From: Paolo Bonzini <pbonzini@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: kvm <kvm@vger.kernel.org>, Bandan Das <bsd@redhat.com>
Subject: Re: [PATCH v3 5/6] VMX: Validate capability MSRs
Date: Wed, 18 Jun 2014 11:38:22 +0200 [thread overview]
Message-ID: <53A15E0E.4030500@redhat.com> (raw)
In-Reply-To: <53A12454.7@siemens.com>
Il 18/06/2014 07:32, Jan Kiszka ha scritto:
> Check for required-0 or required-1 bits as well as known field value
> restrictions. Also check the consistency between VMX_*_CTLS and
> VMX_TRUE_*_CTLS and between CR0/4_FIXED0 and CR0/4_FIXED1.
>
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> ---
>
> Changes in v3:
> - integrated suggestions of Paolo
>
> x86/vmx.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
> x86/vmx.h | 5 +++--
> 2 files changed, 76 insertions(+), 3 deletions(-)
>
> diff --git a/x86/vmx.c b/x86/vmx.c
> index f01e443..5bb5969 100644
> --- a/x86/vmx.c
> +++ b/x86/vmx.c
> @@ -661,6 +661,77 @@ static void test_vmptrst(void)
> report("test vmptrst", (!ret) && (vmcs1 == vmcs2));
> }
>
> +struct vmx_ctl_msr {
> + const char *name;
> + u32 index, true_index;
> + u32 default1;
> +} vmx_ctl_msr[] = {
> + { "MSR_IA32_VMX_PINBASED_CTLS", MSR_IA32_VMX_PINBASED_CTLS,
> + MSR_IA32_VMX_TRUE_PIN, 0x16 },
> + { "MSR_IA32_VMX_PROCBASED_CTLS", MSR_IA32_VMX_PROCBASED_CTLS,
> + MSR_IA32_VMX_TRUE_PROC, 0x401e172 },
> + { "MSR_IA32_VMX_PROCBASED_CTLS2", MSR_IA32_VMX_PROCBASED_CTLS2,
> + MSR_IA32_VMX_PROCBASED_CTLS2, 0 },
> + { "MSR_IA32_VMX_EXIT_CTLS", MSR_IA32_VMX_EXIT_CTLS,
> + MSR_IA32_VMX_TRUE_EXIT, 0x36dff },
> + { "MSR_IA32_VMX_ENTRY_CTLS", MSR_IA32_VMX_ENTRY_CTLS,
> + MSR_IA32_VMX_TRUE_ENTRY, 0x11ff },
> +};
> +
> +static void test_vmx_caps(void)
> +{
> + u64 val, default1, fixed0, fixed1;
> + union vmx_ctrl_msr ctrl, true_ctrl;
> + unsigned int n;
> + bool ok;
> +
> + printf("\nTest suite: VMX capability reporting\n");
> +
> + report("MSR_IA32_VMX_BASIC",
> + (basic.revision & (1ul << 31)) == 0 &&
> + basic.size > 0 && basic.size <= 4096 &&
> + (basic.type == 0 || basic.type == 6) &&
> + basic.reserved1 == 0 && basic.reserved2 == 0);
> +
> + val = rdmsr(MSR_IA32_VMX_MISC);
> + report("MSR_IA32_VMX_MISC",
> + (!(ctrl_cpu_rev[1].clr & CPU_URG) || val & (1ul << 5)) &&
> + ((val >> 16) & 0x1ff) <= 256 &&
> + (val & 0xc0007e00) == 0);
> +
> + for (n = 0; n < ARRAY_SIZE(vmx_ctl_msr); n++) {
> + ctrl.val = rdmsr(vmx_ctl_msr[n].index);
> + default1 = vmx_ctl_msr[n].default1;
> + ok = (ctrl.set & default1) == default1;
> + ok = ok && (ctrl.set & ~ctrl.clr) == 0;
> + if (ok && basic.ctrl) {
> + true_ctrl.val = rdmsr(vmx_ctl_msr[n].true_index);
> + ok = ctrl.clr == true_ctrl.clr;
> + ok = ok && ctrl.set == (true_ctrl.set | default1);
> + }
> + report(vmx_ctl_msr[n].name, ok);
> + }
> +
> + fixed0 = rdmsr(MSR_IA32_VMX_CR0_FIXED0);
> + fixed1 = rdmsr(MSR_IA32_VMX_CR0_FIXED1);
> + report("MSR_IA32_VMX_IA32_VMX_CR0_FIXED0/1",
> + ((fixed0 ^ fixed1) & ~fixed1) == 0);
> +
> + fixed0 = rdmsr(MSR_IA32_VMX_CR4_FIXED0);
> + fixed1 = rdmsr(MSR_IA32_VMX_CR4_FIXED1);
> + report("MSR_IA32_VMX_IA32_VMX_CR4_FIXED0/1",
> + ((fixed0 ^ fixed1) & ~fixed1) == 0);
> +
> + val = rdmsr(MSR_IA32_VMX_VMCS_ENUM);
> + report("MSR_IA32_VMX_VMCS_ENUM",
> + (val & 0x3e) >= 0x2a &&
> + (val & 0xfffffffffffffc01Ull) == 0);
> +
> + val = rdmsr(MSR_IA32_VMX_EPT_VPID_CAP);
> + report("MSR_IA32_VMX_EPT_VPID_CAP",
> + (val & 0xfffff07ef9eebebeUll) == 0);
> +}
> +
> /* This function can only be called in guest */
> static void __attribute__((__used__)) hypercall(u32 hypercall_no)
> {
> @@ -803,7 +874,7 @@ static int test_run(struct vmx_test *test)
> regs = test->guest_regs;
> vmcs_write(GUEST_RFLAGS, regs.rflags | 0x2);
> launched = 0;
> - printf("\nTest suite : %s\n", test->name);
> + printf("\nTest suite: %s\n", test->name);
> vmx_run();
> if (vmx_off()) {
> printf("%s : vmxoff failed.\n", __func__);
> @@ -842,6 +913,7 @@ int main(void)
> goto exit;
> }
> test_vmxoff();
> + test_vmx_caps();
>
> while (vmx_tests[++i].name != NULL)
> if (test_run(&vmx_tests[i]))
> diff --git a/x86/vmx.h b/x86/vmx.h
> index 00f2842..87457b1 100644
> --- a/x86/vmx.h
> +++ b/x86/vmx.h
> @@ -46,12 +46,13 @@ union vmx_basic {
> struct {
> u32 revision;
> u32 size:13,
> - : 3,
> + reserved1: 3,
> width:1,
> dual:1,
> type:4,
> insouts:1,
> - ctrl:1;
> + ctrl:1,
> + reserved2:8;
> };
> };
>
>
Thanks,
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
next prev parent reply other threads:[~2014-06-18 9:38 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-17 7:04 [PATCH v2 0/6] kvm-unit-tests: more instr. interceptions, debug control migration Jan Kiszka
2014-06-17 7:04 ` [PATCH v2 1/6] VMX: Add tests for CR3 and CR8 interception Jan Kiszka
2014-06-17 7:41 ` Paolo Bonzini
2014-06-17 7:42 ` Jan Kiszka
2014-06-17 7:04 ` [PATCH v2 2/6] VMX: Rework test stage interface Jan Kiszka
2014-06-17 7:04 ` [PATCH v2 3/6] VMX: Test both interception and execution of instructions Jan Kiszka
2014-06-17 7:04 ` [PATCH v2 4/6] VMX: Unify vmx_ctrl_* unions to vmx_ctrl_msr Jan Kiszka
2014-06-17 7:04 ` [PATCH v2 5/6] VMX: Validate capability MSRs Jan Kiszka
2014-06-17 8:00 ` Paolo Bonzini
2014-06-18 5:32 ` [PATCH v3 " Jan Kiszka
2014-06-18 9:38 ` Paolo Bonzini [this message]
2014-06-17 7:04 ` [PATCH v2 6/6] VMX: Test behavior on set and cleared save/load debug controls Jan Kiszka
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53A15E0E.4030500@redhat.com \
--to=pbonzini@redhat.com \
--cc=bsd@redhat.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox