31)) == 0 &&
> +	       basic.size > 0 && basic.size <= 4096 &&
> +	       (basic.type == 0 || basic.type == 6) &&
> +	       basic.reserved1 == 0 && basic.reserved2 == 0);
> +
> +	val = rdmsr(MSR_IA32_VMX_MISC);
> +	report("MSR_IA32_VMX_MISC",
> +	       (!(ctrl_cpu_rev[1].clr & CPU_URG) || val & (1ul << 5)) &&
> +	       ((val >> 16) & 0x1ff) <= 256 &&
> +	       (val & 0xc0007e00) == 0);
> +
> +	for (n = 0; n < ARRAY_SIZE(vmx_ctl_msr); n++) {
> +		ctrl.val = rdmsr(vmx_ctl_msr[n].index);
> +		default1 = vmx_ctl_msr[n].default1;
> +		ok = (ctrl.set & default1) == default1;
> +		ok = ok && (ctrl.set & ~ctrl.clr) == 0;
> +		if (ok && basic.ctrl) {
> +			true_ctrl.val = rdmsr(vmx_ctl_msr[n].true_index);
> +			ok = ctrl.clr == true_ctrl.clr;
> +			ok = ok && ctrl.set == (true_ctrl.set | default1);
> +		}
> +		report(vmx_ctl_msr[n].name, ok);
> +	}
> +
> +	fixed0 = rdmsr(MSR_IA32_VMX_CR0_FIXED0);
> +	fixed1 = rdmsr(MSR_IA32_VMX_CR0_FIXED1);
> +	report("MSR_IA32_VMX_IA32_VMX_CR0_FIXED0/1",
> +	       ((fixed0 ^ fixed1) & ~fixed1) == 0);
> +
> +	fixed0 = rdmsr(MSR_IA32_VMX_CR4_FIXED0);
> +	fixed1 = rdmsr(MSR_IA32_VMX_CR4_FIXED1);
> +	report("MSR_IA32_VMX_IA32_VMX_CR4_FIXED0/1",
> +	       ((fixed0 ^ fixed1) & ~fixed1) == 0);
> +
> +	val = rdmsr(MSR_IA32_VMX_VMCS_ENUM);
> +	report("MSR_IA32_VMX_VMCS_ENUM",
> +	       (val & 0x3e) >= 0x2a &&
> +	       (val & 0xfffffffffffffc01Ull) == 0);
> +
> +	val = rdmsr(MSR_IA32_VMX_EPT_VPID_CAP);
> +	report("MSR_IA32_VMX_EPT_VPID_CAP",
> +	       (val & 0xfffff07ef9eebebeUll) == 0);
> +}
> +
>  /* This function can only be called in guest */
>  static void __attribute__((__used__)) hypercall(u32 hypercall_no)
>  {
> @@ -803,7 +874,7 @@ static int test_run(struct vmx_test *test)
>  	regs = test->guest_regs;
>  	vmcs_write(GUEST_RFLAGS, regs.rflags | 0x2);
>  	launched = 0;
> -	printf("\nTest suite : %s\n", test->name);
> +	printf("\nTest suite: %s\n", test->name);
>  	vmx_run();
>  	if (vmx_off()) {
>  		printf("%s : vmxoff failed.\n", __func__);
> @@ -842,6 +913,7 @@ int main(void)
>  		goto exit;
>  	}
>  	test_vmxoff();
> +	test_vmx_caps();
>
>  	while (vmx_tests[++i].name != NULL)
>  		if (test_run(&vmx_tests[i]))
> diff --git a/x86/vmx.h b/x86/vmx.h
> index 00f2842..87457b1 100644
> --- a/x86/vmx.h
> +++ b/x86/vmx.h
> @@ -46,12 +46,13 @@ union vmx_basic {
>  	struct {
>  		u32 revision;
>  		u32	size:13,
> -			: 3,
> +			reserved1: 3,
>  			width:1,
>  			dual:1,
>  			type:4,
>  			insouts:1,
> -			ctrl:1;
> +			ctrl:1,
> +			reserved2:8;
>  	};
>  };
>
>

Thanks,

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

next prev parent reply	other threads:[~2014-06-18  9:38 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-17  7:04 [PATCH v2 0/6] kvm-unit-tests: more instr. interceptions, debug control migration Jan Kiszka
2014-06-17  7:04 ` [PATCH v2 1/6] VMX: Add tests for CR3 and CR8 interception Jan Kiszka
2014-06-17  7:41   ` Paolo Bonzini
2014-06-17  7:42     ` Jan Kiszka
2014-06-17  7:04 ` [PATCH v2 2/6] VMX: Rework test stage interface Jan Kiszka
2014-06-17  7:04 ` [PATCH v2 3/6] VMX: Test both interception and execution of instructions Jan Kiszka
2014-06-17  7:04 ` [PATCH v2 4/6] VMX: Unify vmx_ctrl_* unions to vmx_ctrl_msr Jan Kiszka
2014-06-17  7:04 ` [PATCH v2 5/6] VMX: Validate capability MSRs Jan Kiszka
2014-06-17  8:00   ` Paolo Bonzini
2014-06-18  5:32     ` [PATCH v3 " Jan Kiszka
2014-06-18  9:38       ` Paolo Bonzini [this message]
2014-06-17  7:04 ` [PATCH v2 6/6] VMX: Test behavior on set and cleared save/load debug controls Jan Kiszka

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53A15E0E.4030500@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=bsd@redhat.com \
    --cc=jan.kiszka@siemens.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.