RE: [PATCH v4 0/4] KVM: enable Intel SMAP for KVM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> -----Original Message-----
> From: kvm-owner@xxxxxxxxxxxxxxx [mailto:kvm-owner@xxxxxxxxxxxxxxx] On
> Behalf Of Paolo Bonzini
> Sent: Friday, April 04, 2014 12:46 AM
> To: Wu, Feng; gleb@xxxxxxxxxx; hpa@xxxxxxxxx; kvm@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH v4 0/4] KVM: enable Intel SMAP for KVM
> 
> Il 01/04/2014 11:46, Feng Wu ha scritto:
> > Feng Wu (4):
> >   KVM: Remove SMAP bit from CR4_RESERVED_BITS.
> >   KVM: Add SMAP support when setting CR4
> >   KVM: Disable SMAP for guests in EPT realmode and EPT unpaging mode
> >   KVM: expose SMAP feature to guest
> >
> 
> Hi,
> 
> I prepared some testcases.  You can find them in branch "smap" of
> git://git.kernel.org/pub/scm/virt/kvm/kvm-unit-tests.git
> 
> To compile them for 32-bits:
> 	git clean -xdf
> 	./configure --arch=i386
> 	make
> 	./x86-run x86/smap.flat -cpu host
> 
> For 64-bits:
> 	git clean -xdf
> 	./configure
> 	make
> 	./x86-run x86/smap.flat -cpu host
> 
> I tried them with QEMU and they all pass.  The output should be
> something like this:
> 
> 	enabling apic
> 	paging enabled
> 	cr0 = 80010011
> 	cr3 = 7fff000
> 	cr4 = 10
> 	testing without INVLPG
> 	PASS: write to supervisor page
> 	PASS: read from user page with AC=1
> 	PASS: read from user page with AC=0
> 	PASS: write to user page with AC=1
> 	PASS: read from user page with AC=0
> 	PASS: write to user stack with AC=1
> 	PASS: write to user stack with AC=0
> 	PASS: executing on user page with AC=0
> 	testing with INVLPG
> 	PASS: write to supervisor page
> 	PASS: read from user page with AC=1
> 	PASS: read from user page with AC=0
> 	PASS: write to user page with AC=1
> 	PASS: read from user page with AC=0
> 	PASS: write to user stack with AC=1
> 	PASS: write to user stack with AC=0
> 	PASS: executing on user page with AC=0
> 
> 	SUMMARY: 16 tests, 0 failures
> 
> Please test them (both 32- and 64-bits) with both ept=1 and ept=0.  If
> the tests pass, the series is okay.

Thank you for providing these test cases. I tested it in related hardware
(both 32- and 64-bits) with both ept=1 and ept=0, they all pass.

I also did some similar testing before posting the patch set. Since SMAP
has been already supported in Linux kernel, in which, stac() and clac() are
added in functions like copy_from_user(), copy_to_user(), etc.. From my
previous test, Linux guest can run well on top of KVM with SMAP enabled.
I think this covers the AC bit logic for testing. I also tested whether it can
induce an SMAP violation when accessing user pages in kernel mode with
AC bit cleared, I successfully got the SMAP violation fault in guest in that case.

Besides that, I got some patches for SMAP testing in native Linux, which are
attached, I applied them to the guest kernel and everything works well.

> 
> The only part that is not covered is the implicit kernel accesses at
> CPL=3, which QEMU doesn't implement that (I fixed it, but didn't have
> time to think about tests).  Since I'm going on vacation next week, I
> wanted to throw this out today.  I'll post the test patches when I'm back.
> 
> Paolo
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Attachment: 0001-x86-smap-add-debug-code-for-local-interrupts.patch
Description: 0001-x86-smap-add-debug-code-for-local-interrupts.patch

Attachment: 0002-x86-smap-add-debug-code-for-STAC-opcode.patch
Description: 0002-x86-smap-add-debug-code-for-STAC-opcode.patch

Attachment: 0003-x86-smap-add-debug-code-for-CLAC-opcode.patch
Description: 0003-x86-smap-add-debug-code-for-CLAC-opcode.patch

Attachment: 0004-x86-smap-add-debug-points-for-CLAC-calls.patch
Description: 0004-x86-smap-add-debug-points-for-CLAC-calls.patch

Attachment: 0007-x86-smap-add-more-debug-points-for-CLAC-calls.patch
Description: 0007-x86-smap-add-more-debug-points-for-CLAC-calls.patch


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux