On Fri, Mar 15, 2024 at 4:05 PM David Matlack <dmatlack@xxxxxxxxxx> wrote:
>
> Extend vmx_dirty_log_test to include accesses made by L2 when EPT is
> disabled.
>
> This commit adds explicit coverage of a bug caught by syzkaller, where
> the TDP MMU would clear D-bits instead of write-protecting SPTEs being
> used to map an L2, which only happens when L1 does not enable EPT,
> causing writes made by L2 to not be reflected in the dirty log when PML
> is enabled:
>
> $ ./vmx_dirty_log_test
> Nested EPT: disabled
> ==== Test Assertion Failure ====
> x86_64/vmx_dirty_log_test.c:151: test_bit(0, bmap)
> pid=72052 tid=72052 errno=4 - Interrupted system call
> (stack trace empty)
> Page 0 incorrectly reported clean
>
> Opportunistically replace the volatile casts with {READ,WRITE}_ONCE().
>
> Link: https://lore.kernel.org/kvm/000000000000c6526f06137f18cc@xxxxxxxxxx/
> Signed-off-by: David Matlack <dmatlack@xxxxxxxxxx>
> ---
> .../selftests/kvm/x86_64/vmx_dirty_log_test.c | 60 ++++++++++++++-----
> 1 file changed, 46 insertions(+), 14 deletions(-)
>
> diff --git a/tools/testing/selftests/kvm/x86_64/vmx_dirty_log_test.c b/tools/testing/selftests/kvm/x86_64/vmx_dirty_log_test.c
> index e4ad5fef52ff..609a767c4655 100644
> --- a/tools/testing/selftests/kvm/x86_64/vmx_dirty_log_test.c
> +++ b/tools/testing/selftests/kvm/x86_64/vmx_dirty_log_test.c
>
> - *(volatile uint64_t *)NESTED_TEST_MEM2 = 1;
> + READ_ONCE(*b);
This should be WRITE_ONCE(*b, 1). I forgot to reformat the patch after
I fixed this bug locally.
