mbox series

[SRU,N:intel,0/4] Fix QEMU/KVM support for EPT paging level 4/5

Message ID 20240704162521.3375266-1-thibault.ferrante@canonical.com
Headers show
Series Fix QEMU/KVM support for EPT paging level 4/5 | expand

Message

Thibault Ferrante July 4, 2024, 4:25 p.m. UTC
BugLink: https://bugs.launchpad.net/bugs/2071628

[ Impact ]

 * Fix EPT paging level 4 using incorrectly memory range in specific configuration.
 * Expose support of EPT paging level 5 for compatible hardware (e.g. Sierra Forest).

[ Fix ]

Clean cherry pick upstream and associated self-tests.

[ Test Plan ]

On compatible hardware (e.g. Sierra forest):
 * Verify level 5 EPT capability flag
 * Execute self-tests

Already tested by intel.

[ Where problems could occur ]

 * Regression in KVM features.

[ Other info ]

Context:
https://lore.kernel.org/all/170864656017.3080257.14048100709856204250.b4-ty@google.com/
https://lore.kernel.org/all/171754268137.2777430.1222935014468693201.b4-ty@google.com/


Peter Gonda (2):
  KVM: selftests: Allow tagging protected memory in guest page tables
  KVM: selftests: Add library for creating and interacting with SEV
    guests

Sean Christopherson (1):
  x86/cpu: Add a VMX flag to enumerate 5-level EPT support to userspace

Tao Su (1):
  KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits

 arch/x86/include/asm/vmxfeatures.h            |   1 +
 arch/x86/kernel/cpu/feat_ctl.c                |   2 +
 tools/testing/selftests/kvm/Makefile          |   1 +
 .../kvm/include/aarch64/kvm_util_arch.h       |   7 ++
 .../selftests/kvm/include/kvm_util_base.h     |  13 +++
 .../kvm/include/riscv/kvm_util_arch.h         |   7 ++
 .../kvm/include/s390x/kvm_util_arch.h         |   7 ++
 .../kvm/include/x86_64/kvm_util_arch.h        |  23 ++++
 .../selftests/kvm/include/x86_64/processor.h  |   9 ++
 .../selftests/kvm/include/x86_64/sev.h        | 105 +++++++++++++++++
 tools/testing/selftests/kvm/lib/kvm_util.c    |  18 +++
 .../selftests/kvm/lib/x86_64/processor.c      |  47 +++++++-
 tools/testing/selftests/kvm/lib/x86_64/sev.c  | 110 ++++++++++++++++++
 13 files changed, 347 insertions(+), 3 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h
 create mode 100644 tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h
 create mode 100644 tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h
 create mode 100644 tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h
 create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c

Comments

Agathe Porte July 5, 2024, 11:35 a.m. UTC | #1
2024-07-04 18:26 CEST, Thibault Ferrante:
> BugLink: https://bugs.launchpad.net/bugs/2071628
> 
> [ Impact ]
> 
>  * Fix EPT paging level 4 using incorrectly memory range in specific configuration.
>  * Expose support of EPT paging level 5 for compatible hardware (e.g. Sierra Forest).
> 
> [ Fix ]
> 
> Clean cherry pick upstream and associated self-tests.
> 
> [ Test Plan ]
> 
> On compatible hardware (e.g. Sierra forest):
>  * Verify level 5 EPT capability flag
>  * Execute self-tests
> 
> Already tested by intel.
> 
> [ Where problems could occur ]
> 
>  * Regression in KVM features.
> 
> [ Other info ]
> 
> Context:
> https://lore.kernel.org/all/170864656017.3080257.14048100709856204250.b4-ty@google.com/
> https://lore.kernel.org/all/171754268137.2777430.1222935014468693201.b4-ty@google.com/
> 
> 
> Peter Gonda (2):
>   KVM: selftests: Allow tagging protected memory in guest page tables
>   KVM: selftests: Add library for creating and interacting with SEV
>     guests
> 
> Sean Christopherson (1):
>   x86/cpu: Add a VMX flag to enumerate 5-level EPT support to userspace
> 
> Tao Su (1):
>   KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits
> 
>  arch/x86/include/asm/vmxfeatures.h            |   1 +
>  arch/x86/kernel/cpu/feat_ctl.c                |   2 +
>  tools/testing/selftests/kvm/Makefile          |   1 +
>  .../kvm/include/aarch64/kvm_util_arch.h       |   7 ++
>  .../selftests/kvm/include/kvm_util_base.h     |  13 +++
>  .../kvm/include/riscv/kvm_util_arch.h         |   7 ++
>  .../kvm/include/s390x/kvm_util_arch.h         |   7 ++
>  .../kvm/include/x86_64/kvm_util_arch.h        |  23 ++++
>  .../selftests/kvm/include/x86_64/processor.h  |   9 ++
>  .../selftests/kvm/include/x86_64/sev.h        | 105 +++++++++++++++++
>  tools/testing/selftests/kvm/lib/kvm_util.c    |  18 +++
>  .../selftests/kvm/lib/x86_64/processor.c      |  47 +++++++-
>  tools/testing/selftests/kvm/lib/x86_64/sev.c  | 110 ++++++++++++++++++
>  13 files changed, 347 insertions(+), 3 deletions(-)
>  create mode 100644 tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h
>  create mode 100644 tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h
>  create mode 100644 tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h
>  create mode 100644 tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h
>  create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
>  create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c

Acked-by: Agathe Porte <agathe.porte@canonical.com>
Philip Cox July 8, 2024, 11:50 a.m. UTC | #2
On Thu, 2024-07-04 at 18:25 +0200, Thibault Ferrante wrote:
> BugLink: https://bugs.launchpad.net/bugs/2071628
> 
> [ Impact ]
> 
>  * Fix EPT paging level 4 using incorrectly memory range in specific
> configuration.
>  * Expose support of EPT paging level 5 for compatible hardware (e.g.
> Sierra Forest).
> 
> [ Fix ]
> 
> Clean cherry pick upstream and associated self-tests.
> 
> [ Test Plan ]
> 
> On compatible hardware (e.g. Sierra forest):
>  * Verify level 5 EPT capability flag
>  * Execute self-tests
> 
> Already tested by intel.
> 
> [ Where problems could occur ]
> 
>  * Regression in KVM features.
> 
> [ Other info ]
> 
> Context:
> https://lore.kernel.org/all/170864656017.3080257.14048100709856204250.b4-ty@google.com/
> https://lore.kernel.org/all/171754268137.2777430.1222935014468693201.b4-ty@google.com/
> 
> 
> Peter Gonda (2):
>   KVM: selftests: Allow tagging protected memory in guest page tables
>   KVM: selftests: Add library for creating and interacting with SEV
>     guests
> 
> Sean Christopherson (1):
>   x86/cpu: Add a VMX flag to enumerate 5-level EPT support to
> userspace
> 
> Tao Su (1):
>   KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits
> 
>  arch/x86/include/asm/vmxfeatures.h            |   1 +
>  arch/x86/kernel/cpu/feat_ctl.c                |   2 +
>  tools/testing/selftests/kvm/Makefile          |   1 +
>  .../kvm/include/aarch64/kvm_util_arch.h       |   7 ++
>  .../selftests/kvm/include/kvm_util_base.h     |  13 +++
>  .../kvm/include/riscv/kvm_util_arch.h         |   7 ++
>  .../kvm/include/s390x/kvm_util_arch.h         |   7 ++
>  .../kvm/include/x86_64/kvm_util_arch.h        |  23 ++++
>  .../selftests/kvm/include/x86_64/processor.h  |   9 ++
>  .../selftests/kvm/include/x86_64/sev.h        | 105
> +++++++++++++++++
>  tools/testing/selftests/kvm/lib/kvm_util.c    |  18 +++
>  .../selftests/kvm/lib/x86_64/processor.c      |  47 +++++++-
>  tools/testing/selftests/kvm/lib/x86_64/sev.c  | 110
> ++++++++++++++++++
>  13 files changed, 347 insertions(+), 3 deletions(-)
>  create mode 100644
> tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h
>  create mode 100644
> tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h
>  create mode 100644
> tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h
>  create mode 100644
> tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h
>  create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
>  create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
> 
> -- 
> 2.43.0
> 
>
Thibault Ferrante July 18, 2024, 2:19 p.m. UTC | #3
On 04-07-2024 18:25, Thibault Ferrante wrote:
> BugLink: https://bugs.launchpad.net/bugs/2071628
> 
> [ Impact ]
> 
>   * Fix EPT paging level 4 using incorrectly memory range in specific configuration.
>   * Expose support of EPT paging level 5 for compatible hardware (e.g. Sierra Forest).
> 
> [ Fix ]
> 
> Clean cherry pick upstream and associated self-tests.
> 
> [ Test Plan ]
> 
> On compatible hardware (e.g. Sierra forest):
>   * Verify level 5 EPT capability flag
>   * Execute self-tests
> 
> Already tested by intel.
> 
> [ Where problems could occur ]
> 
>   * Regression in KVM features.
> 
> [ Other info ]
> 
> Context:
> https://lore.kernel.org/all/170864656017.3080257.14048100709856204250.b4-ty@google.com/
> https://lore.kernel.org/all/171754268137.2777430.1222935014468693201.b4-ty@google.com/
> 
> 
> Peter Gonda (2):
>    KVM: selftests: Allow tagging protected memory in guest page tables
>    KVM: selftests: Add library for creating and interacting with SEV
>      guests
> 
> Sean Christopherson (1):
>    x86/cpu: Add a VMX flag to enumerate 5-level EPT support to userspace
> 
> Tao Su (1):
>    KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits
> 
>   arch/x86/include/asm/vmxfeatures.h            |   1 +
>   arch/x86/kernel/cpu/feat_ctl.c                |   2 +
>   tools/testing/selftests/kvm/Makefile          |   1 +
>   .../kvm/include/aarch64/kvm_util_arch.h       |   7 ++
>   .../selftests/kvm/include/kvm_util_base.h     |  13 +++
>   .../kvm/include/riscv/kvm_util_arch.h         |   7 ++
>   .../kvm/include/s390x/kvm_util_arch.h         |   7 ++
>   .../kvm/include/x86_64/kvm_util_arch.h        |  23 ++++
>   .../selftests/kvm/include/x86_64/processor.h  |   9 ++
>   .../selftests/kvm/include/x86_64/sev.h        | 105 +++++++++++++++++
>   tools/testing/selftests/kvm/lib/kvm_util.c    |  18 +++
>   .../selftests/kvm/lib/x86_64/processor.c      |  47 +++++++-
>   tools/testing/selftests/kvm/lib/x86_64/sev.c  | 110 ++++++++++++++++++
>   13 files changed, 347 insertions(+), 3 deletions(-)
>   create mode 100644 tools/testing/selftests/kvm/include/aarch64/kvm_util_arch.h
>   create mode 100644 tools/testing/selftests/kvm/include/riscv/kvm_util_arch.h
>   create mode 100644 tools/testing/selftests/kvm/include/s390x/kvm_util_arch.h
>   create mode 100644 tools/testing/selftests/kvm/include/x86_64/kvm_util_arch.h
>   create mode 100644 tools/testing/selftests/kvm/include/x86_64/sev.h
>   create mode 100644 tools/testing/selftests/kvm/lib/x86_64/sev.c
> 

Applied to noble linux-intel, thanks !

--
Thibault