Let's check if the UV calls that should not be available in a protected guest 2 are actually not available. Also let's check if they are falsely indicated to be available. Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx> Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx> Reviewed-by: Claudio Imbrenda <imbrenda@xxxxxxxxxxxxx> --- s390x/uv-guest.c | 46 +++++++++++++++++++++++++++++++++++++++------- 1 file changed, 39 insertions(+), 7 deletions(-) diff --git a/s390x/uv-guest.c b/s390x/uv-guest.c index e99029a7..f05ae4c3 100644 --- a/s390x/uv-guest.c +++ b/s390x/uv-guest.c @@ -121,16 +121,48 @@ static void test_sharing(void) report_prefix_pop(); } +static struct { + const char *name; + uint16_t cmd; + uint16_t len; + int call_bit; +} invalid_cmds[] = { + { "bogus", 0x4242, sizeof(struct uv_cb_header), -1 }, + { "init", UVC_CMD_INIT_UV, sizeof(struct uv_cb_init), BIT_UVC_CMD_INIT_UV }, + { "create conf", UVC_CMD_CREATE_SEC_CONF, sizeof(struct uv_cb_cgc), BIT_UVC_CMD_CREATE_SEC_CONF }, + { "destroy conf", UVC_CMD_DESTROY_SEC_CONF, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_DESTROY_SEC_CONF }, + { "create cpu", UVC_CMD_CREATE_SEC_CPU, sizeof(struct uv_cb_csc), BIT_UVC_CMD_CREATE_SEC_CPU }, + { "destroy cpu", UVC_CMD_DESTROY_SEC_CPU, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_DESTROY_SEC_CPU }, + { "conv to", UVC_CMD_CONV_TO_SEC_STOR, sizeof(struct uv_cb_cts), BIT_UVC_CMD_CONV_TO_SEC_STOR }, + { "conv from", UVC_CMD_CONV_FROM_SEC_STOR, sizeof(struct uv_cb_cfs), BIT_UVC_CMD_CONV_FROM_SEC_STOR }, + { "set sec conf", UVC_CMD_SET_SEC_CONF_PARAMS, sizeof(struct uv_cb_ssc), BIT_UVC_CMD_SET_SEC_PARMS }, + { "unpack", UVC_CMD_UNPACK_IMG, sizeof(struct uv_cb_unp), BIT_UVC_CMD_UNPACK_IMG }, + { "verify", UVC_CMD_VERIFY_IMG, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_VERIFY_IMG }, + { "cpu reset", UVC_CMD_CPU_RESET, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_CPU_RESET }, + { "cpu initial reset", UVC_CMD_CPU_RESET_INITIAL, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_CPU_RESET_INITIAL }, + { "conf clear reset", UVC_CMD_PERF_CONF_CLEAR_RESET, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_PREPARE_CLEAR_RESET }, + { "cpu clear reset", UVC_CMD_CPU_RESET_CLEAR, sizeof(struct uv_cb_nodata), BIT_UVC_CMD_CPU_PERFORM_CLEAR_RESET }, + { "cpu set state", UVC_CMD_CPU_SET_STATE, sizeof(struct uv_cb_cpu_set_state), BIT_UVC_CMD_CPU_SET_STATE }, + { "pin shared", UVC_CMD_PIN_PAGE_SHARED, sizeof(struct uv_cb_cfs), BIT_UVC_CMD_PIN_PAGE_SHARED }, + { "unpin shared", UVC_CMD_UNPIN_PAGE_SHARED, sizeof(struct uv_cb_cts), BIT_UVC_CMD_UNPIN_PAGE_SHARED }, + { NULL, 0, 0 }, +}; + static void test_invalid(void) { - struct uv_cb_header uvcb = { - .len = 16, - .cmd = 0x4242, - }; - int cc; + struct uv_cb_header *hdr = (void *)page; + int cc, i; - cc = uv_call(0, (u64)&uvcb); - report(cc == 1 && uvcb.rc == UVC_RC_INV_CMD, "invalid command"); + report_prefix_push("invalid"); + for (i = 0; invalid_cmds[i].name; i++) { + hdr->cmd = invalid_cmds[i].cmd; + hdr->len = invalid_cmds[i].len; + cc = uv_call(0, (u64)hdr); + report(cc == 1 && hdr->rc == UVC_RC_INV_CMD && + (invalid_cmds[i].call_bit == -1 || !uv_query_test_call(invalid_cmds[i].call_bit)), + "%s", invalid_cmds[i].name); + } + report_prefix_pop(); } int main(void) -- 2.30.2