Re: [kvm-unit-tests RFC 14/16] x86 AMD SEV-ES: Copy UEFI #VC IDT entry

[Sean Christopherson <seanjc@google.com>]

On Wed, Aug 18, 2021, Zixuan Wang wrote:
> AMD SEV-ES introduces a new #VC exception that handles the communication
> between guest and host.  UEFI already implements a #VC handler so there
> is no need to re-implement it in KVM-Unit-Tests. To reuse this #VC
> handler, this commit reads UEFI's IDT, copy the #VC IDT entry into
> KVM-Unit-Tests' IDT.
> 
> In this commit, load_idt() can work and now guest crashes in
> setup_page_table(), which will be fixed by follow-up commits.

As a stop gap to get SEV testing of any kind enabled, I think piggybacking the
vBIOS #VC handler is a great idea.  But long term, kvm-unit-tests absolutely
needs to have its own #VC handler.

In addition to the downsides Joerg pointed out[*], relying on an external #VC
introduces the possibility of test failures that are tied to the vBIOS being
used.  Such dependencies already exist to some extent, e.g. using a buggy QEMU or
SeaBIOS could certainly introduce failures, but those components are far more
mature and less likely to break in weird ways unique to a specific test.

Another potential issue is that it's possible vBIOS will be enlightened to the
point where it _never_ expects a #VC, e.g. does #VMGEXIT directly, and thus panics
on any #VC instead of requesting the necessary emulation.

Fixing the vBIOS image in the repo would mostly solve those problems, but it
wouldn't solve the lack of flexibility for the #VC handler, and debugging a third
party #VC handler would likely be far more difficult to debug when failures
inevitably occur.

So, if these shenanigans give us test coverage now instead of a few months from
now, than I say go for it.  But, we need clear line of sight to a "native" #VC
handler, confidence that it will actually get written in a timely manner, and an
easily reverted set of commits to unwind all of the UEFI stuff.

[*] https://lkml.kernel.org/r/YRuURERGp8CQ1jAX@suse.de

> Signed-off-by: Zixuan Wang <zixuanwang@google.com>
> ---
>  lib/x86/amd_sev.c | 10 ++++++++++
>  lib/x86/amd_sev.h |  5 +++++
>  2 files changed, 15 insertions(+)
> 
> diff --git a/lib/x86/amd_sev.c b/lib/x86/amd_sev.c
> index c2aebdf..04b6912 100644
> --- a/lib/x86/amd_sev.c
> +++ b/lib/x86/amd_sev.c
> @@ -46,11 +46,21 @@ EFI_STATUS setup_amd_sev(void)
>  
>  #ifdef CONFIG_AMD_SEV_ES
>  EFI_STATUS setup_amd_sev_es(void){
> +	struct descriptor_table_ptr idtr;
> +	idt_entry_t *idt;
> +
>  	/* Test if SEV-ES is enabled */
>  	if (!(rdmsr(MSR_SEV_STATUS) & SEV_ES_ENABLED_MASK)) {
>  		return EFI_UNSUPPORTED;
>  	}
>  
> +	/* Copy UEFI's #VC IDT entry, so KVM-Unit-Tests can reuse it and does

Nit, multiline comments should have a leading bare /*, i.e.

	/*
	 * Copy ....
	 * not have to ...

> +	 * not have to re-implement a #VC handler
> +	 */
> +	sidt(&idtr);
> +	idt = (idt_entry_t *)idtr.base;
> +	boot_idt[SEV_ES_VC_HANDLER_VECTOR] = idt[SEV_ES_VC_HANDLER_VECTOR];
> +
>  	return EFI_SUCCESS;
>  }
>  
> diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h
> index 4d81cae..5ebd4a6 100644
> --- a/lib/x86/amd_sev.h
> +++ b/lib/x86/amd_sev.h
> @@ -36,6 +36,11 @@
>  #define SEV_ENABLED_MASK    0b1
>  #define SEV_ES_ENABLED_MASK 0b10
>  
> +/* AMD Programmer's Manual Volume 2
> + *   - Section "#VC Exception"
> + */
> +#define SEV_ES_VC_HANDLER_VECTOR 29
> +
>  EFI_STATUS setup_amd_sev(void);
>  #ifdef CONFIG_AMD_SEV_ES
>  EFI_STATUS setup_amd_sev_es(void);
> -- 
> 2.33.0.rc1.237.g0d66db33f3-goog
>