Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/tools/testing/selftests/kvm/x86/sev_init2_tests.c
38245 views
1
// SPDX-License-Identifier: GPL-2.0-only

2
#include <linux/kvm.h>

3
#include <linux/psp-sev.h>

4
#include <stdio.h>

5
#include <sys/ioctl.h>

6
#include <stdlib.h>

7
#include <errno.h>

8
#include <pthread.h>

9


10
#include "test_util.h"

11
#include "kvm_util.h"

12
#include "processor.h"

13
#include "svm_util.h"

14
#include "kselftest.h"

15


16
#define SVM_SEV_FEAT_DEBUG_SWAP 32u

17


18
/*

19
 * Some features may have hidden dependencies, or may only work

20
 * for certain VM types.  Err on the side of safety and don't

21
 * expect that all supported features can be passed one by one

22
 * to KVM_SEV_INIT2.

23
 *

24
 * (Well, right now there's only one...)

25
 */

26
#define KNOWN_FEATURES SVM_SEV_FEAT_DEBUG_SWAP

27


28
int kvm_fd;

29
u64 supported_vmsa_features;

30
bool have_sev_es;

31
bool have_snp;

32


33
static int __sev_ioctl(int vm_fd, int cmd_id, void *data)

34
{

35
	struct kvm_sev_cmd cmd = {

36
		.id = cmd_id,

37
		.data = (uint64_t)data,

38
		.sev_fd = open_sev_dev_path_or_exit(),

39
	};

40
	int ret;

41


42
	ret = ioctl(vm_fd, KVM_MEMORY_ENCRYPT_OP, &cmd);

43
	TEST_ASSERT(ret < 0 || cmd.error == SEV_RET_SUCCESS,

44
		    "%d failed: fw error: %d\n",

45
		    cmd_id, cmd.error);

46


47
	return ret;

48
}

49


50
static void test_init2(unsigned long vm_type, struct kvm_sev_init *init)

51
{

52
	struct kvm_vm *vm;

53
	int ret;

54


55
	vm = vm_create_barebones_type(vm_type);

56
	ret = __sev_ioctl(vm->fd, KVM_SEV_INIT2, init);

57
	TEST_ASSERT(ret == 0,

58
		    "KVM_SEV_INIT2 return code is %d (expected 0), errno: %d",

59
		    ret, errno);

60
	kvm_vm_free(vm);

61
}

62


63
static void test_init2_invalid(unsigned long vm_type, struct kvm_sev_init *init, const char *msg)

64
{

65
	struct kvm_vm *vm;

66
	int ret;

67


68
	vm = vm_create_barebones_type(vm_type);

69
	ret = __sev_ioctl(vm->fd, KVM_SEV_INIT2, init);

70
	TEST_ASSERT(ret == -1 && errno == EINVAL,

71
		    "KVM_SEV_INIT2 should fail, %s.",

72
		    msg);

73
	kvm_vm_free(vm);

74
}

75


76
void test_vm_types(void)

77
{

78
	test_init2(KVM_X86_SEV_VM, &(struct kvm_sev_init){});

79


80
	/*

81
	 * TODO: check that unsupported types cannot be created.  Probably

82
	 * a separate selftest.

83
	 */

84
	if (have_sev_es)

85
		test_init2(KVM_X86_SEV_ES_VM, &(struct kvm_sev_init){});

86


87
	if (have_snp)

88
		test_init2(KVM_X86_SNP_VM, &(struct kvm_sev_init){});

89


90
	test_init2_invalid(0, &(struct kvm_sev_init){},

91
			   "VM type is KVM_X86_DEFAULT_VM");

92
	if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM))

93
		test_init2_invalid(KVM_X86_SW_PROTECTED_VM, &(struct kvm_sev_init){},

94
				   "VM type is KVM_X86_SW_PROTECTED_VM");

95
}

96


97
void test_flags(uint32_t vm_type)

98
{

99
	int i;

100


101
	for (i = 0; i < 32; i++)

102
		test_init2_invalid(vm_type,

103
			&(struct kvm_sev_init){ .flags = BIT(i) },

104
			"invalid flag");

105
}

106


107
void test_features(uint32_t vm_type, uint64_t supported_features)

108
{

109
	int i;

110


111
	for (i = 0; i < 64; i++) {

112
		if (!(supported_features & BIT_ULL(i)))

113
			test_init2_invalid(vm_type,

114
				&(struct kvm_sev_init){ .vmsa_features = BIT_ULL(i) },

115
				"unknown feature");

116
		else if (KNOWN_FEATURES & BIT_ULL(i))

117
			test_init2(vm_type,

118
				&(struct kvm_sev_init){ .vmsa_features = BIT_ULL(i) });

119
	}

120
}

121


122
int main(int argc, char *argv[])

123
{

124
	int kvm_fd = open_kvm_dev_path_or_exit();

125
	bool have_sev;

126


127
	TEST_REQUIRE(__kvm_has_device_attr(kvm_fd, KVM_X86_GRP_SEV,

128
					   KVM_X86_SEV_VMSA_FEATURES) == 0);

129
	kvm_device_attr_get(kvm_fd, KVM_X86_GRP_SEV,

130
			    KVM_X86_SEV_VMSA_FEATURES,

131
			    &supported_vmsa_features);

132


133
	have_sev = kvm_cpu_has(X86_FEATURE_SEV);

134
	TEST_ASSERT(have_sev == !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_VM)),

135
		    "sev: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",

136
		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_VM);

137


138
	TEST_REQUIRE(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_VM));

139
	have_sev_es = kvm_cpu_has(X86_FEATURE_SEV_ES);

140


141
	TEST_ASSERT(have_sev_es == !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SEV_ES_VM)),

142
		    "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",

143
		    kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM);

144


145
	have_snp = kvm_cpu_has(X86_FEATURE_SEV_SNP);

146
	TEST_ASSERT(have_snp == !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM)),

147
		    "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but CPUID does not",

148
		    kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM);

149


150
	test_vm_types();

151


152
	test_flags(KVM_X86_SEV_VM);

153
	if (have_sev_es)

154
		test_flags(KVM_X86_SEV_ES_VM);

155
	if (have_snp)

156
		test_flags(KVM_X86_SNP_VM);

157


158
	test_features(KVM_X86_SEV_VM, 0);

159
	if (have_sev_es)

160
		test_features(KVM_X86_SEV_ES_VM, supported_vmsa_features);

161
	if (have_snp)

162
		test_features(KVM_X86_SNP_VM, supported_vmsa_features);

163


164
	return 0;

165
}

166


167