projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2ceade1)
KVM: selftests: Disallow "get supported CPUID" before REQ_XCOMP_GUEST_PERM
authorSean Christopherson <seanjc@google.com>
Mon, 28 Nov 2022 22:57:34 +0000 (22:57 +0000)
committerSean Christopherson <seanjc@google.com>
Thu, 1 Dec 2022 23:31:45 +0000 (15:31 -0800)
Disallow using kvm_get_supported_cpuid() and thus caching KVM's supported
CPUID info before enabling XSAVE-managed features that are off-by-default
and must be enabled by ARCH_REQ_XCOMP_GUEST_PERM.  Caching the supported
CPUID before all XSAVE features are enabled can result in false negatives
due to testing features that were cached before they were enabled.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20221128225735.3291648-4-seanjc@google.com
tools/testing/selftests/kvm/lib/x86_64/processor.c patch | blob | history

diff --git a/tools/testing/selftests/kvm/lib/x86_64/processor.c b/tools/testing/selftests/kvm/lib/x86_64/processor.c
index 2306746..1d3829e 100644 (file)
--- a/tools/testing/selftests/kvm/lib/x86_64/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86_64/processor.c
@@ -601,21 +601,24 @@ void vcpu_arch_free(struct kvm_vcpu *vcpu)
                free(vcpu->cpuid);
 }
 
+/* Do not use kvm_supported_cpuid directly except for validity checks. */
+static void *kvm_supported_cpuid;
+
 const struct kvm_cpuid2 *kvm_get_supported_cpuid(void)
 {
-       static struct kvm_cpuid2 *cpuid;
        int kvm_fd;
 
-       if (cpuid)
-               return cpuid;
+       if (kvm_supported_cpuid)
+               return kvm_supported_cpuid;
 
-       cpuid = allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+       kvm_supported_cpuid = allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
        kvm_fd = open_kvm_dev_path_or_exit();
 
-       kvm_ioctl(kvm_fd, KVM_GET_SUPPORTED_CPUID, cpuid);
+       kvm_ioctl(kvm_fd, KVM_GET_SUPPORTED_CPUID,
+                 (struct kvm_cpuid2 *)kvm_supported_cpuid);
 
        close(kvm_fd);
-       return cpuid;
+       return kvm_supported_cpuid;
 }
 
 static uint32_t __kvm_cpu_has(const struct kvm_cpuid2 *cpuid,
@@ -684,6 +687,9 @@ void __vm_xsave_require_permission(int bit, const char *name)
                .addr = (unsigned long) &bitmask
        };
 
+       TEST_ASSERT(!kvm_supported_cpuid,
+                   "kvm_get_supported_cpuid() cannot be used before ARCH_REQ_XCOMP_GUEST_PERM");
+
        kvm_fd = open_kvm_dev_path_or_exit();
        rc = __kvm_ioctl(kvm_fd, KVM_GET_DEVICE_ATTR, &attr);
        close(kvm_fd);
Domain: System / Kernel;