Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp4713345rwe; Tue, 30 Aug 2022 15:45:31 -0700 (PDT) X-Google-Smtp-Source: AA6agR6cLwWp0QWSMlkJRO4EsMjf0fVXILMk8cHTOTOGz9GjkC6XJZMys9fwnfEYHKQvO0nFekXx X-Received: by 2002:a50:a6c5:0:b0:448:40b:6c51 with SMTP id f5-20020a50a6c5000000b00448040b6c51mr16162228edc.78.1661899531475; Tue, 30 Aug 2022 15:45:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661899531; cv=none; d=google.com; s=arc-20160816; b=Cka+oDUL1GSQamajfo5kZES3Tx1UmoQl/2/r9SoRy+cOkJ879zja7n7qwgS3lVh2AL XmcFtbDv4yL2gahxou3tut+375JgvqYZlzDRY+sl7srwLks9S96izGcI4xtz9wX/SoYo lcL0SGvX/W6JOlZGV9P/9szJC66clR2PLWml1zc3P24hPNl0qUU7k07sSTppR1U+6pkb TpMW00ERThwZ19LnDu7EZuGJ2+iwRc/1leny1PWg+uz8repBSXm1qr9yHjuKYcNRtahv Zkk0lKxyc3V8Gk5W8Aoq8Y5YdamPwjfrwUlMGA3CCEm1p7Pdf0WPiKXkMyjhUrcSpMxv VW+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=2AzASQeU88APEljBXBn0RNVGXW+shwwgUtawD6/ADN8=; b=OQVyigwLlYyGYQG3d2S94Wy4o8a57/L1eZJv+xUgSnMnHo1Z6Dmxnnvu1qqMA3hEXc ZOLlcyrrxBHHKIcHENgoM9ZfzWNrgLEs6KCLeldk8Ts5jXQzWcTDws2KHvwl4HTApg7O uCfT0ZWCTz1xCnKN3aQxwYK1tRdk0nfvCx66m2YG8fdmjyl9tRDwru8Af6AE3Ja0/trS iE5dEodSdURYUA+kNn3zcAM8l/X9SLzFvQpGFIrctFBsclW23mAYam+vKrxO2qf5W/t/ hhW3VaNs9daMPUR/YOPr5iCIPCMr9G4tndpxGvz6/s+nYbsV95fGvM1sP5YLgSdryjQa uTeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XxqBa5YU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hc38-20020a17090716a600b007341ad4b028si12098214ejc.642.2022.08.30.15.45.06; Tue, 30 Aug 2022 15:45:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=XxqBa5YU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231997AbiH3WWV (ORCPT + 99 others); Tue, 30 Aug 2022 18:22:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231801AbiH3WVy (ORCPT ); Tue, 30 Aug 2022 18:21:54 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E61D982D2E for ; Tue, 30 Aug 2022 15:20:56 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id 125-20020a621483000000b0053814ac4b8bso3400638pfu.16 for ; Tue, 30 Aug 2022 15:20:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date; bh=2AzASQeU88APEljBXBn0RNVGXW+shwwgUtawD6/ADN8=; b=XxqBa5YUPEuIofhtRPgfQP1Gp7yJBPrhB27iJVTj5hKg2qUgSwojvxOwPl1mqNddVk EvLfXqPC7nzUVlzuvW0kzXSJdPKfu576AOZ5UZcRRd44IzixhkQfNSVGLTbFEsotJ7lH w3kaELzdP+sFBMynBIe9kYmybdDrc3m8ps34xZ5UhYxfLTX0FN/ZbNvQOunYsj/1WVry PC8RvwlhuKpik45jWpSrhGU/4j/BmLkbdRUaMDB4p42YF9ICdlsSwc+afhYAIpKsHdVF dW2yEJqpRTTGVXnkT+Ps0wMPO1gfjvZxwFJXci6mZ2WCAg9f0kkjjIbF/j3X/dSTmaYl RgJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date; bh=2AzASQeU88APEljBXBn0RNVGXW+shwwgUtawD6/ADN8=; b=55GLCW+8OnzQ14EES+LghfdLEqtkBnrlWyKLx6wROF8bxm4oeAhC8nArAK7FwtPbQh OhCwCA/ih7KEvpgx5OfNI1xcqiFARIOhhejUpcWw6T3IwiGR4s0W6AMaP3foC7khOQXX OkNAkbdkApukjq2cRhKctkh7JwBJe6chcs/PSvUbHmu2FSVN+4lLpq9SzgyXbeRJN2IA QEXtG6NkCTmihHWZiAsjbUe4/j+LPP4am9KuNSbyXPRKvIjDIgcwNEOhcZtHbXDy3Rgk ca33V9gERUqWtSrhH9xWKjh5bBA5o0ssht/FEnWGxzofz3s/14MMRVHak4uNVURZRaoq YiDg== X-Gm-Message-State: ACgBeo17sRByW4khjik5zZ6iRUetwmiwRi+kR1Oj40p7upgIxwmPpAuw ORB+MxHqZTD1yccg9Ix6JqRYyM3/RA== X-Received: from sagi.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:241b]) (user=sagis job=sendgmr) by 2002:a05:6a00:acc:b0:530:e79e:fc27 with SMTP id c12-20020a056a000acc00b00530e79efc27mr23466087pfl.61.1661898031820; Tue, 30 Aug 2022 15:20:31 -0700 (PDT) Date: Tue, 30 Aug 2022 22:19:58 +0000 In-Reply-To: <20220830222000.709028-1-sagis@google.com> Mime-Version: 1.0 References: <20220830222000.709028-1-sagis@google.com> X-Mailer: git-send-email 2.37.2.789.g6183377224-goog Message-ID: <20220830222000.709028-16-sagis@google.com> Subject: [RFC PATCH v2 15/17] KVM: selftest: TDX: Verify the behavior when host consumes a TD private memory From: Sagi Shahar To: linux-kselftest@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Isaku Yamahata , Sagi Shahar , Erdem Aktas , Ryan Afranji , Roger Wang , Shuah Khan , Andrew Jones , Marc Zyngier , Ben Gardon , Jim Mattson , David Matlack , Peter Xu , Oliver Upton , Ricardo Koller , Yang Zhong , Wei Wang , Xiaoyao Li , Peter Gonda , Marc Orr , Emanuele Giuseppe Esposito , Christian Borntraeger , Eric Auger , Yanan Wang , Aaron Lewis , Vitaly Kuznetsov , Peter Shier , Axel Rasmussen , Zhenzhong Duan , "Maciej S . Szmigiero" , Like Xu , linux-kernel@vger.kernel.org, kvm@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Ryan Afranji The test checks that host can only read fixed values when trying to access the guest's private memory. Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar --- .../selftests/kvm/x86_64/tdx_vm_tests.c | 93 +++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c index 934f2f7a5df9..1776b39b7d9e 100644 --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c @@ -1274,6 +1274,98 @@ void verify_mmio_writes(void) printf("\t ... PASSED\n"); } +TDX_GUEST_FUNCTION(guest_host_read_priv_mem) +{ + uint64_t guest_var = 0xABCD; + uint64_t ret; + + /* Sends address to host. */ + ret = tdvm_report_64bit_to_user_space((uint64_t)&guest_var); + if (ret) + tdvmcall_fatal(ret); + + /* Update guest_var's value and have host reread it. */ + guest_var = 0xFEDC; + + tdvmcall_success(); +} + +void verify_host_reading_private_mem(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + struct userspace_mem_region *region; + uint64_t guest_var_addr; + uint64_t host_virt; + uint64_t first_host_read; + uint64_t second_host_read; + int ctr; + + printf("Verifying host's behavior when reading TD private memory:\n"); + /* Create a TD VM with no memory. */ + vm = vm_create_tdx(); + + /* Allocate TD guest memory and initialize the TD. */ + initialize_td(vm); + + /* Initialize the TD vcpu and copy the test code to the guest memory. */ + vcpu = vm_vcpu_add_tdx(vm, 0); + + /* Setup and initialize VM memory. */ + prepare_source_image(vm, guest_host_read_priv_mem, + TDX_FUNCTION_SIZE(guest_host_read_priv_mem), 0); + finalize_td_memory(vm); + + /* Get the address of the guest's variable. */ + vcpu_run(vcpu); + CHECK_GUEST_FAILURE(vcpu); + printf("\t ... Guest's variable contains 0xABCD\n"); + + /* Guest virtual and guest physical addresses have 1:1 mapping. */ + guest_var_addr = read_64bit_from_guest(vcpu, TDX_DATA_REPORT_PORT); + + /* Search for the guest's address in guest's memory regions. */ + host_virt = 0; + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + uint64_t offset; + uint64_t host_virt_base; + uint64_t guest_base; + + guest_base = (uint64_t)region->region.guest_phys_addr; + offset = guest_var_addr - guest_base; + + if (guest_base <= guest_var_addr && + offset <= region->region.memory_size) { + host_virt_base = (uint64_t)region->host_mem; + host_virt = host_virt_base + offset; + break; + } + } + TEST_ASSERT(host_virt != 0, + "Guest address not found in guest memory regions\n"); + + /* Host reads guest's variable. */ + first_host_read = *(uint64_t *)host_virt; + printf("\t ... Host's read attempt value: %lu\n", first_host_read); + + /* Guest updates variable and host rereads it. */ + vcpu_run(vcpu); + CHECK_GUEST_FAILURE(vcpu); + printf("\t ... Guest's variable updated to 0xFEDC\n"); + + second_host_read = *(uint64_t *)host_virt; + printf("\t ... Host's second read attempt value: %lu\n", + second_host_read); + + TEST_ASSERT(first_host_read == second_host_read, + "Host did not read a fixed pattern\n"); + + printf("\t ... Fixed pattern was returned to the host\n"); + + kvm_vm_free(vm); + printf("\t ... PASSED\n"); +} + int main(int argc, char **argv) { if (!is_tdx_enabled()) { @@ -1294,6 +1386,7 @@ int main(int argc, char **argv) run_in_new_process(&verify_guest_hlt); run_in_new_process(&verify_mmio_reads); run_in_new_process(&verify_mmio_writes); + run_in_new_process(&verify_host_reading_private_mem); return 0; } -- 2.37.2.789.g6183377224-goog