[PATCH 2/2 v2] kvm-unit-test: nVMX: Test GUEST_BNDCFGS VM-Entry control on vmentry of nested guests

Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> · Tue, 17 Mar 2020 19:15:30 +0000

According to section "Checks on Guest Control Registers, Debug Registers,
and MSRs" in Intel SDM vol 3C, the following checks are performed on
vmentry of nested guests:

    If the "load IA32_BNDCFGS" VM-entry control is 1, the following
    checks are performed on the field for the IA32_BNDCFGS MSR:

      —  Bits reserved in the IA32_BNDCFGS MSR must be 0.
      —  The linear address in bits 63:12 must be canonical.

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx>
---
 x86/vmx_tests.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
index 0ae0046..7a37c37 100644
--- a/x86/vmx_tests.c
+++ b/x86/vmx_tests.c
@@ -7606,6 +7606,50 @@ static void test_load_guest_pat(void)
 	test_pat(GUEST_PAT, "GUEST_PAT", ENT_CONTROLS, ENT_LOAD_PAT);
 }
 
+#define MSR_IA32_BNDCFGS_RSVD_MASK	0x00000ffc
+
+/*
+ * If the “load IA32_BNDCFGS” VM-entry control is 1, the following
+ * checks are performed on the field for the IA32_BNDCFGS MSR:
+ *
+ *   —  Bits reserved in the IA32_BNDCFGS MSR must be 0.
+ *   —  The linear address in bits 63:12 must be canonical.
+ *
+ *  [Intel SDM]
+ */
+static void test_load_guest_bndcfgs(void)
+{
+	u64 bndcfgs_saved = vmcs_read(GUEST_BNDCFGS);
+	u64 bndcfgs;
+
+	if (!(ctrl_enter_rev.clr & ENT_LOAD_BNDCFGS)) {
+		printf("\"Load-IA32-BNDCFGS\" entry control not supported\n");
+		return;
+	}
+
+	vmcs_clear_bits(ENT_CONTROLS, ENT_LOAD_BNDCFGS);
+
+	vmcs_write(GUEST_BNDCFGS, NONCANONICAL);
+	test_guest_state("ENT_LOAD_BNDCFGS disabled", false,
+			 GUEST_BNDCFGS, "GUEST_BNDCFGS");
+	bndcfgs = bndcfgs_saved | MSR_IA32_BNDCFGS_RSVD_MASK;
+	vmcs_write(GUEST_BNDCFGS, bndcfgs);
+	test_guest_state("ENT_LOAD_BNDCFGS disabled", false,
+			 GUEST_BNDCFGS, "GUEST_BNDCFGS");
+
+	vmcs_set_bits(ENT_CONTROLS, ENT_LOAD_BNDCFGS);
+
+	vmcs_write(GUEST_BNDCFGS, NONCANONICAL);
+	test_guest_state("ENT_LOAD_BNDCFGS enabled", true,
+			 GUEST_BNDCFGS, "GUEST_BNDCFGS");
+	bndcfgs = bndcfgs_saved | MSR_IA32_BNDCFGS_RSVD_MASK;
+	vmcs_write(GUEST_BNDCFGS, bndcfgs);
+	test_guest_state("ENT_LOAD_BNDCFGS enabled", true,
+			 GUEST_BNDCFGS, "GUEST_BNDCFGS");
+
+	vmcs_write(GUEST_BNDCFGS, bndcfgs_saved);
+}
+
 /*
  * Check that the virtual CPU checks the VMX Guest State Area as
  * documented in the Intel SDM.
@@ -7626,6 +7670,7 @@ static void vmx_guest_state_area_test(void)
 	test_load_guest_pat();
 	test_guest_efer();
 	test_load_guest_perf_global_ctrl();
+	test_load_guest_bndcfgs();
 
 	/*
 	 * Let the guest finish execution
-- 
1.8.3.1







