xref: /kvm-unit-tests/x86/msr.c (revision 0b7501c3b516bde6bd3d74b17e6af76b6aa2a116) 
1 /* msr tests */
2 
3 #include "libcflat.h"
4 #include "processor.h"
5 #include "msr.h"
6 #include <stdlib.h>
7 
8 /**
9  * This test allows two modes:
10  * 1. Default: the `msr_info' array contains the default test configurations
11  * 2. Custom: by providing command line arguments it is possible to test any MSR and value
12  *	Parameters order:
13  *		1. msr index as a base 16 number
14  *		2. value as a base 16 number
15  */
16 
17 struct msr_info {
18 	int index;
19 	bool is_64bit_only;
20 	const char *name;
21 	unsigned long long value;
22 	unsigned long long keep;
23 };
24 
25 
26 #define addr_64 0x0000123456789abcULL
27 #define addr_ul (unsigned long)addr_64
28 
29 #define MSR_TEST(msr, val, ro)	\
30 	{ .index = msr, .name = #msr, .value = val, .is_64bit_only = false, .keep = ro }
31 #define MSR_TEST_ONLY64(msr, val, ro)	\
32 	{ .index = msr, .name = #msr, .value = val, .is_64bit_only = true, .keep = ro }
33 
34 struct msr_info msr_info[] =
35 {
36 	MSR_TEST(MSR_IA32_SYSENTER_CS, 0x1234, 0),
37 	MSR_TEST(MSR_IA32_SYSENTER_ESP, addr_ul, 0),
38 	MSR_TEST(MSR_IA32_SYSENTER_EIP, addr_ul, 0),
39 	// reserved: 1:2, 4:6, 8:10, 13:15, 17, 19:21, 24:33, 35:63
40 	// read-only: 7, 11, 12
41 	MSR_TEST(MSR_IA32_MISC_ENABLE, 0x400c50809, 0x1880),
42 	MSR_TEST(MSR_IA32_CR_PAT, 0x07070707, 0),
43 	MSR_TEST_ONLY64(MSR_FS_BASE, addr_64, 0),
44 	MSR_TEST_ONLY64(MSR_GS_BASE, addr_64, 0),
45 	MSR_TEST_ONLY64(MSR_KERNEL_GS_BASE, addr_64, 0),
46 	MSR_TEST(MSR_EFER, EFER_SCE, 0),
47 	MSR_TEST_ONLY64(MSR_LSTAR, addr_64, 0),
48 	MSR_TEST_ONLY64(MSR_CSTAR, addr_64, 0),
49 	MSR_TEST_ONLY64(MSR_SYSCALL_MASK, 0xffffffff, 0),
50 //	MSR_IA32_DEBUGCTLMSR needs svm feature LBRV
51 //	MSR_VM_HSAVE_PA only AMD host
52 };
53 
54 static void __test_msr_rw(u32 msr, const char *name, unsigned long long val,
55 			  unsigned long long keep_mask)
56 {
57 	unsigned long long r, orig;
58 
59 	orig = rdmsr(msr);
60 	/*
61 	 * Special case EFER since clearing LME/LMA is not allowed in 64-bit mode,
62 	 * and conversely setting those bits on 32-bit CPUs is not allowed.  Treat
63 	 * the desired value as extra bits to set.
64 	 */
65 	if (msr == MSR_EFER)
66 		val |= orig;
67 	else
68 		val = (val & ~keep_mask) | (orig & keep_mask);
69 
70 	wrmsr(msr, val);
71 	r = rdmsr(msr);
72 	wrmsr(msr, orig);
73 
74 	if (r != val) {
75 		printf("testing %s: output = %#" PRIx32 ":%#" PRIx32
76 		       " expected = %#" PRIx32 ":%#" PRIx32 "\n", name,
77 		       (u32)(r >> 32), (u32)r, (u32)(val >> 32), (u32)val);
78 	}
79 	report(val == r, "%s", name);
80 }
81 
82 static void test_msr_rw(u32 msr, const char *name, unsigned long long val)
83 {
84 	__test_msr_rw(msr, name, val, 0);
85 }
86 
87 static void test_wrmsr_fault(u32 msr, const char *name, unsigned long long val)
88 {
89 	unsigned char vector = wrmsr_checking(msr, val);
90 
91 	report(vector == GP_VECTOR,
92 	       "Expected #GP on WRSMR(%s, 0x%llx), got vector %d",
93 	       name, val, vector);
94 }
95 
96 static void test_rdmsr_fault(u32 msr, const char *name)
97 {
98 	unsigned char vector = rdmsr_checking(msr);
99 
100 	report(vector == GP_VECTOR,
101 	       "Expected #GP on RDSMR(%s), got vector %d", name, vector);
102 }
103 
104 static void test_msr(struct msr_info *msr, bool is_64bit_host)
105 {
106 	if (is_64bit_host || !msr->is_64bit_only) {
107 		__test_msr_rw(msr->index, msr->name, msr->value, msr->keep);
108 
109 		/*
110 		 * The 64-bit only MSRs that take an address always perform
111 		 * canonical checks on both Intel and AMD.
112 		 */
113 		if (msr->is_64bit_only &&
114 		    msr->value == addr_64)
115 			test_wrmsr_fault(msr->index, msr->name, NONCANONICAL);
116 	} else {
117 		test_wrmsr_fault(msr->index, msr->name, msr->value);
118 		test_rdmsr_fault(msr->index, msr->name);
119 	}
120 }
121 
122 int main(int ac, char **av)
123 {
124 	bool is_64bit_host = this_cpu_has(X86_FEATURE_LM);
125 	unsigned int nr_mce_banks;
126 	char msr_name[32];
127 	int i;
128 
129 	if (ac == 3) {
130 		int index = strtoul(av[1], NULL, 0x10);
131 		snprintf(msr_name, sizeof(msr_name), "MSR:0x%x", index);
132 
133 		struct msr_info msr = {
134 			.index = index,
135 			.name = msr_name,
136 			.value = strtoull(av[2], NULL, 0x10)
137 		};
138 		test_msr(&msr, is_64bit_host);
139 	} else {
140 		for (i = 0 ; i < ARRAY_SIZE(msr_info); i++)
141 			test_msr(&msr_info[i], is_64bit_host);
142 
143 		nr_mce_banks = rdmsr(MSR_IA32_MCG_CAP) & 0xff;
144 		for (i = 0; i < nr_mce_banks; i++) {
145 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_CTL", i);
146 			test_msr_rw(MSR_IA32_MCx_CTL(i), msr_name, 0);
147 			test_msr_rw(MSR_IA32_MCx_CTL(i), msr_name, -1ull);
148 			test_wrmsr_fault(MSR_IA32_MCx_CTL(i), msr_name, NONCANONICAL);
149 
150 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_STATUS", i);
151 			test_msr_rw(MSR_IA32_MCx_STATUS(i), msr_name, 0);
152 			/*
153 			 * STATUS MSRs can only be written with '0' (to clear
154 			 * the MSR), except on AMD-based systems with bit 18
155 			 * set in MSR_K7_HWCR.  That bit is not architectural
156 			 * and should not be set by default by KVM or by the
157 			 * VMM (though this might fail if run on bare metal).
158 			 */
159 			test_wrmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name, 1);
160 
161 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_ADDR", i);
162 			test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, 0);
163 			test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, -1ull);
164 			/*
165 			 * The ADDR is a physical address, and all bits are
166 			 * writable on 64-bit hosts.    Don't test the negative
167 			 * case, as KVM doesn't enforce checks on bits 63:36
168 			 * for 32-bit hosts.  The behavior depends on the
169 			 * underlying hardware, e.g. a 32-bit guest on a 64-bit
170 			 * host may observe 64-bit values in the ADDR MSRs.
171 			 */
172 			if (is_64bit_host)
173 				test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, NONCANONICAL);
174 
175 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_MISC", i);
176 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, 0);
177 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, -1ull);
178 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, NONCANONICAL);
179 		}
180 
181 		/*
182 		 * The theoretical maximum number of MCE banks is 32 (on Intel
183 		 * CPUs, without jumping to a new base address), as the last
184 		 * unclaimed MSR is 0x479; 0x480 begins the VMX MSRs.  Verify
185 		 * accesses to theoretically legal, unsupported MSRs fault.
186 		 */
187 		for (i = nr_mce_banks; i < 32; i++) {
188 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_CTL", i);
189 			test_rdmsr_fault(MSR_IA32_MCx_CTL(i), msr_name);
190 			test_wrmsr_fault(MSR_IA32_MCx_CTL(i), msr_name, 0);
191 
192 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_STATUS", i);
193 			test_rdmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name);
194 			test_wrmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name, 0);
195 
196 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_ADDR", i);
197 			test_rdmsr_fault(MSR_IA32_MCx_ADDR(i), msr_name);
198 			test_wrmsr_fault(MSR_IA32_MCx_ADDR(i), msr_name, 0);
199 
200 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_MISC", i);
201 			test_rdmsr_fault(MSR_IA32_MCx_MISC(i), msr_name);
202 			test_wrmsr_fault(MSR_IA32_MCx_MISC(i), msr_name, 0);
203 		}
204 	}
205 
206 	return report_summary();
207 }
208