From: Ricardo Koller <ricarkol@google.com>
To: Eric Auger <eric.auger@redhat.com>
Cc: kvm@vger.kernel.org, maz@kernel.org, shuah@kernel.org,
pshier@google.com, Paolo Bonzini <pbonzini@redhat.com>,
kvmarm@lists.cs.columbia.edu
Subject: Re: [PATCH 2/2] KVM: arm64: selftests: test for vgic redist above the VM IPA size
Date: Thu, 9 Sep 2021 11:22:27 -0700 [thread overview]
Message-ID: <YTpQ4y37RhaQTJ3m@google.com> (raw)
In-Reply-To: <83282104-ca04-c4f5-3570-c884a22ab667@redhat.com>
On Thu, Sep 09, 2021 at 03:54:31PM +0200, Eric Auger wrote:
> Hi Ricardo,
>
> On 9/8/21 11:03 PM, Ricardo Koller wrote:
> > This test attempts (and fails) to set a redistributor region using the
> > legacy KVM_VGIC_V3_ADDR_TYPE_REDIST that's partially above the
> > VM-specified IPA size.
> >
> > Signed-off-by: Ricardo Koller <ricarkol@google.com>
> > ---
> > .../testing/selftests/kvm/aarch64/vgic_init.c | 44 +++++++++++++++++++
> > 1 file changed, 44 insertions(+)
> >
> > diff --git a/tools/testing/selftests/kvm/aarch64/vgic_init.c b/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > index 623f31a14326..6dd7b5e91421 100644
> > --- a/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > +++ b/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > @@ -285,6 +285,49 @@ static void test_vcpus_then_vgic(void)
> > vm_gic_destroy(&v);
> > }
> >
> > +static void test_redist_above_vm_pa_bits(enum vm_guest_mode mode)
> > +{
> > + struct vm_gic v;
> > + int ret, i;
> > + uint32_t vcpuids[] = { 1, 2, 3, 4, };
> > + int pa_bits = vm_guest_mode_params[mode].pa_bits;
> > + uint64_t addr, psize = 1ULL << pa_bits;
> > +
> > + /* Add vcpu 1 */
> > + v.vm = vm_create_with_vcpus(mode, 1, DEFAULT_GUEST_PHY_PAGES,
> > + 0, 0, guest_code, vcpuids);
> > + v.gic_fd = kvm_create_device(v.vm, KVM_DEV_TYPE_ARM_VGIC_V3, false);
> > +
> > + /* Set space for half a redist, we have 1 vcpu, so this fails. */
> > + addr = psize - 0x10000;
> > + ret = _kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_REDIST, &addr, true);
> > + TEST_ASSERT(ret && errno == EINVAL, "not enough space for one redist");
> > +
> > + /* Set space for 3 redists, we have 1 vcpu, so this succeeds. */
> > + addr = psize - (3 * 2 * 0x10000);
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_REDIST, &addr, true);
>
> I think you need to test both the old API (KVM_VGIC_V3_ADDR_TYPE_REDIST)
> and the new one (KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION).
>
> Can't you integrate those new checks in existing tests,
> subtest_redist_regions() and subtest_dist_rdist() which already tests
> base addr beyond IPA limit (but not range end unfortunately). look for
> E2BIG.
>
Had some issues adapting subtest_dist_rdist() as the IPA range check for
ADDR_TYPE_REDIST is done at 1st vcpu run. subtest_dist_rdist() is
already used to set overlapping dist/redist regions, which is then
checked to generate EINVAL on 1st vcpu run. If subtest_dist_rdist() is
also used to set the redist region above phys_size, then there won't be
a way of checking that the vcpu run fails because of both the overlap
and IPA issue. It was simpler and cleaner to just add a new function
for the ADDR_TYPE_REDIST IPA range test. Will adapt
subtest_redist_regions() as the check for ADDR_TYPE_REDIST_REGION can be
done when setting the regions.
Related Question:
Both the KVM_VGIC_V3_ADDR_TYPE_REDIST and KVM_RUN currently return
EINVAL with my proposed change (not E2BIG). I will change
KVM_VGIC_V3_ADDR_TYPE_REDIST to fail with E2BIG, but will leave KVM_RUN
failing with EINVAL. Would you say that's the correct behavior?
Thanks,
Ricardo
> Thanks
>
> Eric
> > +
> > + addr = 0x00000;
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_DIST, &addr, true);
> > +
> > + /* Add three vcpus (2, 3, 4). */
> > + for (i = 1; i < 4; ++i)
> > + vm_vcpu_add_default(v.vm, vcpuids[i], guest_code);
> > +
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_CTRL,
> > + KVM_DEV_ARM_VGIC_CTRL_INIT, NULL, true);
> > +
> > + /* Attempt to run a vcpu without enough redist space. */
> > + ret = run_vcpu(v.vm, vcpuids[3]);
> > + TEST_ASSERT(ret && errno == EINVAL,
> > + "redist base+size above IPA detected on 1st vcpu run");
> > +
> > + vm_gic_destroy(&v);
> > +}
> > +
> > static void test_new_redist_regions(void)
> > {
> > void *dummy = NULL;
> > @@ -542,6 +585,7 @@ int main(int ac, char **av)
> > test_kvm_device();
> > test_vcpus_then_vgic();
> > test_vgic_then_vcpus();
> > + test_redist_above_vm_pa_bits(VM_MODE_DEFAULT);
> > test_new_redist_regions();
> > test_typer_accesses();
> > test_last_bit_redist_regions();
>
_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
WARNING: multiple messages have this Message-ID (diff)
From: Ricardo Koller <ricarkol@google.com>
To: Eric Auger <eric.auger@redhat.com>
Cc: kvm@vger.kernel.org, maz@kernel.org,
kvmarm@lists.cs.columbia.edu, drjones@redhat.com,
alexandru.elisei@arm.com, Paolo Bonzini <pbonzini@redhat.com>,
oupton@google.com, james.morse@arm.com, suzuki.poulose@arm.com,
shuah@kernel.org, jingzhangos@google.com, pshier@google.com,
rananta@google.com, reijiw@google.com
Subject: Re: [PATCH 2/2] KVM: arm64: selftests: test for vgic redist above the VM IPA size
Date: Thu, 9 Sep 2021 11:22:27 -0700 [thread overview]
Message-ID: <YTpQ4y37RhaQTJ3m@google.com> (raw)
In-Reply-To: <83282104-ca04-c4f5-3570-c884a22ab667@redhat.com>
On Thu, Sep 09, 2021 at 03:54:31PM +0200, Eric Auger wrote:
> Hi Ricardo,
>
> On 9/8/21 11:03 PM, Ricardo Koller wrote:
> > This test attempts (and fails) to set a redistributor region using the
> > legacy KVM_VGIC_V3_ADDR_TYPE_REDIST that's partially above the
> > VM-specified IPA size.
> >
> > Signed-off-by: Ricardo Koller <ricarkol@google.com>
> > ---
> > .../testing/selftests/kvm/aarch64/vgic_init.c | 44 +++++++++++++++++++
> > 1 file changed, 44 insertions(+)
> >
> > diff --git a/tools/testing/selftests/kvm/aarch64/vgic_init.c b/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > index 623f31a14326..6dd7b5e91421 100644
> > --- a/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > +++ b/tools/testing/selftests/kvm/aarch64/vgic_init.c
> > @@ -285,6 +285,49 @@ static void test_vcpus_then_vgic(void)
> > vm_gic_destroy(&v);
> > }
> >
> > +static void test_redist_above_vm_pa_bits(enum vm_guest_mode mode)
> > +{
> > + struct vm_gic v;
> > + int ret, i;
> > + uint32_t vcpuids[] = { 1, 2, 3, 4, };
> > + int pa_bits = vm_guest_mode_params[mode].pa_bits;
> > + uint64_t addr, psize = 1ULL << pa_bits;
> > +
> > + /* Add vcpu 1 */
> > + v.vm = vm_create_with_vcpus(mode, 1, DEFAULT_GUEST_PHY_PAGES,
> > + 0, 0, guest_code, vcpuids);
> > + v.gic_fd = kvm_create_device(v.vm, KVM_DEV_TYPE_ARM_VGIC_V3, false);
> > +
> > + /* Set space for half a redist, we have 1 vcpu, so this fails. */
> > + addr = psize - 0x10000;
> > + ret = _kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_REDIST, &addr, true);
> > + TEST_ASSERT(ret && errno == EINVAL, "not enough space for one redist");
> > +
> > + /* Set space for 3 redists, we have 1 vcpu, so this succeeds. */
> > + addr = psize - (3 * 2 * 0x10000);
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_REDIST, &addr, true);
>
> I think you need to test both the old API (KVM_VGIC_V3_ADDR_TYPE_REDIST)
> and the new one (KVM_VGIC_V3_ADDR_TYPE_REDIST_REGION).
>
> Can't you integrate those new checks in existing tests,
> subtest_redist_regions() and subtest_dist_rdist() which already tests
> base addr beyond IPA limit (but not range end unfortunately). look for
> E2BIG.
>
Had some issues adapting subtest_dist_rdist() as the IPA range check for
ADDR_TYPE_REDIST is done at 1st vcpu run. subtest_dist_rdist() is
already used to set overlapping dist/redist regions, which is then
checked to generate EINVAL on 1st vcpu run. If subtest_dist_rdist() is
also used to set the redist region above phys_size, then there won't be
a way of checking that the vcpu run fails because of both the overlap
and IPA issue. It was simpler and cleaner to just add a new function
for the ADDR_TYPE_REDIST IPA range test. Will adapt
subtest_redist_regions() as the check for ADDR_TYPE_REDIST_REGION can be
done when setting the regions.
Related Question:
Both the KVM_VGIC_V3_ADDR_TYPE_REDIST and KVM_RUN currently return
EINVAL with my proposed change (not E2BIG). I will change
KVM_VGIC_V3_ADDR_TYPE_REDIST to fail with E2BIG, but will leave KVM_RUN
failing with EINVAL. Would you say that's the correct behavior?
Thanks,
Ricardo
> Thanks
>
> Eric
> > +
> > + addr = 0x00000;
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_ADDR,
> > + KVM_VGIC_V3_ADDR_TYPE_DIST, &addr, true);
> > +
> > + /* Add three vcpus (2, 3, 4). */
> > + for (i = 1; i < 4; ++i)
> > + vm_vcpu_add_default(v.vm, vcpuids[i], guest_code);
> > +
> > + kvm_device_access(v.gic_fd, KVM_DEV_ARM_VGIC_GRP_CTRL,
> > + KVM_DEV_ARM_VGIC_CTRL_INIT, NULL, true);
> > +
> > + /* Attempt to run a vcpu without enough redist space. */
> > + ret = run_vcpu(v.vm, vcpuids[3]);
> > + TEST_ASSERT(ret && errno == EINVAL,
> > + "redist base+size above IPA detected on 1st vcpu run");
> > +
> > + vm_gic_destroy(&v);
> > +}
> > +
> > static void test_new_redist_regions(void)
> > {
> > void *dummy = NULL;
> > @@ -542,6 +585,7 @@ int main(int ac, char **av)
> > test_kvm_device();
> > test_vcpus_then_vgic();
> > test_vgic_then_vcpus();
> > + test_redist_above_vm_pa_bits(VM_MODE_DEFAULT);
> > test_new_redist_regions();
> > test_typer_accesses();
> > test_last_bit_redist_regions();
>
next prev parent reply other threads:[~2021-09-09 18:22 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-08 21:03 [PATCH 0/2] KVM: arm64: vgic-v3: Missing check for redist region above the VM IPA size Ricardo Koller
2021-09-08 21:03 ` Ricardo Koller
2021-09-08 21:03 ` [PATCH 1/2] KVM: arm64: vgic: check redist region is not " Ricardo Koller
2021-09-08 21:03 ` Ricardo Koller
2021-09-08 21:32 ` Oliver Upton
2021-09-08 21:32 ` Oliver Upton
2021-09-08 21:50 ` Ricardo Koller
2021-09-08 21:50 ` Ricardo Koller
2021-09-08 22:00 ` Oliver Upton
2021-09-08 22:00 ` Oliver Upton
2021-09-09 10:20 ` Alexandru Elisei
2021-09-09 10:20 ` Alexandru Elisei
2021-09-09 14:43 ` Eric Auger
2021-09-09 14:43 ` Eric Auger
2021-09-09 16:47 ` Ricardo Koller
2021-09-09 16:47 ` Ricardo Koller
2021-09-10 8:28 ` Alexandru Elisei
2021-09-10 8:28 ` Alexandru Elisei
2021-09-10 8:42 ` Eric Auger
2021-09-10 8:42 ` Eric Auger
2021-09-10 19:32 ` Ricardo Koller
2021-09-10 19:32 ` Ricardo Koller
2021-09-13 8:51 ` Eric Auger
2021-09-13 8:51 ` Eric Auger
2021-09-13 10:15 ` Alexandru Elisei
2021-09-14 3:20 ` Ricardo Koller
2021-09-14 3:20 ` Ricardo Koller
2021-09-14 11:00 ` Alexandru Elisei
2021-09-20 21:01 ` Ricardo Koller
2021-09-20 21:01 ` Ricardo Koller
2021-09-08 21:03 ` [PATCH 2/2] KVM: arm64: selftests: test for vgic redist " Ricardo Koller
2021-09-08 21:03 ` Ricardo Koller
2021-09-09 13:54 ` Eric Auger
2021-09-09 13:54 ` Eric Auger
2021-09-09 18:22 ` Ricardo Koller [this message]
2021-09-09 18:22 ` Ricardo Koller
2021-09-10 7:12 ` Eric Auger
2021-09-10 7:12 ` Eric Auger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YTpQ4y37RhaQTJ3m@google.com \
--to=ricarkol@google.com \
--cc=eric.auger@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.cs.columbia.edu \
--cc=maz@kernel.org \
--cc=pbonzini@redhat.com \
--cc=pshier@google.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.