On Fri, Feb 18, 2022 at 3:09 AM Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote: > > I managed to get hold of a machine that has SEV but not SEV-ES, and > sev_migrate_tests fails because sev_vm_create(true) returns ENOTTY. > Fix this, and while at it also return KSFT_SKIP on machines that do > not have SEV at all, instead of returning 0. > > Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Tested-by: Peter Gonda <pgonda@xxxxxxxxxx> > > +#define X86_FEATURE_SEV (1 << 1) > +#define X86_FEATURE_SEV_ES (1 << 3) These conflict with these names but have different values: https://elixir.bootlin.com/linux/latest/source/arch/x86/include/asm/cpufeatures.h#L402. Is that normal in selftests or should we go with another name? > + > int main(int argc, char *argv[]) > { > + struct kvm_cpuid_entry2 *cpuid; > + > + if (!kvm_check_cap(KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM) && > + !kvm_check_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) { > + print_skip("Capabilities not available"); > + exit(KSFT_SKIP); > + } > + > + cpuid = kvm_get_supported_cpuid_entry(0x80000000); > + if (cpuid->eax < 0x8000001f) { > + print_skip("AMD memory encryption not available"); > + exit(KSFT_SKIP); > + } > + cpuid = kvm_get_supported_cpuid_entry(0x8000001f); > + if (!(cpuid->eax & X86_FEATURE_SEV)) { > + print_skip("AMD SEV not available"); > + exit(KSFT_SKIP); > + } > + have_sev_es = !!(cpuid->eax & X86_FEATURE_SEV_ES); > + > if (kvm_check_cap(KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM)) { > test_sev_migrate_from(/* es= */ false); > - test_sev_migrate_from(/* es= */ true); > + if (have_sev_es) > + test_sev_migrate_from(/* es= */ true); > test_sev_migrate_locking(); > test_sev_migrate_parameters(); > if (kvm_check_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) > @@ -405,7 +440,8 @@ int main(int argc, char *argv[]) > } > if (kvm_check_cap(KVM_CAP_VM_COPY_ENC_CONTEXT_FROM)) { > test_sev_mirror(/* es= */ false); > - test_sev_mirror(/* es= */ true); > + if (have_sev_es) > + test_sev_mirror(/* es= */ true); > test_sev_mirror_parameters(); > } > return 0; > -- > 2.31.1 >
