|
|
Subscribe / Log in / New account

AMD: Add Secure AVIC KVM selftests

From:  Neeraj Upadhyay <Neeraj.Upadhyay-AT-amd.com>
To:  <kvm-AT-vger.kernel.org>, <seanjc-AT-google.com>, <pbonzini-AT-redhat.com>
Subject:  [RFC PATCH v2 00/35] AMD: Add Secure AVIC KVM selftests
Date:  Tue, 23 Sep 2025 10:39:07 +0530
Message-ID:  <20250923050942.206116-1-Neeraj.Upadhyay@amd.com>
Cc:  <linux-kernel-AT-vger.kernel.org>, <Thomas.Lendacky-AT-amd.com>, <nikunj-AT-amd.com>, <Santosh.Shukla-AT-amd.com>, <Vasant.Hegde-AT-amd.com>, <Suravee.Suthikulpanit-AT-amd.com>, <bp-AT-alien8.de>, <David.Kaplan-AT-amd.com>, <huibo.wang-AT-amd.com>, <naveen.rao-AT-amd.com>, <pgonda-AT-google.com>, <linux-kselftest-AT-vger.kernel.org>, <shuah-AT-kernel.org>, <tiala-AT-microsoft.com>
Archive-link:  Article

This series adds KVM selftests for Secure AVIC.

The Secure AVIC KVM support patch series is at:

https://lore.kernel.org/kvm/20250923050317.205482-1-Neera...

Git tree is available at:

  https://github.com/AMDESE/linux-kvm/tree/savic-host-latest

Changes since v1:

v1: https://lore.kernel.org/lkml/20250228093024.114983-1-Neer...

- Drop Secure AVIC APIC regs test as it relied on KVM_GET_LAPIC,
  KVM_SET_LAPIC IOCTLS. Since commit f65916a ("KVM: TDX: Force APICv active
  for TDX guest"), these IOCTLs do not work for protected APIC guests.
- Rebase on top of latest kvm next tree.
- Add detailed commit logs.
- Clean up the instruction decoder.

Neeraj Upadhyay (29):
  KVM: selftests: Return an unused GHCB from the pool
  KVM: selftests: Align GHCB entry struct to page size
  KVM: selftests: Add #VC exception handler with error code support
  KVM: selftests: Add MSR access support for SEV-ES guests
  KVM: selftests: Skip guest memory checks for APIC MMIO mapping
  KVM: selftests: Add x86 instruction decoding library
  KVM: selftests: Adapt instruction decoder library for userspace
  KVM: selftests: Restrict instruction decoder to x86_64 only
  KVM: selftests: Remove unneeded functions from instruction decoder
  KVM: selftests: Fix missing definitions in x86 instruction decoder
  KVM: selftests: Change pt_regs to ex_regs for selftest use
  KVM: selftests: Add compilation for instruction decoder library
  KVM: selftests: Add MMIO #VC exception handling for SEV-ES guests
  KVM: selftests: Add instruction decoding for movabs instructions
  KVM: selftests: Add SEV guest support in xapic_state_test
  KVM: selftests: Add x2apic mode testing in xapic_ipi_test
  KVM: selftests: Add SEV VM support in xapic_ipi_test
  KVM: selftests: Add Secure AVIC library
  KVM: selftests: Add #VC handler for unaccelerated Secure AVIC MSRs
  KVM: selftests: Add IPI handling support for Secure AVIC
  KVM: selftests: Add args parameter to kvm_arch_vm_post_create()
  KVM: selftests: Add GHCB call for SAVIC backing page notification
  KVM: selftests: Add Secure AVIC mode to xapic_ipi_test
  KVM: selftests: Add test to verify APIC MSR accesses for SAVIC guest
  KVM: selftests: Extend savic_test with idle halt testing
  KVM: selftests: Add IOAPIC tests for Secure AVIC
  KVM: selftests: Add cross-vCPU IPI testing for SAVIC guests
  KVM: selftests: Add NMI test for SAVIC guests
  KVM: selftests: Add MSI injection test for SAVIC

Peter Gonda (6):
  Add GHCB with setters and getters
  Add arch specific additional guest pages
  Add vm_vaddr_alloc_pages_shared()
  Add GHCB allocations and helpers
  Add is_sev_enabled() helpers
  Add ability for SEV-ES guests to use ucalls via GHCB

 tools/arch/x86/include/asm/msr-index.h        |    4 +-
 tools/testing/selftests/kvm/.gitignore        |    3 +-
 tools/testing/selftests/kvm/Makefile.kvm      |   14 +-
 .../testing/selftests/kvm/arm64/set_id_regs.c |    2 +-
 .../testing/selftests/kvm/include/kvm_util.h  |   14 +-
 .../testing/selftests/kvm/include/x86/apic.h  |   57 +
 .../selftests/kvm/include/x86/insn-eval.h     |   48 +
 .../selftests/kvm/include/x86/processor.h     |    8 +
 .../testing/selftests/kvm/include/x86/savic.h |   25 +
 tools/testing/selftests/kvm/include/x86/sev.h |   29 +
 tools/testing/selftests/kvm/include/x86/svm.h |  109 ++
 tools/testing/selftests/kvm/lib/kvm_util.c    |  109 +-
 .../testing/selftests/kvm/lib/x86/handlers.S  |    4 +-
 .../testing/selftests/kvm/lib/x86/insn-eval.c | 1238 +++++++++++++++++
 .../testing/selftests/kvm/lib/x86/processor.c |   24 +-
 tools/testing/selftests/kvm/lib/x86/savic.c   |  488 +++++++
 tools/testing/selftests/kvm/lib/x86/sev.c     |  581 +++++++-
 tools/testing/selftests/kvm/lib/x86/ucall.c   |   18 +
 tools/testing/selftests/kvm/s390/cmma_test.c  |    2 +-
 tools/testing/selftests/kvm/x86/savic_test.c  | 1171 ++++++++++++++++
 .../selftests/kvm/x86/sev_smoke_test.c        |   40 +-
 .../selftests/kvm/x86/xapic_ipi_test.c        |  183 ++-
 .../selftests/kvm/x86/xapic_state_test.c      |  117 +-
 23 files changed, 4192 insertions(+), 96 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86/insn-eval.h
 create mode 100644 tools/testing/selftests/kvm/include/x86/savic.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/insn-eval.c
 create mode 100644 tools/testing/selftests/kvm/lib/x86/savic.c
 create mode 100644 tools/testing/selftests/kvm/x86/savic_test.c


base-commit: a6ad54137af92535cfe32e19e5f3bc1bb7dbd383
-- 
2.34.1

Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds