* [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore
@ 2021-05-05 15:18 Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 1/3] KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is causing #UD Vitaly Kuznetsov
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Vitaly Kuznetsov @ 2021-05-05 15:18 UTC (permalink / raw)
To: kvm, Paolo Bonzini
Cc: Sean Christopherson, Wanpeng Li, Jim Mattson, Maxim Levitsky,
linux-kernel
A regression was introduced by commit f2c7ef3ba955
("KVM: nSVM: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit"). When
L2->L1 exit is forced immediately after restoring nested state,
KVM_REQ_GET_NESTED_STATE_PAGES request is cleared and VMCS12 changes (e.g.
fresh RIP) are not reflected to eVMCS. The consequent nested vCPU run gets
broken. Add a test for the condition (PATCH2). PATCH1 is a preparatory
change, PATCH3 adds a test for a situation when KVM_GET_NESTED_STATE is
requested right after KVM_SET_NESTED_STATE, this is still broken in KVM
(so the patch is not to be committed).
Vitaly Kuznetsov (3):
KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is
causing #UD
KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced
to eVMCS after restore
KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never
lost
.../testing/selftests/kvm/x86_64/evmcs_test.c | 150 +++++++++++++-----
1 file changed, 108 insertions(+), 42 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/3] KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is causing #UD
2021-05-05 15:18 [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Vitaly Kuznetsov
@ 2021-05-05 15:18 ` Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 2/3] KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced to eVMCS after restore Vitaly Kuznetsov
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Vitaly Kuznetsov @ 2021-05-05 15:18 UTC (permalink / raw)
To: kvm, Paolo Bonzini
Cc: Sean Christopherson, Wanpeng Li, Jim Mattson, Maxim Levitsky,
linux-kernel
'run->exit_reason == KVM_EXIT_SHUTDOWN' check is not ideal as we may be
getting some unexpected exception. Directly check for #UD instead.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
.../testing/selftests/kvm/x86_64/evmcs_test.c | 24 ++++++++++++-------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/tools/testing/selftests/kvm/x86_64/evmcs_test.c b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
index ca22ee6d19cb..b01f64ac6ce3 100644
--- a/tools/testing/selftests/kvm/x86_64/evmcs_test.c
+++ b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
@@ -19,6 +19,14 @@
#define VCPU_ID 5
+static int ud_count;
+
+static void guest_ud_handler(struct ex_regs *regs)
+{
+ ud_count++;
+ regs->rip += 3; /* VMLAUNCH */
+}
+
void l2_guest_code(void)
{
GUEST_SYNC(7);
@@ -71,11 +79,11 @@ void guest_code(struct vmx_pages *vmx_pages)
if (vmx_pages)
l1_guest_code(vmx_pages);
- GUEST_DONE();
-
/* Try enlightened vmptrld with an incorrect GPA */
evmcs_vmptrld(0xdeadbeef, vmx_pages->enlightened_vmcs);
GUEST_ASSERT(vmlaunch());
+ GUEST_ASSERT(ud_count == 1);
+ GUEST_DONE();
}
int main(int argc, char *argv[])
@@ -109,6 +117,10 @@ int main(int argc, char *argv[])
vcpu_alloc_vmx(vm, &vmx_pages_gva);
vcpu_args_set(vm, VCPU_ID, 1, vmx_pages_gva);
+ vm_init_descriptor_tables(vm);
+ vcpu_init_descriptor_tables(vm, VCPU_ID);
+ vm_handle_exception(vm, UD_VECTOR, guest_ud_handler);
+
for (stage = 1;; stage++) {
_vcpu_run(vm, VCPU_ID);
TEST_ASSERT(run->exit_reason == KVM_EXIT_IO,
@@ -124,7 +136,7 @@ int main(int argc, char *argv[])
case UCALL_SYNC:
break;
case UCALL_DONE:
- goto part1_done;
+ goto done;
default:
TEST_FAIL("Unknown ucall %lu", uc.cmd);
}
@@ -156,10 +168,6 @@ int main(int argc, char *argv[])
(ulong) regs2.rdi, (ulong) regs2.rsi);
}
-part1_done:
- _vcpu_run(vm, VCPU_ID);
- TEST_ASSERT(run->exit_reason == KVM_EXIT_SHUTDOWN,
- "Unexpected successful VMEnter with invalid eVMCS pointer!");
-
+done:
kvm_vm_free(vm);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/3] KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced to eVMCS after restore
2021-05-05 15:18 [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 1/3] KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is causing #UD Vitaly Kuznetsov
@ 2021-05-05 15:18 ` Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 3/3] KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never lost Vitaly Kuznetsov
2021-05-05 15:44 ` [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Paolo Bonzini
3 siblings, 0 replies; 5+ messages in thread
From: Vitaly Kuznetsov @ 2021-05-05 15:18 UTC (permalink / raw)
To: kvm, Paolo Bonzini
Cc: Sean Christopherson, Wanpeng Li, Jim Mattson, Maxim Levitsky,
linux-kernel
Add a test for the regression, introduced by commit f2c7ef3ba955
("KVM: nSVM: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit"). When
L2->L1 exit is forced immediately after restoring nested state,
KVM_REQ_GET_NESTED_STATE_PAGES request is cleared and VMCS12 changes
(e.g. fresh RIP) are not reflected to eVMCS. The consequent nested
vCPU run gets broken.
Utilize NMI injection to do the job.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
.../testing/selftests/kvm/x86_64/evmcs_test.c | 66 +++++++++++++++----
1 file changed, 55 insertions(+), 11 deletions(-)
diff --git a/tools/testing/selftests/kvm/x86_64/evmcs_test.c b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
index b01f64ac6ce3..63096cea26c6 100644
--- a/tools/testing/selftests/kvm/x86_64/evmcs_test.c
+++ b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
@@ -18,30 +18,52 @@
#include "vmx.h"
#define VCPU_ID 5
+#define NMI_VECTOR 2
static int ud_count;
+void enable_x2apic(void)
+{
+ uint32_t spiv_reg = APIC_BASE_MSR + (APIC_SPIV >> 4);
+
+ wrmsr(MSR_IA32_APICBASE, rdmsr(MSR_IA32_APICBASE) |
+ MSR_IA32_APICBASE_ENABLE | MSR_IA32_APICBASE_EXTD);
+ wrmsr(spiv_reg, rdmsr(spiv_reg) | APIC_SPIV_APIC_ENABLED);
+}
+
static void guest_ud_handler(struct ex_regs *regs)
{
ud_count++;
regs->rip += 3; /* VMLAUNCH */
}
+static void guest_nmi_handler(struct ex_regs *regs)
+{
+}
+
void l2_guest_code(void)
{
GUEST_SYNC(7);
GUEST_SYNC(8);
+ /* Forced exit to L1 upon restore */
+ GUEST_SYNC(9);
+
/* Done, exit to L1 and never come back. */
vmcall();
}
-void l1_guest_code(struct vmx_pages *vmx_pages)
+void guest_code(struct vmx_pages *vmx_pages)
{
#define L2_GUEST_STACK_SIZE 64
unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE];
+ enable_x2apic();
+
+ GUEST_SYNC(1);
+ GUEST_SYNC(2);
+
enable_vp_assist(vmx_pages->vp_assist_gpa, vmx_pages->vp_assist);
GUEST_ASSERT(vmx_pages->vmcs_gpa);
@@ -63,21 +85,22 @@ void l1_guest_code(struct vmx_pages *vmx_pages)
current_evmcs->revision_id = EVMCS_VERSION;
GUEST_SYNC(6);
+ current_evmcs->pin_based_vm_exec_control |=
+ PIN_BASED_NMI_EXITING;
GUEST_ASSERT(!vmlaunch());
GUEST_ASSERT(vmptrstz() == vmx_pages->enlightened_vmcs_gpa);
- GUEST_SYNC(9);
+
+ /*
+ * NMI forces L2->L1 exit, resuming L2 and hope that EVMCS is
+ * up-to-date (RIP points where it should and not at the beginning
+ * of l2_guest_code(). GUEST_SYNC(9) checkes that.
+ */
GUEST_ASSERT(!vmresume());
- GUEST_ASSERT(vmreadz(VM_EXIT_REASON) == EXIT_REASON_VMCALL);
- GUEST_SYNC(10);
-}
-void guest_code(struct vmx_pages *vmx_pages)
-{
- GUEST_SYNC(1);
- GUEST_SYNC(2);
+ GUEST_SYNC(10);
- if (vmx_pages)
- l1_guest_code(vmx_pages);
+ GUEST_ASSERT(vmreadz(VM_EXIT_REASON) == EXIT_REASON_VMCALL);
+ GUEST_SYNC(11);
/* Try enlightened vmptrld with an incorrect GPA */
evmcs_vmptrld(0xdeadbeef, vmx_pages->enlightened_vmcs);
@@ -86,6 +109,18 @@ void guest_code(struct vmx_pages *vmx_pages)
GUEST_DONE();
}
+void inject_nmi(struct kvm_vm *vm)
+{
+ struct kvm_vcpu_events events;
+
+ vcpu_events_get(vm, VCPU_ID, &events);
+
+ events.nmi.pending = 1;
+ events.flags |= KVM_VCPUEVENT_VALID_NMI_PENDING;
+
+ vcpu_events_set(vm, VCPU_ID, &events);
+}
+
int main(int argc, char *argv[])
{
vm_vaddr_t vmx_pages_gva = 0;
@@ -120,6 +155,9 @@ int main(int argc, char *argv[])
vm_init_descriptor_tables(vm);
vcpu_init_descriptor_tables(vm, VCPU_ID);
vm_handle_exception(vm, UD_VECTOR, guest_ud_handler);
+ vm_handle_exception(vm, NMI_VECTOR, guest_nmi_handler);
+
+ pr_info("Running L1 which uses EVMCS to run L2\n");
for (stage = 1;; stage++) {
_vcpu_run(vm, VCPU_ID);
@@ -166,6 +204,12 @@ int main(int argc, char *argv[])
TEST_ASSERT(!memcmp(®s1, ®s2, sizeof(regs2)),
"Unexpected register values after vcpu_load_state; rdi: %lx rsi: %lx",
(ulong) regs2.rdi, (ulong) regs2.rsi);
+
+ /* Force immediate L2->L1 exit before resuming */
+ if (stage == 8) {
+ pr_info("Injecting NMI into L1 before L2 had a chance to run after restore\n");
+ inject_nmi(vm);
+ }
}
done:
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 3/3] KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never lost
2021-05-05 15:18 [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 1/3] KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is causing #UD Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 2/3] KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced to eVMCS after restore Vitaly Kuznetsov
@ 2021-05-05 15:18 ` Vitaly Kuznetsov
2021-05-05 15:44 ` [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Paolo Bonzini
3 siblings, 0 replies; 5+ messages in thread
From: Vitaly Kuznetsov @ 2021-05-05 15:18 UTC (permalink / raw)
To: kvm, Paolo Bonzini
Cc: Sean Christopherson, Wanpeng Li, Jim Mattson, Maxim Levitsky,
linux-kernel
Do KVM_GET_NESTED_STATE/KVM_SET_NESTED_STATE for a freshly restored VM
(before the first KVM_RUN) to check that KVM_STATE_NESTED_EVMCS is not
lost.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
---
- Note: this test is not yet to be commited as it is known to fail. A
patch like
https://lore.kernel.org/kvm/877dkdy1x5.fsf@vitty.brq.redhat.com/T/#u
is needed to make it pass. The patch itself requires more work.
---
.../testing/selftests/kvm/x86_64/evmcs_test.c | 62 ++++++++++++-------
1 file changed, 38 insertions(+), 24 deletions(-)
diff --git a/tools/testing/selftests/kvm/x86_64/evmcs_test.c b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
index 63096cea26c6..8d1a63da5c63 100644
--- a/tools/testing/selftests/kvm/x86_64/evmcs_test.c
+++ b/tools/testing/selftests/kvm/x86_64/evmcs_test.c
@@ -121,14 +121,39 @@ void inject_nmi(struct kvm_vm *vm)
vcpu_events_set(vm, VCPU_ID, &events);
}
+static void save_restore_vm(struct kvm_vm *vm, struct kvm_run *run)
+{
+ struct kvm_regs regs1, regs2;
+ struct kvm_x86_state *state;
+
+ state = vcpu_save_state(vm, VCPU_ID);
+ memset(®s1, 0, sizeof(regs1));
+ vcpu_regs_get(vm, VCPU_ID, ®s1);
+
+ kvm_vm_release(vm);
+
+ /* Restore state in a new VM. */
+ kvm_vm_restart(vm, O_RDWR);
+ vm_vcpu_add(vm, VCPU_ID);
+ vcpu_set_hv_cpuid(vm, VCPU_ID);
+ vcpu_enable_evmcs(vm, VCPU_ID);
+ vcpu_load_state(vm, VCPU_ID, state);
+ run = vcpu_state(vm, VCPU_ID);
+ free(state);
+
+ memset(®s2, 0, sizeof(regs2));
+ vcpu_regs_get(vm, VCPU_ID, ®s2);
+ TEST_ASSERT(!memcmp(®s1, ®s2, sizeof(regs2)),
+ "Unexpected register values after vcpu_load_state; rdi: %lx rsi: %lx",
+ (ulong) regs2.rdi, (ulong) regs2.rsi);
+}
+
int main(int argc, char *argv[])
{
vm_vaddr_t vmx_pages_gva = 0;
- struct kvm_regs regs1, regs2;
struct kvm_vm *vm;
struct kvm_run *run;
- struct kvm_x86_state *state;
struct ucall uc;
int stage;
@@ -147,8 +172,6 @@ int main(int argc, char *argv[])
run = vcpu_state(vm, VCPU_ID);
- vcpu_regs_get(vm, VCPU_ID, ®s1);
-
vcpu_alloc_vmx(vm, &vmx_pages_gva);
vcpu_args_set(vm, VCPU_ID, 1, vmx_pages_gva);
@@ -184,32 +207,23 @@ int main(int argc, char *argv[])
uc.args[1] == stage, "Stage %d: Unexpected register values vmexit, got %lx",
stage, (ulong)uc.args[1]);
- state = vcpu_save_state(vm, VCPU_ID);
- memset(®s1, 0, sizeof(regs1));
- vcpu_regs_get(vm, VCPU_ID, ®s1);
-
- kvm_vm_release(vm);
-
- /* Restore state in a new VM. */
- kvm_vm_restart(vm, O_RDWR);
- vm_vcpu_add(vm, VCPU_ID);
- vcpu_set_hv_cpuid(vm, VCPU_ID);
- vcpu_enable_evmcs(vm, VCPU_ID);
- vcpu_load_state(vm, VCPU_ID, state);
- run = vcpu_state(vm, VCPU_ID);
- free(state);
-
- memset(®s2, 0, sizeof(regs2));
- vcpu_regs_get(vm, VCPU_ID, ®s2);
- TEST_ASSERT(!memcmp(®s1, ®s2, sizeof(regs2)),
- "Unexpected register values after vcpu_load_state; rdi: %lx rsi: %lx",
- (ulong) regs2.rdi, (ulong) regs2.rsi);
+ save_restore_vm(vm, run);
/* Force immediate L2->L1 exit before resuming */
if (stage == 8) {
pr_info("Injecting NMI into L1 before L2 had a chance to run after restore\n");
inject_nmi(vm);
}
+
+ /*
+ * Do KVM_GET_NESTED_STATE/KVM_SET_NESTED_STATE for a freshly
+ * restored VM (before the first KVM_RUN) to check that
+ * KVM_STATE_NESTED_EVMCS is not lost.
+ */
+ if (stage == 9) {
+ pr_info("Trying extra KVM_GET_NESTED_STATE/KVM_SET_NESTED_STATE cycle\n");
+ save_restore_vm(vm, run);
+ }
}
done:
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore
2021-05-05 15:18 [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Vitaly Kuznetsov
` (2 preceding siblings ...)
2021-05-05 15:18 ` [PATCH 3/3] KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never lost Vitaly Kuznetsov
@ 2021-05-05 15:44 ` Paolo Bonzini
3 siblings, 0 replies; 5+ messages in thread
From: Paolo Bonzini @ 2021-05-05 15:44 UTC (permalink / raw)
To: Vitaly Kuznetsov, kvm
Cc: Sean Christopherson, Wanpeng Li, Jim Mattson, Maxim Levitsky,
linux-kernel
On 05/05/21 17:18, Vitaly Kuznetsov wrote:
> A regression was introduced by commit f2c7ef3ba955
> ("KVM: nSVM: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit"). When
> L2->L1 exit is forced immediately after restoring nested state,
> KVM_REQ_GET_NESTED_STATE_PAGES request is cleared and VMCS12 changes (e.g.
> fresh RIP) are not reflected to eVMCS. The consequent nested vCPU run gets
> broken. Add a test for the condition (PATCH2). PATCH1 is a preparatory
> change, PATCH3 adds a test for a situation when KVM_GET_NESTED_STATE is
> requested right after KVM_SET_NESTED_STATE, this is still broken in KVM
> (so the patch is not to be committed).
>
> Vitaly Kuznetsov (3):
> KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is
> causing #UD
> KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced
> to eVMCS after restore
> KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never
> lost
>
> .../testing/selftests/kvm/x86_64/evmcs_test.c | 150 +++++++++++++-----
> 1 file changed, 108 insertions(+), 42 deletions(-)
>
Queued 1-2, thanks.
Paolo
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-05-05 15:44 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-05 15:18 [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 1/3] KVM: selftests: evmcs_test: Check that VMLAUNCH with bogus EVMPTR is causing #UD Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 2/3] KVM: selftests: evmcs_test: Check that VMCS12 is alway properly synced to eVMCS after restore Vitaly Kuznetsov
2021-05-05 15:18 ` [PATCH 3/3] KVM: selftests: evmcs_test: Test that KVM_STATE_NESTED_EVMCS is never lost Vitaly Kuznetsov
2021-05-05 15:44 ` [PATCH 0/3] KVM: selftests: evmcs_test: Check issues induced by late eVMCS mapping upon restore Paolo Bonzini
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.