From 56dfe907b80b9c4ecaa0042acfa5feca13da98ce Mon Sep 17 00:00:00 2001 From: Maxim Levitsky Date: Mon, 28 Mar 2022 16:13:32 +0300 Subject: [PATCH 4/7] svm: move setup_svm to svm_lib.c --- lib/x86/svm.h | 2 + lib/x86/svm_lib.c | 131 ++++++++++++++++++++++++++++++++++++++++++++ lib/x86/svm_lib.h | 12 ++++ x86/Makefile.x86_64 | 2 + x86/svm.c | 115 +------------------------------------- x86/svm.h | 5 -- x86/svm_tests.c | 17 ++++-- 7 files changed, 161 insertions(+), 123 deletions(-) create mode 100644 lib/x86/svm_lib.c diff --git a/lib/x86/svm.h b/lib/x86/svm.h index 38bb9224..21eff090 100644 --- a/lib/x86/svm.h +++ b/lib/x86/svm.h @@ -2,6 +2,8 @@ #ifndef SRC_LIB_X86_SVM_H_ #define SRC_LIB_X86_SVM_H_ +#include "libcflat.h" + enum { INTERCEPT_INTR, INTERCEPT_NMI, diff --git a/lib/x86/svm_lib.c b/lib/x86/svm_lib.c new file mode 100644 index 00000000..8e59d81c --- /dev/null +++ b/lib/x86/svm_lib.c @@ -0,0 +1,131 @@ + +#include "svm_lib.h" +#include "libcflat.h" +#include "processor.h" +#include "desc.h" +#include "msr.h" +#include "vm.h" +#include "smp.h" +#include "alloc_page.h" + +/* for the nested page table*/ +static u64 *pte[2048]; +static u64 *pde[4]; +static u64 *pdpe; +static u64 *pml4e; + +static u8 *io_bitmap; +static u8 io_bitmap_area[16384]; + +static u8 *msr_bitmap; +static u8 msr_bitmap_area[MSR_BITMAP_SIZE + PAGE_SIZE]; + + +u64 *npt_get_pte(u64 address) +{ + int i1, i2; + + address >>= 12; + i1 = (address >> 9) & 0x7ff; + i2 = address & 0x1ff; + + return &pte[i1][i2]; +} + +u64 *npt_get_pde(u64 address) +{ + int i1, i2; + + address >>= 21; + i1 = (address >> 9) & 0x3; + i2 = address & 0x1ff; + + return &pde[i1][i2]; +} + +u64 *npt_get_pdpe(void) +{ + return pdpe; +} + +u64 *npt_get_pml4e(void) +{ + return pml4e; +} + +u8* svm_get_msr_bitmap(void) +{ + return msr_bitmap; +} + +u8* svm_get_io_bitmap(void) +{ + return io_bitmap; +} + +static void set_additional_vcpu_msr(void *msr_efer) +{ + void *hsave = alloc_page(); + + wrmsr(MSR_VM_HSAVE_PA, virt_to_phys(hsave)); + wrmsr(MSR_EFER, (ulong)msr_efer | EFER_SVME); +} + +void setup_svm(void) +{ + void *hsave = alloc_page(); + u64 *page, address; + int i,j; + + wrmsr(MSR_VM_HSAVE_PA, virt_to_phys(hsave)); + wrmsr(MSR_EFER, rdmsr(MSR_EFER) | EFER_SVME); + + io_bitmap = (void *) ALIGN((ulong)io_bitmap_area, PAGE_SIZE); + + msr_bitmap = (void *) ALIGN((ulong)msr_bitmap_area, PAGE_SIZE); + + if (!npt_supported()) + return; + + for (i = 1; i < cpu_count(); i++) + on_cpu(i, (void *)set_additional_vcpu_msr, (void *)rdmsr(MSR_EFER)); + + printf("NPT detected - running all tests with NPT enabled\n"); + + /* + * Nested paging supported - Build a nested page table + * Build the page-table bottom-up and map everything with 4k + * pages to get enough granularity for the NPT unit-tests. + */ + + address = 0; + + /* PTE level */ + for (i = 0; i < 2048; ++i) { + page = alloc_page(); + + for (j = 0; j < 512; ++j, address += 4096) + page[j] = address | 0x067ULL; + + pte[i] = page; + } + + /* PDE level */ + for (i = 0; i < 4; ++i) { + page = alloc_page(); + + for (j = 0; j < 512; ++j) + page[j] = (u64)pte[(i * 512) + j] | 0x027ULL; + + pde[i] = page; + } + + /* PDPe level */ + pdpe = alloc_page(); + for (i = 0; i < 4; ++i) + pdpe[i] = ((u64)(pde[i])) | 0x27; + + /* PML4e level */ + pml4e = alloc_page(); + pml4e[0] = ((u64)pdpe) | 0x27; +} diff --git a/lib/x86/svm_lib.h b/lib/x86/svm_lib.h index 1c35d4a9..f5e83b85 100644 --- a/lib/x86/svm_lib.h +++ b/lib/x86/svm_lib.h @@ -54,5 +54,17 @@ static inline void clgi(void) asm volatile ("clgi"); } +void setup_svm(void); + +u64 *npt_get_pte(u64 address); +u64 *npt_get_pde(u64 address); +u64 *npt_get_pdpe(void); +u64 *npt_get_pml4e(void); + +u8* svm_get_msr_bitmap(void); +u8* svm_get_io_bitmap(void); + +#define MSR_BITMAP_SIZE 8192 + #endif /* SRC_LIB_X86_SVM_LIB_H_ */ diff --git a/x86/Makefile.x86_64 b/x86/Makefile.x86_64 index f18c1e20..302acf58 100644 --- a/x86/Makefile.x86_64 +++ b/x86/Makefile.x86_64 @@ -17,6 +17,8 @@ COMMON_CFLAGS += -mno-red-zone -mno-sse -mno-sse2 $(fcf_protection_full) cflatobjs += lib/x86/setjmp64.o cflatobjs += lib/x86/intel-iommu.o cflatobjs += lib/x86/usermode.o +cflatobjs += lib/x86/svm_lib.o + tests = $(TEST_DIR)/apic.$(exe) \ $(TEST_DIR)/emulator.$(exe) $(TEST_DIR)/idt_test.$(exe) \ diff --git a/x86/svm.c b/x86/svm.c index 7a654425..23e65261 100644 --- a/x86/svm.c +++ b/x86/svm.c @@ -16,46 +16,8 @@ #include "vmalloc.h" #include "svm_lib.h" -/* for the nested page table*/ -u64 *pte[2048]; -u64 *pde[4]; -u64 *pdpe; -u64 *pml4e; - struct vmcb *vmcb; -u64 *npt_get_pte(u64 address) -{ - int i1, i2; - - address >>= 12; - i1 = (address >> 9) & 0x7ff; - i2 = address & 0x1ff; - - return &pte[i1][i2]; -} - -u64 *npt_get_pde(u64 address) -{ - int i1, i2; - - address >>= 21; - i1 = (address >> 9) & 0x3; - i2 = address & 0x1ff; - - return &pde[i1][i2]; -} - -u64 *npt_get_pdpe(void) -{ - return pdpe; -} - -u64 *npt_get_pml4e(void) -{ - return pml4e; -} - bool smp_supported(void) { return cpu_count() > 1; @@ -124,12 +86,6 @@ static void test_thunk(struct svm_test *test) vmmcall(); } -u8 *io_bitmap; -u8 io_bitmap_area[16384]; - -u8 *msr_bitmap; -u8 msr_bitmap_area[MSR_BITMAP_SIZE + PAGE_SIZE]; - void vmcb_ident(struct vmcb *vmcb) { u64 vmcb_phys = virt_to_phys(vmcb); @@ -165,12 +121,12 @@ void vmcb_ident(struct vmcb *vmcb) ctrl->intercept = (1ULL << INTERCEPT_VMRUN) | (1ULL << INTERCEPT_VMMCALL) | (1ULL << INTERCEPT_SHUTDOWN); - ctrl->iopm_base_pa = virt_to_phys(io_bitmap); - ctrl->msrpm_base_pa = virt_to_phys(msr_bitmap); + ctrl->iopm_base_pa = virt_to_phys(svm_get_io_bitmap()); + ctrl->msrpm_base_pa = virt_to_phys(svm_get_msr_bitmap()); if (npt_supported()) { ctrl->nested_ctl = 1; - ctrl->nested_cr3 = (u64)pml4e; + ctrl->nested_cr3 = (u64)npt_get_pml4e(); ctrl->tlb_ctl = TLB_CONTROL_FLUSH_ALL_ASID; } } @@ -259,72 +215,7 @@ static noinline void test_run(struct svm_test *test) test->on_vcpu_done = true; } -static void set_additional_vcpu_msr(void *msr_efer) -{ - void *hsave = alloc_page(); - - wrmsr(MSR_VM_HSAVE_PA, virt_to_phys(hsave)); - wrmsr(MSR_EFER, (ulong)msr_efer | EFER_SVME); -} - -static void setup_svm(void) -{ - void *hsave = alloc_page(); - u64 *page, address; - int i,j; - - wrmsr(MSR_VM_HSAVE_PA, virt_to_phys(hsave)); - wrmsr(MSR_EFER, rdmsr(MSR_EFER) | EFER_SVME); - - io_bitmap = (void *) ALIGN((ulong)io_bitmap_area, PAGE_SIZE); - - msr_bitmap = (void *) ALIGN((ulong)msr_bitmap_area, PAGE_SIZE); - - if (!npt_supported()) - return; - - for (i = 1; i < cpu_count(); i++) - on_cpu(i, (void *)set_additional_vcpu_msr, (void *)rdmsr(MSR_EFER)); - - printf("NPT detected - running all tests with NPT enabled\n"); - - /* - * Nested paging supported - Build a nested page table - * Build the page-table bottom-up and map everything with 4k - * pages to get enough granularity for the NPT unit-tests. - */ - - address = 0; - /* PTE level */ - for (i = 0; i < 2048; ++i) { - page = alloc_page(); - - for (j = 0; j < 512; ++j, address += 4096) - page[j] = address | 0x067ULL; - - pte[i] = page; - } - - /* PDE level */ - for (i = 0; i < 4; ++i) { - page = alloc_page(); - - for (j = 0; j < 512; ++j) - page[j] = (u64)pte[(i * 512) + j] | 0x027ULL; - - pde[i] = page; - } - - /* PDPe level */ - pdpe = alloc_page(); - for (i = 0; i < 4; ++i) - pdpe[i] = ((u64)(pde[i])) | 0x27; - - /* PML4e level */ - pml4e = alloc_page(); - pml4e[0] = ((u64)pdpe) | 0x27; -} int matched; diff --git a/x86/svm.h b/x86/svm.h index 1eb98de3..7fecb429 100644 --- a/x86/svm.h +++ b/x86/svm.h @@ -5,7 +5,6 @@ #include -#define MSR_BITMAP_SIZE 8192 #define LBR_CTL_ENABLE_MASK BIT_ULL(0) struct svm_test { @@ -46,10 +45,6 @@ struct regs { typedef void (*test_guest_func)(struct svm_test *); -u64 *npt_get_pte(u64 address); -u64 *npt_get_pde(u64 address); -u64 *npt_get_pdpe(void); -u64 *npt_get_pml4e(void); bool smp_supported(void); bool default_supported(void); void default_prepare(struct svm_test *test); diff --git a/x86/svm_tests.c b/x86/svm_tests.c index b6a0d5e6..07ac01ff 100644 --- a/x86/svm_tests.c +++ b/x86/svm_tests.c @@ -309,14 +309,13 @@ static bool check_next_rip(struct svm_test *test) return address == vmcb->control.next_rip; } -extern u8 *msr_bitmap; static void prepare_msr_intercept(struct svm_test *test) { default_prepare(test); vmcb->control.intercept |= (1ULL << INTERCEPT_MSR_PROT); vmcb->control.intercept_exceptions |= (1ULL << GP_VECTOR); - memset(msr_bitmap, 0xff, MSR_BITMAP_SIZE); + memset(svm_get_msr_bitmap(), 0xff, MSR_BITMAP_SIZE); } static void test_msr_intercept(struct svm_test *test) @@ -427,7 +426,7 @@ static bool msr_intercept_finished(struct svm_test *test) static bool check_msr_intercept(struct svm_test *test) { - memset(msr_bitmap, 0, MSR_BITMAP_SIZE); + memset(svm_get_msr_bitmap(), 0, MSR_BITMAP_SIZE); return (test->scratch == -2); } @@ -539,10 +538,10 @@ static bool check_mode_switch(struct svm_test *test) return test->scratch == 2; } -extern u8 *io_bitmap; - static void prepare_ioio(struct svm_test *test) { + u8 *io_bitmap = svm_get_io_bitmap(); + vmcb->control.intercept |= (1ULL << INTERCEPT_IOIO_PROT); test->scratch = 0; memset(io_bitmap, 0, 8192); @@ -551,6 +550,8 @@ static void prepare_ioio(struct svm_test *test) static void test_ioio(struct svm_test *test) { + u8 *io_bitmap = svm_get_io_bitmap(); + // stage 0, test IO pass inb(0x5000); outb(0x0, 0x5000); @@ -623,6 +624,7 @@ fail: static bool ioio_finished(struct svm_test *test) { unsigned port, size; + u8 *io_bitmap = svm_get_io_bitmap(); /* Only expect IOIO intercepts */ if (vmcb->control.exit_code == SVM_EXIT_VMMCALL) @@ -647,6 +649,8 @@ static bool ioio_finished(struct svm_test *test) static bool check_ioio(struct svm_test *test) { + u8 *io_bitmap = svm_get_io_bitmap(); + memset(io_bitmap, 0, 8193); return test->scratch != -1; } @@ -2514,7 +2518,8 @@ static void test_msrpm_iopm_bitmap_addrs(void) { u64 saved_intercept = vmcb->control.intercept; u64 addr_beyond_limit = 1ull << cpuid_maxphyaddr(); - u64 addr = virt_to_phys(msr_bitmap) & (~((1ull << 12) - 1)); + u64 addr = virt_to_phys(svm_get_msr_bitmap()) & (~((1ull << 12) - 1)); + u8 *io_bitmap = svm_get_io_bitmap(); TEST_BITMAP_ADDR(saved_intercept, INTERCEPT_MSR_PROT, addr_beyond_limit - 2 * PAGE_SIZE, SVM_EXIT_ERR, -- 2.26.3