Re: [PATCH] KVM: selftests: Add SEV-ES shutdown test

Sean Christopherson <seanjc@xxxxxxxxxx> · Thu, 29 Aug 2024 19:36:56 -0700

On Tue, Jul 09, 2024, Peter Gonda wrote:
> Regression test for ae20eef5 ("KVM: SVM: Update SEV-ES shutdown intercepts
> with more metadata"). Test confirms userspace is correctly indicated of
> a guest shutdown not previous behavior of an EINVAL from KVM_RUN.
> 
> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Cc: Sean Christopherson <seanjc@xxxxxxxxxx>
> Cc: Alper Gun <alpergun@xxxxxxxxxx>
> Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
> Cc: Michael Roth <michael.roth@xxxxxxx>
> Cc: kvm@xxxxxxxxxxxxxxx
> Cc: linux-kselftest@xxxxxxxxxxxxxxx
> Signed-off-by: Peter Gonda <pgonda@xxxxxxxxxx>
> 
> ---
>  .../selftests/kvm/x86_64/sev_smoke_test.c     | 26 +++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> index 7c70c0da4fb74..04f24d5f09877 100644
> --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
> @@ -160,6 +160,30 @@ static void test_sev(void *guest_code, uint64_t policy)
>  	kvm_vm_free(vm);
>  }
>  
> +static void guest_shutdown_code(void)
> +{
> +	__asm__ __volatile__("ud2");

Heh, this passes by dumb luck, not because the #UD itself causes a SHUTDOWN.  It
_looks_ like the #UD causes a shutdown, because KVM will always see the original
guest RIP, but the shutdown actually occurs somewhere in the ucall_assert() in
route_exception().

Now that x86 selftests install an IDT and exception handlers by default, it's
actually quite hard to induce shutdown.  Ok, not "hard", but it requires more
work than simply generating a #UD.

I'll add this as fixup when applying:

diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
index 04f24d5f0987..2e9197eb1652 100644
--- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c
@@ -162,6 +162,12 @@ static void test_sev(void *guest_code, uint64_t policy)
 
 static void guest_shutdown_code(void)
 {
+       struct desc_ptr idt;
+
+       /* Clobber the IDT so that #UD is guaranteed to trigger SHUTDOWN. */
+       memset(&idt, 0, sizeof(idt));
+       __asm__ __volatile__("lidt %0" :: "m"(idt));
+
        __asm__ __volatile__("ud2");
 }







