summaryrefslogtreecommitdiff
path: root/tools/testing/selftests/kvm/vmx_tsc_adjust_test.c
blob: 8f7f62093add0fca51d5923196189cc3110e9597 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
/*
 * gtests/tests/vmx_tsc_adjust_test.c
 *
 * Copyright (C) 2018, Google LLC.
 *
 * This work is licensed under the terms of the GNU GPL, version 2.
 *
 *
 * IA32_TSC_ADJUST test
 *
 * According to the SDM, "if an execution of WRMSR to the
 * IA32_TIME_STAMP_COUNTER MSR adds (or subtracts) value X from the TSC,
 * the logical processor also adds (or subtracts) value X from the
 * IA32_TSC_ADJUST MSR.
 *
 * Note that when L1 doesn't intercept writes to IA32_TSC, a
 * WRMSR(IA32_TSC) from L2 sets L1's TSC value, not L2's perceived TSC
 * value.
 *
 * This test verifies that this unusual case is handled correctly.
 */

#include "test_util.h"
#include "kvm_util.h"
#include "x86.h"
#include "vmx.h"

#include <string.h>
#include <sys/ioctl.h>

#ifndef MSR_IA32_TSC_ADJUST
#define MSR_IA32_TSC_ADJUST 0x3b
#endif

#define PAGE_SIZE	4096
#define VCPU_ID		5

#define TSC_ADJUST_VALUE (1ll << 32)
#define TSC_OFFSET_VALUE -(1ll << 48)

enum {
	PORT_ABORT = 0x1000,
	PORT_REPORT,
	PORT_DONE,
};

struct vmx_page {
	vm_vaddr_t virt;
	vm_paddr_t phys;
};

enum {
	VMXON_PAGE = 0,
	VMCS_PAGE,
	MSR_BITMAP_PAGE,

	NUM_VMX_PAGES,
};

struct kvm_single_msr {
	struct kvm_msrs header;
	struct kvm_msr_entry entry;
} __attribute__((packed));

/* The virtual machine object. */
static struct kvm_vm *vm;

/* Array of vmx_page descriptors that is shared with the guest. */
struct vmx_page *vmx_pages;

#define exit_to_l0(_port, _arg) do_exit_to_l0(_port, (unsigned long) (_arg))
static void do_exit_to_l0(uint16_t port, unsigned long arg)
{
	__asm__ __volatile__("in %[port], %%al"
		:
		: [port]"d"(port), "D"(arg)
		: "rax");
}


#define GUEST_ASSERT(_condition) do {					     \
	if (!(_condition))						     \
		exit_to_l0(PORT_ABORT, "Failed guest assert: " #_condition); \
} while (0)

static void check_ia32_tsc_adjust(int64_t max)
{
	int64_t adjust;

	adjust = rdmsr(MSR_IA32_TSC_ADJUST);
	exit_to_l0(PORT_REPORT, adjust);
	GUEST_ASSERT(adjust <= max);
}

static void l2_guest_code(void)
{
	uint64_t l1_tsc = rdtsc() - TSC_OFFSET_VALUE;

	wrmsr(MSR_IA32_TSC, l1_tsc - TSC_ADJUST_VALUE);
	check_ia32_tsc_adjust(-2 * TSC_ADJUST_VALUE);

	/* Exit to L1 */
	__asm__ __volatile__("vmcall");
}

static void l1_guest_code(struct vmx_page *vmx_pages)
{
#define L2_GUEST_STACK_SIZE 64
	unsigned long l2_guest_stack[L2_GUEST_STACK_SIZE];
	uint32_t control;
	uintptr_t save_cr3;

	GUEST_ASSERT(rdtsc() < TSC_ADJUST_VALUE);
	wrmsr(MSR_IA32_TSC, rdtsc() - TSC_ADJUST_VALUE);
	check_ia32_tsc_adjust(-1 * TSC_ADJUST_VALUE);

	prepare_for_vmx_operation();

	/* Enter VMX root operation. */
	*(uint32_t *)vmx_pages[VMXON_PAGE].virt = vmcs_revision();
	GUEST_ASSERT(!vmxon(vmx_pages[VMXON_PAGE].phys));

	/* Load a VMCS. */
	*(uint32_t *)vmx_pages[VMCS_PAGE].virt = vmcs_revision();
	GUEST_ASSERT(!vmclear(vmx_pages[VMCS_PAGE].phys));
	GUEST_ASSERT(!vmptrld(vmx_pages[VMCS_PAGE].phys));

	/* Prepare the VMCS for L2 execution. */
	prepare_vmcs(l2_guest_code, &l2_guest_stack[L2_GUEST_STACK_SIZE]);
	control = vmreadz(CPU_BASED_VM_EXEC_CONTROL);
	control |= CPU_BASED_USE_MSR_BITMAPS | CPU_BASED_USE_TSC_OFFSETING;
	vmwrite(CPU_BASED_VM_EXEC_CONTROL, control);
	vmwrite(MSR_BITMAP, vmx_pages[MSR_BITMAP_PAGE].phys);
	vmwrite(TSC_OFFSET, TSC_OFFSET_VALUE);

	/* Jump into L2.  First, test failure to load guest CR3.  */
	save_cr3 = vmreadz(GUEST_CR3);
	vmwrite(GUEST_CR3, -1ull);
	GUEST_ASSERT(!vmlaunch());
	GUEST_ASSERT(vmreadz(VM_EXIT_REASON) ==
		     (EXIT_REASON_FAILED_VMENTRY | EXIT_REASON_INVALID_STATE));
	check_ia32_tsc_adjust(-1 * TSC_ADJUST_VALUE);
	vmwrite(GUEST_CR3, save_cr3);

	GUEST_ASSERT(!vmlaunch());
	GUEST_ASSERT(vmreadz(VM_EXIT_REASON) == EXIT_REASON_VMCALL);

	check_ia32_tsc_adjust(-2 * TSC_ADJUST_VALUE);

	exit_to_l0(PORT_DONE, 0);
}

static void allocate_vmx_page(struct vmx_page *page)
{
	vm_vaddr_t virt;

	virt = vm_vaddr_alloc(vm, PAGE_SIZE, 0, 0, 0);
	memset(addr_gva2hva(vm, virt), 0, PAGE_SIZE);

	page->virt = virt;
	page->phys = addr_gva2gpa(vm, virt);
}

static vm_vaddr_t allocate_vmx_pages(void)
{
	vm_vaddr_t vmx_pages_vaddr;
	int i;

	vmx_pages_vaddr = vm_vaddr_alloc(
		vm, sizeof(struct vmx_page) * NUM_VMX_PAGES, 0, 0, 0);

	vmx_pages = (void *) addr_gva2hva(vm, vmx_pages_vaddr);

	for (i = 0; i < NUM_VMX_PAGES; i++)
		allocate_vmx_page(&vmx_pages[i]);

	return vmx_pages_vaddr;
}

void report(int64_t val)
{
	printf("IA32_TSC_ADJUST is %ld (%lld * TSC_ADJUST_VALUE + %lld).\n",
	       val, val / TSC_ADJUST_VALUE, val % TSC_ADJUST_VALUE);
}

int main(int argc, char *argv[])
{
	vm_vaddr_t vmx_pages_vaddr;
	struct kvm_cpuid_entry2 *entry = kvm_get_supported_cpuid_entry(1);

	if (!(entry->ecx & CPUID_VMX)) {
		printf("nested VMX not enabled, skipping test");
		return 0;
	}

	vm = vm_create_default_vmx(VCPU_ID, (void *) l1_guest_code);

	/* Allocate VMX pages and shared descriptors (vmx_pages). */
	vmx_pages_vaddr = allocate_vmx_pages();
	vcpu_args_set(vm, VCPU_ID, 1, vmx_pages_vaddr);

	for (;;) {
		volatile struct kvm_run *run = vcpu_state(vm, VCPU_ID);
		struct kvm_regs regs;

		vcpu_run(vm, VCPU_ID);
		TEST_ASSERT(run->exit_reason == KVM_EXIT_IO,
			    "Got exit_reason other than KVM_EXIT_IO: %u (%s),\n",
			    run->exit_reason,
			    exit_reason_str(run->exit_reason));

		vcpu_regs_get(vm, VCPU_ID, &regs);

		switch (run->io.port) {
		case PORT_ABORT:
			TEST_ASSERT(false, "%s", (const char *) regs.rdi);
			/* NOT REACHED */
		case PORT_REPORT:
			report(regs.rdi);
			break;
		case PORT_DONE:
			goto done;
		default:
			TEST_ASSERT(false, "Unknown port 0x%x.", run->io.port);
		}
	}

	kvm_vm_free(vm);
done:
	return 0;
}