From: Sean Christopherson <seanjc@google.com>
To: Pratik Rajesh Sampat <prsampat@amd.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
kvm@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kselftest@vger.kernel.org, pbonzini@redhat.com,
thomas.lendacky@amd.com, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, shuah@kernel.org,
pgonda@google.com, ashish.kalra@amd.com, nikunj@amd.com,
pankaj.gupta@amd.com, michael.roth@amd.com, sraithal@amd.com
Subject: Re: [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test
Date: Tue, 18 Feb 2025 16:54:52 -0800 [thread overview]
Message-ID: <Z7Ur3HyM15vFBEvR@google.com> (raw)
In-Reply-To: <e3136d20-977a-4e2d-ad7b-c04be1dca1db@amd.com>
On Fri, Feb 14, 2025, Pratik Rajesh Sampat wrote:
>
>
> On 2/11/25 8:31 PM, Sean Christopherson wrote:
> > On Mon, Feb 03, 2025, Pratik R. Sampat wrote:
> >> @@ -217,5 +244,20 @@ int main(int argc, char *argv[])
> >> }
> >> }
> >>
> >> + if (kvm_cpu_has(X86_FEATURE_SEV_SNP)) {
> >> + uint64_t snp_policy = snp_default_policy();
> >> +
> >> + test_snp(snp_policy);
> >> + /* Test minimum firmware level */
> >> + test_snp(snp_policy | SNP_FW_VER_MAJOR(SNP_MIN_API_MAJOR) |
> >> + SNP_FW_VER_MINOR(SNP_MIN_API_MINOR));
> >
> > Ah, this is where the firmware policy stuff is used. Refresh me, can userspace
> > request _any_ major/minor as the min, and expect failure if the version isn't
> > supported? If so, the test should iterate over the major/minor combinations that
> > are guaranteed to fail. And if userspace can query the supported minor/major,
> > the test should iterate over all the happy versions too.
> >
>
> Yes, any policy greater than the min policy (defined in sev-dev.c)
> should be supported. The sad path tests were intended to be added in the
> upcoming negative test patch series so that we could have the proper
> infrastructure to handle and report failures.
>
> > Unless there's nothing interesting to test, I would move the major/minor stuff to
> > a separate patch.
>
> Would you rather prefer I do the happy tests here (something like -
> min_policy and min_policy + 1?) and defer the failure tests for the
> next patchset? Or, I can remove policy testing from here entirely and
> introduce it only when the sad path testing infrastructure is ready, so
> that we can test this completely at once?
Let's do the latter. For the initial series, do the bare minimum so that we can
get that merged, and then focus on the min API version stuff in a separate series.
The version testing shouldn't be terribly complex, but it doesn't seem like it's
entirely trivial either, and I don't want it to block the base SNP support.
next prev parent reply other threads:[~2025-02-19 0:54 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-03 22:31 [PATCH v6 0/9] Basic SEV-SNP Selftests Pratik R. Sampat
2025-02-03 22:31 ` [PATCH v6 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure Pratik R. Sampat
2025-02-12 1:54 ` Sean Christopherson
2025-02-14 18:07 ` Pratik Rajesh Sampat
2025-02-03 22:31 ` [PATCH v6 2/9] KVM: SEV: Disable SEV on platform init failure Pratik R. Sampat
2025-02-12 1:58 ` Sean Christopherson
2025-02-14 18:09 ` Pratik Rajesh Sampat
2025-02-03 22:31 ` [PATCH v6 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 4/9] KVM: selftests: Add VMGEXIT helper Pratik R. Sampat
2025-02-12 1:59 ` Sean Christopherson
2025-02-14 18:09 ` Pratik Rajesh Sampat
2025-02-03 22:32 ` [PATCH v6 5/9] KVM: selftests: Introduce SEV VM type check Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 6/9] KVM: selftests: Add library support for interacting with SNP Pratik R. Sampat
2025-02-12 2:12 ` Sean Christopherson
2025-02-14 18:12 ` Pratik Rajesh Sampat
2025-02-19 16:55 ` Sean Christopherson
2025-02-20 16:56 ` Pratik Rajesh Sampat
2025-02-03 22:32 ` [PATCH v6 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type Pratik R. Sampat
2025-02-03 22:32 ` [PATCH v6 9/9] KVM: selftests: Add a basic SEV-SNP smoke test Pratik R. Sampat
2025-02-12 2:31 ` Sean Christopherson
2025-02-14 18:14 ` Pratik Rajesh Sampat
2025-02-19 0:54 ` Sean Christopherson [this message]
2025-02-19 14:58 ` Pratik Rajesh Sampat
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z7Ur3HyM15vFBEvR@google.com \
--to=seanjc@google.com \
--cc=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=nikunj@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=prsampat@amd.com \
--cc=shuah@kernel.org \
--cc=sraithal@amd.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).