Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it t

Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it to mishandle "check" strings with
multiple entries, e.g. a test that depends on multiple module params
- Make the PMU tests depend on vPMU support being enabled in KVM
- Fix PMU's forced emulation test on CPUs with full-width writes
- Add a PMU testcase for measuring TSX transactional cycles
- Nested SVM testcase for virtual NMIs
- Move a pile of code to ASM_TRY() and "safe" helpers
- Set up the guest stack in the LBRV tests so that the tests don't fail if the
compiler decides to generate function calls in guest code
- Ignore the "mispredict" flag in nSVM's LBRV tests to fix false failures
- Clean up usage of helpers that disable interrupts, e.g. stop inserting
unnecessary nops
- Add helpers to dedup code for programming the APIC timer
- Fix a variety of bugs in nVMX testcases related to being a 64-bit host

show more ...

x86/emulator64: Test non-canonical memory access exceptions

A stack based memory access should generate a #SS(0) exception but
QEMU/TCG as of now (7.2) makes all exceptions based on a non-canonical

x86/emulator64: Test non-canonical memory access exceptions

A stack based memory access should generate a #SS(0) exception but
QEMU/TCG as of now (7.2) makes all exceptions based on a non-canonical
address generate a #GP(0) instead (issue linked below).

Add a test that will succeed when run under KVM but fail when using TCG.

Link: https://gitlab.com/qemu-project/qemu/-/issues/928
Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-17-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator64: Switch test_mmx_movq_mf() to ASM_TRY()

Drop the last user of the one-off exception handler by making use of
ASM_TRY() for the #MF test.

Also streamline the multiple scattered asm()

x86/emulator64: Switch test_mmx_movq_mf() to ASM_TRY()

Drop the last user of the one-off exception handler by making use of
ASM_TRY() for the #MF test.

Also streamline the multiple scattered asm() statements into a single
one making use of a real output value instead of hard-coding rax and
relying on the instruction to generate an exception (instead of
clobbering rax and not making gcc aware of it).

As this removes the last user of advance_rip_and_note_exception() we can
remove it for good!

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-16-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator64: Switch test_jmp_noncanonical() to ASM_TRY()

Instead of registering a one-off exception handler, make use of
ASM_TRY() to catch the exception. Also make use of the 'NONCANONICAL'
defi

x86/emulator64: Switch test_jmp_noncanonical() to ASM_TRY()

Instead of registering a one-off exception handler, make use of
ASM_TRY() to catch the exception. Also make use of the 'NONCANONICAL'
define to refer to a non-canonical address.

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-15-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator64: Add non-null selector test

Complement the NULL selector based RPL!=CPL test with a non-NULL one to
ensure the failing segment selector is correctly reported through the
exception err

x86/emulator64: Add non-null selector test

Complement the NULL selector based RPL!=CPL test with a non-NULL one to
ensure the failing segment selector is correctly reported through the
exception error code.

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-14-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator64: Switch test_sreg() to ASM_TRY()

Instead of registering a one-off exception handler, make use of
ASM_TRY() to catch the exception. Also test the error code to match the
failing segmen

x86/emulator64: Switch test_sreg() to ASM_TRY()

Instead of registering a one-off exception handler, make use of
ASM_TRY() to catch the exception. Also test the error code to match the
failing segment selector (NULL) as the code now easily can access it.

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-13-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator64: Relax register constraints for usr_gs_mov()

There's no need to hard-code the registers, allow the compiler to choose
ones that fit.

Signed-off-by: Mathias Krause <minipli@grsecurity

x86/emulator64: Relax register constraints for usr_gs_mov()

There's no need to hard-code the registers, allow the compiler to choose
ones that fit.

Signed-off-by: Mathias Krause <minipli@grsecurity.net>
Link: https://lore.kernel.org/r/20230413184219.36404-12-minipli@grsecurity.net
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

Merge tag 'kvm-x86-2023.04.05' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases:

- Fix goofs in the configuration related to the new FEP access testcas

Merge tag 'kvm-x86-2023.04.05' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases:

- Fix goofs in the configuration related to the new FEP access testcases
- Add a FEP test for an CPL>DPL non-conforming segment load
- Fix issues with the RDPID testcase in the "tsc" test
- Fix various assembler warnings
- Add x2APIC testcases to the "msr" test
- Add PRED_CMD and FLUSH_CMD testscases to the "msr" test

show more ...

x86: Test CPL=3 DS/ES/FS/GS RPL=DPL=0 segment descriptor load

User space loading of DS, ES, FS, or GS is forbidden for a DPL=0
segment descriptor (conforming code segment being an exception).
Verify

x86: Test CPL=3 DS/ES/FS/GS RPL=DPL=0 segment descriptor load

User space loading of DS, ES, FS, or GS is forbidden for a DPL=0
segment descriptor (conforming code segment being an exception).
Verify that #GP is raised if

((segment is a data or nonconforming code segment)
AND ((RPL > DPL) or (CPL > DPL)))

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Link: https://lore.kernel.org/r/20230126013405.2967156-4-mhal@rbox.co
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86/emulator: Make chunks of "emulator" test 32-bit friendly

Extract the emulator tests that are truly 64-bit only (or will require
substantial rework) to a separate file and turn "emulator" into a

x86/emulator: Make chunks of "emulator" test 32-bit friendly

Extract the emulator tests that are truly 64-bit only (or will require
substantial rework) to a separate file and turn "emulator" into a common
test. Many of the tests apply to both 32-bit and 64-bit guests, and the
lack of a 32-bit emulator test makes it awkward to validate instructions
that are 32-bit only, e.g. POP SS.

Opportunistically convert spaces to tabs for the moved code.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220825195939.3959292-4-seanjc@google.com

show more ...