Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp1103119lqo;
        Fri, 17 May 2024 10:41:14 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCUOc/OV3KSTRz+8FO2fDk3fTeXRnoGnzhq8JNJzOvqV8mEtNVZp3UjNpMinKC5Eb/PJsZksK+vnHkNKA6iPGPfHvCXq5+MYBsNvNTH5uw==
X-Google-Smtp-Source: AGHT+IEDf5LyQ8vHGqdJvGdGSPvLnTJHSLb3ENelKtKngly0x8wk0gUtHNPhmcSFCwY7VNvJcAcO
X-Received: by 2002:a17:902:9001:b0:1ee:a09e:c7b0 with SMTP id d9443c01a7336-1ef43e2a080mr186785995ad.37.1715967674022;
        Fri, 17 May 2024 10:41:14 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1715967674; cv=pass;
        d=google.com; s=arc-20160816;
        b=wJA5K+qW+dY0Mlx4WwG/bdPQZYWZfYUQmdQBMbKPOVctpsx3uCTZnmmmg3N/eeWmXc
         QmcBv3ZUy1L2CQXu3w+Q8HP5UZeZhMkrwJ/GFIytZd+sT1AG4bMRQH0+ox+TaFLv5pKF
         o5MDsf71nQPWaW9J2/nzo7w+6n2Ve45eLn43KxJ/wnmHpdLqgg4HFSKCu+9Jpq5dFKlW
         TxhHhxBlpSizFtJ85b7TyrR3VmWyHrh7VNSjzlA0BzNq3fWqZqHiHdY/or5cLoe6UIH9
         YRh4eWw4GmpJDQDI0kytTjkQmnY0CVRuApXNmFzor7gR6t1f3yrBy+AC9JvgptJUP6xT
         cuiQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:from:subject:message-id:references:mime-version
         :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date
         :reply-to:dkim-signature;
        bh=WlHXFrxNvUU8/ovGwpioncXLO5B94WPjDBBVkcyaDOo=;
        fh=OrW+QLTeakjkJ1X+HBVV+Y7M0XACjYs/V+73UdPGU2g=;
        b=uX6ab9w1EX/TLe0ydO1o0YU3Ej4k+EKUKiFq8KEfM1Yx59jNhXSDVTwLNjEkHktp0G
         nk29fbLs0VfWIn8GQRX+SD8cNi1Dw2gdWCGRXfGvovHAraHQOijz8jUdV05Qhh4f1E1+
         majoGi4+gmc7O/GFQRho4j5ZSqb8HiFsQ/uuquxc5v8kGwdtBwoaRLL7sxSWwe7wiTHJ
         9xf9W2Byk8bhQM4Hp+RFzohN28c1z80kONAnipKAyp7n6+o3WEu3mdGjio6k8V48VnzJ
         dJDFn2S8aPa/yTALV0kWdBdNYnsNsnDHInfWtCec/Sw0qUofxDOceMR0XZcy3L7DD6WB
         h72w==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=IdIccW2H;
       arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
       spf=pass (google.com: domain of linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id d9443c01a7336-1ef0bf32a2csi187689185ad.234.2024.05.17.10.41.13
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 17 May 2024 10:41:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=IdIccW2H;
       arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com);
       spf=pass (google.com: domain of linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-182437-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8612F282F27
	for <linux.lists.archive@gmail.com>; Fri, 17 May 2024 17:41:13 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 34F1E13FD9D;
	Fri, 17 May 2024 17:39:55 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="IdIccW2H"
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9794A13E8A9
	for <linux-kernel@vger.kernel.org>; Fri, 17 May 2024 17:39:52 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715967594; cv=none; b=NQ5HeAuELniP6cGNnJpxvG8m6/XedVU85kon9Hwmq1j+mpQsLXYTk4zOLD+p/JdbKASed85s/HU9+grV0Y0Z2hOLSdD7Ui2vm8sxS1/GmlN6FfT0MpaO4j3daxTDPdetLov5A5xawscZZGVAVfsnyGwXnnXTtVqPhSNxHrl35zE=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715967594; c=relaxed/simple;
	bh=1NGVeFJTwnKqwtkUG/0Mo2/yDSBezb4ZOJiMgBnbNBU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type; b=sdGLCom4bUHChKIdDoBdk0w9IUP/BNNCIkM18zS0IR8KiowRKbMn9CD/nyjYiBfDViFvTtAZyedLVPqfXTWa5njv0c1RLyXcaNaQm1pGfFwf+BHqE8aWg7CgDjCk6+Ybv9cwhmrbNeop2pA6sa1hWxic6xYXfWdQ1PCUn+S7aho=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=IdIccW2H; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-5e4df21f22dso7570866a12.0
        for <linux-kernel@vger.kernel.org>; Fri, 17 May 2024 10:39:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715967592; x=1716572392; darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=WlHXFrxNvUU8/ovGwpioncXLO5B94WPjDBBVkcyaDOo=;
        b=IdIccW2HvyAN8HiAxYSZ7V7oBjWnFlm253DvcP0rRjIHc9Er8ewwx9EME3Td/Ubkbw
         ofUqtjIyAYgu7DnlVGmHgvAwn301RYGZCcgvpiMpaFbFw+htIe0Ki1LF4Zp7dMsd4ydo
         oToeHoa3PBIqK1DGgSQFDLDuPoe3WUZ2hVg7euYkjWFOwPJqlCrfrBI/CVVpBesg07pw
         scv+VLAhqndFL73kiVs3IhPlx+UzhIWynqqAjF0T0PEW6aQUVphSQVmcf/VfDKbkdOhu
         JlyTE1xPThtNJth64WsPpbt3IICzgiO4KteRQZzWNrnICQ6bsN4Osy1rBV5rTOGmEkhc
         8U0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715967592; x=1716572392;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=WlHXFrxNvUU8/ovGwpioncXLO5B94WPjDBBVkcyaDOo=;
        b=lkxer3J/B0jlJFdYwQ+w8PODxVmcrlWS/U6cRVWXT9eZZ65PJRioBXtYscZhxsVkcP
         ugB0/HLySJkcYQ4xhhc9ypyWjD9ty/5BFPpp1LwucEJawksw9SeLmAemER9e+N+bNWqP
         X/rRPG6g90OzYDld1MdxxeLs85YsVdryRLGmbxCJy74kr9s2t2CkMReSbxSD+vkWBKv6
         V+RW72olCU4BjiouXlfso4+1TOxmI4tO/ZnqE81X2Je38VFrcxFSCelcTFlJX2iaSe92
         c5ToJuY/E3CO/IxymruzE+FhtEvH8DjhYtf28fTjseOOPM8+11RL6r0Rquu1CF2I7Qls
         bwVg==
X-Forwarded-Encrypted: i=1; AJvYcCUkoDQ3HOcK0mSJXbUpq37cnxZfqyeENyZgmCTcwEEvYuXzkZ4RwqOxwxAISowt0k0thC+gOsME5C3OCy3QiyVyQ4xcKxCXHAMpBMkS
X-Gm-Message-State: AOJu0YwLB6RCgwgLD2wZW6VgluUtxLtCjpbN/GOw7kb/gQQraQ0kUEjq
	hlX/b9P+cYGmJ4OG2pNSgks7s/LJWOtK8EV6+DskQfUB/tFrTAhXTXRMFwuuh9yGA9aJpWaCdJl
	cgQ==
X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:6a02:90d:b0:65b:c48c:154c with SMTP id
 41be03b00d2f7-65bc48c163emr12702a12.5.1715967591942; Fri, 17 May 2024
 10:39:51 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 10:38:41 -0700
In-Reply-To: <20240517173926.965351-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240517173926.965351-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240517173926.965351-5-seanjc@google.com>
Subject: [PATCH v2 04/49] KVM: selftests: Update x86's set_sregs_test to match
 KVM's CPUID enforcement
From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>, Sean Christopherson <seanjc@google.com>, 
	Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, 
	Hou Wenlong <houwenlong.hwl@antgroup.com>, Kechen Lu <kechenl@nvidia.com>, 
	Oliver Upton <oliver.upton@linux.dev>, Maxim Levitsky <mlevitsk@redhat.com>, 
	Binbin Wu <binbin.wu@linux.intel.com>, Yang Weijiang <weijiang.yang@intel.com>, 
	Robert Hoo <robert.hoo.linux@gmail.com>
Content-Type: text/plain; charset="UTF-8"

Rework x86's set sregs test to verify that KVM enforces CPUID vs. CR4
features even if userspace hasn't explicitly set guest CPUID.  KVM used to
allow userspace to set any KVM-supported CR4 value prior to KVM_SET_CPUID2,
and the test verified that behavior.

However, the testcase was written purely to verify KVM's existing behavior,
i.e. was NOT written to match the needs of real world VMMs.

Opportunistically verify that KVM continues to reject unsupported features
after KVM_SET_CPUID2 (using KVM_GET_SUPPORTED_CPUID).

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 .../selftests/kvm/x86_64/set_sregs_test.c     | 53 +++++++++++--------
 1 file changed, 30 insertions(+), 23 deletions(-)

diff --git a/tools/testing/selftests/kvm/x86_64/set_sregs_test.c b/tools/testing/selftests/kvm/x86_64/set_sregs_test.c
index c021c0795a96..96fd690d479a 100644
--- a/tools/testing/selftests/kvm/x86_64/set_sregs_test.c
+++ b/tools/testing/selftests/kvm/x86_64/set_sregs_test.c
@@ -41,13 +41,15 @@ do {										\
 	TEST_ASSERT(!memcmp(&new, &orig, sizeof(new)), "KVM modified sregs");	\
 } while (0)
 
+#define KVM_ALWAYS_ALLOWED_CR4 (X86_CR4_VME | X86_CR4_PVI | X86_CR4_TSD |	\
+				X86_CR4_DE | X86_CR4_PSE | X86_CR4_PAE |	\
+				X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE |	\
+				X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT)
+
 static uint64_t calc_supported_cr4_feature_bits(void)
 {
-	uint64_t cr4;
+	uint64_t cr4 = KVM_ALWAYS_ALLOWED_CR4;
 
-	cr4 = X86_CR4_VME | X86_CR4_PVI | X86_CR4_TSD | X86_CR4_DE |
-	      X86_CR4_PSE | X86_CR4_PAE | X86_CR4_MCE | X86_CR4_PGE |
-	      X86_CR4_PCE | X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT;
 	if (kvm_cpu_has(X86_FEATURE_UMIP))
 		cr4 |= X86_CR4_UMIP;
 	if (kvm_cpu_has(X86_FEATURE_LA57))
@@ -72,28 +74,14 @@ static uint64_t calc_supported_cr4_feature_bits(void)
 	return cr4;
 }
 
-int main(int argc, char *argv[])
+static void test_cr_bits(struct kvm_vcpu *vcpu, uint64_t cr4)
 {
 	struct kvm_sregs sregs;
-	struct kvm_vcpu *vcpu;
-	struct kvm_vm *vm;
-	uint64_t cr4;
 	int rc, i;
 
-	/*
-	 * Create a dummy VM, specifically to avoid doing KVM_SET_CPUID2, and
-	 * use it to verify all supported CR4 bits can be set prior to defining
-	 * the vCPU model, i.e. without doing KVM_SET_CPUID2.
-	 */
-	vm = vm_create_barebones();
-	vcpu = __vm_vcpu_add(vm, 0);
-
 	vcpu_sregs_get(vcpu, &sregs);
-
-	sregs.cr0 = 0;
-	sregs.cr4 |= calc_supported_cr4_feature_bits();
-	cr4 = sregs.cr4;
-
+	sregs.cr0 &= ~(X86_CR0_CD | X86_CR0_NW);
+	sregs.cr4 |= cr4;
 	rc = _vcpu_sregs_set(vcpu, &sregs);
 	TEST_ASSERT(!rc, "Failed to set supported CR4 bits (0x%lx)", cr4);
 
@@ -101,7 +89,6 @@ int main(int argc, char *argv[])
 	TEST_ASSERT(sregs.cr4 == cr4, "sregs.CR4 (0x%llx) != CR4 (0x%lx)",
 		    sregs.cr4, cr4);
 
-	/* Verify all unsupported features are rejected by KVM. */
 	TEST_INVALID_CR_BIT(vcpu, cr4, sregs, X86_CR4_UMIP);
 	TEST_INVALID_CR_BIT(vcpu, cr4, sregs, X86_CR4_LA57);
 	TEST_INVALID_CR_BIT(vcpu, cr4, sregs, X86_CR4_VMXE);
@@ -119,10 +106,28 @@ int main(int argc, char *argv[])
 	/* NW without CD is illegal, as is PG without PE. */
 	TEST_INVALID_CR_BIT(vcpu, cr0, sregs, X86_CR0_NW);
 	TEST_INVALID_CR_BIT(vcpu, cr0, sregs, X86_CR0_PG);
+}
 
+int main(int argc, char *argv[])
+{
+	struct kvm_sregs sregs;
+	struct kvm_vcpu *vcpu;
+	struct kvm_vm *vm;
+	int rc;
+
+	/*
+	 * Create a dummy VM, specifically to avoid doing KVM_SET_CPUID2, and
+	 * use it to verify KVM enforces guest CPUID even if *userspace* never
+	 * sets CPUID.
+	 */
+	vm = vm_create_barebones();
+	vcpu = __vm_vcpu_add(vm, 0);
+	test_cr_bits(vcpu, KVM_ALWAYS_ALLOWED_CR4);
 	kvm_vm_free(vm);
 
-	/* Create a "real" VM and verify APIC_BASE can be set. */
+	/* Create a "real" VM with a fully populated guest CPUID and verify
+	 * APIC_BASE and all supported CR4 can be set.
+	 */
 	vm = vm_create_with_one_vcpu(&vcpu, NULL);
 
 	vcpu_sregs_get(vcpu, &sregs);
@@ -135,6 +140,8 @@ int main(int argc, char *argv[])
 	TEST_ASSERT(!rc, "Couldn't set IA32_APIC_BASE to %llx (valid)",
 		    sregs.apic_base);
 
+	test_cr_bits(vcpu, calc_supported_cr4_feature_bits());
+
 	kvm_vm_free(vm);
 
 	return 0;
-- 
2.45.0.215.g3402c0e53f-goog