Hi Zixuan,
On 10/4/21 10:49 PM, Zixuan Wang wrote:
> From: Zixuan Wang <zixuanwang@xxxxxxxxxx>
>
> SEV-ES introduces #VC handler for guest/host communications, e.g.,
> accessing MSR, executing CPUID. This commit provides test cases to check
> if SEV-ES is enabled and if rdmsr/wrmsr are handled correctly in SEV-ES.
>
> Signed-off-by: Zixuan Wang <zixuanwang@xxxxxxxxxx>
> ---
> x86/amd_sev.c | 30 ++++++++++++++++++++++++++++++
> 1 file changed, 30 insertions(+)
>
> diff --git a/x86/amd_sev.c b/x86/amd_sev.c
> index a07a48f..21a491c 100644
> --- a/x86/amd_sev.c
> +++ b/x86/amd_sev.c
> @@ -13,6 +13,7 @@
> #include "libcflat.h"
> #include "x86/processor.h"
> #include "x86/amd_sev.h"
> +#include "msr.h"
>
> #define EXIT_SUCCESS 0
> #define EXIT_FAILURE 1
> @@ -55,10 +56,39 @@ static int test_sev_activation(void)
> return EXIT_SUCCESS;
> }
>
> +static int test_sev_es_activation(void)
> +{
> + if (!(rdmsr(MSR_SEV_STATUS) & SEV_ES_ENABLED_MASK)) {
> + return EXIT_FAILURE;
> + }
> +
> + return EXIT_SUCCESS;
> +}
> +
> +static int test_sev_es_msr(void)
> +{
> + /*
> + * With SEV-ES, rdmsr/wrmsr trigger #VC exception. If #VC is handled
> + * correctly, rdmsr/wrmsr should work like without SEV-ES and not crash
> + * the guest VM.
> + */
> + u64 val = 0x1234;
> + wrmsr(MSR_TSC_AUX, val);
> + if(val != rdmsr(MSR_TSC_AUX)) {
> + return EXIT_FAILURE;
See note below.
> + }
> +
> + return EXIT_SUCCESS;
> +}
> +
> int main(void)
> {
> int rtn;
> rtn = test_sev_activation();
> report(rtn == EXIT_SUCCESS, "SEV activation test.");
> + rtn = test_sev_es_activation();
> + report(rtn == EXIT_SUCCESS, "SEV-ES activation test.");
> + rtn = test_sev_es_msr();
There is nothing SEV-ES specific about this function, it only wraps
rdmsr/wrmsr, which are supposed to generate #VC exceptions on SEV-ES.
Since the same scenario can be covered by running the msr testcase
as a SEV-ES guest and observing if it crashes, does testing
rdmsr/wrmsr one more time here gain us any new information?
Also, the function gets called from main() even if
test_sev_es_activation() failed or SEV-ES was inactive.
Note: More broadly, what are you looking to test for here?
1. wrmsr/rdmsr correctness (rdmsr reads what wrmsr wrote)? or,
2. A #VC exception not causing a guest crash on SEV-ES?
If you are looking to test 1., I suggest letting it be covered by
the generic testcases for msr.
If you are looking to test 2., perhaps a better test is to trigger
all scenarios that would cause a #VC exception (eg. test_sev_es_vc_exit)
and check that a SEV-ES guest survives.
Regards,
Varad
> + report(rtn == EXIT_SUCCESS, "SEV-ES MSR test.");
> return report_summary();
> }
>
