Lines Matching +full:sub +full:- +full:units
51 int pos = -1; in ffs()
156 if (((rdtsc() - tsc_val) >> preempt_scale) in preemption_timer_main()
183 report(((rdtsc() - tsc_val) >> preempt_scale) >= preempt_val, in preemption_timer_exit_handler()
184 "busy-wait for preemption timer"); in preemption_timer_exit_handler()
191 report(((rdtsc() - tsc_val) >> preempt_scale) >= preempt_val in preemption_timer_exit_handler()
228 report_fail("busy-wait for preemption timer"); in preemption_timer_exit_handler()
659 report(vmx_get_test_stage() == 0, "I/O bitmap - I/O pass"); in iobmp_main()
664 report(vmx_get_test_stage() == 3, "I/O bitmap - trap in"); in iobmp_main()
667 report(vmx_get_test_stage() == 4, "I/O bitmap - trap out"); in iobmp_main()
670 report(vmx_get_test_stage() == 5, "I/O bitmap - I/O width, long"); in iobmp_main()
675 report(vmx_get_test_stage() == 6, "I/O bitmap - I/O port, low part"); in iobmp_main()
679 report(vmx_get_test_stage() == 7, "I/O bitmap - I/O port, high part"); in iobmp_main()
683 report(vmx_get_test_stage() == 8, "I/O bitmap - partial pass"); in iobmp_main()
689 report(vmx_get_test_stage() == 9, "I/O bitmap - overrun"); in iobmp_main()
694 "I/O bitmap - ignore unconditional exiting"); in iobmp_main()
699 "I/O bitmap - unconditional exiting"); in iobmp_main()
720 "I/O bitmap - I/O width, byte"); in iobmp_exit_handler()
722 "I/O bitmap - I/O direction, in"); in iobmp_exit_handler()
727 "I/O bitmap - I/O width, word"); in iobmp_exit_handler()
729 "I/O bitmap - I/O direction, out"); in iobmp_exit_handler()
734 "I/O bitmap - I/O width, long"); in iobmp_exit_handler()
887 // Flags for Primary Processor-Based VM-Execution Controls
904 // Flags for Secondary Processor-Based VM-Execution Controls
950 insn_table[cur_insn].type - INSN_CPU0, in insn_intercept_main()
973 insn_table[cur_insn].type - INSN_CPU0, in insn_intercept_main()
1035 * __setup_ept - Setup the VMCS fields to enable Extended Page Tables (EPT)
1036 * @hpa: Host physical address of the top-level, a.k.a. root, EPT table
1041 * Note that @hpa doesn't need to point at actual memory if VM-Launch is
1058 /* Support for 4-level EPT is mandatory. */ in __setup_ept()
1059 report(false, "4-level EPT support check"); in __setup_ept()
1078 * setup_ept - Enable Extended Page Tables (EPT) and setup an identity map
1108 * setup_dummy_ept - Enable Extended Page Tables (EPT) with a dummy root HPA
1110 * Setup EPT using a semi-arbitrary dummy root HPA. This function is intended
1205 report_fail("EPT basic framework - read"); in ept_common()
1214 report_pass("EPT basic framework - remap"); in ept_common()
1234 report(vmx_get_test_stage() == 4, "EPT violation - page permission"); in ept_common()
1239 report(vmx_get_test_stage() == 5, "EPT violation - paging structure"); in ept_common()
1246 report(vmx_get_test_stage() == 6, "MMIO EPT violation - read"); in ept_common()
1249 report(vmx_get_test_stage() == 7, "MMIO EPT violation - write"); in ept_common()
1258 report(*((u32 *)0xfee00030UL) == apic_version, "EPT - MMIO access"); in ept_main()
1262 report(vmx_get_test_stage() == 8, "EPT - unsupported INVEPT"); in ept_main()
1319 vmcs_write(GUEST_PML_INDEX, PML_INDEX - 1); in pml_exit_handler()
1365 report_fail("EPT basic framework - write"); in ept_exit_handler_common()
1407 report_fail("ERROR - unexpected stage, %d.", in ept_exit_handler_common()
1426 report_fail("ERROR - unexpected stage, %d.", in ept_exit_handler_common()
1434 * Exit-qualifications are masked not to account for advanced in ept_exit_handler_common()
1435 * VM-exit information. Once KVM supports this feature, this in ept_exit_handler_common()
1531 vmcs_write(GUEST_PML_INDEX, PML_INDEX - 1); in pml_init()
1546 report(vmx_get_test_stage() == 1, "PML - Dirty GPA Logging"); in pml_main()
1618 report(rdtsc() - start > 1000000 && timer_fired, in interrupt_main()
1630 report(rdtsc() - start > 10000 && timer_fired, in interrupt_main()
1643 report(rdtsc() - start > 10000 && timer_fired, in interrupt_main()
1656 report(rdtsc() - start > 10000 && timer_fired, in interrupt_main()
1777 vmx_set_test_stage(-1); in nmi_hlt_main()
1786 report((rdtsc() - start > NMI_DELAY) && nmi_fired, in nmi_hlt_main()
1789 vmx_set_test_stage(-1); in nmi_hlt_main()
1797 report((rdtsc() - start > NMI_DELAY) && !nmi_fired, in nmi_hlt_main()
1801 vmx_set_test_stage(-1); in nmi_hlt_main()
2025 if (result->vm_fail) { in msr_switch_entry_failure()
2026 printf("ERROR %s: VM-Fail on %s\n", __func__, result->instr); in msr_switch_entry_failure()
2030 if (result->exit_reason.failed_vmentry && in msr_switch_entry_failure()
2031 result->exit_reason.basic == VMX_FAIL_MSR && in msr_switch_entry_failure()
2038 __func__, vmx_get_test_stage(), result->exit_reason.full); in msr_switch_entry_failure()
2096 regs->rip += 3; in disable_rdtscp_ud_handler()
2101 regs->rip += 4; in disable_rdtscp_ud_handler()
2309 * Force the guest to flush its TLB (i.e., flush gva -> gpa mappings). Only
2334 pte = (orig_pte & ~EPT_ADDR_MASK) | data->hpa | EPT_LARGE_PAGE; in ept_twiddle()
2373 op == OP_EXEC ? data->gva + 1 : data->gva)); in do_ept_violation()
2390 orig_pte = ept_twiddle(data->gpa, mkhuge, level, clear, set); in ept_violation_at_level_mkhuge()
2393 op == OP_EXEC ? data->gpa + sizeof(unsigned long) : in ept_violation_at_level_mkhuge()
2394 data->gpa); in ept_violation_at_level_mkhuge()
2397 ept_untwiddle(data->gpa, level, orig_pte); in ept_violation_at_level_mkhuge()
2432 * guest memory access, the hardware does GVA -> GPA -> HPA. However, certain
2434 * page table walk. For example, in translating GVA_1 -> GPA_1, the guest MMU
2469 /* Modify the guest PTE mapping data->gva according to @pte_ad. */ in ept_access_paddr()
2470 ptep = get_pte_level(current_page_table(), data->gva, /*level=*/1); in ept_access_paddr()
2472 TEST_ASSERT_EQ(*ptep & PT_ADDR_MASK, data->gpa); in ept_access_paddr()
2481 * the guest: data->gva is at the beginning of a 1G huge page, thus the in ept_access_paddr()
2505 for (i = EPT_PAGE_LEVEL; i > 0; i--) { in ept_access_paddr()
2530 /*expected_qual=*/-1); in ept_access_allowed_paddr()
2551 orig_pte = ept_twiddle(data->gpa, mkhuge, level, clear, set); in ept_allowed_at_level_mkhuge()
2557 ept_untwiddle(data->gpa, level, orig_pte); in ept_allowed_at_level_mkhuge()
2604 orig_pte = ept_twiddle(data->gpa, mkhuge, level, clear, set); in ept_misconfig_at_level_mkhuge_op()
2624 op == OP_EXEC ? data->gva + 1 : data->gva)); in ept_misconfig_at_level_mkhuge_op()
2628 ept_untwiddle(data->gpa, level, orig_pte); in ept_misconfig_at_level_mkhuge_op()
2669 /* Making the entry non-present turns reserved bits into ignored. */ in ept_reserved_bit_at_level_nohuge()
2679 /* Making the entry non-present turns reserved bits into ignored. */ in ept_reserved_bit_at_level_huge()
2689 /* Making the entry non-present turns reserved bits into ignored. */ in ept_reserved_bit_at_level()
2723 int (*code)(void) = (int (*)(void)) &data->gva[1]; in ept_access_test_guest()
2726 switch (data->op) { in ept_access_test_guest()
2728 TEST_ASSERT_EQ(*data->gva, MAGIC_VAL_1); in ept_access_test_guest()
2731 *data->gva = MAGIC_VAL_2; in ept_access_test_guest()
2732 TEST_ASSERT_EQ(*data->gva, MAGIC_VAL_2); in ept_access_test_guest()
2733 *data->gva = MAGIC_VAL_1; in ept_access_test_guest()
2744 TEST_ASSERT_MSG(false, "Unknown op %d", data->op); in ept_access_test_guest()
2761 /* We use data->gpa = 1 << 39 so that test data has a separate pml4 entry */ in ept_access_test_setup()
2768 data->hva = get_1g_page(); in ept_access_test_setup()
2769 TEST_ASSERT(data->hva); in ept_access_test_setup()
2770 data->hpa = virt_to_phys(data->hva); in ept_access_test_setup()
2772 data->gpa = 1ul << 39; in ept_access_test_setup()
2773 data->gva = (void *) ALIGN((unsigned long) alloc_vpages(npages * 2), in ept_access_test_setup()
2775 TEST_ASSERT(!any_present_pages(page_table, data->gva, size)); in ept_access_test_setup()
2776 install_pages(page_table, data->gpa, size, data->gva); in ept_access_test_setup()
2782 TEST_ASSERT(get_ept_pte(pml4, data->gpa, 4, &pte) && pte == 0); in ept_access_test_setup()
2783 TEST_ASSERT(get_ept_pte(pml4, data->gpa + size - 1, 4, &pte) && pte == 0); in ept_access_test_setup()
2784 install_ept(pml4, data->hpa, data->gpa, EPT_PRESENT); in ept_access_test_setup()
2786 data->hva[0] = MAGIC_VAL_1; in ept_access_test_setup()
2787 memcpy(&data->hva[1], &ret42_start, &ret42_end - &ret42_start); in ept_access_test_setup()
2793 /* --- */ in ept_access_test_not_present()
2803 /* r-- */ in ept_access_test_read_only()
2812 /* -w- */ in ept_access_test_write_only()
2819 /* rw- */ in ept_access_test_read_write()
2830 /* --x */ in ept_access_test_execute_only()
2845 /* r-x */ in ept_access_test_read_execute()
2855 /* -wx */ in ept_access_test_write_execute()
2883 /* Level-specific reserved bits. */ in ept_access_test_reserved_bits()
2917 * EPTP. Bit 63 is ignored because "EPT-violation #VE" VM-execution in ept_access_test_ignored_bits()
2981 /* Both A and D already set, so read-only is OK. */ in ept_access_test_paddr_read_only_ad_disabled()
3013 /* Read-write access to paging structure. */ in ept_access_test_paddr_read_write()
3049 /* Both A and D already set, so read-only is OK. */ in ept_access_test_paddr_read_execute_ad_disabled()
3083 * page is read-only in EPT but GVA is also mapped read only in PT. in ept_access_test_paddr_not_present_page_fault()
3141 u64 type = ffs(ept_vpid.val >> VPID_CAP_INVVPID_TYPES_SHIFT) - 1; in get_first_supported_invvpid_type()
3156 * The SS override is ignored in 64-bit mode, so we use an addressing
3162 asm volatile("sub %%rsp,%0; invvpid (%%rsp,%0,1), %1" in ss_invvpid()
3173 report(fault, "INVVPID with non-canonical DS operand raises #GP"); in invvpid_test_gp()
3182 report(fault, "INVVPID with non-canonical SS operand raises #SS"); in invvpid_test_ss()
3260 operand->vpid = 0xffff; in invvpid_test_lam()
3261 operand->gla = (u64)vaddr; in invvpid_test_lam()
3277 * This does not test real-address mode, virtual-8086 mode, protected mode,
3304 for (i = -127; i < 128; i++) in invvpid_test()
3323 * The gla operand is only validated for single-address INVVPID. in invvpid_test()
3346 * This version is wildly unsafe and should _only_ be used to test VM-Fail
3355 * Don't bother with any prep work, if VMLAUNCH passes the VM-Fail in test_vmx_vmlaunch_must_fail()
3356 * consistency checks and generates a VM-Exit, then the test is doomed in test_vmx_vmlaunch_must_fail()
3365 * at least as far as the guest-state checks. Returns false if the
3376 * to see if a failed VM-entry sets VMX_INST_ERR as expected. in vmlaunch()
3439 * Test a particular value of a VM-execution control bit, if the value
3481 * Test reserved values of a VM-execution control bit, based on the
3492 * Reserved bits in the pin-based VM-execution controls must be set
3504 test_rsvd_ctl_bit("pin-based controls", in test_pin_based_ctls()
3509 * Reserved bits in the primary processor-based VM-execution controls
3521 test_rsvd_ctl_bit("primary processor-based controls", in test_primary_processor_based_ctls()
3526 * If the "activate secondary controls" primary processor-based
3527 * VM-execution control is 1, reserved bits in the secondary
3528 * processor-based VM-execution controls must be cleared. Software may
3531 * If the "activate secondary controls" primary processor-based
3532 * VM-execution control is 0 (or if the processor does not support the
3533 * 1-setting of that control), no checks are performed on the
3534 * secondary processor-based VM-execution controls.
3552 test_rsvd_ctl_bit("secondary processor-based controls", in test_secondary_processor_based_ctls()
3556 * When the "activate secondary controls" VM-execution control in test_secondary_processor_based_ctls()
3562 "Secondary processor-based controls ignored"); in test_secondary_processor_based_ctls()
3579 * The CR3-target count must not be greater than 4. Future processors
3580 * may support a different number of CR3-target values. Software
3594 try_cr3_target_count(-1u, supported_targets); in test_cr3_targets()
3619 addr > fwcfg_get_u64(FW_CFG_RAM_SIZE) - align && in test_vmcs_addr()
3648 skip_beyond_mapped_ram, PAGE_SIZE - 1); in test_vmcs_addr_values()
3653 (1ul << cpuid_maxphyaddr()) - PAGE_SIZE); in test_vmcs_addr_values()
3655 skip_beyond_mapped_ram, -1ul); in test_vmcs_addr_values()
3713 * If the "use I/O bitmaps" VM-execution control is 1, bits 11:0 of
3714 * each I/O-bitmap address must be 0. Neither address should set any
3715 * bits beyond the processor's physical-address width.
3729 * If the "use MSR bitmaps" VM-execution control is 1, bits 11:0 of
3730 * the MSR-bitmap address must be 0. The address should not set any
3731 * bits beyond the processor's physical-address width.
3742 * If the "use TPR shadow" VM-execution control is 1, the virtual-APIC
3744 * - Bits 11:0 of the address must be 0.
3745 * - The address should not set any bits beyond the processor's
3746 * physical-address width.
3752 * Ensure the processor will never use the virtual-APIC page, since in test_apic_virt_addr()
3759 "virtual-APIC address", "Use TPR shadow", in test_apic_virt_addr()
3765 * If the "virtualize APIC-accesses" VM-execution control is 1, the
3766 * APIC-access address must satisfy the following checks:
3767 * - Bits 11:0 of the address must be 0.
3768 * - The address should not set any bits beyond the processor's
3769 * physical-address width.
3779 "APIC-access address", in test_apic_access_addr()
3780 "virtualize APIC-accesses", PAGE_SIZE, in test_apic_access_addr()
3806 * If the "use TPR shadow" VM-execution control is 0, the following
3807 * VM-execution controls must also be 0:
3808 * - virtualize x2APIC mode
3809 * - APIC-register virtualization
3810 * - virtual-interrupt delivery
3813 * 2. If the "virtualize x2APIC mode" VM-execution control is 1, the
3814 * "virtualize APIC accesses" VM-execution control must be 0.
3851 …_pushf("Use TPR shadow %s, virtualize x2APIC mode %s, APIC-register virtualization %s, virtual-int… in test_apic_virtual_ctls()
3906 * If the "virtual-interrupt delivery" VM-execution control is 1, the
3907 * "external-interrupt exiting" VM-execution control must be 1.
3926 report_prefix_pushf("Virtualize interrupt-delivery disabled; external-interrupt exiting disabled"); in test_virtual_intr_ctls()
3931 report_prefix_pushf("Virtualize interrupt-delivery enabled; external-interrupt exiting disabled"); in test_virtual_intr_ctls()
3936 report_prefix_pushf("Virtualize interrupt-delivery enabled; external-interrupt exiting enabled"); in test_virtual_intr_ctls()
3941 report_prefix_pushf("Virtualize interrupt-delivery enabled; external-interrupt exiting disabled"); in test_virtual_intr_ctls()
3953 …report_prefix_pushf("Process-posted-interrupts enabled; posted-interrupt-descriptor-address 0x%lx"… in test_pi_desc_addr()
3962 * If the "process posted interrupts" VM-execution control is 1, the
3965 * - The "virtual-interrupt delivery" VM-execution control is 1.
3966 * - The "acknowledge interrupt on exit" VM-exit control is 1.
3967 * - The posted-interrupt notification vector has a value in the
3968 * - range 0 - 255 (bits 15:8 are all 0).
3969 * - Bits 5:0 of the posted-interrupt descriptor address are all 0.
3970 * - The posted-interrupt descriptor address does not set any bits
3971 * beyond the processor's physical-address width.
3995 * Test virtual-interrupt-delivery and acknowledge-interrupt-on-exit in test_posted_intr()
4001 report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled"); in test_posted_intr()
4007 report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled"); in test_posted_intr()
4013 …report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled; acknow… in test_posted_intr()
4019 …report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled; acknow… in test_posted_intr()
4025 …report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery disabled; ackno… in test_posted_intr()
4031 …report_prefix_pushf("Process-posted-interrupts enabled; virtual-interrupt-delivery enabled; acknow… in test_posted_intr()
4036 * Test posted-interrupt notification vector in test_posted_intr()
4041 …report_prefix_pushf("Process-posted-interrupts enabled; posted-interrupt-notification-vector %u", … in test_posted_intr()
4048 …report_prefix_pushf("Process-posted-interrupts enabled; posted-interrupt-notification-vector %u", … in test_posted_intr()
4055 …report_prefix_pushf("Process-posted-interrupts enabled; posted-interrupt-notification-vector %u", … in test_posted_intr()
4060 * Test posted-interrupt descriptor address in test_posted_intr()
4073 test_vmcs_addr_values("process-posted interrupts", in test_posted_intr()
4092 * If the "enable VPID" VM-execution control is 1, the value of the
4093 * of the VPID VM-execution control field must not be 0000H.
4177 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4178 "RESERVED interruption type invalid [-]", in test_invalid_event_injection()
4186 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4195 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4196 "(OTHER EVENT && vector != 0) invalid [-]", in test_invalid_event_injection()
4204 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4205 "(NMI && vector != 2) invalid [-]", ent_intr_info); in test_invalid_event_injection()
4212 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4223 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4224 "(HW exception && vector > 31) invalid [-]", in test_invalid_event_injection()
4231 * deliver-error-code is 1 iff either in test_invalid_event_injection()
4232 * (a) the "unrestricted guest" VM-execution control is 0 in test_invalid_event_injection()
4242 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4243 "error code <-> (!URG || prot_mode) [-]", in test_invalid_event_injection()
4255 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4256 "error code <-> (!URG || prot_mode) [+]", in test_invalid_event_injection()
4268 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4269 "error code <-> (!URG || prot_mode) [-]", in test_invalid_event_injection()
4278 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4279 "error code <-> (!URG || prot_mode) [-]", in test_invalid_event_injection()
4295 /* deliver-error-code is 1 iff the interruption type is HW exception */ in test_invalid_event_injection()
4296 report_prefix_push("error code <-> HW exception"); in test_invalid_event_injection()
4305 report_prefix_pushf("VM-entry intr info=0x%x [-]", in test_invalid_event_injection()
4318 * deliver-error-code is 1 iff the the vector in test_invalid_event_injection()
4321 report_prefix_push("error code <-> vector delivers error code"); in test_invalid_event_injection()
4346 report_prefix_pushf("VM-entry intr info=0x%x [-]", in test_invalid_event_injection()
4361 report_prefix_pushf("VM-entry intr info=0x%x [+]", in test_invalid_event_injection()
4376 report_prefix_pushf("VM-entry intr info=0x%x [-]", in test_invalid_event_injection()
4385 * If deliver-error-code is 1 in test_invalid_event_injection()
4386 * bits 31:16 of the VM-entry exception error-code field are 0. in test_invalid_event_injection()
4390 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4391 "VM-entry exception error code[31:16] clear", in test_invalid_event_injection()
4396 report_prefix_pushf("VM-entry intr error=0x%x [-]", in test_invalid_event_injection()
4407 * or privileged software exception, the VM-entry instruction-length in test_invalid_event_injection()
4408 * field is in the range 0 - 15. in test_invalid_event_injection()
4426 report_prefix_pushf("%s, VM-entry intr info=0x%x", in test_invalid_event_injection()
4427 "VM-entry instruction-length check", in test_invalid_event_injection()
4431 /* Instruction length set to -1 (0xFFFFFFFF) should fail */ in test_invalid_event_injection()
4432 ent_intr_len = -1; in test_invalid_event_injection()
4433 report_prefix_pushf("VM-entry intr length = 0x%x [-]", in test_invalid_event_injection()
4441 report_prefix_pushf("VM-entry intr length = 0x%x [-]", in test_invalid_event_injection()
4465 try_tpr_threshold_and_vtpr(threshold, (threshold - 1) << 4); in test_vtpr_values()
4481 set_vtpr(-1); in try_tpr_threshold()
4505 try_tpr_threshold(-1u); in test_tpr_threshold_values()
4512 * i) If the "use TPR shadow" VM-execution control is 1 and the
4513 * "virtual-interrupt delivery" VM-execution control is 0, bits
4514 * 31:4 of the TPR threshold VM-execution control field must
4518 * ii) If the "use TPR shadow" VM-execution control is 1, the
4519 * "virtual-interrupt delivery" VM-execution control is 0
4520 * and the "virtualize APIC accesses" VM-execution control
4521 * is 0, the value of bits 3:0 of the TPR threshold VM-execution
4556 …report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delive… in test_tpr_threshold()
4562 …report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt deliver… in test_tpr_threshold()
4571 …report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delive… in test_tpr_threshold()
4577 …report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt deliver… in test_tpr_threshold()
4589 …report_prefix_pushf("Use TPR shadow enabled; secondary controls disabled; virtual-interrupt delive… in test_tpr_threshold()
4595 …report_prefix_pushf("Use TPR shadow enabled; secondary controls enabled; virtual-interrupt deliver… in test_tpr_threshold()
4610 * If the "NMI exiting" VM-execution control is 0, "Virtual NMIs"
4611 * VM-execution control must be 0.
4614 * If the "virtual NMIs" VM-execution control is 0, the "NMI-window
4615 * exiting" VM-execution control must be 0.
4636 report_prefix_pushf("NMI-exiting disabled, virtual-NMIs disabled"); in test_nmi_ctrls()
4641 report_prefix_pushf("NMI-exiting disabled, virtual-NMIs enabled"); in test_nmi_ctrls()
4646 report_prefix_pushf("NMI-exiting enabled, virtual-NMIs enabled"); in test_nmi_ctrls()
4651 report_prefix_pushf("NMI-exiting enabled, virtual-NMIs disabled"); in test_nmi_ctrls()
4656 report_info("NMI-window exiting is not supported, skipping..."); in test_nmi_ctrls()
4662 report_prefix_pushf("Virtual-NMIs disabled, NMI-window-exiting enabled"); in test_nmi_ctrls()
4668 report_prefix_pushf("Virtual-NMIs disabled, NMI-window-exiting disabled"); in test_nmi_ctrls()
4674 report_prefix_pushf("Virtual-NMIs enabled, NMI-window-exiting enabled"); in test_nmi_ctrls()
4680 report_prefix_pushf("Virtual-NMIs enabled, NMI-window-exiting disabled"); in test_nmi_ctrls()
4693 report_prefix_pushf("Enable-EPT enabled; EPT accessed and dirty flag %s", in test_eptp_ad_bit()
4704 * 1. If the "enable EPT" VM-execution control is 1, the "EPTP VM-execution"
4707 * - The EPT memory type (bits 2:0) must be a value supported by the
4709 * - Bits 5:3 (1 less than the EPT page-walk length) must indicate a
4710 * supported EPT page-walk length.
4711 * - Bit 6 (enable bit for accessed and dirty flags for EPT) must be
4715 * - Reserved bits 11:7 and 63:N (where N is the processor's
4716 * physical-address width) must all be 0.
4718 * 2. If the "unrestricted guest" VM-execution control is 1, the
4719 * "enable EPT" VM-execution control must also be 1.
4746 report_prefix_pushf("Enable-EPT enabled; EPT memory type %lu", in test_ept_eptp()
4759 * less than the EPT page-walk length". in test_ept_eptp()
4766 report_prefix_pushf("Enable-EPT enabled; EPT page walk length %lu", in test_ept_eptp()
4807 report_prefix_pushf("Enable-EPT enabled; reserved bits [11:7] %lu", in test_ept_eptp()
4820 for (i = 0; i < (63 - maxphysaddr + 1); i++) { in test_ept_eptp()
4824 for (j = maxphysaddr - 1; j <= 63; j++) { in test_ept_eptp()
4828 report_prefix_pushf("Enable-EPT enabled; reserved bits [63:N] %lu", in test_ept_eptp()
4839 report_prefix_pushf("Enable-EPT disabled, unrestricted-guest disabled"); in test_ept_eptp()
4848 report_prefix_pushf("Enable-EPT disabled, unrestricted-guest enabled"); in test_ept_eptp()
4854 report_prefix_pushf("Enable-EPT enabled, unrestricted-guest enabled"); in test_ept_eptp()
4861 report_prefix_pushf("Enable-EPT enabled, unrestricted-guest disabled"); in test_ept_eptp()
4871 * If the 'enable PML' VM-execution control is 1, the 'enable EPT'
4872 * VM-execution control must also be 1. In addition, the PML address
4877 * physical-address width.
4898 report_prefix_pushf("enable-PML disabled, enable-EPT disabled"); in test_pml()
4904 report_prefix_pushf("enable-PML enabled, enable-EPT disabled"); in test_pml()
4910 report_prefix_pushf("enable-PML enabled, enable-EPT enabled"); in test_pml()
4916 report_prefix_pushf("enable-PML disabled, enable EPT enabled"); in test_pml()
4928 * If the "activate VMX-preemption timer" VM-execution control is 0, the
4929 * the "save VMX-preemption timer value" VM-exit control must also be 0.
4942 …report_skip("%s : \"Save-VMX-preemption-timer\" and/or \"Enable-VMX-preemption-timer\" control not… in test_vmx_preemption_timer()
4950 report_prefix_pushf("enable-VMX-preemption-timer enabled, save-VMX-preemption-timer disabled"); in test_vmx_preemption_timer()
4956 report_prefix_pushf("enable-VMX-preemption-timer enabled, save-VMX-preemption-timer enabled"); in test_vmx_preemption_timer()
4962 report_prefix_pushf("enable-VMX-preemption-timer disabled, save-VMX-preemption-timer enabled"); in test_vmx_preemption_timer()
4968 report_prefix_pushf("enable-VMX-preemption-timer disabled, save-VMX-preemption-timer disabled"); in test_vmx_preemption_timer()
4991 * general-protection fault by moving a non-canonical address into in test_mtf_guest()
5016 regs->rip = (unsigned long) &test_mtf3; in test_mtf_gp_handler()
5056 report(rip == exp_rip, "MTF VM-exit after %s. RIP: 0x%lx (expected 0x%lx)", in report_mtf()
5072 /* Expect an MTF VM-exit after OUT instruction */ in vmx_mtf_test()
5083 * VM-exit with populated 'pending debug exceptions' VMCS field. in vmx_mtf_test()
5095 "'pending debug exceptions' field after MTF VM-exit: 0x%lx (expected 0x%lx)", in vmx_mtf_test()
5103 * #GP exception takes priority over MTF. Expect MTF VM-exit with RIP in vmx_mtf_test()
5182 * Copy the guest code to an identity-mapped page. in vmx_mtf_pdpte_test()
5186 &vmx_mtf_pdpte_guest_end - &vmx_mtf_pdpte_guest_begin); in vmx_mtf_pdpte_test()
5194 * Put the guest in non-paged 32-bit protected mode, ready to enter in vmx_mtf_pdpte_test()
5205 * Set CS access rights bits for 32-bit protected mode: in vmx_mtf_pdpte_test()
5213 * 14 1 default operation size 32-bit segment in vmx_mtf_pdpte_test()
5214 * 15 1 page granularity: segment limit in 4K units in vmx_mtf_pdpte_test()
5230 * Turn the 4-level page table into a PAE page table by following the 0th in vmx_mtf_pdpte_test()
5236 * PAE uses 32-bit addressing which implies: in vmx_mtf_pdpte_test()
5238 * Bits 20:12 entry into 512-entry page table in vmx_mtf_pdpte_test()
5239 * Bits 29:21 entry into a 512-entry directory table in vmx_mtf_pdpte_test()
5244 * 32-bit address space, take the first 4 PDPTEs in the level 3 page in vmx_mtf_pdpte_test()
5256 * Need some memory for the 4-entry PAE page directory pointer in vmx_mtf_pdpte_test()
5257 * table. Use the end of the identity-mapped page where the guest code in vmx_mtf_pdpte_test()
5261 pdpt = test_mtf_pdpte_guest + PAGE_SIZE - 4 * sizeof(pteval_t); in vmx_mtf_pdpte_test()
5301 * Return guest to 64-bit mode and wrap up. in vmx_mtf_pdpte_test()
5314 * Tests for VM-execution control fields
5334 * The following checks are performed for the VM-entry MSR-load address if
5335 * the VM-entry MSR-load count field is non-zero:
5337 * - The lower 4 bits of the VM-entry MSR-load address must be 0.
5339 * physical-address width.
5341 * - The address of the last byte in the VM-entry MSR-load area
5342 * should not set any bits beyond the processor's physical-address
5343 * width. The address of this last byte is VM-entry MSR-load address
5344 * + (MSR count * 16) - 1. (The arithmetic used for the computation
5345 * uses more bits than the processor's physical-address width.)
5360 /* Check first 4 bits of VM-entry MSR-load address */ in test_entry_msr_load()
5364 report_prefix_pushf("VM-entry MSR-load addr [4:0] %lx", in test_entry_msr_load()
5373 test_vmcs_addr_values("VM-entry-MSR-load address", in test_entry_msr_load()
5375 4, addr_len - 1); in test_entry_msr_load()
5378 * Check last byte of VM-entry MSR-load address in test_entry_msr_load()
5384 tmp = ((u64)entry_msr_load + entry_msr_ld_cnt * 16 - 1) | in test_entry_msr_load()
5387 tmp - (entry_msr_ld_cnt * 16 - 1)); in test_entry_msr_load()
5392 vmcs_write(ENTER_MSR_LD_ADDR, (1ULL << cpuid_maxphyaddr()) - 16); in test_entry_msr_load()
5394 vmcs_write(ENTER_MSR_LD_ADDR, (1ULL << cpuid_maxphyaddr()) - 32); in test_entry_msr_load()
5396 vmcs_write(ENTER_MSR_LD_ADDR, (1ULL << cpuid_maxphyaddr()) - 48); in test_entry_msr_load()
5415 if (data->enabled) { in guest_state_test_main()
5416 obs = rdmsr(data->msr); in guest_state_test_main()
5417 report(data->exp == obs, in guest_state_test_main()
5419 obs, data->exp); in guest_state_test_main()
5451 * Tests for VM-entry control fields
5460 * The following checks are performed for the VM-exit MSR-store address if
5461 * the VM-exit MSR-store count field is non-zero:
5463 * - The lower 4 bits of the VM-exit MSR-store address must be 0.
5465 * physical-address width.
5467 * - The address of the last byte in the VM-exit MSR-store area
5468 * should not set any bits beyond the processor's physical-address
5469 * width. The address of this last byte is VM-exit MSR-store address
5470 * + (MSR count * 16) - 1. (The arithmetic used for the computation
5471 * uses more bits than the processor's physical-address width.)
5488 /* Check first 4 bits of VM-exit MSR-store address */ in test_exit_msr_store()
5492 report_prefix_pushf("VM-exit MSR-store addr [4:0] %lx", in test_exit_msr_store()
5501 test_vmcs_addr_values("VM-exit-MSR-store address", in test_exit_msr_store()
5503 4, addr_len - 1); in test_exit_msr_store()
5506 * Check last byte of VM-exit MSR-store address in test_exit_msr_store()
5512 tmp = ((u64)exit_msr_store + exit_msr_st_cnt * 16 - 1) | in test_exit_msr_store()
5515 tmp - (exit_msr_st_cnt * 16 - 1)); in test_exit_msr_store()
5520 vmcs_write(EXIT_MSR_ST_ADDR, (1ULL << cpuid_maxphyaddr()) - 16); in test_exit_msr_store()
5522 vmcs_write(EXIT_MSR_ST_ADDR, (1ULL << cpuid_maxphyaddr()) - 32); in test_exit_msr_store()
5524 vmcs_write(EXIT_MSR_ST_ADDR, (1ULL << cpuid_maxphyaddr()) - 48); in test_exit_msr_store()
5529 * Tests for VM-exit controls
5543 * Bit 1 of the guest's RFLAGS must be 1, or VM-entry will in vmx_controls_test()
5601 config->virtualize_apic_accesses && in apic_reg_virt_exit_expectation()
5602 !config->use_tpr_shadow && in apic_reg_virt_exit_expectation()
5603 !config->apic_register_virtualization && in apic_reg_virt_exit_expectation()
5604 !config->virtualize_x2apic_mode && in apic_reg_virt_exit_expectation()
5605 config->activate_secondary_controls; in apic_reg_virt_exit_expectation()
5607 config->virtualize_apic_accesses && in apic_reg_virt_exit_expectation()
5608 config->use_tpr_shadow && in apic_reg_virt_exit_expectation()
5609 !config->apic_register_virtualization && in apic_reg_virt_exit_expectation()
5610 !config->virtualize_x2apic_mode && in apic_reg_virt_exit_expectation()
5611 config->activate_secondary_controls; in apic_reg_virt_exit_expectation()
5613 config->virtualize_apic_accesses && in apic_reg_virt_exit_expectation()
5614 config->use_tpr_shadow && in apic_reg_virt_exit_expectation()
5615 config->apic_register_virtualization && in apic_reg_virt_exit_expectation()
5616 !config->virtualize_x2apic_mode && in apic_reg_virt_exit_expectation()
5617 config->activate_secondary_controls; in apic_reg_virt_exit_expectation()
5619 expectation->val = MAGIC_VAL_1; in apic_reg_virt_exit_expectation()
5620 expectation->virt_fn = apic_virt_identity; in apic_reg_virt_exit_expectation()
5621 expectation->virtualize_apic_accesses = in apic_reg_virt_exit_expectation()
5622 config->virtualize_apic_accesses && in apic_reg_virt_exit_expectation()
5623 config->activate_secondary_controls; in apic_reg_virt_exit_expectation()
5625 expectation->rd_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5626 expectation->wr_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5630 expectation->rd_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5631 expectation->wr_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5632 expectation->virt_fn = apic_virt_nibble1; in apic_reg_virt_exit_expectation()
5635 expectation->rd_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5636 expectation->wr_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5639 expectation->rd_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5657 expectation->wr_exit_reason = VMX_APIC_WRITE; in apic_reg_virt_exit_expectation()
5663 expectation->wr_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5666 expectation->wr_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5667 expectation->virt_fn = apic_virt_nibble1; in apic_reg_virt_exit_expectation()
5670 expectation->wr_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5671 expectation->virt_fn = apic_virt_byte3; in apic_reg_virt_exit_expectation()
5674 expectation->rd_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5675 expectation->wr_exit_reason = VMX_APIC_ACCESS; in apic_reg_virt_exit_expectation()
5677 } else if (!expectation->virtualize_apic_accesses) { in apic_reg_virt_exit_expectation()
5684 expectation->rd_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5685 expectation->wr_exit_reason = VMX_VMCALL; in apic_reg_virt_exit_expectation()
5693 config->virtualize_apic_accesses, in apic_reg_virt_exit_expectation()
5694 config->use_tpr_shadow, in apic_reg_virt_exit_expectation()
5695 config->apic_register_virtualization, in apic_reg_virt_exit_expectation()
5696 config->virtualize_x2apic_mode, in apic_reg_virt_exit_expectation()
5697 config->activate_secondary_controls); in apic_reg_virt_exit_expectation()
5728 .name = "APIC-register virtualization",
5739 * Test that the secondary processor-based VM-execution controls are
5780 * "APIC-register virtualization" is enabled while "use TPR shadow" is
5784 .name = "APIC-register virtualization + Use TPR shadow off",
5878 enum Apic_op op = args->op; in apic_reg_virt_guest()
5879 u32 *apic_access_address = args->apic_access_address; in apic_reg_virt_guest()
5880 u32 reg = args->reg; in apic_reg_virt_guest()
5881 u32 val = args->val; in apic_reg_virt_guest()
5882 bool check_rd = args->check_rd; in apic_reg_virt_guest()
5883 u32 (*virt_fn)(u32) = args->virt_fn; in apic_reg_virt_guest()
5915 u32 val = expectation->val; in test_xapic_rd()
5916 u32 exit_reason_want = expectation->rd_exit_reason; in test_xapic_rd()
5919 report_prefix_pushf("xapic - reading 0x%03x", reg); in test_xapic_rd()
5922 args->op = APIC_OP_XAPIC_RD; in test_xapic_rd()
5923 args->apic_access_address = apic_access_address; in test_xapic_rd()
5924 args->reg = reg; in test_xapic_rd()
5925 args->val = val; in test_xapic_rd()
5926 args->check_rd = exit_reason_want == VMX_VMCALL; in test_xapic_rd()
5927 args->virt_fn = expectation->virt_fn; in test_xapic_rd()
5930 if (!expectation->virtualize_apic_accesses) { in test_xapic_rd()
5968 u32 val = expectation->val; in test_xapic_wr()
5969 u32 exit_reason_want = expectation->wr_exit_reason; in test_xapic_wr()
5972 expectation->virtualize_apic_accesses && in test_xapic_wr()
5977 report_prefix_pushf("xapic - writing 0x%x to 0x%03x", val, reg); in test_xapic_wr()
5980 args->op = APIC_OP_XAPIC_WR; in test_xapic_wr()
5981 args->apic_access_address = apic_access_address; in test_xapic_wr()
5982 args->reg = reg; in test_xapic_wr()
5983 args->val = val; in test_xapic_wr()
5986 if (virtualized || !expectation->virtualize_apic_accesses) { in test_xapic_wr()
6025 u32 want = expectation->virt_fn(val); in test_xapic_wr()
6027 got = expectation->virt_fn(got); in test_xapic_wr()
6031 } else if (!expectation->virtualize_apic_accesses && !checked) { in test_xapic_wr()
6035 "non-virtualized write; val is 0x%x, want 0x%x", got, in test_xapic_wr()
6037 } else if (!expectation->virtualize_apic_accesses && checked) { in test_xapic_wr()
6038 report_fail("Non-virtualized write was prematurely checked!"); in test_xapic_wr()
6058 !apic_reg_virt_config->use_tpr_shadow && in configure_apic_reg_virt_test()
6059 (apic_reg_virt_config->apic_register_virtualization || in configure_apic_reg_virt_test()
6060 apic_reg_virt_config->virtualize_x2apic_mode) && in configure_apic_reg_virt_test()
6061 apic_reg_virt_config->activate_secondary_controls; in configure_apic_reg_virt_test()
6063 apic_reg_virt_config->virtualize_apic_accesses && in configure_apic_reg_virt_test()
6064 apic_reg_virt_config->virtualize_x2apic_mode && in configure_apic_reg_virt_test()
6065 apic_reg_virt_config->activate_secondary_controls; in configure_apic_reg_virt_test()
6070 if (apic_reg_virt_config->activate_secondary_controls) { in configure_apic_reg_virt_test()
6072 printf("VM-execution control \"activate secondary controls\" NOT supported.\n"); in configure_apic_reg_virt_test()
6080 if (apic_reg_virt_config->virtualize_apic_accesses) { in configure_apic_reg_virt_test()
6082 printf("VM-execution control \"virtualize APIC accesses\" NOT supported.\n"); in configure_apic_reg_virt_test()
6090 if (apic_reg_virt_config->use_tpr_shadow) { in configure_apic_reg_virt_test()
6092 printf("VM-execution control \"use TPR shadow\" NOT supported.\n"); in configure_apic_reg_virt_test()
6100 if (apic_reg_virt_config->apic_register_virtualization) { in configure_apic_reg_virt_test()
6102 printf("VM-execution control \"APIC-register virtualization\" NOT supported.\n"); in configure_apic_reg_virt_test()
6110 if (apic_reg_virt_config->virtualize_x2apic_mode) { in configure_apic_reg_virt_test()
6112 printf("VM-execution control \"virtualize x2APIC mode\" NOT supported.\n"); in configure_apic_reg_virt_test()
6159 * From the SDM: The 1-setting of the "virtualize APIC accesses" in apic_reg_virt_test()
6160 * VM-execution is guaranteed to apply only if translations to the in apic_reg_virt_test()
6161 * APIC-access address use a 4-KByte page. in apic_reg_virt_test()
6173 &apic_reg_test->apic_reg_virt_config; in apic_reg_virt_test()
6177 printf("--- %s test ---\n", apic_reg_test->name); in apic_reg_virt_test()
6211 args->op = TERMINATE; in apic_reg_virt_test()
6240 * RDMSR and WRMSR handle 64-bit values. However, except for ICR, all of
6242 * 1. vmx_x2apic_read() clears the upper 32 bits for 32-bit registers.
6243 * 2. vmx_x2apic_write() expects the val arg to be well-formed.
6276 expectation->rd_exit_reason = VMX_VMCALL; in virt_x2apic_mode_rd_expectation()
6277 expectation->virt_fn = virt_x2apic_mode_identity; in virt_x2apic_mode_rd_expectation()
6279 expectation->rd_val = MAGIC_VAL_1; in virt_x2apic_mode_rd_expectation()
6281 expectation->virt_fn = virt_x2apic_mode_nibble1; in virt_x2apic_mode_rd_expectation()
6283 expectation->virt_fn = virt_x2apic_mode_nibble1; in virt_x2apic_mode_rd_expectation()
6284 expectation->rd_behavior = X2APIC_ACCESS_VIRTUALIZED; in virt_x2apic_mode_rd_expectation()
6287 expectation->rd_val = MAGIC_VAL_1; in virt_x2apic_mode_rd_expectation()
6288 expectation->virt_fn = virt_x2apic_mode_nibble1; in virt_x2apic_mode_rd_expectation()
6289 expectation->rd_behavior = X2APIC_ACCESS_VIRTUALIZED; in virt_x2apic_mode_rd_expectation()
6291 expectation->rd_val = apic_read(reg); in virt_x2apic_mode_rd_expectation()
6292 expectation->rd_behavior = X2APIC_ACCESS_PASSED_THROUGH; in virt_x2apic_mode_rd_expectation()
6294 expectation->rd_behavior = X2APIC_ACCESS_TRIGGERS_GP; in virt_x2apic_mode_rd_expectation()
6302 * val pointer arg and returns true. For non-writable registers, val is not
6316 * EOI, ESR: WRMSR of a non-zero value causes #GP(0). in get_x2apic_wr_val()
6317 * TMICT: A write of 0 to the initial-count register effectively in get_x2apic_wr_val()
6318 * stops the local APIC timer, in both one-shot and in get_x2apic_wr_val()
6350 * APIC-write VM exit. We plan to add a test for enabling in get_x2apic_wr_val()
6351 * "virtual-interrupt delivery" in VMCS12, and that's where we in get_x2apic_wr_val()
6384 expectation->wr_exit_reason = VMX_VMCALL; in virt_x2apic_mode_wr_expectation()
6385 expectation->wr_val = MAGIC_VAL_1; in virt_x2apic_mode_wr_expectation()
6386 expectation->wr_only = false; in virt_x2apic_mode_wr_expectation()
6389 special_processing_applies(reg, &expectation->wr_val, in virt_x2apic_mode_wr_expectation()
6391 expectation->wr_behavior = X2APIC_ACCESS_VIRTUALIZED; in virt_x2apic_mode_wr_expectation()
6393 expectation->wr_exit_reason = VMX_APIC_WRITE; in virt_x2apic_mode_wr_expectation()
6395 get_x2apic_wr_val(reg, &expectation->wr_val)) { in virt_x2apic_mode_wr_expectation()
6396 expectation->wr_behavior = X2APIC_ACCESS_PASSED_THROUGH; in virt_x2apic_mode_wr_expectation()
6398 expectation->wr_only = true; in virt_x2apic_mode_wr_expectation()
6400 expectation->wr_exit_reason = VMX_EXTINT; in virt_x2apic_mode_wr_expectation()
6402 expectation->wr_behavior = X2APIC_ACCESS_TRIGGERS_GP; in virt_x2apic_mode_wr_expectation()
6408 expectation->wr_val = 0; in virt_x2apic_mode_wr_expectation()
6417 &config->apic_reg_virt_config; in virt_x2apic_mode_exit_expectation()
6419 base_config->virtualize_x2apic_mode && in virt_x2apic_mode_exit_expectation()
6420 config->use_msr_bitmaps && in virt_x2apic_mode_exit_expectation()
6421 config->disable_x2apic_msr_intercepts && in virt_x2apic_mode_exit_expectation()
6422 base_config->activate_secondary_controls; in virt_x2apic_mode_exit_expectation()
6425 reg, virt_x2apic_mode_on, config->disable_x2apic, in virt_x2apic_mode_exit_expectation()
6426 config->virtual_interrupt_delivery, expectation); in virt_x2apic_mode_exit_expectation()
6428 reg, virt_x2apic_mode_on, config->disable_x2apic, in virt_x2apic_mode_exit_expectation()
6429 base_config->apic_register_virtualization, in virt_x2apic_mode_exit_expectation()
6430 config->virtual_interrupt_delivery, expectation); in virt_x2apic_mode_exit_expectation()
6436 * - virtualize x2APIC mode
6437 * - virtual-interrupt delivery
6438 * - APIC-register virtualization
6439 * - x2APIC MSR intercepts disabled
6479 * Baseline, minus virtual-interrupt delivery. Reads come from virtual
6484 .name = "Baseline - virtual interrupt delivery",
6501 * Baseline, minus APIC-register virtualization. x2APIC reads pass
6538 * Enable "virtualize x2APIC mode" and "APIC-register virtualization",
6561 * Enable "APIC-register virtualization" and enable "activate secondary
6563 * enable the "virtualize x2APIC mode" VM-execution control (i.e. L2
6585 * enable "APIC-register virtualization" --> L2 gets L1's x2APIC MSRs.
6641 regs->rip += handle_x2apic_gp_insn_len; in handle_x2apic_gp()
6674 enum X2apic_op op = args->op; in virt_x2apic_mode_guest()
6675 u32 reg = args->reg; in virt_x2apic_mode_guest()
6676 u64 val = args->val; in virt_x2apic_mode_guest()
6677 bool should_gp = args->should_gp; in virt_x2apic_mode_guest()
6678 u64 (*virt_fn)(u64) = args->virt_fn; in virt_x2apic_mode_guest()
6723 u64 val = expectation->rd_val; in test_x2apic_rd()
6724 u32 exit_reason_want = expectation->rd_exit_reason; in test_x2apic_rd()
6727 report_prefix_pushf("x2apic - reading 0x%03x", reg); in test_x2apic_rd()
6730 args->op = X2APIC_OP_RD; in test_x2apic_rd()
6731 args->reg = reg; in test_x2apic_rd()
6732 args->val = val; in test_x2apic_rd()
6733 args->should_gp = expectation->rd_behavior == X2APIC_ACCESS_TRIGGERS_GP; in test_x2apic_rd()
6734 args->virt_fn = expectation->virt_fn; in test_x2apic_rd()
6737 if (expectation->rd_behavior == X2APIC_ACCESS_VIRTUALIZED) in test_x2apic_rd()
6762 u64 val = expectation->wr_val; in test_x2apic_wr()
6763 u32 exit_reason_want = expectation->wr_exit_reason; in test_x2apic_wr()
6768 report_prefix_pushf("x2apic - writing 0x%lx to 0x%03x", val, reg); in test_x2apic_wr()
6771 args->op = X2APIC_OP_WR; in test_x2apic_wr()
6772 args->reg = reg; in test_x2apic_wr()
6773 args->val = val; in test_x2apic_wr()
6774 args->should_gp = expectation->wr_behavior == X2APIC_ACCESS_TRIGGERS_GP; in test_x2apic_wr()
6777 if (expectation->wr_behavior == X2APIC_ACCESS_VIRTUALIZED) in test_x2apic_wr()
6779 if (expectation->wr_behavior == X2APIC_ACCESS_PASSED_THROUGH && !expectation->wr_only) in test_x2apic_wr()
6816 if (expectation->wr_behavior == X2APIC_ACCESS_VIRTUALIZED) { in test_x2apic_wr()
6822 } else if (expectation->wr_behavior == X2APIC_ACCESS_PASSED_THROUGH) { in test_x2apic_wr()
6823 if (!expectation->wr_only) { in test_x2apic_wr()
6836 * 4. L0 re-enters L2. in test_x2apic_wr()
6839 * 7. Before entering L1, L0 exits to user-space in test_x2apic_wr()
6841 * 8. User-space executes KVM_SET_REGS ioctl, which in test_x2apic_wr()
6851 "non-virtualized write; val is 0x%x, want 0x%lx", in test_x2apic_wr()
6855 report_pass("non-virtualized and write-only OK"); in test_x2apic_wr()
6871 /* x2apic-specific VMCS config */ in configure_virt_x2apic_mode_test()
6872 if (virt_x2apic_mode_config->use_msr_bitmaps) { in configure_virt_x2apic_mode_test()
6879 if (virt_x2apic_mode_config->virtual_interrupt_delivery) { in configure_virt_x2apic_mode_test()
6881 report_skip("%s : \"virtual-interrupt delivery\" exec control not supported", __func__); in configure_virt_x2apic_mode_test()
6894 if (virt_x2apic_mode_config->disable_x2apic_msr_intercepts) { in configure_virt_x2apic_mode_test()
6905 if (!virt_x2apic_mode_config->disable_x2apic) in configure_virt_x2apic_mode_test()
6909 &virt_x2apic_mode_config->apic_reg_virt_config); in configure_virt_x2apic_mode_test()
6938 * - "Virtual-APIC address", indicated by "use TPR shadow" in virt_x2apic_mode_test()
6939 * - "MSR-bitmap address", indicated by "use MSR bitmaps" in virt_x2apic_mode_test()
6962 &virt_x2apic_mode_test_case->virt_x2apic_mode_config; in virt_x2apic_mode_test()
6966 printf("--- %s test ---\n", virt_x2apic_mode_test_case->name); in virt_x2apic_mode_test()
6993 args->op = X2APIC_TERMINATE; in virt_x2apic_mode_test()
7053 * processor's physical-address width must be 0.
7125 * Skip the test if it would enter the guest in 32-bit mode. in test_efer_one()
7181 report_skip("%s : \"Load-IA32-EFER\" exit control not supported", __func__); in test_efer()
7241 * If the 'load IA32_EFER' VM-exit control is 1, bits reserved in the
7244 * the 'host address-space size' VM-exit control.
7256 * If the 'load IA32_EFER' VM-enter control is 1, bits reserved in the
7259 * the 'IA32e-mode guest' VM-exit control.
7264 report_skip("%s : \"Load-IA32-EFER\" entry control not supported", __func__); in test_guest_efer()
7277 * in order to reduce the number of VM-Entries and keep the runtime reasonable.
7352 * If the "load IA32_PAT" VM-exit control is 1, the value of the field
7356 * 6 (WB), or 7 (UC-).
7363 * "load IA32_PAT" VM-exit control in test_load_host_pat()
7366 report_skip("%s : \"Load-IA32-PAT\" exit control not supported", __func__); in test_load_host_pat()
7413 mask = ~(((1ull << eax.split.num_counters_gp) - 1) | in valid_pgc()
7414 (((1ull << edx.split.num_contiguous_fixed_counters) - 1) << 32) | in valid_pgc()
7429 obs = rdmsr(data->msr); in test_pgc_vmlaunch()
7436 report(!data->enabled || data->exp == obs, in test_pgc_vmlaunch()
7438 obs, data->exp); in test_pgc_vmlaunch()
7450 * "load IA32_PERF_GLOBAL_CTRL" VM-{Entry,Exit} controls. This test function
7455 * @ctrl_nr: VMCS field number corresponding to the VM-{Entry,Exit} control
7467 data->msr = MSR_CORE_PERF_GLOBAL_CTRL; in test_perf_global_ctrl()
7470 data->enabled = false; in test_perf_global_ctrl()
7484 data->enabled = true; in test_perf_global_ctrl()
7489 data->exp = val; in test_perf_global_ctrl()
7511 data->enabled = false; in test_perf_global_ctrl()
7552 * test_vmcs_field - test a value for the given VMCS field
7571 mask = mask | ((1 << bit_start) - 1); in test_vmcs_field()
7627 test_guest_state("Test non-canonical address", true, in test_canonical()
7646 * 3. The selector field for SS cannot be 0000H if the "host address-space
7647 * size" VM-exit control is 0.
7648 * 4. On processors that support Intel 64 architecture, the base-address
7673 * SS field can not be 0x0000 if "host address-space size" VM-exit in test_host_segment_regs()
7697 * On processors that support Intel 64 architecture, the base-address
7707 * If the "host address-space size" VM-exit control is 0, the following must
7709 * - The "IA-32e mode guest" VM-entry control is 0.
7710 * - Bit 17 of the CR4 field (corresponding to CR4.PCIDE) is 0.
7711 * - Bits 63:32 in the RIP field are 0.
7713 * If the "host address-space size" VM-exit control is 1, the following must
7715 * - Bit 5 of the CR4 field (corresponding to CR4.PAE) is 1.
7716 * - The RIP field contains a canonical address.
7729 report_prefix_pushf("\"IA-32e mode guest\" enabled"); in test_host_addr_size()
7756 * Restore host's active CR4 and RIP values by triggering a VM-Exit. in test_host_addr_size()
7758 * testcases as needed, but don't guarantee a VM-Exit and so the active in test_host_addr_size()
7761 * are unlikely to affect VM-Enter, so the above doesn't force a VM-exit in test_host_addr_size()
7762 * between testcases. Note, if VM-Enter is surrounded by CALL+RET then in test_host_addr_size()
7778 * Bit 1 of the guest's RFLAGS must be 1, or VM-entry will in vmx_host_state_area_test()
7798 * If the "load debug controls" VM-entry control is 1, bits 63:32 in
7833 * If the "load IA32_PAT" VM-entry control is 1, the value of the field
7837 * 6 (WB), or 7 (UC-).
7844 * "load IA32_PAT" VM-entry control in test_load_guest_pat()
7847 report_skip("%s : \"Load-IA32-PAT\" entry control not supported", __func__); in test_load_guest_pat()
7857 * If the "load IA32_BNDCFGS" VM-entry control is 1, the following
7860 * - Bits reserved in the IA32_BNDCFGS MSR must be 0.
7861 * - The linear address in bits 63:12 must be canonical.
7871 report_skip("%s : \"Load-IA32-BNDCFGS\" entry control not supported", __func__); in test_load_guest_bndcfgs()
7917 * - TR. The TI flag (bit 2) must be 0.
7918 * - LDTR. If LDTR is usable, the TI flag (bit 2) must be 0.
7919 * - SS. If the guest will not be virtual-8086 and the "unrestricted
7920 * guest" VM-execution control is 0, the RPL (bits 1:0) must equal
7964 /* Turn off "unrestricted guest" vm-execution control */ in test_guest_segment_sel_fields()
7970 /* Make SS usable if it's unusable or vice-versa */ in test_guest_segment_sel_fields()
7985 /* Make SS usable if it's unusable or vice-versa */ in test_guest_segment_sel_fields()
8016 test_guest_state("seg.BASE non-canonical, usable = " xstr(xfail), \
8024 * - TR, FS, GS : The address must be canonical.
8025 * - LDTR : If LDTR is usable, the address must be canonical.
8026 * - CS : Bits 63:32 of the address must be zero.
8027 * - SS, DS, ES : If the register is usable, bits 63:32 of the address
8166 * If "unrestricted guest" secondary VM-execution control is set, guests
8195 return current_vmcs && !current_vmcs->hdr.shadow_vmcs; in valid_vmcs_for_vmentry()
8219 "mov $-1, %%ah;" in try_vmentry_in_movss_shadow()
8234 report(early_failure, "Early VM-entry failure"); in try_vmentry_in_movss_shadow()
8239 "VM-instruction error is %d (actual %d)", in try_vmentry_in_movss_shadow()
8257 * With bit 1 of the guest's RFLAGS clear, VM-entry should in vmentry_movss_shadow_test()
8264 * "VMLAUNCH with non-clear VMCS." in vmentry_movss_shadow_test()
8266 report_prefix_push("valid current-VMCS"); in vmentry_movss_shadow_test()
8275 report_prefix_push("no current-VMCS"); in vmentry_movss_shadow_test()
8292 * Ensure that the L1 LDTR is set to 0 on VM-exit.
8299 /* Set up a non-zero L1 LDTR prior to VM-entry. */ in vmx_ldtr_test()
8314 * VM-exit should clear LDTR (and make it unusable, but we in vmx_ldtr_test()
8384 * Transition to/from 5-level paging in the host via VM-Exit. CR4.LA57 in vmx_cr_load_test()
8386 * such restrictions on VM-Exit. in vmx_cr_load_test()
8412 * If the saved execution controls are non-zero then the EPT version in vmx_cr_load_test()
8439 * after VM-exit from an L2 guest that sets CR4.OSXSAVE to a different
8580 report_skip("%s : \"NMI-window exiting\" exec control not supported", __func__); in vmx_nmi_window_test()
8586 report_prefix_push("NMI-window"); in vmx_nmi_window_test()
8594 * Ask for "NMI-window exiting," and expect an immediate VM-exit. in vmx_nmi_window_test()
8604 * Ask for "NMI-window exiting" in a MOV-SS shadow, and expect in vmx_nmi_window_test()
8605 * a VM-exit on the next instruction after the nop. (The nop in vmx_nmi_window_test()
8608 report_prefix_push("active, blocking by MOV-SS"); in vmx_nmi_window_test()
8615 * Ask for "NMI-window exiting" (with event injection), and in vmx_nmi_window_test()
8616 * expect a VM-exit after the event is injected. (RIP should in vmx_nmi_window_test()
8627 * Ask for "NMI-window exiting" with NMI blocking, and expect in vmx_nmi_window_test()
8628 * a VM-exit after the next IRET (i.e. after the #DB handler in vmx_nmi_window_test()
8644 * Ask for "NMI-window exiting" when entering activity in vmx_nmi_window_test()
8645 * state HLT, and expect an immediate VM-exit. RIP is in vmx_nmi_window_test()
8655 * Ask for "NMI-window exiting" when entering activity in vmx_nmi_window_test()
8657 * VM-exit after the event is injected. (RIP should be in vmx_nmi_window_test()
8711 report_skip("%s : \"Interrupt-window exiting\" exec control not supported", __func__); in vmx_intr_window_test()
8723 report_prefix_push("interrupt-window"); in vmx_intr_window_test()
8730 * Ask for "interrupt-window exiting" with RFLAGS.IF set and in vmx_intr_window_test()
8731 * no blocking; expect an immediate VM-exit. Note that we have in vmx_intr_window_test()
8743 * Ask for "interrupt-window exiting" (with event injection) in vmx_intr_window_test()
8744 * with RFLAGS.IF set and no blocking; expect a VM-exit after in vmx_intr_window_test()
8758 * We have to clear the "interrupt-window exiting" in vmx_intr_window_test()
8759 * VM-execution control, or it would just keep causing in vmx_intr_window_test()
8760 * VM-exits. Then, advance past the VMCALL and set the in vmx_intr_window_test()
8761 * "interrupt-window exiting" VM-execution control again. in vmx_intr_window_test()
8770 * Ask for "interrupt-window exiting" in a MOV-SS shadow with in vmx_intr_window_test()
8771 * RFLAGS.IF set, and expect a VM-exit on the next in vmx_intr_window_test()
8774 report_prefix_push("active, blocking by MOV-SS, RFLAGS.IF=1"); in vmx_intr_window_test()
8781 * Back up to the NOP and ask for "interrupt-window exiting" in vmx_intr_window_test()
8782 * in an STI shadow with RFLAGS.IF set, and expect a VM-exit in vmx_intr_window_test()
8793 * Ask for "interrupt-window exiting" with RFLAGS.IF clear, in vmx_intr_window_test()
8794 * and expect a VM-exit on the instruction following the STI in vmx_intr_window_test()
8810 * Ask for "interrupt-window exiting" when entering in vmx_intr_window_test()
8812 * VM-exit. RIP is still three bytes past the nop. in vmx_intr_window_test()
8821 * Ask for "interrupt-window exiting" when entering in vmx_intr_window_test()
8823 * expect a VM-exit after the event is injected. That in vmx_intr_window_test()
8853 * This test ensures that when IA32_TSC is in the VM-exit MSR-store
8883 "IA32_TSC value saved in the VM-exit MSR-store list (%lu) is in range [%lu, %lu]", in vmx_store_tsc_test()
8939 * VM-entry, a VM-exit occurs after any event injection and after any
8950 report_skip("%s : \"Activate VMX-preemption timer\" pin control not supported", __func__); in vmx_preemption_timer_zero_test()
8963 * VMX-preemption timer should fire after event injection. in vmx_preemption_timer_zero_test()
8971 * VMX-preemption timer should fire after event injection. in vmx_preemption_timer_zero_test()
8981 * VMX-preemption timer should fire after pending debug exceptions in vmx_preemption_timer_zero_test()
8990 * VMX-preemption timer would fire after pending debug exceptions in vmx_preemption_timer_zero_test()
9016 * loop and stop single-stepping. in vmx_preemption_timer_tf_test_db_handler()
9018 regs->rip = (u64)&vmx_preemption_timer_tf_test_endloop; in vmx_preemption_timer_tf_test_db_handler()
9019 regs->rflags &= ~X86_EFLAGS_TF; in vmx_preemption_timer_tf_test_db_handler()
9020 } else if (regs->rip == vmx_preemption_timer_tf_test_prev_rip) { in vmx_preemption_timer_tf_test_db_handler()
9025 * single-step trap has been dropped. Let the in vmx_preemption_timer_tf_test_db_handler()
9031 vmx_preemption_timer_tf_test_prev_rip = regs->rip; in vmx_preemption_timer_tf_test_db_handler()
9038 * shouldn't be a problem--it's just two instructions in vmx_preemption_timer_tf_test_guest()
9039 * executing in VMX non-root mode. However, when the in vmx_preemption_timer_tf_test_guest()
9042 * parent hypervisor is broken, the single-step trap after the in vmx_preemption_timer_tf_test_guest()
9052 * Ensure that the delivery of a "VMX-preemption timer expired"
9053 * VM-exit doesn't disrupt single-stepping in the guest. Note that
9055 * only fail if the VMX-preemtion timer fires at the right time (or
9065 report_skip("%s : \"Activate VMX-preemption timer\" pin control not supported", __func__); in vmx_preemption_timer_tf_test()
9083 * The only exit we should see is "VMX-preemption timer in vmx_preemption_timer_tf_test()
9085 * handler has detected a missing single-step trap. It doesn't in vmx_preemption_timer_tf_test()
9086 * matter where the guest RIP is when the VMX-preemption timer in vmx_preemption_timer_tf_test()
9088 * handler)--a single-step trap should never be discarded. in vmx_preemption_timer_tf_test()
9100 report(reason == VMX_PREEMPT, "No single-step traps skipped"); in vmx_preemption_timer_tf_test()
9124 * Test that the VMX-preemption timer is not excessively delayed.
9126 * Per the SDM, volume 3, VM-entry starts the VMX-preemption timer
9127 * with the unsigned value in the VMX-preemption timer-value field,
9128 * and the VMX-preemption timer counts down by 1 every time bit X in
9131 * other than the wait-for-SIPI state, the logical processor
9132 * transitions to the C0 C-state and causes a VM-exit.
9134 * The guest code above reads the starting TSC after VM-entry. At this
9135 * point, the VMX-preemption timer has already been activated. Next,
9139 * If the RDTSC in the loop reads a value past the VMX-preemption
9140 * timer deadline, then the VMX-preemption timer VM-exit must be
9142 * priority SMI is delivered first, the VMX-preemption timer VM-exit
9144 * value past the VMX-preemption timer deadline might be read, but it
9156 report_skip("%s : \"Activate VMX-preemption timer\" pin control not supported", __func__); in vmx_preemption_timer_expiry_test()
9192 * For a hardware generated single-step #DB. in vmx_db_test_guest()
9204 * For an L0 synthesized single-step #DB. (L0 intercepts WBINVD and in vmx_db_test_guest()
9217 * For a hardware generated single-step #DB in a transactional region. in vmx_db_test_guest()
9226 * Clear the pending debug exceptions and RFLAGS.TF and re-enter
9255 "Expected #DB VM-exit"); in check_db_exit()
9272 * pending debug exceptions are non-zero, set the VMCS up as if the
9291 * When L1 intercepts #DB, verify that a single-step trap clears
9326 * Hardware-delivered #DB trap for single-step sets the in vmx_db_test()
9329 single_step_guest("Hardware delivered single-step", starting_dr6, 0); in vmx_db_test()
9333 * Hardware-delivered #DB trap for single-step in MOVSS shadow in vmx_db_test()
9337 * data breakpoint as well as the single-step trap. in vmx_db_test()
9339 single_step_guest("Hardware delivered single-step in MOVSS shadow", in vmx_db_test()
9345 * L0 synthesized #DB trap for single-step is buggy, because in vmx_db_test()
9350 single_step_guest("Software synthesized single-step", starting_dr6, 0); in vmx_db_test()
9354 * L0 synthesized #DB trap for single-step in MOVSS shadow is in vmx_db_test()
9359 single_step_guest("Software synthesized single-step in MOVSS shadow", in vmx_db_test()
9367 * (325384-067US), table 27-1 is incorrect. Bit 16 of the exit in vmx_db_test()
9383 single_step_guest("Hardware delivered single-step in " in vmx_db_test()
9448 * Constant for num of busy-loop iterations after which
9547 /* Set irq-line 0xf to raise vector 0x78 for vCPU 0 */ in set_irq_line_thread()
9614 "IOAPIC pass-through: remote_irr=1 before EOI"); in vmx_apic_passthrough()
9621 "IOAPIC pass-through: remote_irr=0 after EOI"); in vmx_apic_passthrough()
9658 /* Raise L0 TPR-threshold by queueing vector in LAPIC IRR */ in vmx_apic_passthrough_tpr_threshold_test()
9670 /* Clean pending self-IPI */ in vmx_apic_passthrough_tpr_threshold_test()
9674 report(vmx_apic_passthrough_tpr_threshold_ipi_isr_fired, "self-IPI fired"); in vmx_apic_passthrough_tpr_threshold_test()
9705 /* Wait for signal to enter VMX non-root mode */ in init_signal_test_thread()
9709 /* Enter VMX non-root mode */ in init_signal_test_thread()
9715 /* VMCLEAR test-vmcs so it could be loaded by BSP CPU */ in init_signal_test_thread()
9770 /* VMCLEAR test-vmcs so it could be loaded by other CPU */ in vmx_init_signal_test()
9801 /* Signal other CPU to enter VMX non-root mode */ in vmx_init_signal_test()
9802 init_signal_test_exit_reason = -1ull; in vmx_init_signal_test()
9814 "INIT signal during VMX non-root mode result in exit-reason %s (%lu)", in vmx_init_signal_test()
9856 * to re-init it to kvm-unit-tests standard environment. in vmx_init_signal_test()
9890 /* wait AP exit non-root mode */ in vmx_sipi_test_guest()
9922 vmcs_write(GUEST_RSP, (u64)(ap_stack + PAGE_SIZE - 1)); in sipi_test_ap_thread()
9923 vmcs_write(GUEST_SYSENTER_ESP, (u64)(ap_syscall_stack + PAGE_SIZE - 1)); in sipi_test_ap_thread()
9931 /* Set guest activity state to wait-for-SIPI state */ in sipi_test_ap_thread()
9955 /* notify BSP that AP is already exit from non-root mode */ in sipi_test_ap_thread()
10036 while (c->op != ACCESS_NONE) { in vmx_vmcs_shadow_test_guest()
10038 switch (c->op) { in vmx_vmcs_shadow_test_guest()
10040 c->flags = -1ull; in vmx_vmcs_shadow_test_guest()
10043 c->flags = vmread_flags(c->field, &c->value); in vmx_vmcs_shadow_test_guest()
10046 c->flags = vmwrite_flags(c->field, 0); in vmx_vmcs_shadow_test_guest()
10049 c->time = rdtsc() - start; in vmx_vmcs_shadow_test_guest()
10086 c->op = access; in vmcs_shadow_test_access()
10089 c->reason = vmcs_read(EXI_REASON) & 0xffff; in vmcs_shadow_test_access()
10090 if (c->reason != VMX_VMCALL) { in vmcs_shadow_test_access()
10107 c->field = field; in vmcs_shadow_test_field()
10110 if (shadow != (struct vmcs *)-1ull) { in vmcs_shadow_test_field()
10116 * When VMCS link pointer is -1ull, VMWRITE/VMREAD on in vmcs_shadow_test_field()
10117 * shadowed-fields should fail with setting RFLAGS.CF. in vmcs_shadow_test_field()
10126 /* VMWRITE/VMREAD done on reserved-bit should always intercept */ in vmcs_shadow_test_field()
10132 report(c->reason == VMX_VMWRITE, "not shadowed for VMWRITE"); in vmcs_shadow_test_field()
10134 report(c->reason == VMX_VMREAD, "not shadowed for VMREAD"); in vmcs_shadow_test_field()
10147 report(c->reason == VMX_VMWRITE, "not shadowed for VMWRITE"); in vmcs_shadow_test_field()
10150 report(c->reason == VMX_VMCALL, "shadowed for VMREAD (in %ld cycles)", in vmcs_shadow_test_field()
10151 c->time); in vmcs_shadow_test_field()
10152 report(c->flags == flags[ACCESS_VMREAD], in vmcs_shadow_test_field()
10154 c->flags, flags[ACCESS_VMREAD]); in vmcs_shadow_test_field()
10156 report(c->value == value, in vmcs_shadow_test_field()
10158 c->value, value); in vmcs_shadow_test_field()
10159 else if (shadow != (struct vmcs *)-1ull && flags[ACCESS_VMREAD]) in vmcs_shadow_test_field()
10173 report(c->reason == VMX_VMCALL, in vmcs_shadow_test_field()
10175 c->time); in vmcs_shadow_test_field()
10176 report(c->flags == flags[ACCESS_VMREAD], in vmcs_shadow_test_field()
10178 c->flags, flags[ACCESS_VMREAD]); in vmcs_shadow_test_field()
10184 } else if (shadow != (struct vmcs *)-1ull && flags[ACCESS_VMWRITE]) { in vmcs_shadow_test_field()
10190 report(c->reason == VMX_VMREAD, "not shadowed for VMREAD"); in vmcs_shadow_test_field()
10201 report(c->reason == VMX_VMCALL, in vmcs_shadow_test_field()
10203 c->time); in vmcs_shadow_test_field()
10204 report(c->flags == flags[ACCESS_VMREAD], in vmcs_shadow_test_field()
10206 c->flags, flags[ACCESS_VMREAD]); in vmcs_shadow_test_field()
10212 } else if (shadow != (struct vmcs *)-1ull && flags[ACCESS_VMWRITE]) { in vmcs_shadow_test_field()
10219 report(c->reason == VMX_VMCALL, "shadowed for VMREAD (in %ld cycles)", in vmcs_shadow_test_field()
10220 c->time); in vmcs_shadow_test_field()
10221 report(c->flags == flags[ACCESS_VMREAD], in vmcs_shadow_test_field()
10223 c->flags, flags[ACCESS_VMREAD]); in vmcs_shadow_test_field()
10225 report(c->value == 0, in vmcs_shadow_test_field()
10227 c->value, 0ul); in vmcs_shadow_test_field()
10228 else if (shadow != (struct vmcs *)-1ull && flags[ACCESS_VMREAD]) in vmcs_shadow_test_field()
10277 report_skip("%s : VMWRITE can't modify VM-exit information fields.", __func__); in vmx_vmcs_shadow_test()
10290 shadow->hdr.revision_id = basic_msr.revision; in vmx_vmcs_shadow_test()
10291 shadow->hdr.shadow_vmcs = 1; in vmx_vmcs_shadow_test()
10303 vmcs_write(VMCS_LINK_PTR, -1ull); in vmx_vmcs_shadow_test()
10315 * VM-exit MSR-store list when taking a VM-exit on the instruction
10330 vmcs_write(TSC_OFFSET, -rdtsc()); in reset_guest_tsc_to_zero()
10343 * This function only considers the "use TSC offsetting" VM-execution
10367 return host_to_guest_tsc - guest_tsc; in rdtsc_vmexit_diff_test_iteration()
10377 test_skip("CPU doesn't support the 'use TSC offsetting' processor-based VM-execution control.\n"); in rdtsc_vmexit_diff_test()
10384 * Set up the VMCS12 VM-exit MSR-store list to store just one in rdtsc_vmexit_diff_test()
10404 "RDTSC to VM-exit delta too high in %d of %d iterations, last = %llu", in rdtsc_vmexit_diff_test()
10443 report(result->exit_reason.failed_vmentry && in invalid_msr_entry_failure()
10444 result->exit_reason.basic == VMX_FAIL_MSR, "Invalid MSR load"); in invalid_msr_entry_failure()
10453 * 4-byte MSR index + 4 bytes reserved + 8-byte data = 16 bytes
10476 byte_capacity - count * sizeof(*msr_list)); in populate_msr_list()
10521 * VM-Enter should succeed up to the max number of MSRs per list, and in atomic_switch_msrs_test()
10652 /* If VPID is disabled, the TLB is flushed on VM-Enter and VM-Exit. */ in invalidate_tlb_no_vpid()
10751 report(regs->vector == vmx_exception_test_vector, in vmx_exception_handler()
10807 test_override_guest(t->guest_code); in vmx_exception_test()
10808 handle_exception_in_l2(t->vector); in vmx_exception_test()
10810 test_override_guest(t->guest_code); in vmx_exception_test()
10811 handle_exception_in_l1(t->vector); in vmx_exception_test()
10819 * an MSR, and for indirect writes via loads from VMCS fields on VM-Exit.
10878 /* TODO: _safe variants assume per-cpu gs base*/ in set_host_value()
11038 args->isr_exec_cnt++; in vmx_vid_test_isr()
11050 enum Vid_op op = args->op; in vmx_basic_vid_test_guest()
11051 u8 nr = args->nr; in vmx_basic_vid_test_guest()
11068 args->in_guest = true; in vmx_basic_vid_test_guest()
11073 args->in_guest = true; in vmx_basic_vid_test_guest()
11074 while (!args->isr_exec_cnt) in vmx_basic_vid_test_guest()
11078 u32 *virtual_apic_page = args->virtual_apic_page; in vmx_basic_vid_test_guest()
11079 u8 nr = args->nr; in vmx_basic_vid_test_guest()
11081 args->in_guest = true; in vmx_basic_vid_test_guest()
11102 * kvm-unit-tests uses vector 32 for IPIs, so don't install a test ISR in set_isrs_for_vmx_basic_vid_test()
11107 args->virtual_apic_page = get_vapic_page(); in set_isrs_for_vmx_basic_vid_test()
11108 args->op = VID_OP_SET_ISR; in set_isrs_for_vmx_basic_vid_test()
11109 args->nr = nr; in set_isrs_for_vmx_basic_vid_test()
11110 args->isr_exec_cnt = 0; in set_isrs_for_vmx_basic_vid_test()
11114 report(true, "Set ISR for vectors 33-255."); in set_isrs_for_vmx_basic_vid_test()
11122 while (!args->in_guest) in vmx_posted_interrupts_test_worker()
11125 test_and_set_bit(args->nr, args->pi_desc); in vmx_posted_interrupts_test_worker()
11126 test_and_set_bit(256, args->pi_desc); in vmx_posted_interrupts_test_worker()
11127 apic_icr_write(PI_VECTOR, args->dest); in vmx_posted_interrupts_test_worker()
11131 * Test virtual interrupt delivery (VID) at VM-entry or TPR virtualization
11137 * test VID during VM-entry.
11149 * IF "interrupt-window exiting" is 0 AND in test_basic_vid()
11160 args->isr_exec_cnt = 0; in test_basic_vid()
11161 args->virtual_apic_page = get_vapic_page(); in test_basic_vid()
11162 args->op = op; in test_basic_vid()
11163 args->in_guest = false; in test_basic_vid()
11167 args->nr = nr; in test_basic_vid()
11172 args->nr = task_priority_class(tpr); in test_basic_vid()
11179 args->nr = nr; in test_basic_vid()
11202 TEST_ASSERT_EQ(args->isr_exec_cnt, isr_exec_cnt_want); in test_basic_vid()
11208 * Test recognizing and delivering virtual interrupts via "Virtual-interrupt
11210 * 1. When there is a pending interrupt at VM-entry.
11259 report(true, "TPR 0-255 for vector 0x%x.", nr); in vmx_basic_vid_test()
11264 args->op = VID_OP_TERMINATE; in vmx_basic_vid_test()
11302 report(true, "Low priority nrs 0x21-0x%x for nr 0x%x.", in vmx_eoi_virt_test()
11303 nr - 1, nr); in vmx_eoi_virt_test()
11317 "Low priority nrs 0x21-0x%x for nr 0x%x, with induced EOI exits.", in vmx_eoi_virt_test()
11318 nr - 1, nr); in vmx_eoi_virt_test()
11322 args->op = VID_OP_TERMINATE; in vmx_eoi_virt_test()
11346 args->pi_desc = get_pi_desc(); in vmx_posted_interrupts_test()
11347 args->dest = apic_id(); in vmx_posted_interrupts_test()
11372 report(true, "Posted vectors 33-25 cross TPR classes 0-0xf, running and sometimes halted\n"); in vmx_posted_interrupts_test()
11375 args->op = VID_OP_TERMINATE; in vmx_posted_interrupts_test()
11422 /* VM-entry tests */
11436 /* APIC pass-through tests */