Re: [PATCH] KVM: selftests: Add SEV-ES shutdown test

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sean Christopherson <seanjc@google.com>
To: Peter Gonda <pgonda@google.com>
Cc: kvm@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	 Alper Gun <alpergun@google.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	 Michael Roth <michael.roth@amd.com>,
	linux-kselftest@vger.kernel.org
Subject: Re: [PATCH] KVM: selftests: Add SEV-ES shutdown test
Date: Thu, 29 Aug 2024 19:36:56 -0700	[thread overview]
Message-ID: <ZtEwSOzeAEuzpLpy@google.com> (raw)
In-Reply-To: <20240709182936.146487-1-pgonda@google.com>

On Tue, Jul 09, 2024, Peter Gonda wrote:
> Regression test for ae20eef5 ("KVM: SVM: Update SEV-ES shutdown intercepts
> with more metadata"). Test confirms userspace is correctly indicated of
> a guest shutdown not previous behavior of an EINVAL from KVM_RUN.
> 
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Sean Christopherson <seanjc@google.com>
> Cc: Alper Gun <alpergun@google.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: kvm@vger.kernel.org
> Cc: linux-kselftest@vger.kernel.org
> Signed-off-by: Peter Gonda <pgonda@google.com>
> 
> ---
>  .../selftests/kvm/x86_64/sev_smoke_test.c     | 26 +++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> index 7c70c0da4fb74..04f24d5f09877 100644
> --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> @@ -160,6 +160,30 @@ static void test_sev(void *guest_code, uint64_t policy)
>  	kvm_vm_free(vm);
>  }
>  
> +static void guest_shutdown_code(void)
> +{
> +	__asm__ __volatile__("ud2");

Heh, this passes by dumb luck, not because the #UD itself causes a SHUTDOWN.  It
_looks_ like the #UD causes a shutdown, because KVM will always see the original
guest RIP, but the shutdown actually occurs somewhere in the ucall_assert() in
route_exception().

Now that x86 selftests install an IDT and exception handlers by default, it's
actually quite hard to induce shutdown.  Ok, not "hard", but it requires more
work than simply generating a #UD.

I'll add this as fixup when applying:

diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
index 04f24d5f0987..2e9197eb1652 100644
--- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
@@ -162,6 +162,12 @@ static void test_sev(void *guest_code, uint64_t policy)
 
 static void guest_shutdown_code(void)
 {
+       struct desc_ptr idt;
+
+       /* Clobber the IDT so that #UD is guaranteed to trigger SHUTDOWN. */
+       memset(&idt, 0, sizeof(idt));
+       __asm__ __volatile__("lidt %0" :: "m"(idt));
+
        __asm__ __volatile__("ud2");
 }

next prev parent reply	other threads:[~2024-08-30  2:36 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-09 18:29 [PATCH] KVM: selftests: Add SEV-ES shutdown test Peter Gonda
2024-07-11 16:19 ` Sampat, Pratik Rajesh
2024-07-11 16:37   ` Peter Gonda
2024-08-30  2:36 ` Sean Christopherson [this message]
2024-08-31  0:20 ` Sean Christopherson

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:04f24d5f098 dfblob:2e9197eb165 )
 OR (
bs:"Re: [PATCH] KVM: selftests: Add SEV-ES shutdown test" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZtEwSOzeAEuzpLpy@google.com \
    --to=seanjc@google.com \
    --cc=alpergun@google.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=michael.roth@amd.com \
    --cc=pbonzini@redhat.com \
    --cc=pgonda@google.com \
    --cc=thomas.lendacky@amd.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.