From: Sean Christopherson <seanjc@google.com>
To: "Pratik R. Sampat" <prsampat@amd.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
kvm@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kselftest@vger.kernel.org, pbonzini@redhat.com,
thomas.lendacky@amd.com, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, shuah@kernel.org,
pgonda@google.com, ashish.kalra@amd.com, nikunj@amd.com,
pankaj.gupta@amd.com, michael.roth@amd.com, sraithal@amd.com
Subject: Re: [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test
Date: Tue, 11 Feb 2025 18:31:42 -0800 [thread overview]
Message-ID: <Z6wIDsbjt2ZaiX0I@google.com> (raw)
In-Reply-To: <20250203223205.36121-10-prsampat@amd.com>
On Mon, Feb 03, 2025, Pratik R. Sampat wrote:
> @@ -217,5 +244,20 @@ int main(int argc, char *argv[])
> }
> }
>
> + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) {
> + uint64_t snp_policy = snp_default_policy();
> +
> + test_snp(snp_policy);
> + /* Test minimum firmware level */
> + test_snp(snp_policy | SNP_FW_VER_MAJOR(SNP_MIN_API_MAJOR) |
> + SNP_FW_VER_MINOR(SNP_MIN_API_MINOR));
Ah, this is where the firmware policy stuff is used. Refresh me, can userspace
request _any_ major/minor as the min, and expect failure if the version isn't
supported? If so, the test should iterate over the major/minor combinations that
are guaranteed to fail. And if userspace can query the supported minor/major,
the test should iterate over all the happy versions too.
Unless there's nothing interesting to test, I would move the major/minor stuff to
a separate patch.
> +
> + test_snp_shutdown(snp_policy);
> +
> + if (kvm_has_cap(KVM_CAP_XCRS) &&
> + (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask)
> + test_sync_vmsa_snp(snp_policy);
This is all copy+paste from SEV-ES tests, minus SEV_POLICY_NO_DBG. There's gotta
be a way to dedup this code.
Something like this?
static void needs_a_better_name(uint32_t type, uint64_t policy)
{
const u64 xf_mask = XFEATURE_MASK_X87_AVX;
test_sev(guest_sev_code, policy | SEV_POLICY_NO_DBG);
test_sev(guest_sev_code, policy);
if (type == KVM_X86_SEV_VM)
return;
test_sev_shutdown(policy);
if (kvm_has_cap(KVM_CAP_XCRS) &&
(xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) {
test_sync_vmsa(policy);
test_sync_vmsa(policy | SEV_POLICY_NO_DBG);
}
}
int main(int argc, char *argv[])
{
TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
needs_a_better_name(KVM_X86_SEV_VM, 0);
if (kvm_cpu_has(X86_FEATURE_SEV_ES))
needs_a_better_name(KVM_X86_SEV_ES_VM, 0);
if (kvm_cpu_has(X86_FEATURE_SEV_SNP))
needs_a_better_name(KVM_X86_SEV_SNP_VM, 0);
return 0;
}
next prev parent reply other threads:[~2025-02-12 2:31 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-03 22:31 [PATCH v6 0/9] Basic SEV-SNP Selftests Pratik R. Sampat
2025-02-03 22:31 ` [PATCH v6 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure Pratik R. Sampat
2025-02-12 1:54 ` Sean Christopherson
2025-02-14 18:07 ` Pratik Rajesh Sampat
2025-02-03 22:31 ` [PATCH v6 2/9] KVM: SEV: Disable SEV on platform init failure Pratik R. Sampat
2025-02-12 1:58 ` Sean Christopherson
2025-02-14 18:09 ` Pratik Rajesh Sampat
2025-02-03 22:31 ` [PATCH v6 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 4/9] KVM: selftests: Add VMGEXIT helper Pratik R. Sampat
2025-02-12 1:59 ` Sean Christopherson
2025-02-14 18:09 ` Pratik Rajesh Sampat
2025-02-03 22:32 ` [PATCH v6 5/9] KVM: selftests: Introduce SEV VM type check Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 6/9] KVM: selftests: Add library support for interacting with SNP Pratik R. Sampat
2025-02-12 2:12 ` Sean Christopherson
2025-02-14 18:12 ` Pratik Rajesh Sampat
2025-02-19 16:55 ` Sean Christopherson
2025-02-20 16:56 ` Pratik Rajesh Sampat
2025-02-03 22:32 ` [PATCH v6 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test Pratik R. Sampat
2025-02-12 2:31 ` Sean Christopherson [this message]
2025-02-14 18:14 ` Pratik Rajesh Sampat
2025-02-19 0:54 ` Sean Christopherson
2025-02-19 14:58 ` Pratik Rajesh Sampat
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z6wIDsbjt2ZaiX0I@google.com \
--to=seanjc@google.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=prsampat@amd.com \
--cc=shuah@kernel.org \
--cc=sraithal@amd.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.