Commit cd5f3d21 authored by Sean Christopherson's avatar Sean Christopherson

KVM: selftests: Disallow "get supported CPUID" before REQ_XCOMP_GUEST_PERM

Disallow using kvm_get_supported_cpuid() and thus caching KVM's supported
CPUID info before enabling XSAVE-managed features that are off-by-default
and must be enabled by ARCH_REQ_XCOMP_GUEST_PERM.  Caching the supported
CPUID before all XSAVE features are enabled can result in false negatives
due to testing features that were cached before they were enabled.
Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20221128225735.3291648-4-seanjc@google.com
parent 2ceade1d
...@@ -601,21 +601,24 @@ void vcpu_arch_free(struct kvm_vcpu *vcpu) ...@@ -601,21 +601,24 @@ void vcpu_arch_free(struct kvm_vcpu *vcpu)
free(vcpu->cpuid); free(vcpu->cpuid);
} }
/* Do not use kvm_supported_cpuid directly except for validity checks. */
static void *kvm_supported_cpuid;
const struct kvm_cpuid2 *kvm_get_supported_cpuid(void) const struct kvm_cpuid2 *kvm_get_supported_cpuid(void)
{ {
static struct kvm_cpuid2 *cpuid;
int kvm_fd; int kvm_fd;
if (cpuid) if (kvm_supported_cpuid)
return cpuid; return kvm_supported_cpuid;
cpuid = allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES); kvm_supported_cpuid = allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
kvm_fd = open_kvm_dev_path_or_exit(); kvm_fd = open_kvm_dev_path_or_exit();
kvm_ioctl(kvm_fd, KVM_GET_SUPPORTED_CPUID, cpuid); kvm_ioctl(kvm_fd, KVM_GET_SUPPORTED_CPUID,
(struct kvm_cpuid2 *)kvm_supported_cpuid);
close(kvm_fd); close(kvm_fd);
return cpuid; return kvm_supported_cpuid;
} }
static uint32_t __kvm_cpu_has(const struct kvm_cpuid2 *cpuid, static uint32_t __kvm_cpu_has(const struct kvm_cpuid2 *cpuid,
...@@ -684,6 +687,9 @@ void __vm_xsave_require_permission(int bit, const char *name) ...@@ -684,6 +687,9 @@ void __vm_xsave_require_permission(int bit, const char *name)
.addr = (unsigned long) &bitmask .addr = (unsigned long) &bitmask
}; };
TEST_ASSERT(!kvm_supported_cpuid,
"kvm_get_supported_cpuid() cannot be used before ARCH_REQ_XCOMP_GUEST_PERM");
kvm_fd = open_kvm_dev_path_or_exit(); kvm_fd = open_kvm_dev_path_or_exit();
rc = __kvm_ioctl(kvm_fd, KVM_GET_DEVICE_ATTR, &attr); rc = __kvm_ioctl(kvm_fd, KVM_GET_DEVICE_ATTR, &attr);
close(kvm_fd); close(kvm_fd);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment