Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp3070140rwb; Mon, 19 Sep 2022 14:35:31 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5WNRJeiCFVOs3XrQ0Eu/VU3B7klllqpvooTNnv/UjkPfwL6HhUPK1c3XIyUdfKgLia4OwJ X-Received: by 2002:a17:902:e846:b0:178:64f:a57e with SMTP id t6-20020a170902e84600b00178064fa57emr1713944plg.40.1663623331448; Mon, 19 Sep 2022 14:35:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663623331; cv=none; d=google.com; s=arc-20160816; b=HDgi5x40M9w3X3kCetipN35KAFuCYP15jq61O89CmWxNIKE5MjRaof8rzAo/pxPDTA WMbrMqBD2BGIvZDnj60Ped714LBFw/bp1rXV+2gea+DZY3LRsw4fkidNUazbHK2Frhqx eirYMjafuv7xw3eC46+ctvQjFaSMv6TK+2mWAtuzEW4eNJnSK2pYDeciFmuxnOVU40pQ A9lpYJAoBgS4uK9mCbzivMuAP6sijfxpLA46WfzufmsOenrxC9lSGdRhfQWRC7NX0yCW fRNM1kZUSSSrDUFj4d6t/u4qW8M4HqWwxHdSy+XTeuMfe9SKnKm4L6QhjUwGHWvsZSRR IqJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:dkim-signature:date; bh=NQO1pumSa/KfMYi+Zrv7/FLFzatbUmZ/Js3onvV1Rf4=; b=0nQFWPgV/T0AcklFOdk7151t9g6lNfG5+QSj0iGDJNcM9jSGW+rTyqqowDN9bDdZaT R3Y8ETW4tEnQRxb+Wkq1xsY+Hf0tmiVyumihCnjqLEjbmQjEQWpAvQ/coCqDYeWCbAFo hl6NIO9mA/WPN8a/saGTDmLBMQTUQg1oVy6asubBtERXbW0XLbEKC1lPjrCko8NJknEp q9B4rsPwQVxXcg/LBpINDXF7MFwtg18Vyit2dxy2OQLFuWgpsnrC9NnymTiCldjYtb4u 01+q+Vl0VL2dlICYEGkDaa57I93EB1brefPV15mB5ekXjfAbml0SGsaMZHFeVZIa4GRZ v7tA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=uPvogrlZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id lx2-20020a17090b4b0200b00200a5e50091si15127621pjb.57.2022.09.19.14.35.19; Mon, 19 Sep 2022 14:35:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=uPvogrlZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229960AbiISVYG (ORCPT + 99 others); Mon, 19 Sep 2022 17:24:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229521AbiISVYF (ORCPT ); Mon, 19 Sep 2022 17:24:05 -0400 Received: from out1.migadu.com (out1.migadu.com [IPv6:2001:41d0:2:863f::]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0BC744CA3A; Mon, 19 Sep 2022 14:24:04 -0700 (PDT) Date: Mon, 19 Sep 2022 21:23:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1663622642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=NQO1pumSa/KfMYi+Zrv7/FLFzatbUmZ/Js3onvV1Rf4=; b=uPvogrlZEPm19kQ2OkUMqT5SWUP4Xqawx8ZuABCXpiJf8LcXs+aUJwmPohX7ZJjzZoppAg 61uQrbGrAF09GdIVf2FyjLSbBHhlB+0uaKRDRhrPQhz997WXg1eI57bTwTXgblGSNnlk3d kMk4JB32oZ3uzCPz9SmwEM+yadiqj7c= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Oliver Upton To: Sean Christopherson Cc: Paolo Bonzini , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Jones , Anup Patel , Atish Patra , Christian Borntraeger , Janosch Frank , Claudio Imbrenda Subject: Re: [PATCH 4/5] KVM: selftests: Explicitly verify KVM doesn't patch hypercall if quirk==off Message-ID: References: <20220908233134.3523339-1-seanjc@google.com> <20220908233134.3523339-5-seanjc@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220908233134.3523339-5-seanjc@google.com> X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 08, 2022 at 11:31:33PM +0000, Sean Christopherson wrote: > Explicitly verify that KVM doesn't patch in the native hypercall if the > FIX_HYPERCALL_INSN quirk is disabled. The test currently verifies that > a #UD occurred, but doesn't actually verify that no patching occurred. > > Signed-off-by: Sean Christopherson > --- > .../selftests/kvm/x86_64/fix_hypercall_test.c | 35 ++++++++++++++----- > 1 file changed, 26 insertions(+), 9 deletions(-) > > diff --git a/tools/testing/selftests/kvm/x86_64/fix_hypercall_test.c b/tools/testing/selftests/kvm/x86_64/fix_hypercall_test.c > index dde97be3e719..5925da3b3648 100644 > --- a/tools/testing/selftests/kvm/x86_64/fix_hypercall_test.c > +++ b/tools/testing/selftests/kvm/x86_64/fix_hypercall_test.c > @@ -21,8 +21,8 @@ static bool ud_expected; > > static void guest_ud_handler(struct ex_regs *regs) > { > - GUEST_ASSERT(ud_expected); > - GUEST_DONE(); > + regs->rax = -EFAULT; > + regs->rip += HYPERCALL_INSN_SIZE; > } > > extern unsigned char svm_hypercall_insn[HYPERCALL_INSN_SIZE]; > @@ -57,17 +57,18 @@ static void guest_main(void) > { > unsigned char *native_hypercall_insn, *hypercall_insn; > uint8_t apic_id; > + uint64_t ret; > > apic_id = GET_APIC_ID_FIELD(xapic_read_reg(APIC_ID)); > > if (is_intel_cpu()) { > native_hypercall_insn = vmx_hypercall_insn; > hypercall_insn = svm_hypercall_insn; > - svm_do_sched_yield(apic_id); > + ret = svm_do_sched_yield(apic_id); > } else if (is_amd_cpu()) { > native_hypercall_insn = svm_hypercall_insn; > hypercall_insn = vmx_hypercall_insn; > - vmx_do_sched_yield(apic_id); > + ret = vmx_do_sched_yield(apic_id); > } else { > GUEST_ASSERT(0); > /* unreachable */ > @@ -75,12 +76,28 @@ static void guest_main(void) > } > > /* > - * The hypercall didn't #UD (guest_ud_handler() signals "done" if a #UD > - * occurs). Verify that a #UD is NOT expected and that KVM patched in > - * the native hypercall. > + * If the quirk is disabled, verify that guest_ud_handler() "returned" > + * -EFAULT and that KVM did NOT patch the hypercall. If the quirk is > + * enabled, verify that the hypercall succeeded and that KVM patched in > + * the "right" hypercall. > */ > - GUEST_ASSERT(!ud_expected); > - GUEST_ASSERT(!memcmp(native_hypercall_insn, hypercall_insn, HYPERCALL_INSN_SIZE)); > + if (ud_expected) { > + GUEST_ASSERT(ret == (uint64_t)-EFAULT); > + > + /* > + * Divergence should occur only on the last byte, as the VMCALL > + * (0F 01 C1) and VMMCALL (0F 01 D9) share the first two bytes. > + */ > + GUEST_ASSERT(!memcmp(native_hypercall_insn, hypercall_insn, > + HYPERCALL_INSN_SIZE - 1)); > + GUEST_ASSERT(memcmp(native_hypercall_insn, hypercall_insn, > + HYPERCALL_INSN_SIZE)); Should we just keep the assertions consistent for both cases (patched and unpatched)? -- Thanks, Oliver > + } else { > + GUEST_ASSERT(!ret); > + GUEST_ASSERT(!memcmp(native_hypercall_insn, hypercall_insn, > + HYPERCALL_INSN_SIZE)); > + } > + > GUEST_DONE(); > } > > -- > 2.37.2.789.g6183377224-goog >