mbox series

[v2,00/13] KVM: selftests: Add tests for SEV and SEV-ES guests

Message ID 20211216171358.61140-1-michael.roth@amd.com
Headers show
Series KVM: selftests: Add tests for SEV and SEV-ES guests | expand

Message

Michael Roth Dec. 16, 2021, 5:13 p.m. UTC
These patches and are also available at:

  https://github.com/mdroth/linux/commits/sev-selftests-v2

They are based on top of the recent RFC:

  "KVM: selftests: Add support for test-selectable ucall implementations"
  https://lore.kernel.org/all/20211210164620.11636-1-michael.roth@amd.com/T/

  https://github.com/mdroth/linux/commits/sev-selftests-ucall-rfc1

which provides a new ucall implementation that this series relies on.
Those patches were in turn based on kvm/next as of 2021-12-10.

== OVERVIEW ==

This series introduces a set of memory encryption-related parameter/hooks
in the core kselftest library, then uses the hooks to implement a small
library for creating/managing SEV, SEV-ES, and (eventually) SEV-SNP guests.
This library is then used to implement a basic boot/memory test that's run
for variants of SEV/SEV-ES guests.

- Patches 1-8 implement SEV boot tests and should run against existing
  kernels
- Patch 9 is a KVM changes that's required to allow SEV-ES/SEV-SNP
  guests to boot with an externally generated page table, and is a
  host kernel prequisite for the remaining patches in the series.
- Patches 10-13 extend the boot tests to cover SEV-ES

Any review/comments are greatly appreciated!

v2: 
- rebased on ucall_ops patchset (which is based on kvm/next 2021-12-10)
- remove SEV-SNP support for now
- provide encryption bitmap as const* to original rather than as a copy
  (Mingwei, Paolo)
- drop SEV-specific synchronization helpers in favor of ucall_ops_halt (Paolo)
- don't pass around addresses with c-bit included, add them as-needed via
  addr_gpa2raw() (e.g. when adding PTEs, or initializing initial
  cr3/vm->pgd) (Paolo)
- rename lib/sev.c functions for better consistency (Krish)
- move more test setup code out of main test function and into
  setup_test_common() (Krish)
- suppress compiler warnings due to -Waddress-of-packed-member like kernel
  does
- don't require SNP support in minimum firmware version detection (Marc)
- allow SEV device path to be configured via make SEV_PATH= (Marc)

----------------------------------------------------------------
Michael Roth (13):
      KVM: selftests: move vm_phy_pages_alloc() earlier in file
      KVM: selftests: sparsebit: add const where appropriate
      KVM: selftests: add hooks for managing encrypted guest memory
      KVM: selftests: handle encryption bits in page tables
      KVM: selftests: add support for encrypted vm_vaddr_* allocations
      KVM: selftests: ensure ucall_shared_alloc() allocates shared memory
      KVM: selftests: add library for creating/interacting with SEV guests
      KVM: selftests: add SEV boot tests
      KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests
      KVM: selftests: account for error code in #VC exception frame
      KVM: selftests: add support for creating SEV-ES guests
      KVM: selftests: add library for handling SEV-ES-related exits
      KVM: selftests: add SEV-ES boot tests

 arch/x86/include/asm/kvm-x86-ops.h                 |   1 +
 arch/x86/include/asm/kvm_host.h                    |   1 +
 arch/x86/kvm/svm/svm.c                             |  19 ++
 arch/x86/kvm/vmx/vmx.c                             |   6 +
 arch/x86/kvm/x86.c                                 |   1 +
 tools/testing/selftests/kvm/.gitignore             |   1 +
 tools/testing/selftests/kvm/Makefile               |  10 +-
 .../testing/selftests/kvm/include/kvm_util_base.h  |  10 +
 tools/testing/selftests/kvm/include/sparsebit.h    |  36 +--
 tools/testing/selftests/kvm/include/x86_64/sev.h   |  44 +++
 .../selftests/kvm/include/x86_64/sev_exitlib.h     |  14 +
 tools/testing/selftests/kvm/include/x86_64/svm.h   |  35 +++
 .../selftests/kvm/include/x86_64/svm_util.h        |   1 +
 tools/testing/selftests/kvm/lib/kvm_util.c         | 270 ++++++++++++------
 .../testing/selftests/kvm/lib/kvm_util_internal.h  |  10 +
 tools/testing/selftests/kvm/lib/sparsebit.c        |  48 ++--
 tools/testing/selftests/kvm/lib/ucall_common.c     |   4 +-
 tools/testing/selftests/kvm/lib/x86_64/handlers.S  |   4 +-
 tools/testing/selftests/kvm/lib/x86_64/processor.c |  16 +-
 tools/testing/selftests/kvm/lib/x86_64/sev.c       | 252 ++++++++++++++++
 .../testing/selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++
 .../selftests/kvm/x86_64/sev_all_boot_test.c       | 316 +++++++++++++++++++++
 22 files changed, 1215 insertions(+), 133 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
 create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
 create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c
 create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c

Comments

Paolo Bonzini Dec. 22, 2021, 2:56 p.m. UTC | #1
On 12/16/21 18:13, Michael Roth wrote:
> These patches and are also available at:
> 
>    https://github.com/mdroth/linux/commits/sev-selftests-v2
> 
> They are based on top of the recent RFC:
> 
>    "KVM: selftests: Add support for test-selectable ucall implementations"
>    https://lore.kernel.org/all/20211210164620.11636-1-michael.roth@amd.com/T/
> 
>    https://github.com/mdroth/linux/commits/sev-selftests-ucall-rfc1
> 
> which provides a new ucall implementation that this series relies on.
> Those patches were in turn based on kvm/next as of 2021-12-10.

Looks good, apart from the cleanups that Peter pointed out in patch 7.

When you send the next version, you can keep it based on the same ucall 
RFC, even if I haven't yet pushed them (which I'll do only after testing 
on s390).

Thanks,

Paolo

> == OVERVIEW ==
> 
> This series introduces a set of memory encryption-related parameter/hooks
> in the core kselftest library, then uses the hooks to implement a small
> library for creating/managing SEV, SEV-ES, and (eventually) SEV-SNP guests.
> This library is then used to implement a basic boot/memory test that's run
> for variants of SEV/SEV-ES guests.
> 
> - Patches 1-8 implement SEV boot tests and should run against existing
>    kernels
> - Patch 9 is a KVM changes that's required to allow SEV-ES/SEV-SNP
>    guests to boot with an externally generated page table, and is a
>    host kernel prequisite for the remaining patches in the series.
> - Patches 10-13 extend the boot tests to cover SEV-ES
> 
> Any review/comments are greatly appreciated!
> 
> v2:
> - rebased on ucall_ops patchset (which is based on kvm/next 2021-12-10)
> - remove SEV-SNP support for now
> - provide encryption bitmap as const* to original rather than as a copy
>    (Mingwei, Paolo)
> - drop SEV-specific synchronization helpers in favor of ucall_ops_halt (Paolo)
> - don't pass around addresses with c-bit included, add them as-needed via
>    addr_gpa2raw() (e.g. when adding PTEs, or initializing initial
>    cr3/vm->pgd) (Paolo)
> - rename lib/sev.c functions for better consistency (Krish)
> - move more test setup code out of main test function and into
>    setup_test_common() (Krish)
> - suppress compiler warnings due to -Waddress-of-packed-member like kernel
>    does
> - don't require SNP support in minimum firmware version detection (Marc)
> - allow SEV device path to be configured via make SEV_PATH= (Marc)
> 
> ----------------------------------------------------------------
> Michael Roth (13):
>        KVM: selftests: move vm_phy_pages_alloc() earlier in file
>        KVM: selftests: sparsebit: add const where appropriate
>        KVM: selftests: add hooks for managing encrypted guest memory
>        KVM: selftests: handle encryption bits in page tables
>        KVM: selftests: add support for encrypted vm_vaddr_* allocations
>        KVM: selftests: ensure ucall_shared_alloc() allocates shared memory
>        KVM: selftests: add library for creating/interacting with SEV guests
>        KVM: selftests: add SEV boot tests
>        KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests
>        KVM: selftests: account for error code in #VC exception frame
>        KVM: selftests: add support for creating SEV-ES guests
>        KVM: selftests: add library for handling SEV-ES-related exits
>        KVM: selftests: add SEV-ES boot tests
> 
>   arch/x86/include/asm/kvm-x86-ops.h                 |   1 +
>   arch/x86/include/asm/kvm_host.h                    |   1 +
>   arch/x86/kvm/svm/svm.c                             |  19 ++
>   arch/x86/kvm/vmx/vmx.c                             |   6 +
>   arch/x86/kvm/x86.c                                 |   1 +
>   tools/testing/selftests/kvm/.gitignore             |   1 +
>   tools/testing/selftests/kvm/Makefile               |  10 +-
>   .../testing/selftests/kvm/include/kvm_util_base.h  |  10 +
>   tools/testing/selftests/kvm/include/sparsebit.h    |  36 +--
>   tools/testing/selftests/kvm/include/x86_64/sev.h   |  44 +++
>   .../selftests/kvm/include/x86_64/sev_exitlib.h     |  14 +
>   tools/testing/selftests/kvm/include/x86_64/svm.h   |  35 +++
>   .../selftests/kvm/include/x86_64/svm_util.h        |   1 +
>   tools/testing/selftests/kvm/lib/kvm_util.c         | 270 ++++++++++++------
>   .../testing/selftests/kvm/lib/kvm_util_internal.h  |  10 +
>   tools/testing/selftests/kvm/lib/sparsebit.c        |  48 ++--
>   tools/testing/selftests/kvm/lib/ucall_common.c     |   4 +-
>   tools/testing/selftests/kvm/lib/x86_64/handlers.S  |   4 +-
>   tools/testing/selftests/kvm/lib/x86_64/processor.c |  16 +-
>   tools/testing/selftests/kvm/lib/x86_64/sev.c       | 252 ++++++++++++++++
>   .../testing/selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++
>   .../selftests/kvm/x86_64/sev_all_boot_test.c       | 316 +++++++++++++++++++++
>   22 files changed, 1215 insertions(+), 133 deletions(-)
>   create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
>   create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h
>   create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
>   create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c
>   create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c
> 
>
Michael Roth Jan. 4, 2022, 11:41 p.m. UTC | #2
On Wed, Dec 22, 2021 at 03:56:23PM +0100, Paolo Bonzini wrote:
> On 12/16/21 18:13, Michael Roth wrote:
> > These patches and are also available at:
> > 
> >    https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmdroth%2Flinux%2Fcommits%2Fsev-selftests-v2&data=04%7C01%7Cmichael.roth%40amd.com%7C749cb23438484cede3bc08d9c55b3c4e%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637757817978399009%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=8F%2BcL%2F9FcCx4I2QXJUmBwGGxdHymP6l%2BoRKQO7%2BVj1Y%3D&reserved=0
> > 
> > They are based on top of the recent RFC:
> > 
> >    "KVM: selftests: Add support for test-selectable ucall implementations"
> >    https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore.kernel.org%2Fall%2F20211210164620.11636-1-michael.roth%40amd.com%2FT%2F&data=04%7C01%7Cmichael.roth%40amd.com%7C749cb23438484cede3bc08d9c55b3c4e%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637757817978399009%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=BZu%2BqGCqpHEHlkL%2B5zFELdOaERRrUdznCFO%2FzPaQ4v8%3D&reserved=0
> > 
> >    https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fmdroth%2Flinux%2Fcommits%2Fsev-selftests-ucall-rfc1&data=04%7C01%7Cmichael.roth%40amd.com%7C749cb23438484cede3bc08d9c55b3c4e%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637757817978399009%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=DkCRww6ifTrnavR9XvmWwX1wkKHK172iuivTaqEfu6o%3D&reserved=0
> > 
> > which provides a new ucall implementation that this series relies on.
> > Those patches were in turn based on kvm/next as of 2021-12-10.
> 
> Looks good, apart from the cleanups that Peter pointed out in patch 7.
> 
> When you send the next version, you can keep it based on the same ucall RFC,
> even if I haven't yet pushed them (which I'll do only after testing on
> s390).

Hi Paolo,

Didn't manage to get these out before going on break, but back in office now
and will get an updated version out as soon as we figure out a plan for
implementing some of Sean's recent suggestions for the ucall side of things.

Thanks,

Mike

> 
> Thanks,
> 
> Paolo
> 
> > == OVERVIEW ==
> > 
> > This series introduces a set of memory encryption-related parameter/hooks
> > in the core kselftest library, then uses the hooks to implement a small
> > library for creating/managing SEV, SEV-ES, and (eventually) SEV-SNP guests.
> > This library is then used to implement a basic boot/memory test that's run
> > for variants of SEV/SEV-ES guests.
> > 
> > - Patches 1-8 implement SEV boot tests and should run against existing
> >    kernels
> > - Patch 9 is a KVM changes that's required to allow SEV-ES/SEV-SNP
> >    guests to boot with an externally generated page table, and is a
> >    host kernel prequisite for the remaining patches in the series.
> > - Patches 10-13 extend the boot tests to cover SEV-ES
> > 
> > Any review/comments are greatly appreciated!
> > 
> > v2:
> > - rebased on ucall_ops patchset (which is based on kvm/next 2021-12-10)
> > - remove SEV-SNP support for now
> > - provide encryption bitmap as const* to original rather than as a copy
> >    (Mingwei, Paolo)
> > - drop SEV-specific synchronization helpers in favor of ucall_ops_halt (Paolo)
> > - don't pass around addresses with c-bit included, add them as-needed via
> >    addr_gpa2raw() (e.g. when adding PTEs, or initializing initial
> >    cr3/vm->pgd) (Paolo)
> > - rename lib/sev.c functions for better consistency (Krish)
> > - move more test setup code out of main test function and into
> >    setup_test_common() (Krish)
> > - suppress compiler warnings due to -Waddress-of-packed-member like kernel
> >    does
> > - don't require SNP support in minimum firmware version detection (Marc)
> > - allow SEV device path to be configured via make SEV_PATH= (Marc)
> > 
> > ----------------------------------------------------------------
> > Michael Roth (13):
> >        KVM: selftests: move vm_phy_pages_alloc() earlier in file
> >        KVM: selftests: sparsebit: add const where appropriate
> >        KVM: selftests: add hooks for managing encrypted guest memory
> >        KVM: selftests: handle encryption bits in page tables
> >        KVM: selftests: add support for encrypted vm_vaddr_* allocations
> >        KVM: selftests: ensure ucall_shared_alloc() allocates shared memory
> >        KVM: selftests: add library for creating/interacting with SEV guests
> >        KVM: selftests: add SEV boot tests
> >        KVM: SVM: include CR3 in initial VMSA state for SEV-ES guests
> >        KVM: selftests: account for error code in #VC exception frame
> >        KVM: selftests: add support for creating SEV-ES guests
> >        KVM: selftests: add library for handling SEV-ES-related exits
> >        KVM: selftests: add SEV-ES boot tests
> > 
> >   arch/x86/include/asm/kvm-x86-ops.h                 |   1 +
> >   arch/x86/include/asm/kvm_host.h                    |   1 +
> >   arch/x86/kvm/svm/svm.c                             |  19 ++
> >   arch/x86/kvm/vmx/vmx.c                             |   6 +
> >   arch/x86/kvm/x86.c                                 |   1 +
> >   tools/testing/selftests/kvm/.gitignore             |   1 +
> >   tools/testing/selftests/kvm/Makefile               |  10 +-
> >   .../testing/selftests/kvm/include/kvm_util_base.h  |  10 +
> >   tools/testing/selftests/kvm/include/sparsebit.h    |  36 +--
> >   tools/testing/selftests/kvm/include/x86_64/sev.h   |  44 +++
> >   .../selftests/kvm/include/x86_64/sev_exitlib.h     |  14 +
> >   tools/testing/selftests/kvm/include/x86_64/svm.h   |  35 +++
> >   .../selftests/kvm/include/x86_64/svm_util.h        |   1 +
> >   tools/testing/selftests/kvm/lib/kvm_util.c         | 270 ++++++++++++------
> >   .../testing/selftests/kvm/lib/kvm_util_internal.h  |  10 +
> >   tools/testing/selftests/kvm/lib/sparsebit.c        |  48 ++--
> >   tools/testing/selftests/kvm/lib/ucall_common.c     |   4 +-
> >   tools/testing/selftests/kvm/lib/x86_64/handlers.S  |   4 +-
> >   tools/testing/selftests/kvm/lib/x86_64/processor.c |  16 +-
> >   tools/testing/selftests/kvm/lib/x86_64/sev.c       | 252 ++++++++++++++++
> >   .../testing/selftests/kvm/lib/x86_64/sev_exitlib.c | 249 ++++++++++++++++
> >   .../selftests/kvm/x86_64/sev_all_boot_test.c       | 316 +++++++++++++++++++++
> >   22 files changed, 1215 insertions(+), 133 deletions(-)
> >   create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
> >   create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev_exitlib.h
> >   create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
> >   create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev_exitlib.c
> >   create mode 100644 tools/testing/selftests/kvm/x86_64/sev_all_boot_test.c
> > 
> > 
>