On 04.04.23 18:53, Sean Christopherson wrote: > From: Mathias Krause <minipli@xxxxxxxxxxxxxx> > > Enhance the CR0.WP toggling test to do additional tests via the emulator > as forcing KVM to emulate page protections exercises different flows than > shoving the correct bits into hardware, e.g. KVM has had at least one bug > when CR0.WP is guest owned. > > Link: https://lore.kernel.org/kvm/ea3a8fbc-2bf8-7442-e498-3e5818384c83@xxxxxxxxxxxxxx > Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx> > [sean: check AC_FEP_MASK instead of fep_available()] Hmm. But this excludes the emulator CR0.WP tests by default, even when FEP is supported by KVM. :( > Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx> > --- > x86/access.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/x86/access.c b/x86/access.c > index 4a3ca265..70d81bf0 100644 > --- a/x86/access.c > +++ b/x86/access.c > @@ -1108,8 +1108,9 @@ static int do_cr0_wp_access(ac_test_t *at, int flags) > set_efer_nx(0); > > if (!ac_test_do_access(at)) { > - printf("%s: supervisor write with CR0.WP=%d did not %s\n", > - __FUNCTION__, cr0_wp, cr0_wp ? "FAULT" : "SUCCEED"); > + printf("%s: %ssupervisor write with CR0.WP=%d did not %s\n", > + __FUNCTION__, (flags & AC_FEP_MASK) ? "emulated " : "", > + cr0_wp, cr0_wp ? "FAULT" : "SUCCEED"); > return 1; > } > > @@ -1127,6 +1128,10 @@ static int check_toggle_cr0_wp(ac_pt_env_t *pt_env) > > err += do_cr0_wp_access(&at, 0); > err += do_cr0_wp_access(&at, AC_CPU_CR0_WP_MASK); > + if (!(invalid_mask & AC_FEP_MASK)) { Can we *please* change this back to 'if (is_fep_available()) {'...? I really would like to get these tests exercised by default if possible. Runtime slowdown is no argument here, as that's only a whopping two emulated accesses. What was the reason to exclude them? Less test coverage can't be it, right? ;) > + err += do_cr0_wp_access(&at, AC_FEP_MASK); > + err += do_cr0_wp_access(&at, AC_FEP_MASK | AC_CPU_CR0_WP_MASK); > + } > > return err == 0; > }
