From: Ackerley Tng <ackerleytng@google.com>
To: linux-kselftest@vger.kernel.org
Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com,
sagis@google.com, erdemaktas@google.com, afranji@google.com,
runanwang@google.com, shuah@kernel.org, drjones@redhat.com,
maz@kernel.org, bgardon@google.com, jmattson@google.com,
dmatlack@google.com, peterx@redhat.com, oupton@google.com,
ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com,
xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com,
eesposit@redhat.com, borntraeger@de.ibm.com,
eric.auger@redhat.com, wangyanan55@huawei.com,
aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com,
axelrasmussen@google.com, zhenzhong.duan@intel.com,
maciej.szmigiero@oracle.com, like.xu@linux.intel.com,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
Ackerley Tng <ackerleytng@google.com>
Subject: [RFC PATCH v3 07/31] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration
Date: Sat, 21 Jan 2023 00:15:18 +0000 [thread overview]
Message-ID: <20230121001542.2472357-8-ackerleytng@google.com> (raw)
In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com>
This also exercises the KVM_TDX_CAPABILITIES ioctl.
Suggested-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
---
.../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 75 ++++++++++++++++++-
1 file changed, 72 insertions(+), 3 deletions(-)
diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c
index 3564059c0b89b..2e9679d24a843 100644
--- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c
@@ -27,10 +27,9 @@ static char *tdx_cmd_str[] = {
};
#define TDX_MAX_CMD_STR (ARRAY_SIZE(tdx_cmd_str))
-static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data)
+static int _tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data)
{
struct kvm_tdx_cmd tdx_cmd;
- int r;
TEST_ASSERT(ioctl_no < TDX_MAX_CMD_STR, "Unknown TDX CMD : %d\n",
ioctl_no);
@@ -40,11 +39,63 @@ static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data)
tdx_cmd.flags = flags;
tdx_cmd.data = (uint64_t)data;
- r = ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+ return ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd);
+}
+
+static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data)
+{
+ int r;
+
+ r = _tdx_ioctl(fd, ioctl_no, flags, data);
TEST_ASSERT(r == 0, "%s failed: %d %d", tdx_cmd_str[ioctl_no], r,
errno);
}
+static struct kvm_tdx_capabilities *tdx_read_capabilities(void)
+{
+ int i;
+ int rc = -1;
+ int nr_cpuid_configs = 4;
+ struct kvm_tdx_capabilities *tdx_cap = NULL;
+ int kvm_fd;
+
+ kvm_fd = open_kvm_dev_path_or_exit();
+
+ do {
+ nr_cpuid_configs *= 2;
+
+ tdx_cap = realloc(
+ tdx_cap, sizeof(*tdx_cap) +
+ nr_cpuid_configs * sizeof(*tdx_cap->cpuid_configs));
+ TEST_ASSERT(tdx_cap != NULL,
+ "Could not allocate memory for tdx capability nr_cpuid_configs %d\n",
+ nr_cpuid_configs);
+
+ tdx_cap->nr_cpuid_configs = nr_cpuid_configs;
+ rc = _tdx_ioctl(kvm_fd, KVM_TDX_CAPABILITIES, 0, tdx_cap);
+ } while (rc < 0 && errno == E2BIG);
+
+ TEST_ASSERT(rc == 0, "KVM_TDX_CAPABILITIES failed: %d %d",
+ rc, errno);
+
+ pr_debug("tdx_cap: attrs: fixed0 0x%016llx fixed1 0x%016llx\n"
+ "tdx_cap: xfam fixed0 0x%016llx fixed1 0x%016llx\n",
+ tdx_cap->attrs_fixed0, tdx_cap->attrs_fixed1,
+ tdx_cap->xfam_fixed0, tdx_cap->xfam_fixed1);
+
+ for (i = 0; i < tdx_cap->nr_cpuid_configs; i++) {
+ const struct kvm_tdx_cpuid_config *config =
+ &tdx_cap->cpuid_configs[i];
+ pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08x ecx 0x%08x edx 0x%08x\n",
+ i, config->leaf, config->sub_leaf,
+ config->eax, config->ebx, config->ecx, config->edx);
+ }
+
+ close(kvm_fd);
+
+ return tdx_cap;
+}
+
#define XFEATURE_LBR 15
#define XFEATURE_XTILECFG 17
#define XFEATURE_XTILEDATA 18
@@ -90,6 +141,21 @@ static void tdx_apply_cpuid_restrictions(struct kvm_cpuid2 *cpuid_data)
}
}
+static void tdx_check_attributes(uint64_t attributes)
+{
+ struct kvm_tdx_capabilities *tdx_cap;
+
+ tdx_cap = tdx_read_capabilities();
+
+ /* TDX spec: any bits 0 in attrs_fixed0 must be 0 in attributes */
+ ASSERT_EQ(attributes & ~tdx_cap->attrs_fixed0, 0);
+
+ /* TDX spec: any bits 1 in attrs_fixed1 must be 1 in attributes */
+ ASSERT_EQ(attributes & tdx_cap->attrs_fixed1, tdx_cap->attrs_fixed1);
+
+ free(tdx_cap);
+}
+
static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes)
{
const struct kvm_cpuid2 *cpuid;
@@ -100,6 +166,9 @@ static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes)
cpuid = kvm_get_supported_cpuid();
memcpy(&init_vm.cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
+
+ tdx_check_attributes(attributes);
+
init_vm.attributes = attributes;
tdx_apply_cpuid_restrictions(&init_vm.cpuid);
--
2.39.0.246.g2a6d74b583-goog
next prev parent reply other threads:[~2023-01-21 0:17 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-21 0:15 [RFC PATCH v3 00/31] TDX KVM selftests Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 01/31] KVM: selftests: Add function to allow one-to-one GVA to GPA mappings Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 02/31] KVM: selftests: Add support for creating non-default type VMs Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 03/31] KVM: selftests: Expose function that sets up sregs based on VM's mode Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 04/31] KVM: selftests: Store initial stack address in struct kvm_vcpu Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 05/31] KVM: selftests: Refactor steps in vCPU descriptor table initialization Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 06/31] KVM: selftests: Add helper functions to create TDX VMs Ackerley Tng
2023-01-21 0:15 ` Ackerley Tng [this message]
2023-01-21 0:15 ` [RFC PATCH v3 08/31] KVM: selftests: Require GCC to realign stacks on function entry Ackerley Tng
2023-01-21 0:27 ` Sean Christopherson
2023-01-23 18:30 ` Erdem Aktas
2023-01-23 18:50 ` Maciej S. Szmigiero
2023-01-23 18:53 ` Sean Christopherson
2023-01-24 0:04 ` Erdem Aktas
2023-01-24 1:21 ` Sean Christopherson
2023-02-15 0:50 ` Ackerley Tng
2023-02-15 18:44 ` Maciej S. Szmigiero
2023-02-15 22:19 ` Sean Christopherson
2023-02-15 22:24 ` Sean Christopherson
2023-02-17 18:57 ` Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 09/31] KVM: selftests: TDX: Add TDX lifecycle test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 10/31] KVM: selftests: TDX: Add report_fatal_error test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 11/31] KVM: selftests: TDX: Adding test case for TDX port IO Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 12/31] KVM: selftests: TDX: Add basic TDX CPUID test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 13/31] KVM: selftests: TDX: Add basic get_td_vmcall_info test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 14/31] KVM: selftests: TDX: Add TDX IO writes test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 15/31] KVM: selftests: TDX: Add TDX IO reads test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 16/31] KVM: selftests: TDX: Add TDX MSR read/write tests Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 17/31] KVM: selftests: TDX: Add TDX HLT exit test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 18/31] KVM: selftests: TDX: Add TDX MMIO reads test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 19/31] KVM: selftests: TDX: Add TDX MMIO writes test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 20/31] KVM: selftests: TDX: Add TDX CPUID TDVMCALL test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 21/31] KVM: selftests: TDX: Verify the behavior when host consumes a TD private memory Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 22/31] KVM: selftests: TDX: Add TDG.VP.INFO test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 23/31] KVM: selftests: Add functions to allow mapping as shared Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 24/31] KVM: selftests: TDX: Add shared memory test Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 25/31] KVM: selftests: Add support for restricted memory Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 26/31] KVM: selftests: TDX: Update load_td_memory_region for VM memory backed by restricted memfd Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 27/31] KVM: selftests: Expose _vm_vaddr_alloc Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 28/31] KVM: selftests: TDX: Add support for TDG.MEM.PAGE.ACCEPT Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 29/31] KVM: selftests: TDX: Add support for TDG.VP.VEINFO.GET Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 30/31] KVM: selftests: TDX: Add TDX UPM selftest Ackerley Tng
2023-01-21 0:15 ` [RFC PATCH v3 31/31] KVM: selftests: TDX: Add TDX UPM selftests for implicit conversion Ackerley Tng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230121001542.2472357-8-ackerleytng@google.com \
--to=ackerleytng@google.com \
--cc=aaronlewis@google.com \
--cc=afranji@google.com \
--cc=axelrasmussen@google.com \
--cc=bgardon@google.com \
--cc=borntraeger@de.ibm.com \
--cc=dmatlack@google.com \
--cc=drjones@redhat.com \
--cc=eesposit@redhat.com \
--cc=erdemaktas@google.com \
--cc=eric.auger@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=like.xu@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=maciej.szmigiero@oracle.com \
--cc=marcorr@google.com \
--cc=maz@kernel.org \
--cc=oupton@google.com \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=pgonda@google.com \
--cc=pshier@google.com \
--cc=ricarkol@google.com \
--cc=runanwang@google.com \
--cc=sagis@google.com \
--cc=seanjc@google.com \
--cc=shuah@kernel.org \
--cc=vkuznets@redhat.com \
--cc=wangyanan55@huawei.com \
--cc=wei.w.wang@intel.com \
--cc=xiaoyao.li@intel.com \
--cc=yang.zhong@intel.com \
--cc=zhenzhong.duan@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox