Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it t

Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it to mishandle "check" strings with
multiple entries, e.g. a test that depends on multiple module params
- Make the PMU tests depend on vPMU support being enabled in KVM
- Fix PMU's forced emulation test on CPUs with full-width writes
- Add a PMU testcase for measuring TSX transactional cycles
- Nested SVM testcase for virtual NMIs
- Move a pile of code to ASM_TRY() and "safe" helpers
- Set up the guest stack in the LBRV tests so that the tests don't fail if the
compiler decides to generate function calls in guest code
- Ignore the "mispredict" flag in nSVM's LBRV tests to fix false failures
- Clean up usage of helpers that disable interrupts, e.g. stop inserting
unnecessary nops
- Add helpers to dedup code for programming the APIC timer
- Fix a variety of bugs in nVMX testcases related to being a 64-bit host

show more ...

x86: Drop types.h

The file types.h never declared any types, only exception vectors which
are partially re-defined in processor.h.

Move the remaining vector definitions to processor.h and remove ty

x86: Drop types.h

The file types.h never declared any types, only exception vectors which
are partially re-defined in processor.h.

Move the remaining vector definitions to processor.h and remove types.h,
as all users already include processor.h

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-2-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator: Convert remaining spaces to tabs (indentation)

Fix the remaining instances of bad indentation in the emulator test.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https:

x86/emulator: Convert remaining spaces to tabs (indentation)

Fix the remaining instances of bad indentation in the emulator test.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-6-seanjc@google.com

show more ...

x86/emulator: Test code breakpoint with MOV/POP-SS blocking active

Verify that code breakpoints (#DBs) are suppressed on Intel CPUs when
MOV/POP SS blocking is active, and that #DBs are _not_ suppre

x86/emulator: Test code breakpoint with MOV/POP-SS blocking active

Verify that code breakpoints (#DBs) are suppressed on Intel CPUs when
MOV/POP SS blocking is active, and that #DBs are _not_ suppressed on AMD
CPUs.

If forced emulation is available, verify that KVM correctly emulates both
the MOV/POP SS shadow and the resulting interaction with code breakpoints.

Note, properly testing forced emulation on Intel requires instructing KVM
to clear RFLAGS.RF prior to emulating.

Ideally this test would go in debug.c, but POP SS is disallowed in 64-bit
mode and "debug" is a 64-bit only test. Alternatively, the debug test
could temporarily transition to 32-bit mode, but that relies on the stack
and code being addressable in 32-bit mode, which may not always hold true.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Co-developed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-5-seanjc@google.com

show more ...

x86/emulator: Make chunks of "emulator" test 32-bit friendly

Extract the emulator tests that are truly 64-bit only (or will require
substantial rework) to a separate file and turn "emulator" into a

x86/emulator: Make chunks of "emulator" test 32-bit friendly

Extract the emulator tests that are truly 64-bit only (or will require
substantial rework) to a separate file and turn "emulator" into a common
test. Many of the tests apply to both 32-bit and 64-bit guests, and the
lack of a 32-bit emulator test makes it awkward to validate instructions
that are 32-bit only, e.g. POP SS.

Opportunistically convert spaces to tabs for the moved code.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-4-seanjc@google.com

show more ...

x86/emulator: Move basic "MOV" test to its own helper function

Move the basic "MOV reg, mod/rm" test to its own helper function, there's
no reason to give it special status.

Signed-off-by: Sean Chr

x86/emulator: Move basic "MOV" test to its own helper function

Move the basic "MOV reg, mod/rm" test to its own helper function, there's
no reason to give it special status.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-3-seanjc@google.com

show more ...

x86/emulator: Delete unused declarations (copy-pasted from realmode.c)

Delete unused declarations that were likely copy-pasted from realmode.c.

No functional change intended.

Signed-off-by: Sean C

x86/emulator: Delete unused declarations (copy-pasted from realmode.c)

Delete unused declarations that were likely copy-pasted from realmode.c.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-2-seanjc@google.com

show more ...

x86: Test emulator's handling of LEA with /reg

LEA with a register-direct source operand is illegal. Verify that the
emulator raises #UD.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signe

x86: Test emulator's handling of LEA with /reg

LEA with a register-direct source operand is illegal. Verify that the
emulator raises #UD.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Michal Luczaj <mhal@rbox.co>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-7-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: emulator.c: Use ASM_TRY() for the UD_VECTOR cases

For #UD handling use ASM_TRY() instead of handle_exception().

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Michal Lucz

x86: emulator.c: Use ASM_TRY() for the UD_VECTOR cases

For #UD handling use ASM_TRY() instead of handle_exception().

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Michal Luczaj <mhal@rbox.co>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-6-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Add helper to detect if forced emulation prefix is available

Add a helper to detect whether or not KVM's forced emulation prefix is
available. Use the helper to replace equivalent functionalit

x86: Add helper to detect if forced emulation prefix is available

Add a helper to detect whether or not KVM's forced emulation prefix is
available. Use the helper to replace equivalent functionality in the
emulator test.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-5-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Introduce ASM_TRY_FEP() to handle exceptions on forced emulation

Introduce ASM_TRY_FEP() to allow using the try-catch method to handle
exceptions that occur on forced emulation. ASM_TRY() mish

x86: Introduce ASM_TRY_FEP() to handle exceptions on forced emulation

Introduce ASM_TRY_FEP() to allow using the try-catch method to handle
exceptions that occur on forced emulation. ASM_TRY() mishandles
exceptions thrown by the forced-emulation-triggered emulator. While the
faulting address stored in the exception table points at forced emulation
prefix, when an exceptions comes, RIP is 5 bytes (size of KVM_FEP) ahead
due to KVM advancing RIP to skip the prefix and the exception ends up
unhandled.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-4-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: emulator.c: Save and restore exception handlers

Users of handle_exception() should always save and restore the handlers.
Leave the #UD cases alone, they will be handled separately by converting

x86: emulator.c: Save and restore exception handlers

Users of handle_exception() should always save and restore the handlers.
Leave the #UD cases alone, they will be handled separately by converting
them to ASM_TRY().

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Michal Luczaj <mhal@rbox.co>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Overhaul definitions for DR6 and DR7 bits

Clean up the mess that is debugreg.h to follow the nomenclature used by
the SDM and the kernel (as best as possible). Use the "new" defines in
various

x86: Overhaul definitions for DR6 and DR7 bits

Clean up the mess that is debugreg.h to follow the nomenclature used by
the SDM and the kernel (as best as possible). Use the "new" defines in
various tests. Opportunistically add a define for VMX's extra flag in
vmcs.GUEST_PENDING_DBG_EXCEPTIONS that is set if any DR0-3 trap matched
and was enabled.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220120002923.668708-6-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge remote-tracking branch 'upstream/uefi' into master

Merge UEFI test support into the master branch.

x86 UEFI: Convert x86 test cases to PIC

UEFI loads EFI applications to dynamic runtime addresses, so it requires
all applications to be compiled as PIC (position independent code). PIC
does not allo

x86 UEFI: Convert x86 test cases to PIC

UEFI loads EFI applications to dynamic runtime addresses, so it requires
all applications to be compiled as PIC (position independent code). PIC
does not allow the usage of compile time absolute address.

This commit converts multiple x86 test cases to PIC so they can compile
and run in UEFI:

- x86/cet.efi

- x86/emulator.c: x86/emulator.c depends on lib/x86/usermode.c. But
usermode.c contains non-PIC inline assembly code. This commit converts
lib/x86/usermode.c and x86/emulator.c to PIC, so x86/emulator.c can
compile and run in UEFI.

- x86/vmware_backdoors.c: it depends on lib/x86/usermode.c and now works
without modifications

- x86/eventinj.c

- x86/smap.c

- x86/access.c

- x86/umip.c

Signed-off-by: Zixuan Wang <zixuanwang@google.com>
Message-Id: <20211031055634.894263-4-zxwang42@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Use report_pass(...) instead of report(1/true, ...)

Whitespace is kept consistent with the rest of the file.

Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
Reviewed-by: Thomas Huth <t

Use report_pass(...) instead of report(1/true, ...)

Whitespace is kept consistent with the rest of the file.

Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20211005090921.1816373-6-scgl@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

show more ...

x86: remove use of compiler's memset from emulator.c

Per Sean in discussion of the previous patch, "using the compiler's
memset() in kvm-unit-tests seems inherently dangerous since the tests
are oft

x86: remove use of compiler's memset from emulator.c

Per Sean in discussion of the previous patch, "using the compiler's
memset() in kvm-unit-tests seems inherently dangerous since the tests
are often doing intentionally stupid things."

The string.h memset is already imported through libcflat.h, so let's use
that instead.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Jacob Xu <jacobhxu@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210511015016.815461-2-jacobhxu@google.com>

show more ...

x86: Do not assign values to unaligned pointer to 128 bits

When compiled with clang, the following statement gets converted into a
movaps instructions.
mem->u[0] = 5; mem->u[1] = 6; mem->u[2] = 7; m

x86: Do not assign values to unaligned pointer to 128 bits

When compiled with clang, the following statement gets converted into a
movaps instructions.
mem->u[0] = 5; mem->u[1] = 6; mem->u[2] = 7; mem->u[3] = 8;

Since mem is an unaligned pointer to sse_union, we get a GP when
running. Let's avoid using a pointer to sse_union at all, since doing so
implies that the pointer is aligned to 128 bits.

Fixes: e5e76263b5 ("x86: add additional test cases for sse exceptions to
emulator.c")

Signed-off-by: Jacob Xu <jacobhxu@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20210511015016.815461-1-jacobhxu@google.com>

show more ...

x86: Fix misspelled KVM parameter in error message

KVM module parameter force_emulation_prefix is misspelled with a
"forced"; fix it.

Signed-off-by: Siddharth Chandrasekaran <sidcha@amazon.de>
Mess

x86: Fix misspelled KVM parameter in error message

KVM module parameter force_emulation_prefix is misspelled with a
"forced"; fix it.

Signed-off-by: Siddharth Chandrasekaran <sidcha@amazon.de>
Message-Id: <20210609140217.1514-3-sidcha@amazon.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: add additional test cases for sse exceptions to emulator.c

Add additional test cases for sse instructions for doing unaligned
accesses and accesses that cross page boundaries.

Signed-off-by: J

x86: add additional test cases for sse exceptions to emulator.c

Add additional test cases for sse instructions for doing unaligned
accesses and accesses that cross page boundaries.

Signed-off-by: Jacob Xu <jacobhxu@google.com>
Message-Id: <20210421231258.2583654-2-jacobhxu@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: add movups/movupd sse testcases to emulator.c

Here we add movups/movupd tests corresponding to functionality
introduced in commit 29916968c486 ("kvm: Add emulation for movups/movupd").

Signed-

x86: add movups/movupd sse testcases to emulator.c

Here we add movups/movupd tests corresponding to functionality
introduced in commit 29916968c486 ("kvm: Add emulation for movups/movupd").

Signed-off-by: Jacob Xu <jacobhxu@google.com>
Message-Id: <20210421231258.2583654-1-jacobhxu@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Add a new test case for ret/iret with a nullified segment

This makes up the test case for the following QEMU patch:
http://patchwork.ozlabs.org/project/qemu-devel/patch/1605261378-77971-1-git-s

x86: Add a new test case for ret/iret with a nullified segment

This makes up the test case for the following QEMU patch:
http://patchwork.ozlabs.org/project/qemu-devel/patch/1605261378-77971-1-git-send-email-bmeng.cn@gmail.com/

Note the test case only fails on an unpatched QEMU with "accel=tcg".

Signed-off-by: Bin Meng <bin.meng@windriver.com>
Message-Id: <1606206780-80123-1-git-send-email-bmeng.cn@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Replace instruction prefixes with spaces

There are three kinds of x86 prefix delimiters in GNU binutils:
'/', '\\' and a space.

The first works on Linux and few other platforms. The second on

x86: Replace instruction prefixes with spaces

There are three kinds of x86 prefix delimiters in GNU binutils:
'/', '\\' and a space.

The first works on Linux and few other platforms. The second one is
SVR-4 compatible and works on the generic elf target. The last kind is
universal and works everywhere, it's also used in the GAS manual [1].
Space delimiters fix the build errors on x86_64-elf binutils:

x86/cstart64.S:217: Error: invalid character '/' in mnemonic
x86/cstart64.S:313: Error: invalid character '/' in mnemonic

1. https://sourceware.org/binutils/docs/as/i386_002dPrefixes.html

Cc: Cameron Esfahani <dirty@apple.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200901085056.33391-3-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: always set up SMP

Currently setup_vm cannot assume that it can invoke IPIs, and therefore
only initializes CR0/CR3/CR4 on the CPU it runs on. In order to keep the
initialization code clean, le

x86: always set up SMP

Currently setup_vm cannot assume that it can invoke IPIs, and therefore
only initializes CR0/CR3/CR4 on the CPU it runs on. In order to keep the
initialization code clean, let's just call smp_init (and therefore
setup_idt) unconditionally.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: emulator: use "SSE2" for the target

The movdqu and movapd instructions are SSE2 instructions. Clang
interprets the __attribute__((target("sse"))) as allowing SSE only
instructions. Using SSE2 i

x86: emulator: use "SSE2" for the target

The movdqu and movapd instructions are SSE2 instructions. Clang
interprets the __attribute__((target("sse"))) as allowing SSE only
instructions. Using SSE2 instructions cause an error.

Signed-off-by: Bill Wendling <morbo@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...