1 // SPDX-License-Identifier: GPL-2.0-only
3 #include <linux/psp-sev.h>
10 #include "test_util.h"
12 #include "processor.h"
14 #include "kselftest.h"
16 #define SVM_SEV_FEAT_DEBUG_SWAP 32u
19 * Some features may have hidden dependencies, or may only work
20 * for certain VM types. Err on the side of safety and don't
21 * expect that all supported features can be passed one by one
24 * (Well, right now there's only one...)
26 #define KNOWN_FEATURES SVM_SEV_FEAT_DEBUG_SWAP
29 u64 supported_vmsa_features
;
32 static int __sev_ioctl(int vm_fd
, int cmd_id
, void *data
)
34 struct kvm_sev_cmd cmd
= {
36 .data
= (uint64_t)data
,
37 .sev_fd
= open_sev_dev_path_or_exit(),
41 ret
= ioctl(vm_fd
, KVM_MEMORY_ENCRYPT_OP
, &cmd
);
42 TEST_ASSERT(ret
< 0 || cmd
.error
== SEV_RET_SUCCESS
,
43 "%d failed: fw error: %d\n",
49 static void test_init2(unsigned long vm_type
, struct kvm_sev_init
*init
)
54 vm
= vm_create_barebones_type(vm_type
);
55 ret
= __sev_ioctl(vm
->fd
, KVM_SEV_INIT2
, init
);
57 "KVM_SEV_INIT2 return code is %d (expected 0), errno: %d",
62 static void test_init2_invalid(unsigned long vm_type
, struct kvm_sev_init
*init
, const char *msg
)
67 vm
= vm_create_barebones_type(vm_type
);
68 ret
= __sev_ioctl(vm
->fd
, KVM_SEV_INIT2
, init
);
69 TEST_ASSERT(ret
== -1 && errno
== EINVAL
,
70 "KVM_SEV_INIT2 should fail, %s.",
75 void test_vm_types(void)
77 test_init2(KVM_X86_SEV_VM
, &(struct kvm_sev_init
){});
80 * TODO: check that unsupported types cannot be created. Probably
81 * a separate selftest.
84 test_init2(KVM_X86_SEV_ES_VM
, &(struct kvm_sev_init
){});
86 test_init2_invalid(0, &(struct kvm_sev_init
){},
87 "VM type is KVM_X86_DEFAULT_VM");
88 if (kvm_check_cap(KVM_CAP_VM_TYPES
) & BIT(KVM_X86_SW_PROTECTED_VM
))
89 test_init2_invalid(KVM_X86_SW_PROTECTED_VM
, &(struct kvm_sev_init
){},
90 "VM type is KVM_X86_SW_PROTECTED_VM");
93 void test_flags(uint32_t vm_type
)
97 for (i
= 0; i
< 32; i
++)
98 test_init2_invalid(vm_type
,
99 &(struct kvm_sev_init
){ .flags
= BIT(i
) },
103 void test_features(uint32_t vm_type
, uint64_t supported_features
)
107 for (i
= 0; i
< 64; i
++) {
108 if (!(supported_features
& BIT_ULL(i
)))
109 test_init2_invalid(vm_type
,
110 &(struct kvm_sev_init
){ .vmsa_features
= BIT_ULL(i
) },
112 else if (KNOWN_FEATURES
& BIT_ULL(i
))
114 &(struct kvm_sev_init
){ .vmsa_features
= BIT_ULL(i
) });
118 int main(int argc
, char *argv
[])
120 int kvm_fd
= open_kvm_dev_path_or_exit();
123 TEST_REQUIRE(__kvm_has_device_attr(kvm_fd
, KVM_X86_GRP_SEV
,
124 KVM_X86_SEV_VMSA_FEATURES
) == 0);
125 kvm_device_attr_get(kvm_fd
, KVM_X86_GRP_SEV
,
126 KVM_X86_SEV_VMSA_FEATURES
,
127 &supported_vmsa_features
);
129 have_sev
= kvm_cpu_has(X86_FEATURE_SEV
);
130 TEST_ASSERT(have_sev
== !!(kvm_check_cap(KVM_CAP_VM_TYPES
) & BIT(KVM_X86_SEV_VM
)),
131 "sev: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",
132 kvm_check_cap(KVM_CAP_VM_TYPES
), 1 << KVM_X86_SEV_VM
);
134 TEST_REQUIRE(kvm_check_cap(KVM_CAP_VM_TYPES
) & BIT(KVM_X86_SEV_VM
));
135 have_sev_es
= kvm_cpu_has(X86_FEATURE_SEV_ES
);
137 TEST_ASSERT(have_sev_es
== !!(kvm_check_cap(KVM_CAP_VM_TYPES
) & BIT(KVM_X86_SEV_ES_VM
)),
138 "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)",
139 kvm_check_cap(KVM_CAP_VM_TYPES
), 1 << KVM_X86_SEV_ES_VM
);
143 test_flags(KVM_X86_SEV_VM
);
145 test_flags(KVM_X86_SEV_ES_VM
);
147 test_features(KVM_X86_SEV_VM
, 0);
149 test_features(KVM_X86_SEV_ES_VM
, supported_vmsa_features
);
