From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60EB3C3DA61 for ; Sat, 27 Jul 2024 23:24:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D0C866B007B; Sat, 27 Jul 2024 19:24:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C95376B0082; Sat, 27 Jul 2024 19:24:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B35AB6B0089; Sat, 27 Jul 2024 19:24:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 92FD26B007B for ; Sat, 27 Jul 2024 19:24:12 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 3C54A1C06BD for ; Sat, 27 Jul 2024 23:24:12 +0000 (UTC) X-FDA: 82387113144.29.6F8D7EA Received: from mail-yb1-f169.google.com (mail-yb1-f169.google.com [209.85.219.169]) by imf13.hostedemail.com (Postfix) with ESMTP id 6346E2000A for ; Sat, 27 Jul 2024 23:24:10 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Als7t5dk; spf=pass (imf13.hostedemail.com: domain of sagis@google.com designates 209.85.219.169 as permitted sender) smtp.mailfrom=sagis@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722122624; a=rsa-sha256; cv=none; b=dCazPdgfivC+yx89YBtNzebTs28y52nHAwZE+rIkkPCwFIYhjtVe3qrEc3rnLLPIqqt/k2 H+3FPAcxJ4cHGOHweuVCKabtzaf/ZQ/bDkXUCHn0aCKrOFIy/f8sdyvFHRic+9cDPf1swx vXCW+mCjYH0RCkECOP8v3qZbk4aonOE= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Als7t5dk; spf=pass (imf13.hostedemail.com: domain of sagis@google.com designates 209.85.219.169 as permitted sender) smtp.mailfrom=sagis@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722122624; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=B4yEmtYniciXoEKJkwuK70Tje2jx27N9dXaU+niH9co=; b=BSWFokEvMkLUifBuFgIkHsStC1uAfdXCBZrZg3K7D5RwWbRb5rXOGM6TAhEdmWTLr43Mra qWloay1Xi1fBKza3NXPG5SVDtQRd05MVSI7bzG2dyL0Kj9pKUgbMaf9JYQ/+BG9qr3h71p 43xodJrBoXbbN+oeq4p+TFpMiW1mXNc= Received: by mail-yb1-f169.google.com with SMTP id 3f1490d57ef6-e0b111b59dfso835472276.3 for ; Sat, 27 Jul 2024 16:24:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722122649; x=1722727449; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=B4yEmtYniciXoEKJkwuK70Tje2jx27N9dXaU+niH9co=; b=Als7t5dkUqHsu8RCUZu9XUXtoXrrYVSRmnBqqyckvbygnDpN1URmN5+NcJR6kAeqFr jVvalC4cWN9Tvdjzs4P+NXJd00plHOEddiuiJURL2mnOP8b6+HAgcO63L0kvhw/9S9sK AZswl/Pw3nv5NEsR7DTJwPCNlv8B8yT4U30OwKEkCOH46swgPP3bEp9nUbbDsOY2trMm 3HuSeQU9BpypEfyaqwuzz2//kHEltEL19eiV3zgu9FpymFYmArmw6Ihg/qcZnuBs9Rgw RXsYEMPhE4RSRUw0GFIG3rXtJpG749FXCgADAC91rAc1Mb0eKGPK/YSty1s1ps+NwTqx 9/9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722122649; x=1722727449; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B4yEmtYniciXoEKJkwuK70Tje2jx27N9dXaU+niH9co=; b=MGIJGb93NHqU6Q9K+0SKdSoCT2Cd/OxZkjE9OzMRudzfkxQcsyxRgeuzzJ8wF0LGVw 0tyucJvG9dpJyA+eetq1384Zc4DlkWEeOdpFEyGq1yASjyqSzFxNZuMsvbjulHCRPdIO Kp6qvmj8gwCwXbhuv8iq6THRqR86PJoUCdLlRtmUpeUNTW0kvSgHTFXRXxsEkPtH2jTP XhSVz1tN9KOGwJ85rc/XUScpyAuBjWMiYIzp1Xqnf/m2n8lhQPqwUUF1qWSlTgH6bxsv yxvryP2hIlkhD7MiFFlNYZ0TlkSm9QUvJMstU6xJMBaryBdS7K5nCcYrjgn/8uLq4GXu zIKQ== X-Forwarded-Encrypted: i=1; AJvYcCUhj/kKZyknYjRL0c5SR9nzcgzhm65rzWAfd+2nqpiXS/xXm1grfh8TFBBwM8L6ahnVG/oG/EpM5jS1utIM44EgQ5s= X-Gm-Message-State: AOJu0YxbqjMwxn/Rk6L8dSqdZdK0z/WaGkj4/vq1hOG84taSWrihudwQ Pv0YUGWUXgmsZ3auZoxc4zivoT54uKnrS1r/ASYvCChRxOy5VIMA3hOp+G+bVkifD4Jtz22Dwk0 fiJzj7R0qtz/EwBSNLNmFC9I0MCMerAdDHVto X-Google-Smtp-Source: AGHT+IG1neJarxOVV2rFw+9+KTUgqO5z/Fa+YpV+zqf45OHqYeGWexbbXnHWKJ38xmTobbKVm/7ogvEDWeuam+aKcGA= X-Received: by 2002:a05:6902:10c1:b0:e0b:5fdb:1cd9 with SMTP id 3f1490d57ef6-e0b5fdb302emr2156487276.35.1722122649068; Sat, 27 Jul 2024 16:24:09 -0700 (PDT) MIME-Version: 1.0 References: <20231212204647.2170650-1-sagis@google.com> <20231212204647.2170650-17-sagis@google.com> <1f9d2b41-95ad-42ca-b1e5-70212b93a9c1@linux.intel.com> In-Reply-To: From: Sagi Shahar Date: Sat, 27 Jul 2024 18:23:56 -0500 Message-ID: Subject: Re: [RFC PATCH v5 16/29] KVM: selftests: TDX: Add TDX HLT exit test To: Yan Zhao Cc: Binbin Wu , linux-kselftest@vger.kernel.org, Ackerley Tng , Ryan Afranji , Erdem Aktas , Isaku Yamahata , Sean Christopherson , Paolo Bonzini , Shuah Khan , Peter Gonda , Haibo Xu , Chao Peng , Vishal Annapurve , Roger Wang , Vipin Sharma , jmattson@google.com, dmatlack@google.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: af81wgyw8gd3xym1uktg1zjrbm6fq49b X-Rspamd-Queue-Id: 6346E2000A X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1722122650-168127 X-HE-Meta: U2FsdGVkX1/OyGz0aHLfG5FlvIx7/vlCnBNesALphzj84oGHEhNN47+h+Nhjy2Xeg9UXivgSQJ2lnJNiUgZ/LYLvk0GkIrexbWvSVNwugXnmGIGMI200XFOdLjRrMAV45ueo9BgZiVuI1lDFtK3j9+4Yw5pQmaFZmckvDKQh5yI6Dnqd+djQYjzfyrkbUdw1HrkOGW24fj6wtpPD7O2fm7/0bfuAV+GrMNdj45rLJkLL7T1lVWn798IyqYuRdQaBfRho13wz62t+Aze63M42e0nBFZ3Cv9ADlqq1aztbHeW9sfYniLlp+CK0jSG4w9i6IX0hP9e3S84yxr6+8TkPafEm7GmN9pd0u/amtW3SRugidn1d3dtOGRPatSsluVXnHmtxPsbDveXJjIZH5i40Zy2hU58smKaXwP1sS+9mQ91KnZKXGfgOn99M1xwgOCZ3CSk1a77Op9ZTmkE+Az/3l0LENc2H+dkJXWQ/f5lKmvERv1qWjZVF9QQcrz9pmbe231rJt850Pbv8tccxEUq8oL+oJIkoPxVWFGoChAdYA+VQMB0FDajqw94iNpQb0ZRIfWD1L7SXgT9/ZDZ6ZcGEjzgXOPb7MweY06eoaaTaIjxR52t7TKxxvoZU9bpUl3qSTPEX3/8u9GRLhKd1RYiBz+z2MVYVFp2occE5BXOyDbJb7IUsdHCoLedZJQY1NcFrw1fDCB8uAaE3t/0Iusj+IbPTfcki74ROQ2JwKCe+q6Opn6ypNedOefag/iOzANW/YTHXJviuTWdPJxlYKqAJjzwN9kRgOjqc9blJmohGDnPO0syknqW2b53cKcfQuW+URo2MTNNvtOAuVs2oy5y5p3tZXup1nn8LUmcOU14WpK0Fvx0yTt6Gu0xAwtWprbgydRMSsI0pBJpL0pSJZIM2C2uwbacUxqsQo7oQw+w0KkrRe8+HzJNJknwD3YXQ8zRF7BnWcApCRYYLimcmZVg 76y28Vc8 4DKCWJtc4DtxenKW+1tG3KlvPmqkPlfkiZRmMqgRikb4deQy6H8RyAYQ1IZ8/H8ix4DVd/S5UN/STLDzAVYZiclwt2kwBf7lWgyP+V0FKDrKqX5WsMmu5mzU3HeSSs6TrPGfm+waSX0qRu4P3XbQ/lyW9OPqoLig4MTelCvn+GbVBwH8J4EQcobvTRqgbp2mkpy8TLEyr7NrDzjuD6tGAGTuitr9WfI5qdEVt X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Mar 5, 2024 at 12:10=E2=80=AFAM Yan Zhao wro= te: > > On Sat, Mar 02, 2024 at 03:31:07PM +0800, Binbin Wu wrote: > > On 12/13/2023 4:46 AM, Sagi Shahar wrote: > > > The test verifies that the guest runs TDVMCALL and t= he > > > guest vCPU enters to the halted state. > > > > > > Signed-off-by: Erdem Aktas > > > Signed-off-by: Sagi Shahar > > > Signed-off-by: Ackerley Tng > > > Signed-off-by: Ryan Afranji > > > --- > > > .../selftests/kvm/include/x86_64/tdx/tdx.h | 2 + > > > .../selftests/kvm/lib/x86_64/tdx/tdx.c | 10 +++ > > > .../selftests/kvm/x86_64/tdx_vm_tests.c | 78 ++++++++++++++++= +++ > > > 3 files changed, 90 insertions(+) > > > > > > diff --git a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h b/t= ools/testing/selftests/kvm/include/x86_64/tdx/tdx.h > > > index 85ba6aab79a7..b18e39d20498 100644 > > > --- a/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h > > > +++ b/tools/testing/selftests/kvm/include/x86_64/tdx/tdx.h > > > @@ -8,6 +8,7 @@ > > > #define TDG_VP_VMCALL_GET_TD_VM_CALL_INFO 0x10000 > > > #define TDG_VP_VMCALL_REPORT_FATAL_ERROR 0x10003 > > > +#define TDG_VP_VMCALL_INSTRUCTION_HLT 12 > > > #define TDG_VP_VMCALL_INSTRUCTION_IO 30 > > > #define TDG_VP_VMCALL_INSTRUCTION_RDMSR 31 > > > #define TDG_VP_VMCALL_INSTRUCTION_WRMSR 32 > > > @@ -20,5 +21,6 @@ uint64_t tdg_vp_vmcall_get_td_vmcall_info(uint64_t = *r11, uint64_t *r12, > > > uint64_t *r13, uint64_t *r14); > > > uint64_t tdg_vp_vmcall_instruction_rdmsr(uint64_t index, uint64_t *= ret_value); > > > uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_t index, uint64_t v= alue); > > > +uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_fl= ag); > > > #endif // SELFTEST_TDX_TDX_H > > > diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c b/tools= /testing/selftests/kvm/lib/x86_64/tdx/tdx.c > > > index 88ea6f2a6469..9485bafedc38 100644 > > > --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c > > > +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx.c > > > @@ -114,3 +114,13 @@ uint64_t tdg_vp_vmcall_instruction_wrmsr(uint64_= t index, uint64_t value) > > > return __tdx_hypercall(&args, 0); > > > } > > > + > > > +uint64_t tdg_vp_vmcall_instruction_hlt(uint64_t interrupt_blocked_fl= ag) > > > +{ > > > + struct tdx_hypercall_args args =3D { > > > + .r11 =3D TDG_VP_VMCALL_INSTRUCTION_HLT, > > > + .r12 =3D interrupt_blocked_flag, > > > + }; > > > + > > > + return __tdx_hypercall(&args, 0); > > > +} > > > diff --git a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c b/tool= s/testing/selftests/kvm/x86_64/tdx_vm_tests.c > > > index 5db3701cc6d9..5fae4c6e5f95 100644 > > > --- a/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c > > > +++ b/tools/testing/selftests/kvm/x86_64/tdx_vm_tests.c > > > @@ -721,6 +721,83 @@ void verify_guest_msr_writes(void) > > > printf("\t ... PASSED\n"); > > > } > > > +/* > > > + * Verifies HLT functionality. > > > + */ > > > +void guest_hlt(void) > > > +{ > > > + uint64_t ret; > > > + uint64_t interrupt_blocked_flag; > > > + > > > + interrupt_blocked_flag =3D 0; > > > + ret =3D tdg_vp_vmcall_instruction_hlt(interrupt_blocked_flag); > > > + if (ret) > > > + tdx_test_fatal(ret); > > > + > > > + tdx_test_success(); > > > +} > > > + > > > +void _verify_guest_hlt(int signum); > > > + > > > +void wake_me(int interval) > > > +{ > > > + struct sigaction action; > > > + > > > + action.sa_handler =3D _verify_guest_hlt; > > > + sigemptyset(&action.sa_mask); > > > + action.sa_flags =3D 0; > > > + > > > + TEST_ASSERT(sigaction(SIGALRM, &action, NULL) =3D=3D 0, > > > + "Could not set the alarm handler!"); > > > + > > > + alarm(interval); > > > +} > > > + > > > +void _verify_guest_hlt(int signum) > > > +{ > > > + struct kvm_vm *vm; > > > + static struct kvm_vcpu *vcpu; > > > + > > > + /* > > > + * This function will also be called by SIGALRM handler to check = the > > > + * vCPU MP State. If vm has been initialized, then we are in the = signal > > > + * handler. Check the MP state and let the guest run again. > > > + */ > > > + if (vcpu !=3D NULL) { > > > > What if the following case if there is a bug in KVM so that: > > > > In guest, execution of tdg_vp_vmcall_instruction_hlt() return 0, but th= e > > vcpu is not actually halted. Then guest will call tdx_test_success(). > > > > And the first call of _verify_guest_hlt() will call kvm_vm_free(vm) to = free > > the vm, which also frees the vcpu, and 1 second later, in this path vcp= u > > will > > be accessed after free. > > > Right. Another possibility is that if buggy KVM returns success to guest > without putting guest to halted state, the selftest will still print > "PASSED" because the second _verify_guest_hlt() (after waiting for 1s) > has no chance to get executed before the process exits. > It sounds like in both cases we're going to hit an assert at some point. If the VM was already freed then vcpu_mp_state_get will fail the ioctl and assert internally or crash the process. If the guest never halts and vcpu is still valid then the mp state assert will fire. Either way it would be pretty obvious that something is wrong. > > > + struct kvm_mp_state mp_state; > > > + > > > + vcpu_mp_state_get(vcpu, &mp_state); > > > + TEST_ASSERT_EQ(mp_state.mp_state, KVM_MP_STATE_HALTED); > > > + > > > + /* Let the guest to run and finish the test.*/ > > > + mp_state.mp_state =3D KVM_MP_STATE_RUNNABLE; > > > + vcpu_mp_state_set(vcpu, &mp_state); > > > + return; > > > + } > > > + > > > + vm =3D td_create(); > > > + td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); > > > + vcpu =3D td_vcpu_add(vm, 0, guest_hlt); > > > + td_finalize(vm); > > > + > > > + printf("Verifying HLT:\n"); > > > + > > > + printf("\t ... Running guest\n"); > > > + > > > + /* Wait 1 second for guest to execute HLT */ > > > + wake_me(1); > > > + td_vcpu_run(vcpu); > > > + > > > + TDX_TEST_ASSERT_SUCCESS(vcpu); > > > + > > > + kvm_vm_free(vm); > > > + printf("\t ... PASSED\n"); > > > +} > > > + > > > +void verify_guest_hlt(void) > > > +{ > > > + _verify_guest_hlt(0); > > > +} > > > int main(int argc, char **argv) > > > { > > > @@ -740,6 +817,7 @@ int main(int argc, char **argv) > > > run_in_new_process(&verify_guest_reads); > > > run_in_new_process(&verify_guest_msr_writes); > > > run_in_new_process(&verify_guest_msr_reads); > > > + run_in_new_process(&verify_guest_hlt); > > > return 0; > > > } > > > >