lib: Use vmalloc.h for setup_mmu definition

There is no good reason to put setup_vm in libcflat.h when it's
defined in vmalloc.h.

Acked-by: Andrew Jones <andrew.jones@linux.dev>
Signed-off-by: Nich

lib: Use vmalloc.h for setup_mmu definition

There is no good reason to put setup_vm in libcflat.h when it's
defined in vmalloc.h.

Acked-by: Andrew Jones <andrew.jones@linux.dev>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Message-ID: <20240504122841.1177683-24-npiggin@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>

show more ...

Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it t

Merge tag 'kvm-x86-2023.09.01' of https://github.com/kvm-x86/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new testcases, and a few generic changes

- Fix a bug in runtime.bash that caused it to mishandle "check" strings with
multiple entries, e.g. a test that depends on multiple module params
- Make the PMU tests depend on vPMU support being enabled in KVM
- Fix PMU's forced emulation test on CPUs with full-width writes
- Add a PMU testcase for measuring TSX transactional cycles
- Nested SVM testcase for virtual NMIs
- Move a pile of code to ASM_TRY() and "safe" helpers
- Set up the guest stack in the LBRV tests so that the tests don't fail if the
compiler decides to generate function calls in guest code
- Ignore the "mispredict" flag in nSVM's LBRV tests to fix false failures
- Clean up usage of helpers that disable interrupts, e.g. stop inserting
unnecessary nops
- Add helpers to dedup code for programming the APIC timer
- Fix a variety of bugs in nVMX testcases related to being a 64-bit host

show more ...

x86: replace irq_{enable|disable}() with sti()/cli()

This removes a layer of indirection which is strictly
speaking not needed since its x86 code anyway.

Signed-off-by: Maxim Levitsky <mlevitsk@red

x86: replace irq_{enable|disable}() with sti()/cli()

This removes a layer of indirection which is strictly
speaking not needed since its x86 code anyway.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
Link: https://lore.kernel.org/r/20221122161152.293072-2-mlevitsk@redhat.com
[sean: move and reword IRQ shadow to be above and about safe_halt()]
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

Merge branch 'arm/queue' into 'master'

arm/arm64: EFI support, arm64 backtrace support, PMU test improvements, and more

See merge request kvm-unit-tests/kvm-unit-tests!43

lib/acpi: Extend the definition of the FADT table

This change add more fields in the APCI table FADT to allow for the
discovery of the PSCI conduit in arm64 systems. The definition for
FADT is simil

lib/acpi: Extend the definition of the FADT table

This change add more fields in the APCI table FADT to allow for the
discovery of the PSCI conduit in arm64 systems. The definition for
FADT is similar to the one in include/acpi/actbl.h in Linux.

Signed-off-by: Nikos Nikoleris <nikos.nikoleris@arm.com>
Reviewed-by: Ricardo Koller <ricarkol@google.com>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Shaoqin Huang <shahuang@redhat.com>
Signed-off-by: Andrew Jones <andrew.jones@linux.dev>

show more ...

lib/acpi: Convert table names to Linux style

kvm-unit-tests is about to import several table struct definitions from
Linux, convert the names of the existing tables to follow the Linux style.

This

lib/acpi: Convert table names to Linux style

kvm-unit-tests is about to import several table struct definitions from
Linux, convert the names of the existing tables to follow the Linux style.

This is purely a cosmetic change and no functional change is intended.

Signed-off-by: Nikos Nikoleris <nikos.nikoleris@arm.com>
Signed-off-by: Andrew Jones <andrew.jones@linux.dev>

show more ...

lib: Move acpi header and implementation to lib

Move acpi.h to lib to make it available for other architectures.

Signed-off-by: Nikos Nikoleris <nikos.nikoleris@arm.com>
Reviewed-by: Shaoqin Huang

lib: Move acpi header and implementation to lib

Move acpi.h to lib to make it available for other architectures.

Signed-off-by: Nikos Nikoleris <nikos.nikoleris@arm.com>
Reviewed-by: Shaoqin Huang <shahuang@redhat.com>
Signed-off-by: Andrew Jones <andrew.jones@linux.dev>

show more ...

x86: Add define for MSR_IA32_PRED_CMD's PRED_CMD_IBPB (bit 0)

Add a define for PRED_CMD_IBPB and use it to replace the open coded '1' in
the nVMX library.

Signed-off-by: Sean Christopherson <seanjc

x86: Add define for MSR_IA32_PRED_CMD's PRED_CMD_IBPB (bit 0)

Add a define for PRED_CMD_IBPB and use it to replace the open coded '1' in
the nVMX library.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20230328050231.3008531-2-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Add define for MSR_IA32_PRED_CMD's PRED_CMD_IBPB (bit 0)

Add a define for PRED_CMD_IBPB and use it to replace the open coded '1' in
the VM-Exit test.

Link: https://lore.kernel.org/r/2023032805

x86: Add define for MSR_IA32_PRED_CMD's PRED_CMD_IBPB (bit 0)

Add a define for PRED_CMD_IBPB and use it to replace the open coded '1' in
the VM-Exit test.

Link: https://lore.kernel.org/r/20230328050231.3008531-2-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

Merge tag 'for_paolo' of https://github.com/sean-jc/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new sub-tests:

- Bug fix for the VMX-preemption timer expiration test
- Refactor SVM tests

Merge tag 'for_paolo' of https://github.com/sean-jc/kvm-unit-tests into HEAD

x86 fixes, cleanups, and new sub-tests:

- Bug fix for the VMX-preemption timer expiration test
- Refactor SVM tests to split out NPT tests
- Add tests for MCE banks to MSR test
- Add SMP Support for x86 UEFI tests
- x86: nVMX: Add VMXON #UD test (and exception cleanup)
- PMU cleanup and related nVMX bug fixes

show more ...

nVMX: Move wrappers of this_cpu_has() to nVMX's VM-Exit test

Move wrappers of this_cpu_has() whose sole purpose is to be queried as a
callback in VM-Exit tests into vmxexit.c in order to discourage

nVMX: Move wrappers of this_cpu_has() to nVMX's VM-Exit test

Move wrappers of this_cpu_has() whose sole purpose is to be queried as a
callback in VM-Exit tests into vmxexit.c in order to discourage general
use, i.e. force tests to use this_cpu_has().

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

vmexit: add test toggling CR0.WP and CR4.PGE

CR0.WP changes the MMU permissions but does not cause a TLB flush;
CR4.PGE is the opposite (at least as far as KVM as concerned).

This makes both of the

vmexit: add test toggling CR0.WP and CR4.PGE

CR0.WP changes the MMU permissions but does not cause a TLB flush;
CR4.PGE is the opposite (at least as far as KVM as concerned).

This makes both of them interesting from a performance perspective,
so add new vmexit tests.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Consistently use safe_halt() in place of inline assembly

The safe_halt() library function simply performs an 'sti; hlt'
instruction sequence. There are several places where bare inline
assembly

x86: Consistently use safe_halt() in place of inline assembly

The safe_halt() library function simply performs an 'sti; hlt'
instruction sequence. There are several places where bare inline
assembly was used instead of this helper. Replace all open-coded
implementations with the helper.

No functional change intended.

Signed-off-by: Oliver Upton <oupton@google.com>
Message-Id: <20211019225351.970397-1-oupton@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: remove extra includes

Remove extra includes.

Signed-off-by: Pankaj Gupta <pankaj.gupta@cloud.ionos.com>
Message-Id: <20201118152447.7638-1-pankaj.gupta.linux@gmail.com>
Signed-off-by: Paolo Bo

x86: remove extra includes

Remove extra includes.

Signed-off-by: Pankaj Gupta <pankaj.gupta@cloud.ionos.com>
Message-Id: <20201118152447.7638-1-pankaj.gupta.linux@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: always set up SMP

Currently setup_vm cannot assume that it can invoke IPIs, and therefore
only initializes CR0/CR3/CR4 on the CPU it runs on. In order to keep the
initialization code clean, le

x86: always set up SMP

Currently setup_vm cannot assume that it can invoke IPIs, and therefore
only initializes CR0/CR3/CR4 on the CPU it runs on. In order to keep the
initialization code clean, let's just call smp_init (and therefore
setup_idt) unconditionally.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: add tests for MSR_IA32_TSX_CTRL

Tested-by: Jim Mattson <jmattson@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

vmexit: measure IPI and EOI cost

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

x86: Attempt to parse ACPI tables only when needed

Parsing the ACPI tables to find the PM timer port hits a #PF on 32-bit
unit tests. Regardless of what is causing the #PF, move the parsing to
the

x86: Attempt to parse ACPI tables only when needed

Parsing the ACPI tables to find the PM timer port hits a #PF on 32-bit
unit tests. Regardless of what is causing the #PF, move the parsing to
the pmtimer test to unblock the other VM-Exit tests.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

kvm-unit-test: x86: Replace cpuid/cpuid_indexed calls with this_cpu_has()

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Signed-off-b

kvm-unit-test: x86: Replace cpuid/cpuid_indexed calls with this_cpu_has()

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Add a wrapper to check if the CPU supports NX bit in MSR_EFER

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Signed-off-by: Paol

x86: Add a wrapper to check if the CPU supports NX bit in MSR_EFER

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Karl Heubaum <karl.heubaum@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Add leak scenario to virt_x2apic_mode_test

While working on virt_x2apic_mode_test, we noticed that KVM allows for a
buggy or malicious L1 to get at L0's x2APIC MSRs via nested. The issue
is in KVM's

Add leak scenario to virt_x2apic_mode_test

While working on virt_x2apic_mode_test, we noticed that KVM allows for a
buggy or malicious L1 to get at L0's x2APIC MSRs via nested. The issue
is in KVM's nested_vmx_prepare_msr_bitmap() function. Specifically, an L1
can execute the following sequence:

1. WRMSR(IA32_SPEC_CTRL, 1), which causes the spec_ctrl variable, in
nested_vmx_prepare_msr_bitmap() to become true.
2. Clear "virtualize x2APIC mode"
3. Set "APIC-register virualization"

Then, KVM will copy L1's MSR bitmap for the x2APIC MSR range into L0,
and run L2 with "Virtualize x2APIC mode" disabled, which gives L2
unfettered access to L0's x2APIC msrs.

Thus, this patch extends virt_x2apic_mode_test with a test case for this
scenario.

Note, this patch was used to discover and fix the issue described in the
KVM patch titled "KVM: x86: nVMX: close leak of L0's x2APIC MSRs".

Signed-off-by: Marc Orr <marcorr@google.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Mark many test functions as static

... so we can compile these files with -Wmissing-prototypes, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1530086528-21665-5-git-send-email-thu

Mark many test functions as static

... so we can compile these files with -Wmissing-prototypes, too.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1530086528-21665-5-git-send-email-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: move TSC_ADJUST MSR to msr.h

The MSR is defined in two places, and a third is coming. Centralize
the definition.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

add vmexit tests for IBRS and IBPB

Results on Haswell:

wr_ibrs_msr 506 (actually ~250, because the test writes twice)
wr_ibpb_msr 4212

Yuck.

Signed-off-by: Paolo Bonzini <pbonzini@redha

add vmexit tests for IBRS and IBPB

Results on Haswell:

wr_ibrs_msr 506 (actually ~250, because the test writes twice)
wr_ibpb_msr 4212

Yuck.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

vmexit: add MSR_KERNEL_GS_BASE test