page_fault_test.c 34 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * page_fault_test.c - Test stage 2 faults.
  4. *
  5. * This test tries different combinations of guest accesses (e.g., write,
  6. * S1PTW), backing source type (e.g., anon) and types of faults (e.g., read on
  7. * hugetlbfs with a hole). It checks that the expected handling method is
  8. * called (e.g., uffd faults with the right address and write/read flag).
  9. */
  10. #include <linux/bitmap.h>
  11. #include <fcntl.h>
  12. #include <test_util.h>
  13. #include <kvm_util.h>
  14. #include <processor.h>
  15. #include <asm/sysreg.h>
  16. #include <linux/bitfield.h>
  17. #include "guest_modes.h"
  18. #include "userfaultfd_util.h"
  19. /* Guest virtual addresses that point to the test page and its PTE. */
  20. #define TEST_GVA 0xc0000000
  21. #define TEST_EXEC_GVA (TEST_GVA + 0x8)
  22. #define TEST_PTE_GVA 0xb0000000
  23. #define TEST_DATA 0x0123456789ABCDEF
  24. static uint64_t *guest_test_memory = (uint64_t *)TEST_GVA;
  25. #define CMD_NONE (0)
  26. #define CMD_SKIP_TEST (1ULL << 1)
  27. #define CMD_HOLE_PT (1ULL << 2)
  28. #define CMD_HOLE_DATA (1ULL << 3)
  29. #define CMD_CHECK_WRITE_IN_DIRTY_LOG (1ULL << 4)
  30. #define CMD_CHECK_S1PTW_WR_IN_DIRTY_LOG (1ULL << 5)
  31. #define CMD_CHECK_NO_WRITE_IN_DIRTY_LOG (1ULL << 6)
  32. #define CMD_CHECK_NO_S1PTW_WR_IN_DIRTY_LOG (1ULL << 7)
  33. #define CMD_SET_PTE_AF (1ULL << 8)
  34. #define PREPARE_FN_NR 10
  35. #define CHECK_FN_NR 10
  36. static struct event_cnt {
  37. int mmio_exits;
  38. int fail_vcpu_runs;
  39. int uffd_faults;
  40. /* uffd_faults is incremented from multiple threads. */
  41. pthread_mutex_t uffd_faults_mutex;
  42. } events;
  43. struct test_desc {
  44. const char *name;
  45. uint64_t mem_mark_cmd;
  46. /* Skip the test if any prepare function returns false */
  47. bool (*guest_prepare[PREPARE_FN_NR])(void);
  48. void (*guest_test)(void);
  49. void (*guest_test_check[CHECK_FN_NR])(void);
  50. uffd_handler_t uffd_pt_handler;
  51. uffd_handler_t uffd_data_handler;
  52. void (*dabt_handler)(struct ex_regs *regs);
  53. void (*iabt_handler)(struct ex_regs *regs);
  54. void (*mmio_handler)(struct kvm_vm *vm, struct kvm_run *run);
  55. void (*fail_vcpu_run_handler)(int ret);
  56. uint32_t pt_memslot_flags;
  57. uint32_t data_memslot_flags;
  58. bool skip;
  59. struct event_cnt expected_events;
  60. };
  61. struct test_params {
  62. enum vm_mem_backing_src_type src_type;
  63. struct test_desc *test_desc;
  64. };
  65. static inline void flush_tlb_page(uint64_t vaddr)
  66. {
  67. uint64_t page = vaddr >> 12;
  68. dsb(ishst);
  69. asm volatile("tlbi vaae1is, %0" :: "r" (page));
  70. dsb(ish);
  71. isb();
  72. }
  73. static void guest_write64(void)
  74. {
  75. uint64_t val;
  76. WRITE_ONCE(*guest_test_memory, TEST_DATA);
  77. val = READ_ONCE(*guest_test_memory);
  78. GUEST_ASSERT_EQ(val, TEST_DATA);
  79. }
  80. /* Check the system for atomic instructions. */
  81. static bool guest_check_lse(void)
  82. {
  83. uint64_t isar0 = read_sysreg(id_aa64isar0_el1);
  84. uint64_t atomic;
  85. atomic = FIELD_GET(ID_AA64ISAR0_EL1_ATOMIC, isar0);
  86. return atomic >= 2;
  87. }
  88. static bool guest_check_dc_zva(void)
  89. {
  90. uint64_t dczid = read_sysreg(dczid_el0);
  91. uint64_t dzp = FIELD_GET(DCZID_EL0_DZP, dczid);
  92. return dzp == 0;
  93. }
  94. /* Compare and swap instruction. */
  95. static void guest_cas(void)
  96. {
  97. uint64_t val;
  98. GUEST_ASSERT(guest_check_lse());
  99. asm volatile(".arch_extension lse\n"
  100. "casal %0, %1, [%2]\n"
  101. :: "r" (0ul), "r" (TEST_DATA), "r" (guest_test_memory));
  102. val = READ_ONCE(*guest_test_memory);
  103. GUEST_ASSERT_EQ(val, TEST_DATA);
  104. }
  105. static void guest_read64(void)
  106. {
  107. uint64_t val;
  108. val = READ_ONCE(*guest_test_memory);
  109. GUEST_ASSERT_EQ(val, 0);
  110. }
  111. /* Address translation instruction */
  112. static void guest_at(void)
  113. {
  114. uint64_t par;
  115. asm volatile("at s1e1r, %0" :: "r" (guest_test_memory));
  116. isb();
  117. par = read_sysreg(par_el1);
  118. /* Bit 1 indicates whether the AT was successful */
  119. GUEST_ASSERT_EQ(par & 1, 0);
  120. }
  121. /*
  122. * The size of the block written by "dc zva" is guaranteed to be between (2 <<
  123. * 0) and (2 << 9), which is safe in our case as we need the write to happen
  124. * for at least a word, and not more than a page.
  125. */
  126. static void guest_dc_zva(void)
  127. {
  128. uint16_t val;
  129. asm volatile("dc zva, %0" :: "r" (guest_test_memory));
  130. dsb(ish);
  131. val = READ_ONCE(*guest_test_memory);
  132. GUEST_ASSERT_EQ(val, 0);
  133. }
  134. /*
  135. * Pre-indexing loads and stores don't have a valid syndrome (ESR_EL2.ISV==0).
  136. * And that's special because KVM must take special care with those: they
  137. * should still count as accesses for dirty logging or user-faulting, but
  138. * should be handled differently on mmio.
  139. */
  140. static void guest_ld_preidx(void)
  141. {
  142. uint64_t val;
  143. uint64_t addr = TEST_GVA - 8;
  144. /*
  145. * This ends up accessing "TEST_GVA + 8 - 8", where "TEST_GVA - 8" is
  146. * in a gap between memslots not backing by anything.
  147. */
  148. asm volatile("ldr %0, [%1, #8]!"
  149. : "=r" (val), "+r" (addr));
  150. GUEST_ASSERT_EQ(val, 0);
  151. GUEST_ASSERT_EQ(addr, TEST_GVA);
  152. }
  153. static void guest_st_preidx(void)
  154. {
  155. uint64_t val = TEST_DATA;
  156. uint64_t addr = TEST_GVA - 8;
  157. asm volatile("str %0, [%1, #8]!"
  158. : "+r" (val), "+r" (addr));
  159. GUEST_ASSERT_EQ(addr, TEST_GVA);
  160. val = READ_ONCE(*guest_test_memory);
  161. }
  162. static bool guest_set_ha(void)
  163. {
  164. uint64_t mmfr1 = read_sysreg(id_aa64mmfr1_el1);
  165. uint64_t hadbs, tcr;
  166. /* Skip if HA is not supported. */
  167. hadbs = FIELD_GET(ID_AA64MMFR1_EL1_HAFDBS, mmfr1);
  168. if (hadbs == 0)
  169. return false;
  170. tcr = read_sysreg(tcr_el1) | TCR_HA;
  171. write_sysreg(tcr, tcr_el1);
  172. isb();
  173. return true;
  174. }
  175. static bool guest_clear_pte_af(void)
  176. {
  177. *((uint64_t *)TEST_PTE_GVA) &= ~PTE_AF;
  178. flush_tlb_page(TEST_GVA);
  179. return true;
  180. }
  181. static void guest_check_pte_af(void)
  182. {
  183. dsb(ish);
  184. GUEST_ASSERT_EQ(*((uint64_t *)TEST_PTE_GVA) & PTE_AF, PTE_AF);
  185. }
  186. static void guest_check_write_in_dirty_log(void)
  187. {
  188. GUEST_SYNC(CMD_CHECK_WRITE_IN_DIRTY_LOG);
  189. }
  190. static void guest_check_no_write_in_dirty_log(void)
  191. {
  192. GUEST_SYNC(CMD_CHECK_NO_WRITE_IN_DIRTY_LOG);
  193. }
  194. static void guest_check_s1ptw_wr_in_dirty_log(void)
  195. {
  196. GUEST_SYNC(CMD_CHECK_S1PTW_WR_IN_DIRTY_LOG);
  197. }
  198. static void guest_check_no_s1ptw_wr_in_dirty_log(void)
  199. {
  200. GUEST_SYNC(CMD_CHECK_NO_S1PTW_WR_IN_DIRTY_LOG);
  201. }
  202. static void guest_exec(void)
  203. {
  204. int (*code)(void) = (int (*)(void))TEST_EXEC_GVA;
  205. int ret;
  206. ret = code();
  207. GUEST_ASSERT_EQ(ret, 0x77);
  208. }
  209. static bool guest_prepare(struct test_desc *test)
  210. {
  211. bool (*prepare_fn)(void);
  212. int i;
  213. for (i = 0; i < PREPARE_FN_NR; i++) {
  214. prepare_fn = test->guest_prepare[i];
  215. if (prepare_fn && !prepare_fn())
  216. return false;
  217. }
  218. return true;
  219. }
  220. static void guest_test_check(struct test_desc *test)
  221. {
  222. void (*check_fn)(void);
  223. int i;
  224. for (i = 0; i < CHECK_FN_NR; i++) {
  225. check_fn = test->guest_test_check[i];
  226. if (check_fn)
  227. check_fn();
  228. }
  229. }
  230. static void guest_code(struct test_desc *test)
  231. {
  232. if (!guest_prepare(test))
  233. GUEST_SYNC(CMD_SKIP_TEST);
  234. GUEST_SYNC(test->mem_mark_cmd);
  235. if (test->guest_test)
  236. test->guest_test();
  237. guest_test_check(test);
  238. GUEST_DONE();
  239. }
  240. static void no_dabt_handler(struct ex_regs *regs)
  241. {
  242. GUEST_FAIL("Unexpected dabt, far_el1 = 0x%lx", read_sysreg(far_el1));
  243. }
  244. static void no_iabt_handler(struct ex_regs *regs)
  245. {
  246. GUEST_FAIL("Unexpected iabt, pc = 0x%lx", regs->pc);
  247. }
  248. static struct uffd_args {
  249. char *copy;
  250. void *hva;
  251. uint64_t paging_size;
  252. } pt_args, data_args;
  253. /* Returns true to continue the test, and false if it should be skipped. */
  254. static int uffd_generic_handler(int uffd_mode, int uffd, struct uffd_msg *msg,
  255. struct uffd_args *args)
  256. {
  257. uint64_t addr = msg->arg.pagefault.address;
  258. uint64_t flags = msg->arg.pagefault.flags;
  259. struct uffdio_copy copy;
  260. int ret;
  261. TEST_ASSERT(uffd_mode == UFFDIO_REGISTER_MODE_MISSING,
  262. "The only expected UFFD mode is MISSING");
  263. TEST_ASSERT_EQ(addr, (uint64_t)args->hva);
  264. pr_debug("uffd fault: addr=%p write=%d\n",
  265. (void *)addr, !!(flags & UFFD_PAGEFAULT_FLAG_WRITE));
  266. copy.src = (uint64_t)args->copy;
  267. copy.dst = addr;
  268. copy.len = args->paging_size;
  269. copy.mode = 0;
  270. ret = ioctl(uffd, UFFDIO_COPY, &copy);
  271. if (ret == -1) {
  272. pr_info("Failed UFFDIO_COPY in 0x%lx with errno: %d\n",
  273. addr, errno);
  274. return ret;
  275. }
  276. pthread_mutex_lock(&events.uffd_faults_mutex);
  277. events.uffd_faults += 1;
  278. pthread_mutex_unlock(&events.uffd_faults_mutex);
  279. return 0;
  280. }
  281. static int uffd_pt_handler(int mode, int uffd, struct uffd_msg *msg)
  282. {
  283. return uffd_generic_handler(mode, uffd, msg, &pt_args);
  284. }
  285. static int uffd_data_handler(int mode, int uffd, struct uffd_msg *msg)
  286. {
  287. return uffd_generic_handler(mode, uffd, msg, &data_args);
  288. }
  289. static void setup_uffd_args(struct userspace_mem_region *region,
  290. struct uffd_args *args)
  291. {
  292. args->hva = (void *)region->region.userspace_addr;
  293. args->paging_size = region->region.memory_size;
  294. args->copy = malloc(args->paging_size);
  295. TEST_ASSERT(args->copy, "Failed to allocate data copy.");
  296. memcpy(args->copy, args->hva, args->paging_size);
  297. }
  298. static void setup_uffd(struct kvm_vm *vm, struct test_params *p,
  299. struct uffd_desc **pt_uffd, struct uffd_desc **data_uffd)
  300. {
  301. struct test_desc *test = p->test_desc;
  302. int uffd_mode = UFFDIO_REGISTER_MODE_MISSING;
  303. setup_uffd_args(vm_get_mem_region(vm, MEM_REGION_PT), &pt_args);
  304. setup_uffd_args(vm_get_mem_region(vm, MEM_REGION_TEST_DATA), &data_args);
  305. *pt_uffd = NULL;
  306. if (test->uffd_pt_handler)
  307. *pt_uffd = uffd_setup_demand_paging(uffd_mode, 0,
  308. pt_args.hva,
  309. pt_args.paging_size,
  310. 1, test->uffd_pt_handler);
  311. *data_uffd = NULL;
  312. if (test->uffd_data_handler)
  313. *data_uffd = uffd_setup_demand_paging(uffd_mode, 0,
  314. data_args.hva,
  315. data_args.paging_size,
  316. 1, test->uffd_data_handler);
  317. }
  318. static void free_uffd(struct test_desc *test, struct uffd_desc *pt_uffd,
  319. struct uffd_desc *data_uffd)
  320. {
  321. if (test->uffd_pt_handler)
  322. uffd_stop_demand_paging(pt_uffd);
  323. if (test->uffd_data_handler)
  324. uffd_stop_demand_paging(data_uffd);
  325. free(pt_args.copy);
  326. free(data_args.copy);
  327. }
  328. static int uffd_no_handler(int mode, int uffd, struct uffd_msg *msg)
  329. {
  330. TEST_FAIL("There was no UFFD fault expected.");
  331. return -1;
  332. }
  333. /* Returns false if the test should be skipped. */
  334. static bool punch_hole_in_backing_store(struct kvm_vm *vm,
  335. struct userspace_mem_region *region)
  336. {
  337. void *hva = (void *)region->region.userspace_addr;
  338. uint64_t paging_size = region->region.memory_size;
  339. int ret, fd = region->fd;
  340. if (fd != -1) {
  341. ret = fallocate(fd, FALLOC_FL_PUNCH_HOLE | FALLOC_FL_KEEP_SIZE,
  342. 0, paging_size);
  343. TEST_ASSERT(ret == 0, "fallocate failed");
  344. } else {
  345. ret = madvise(hva, paging_size, MADV_DONTNEED);
  346. TEST_ASSERT(ret == 0, "madvise failed");
  347. }
  348. return true;
  349. }
  350. static void mmio_on_test_gpa_handler(struct kvm_vm *vm, struct kvm_run *run)
  351. {
  352. struct userspace_mem_region *region;
  353. void *hva;
  354. region = vm_get_mem_region(vm, MEM_REGION_TEST_DATA);
  355. hva = (void *)region->region.userspace_addr;
  356. TEST_ASSERT_EQ(run->mmio.phys_addr, region->region.guest_phys_addr);
  357. memcpy(hva, run->mmio.data, run->mmio.len);
  358. events.mmio_exits += 1;
  359. }
  360. static void mmio_no_handler(struct kvm_vm *vm, struct kvm_run *run)
  361. {
  362. uint64_t data;
  363. memcpy(&data, run->mmio.data, sizeof(data));
  364. pr_debug("addr=%lld len=%d w=%d data=%lx\n",
  365. run->mmio.phys_addr, run->mmio.len,
  366. run->mmio.is_write, data);
  367. TEST_FAIL("There was no MMIO exit expected.");
  368. }
  369. static bool check_write_in_dirty_log(struct kvm_vm *vm,
  370. struct userspace_mem_region *region,
  371. uint64_t host_pg_nr)
  372. {
  373. unsigned long *bmap;
  374. bool first_page_dirty;
  375. uint64_t size = region->region.memory_size;
  376. /* getpage_size() is not always equal to vm->page_size */
  377. bmap = bitmap_zalloc(size / getpagesize());
  378. kvm_vm_get_dirty_log(vm, region->region.slot, bmap);
  379. first_page_dirty = test_bit(host_pg_nr, bmap);
  380. free(bmap);
  381. return first_page_dirty;
  382. }
  383. /* Returns true to continue the test, and false if it should be skipped. */
  384. static bool handle_cmd(struct kvm_vm *vm, int cmd)
  385. {
  386. struct userspace_mem_region *data_region, *pt_region;
  387. bool continue_test = true;
  388. uint64_t pte_gpa, pte_pg;
  389. data_region = vm_get_mem_region(vm, MEM_REGION_TEST_DATA);
  390. pt_region = vm_get_mem_region(vm, MEM_REGION_PT);
  391. pte_gpa = addr_hva2gpa(vm, virt_get_pte_hva(vm, TEST_GVA));
  392. pte_pg = (pte_gpa - pt_region->region.guest_phys_addr) / getpagesize();
  393. if (cmd == CMD_SKIP_TEST)
  394. continue_test = false;
  395. if (cmd & CMD_HOLE_PT)
  396. continue_test = punch_hole_in_backing_store(vm, pt_region);
  397. if (cmd & CMD_HOLE_DATA)
  398. continue_test = punch_hole_in_backing_store(vm, data_region);
  399. if (cmd & CMD_CHECK_WRITE_IN_DIRTY_LOG)
  400. TEST_ASSERT(check_write_in_dirty_log(vm, data_region, 0),
  401. "Missing write in dirty log");
  402. if (cmd & CMD_CHECK_S1PTW_WR_IN_DIRTY_LOG)
  403. TEST_ASSERT(check_write_in_dirty_log(vm, pt_region, pte_pg),
  404. "Missing s1ptw write in dirty log");
  405. if (cmd & CMD_CHECK_NO_WRITE_IN_DIRTY_LOG)
  406. TEST_ASSERT(!check_write_in_dirty_log(vm, data_region, 0),
  407. "Unexpected write in dirty log");
  408. if (cmd & CMD_CHECK_NO_S1PTW_WR_IN_DIRTY_LOG)
  409. TEST_ASSERT(!check_write_in_dirty_log(vm, pt_region, pte_pg),
  410. "Unexpected s1ptw write in dirty log");
  411. return continue_test;
  412. }
  413. void fail_vcpu_run_no_handler(int ret)
  414. {
  415. TEST_FAIL("Unexpected vcpu run failure");
  416. }
  417. void fail_vcpu_run_mmio_no_syndrome_handler(int ret)
  418. {
  419. TEST_ASSERT(errno == ENOSYS,
  420. "The mmio handler should have returned not implemented.");
  421. events.fail_vcpu_runs += 1;
  422. }
  423. typedef uint32_t aarch64_insn_t;
  424. extern aarch64_insn_t __exec_test[2];
  425. noinline void __return_0x77(void)
  426. {
  427. asm volatile("__exec_test: mov x0, #0x77\n"
  428. "ret\n");
  429. }
  430. /*
  431. * Note that this function runs on the host before the test VM starts: there's
  432. * no need to sync the D$ and I$ caches.
  433. */
  434. static void load_exec_code_for_test(struct kvm_vm *vm)
  435. {
  436. uint64_t *code;
  437. struct userspace_mem_region *region;
  438. void *hva;
  439. region = vm_get_mem_region(vm, MEM_REGION_TEST_DATA);
  440. hva = (void *)region->region.userspace_addr;
  441. assert(TEST_EXEC_GVA > TEST_GVA);
  442. code = hva + TEST_EXEC_GVA - TEST_GVA;
  443. memcpy(code, __exec_test, sizeof(__exec_test));
  444. }
  445. static void setup_abort_handlers(struct kvm_vm *vm, struct kvm_vcpu *vcpu,
  446. struct test_desc *test)
  447. {
  448. vm_init_descriptor_tables(vm);
  449. vcpu_init_descriptor_tables(vcpu);
  450. vm_install_sync_handler(vm, VECTOR_SYNC_CURRENT,
  451. ESR_ELx_EC_DABT_CUR, no_dabt_handler);
  452. vm_install_sync_handler(vm, VECTOR_SYNC_CURRENT,
  453. ESR_ELx_EC_IABT_CUR, no_iabt_handler);
  454. }
  455. static void setup_gva_maps(struct kvm_vm *vm)
  456. {
  457. struct userspace_mem_region *region;
  458. uint64_t pte_gpa;
  459. region = vm_get_mem_region(vm, MEM_REGION_TEST_DATA);
  460. /* Map TEST_GVA first. This will install a new PTE. */
  461. virt_pg_map(vm, TEST_GVA, region->region.guest_phys_addr);
  462. /* Then map TEST_PTE_GVA to the above PTE. */
  463. pte_gpa = addr_hva2gpa(vm, virt_get_pte_hva(vm, TEST_GVA));
  464. virt_pg_map(vm, TEST_PTE_GVA, pte_gpa);
  465. }
  466. enum pf_test_memslots {
  467. CODE_AND_DATA_MEMSLOT,
  468. PAGE_TABLE_MEMSLOT,
  469. TEST_DATA_MEMSLOT,
  470. };
  471. /*
  472. * Create a memslot for code and data at pfn=0, and test-data and PT ones
  473. * at max_gfn.
  474. */
  475. static void setup_memslots(struct kvm_vm *vm, struct test_params *p)
  476. {
  477. uint64_t backing_src_pagesz = get_backing_src_pagesz(p->src_type);
  478. uint64_t guest_page_size = vm->page_size;
  479. uint64_t max_gfn = vm_compute_max_gfn(vm);
  480. /* Enough for 2M of code when using 4K guest pages. */
  481. uint64_t code_npages = 512;
  482. uint64_t pt_size, data_size, data_gpa;
  483. /*
  484. * This test requires 1 pgd, 2 pud, 4 pmd, and 6 pte pages when using
  485. * VM_MODE_P48V48_4K. Note that the .text takes ~1.6MBs. That's 13
  486. * pages. VM_MODE_P48V48_4K is the mode with most PT pages; let's use
  487. * twice that just in case.
  488. */
  489. pt_size = 26 * guest_page_size;
  490. /* memslot sizes and gpa's must be aligned to the backing page size */
  491. pt_size = align_up(pt_size, backing_src_pagesz);
  492. data_size = align_up(guest_page_size, backing_src_pagesz);
  493. data_gpa = (max_gfn * guest_page_size) - data_size;
  494. data_gpa = align_down(data_gpa, backing_src_pagesz);
  495. vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0,
  496. CODE_AND_DATA_MEMSLOT, code_npages, 0);
  497. vm->memslots[MEM_REGION_CODE] = CODE_AND_DATA_MEMSLOT;
  498. vm->memslots[MEM_REGION_DATA] = CODE_AND_DATA_MEMSLOT;
  499. vm_userspace_mem_region_add(vm, p->src_type, data_gpa - pt_size,
  500. PAGE_TABLE_MEMSLOT, pt_size / guest_page_size,
  501. p->test_desc->pt_memslot_flags);
  502. vm->memslots[MEM_REGION_PT] = PAGE_TABLE_MEMSLOT;
  503. vm_userspace_mem_region_add(vm, p->src_type, data_gpa, TEST_DATA_MEMSLOT,
  504. data_size / guest_page_size,
  505. p->test_desc->data_memslot_flags);
  506. vm->memslots[MEM_REGION_TEST_DATA] = TEST_DATA_MEMSLOT;
  507. }
  508. static void setup_ucall(struct kvm_vm *vm)
  509. {
  510. struct userspace_mem_region *region = vm_get_mem_region(vm, MEM_REGION_TEST_DATA);
  511. ucall_init(vm, region->region.guest_phys_addr + region->region.memory_size);
  512. }
  513. static void setup_default_handlers(struct test_desc *test)
  514. {
  515. if (!test->mmio_handler)
  516. test->mmio_handler = mmio_no_handler;
  517. if (!test->fail_vcpu_run_handler)
  518. test->fail_vcpu_run_handler = fail_vcpu_run_no_handler;
  519. }
  520. static void check_event_counts(struct test_desc *test)
  521. {
  522. TEST_ASSERT_EQ(test->expected_events.uffd_faults, events.uffd_faults);
  523. TEST_ASSERT_EQ(test->expected_events.mmio_exits, events.mmio_exits);
  524. TEST_ASSERT_EQ(test->expected_events.fail_vcpu_runs, events.fail_vcpu_runs);
  525. }
  526. static void print_test_banner(enum vm_guest_mode mode, struct test_params *p)
  527. {
  528. struct test_desc *test = p->test_desc;
  529. pr_debug("Test: %s\n", test->name);
  530. pr_debug("Testing guest mode: %s\n", vm_guest_mode_string(mode));
  531. pr_debug("Testing memory backing src type: %s\n",
  532. vm_mem_backing_src_alias(p->src_type)->name);
  533. }
  534. static void reset_event_counts(void)
  535. {
  536. memset(&events, 0, sizeof(events));
  537. }
  538. /*
  539. * This function either succeeds, skips the test (after setting test->skip), or
  540. * fails with a TEST_FAIL that aborts all tests.
  541. */
  542. static void vcpu_run_loop(struct kvm_vm *vm, struct kvm_vcpu *vcpu,
  543. struct test_desc *test)
  544. {
  545. struct kvm_run *run;
  546. struct ucall uc;
  547. int ret;
  548. run = vcpu->run;
  549. for (;;) {
  550. ret = _vcpu_run(vcpu);
  551. if (ret) {
  552. test->fail_vcpu_run_handler(ret);
  553. goto done;
  554. }
  555. switch (get_ucall(vcpu, &uc)) {
  556. case UCALL_SYNC:
  557. if (!handle_cmd(vm, uc.args[1])) {
  558. test->skip = true;
  559. goto done;
  560. }
  561. break;
  562. case UCALL_ABORT:
  563. REPORT_GUEST_ASSERT(uc);
  564. break;
  565. case UCALL_DONE:
  566. goto done;
  567. case UCALL_NONE:
  568. if (run->exit_reason == KVM_EXIT_MMIO)
  569. test->mmio_handler(vm, run);
  570. break;
  571. default:
  572. TEST_FAIL("Unknown ucall %lu", uc.cmd);
  573. }
  574. }
  575. done:
  576. pr_debug(test->skip ? "Skipped.\n" : "Done.\n");
  577. }
  578. static void run_test(enum vm_guest_mode mode, void *arg)
  579. {
  580. struct test_params *p = (struct test_params *)arg;
  581. struct test_desc *test = p->test_desc;
  582. struct kvm_vm *vm;
  583. struct kvm_vcpu *vcpu;
  584. struct uffd_desc *pt_uffd, *data_uffd;
  585. print_test_banner(mode, p);
  586. vm = ____vm_create(VM_SHAPE(mode));
  587. setup_memslots(vm, p);
  588. kvm_vm_elf_load(vm, program_invocation_name);
  589. setup_ucall(vm);
  590. vcpu = vm_vcpu_add(vm, 0, guest_code);
  591. setup_gva_maps(vm);
  592. reset_event_counts();
  593. /*
  594. * Set some code in the data memslot for the guest to execute (only
  595. * applicable to the EXEC tests). This has to be done before
  596. * setup_uffd() as that function copies the memslot data for the uffd
  597. * handler.
  598. */
  599. load_exec_code_for_test(vm);
  600. setup_uffd(vm, p, &pt_uffd, &data_uffd);
  601. setup_abort_handlers(vm, vcpu, test);
  602. setup_default_handlers(test);
  603. vcpu_args_set(vcpu, 1, test);
  604. vcpu_run_loop(vm, vcpu, test);
  605. kvm_vm_free(vm);
  606. free_uffd(test, pt_uffd, data_uffd);
  607. /*
  608. * Make sure we check the events after the uffd threads have exited,
  609. * which means they updated their respective event counters.
  610. */
  611. if (!test->skip)
  612. check_event_counts(test);
  613. }
  614. static void help(char *name)
  615. {
  616. puts("");
  617. printf("usage: %s [-h] [-s mem-type]\n", name);
  618. puts("");
  619. guest_modes_help();
  620. backing_src_help("-s");
  621. puts("");
  622. }
  623. #define SNAME(s) #s
  624. #define SCAT2(a, b) SNAME(a ## _ ## b)
  625. #define SCAT3(a, b, c) SCAT2(a, SCAT2(b, c))
  626. #define SCAT4(a, b, c, d) SCAT2(a, SCAT3(b, c, d))
  627. #define _CHECK(_test) _CHECK_##_test
  628. #define _PREPARE(_test) _PREPARE_##_test
  629. #define _PREPARE_guest_read64 NULL
  630. #define _PREPARE_guest_ld_preidx NULL
  631. #define _PREPARE_guest_write64 NULL
  632. #define _PREPARE_guest_st_preidx NULL
  633. #define _PREPARE_guest_exec NULL
  634. #define _PREPARE_guest_at NULL
  635. #define _PREPARE_guest_dc_zva guest_check_dc_zva
  636. #define _PREPARE_guest_cas guest_check_lse
  637. /* With or without access flag checks */
  638. #define _PREPARE_with_af guest_set_ha, guest_clear_pte_af
  639. #define _PREPARE_no_af NULL
  640. #define _CHECK_with_af guest_check_pte_af
  641. #define _CHECK_no_af NULL
  642. /* Performs an access and checks that no faults were triggered. */
  643. #define TEST_ACCESS(_access, _with_af, _mark_cmd) \
  644. { \
  645. .name = SCAT3(_access, _with_af, #_mark_cmd), \
  646. .guest_prepare = { _PREPARE(_with_af), \
  647. _PREPARE(_access) }, \
  648. .mem_mark_cmd = _mark_cmd, \
  649. .guest_test = _access, \
  650. .guest_test_check = { _CHECK(_with_af) }, \
  651. .expected_events = { 0 }, \
  652. }
  653. #define TEST_UFFD(_access, _with_af, _mark_cmd, \
  654. _uffd_data_handler, _uffd_pt_handler, _uffd_faults) \
  655. { \
  656. .name = SCAT4(uffd, _access, _with_af, #_mark_cmd), \
  657. .guest_prepare = { _PREPARE(_with_af), \
  658. _PREPARE(_access) }, \
  659. .guest_test = _access, \
  660. .mem_mark_cmd = _mark_cmd, \
  661. .guest_test_check = { _CHECK(_with_af) }, \
  662. .uffd_data_handler = _uffd_data_handler, \
  663. .uffd_pt_handler = _uffd_pt_handler, \
  664. .expected_events = { .uffd_faults = _uffd_faults, }, \
  665. }
  666. #define TEST_DIRTY_LOG(_access, _with_af, _test_check, _pt_check) \
  667. { \
  668. .name = SCAT3(dirty_log, _access, _with_af), \
  669. .data_memslot_flags = KVM_MEM_LOG_DIRTY_PAGES, \
  670. .pt_memslot_flags = KVM_MEM_LOG_DIRTY_PAGES, \
  671. .guest_prepare = { _PREPARE(_with_af), \
  672. _PREPARE(_access) }, \
  673. .guest_test = _access, \
  674. .guest_test_check = { _CHECK(_with_af), _test_check, _pt_check }, \
  675. .expected_events = { 0 }, \
  676. }
  677. #define TEST_UFFD_AND_DIRTY_LOG(_access, _with_af, _uffd_data_handler, \
  678. _uffd_faults, _test_check, _pt_check) \
  679. { \
  680. .name = SCAT3(uffd_and_dirty_log, _access, _with_af), \
  681. .data_memslot_flags = KVM_MEM_LOG_DIRTY_PAGES, \
  682. .pt_memslot_flags = KVM_MEM_LOG_DIRTY_PAGES, \
  683. .guest_prepare = { _PREPARE(_with_af), \
  684. _PREPARE(_access) }, \
  685. .guest_test = _access, \
  686. .mem_mark_cmd = CMD_HOLE_DATA | CMD_HOLE_PT, \
  687. .guest_test_check = { _CHECK(_with_af), _test_check, _pt_check }, \
  688. .uffd_data_handler = _uffd_data_handler, \
  689. .uffd_pt_handler = uffd_pt_handler, \
  690. .expected_events = { .uffd_faults = _uffd_faults, }, \
  691. }
  692. #define TEST_RO_MEMSLOT(_access, _mmio_handler, _mmio_exits) \
  693. { \
  694. .name = SCAT2(ro_memslot, _access), \
  695. .data_memslot_flags = KVM_MEM_READONLY, \
  696. .pt_memslot_flags = KVM_MEM_READONLY, \
  697. .guest_prepare = { _PREPARE(_access) }, \
  698. .guest_test = _access, \
  699. .mmio_handler = _mmio_handler, \
  700. .expected_events = { .mmio_exits = _mmio_exits }, \
  701. }
  702. #define TEST_RO_MEMSLOT_NO_SYNDROME(_access) \
  703. { \
  704. .name = SCAT2(ro_memslot_no_syndrome, _access), \
  705. .data_memslot_flags = KVM_MEM_READONLY, \
  706. .pt_memslot_flags = KVM_MEM_READONLY, \
  707. .guest_prepare = { _PREPARE(_access) }, \
  708. .guest_test = _access, \
  709. .fail_vcpu_run_handler = fail_vcpu_run_mmio_no_syndrome_handler, \
  710. .expected_events = { .fail_vcpu_runs = 1 }, \
  711. }
  712. #define TEST_RO_MEMSLOT_AND_DIRTY_LOG(_access, _mmio_handler, _mmio_exits, \
  713. _test_check) \
  714. { \
  715. .name = SCAT2(ro_memslot, _access), \
  716. .data_memslot_flags = KVM_MEM_READONLY | KVM_MEM_LOG_DIRTY_PAGES, \
  717. .pt_memslot_flags = KVM_MEM_READONLY | KVM_MEM_LOG_DIRTY_PAGES, \
  718. .guest_prepare = { _PREPARE(_access) }, \
  719. .guest_test = _access, \
  720. .guest_test_check = { _test_check }, \
  721. .mmio_handler = _mmio_handler, \
  722. .expected_events = { .mmio_exits = _mmio_exits}, \
  723. }
  724. #define TEST_RO_MEMSLOT_NO_SYNDROME_AND_DIRTY_LOG(_access, _test_check) \
  725. { \
  726. .name = SCAT2(ro_memslot_no_syn_and_dlog, _access), \
  727. .data_memslot_flags = KVM_MEM_READONLY | KVM_MEM_LOG_DIRTY_PAGES, \
  728. .pt_memslot_flags = KVM_MEM_READONLY | KVM_MEM_LOG_DIRTY_PAGES, \
  729. .guest_prepare = { _PREPARE(_access) }, \
  730. .guest_test = _access, \
  731. .guest_test_check = { _test_check }, \
  732. .fail_vcpu_run_handler = fail_vcpu_run_mmio_no_syndrome_handler, \
  733. .expected_events = { .fail_vcpu_runs = 1 }, \
  734. }
  735. #define TEST_RO_MEMSLOT_AND_UFFD(_access, _mmio_handler, _mmio_exits, \
  736. _uffd_data_handler, _uffd_faults) \
  737. { \
  738. .name = SCAT2(ro_memslot_uffd, _access), \
  739. .data_memslot_flags = KVM_MEM_READONLY, \
  740. .pt_memslot_flags = KVM_MEM_READONLY, \
  741. .mem_mark_cmd = CMD_HOLE_DATA | CMD_HOLE_PT, \
  742. .guest_prepare = { _PREPARE(_access) }, \
  743. .guest_test = _access, \
  744. .uffd_data_handler = _uffd_data_handler, \
  745. .uffd_pt_handler = uffd_pt_handler, \
  746. .mmio_handler = _mmio_handler, \
  747. .expected_events = { .mmio_exits = _mmio_exits, \
  748. .uffd_faults = _uffd_faults }, \
  749. }
  750. #define TEST_RO_MEMSLOT_NO_SYNDROME_AND_UFFD(_access, _uffd_data_handler, \
  751. _uffd_faults) \
  752. { \
  753. .name = SCAT2(ro_memslot_no_syndrome, _access), \
  754. .data_memslot_flags = KVM_MEM_READONLY, \
  755. .pt_memslot_flags = KVM_MEM_READONLY, \
  756. .mem_mark_cmd = CMD_HOLE_DATA | CMD_HOLE_PT, \
  757. .guest_prepare = { _PREPARE(_access) }, \
  758. .guest_test = _access, \
  759. .uffd_data_handler = _uffd_data_handler, \
  760. .uffd_pt_handler = uffd_pt_handler, \
  761. .fail_vcpu_run_handler = fail_vcpu_run_mmio_no_syndrome_handler, \
  762. .expected_events = { .fail_vcpu_runs = 1, \
  763. .uffd_faults = _uffd_faults }, \
  764. }
  765. static struct test_desc tests[] = {
  766. /* Check that HW is setting the Access Flag (AF) (sanity checks). */
  767. TEST_ACCESS(guest_read64, with_af, CMD_NONE),
  768. TEST_ACCESS(guest_ld_preidx, with_af, CMD_NONE),
  769. TEST_ACCESS(guest_cas, with_af, CMD_NONE),
  770. TEST_ACCESS(guest_write64, with_af, CMD_NONE),
  771. TEST_ACCESS(guest_st_preidx, with_af, CMD_NONE),
  772. TEST_ACCESS(guest_dc_zva, with_af, CMD_NONE),
  773. TEST_ACCESS(guest_exec, with_af, CMD_NONE),
  774. /*
  775. * Punch a hole in the data backing store, and then try multiple
  776. * accesses: reads should rturn zeroes, and writes should
  777. * re-populate the page. Moreover, the test also check that no
  778. * exception was generated in the guest. Note that this
  779. * reading/writing behavior is the same as reading/writing a
  780. * punched page (with fallocate(FALLOC_FL_PUNCH_HOLE)) from
  781. * userspace.
  782. */
  783. TEST_ACCESS(guest_read64, no_af, CMD_HOLE_DATA),
  784. TEST_ACCESS(guest_cas, no_af, CMD_HOLE_DATA),
  785. TEST_ACCESS(guest_ld_preidx, no_af, CMD_HOLE_DATA),
  786. TEST_ACCESS(guest_write64, no_af, CMD_HOLE_DATA),
  787. TEST_ACCESS(guest_st_preidx, no_af, CMD_HOLE_DATA),
  788. TEST_ACCESS(guest_at, no_af, CMD_HOLE_DATA),
  789. TEST_ACCESS(guest_dc_zva, no_af, CMD_HOLE_DATA),
  790. /*
  791. * Punch holes in the data and PT backing stores and mark them for
  792. * userfaultfd handling. This should result in 2 faults: the access
  793. * on the data backing store, and its respective S1 page table walk
  794. * (S1PTW).
  795. */
  796. TEST_UFFD(guest_read64, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  797. uffd_data_handler, uffd_pt_handler, 2),
  798. TEST_UFFD(guest_read64, no_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  799. uffd_data_handler, uffd_pt_handler, 2),
  800. TEST_UFFD(guest_cas, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  801. uffd_data_handler, uffd_pt_handler, 2),
  802. /*
  803. * Can't test guest_at with_af as it's IMPDEF whether the AF is set.
  804. * The S1PTW fault should still be marked as a write.
  805. */
  806. TEST_UFFD(guest_at, no_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  807. uffd_no_handler, uffd_pt_handler, 1),
  808. TEST_UFFD(guest_ld_preidx, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  809. uffd_data_handler, uffd_pt_handler, 2),
  810. TEST_UFFD(guest_write64, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  811. uffd_data_handler, uffd_pt_handler, 2),
  812. TEST_UFFD(guest_dc_zva, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  813. uffd_data_handler, uffd_pt_handler, 2),
  814. TEST_UFFD(guest_st_preidx, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  815. uffd_data_handler, uffd_pt_handler, 2),
  816. TEST_UFFD(guest_exec, with_af, CMD_HOLE_DATA | CMD_HOLE_PT,
  817. uffd_data_handler, uffd_pt_handler, 2),
  818. /*
  819. * Try accesses when the data and PT memory regions are both
  820. * tracked for dirty logging.
  821. */
  822. TEST_DIRTY_LOG(guest_read64, with_af, guest_check_no_write_in_dirty_log,
  823. guest_check_s1ptw_wr_in_dirty_log),
  824. TEST_DIRTY_LOG(guest_read64, no_af, guest_check_no_write_in_dirty_log,
  825. guest_check_no_s1ptw_wr_in_dirty_log),
  826. TEST_DIRTY_LOG(guest_ld_preidx, with_af,
  827. guest_check_no_write_in_dirty_log,
  828. guest_check_s1ptw_wr_in_dirty_log),
  829. TEST_DIRTY_LOG(guest_at, no_af, guest_check_no_write_in_dirty_log,
  830. guest_check_no_s1ptw_wr_in_dirty_log),
  831. TEST_DIRTY_LOG(guest_exec, with_af, guest_check_no_write_in_dirty_log,
  832. guest_check_s1ptw_wr_in_dirty_log),
  833. TEST_DIRTY_LOG(guest_write64, with_af, guest_check_write_in_dirty_log,
  834. guest_check_s1ptw_wr_in_dirty_log),
  835. TEST_DIRTY_LOG(guest_cas, with_af, guest_check_write_in_dirty_log,
  836. guest_check_s1ptw_wr_in_dirty_log),
  837. TEST_DIRTY_LOG(guest_dc_zva, with_af, guest_check_write_in_dirty_log,
  838. guest_check_s1ptw_wr_in_dirty_log),
  839. TEST_DIRTY_LOG(guest_st_preidx, with_af, guest_check_write_in_dirty_log,
  840. guest_check_s1ptw_wr_in_dirty_log),
  841. /*
  842. * Access when the data and PT memory regions are both marked for
  843. * dirty logging and UFFD at the same time. The expected result is
  844. * that writes should mark the dirty log and trigger a userfaultfd
  845. * write fault. Reads/execs should result in a read userfaultfd
  846. * fault, and nothing in the dirty log. Any S1PTW should result in
  847. * a write in the dirty log and a userfaultfd write.
  848. */
  849. TEST_UFFD_AND_DIRTY_LOG(guest_read64, with_af,
  850. uffd_data_handler, 2,
  851. guest_check_no_write_in_dirty_log,
  852. guest_check_s1ptw_wr_in_dirty_log),
  853. TEST_UFFD_AND_DIRTY_LOG(guest_read64, no_af,
  854. uffd_data_handler, 2,
  855. guest_check_no_write_in_dirty_log,
  856. guest_check_no_s1ptw_wr_in_dirty_log),
  857. TEST_UFFD_AND_DIRTY_LOG(guest_ld_preidx, with_af,
  858. uffd_data_handler,
  859. 2, guest_check_no_write_in_dirty_log,
  860. guest_check_s1ptw_wr_in_dirty_log),
  861. TEST_UFFD_AND_DIRTY_LOG(guest_at, with_af, uffd_no_handler, 1,
  862. guest_check_no_write_in_dirty_log,
  863. guest_check_s1ptw_wr_in_dirty_log),
  864. TEST_UFFD_AND_DIRTY_LOG(guest_exec, with_af,
  865. uffd_data_handler, 2,
  866. guest_check_no_write_in_dirty_log,
  867. guest_check_s1ptw_wr_in_dirty_log),
  868. TEST_UFFD_AND_DIRTY_LOG(guest_write64, with_af,
  869. uffd_data_handler,
  870. 2, guest_check_write_in_dirty_log,
  871. guest_check_s1ptw_wr_in_dirty_log),
  872. TEST_UFFD_AND_DIRTY_LOG(guest_cas, with_af,
  873. uffd_data_handler, 2,
  874. guest_check_write_in_dirty_log,
  875. guest_check_s1ptw_wr_in_dirty_log),
  876. TEST_UFFD_AND_DIRTY_LOG(guest_dc_zva, with_af,
  877. uffd_data_handler,
  878. 2, guest_check_write_in_dirty_log,
  879. guest_check_s1ptw_wr_in_dirty_log),
  880. TEST_UFFD_AND_DIRTY_LOG(guest_st_preidx, with_af,
  881. uffd_data_handler, 2,
  882. guest_check_write_in_dirty_log,
  883. guest_check_s1ptw_wr_in_dirty_log),
  884. /*
  885. * Access when both the PT and data regions are marked read-only
  886. * (with KVM_MEM_READONLY). Writes with a syndrome result in an
  887. * MMIO exit, writes with no syndrome (e.g., CAS) result in a
  888. * failed vcpu run, and reads/execs with and without syndroms do
  889. * not fault.
  890. */
  891. TEST_RO_MEMSLOT(guest_read64, 0, 0),
  892. TEST_RO_MEMSLOT(guest_ld_preidx, 0, 0),
  893. TEST_RO_MEMSLOT(guest_at, 0, 0),
  894. TEST_RO_MEMSLOT(guest_exec, 0, 0),
  895. TEST_RO_MEMSLOT(guest_write64, mmio_on_test_gpa_handler, 1),
  896. TEST_RO_MEMSLOT_NO_SYNDROME(guest_dc_zva),
  897. TEST_RO_MEMSLOT_NO_SYNDROME(guest_cas),
  898. TEST_RO_MEMSLOT_NO_SYNDROME(guest_st_preidx),
  899. /*
  900. * The PT and data regions are both read-only and marked
  901. * for dirty logging at the same time. The expected result is that
  902. * for writes there should be no write in the dirty log. The
  903. * readonly handling is the same as if the memslot was not marked
  904. * for dirty logging: writes with a syndrome result in an MMIO
  905. * exit, and writes with no syndrome result in a failed vcpu run.
  906. */
  907. TEST_RO_MEMSLOT_AND_DIRTY_LOG(guest_read64, 0, 0,
  908. guest_check_no_write_in_dirty_log),
  909. TEST_RO_MEMSLOT_AND_DIRTY_LOG(guest_ld_preidx, 0, 0,
  910. guest_check_no_write_in_dirty_log),
  911. TEST_RO_MEMSLOT_AND_DIRTY_LOG(guest_at, 0, 0,
  912. guest_check_no_write_in_dirty_log),
  913. TEST_RO_MEMSLOT_AND_DIRTY_LOG(guest_exec, 0, 0,
  914. guest_check_no_write_in_dirty_log),
  915. TEST_RO_MEMSLOT_AND_DIRTY_LOG(guest_write64, mmio_on_test_gpa_handler,
  916. 1, guest_check_no_write_in_dirty_log),
  917. TEST_RO_MEMSLOT_NO_SYNDROME_AND_DIRTY_LOG(guest_dc_zva,
  918. guest_check_no_write_in_dirty_log),
  919. TEST_RO_MEMSLOT_NO_SYNDROME_AND_DIRTY_LOG(guest_cas,
  920. guest_check_no_write_in_dirty_log),
  921. TEST_RO_MEMSLOT_NO_SYNDROME_AND_DIRTY_LOG(guest_st_preidx,
  922. guest_check_no_write_in_dirty_log),
  923. /*
  924. * The PT and data regions are both read-only and punched with
  925. * holes tracked with userfaultfd. The expected result is the
  926. * union of both userfaultfd and read-only behaviors. For example,
  927. * write accesses result in a userfaultfd write fault and an MMIO
  928. * exit. Writes with no syndrome result in a failed vcpu run and
  929. * no userfaultfd write fault. Reads result in userfaultfd getting
  930. * triggered.
  931. */
  932. TEST_RO_MEMSLOT_AND_UFFD(guest_read64, 0, 0, uffd_data_handler, 2),
  933. TEST_RO_MEMSLOT_AND_UFFD(guest_ld_preidx, 0, 0, uffd_data_handler, 2),
  934. TEST_RO_MEMSLOT_AND_UFFD(guest_at, 0, 0, uffd_no_handler, 1),
  935. TEST_RO_MEMSLOT_AND_UFFD(guest_exec, 0, 0, uffd_data_handler, 2),
  936. TEST_RO_MEMSLOT_AND_UFFD(guest_write64, mmio_on_test_gpa_handler, 1,
  937. uffd_data_handler, 2),
  938. TEST_RO_MEMSLOT_NO_SYNDROME_AND_UFFD(guest_cas, uffd_data_handler, 2),
  939. TEST_RO_MEMSLOT_NO_SYNDROME_AND_UFFD(guest_dc_zva, uffd_no_handler, 1),
  940. TEST_RO_MEMSLOT_NO_SYNDROME_AND_UFFD(guest_st_preidx, uffd_no_handler, 1),
  941. { 0 }
  942. };
  943. static void for_each_test_and_guest_mode(enum vm_mem_backing_src_type src_type)
  944. {
  945. struct test_desc *t;
  946. for (t = &tests[0]; t->name; t++) {
  947. if (t->skip)
  948. continue;
  949. struct test_params p = {
  950. .src_type = src_type,
  951. .test_desc = t,
  952. };
  953. for_each_guest_mode(run_test, &p);
  954. }
  955. }
  956. int main(int argc, char *argv[])
  957. {
  958. enum vm_mem_backing_src_type src_type;
  959. int opt;
  960. src_type = DEFAULT_VM_MEM_SRC;
  961. while ((opt = getopt(argc, argv, "hm:s:")) != -1) {
  962. switch (opt) {
  963. case 'm':
  964. guest_modes_cmdline(optarg);
  965. break;
  966. case 's':
  967. src_type = parse_backing_src_type(optarg);
  968. break;
  969. case 'h':
  970. default:
  971. help(argv[0]);
  972. exit(0);
  973. }
  974. }
  975. for_each_test_and_guest_mode(src_type);
  976. return 0;
  977. }