On 7/11/2024 10:23 AM, Peter Gonda wrote:
>> +
>> +static void test_sev_launch(void *guest_code, uint32_t type, uint64_t policy)
>> +{
>> + struct kvm_vcpu *vcpu;
>> + struct kvm_vm *vm;
>> + struct ucall uc;
>> + bool cond;
>> + int ret;
>> +
>> + vm = vm_sev_create_with_one_vcpu(type, guest_code, &vcpu);
>> + ret = sev_vm_launch_start(vm, 0);
>> + cond = type == KVM_X86_SEV_VM ? !ret : ret;
>> + TEST_ASSERT(cond,
>> + "KVM_SEV_LAUNCH_START should fail, invalid policy.");
>> +
>> + ret = sev_vm_launch_update(vm, policy);
>> + cond = type == KVM_X86_SEV_VM ? !ret : ret;
>> + TEST_ASSERT(cond,
>> + "KVM_SEV_LAUNCH_UPDATE should fail, invalid policy.");
>
> Isn't the reason we expect all other calls to fail here because we
> have not successfully called `sev_vm_launch_start()`?
>
Yes you're right. The idea is that none of the consequent "good" ioctl
calls should succeed if the vm_launch_start was faulty.
>> + sev_guest_status_assert(vm, type);
>> +
>> + ret = sev_vm_launch_measure(vm, alloca(256));
>
> Should we free this buffer?
Sure, I should store this into a pointer and free it.
I guess this also happens within vm_sev_launch() where we should include
a free as well.
Thanks for catching this!
