xref: /kvm-unit-tests/x86/msr.c (revision 4c8a99ca02252d4a2bee43f4558fe47ce5ab7ec0) 
1 /* msr tests */
2 
3 #include "libcflat.h"
4 #include "processor.h"
5 #include "msr.h"
6 #include <stdlib.h>
7 
8 /**
9  * This test allows two modes:
10  * 1. Default: the `msr_info' array contains the default test configurations
11  * 2. Custom: by providing command line arguments it is possible to test any MSR and value
12  *	Parameters order:
13  *		1. msr index as a base 16 number
14  *		2. value as a base 16 number
15  */
16 
17 struct msr_info {
18 	int index;
19 	bool is_64bit_only;
20 	const char *name;
21 	unsigned long long value;
22 	unsigned long long keep;
23 };
24 
25 
26 #define addr_64 0x0000123456789abcULL
27 #define addr_ul (unsigned long)addr_64
28 
29 #define MSR_TEST(msr, val, ro)	\
30 	{ .index = msr, .name = #msr, .value = val, .is_64bit_only = false, .keep = ro }
31 #define MSR_TEST_ONLY64(msr, val, ro)	\
32 	{ .index = msr, .name = #msr, .value = val, .is_64bit_only = true, .keep = ro }
33 
34 struct msr_info msr_info[] =
35 {
36 	MSR_TEST(MSR_IA32_SYSENTER_CS, 0x1234, 0),
37 	MSR_TEST(MSR_IA32_SYSENTER_ESP, addr_ul, 0),
38 	MSR_TEST(MSR_IA32_SYSENTER_EIP, addr_ul, 0),
39 	// reserved: 1:2, 4:6, 8:10, 13:15, 17, 19:21, 24:33, 35:63
40 	// read-only: 7, 11, 12
41 	MSR_TEST(MSR_IA32_MISC_ENABLE, 0x400c50809, 0x1880),
42 	MSR_TEST(MSR_IA32_CR_PAT, 0x07070707, 0),
43 	MSR_TEST_ONLY64(MSR_FS_BASE, addr_64, 0),
44 	MSR_TEST_ONLY64(MSR_GS_BASE, addr_64, 0),
45 	MSR_TEST_ONLY64(MSR_KERNEL_GS_BASE, addr_64, 0),
46 	MSR_TEST(MSR_EFER, EFER_SCE, 0),
47 	MSR_TEST_ONLY64(MSR_LSTAR, addr_64, 0),
48 	MSR_TEST_ONLY64(MSR_CSTAR, addr_64, 0),
49 	MSR_TEST_ONLY64(MSR_SYSCALL_MASK, 0xffffffff, 0),
50 //	MSR_IA32_DEBUGCTLMSR needs svm feature LBRV
51 //	MSR_VM_HSAVE_PA only AMD host
52 };
53 
54 static void __test_msr_rw(u32 msr, const char *name, unsigned long long val,
55 			  unsigned long long keep_mask)
56 {
57 	unsigned long long r, orig;
58 
59 	orig = rdmsr(msr);
60 	/*
61 	 * Special case EFER since clearing LME/LMA is not allowed in 64-bit mode,
62 	 * and conversely setting those bits on 32-bit CPUs is not allowed.  Treat
63 	 * the desired value as extra bits to set.
64 	 */
65 	if (msr == MSR_EFER)
66 		val |= orig;
67 	else
68 		val = (val & ~keep_mask) | (orig & keep_mask);
69 
70 	wrmsr(msr, val);
71 	r = rdmsr(msr);
72 	wrmsr(msr, orig);
73 
74 	if (r != val) {
75 		printf("testing %s: output = %#" PRIx32 ":%#" PRIx32
76 		       " expected = %#" PRIx32 ":%#" PRIx32 "\n", name,
77 		       (u32)(r >> 32), (u32)r, (u32)(val >> 32), (u32)val);
78 	}
79 	report(val == r, "%s", name);
80 }
81 
82 static void test_msr_rw(u32 msr, const char *name, unsigned long long val)
83 {
84 	__test_msr_rw(msr, name, val, 0);
85 }
86 
87 static void test_wrmsr_fault(u32 msr, const char *name, unsigned long long val)
88 {
89 	unsigned char vector = wrmsr_safe(msr, val);
90 
91 	report(vector == GP_VECTOR,
92 	       "Expected #GP on WRSMR(%s, 0x%llx), got vector %d",
93 	       name, val, vector);
94 }
95 
96 static void test_rdmsr_fault(u32 msr, const char *name)
97 {
98 	uint64_t ignored;
99 	unsigned char vector = rdmsr_safe(msr, &ignored);
100 
101 	report(vector == GP_VECTOR,
102 	       "Expected #GP on RDSMR(%s), got vector %d", name, vector);
103 }
104 
105 static void test_msr(struct msr_info *msr, bool is_64bit_host)
106 {
107 	if (is_64bit_host || !msr->is_64bit_only) {
108 		__test_msr_rw(msr->index, msr->name, msr->value, msr->keep);
109 
110 		/*
111 		 * The 64-bit only MSRs that take an address always perform
112 		 * canonical checks on both Intel and AMD.
113 		 */
114 		if (msr->is_64bit_only &&
115 		    msr->value == addr_64)
116 			test_wrmsr_fault(msr->index, msr->name, NONCANONICAL);
117 	} else {
118 		test_wrmsr_fault(msr->index, msr->name, msr->value);
119 		test_rdmsr_fault(msr->index, msr->name);
120 	}
121 }
122 
123 int main(int ac, char **av)
124 {
125 	bool is_64bit_host = this_cpu_has(X86_FEATURE_LM);
126 	unsigned int nr_mce_banks;
127 	char msr_name[32];
128 	int i;
129 
130 	if (ac == 3) {
131 		int index = strtoul(av[1], NULL, 0x10);
132 		snprintf(msr_name, sizeof(msr_name), "MSR:0x%x", index);
133 
134 		struct msr_info msr = {
135 			.index = index,
136 			.name = msr_name,
137 			.value = strtoull(av[2], NULL, 0x10)
138 		};
139 		test_msr(&msr, is_64bit_host);
140 	} else {
141 		for (i = 0 ; i < ARRAY_SIZE(msr_info); i++)
142 			test_msr(&msr_info[i], is_64bit_host);
143 
144 		nr_mce_banks = rdmsr(MSR_IA32_MCG_CAP) & 0xff;
145 		for (i = 0; i < nr_mce_banks; i++) {
146 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_CTL", i);
147 			test_msr_rw(MSR_IA32_MCx_CTL(i), msr_name, 0);
148 			test_msr_rw(MSR_IA32_MCx_CTL(i), msr_name, -1ull);
149 			test_wrmsr_fault(MSR_IA32_MCx_CTL(i), msr_name, NONCANONICAL);
150 
151 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_STATUS", i);
152 			test_msr_rw(MSR_IA32_MCx_STATUS(i), msr_name, 0);
153 			/*
154 			 * STATUS MSRs can only be written with '0' (to clear
155 			 * the MSR), except on AMD-based systems with bit 18
156 			 * set in MSR_K7_HWCR.  That bit is not architectural
157 			 * and should not be set by default by KVM or by the
158 			 * VMM (though this might fail if run on bare metal).
159 			 */
160 			test_wrmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name, 1);
161 
162 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_ADDR", i);
163 			test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, 0);
164 			test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, -1ull);
165 			/*
166 			 * The ADDR is a physical address, and all bits are
167 			 * writable on 64-bit hosts.    Don't test the negative
168 			 * case, as KVM doesn't enforce checks on bits 63:36
169 			 * for 32-bit hosts.  The behavior depends on the
170 			 * underlying hardware, e.g. a 32-bit guest on a 64-bit
171 			 * host may observe 64-bit values in the ADDR MSRs.
172 			 */
173 			if (is_64bit_host)
174 				test_msr_rw(MSR_IA32_MCx_ADDR(i), msr_name, NONCANONICAL);
175 
176 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_MISC", i);
177 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, 0);
178 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, -1ull);
179 			test_msr_rw(MSR_IA32_MCx_MISC(i), msr_name, NONCANONICAL);
180 		}
181 
182 		/*
183 		 * The theoretical maximum number of MCE banks is 32 (on Intel
184 		 * CPUs, without jumping to a new base address), as the last
185 		 * unclaimed MSR is 0x479; 0x480 begins the VMX MSRs.  Verify
186 		 * accesses to theoretically legal, unsupported MSRs fault.
187 		 */
188 		for (i = nr_mce_banks; i < 32; i++) {
189 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_CTL", i);
190 			test_rdmsr_fault(MSR_IA32_MCx_CTL(i), msr_name);
191 			test_wrmsr_fault(MSR_IA32_MCx_CTL(i), msr_name, 0);
192 
193 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_STATUS", i);
194 			test_rdmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name);
195 			test_wrmsr_fault(MSR_IA32_MCx_STATUS(i), msr_name, 0);
196 
197 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_ADDR", i);
198 			test_rdmsr_fault(MSR_IA32_MCx_ADDR(i), msr_name);
199 			test_wrmsr_fault(MSR_IA32_MCx_ADDR(i), msr_name, 0);
200 
201 			snprintf(msr_name, sizeof(msr_name), "MSR_IA32_MC%u_MISC", i);
202 			test_rdmsr_fault(MSR_IA32_MCx_MISC(i), msr_name);
203 			test_wrmsr_fault(MSR_IA32_MCx_MISC(i), msr_name, 0);
204 		}
205 	}
206 
207 	return report_summary();
208 }
209