Received: by 2002:a05:7412:798b:b0:fc:a2b0:25d7 with SMTP id fb11csp679589rdb;
        Thu, 22 Feb 2024 16:46:12 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCUECtmpB8YjZhQxlq/dbSXdkZnnT8gQ9UkbNcPEWSgA4fVOj9C1jPRb2m9Y+7BeU9csTeEjoRvP9aKvTGwXGZyA5alGgmJdwtU/y0vxuw==
X-Google-Smtp-Source: AGHT+IHNJKetBi4NtNZpvhJb7835lHSTYIBNz3gzugx13Mer/PCjOutTFfs1kTFUeKwA5DFxJlfS
X-Received: by 2002:a05:6a20:871c:b0:19e:caf3:87ea with SMTP id e28-20020a056a20871c00b0019ecaf387eamr447594pzf.49.1708649172217;
        Thu, 22 Feb 2024 16:46:12 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1708649172; cv=pass;
        d=google.com; s=arc-20160816;
        b=vnBbELHNZjIg3wJmBqlHCu2+zUP5WUHYjkCdfWqJQ2oiDQiDvwQ/YUdRtjCzG3PIOU
         cDSBo0+Z7YdCSZuTSLbOhrGQhjllT37YbRSZSEUOeZNHDB5N/F2rnueW3yZOFoogz270
         kECJQF1UtW6tremIMPnrfDI8a2rtKHHt4riYQcF4vyzR1qgeMLlcE4MDYAZSuKH4xJMc
         ltdIHQ7s8Yv0GAqa4UdFFGvUr2xNHB5tESorKiFHvwHyUO76piYnblCnyEx1MVBzJEYw
         61YMIdmN67UzIl8slzqV2rL5Pv1IgHYcVqFh+u4qOTqadVLZ7yE1WkTP9q/OFRb21+0l
         9vWg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:from:subject:message-id:references:mime-version
         :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date
         :reply-to:dkim-signature;
        bh=ufdAB/OIgPR6sk1BH6tXU4Lb92iEyKpRUAsMWFh65lo=;
        fh=x57Njk/8/qNjjgVoglnDyI5N1IE9m6+ijwP/W1Az/1Y=;
        b=aUdEcx8HLbnEilZMKngmQqlXPNpj5GuxQh7AqgbM6YLqtQDXYFzhWqAD7XtgETa6I2
         S7PfpwyxolO4PH+tN8E581dSS1RW5OUjUfk8wdrZ6Hu3SqSvXSDOyjxkl+nn1/rvDwZ2
         zYhjI6ehlorDlogF5KSN4gqNgCd5jUPmYtILsoQrKAiWGJS981AQ6G1/EkM7maHTYzAG
         wzDBuKUysa4Q5xqJlg5mRGG/RuEGsHcQh8AG497ctgdQpjt67DuyUL15hIMxDMtDOHUo
         Nw4NdamvKZhg6Lw+KRJ7JtCdUG4Gt2nG66U+elIlvcCwMa45zKWnrUItjuSlP8A8HaED
         2fNA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=Em36FEgh;
       arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
       spf=pass (google.com: domain of linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id sh17-20020a17090b525100b00298b0fab60csi192589pjb.72.2024.02.22.16.46.11
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 22 Feb 2024 16:46:12 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=Em36FEgh;
       arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
       spf=pass (google.com: domain of linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77591-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id D525B283BAD
	for <linux.lists.archive@gmail.com>; Fri, 23 Feb 2024 00:46:11 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 9D09C171AF;
	Fri, 23 Feb 2024 00:43:24 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Em36FEgh"
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 10B7713AF9
	for <linux-kernel@vger.kernel.org>; Fri, 23 Feb 2024 00:43:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1708649003; cv=none; b=dQQH0acqDRUpNOl1cc+gnEfkBWFPyooOwWhstbSBZPxna/UkwR6a8RHdSFDn6J8E+45cwcCUTNuncjvqr8esexOpj0CDAsKQ1eHfj7GsImP+TW5LxqEHzT1sNvA1Mce4HvvNVpoyOxbmFjMapwoQjnRCvR4pSJO/qu0gJVNDPzY=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1708649003; c=relaxed/simple;
	bh=wYG3aBkI4214Z2xd6xHe4uZY8sEWm9j7oKweqpMTgCo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type; b=CXkJ6dS/AfplNsmwe+6jaapC4EWDj/N9FkBEPkLL74jp8jCRwPPsLqu42vu1r78HRj6bQbc0s6Gg9XDv4dHplCDNnk2Rg6HxOEyotYc3O7FrF9m89ud4ywZba7e05eKfUM2N9LtJDgkPRwxwOT8PbRaqfPpUmpw3TkFEulSvEMY=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Em36FEgh; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-1dbc6ff68ffso2514085ad.1
        for <linux-kernel@vger.kernel.org>; Thu, 22 Feb 2024 16:43:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1708649001; x=1709253801; darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=ufdAB/OIgPR6sk1BH6tXU4Lb92iEyKpRUAsMWFh65lo=;
        b=Em36FEgh97nyp76bmotk8WR0avZyxpP/pj5q6LXuqFIyy13uo5sTPBOFJy8Yoivbgm
         XnVtw53YinNGs/V0PpKvxbhhQlfUvX5ndaOv8cYUraIkVJl8A8vUPRMzF7COJrRwKj0l
         yOzFbwH47axebAZzevu9Kudd01pSYCwLQgVVBHinKEcciW1d6PpV5V7tlHvd/uoz5Gyt
         G72ZWP82c7Bm9UMmMGnav+r059S113S7Bpf3fc9+2b6qkIk3nLVhOWQH9cMd5l5IdL2K
         VultK8yuvFMacqGcZRVLY2w/FEgwWCz7z8Chc2kvzxnBAQUGuJxeg0vOleA7uf/efhiB
         3hsw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1708649001; x=1709253801;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=ufdAB/OIgPR6sk1BH6tXU4Lb92iEyKpRUAsMWFh65lo=;
        b=ZjvHfhyWgQNeXkMSTwygL9jdUeElGjvb1BBKbr352NPwnUYk7lMZcixVkt1GQ2myXi
         aMOwJ76sHhN7gTK5KLMhHqVyEU2AAnfz2qI7O3qfeVQgHq2mMlBlAA7nqo/7HBwYGhtT
         BXRFnOfJvPaPxoVmWPtBZ8kQMci7H/87BLX903iaPIeVpPwzZn+eWjJToe25EjrbZfUR
         tDPaC7akICvwpiPUlIHBzZEIzObvwuY4vKdY8beMiHWEaTSkoKIoavohlWa0x1xxvNXo
         0Qy5VNyYVsh913iTD9yWvoGnXRho7nAvSjBzWp0Yd0OKznAWyWtnf3ecpmpPLz05HcUw
         pJQA==
X-Forwarded-Encrypted: i=1; AJvYcCUP8WoZNv8+v4+MxGgy6CttMZjDT5V6fggWg/iDgVHhH/nKjZk3CDj7Z5LtPFbE0aAFBjz16gwI+VAnKI4rDlVsHFiqvGZWVlviLtbA
X-Gm-Message-State: AOJu0YxC9Vs0p8I8+dOgp4Z9lrkzEZB5LOYUI7LaMIh3EMZWUS5s+TKb
	MRJ1Ykr/y1LPrZ88+tmYz+M7468maefyhpyc39NjGOSlAN8B1+AsB25lySqcnoOcXUQj/qLn4+a
	29Q==
X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:903:234c:b0:1dc:1c81:1b2a with SMTP id
 c12-20020a170903234c00b001dc1c811b2amr1699plh.1.1708649001454; Thu, 22 Feb
 2024 16:43:21 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Thu, 22 Feb 2024 16:42:57 -0800
In-Reply-To: <20240223004258.3104051-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240223004258.3104051-1-seanjc@google.com>
X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog
Message-ID: <20240223004258.3104051-11-seanjc@google.com>
Subject: [PATCH v9 10/11] KVM: selftests: Add a basic SEV smoke test
From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Marc Zyngier <maz@kernel.org>, 
	Oliver Upton <oliver.upton@linux.dev>, Anup Patel <anup@brainfault.org>, 
	Paul Walmsley <paul.walmsley@sifive.com>, Palmer Dabbelt <palmer@dabbelt.com>, 
	Albert Ou <aou@eecs.berkeley.edu>, Christian Borntraeger <borntraeger@linux.ibm.com>, 
	Janosch Frank <frankja@linux.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, 
	Sean Christopherson <seanjc@google.com>
Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, 
	kvmarm@lists.linux.dev, kvm-riscv@lists.infradead.org, 
	linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, 
	Vishal Annapurve <vannapurve@google.com>, Ackerley Tng <ackerleytng@google.com>, 
	Andrew Jones <andrew.jones@linux.dev>, Tom Lendacky <thomas.lendacky@amd.com>, 
	Michael Roth <michael.roth@amd.com>, Carlos Bilbao <carlos.bilbao@amd.com>, 
	Peter Gonda <pgonda@google.com>, Itaru Kitayama <itaru.kitayama@fujitsu.com>
Content-Type: text/plain; charset="UTF-8"

From: Peter Gonda <pgonda@google.com>

Add a basic smoke test for SEV guests to verify that KVM can launch an
SEV guest and run a few instructions without exploding.  To verify that
SEV is indeed enabled, assert that SEV is reported as enabled in
MSR_AMD64_SEV, a.k.a. SEV_STATUS, which cannot be intercepted by KVM
(architecturally enforced).

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>
Cc: Vishal Annapurve <vannapurve@google.com>
Cc: Ackerly Tng <ackerleytng@google.com>
cc: Andrew Jones <andrew.jones@linux.dev>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Suggested-by: Michael Roth <michael.roth@amd.com>
Tested-by: Carlos Bilbao <carlos.bilbao@amd.com>
Signed-off-by: Peter Gonda <pgonda@google.com>
[sean: rename to "sev_smoke_test"]
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 tools/testing/selftests/kvm/Makefile          |  1 +
 .../selftests/kvm/x86_64/sev_smoke_test.c     | 58 +++++++++++++++++++
 2 files changed, 59 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/x86_64/sev_smoke_test.c

diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile
index 169b6ee8f733..da20e6bb43ed 100644
--- a/tools/testing/selftests/kvm/Makefile
+++ b/tools/testing/selftests/kvm/Makefile
@@ -120,6 +120,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/vmx_pmu_caps_test
 TEST_GEN_PROGS_x86_64 += x86_64/xen_shinfo_test
 TEST_GEN_PROGS_x86_64 += x86_64/xen_vmcall_test
 TEST_GEN_PROGS_x86_64 += x86_64/sev_migrate_tests
+TEST_GEN_PROGS_x86_64 += x86_64/sev_smoke_test
 TEST_GEN_PROGS_x86_64 += x86_64/amx_test
 TEST_GEN_PROGS_x86_64 += x86_64/max_vcpuid_cap_test
 TEST_GEN_PROGS_x86_64 += x86_64/triple_fault_event_test
diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
new file mode 100644
index 000000000000..54d72efd9b4d
--- /dev/null
+++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: GPL-2.0-only
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/ioctl.h>
+
+#include "test_util.h"
+#include "kvm_util.h"
+#include "processor.h"
+#include "svm_util.h"
+#include "linux/psp-sev.h"
+#include "sev.h"
+
+static void guest_sev_code(void)
+{
+	GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV));
+	GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED);
+
+	GUEST_DONE();
+}
+
+static void test_sev(void *guest_code, uint64_t policy)
+{
+	struct kvm_vcpu *vcpu;
+	struct kvm_vm *vm;
+	struct ucall uc;
+
+	vm = vm_sev_create_with_one_vcpu(policy, guest_code, &vcpu);
+
+	for (;;) {
+		vcpu_run(vcpu);
+
+		switch (get_ucall(vcpu, &uc)) {
+		case UCALL_SYNC:
+			continue;
+		case UCALL_DONE:
+			return;
+		case UCALL_ABORT:
+			REPORT_GUEST_ASSERT(uc);
+		default:
+			TEST_FAIL("Unexpected exit: %s",
+				  exit_reason_str(vcpu->run->exit_reason));
+		}
+	}
+
+	kvm_vm_free(vm);
+}
+
+int main(int argc, char *argv[])
+{
+	TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
+
+	test_sev(guest_sev_code, SEV_POLICY_NO_DBG);
+	test_sev(guest_sev_code, 0);
+
+	return 0;
+}
-- 
2.44.0.rc0.258.g7320e95886-goog