1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Test for s390x KVM_S390_MEM_OP 4 * 5 * Copyright (C) 2019, Red Hat, Inc. 6 */ 7 8 #include <stdio.h> 9 #include <stdlib.h> 10 #include <string.h> 11 #include <sys/ioctl.h> 12 13 #include <linux/bits.h> 14 15 #include "test_util.h" 16 #include "kvm_util.h" 17 #include "kselftest.h" 18 19 enum mop_target { 20 LOGICAL, 21 SIDA, 22 ABSOLUTE, 23 INVALID, 24 }; 25 26 enum mop_access_mode { 27 READ, 28 WRITE, 29 }; 30 31 struct mop_desc { 32 uintptr_t gaddr; 33 uintptr_t gaddr_v; 34 uint64_t set_flags; 35 unsigned int f_check : 1; 36 unsigned int f_inject : 1; 37 unsigned int f_key : 1; 38 unsigned int _gaddr_v : 1; 39 unsigned int _set_flags : 1; 40 unsigned int _sida_offset : 1; 41 unsigned int _ar : 1; 42 uint32_t size; 43 enum mop_target target; 44 enum mop_access_mode mode; 45 void *buf; 46 uint32_t sida_offset; 47 uint8_t ar; 48 uint8_t key; 49 }; 50 51 static struct kvm_s390_mem_op ksmo_from_desc(struct mop_desc desc) 52 { 53 struct kvm_s390_mem_op ksmo = { 54 .gaddr = (uintptr_t)desc.gaddr, 55 .size = desc.size, 56 .buf = ((uintptr_t)desc.buf), 57 .reserved = "ignored_ignored_ignored_ignored" 58 }; 59 60 switch (desc.target) { 61 case LOGICAL: 62 if (desc.mode == READ) 63 ksmo.op = KVM_S390_MEMOP_LOGICAL_READ; 64 if (desc.mode == WRITE) 65 ksmo.op = KVM_S390_MEMOP_LOGICAL_WRITE; 66 break; 67 case SIDA: 68 if (desc.mode == READ) 69 ksmo.op = KVM_S390_MEMOP_SIDA_READ; 70 if (desc.mode == WRITE) 71 ksmo.op = KVM_S390_MEMOP_SIDA_WRITE; 72 break; 73 case ABSOLUTE: 74 if (desc.mode == READ) 75 ksmo.op = KVM_S390_MEMOP_ABSOLUTE_READ; 76 if (desc.mode == WRITE) 77 ksmo.op = KVM_S390_MEMOP_ABSOLUTE_WRITE; 78 break; 79 case INVALID: 80 ksmo.op = -1; 81 } 82 if (desc.f_check) 83 ksmo.flags |= KVM_S390_MEMOP_F_CHECK_ONLY; 84 if (desc.f_inject) 85 ksmo.flags |= KVM_S390_MEMOP_F_INJECT_EXCEPTION; 86 if (desc._set_flags) 87 ksmo.flags = desc.set_flags; 88 if (desc.f_key) { 89 ksmo.flags |= KVM_S390_MEMOP_F_SKEY_PROTECTION; 90 ksmo.key = desc.key; 91 } 92 if (desc._ar) 93 ksmo.ar = desc.ar; 94 else 95 ksmo.ar = 0; 96 if (desc._sida_offset) 97 ksmo.sida_offset = desc.sida_offset; 98 99 return ksmo; 100 } 101 102 struct test_info { 103 struct kvm_vm *vm; 104 struct kvm_vcpu *vcpu; 105 }; 106 107 #define PRINT_MEMOP false 108 static void print_memop(struct kvm_vcpu *vcpu, const struct kvm_s390_mem_op *ksmo) 109 { 110 if (!PRINT_MEMOP) 111 return; 112 113 if (!vcpu) 114 printf("vm memop("); 115 else 116 printf("vcpu memop("); 117 switch (ksmo->op) { 118 case KVM_S390_MEMOP_LOGICAL_READ: 119 printf("LOGICAL, READ, "); 120 break; 121 case KVM_S390_MEMOP_LOGICAL_WRITE: 122 printf("LOGICAL, WRITE, "); 123 break; 124 case KVM_S390_MEMOP_SIDA_READ: 125 printf("SIDA, READ, "); 126 break; 127 case KVM_S390_MEMOP_SIDA_WRITE: 128 printf("SIDA, WRITE, "); 129 break; 130 case KVM_S390_MEMOP_ABSOLUTE_READ: 131 printf("ABSOLUTE, READ, "); 132 break; 133 case KVM_S390_MEMOP_ABSOLUTE_WRITE: 134 printf("ABSOLUTE, WRITE, "); 135 break; 136 } 137 printf("gaddr=%llu, size=%u, buf=%llu, ar=%u, key=%u", 138 ksmo->gaddr, ksmo->size, ksmo->buf, ksmo->ar, ksmo->key); 139 if (ksmo->flags & KVM_S390_MEMOP_F_CHECK_ONLY) 140 printf(", CHECK_ONLY"); 141 if (ksmo->flags & KVM_S390_MEMOP_F_INJECT_EXCEPTION) 142 printf(", INJECT_EXCEPTION"); 143 if (ksmo->flags & KVM_S390_MEMOP_F_SKEY_PROTECTION) 144 printf(", SKEY_PROTECTION"); 145 puts(")"); 146 } 147 148 static void memop_ioctl(struct test_info info, struct kvm_s390_mem_op *ksmo) 149 { 150 struct kvm_vcpu *vcpu = info.vcpu; 151 152 if (!vcpu) 153 vm_ioctl(info.vm, KVM_S390_MEM_OP, ksmo); 154 else 155 vcpu_ioctl(vcpu, KVM_S390_MEM_OP, ksmo); 156 } 157 158 static int err_memop_ioctl(struct test_info info, struct kvm_s390_mem_op *ksmo) 159 { 160 struct kvm_vcpu *vcpu = info.vcpu; 161 162 if (!vcpu) 163 return __vm_ioctl(info.vm, KVM_S390_MEM_OP, ksmo); 164 else 165 return __vcpu_ioctl(vcpu, KVM_S390_MEM_OP, ksmo); 166 } 167 168 #define MEMOP(err, info_p, mop_target_p, access_mode_p, buf_p, size_p, ...) \ 169 ({ \ 170 struct test_info __info = (info_p); \ 171 struct mop_desc __desc = { \ 172 .target = (mop_target_p), \ 173 .mode = (access_mode_p), \ 174 .buf = (buf_p), \ 175 .size = (size_p), \ 176 __VA_ARGS__ \ 177 }; \ 178 struct kvm_s390_mem_op __ksmo; \ 179 \ 180 if (__desc._gaddr_v) { \ 181 if (__desc.target == ABSOLUTE) \ 182 __desc.gaddr = addr_gva2gpa(__info.vm, __desc.gaddr_v); \ 183 else \ 184 __desc.gaddr = __desc.gaddr_v; \ 185 } \ 186 __ksmo = ksmo_from_desc(__desc); \ 187 print_memop(__info.vcpu, &__ksmo); \ 188 err##memop_ioctl(__info, &__ksmo); \ 189 }) 190 191 #define MOP(...) MEMOP(, __VA_ARGS__) 192 #define ERR_MOP(...) MEMOP(err_, __VA_ARGS__) 193 194 #define GADDR(a) .gaddr = ((uintptr_t)a) 195 #define GADDR_V(v) ._gaddr_v = 1, .gaddr_v = ((uintptr_t)v) 196 #define CHECK_ONLY .f_check = 1 197 #define SET_FLAGS(f) ._set_flags = 1, .set_flags = (f) 198 #define SIDA_OFFSET(o) ._sida_offset = 1, .sida_offset = (o) 199 #define AR(a) ._ar = 1, .ar = (a) 200 #define KEY(a) .f_key = 1, .key = (a) 201 #define INJECT .f_inject = 1 202 203 #define CHECK_N_DO(f, ...) ({ f(__VA_ARGS__, CHECK_ONLY); f(__VA_ARGS__); }) 204 205 #define PAGE_SHIFT 12 206 #define PAGE_SIZE (1ULL << PAGE_SHIFT) 207 #define PAGE_MASK (~(PAGE_SIZE - 1)) 208 #define CR0_FETCH_PROTECTION_OVERRIDE (1UL << (63 - 38)) 209 #define CR0_STORAGE_PROTECTION_OVERRIDE (1UL << (63 - 39)) 210 211 static uint8_t mem1[65536]; 212 static uint8_t mem2[65536]; 213 214 struct test_default { 215 struct kvm_vm *kvm_vm; 216 struct test_info vm; 217 struct test_info vcpu; 218 struct kvm_run *run; 219 int size; 220 }; 221 222 static struct test_default test_default_init(void *guest_code) 223 { 224 struct kvm_vcpu *vcpu; 225 struct test_default t; 226 227 t.size = min((size_t)kvm_check_cap(KVM_CAP_S390_MEM_OP), sizeof(mem1)); 228 t.kvm_vm = vm_create_with_one_vcpu(&vcpu, guest_code); 229 t.vm = (struct test_info) { t.kvm_vm, NULL }; 230 t.vcpu = (struct test_info) { t.kvm_vm, vcpu }; 231 t.run = vcpu->run; 232 return t; 233 } 234 235 enum stage { 236 /* Synced state set by host, e.g. DAT */ 237 STAGE_INITED, 238 /* Guest did nothing */ 239 STAGE_IDLED, 240 /* Guest set storage keys (specifics up to test case) */ 241 STAGE_SKEYS_SET, 242 /* Guest copied memory (locations up to test case) */ 243 STAGE_COPIED, 244 }; 245 246 #define HOST_SYNC(info_p, stage) \ 247 ({ \ 248 struct test_info __info = (info_p); \ 249 struct kvm_vcpu *__vcpu = __info.vcpu; \ 250 struct ucall uc; \ 251 int __stage = (stage); \ 252 \ 253 vcpu_run(__vcpu); \ 254 get_ucall(__vcpu, &uc); \ 255 ASSERT_EQ(uc.cmd, UCALL_SYNC); \ 256 ASSERT_EQ(uc.args[1], __stage); \ 257 }) \ 258 259 static void prepare_mem12(void) 260 { 261 int i; 262 263 for (i = 0; i < sizeof(mem1); i++) 264 mem1[i] = rand(); 265 memset(mem2, 0xaa, sizeof(mem2)); 266 } 267 268 #define ASSERT_MEM_EQ(p1, p2, size) \ 269 TEST_ASSERT(!memcmp(p1, p2, size), "Memory contents do not match!") 270 271 #define DEFAULT_WRITE_READ(copy_cpu, mop_cpu, mop_target_p, size, ...) \ 272 ({ \ 273 struct test_info __copy_cpu = (copy_cpu), __mop_cpu = (mop_cpu); \ 274 enum mop_target __target = (mop_target_p); \ 275 uint32_t __size = (size); \ 276 \ 277 prepare_mem12(); \ 278 CHECK_N_DO(MOP, __mop_cpu, __target, WRITE, mem1, __size, \ 279 GADDR_V(mem1), ##__VA_ARGS__); \ 280 HOST_SYNC(__copy_cpu, STAGE_COPIED); \ 281 CHECK_N_DO(MOP, __mop_cpu, __target, READ, mem2, __size, \ 282 GADDR_V(mem2), ##__VA_ARGS__); \ 283 ASSERT_MEM_EQ(mem1, mem2, __size); \ 284 }) 285 286 #define DEFAULT_READ(copy_cpu, mop_cpu, mop_target_p, size, ...) \ 287 ({ \ 288 struct test_info __copy_cpu = (copy_cpu), __mop_cpu = (mop_cpu); \ 289 enum mop_target __target = (mop_target_p); \ 290 uint32_t __size = (size); \ 291 \ 292 prepare_mem12(); \ 293 CHECK_N_DO(MOP, __mop_cpu, __target, WRITE, mem1, __size, \ 294 GADDR_V(mem1)); \ 295 HOST_SYNC(__copy_cpu, STAGE_COPIED); \ 296 CHECK_N_DO(MOP, __mop_cpu, __target, READ, mem2, __size, ##__VA_ARGS__);\ 297 ASSERT_MEM_EQ(mem1, mem2, __size); \ 298 }) 299 300 static void guest_copy(void) 301 { 302 GUEST_SYNC(STAGE_INITED); 303 memcpy(&mem2, &mem1, sizeof(mem2)); 304 GUEST_SYNC(STAGE_COPIED); 305 } 306 307 static void test_copy(void) 308 { 309 struct test_default t = test_default_init(guest_copy); 310 311 HOST_SYNC(t.vcpu, STAGE_INITED); 312 313 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size); 314 315 kvm_vm_free(t.kvm_vm); 316 } 317 318 static void set_storage_key_range(void *addr, size_t len, uint8_t key) 319 { 320 uintptr_t _addr, abs, i; 321 int not_mapped = 0; 322 323 _addr = (uintptr_t)addr; 324 for (i = _addr & PAGE_MASK; i < _addr + len; i += PAGE_SIZE) { 325 abs = i; 326 asm volatile ( 327 "lra %[abs], 0(0,%[abs])\n" 328 " jz 0f\n" 329 " llill %[not_mapped],1\n" 330 " j 1f\n" 331 "0: sske %[key], %[abs]\n" 332 "1:" 333 : [abs] "+&a" (abs), [not_mapped] "+r" (not_mapped) 334 : [key] "r" (key) 335 : "cc" 336 ); 337 GUEST_ASSERT_EQ(not_mapped, 0); 338 } 339 } 340 341 static void guest_copy_key(void) 342 { 343 set_storage_key_range(mem1, sizeof(mem1), 0x90); 344 set_storage_key_range(mem2, sizeof(mem2), 0x90); 345 GUEST_SYNC(STAGE_SKEYS_SET); 346 347 for (;;) { 348 memcpy(&mem2, &mem1, sizeof(mem2)); 349 GUEST_SYNC(STAGE_COPIED); 350 } 351 } 352 353 static void test_copy_key(void) 354 { 355 struct test_default t = test_default_init(guest_copy_key); 356 357 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 358 359 /* vm, no key */ 360 DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size); 361 362 /* vm/vcpu, machting key or key 0 */ 363 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(0)); 364 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(9)); 365 DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size, KEY(0)); 366 DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, t.size, KEY(9)); 367 /* 368 * There used to be different code paths for key handling depending on 369 * if the region crossed a page boundary. 370 * There currently are not, but the more tests the merrier. 371 */ 372 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, 1, KEY(0)); 373 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, 1, KEY(9)); 374 DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, 1, KEY(0)); 375 DEFAULT_WRITE_READ(t.vcpu, t.vm, ABSOLUTE, 1, KEY(9)); 376 377 /* vm/vcpu, mismatching keys on read, but no fetch protection */ 378 DEFAULT_READ(t.vcpu, t.vcpu, LOGICAL, t.size, GADDR_V(mem2), KEY(2)); 379 DEFAULT_READ(t.vcpu, t.vm, ABSOLUTE, t.size, GADDR_V(mem1), KEY(2)); 380 381 kvm_vm_free(t.kvm_vm); 382 } 383 384 static void guest_copy_key_fetch_prot(void) 385 { 386 /* 387 * For some reason combining the first sync with override enablement 388 * results in an exception when calling HOST_SYNC. 389 */ 390 GUEST_SYNC(STAGE_INITED); 391 /* Storage protection override applies to both store and fetch. */ 392 set_storage_key_range(mem1, sizeof(mem1), 0x98); 393 set_storage_key_range(mem2, sizeof(mem2), 0x98); 394 GUEST_SYNC(STAGE_SKEYS_SET); 395 396 for (;;) { 397 memcpy(&mem2, &mem1, sizeof(mem2)); 398 GUEST_SYNC(STAGE_COPIED); 399 } 400 } 401 402 static void test_copy_key_storage_prot_override(void) 403 { 404 struct test_default t = test_default_init(guest_copy_key_fetch_prot); 405 406 HOST_SYNC(t.vcpu, STAGE_INITED); 407 t.run->s.regs.crs[0] |= CR0_STORAGE_PROTECTION_OVERRIDE; 408 t.run->kvm_dirty_regs = KVM_SYNC_CRS; 409 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 410 411 /* vcpu, mismatching keys, storage protection override in effect */ 412 DEFAULT_WRITE_READ(t.vcpu, t.vcpu, LOGICAL, t.size, KEY(2)); 413 414 kvm_vm_free(t.kvm_vm); 415 } 416 417 static void test_copy_key_fetch_prot(void) 418 { 419 struct test_default t = test_default_init(guest_copy_key_fetch_prot); 420 421 HOST_SYNC(t.vcpu, STAGE_INITED); 422 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 423 424 /* vm/vcpu, matching key, fetch protection in effect */ 425 DEFAULT_READ(t.vcpu, t.vcpu, LOGICAL, t.size, GADDR_V(mem2), KEY(9)); 426 DEFAULT_READ(t.vcpu, t.vm, ABSOLUTE, t.size, GADDR_V(mem2), KEY(9)); 427 428 kvm_vm_free(t.kvm_vm); 429 } 430 431 #define ERR_PROT_MOP(...) \ 432 ({ \ 433 int rv; \ 434 \ 435 rv = ERR_MOP(__VA_ARGS__); \ 436 TEST_ASSERT(rv == 4, "Should result in protection exception"); \ 437 }) 438 439 static void guest_error_key(void) 440 { 441 GUEST_SYNC(STAGE_INITED); 442 set_storage_key_range(mem1, PAGE_SIZE, 0x18); 443 set_storage_key_range(mem1 + PAGE_SIZE, sizeof(mem1) - PAGE_SIZE, 0x98); 444 GUEST_SYNC(STAGE_SKEYS_SET); 445 GUEST_SYNC(STAGE_IDLED); 446 } 447 448 static void test_errors_key(void) 449 { 450 struct test_default t = test_default_init(guest_error_key); 451 452 HOST_SYNC(t.vcpu, STAGE_INITED); 453 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 454 455 /* vm/vcpu, mismatching keys, fetch protection in effect */ 456 CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); 457 CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); 458 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); 459 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); 460 461 kvm_vm_free(t.kvm_vm); 462 } 463 464 static void test_termination(void) 465 { 466 struct test_default t = test_default_init(guest_error_key); 467 uint64_t prefix; 468 uint64_t teid; 469 uint64_t teid_mask = BIT(63 - 56) | BIT(63 - 60) | BIT(63 - 61); 470 uint64_t psw[2]; 471 472 HOST_SYNC(t.vcpu, STAGE_INITED); 473 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 474 475 /* vcpu, mismatching keys after first page */ 476 ERR_PROT_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), KEY(1), INJECT); 477 /* 478 * The memop injected a program exception and the test needs to check the 479 * Translation-Exception Identification (TEID). It is necessary to run 480 * the guest in order to be able to read the TEID from guest memory. 481 * Set the guest program new PSW, so the guest state is not clobbered. 482 */ 483 prefix = t.run->s.regs.prefix; 484 psw[0] = t.run->psw_mask; 485 psw[1] = t.run->psw_addr; 486 MOP(t.vm, ABSOLUTE, WRITE, psw, sizeof(psw), GADDR(prefix + 464)); 487 HOST_SYNC(t.vcpu, STAGE_IDLED); 488 MOP(t.vm, ABSOLUTE, READ, &teid, sizeof(teid), GADDR(prefix + 168)); 489 /* Bits 56, 60, 61 form a code, 0 being the only one allowing for termination */ 490 ASSERT_EQ(teid & teid_mask, 0); 491 492 kvm_vm_free(t.kvm_vm); 493 } 494 495 static void test_errors_key_storage_prot_override(void) 496 { 497 struct test_default t = test_default_init(guest_copy_key_fetch_prot); 498 499 HOST_SYNC(t.vcpu, STAGE_INITED); 500 t.run->s.regs.crs[0] |= CR0_STORAGE_PROTECTION_OVERRIDE; 501 t.run->kvm_dirty_regs = KVM_SYNC_CRS; 502 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 503 504 /* vm, mismatching keys, storage protection override not applicable to vm */ 505 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, WRITE, mem1, t.size, GADDR_V(mem1), KEY(2)); 506 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, t.size, GADDR_V(mem2), KEY(2)); 507 508 kvm_vm_free(t.kvm_vm); 509 } 510 511 const uint64_t last_page_addr = -PAGE_SIZE; 512 513 static void guest_copy_key_fetch_prot_override(void) 514 { 515 int i; 516 char *page_0 = 0; 517 518 GUEST_SYNC(STAGE_INITED); 519 set_storage_key_range(0, PAGE_SIZE, 0x18); 520 set_storage_key_range((void *)last_page_addr, PAGE_SIZE, 0x0); 521 asm volatile ("sske %[key],%[addr]\n" :: [addr] "r"(0), [key] "r"(0x18) : "cc"); 522 GUEST_SYNC(STAGE_SKEYS_SET); 523 524 for (;;) { 525 for (i = 0; i < PAGE_SIZE; i++) 526 page_0[i] = mem1[i]; 527 GUEST_SYNC(STAGE_COPIED); 528 } 529 } 530 531 static void test_copy_key_fetch_prot_override(void) 532 { 533 struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); 534 vm_vaddr_t guest_0_page, guest_last_page; 535 536 guest_0_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, 0); 537 guest_last_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, last_page_addr); 538 if (guest_0_page != 0 || guest_last_page != last_page_addr) { 539 print_skip("did not allocate guest pages at required positions"); 540 goto out; 541 } 542 543 HOST_SYNC(t.vcpu, STAGE_INITED); 544 t.run->s.regs.crs[0] |= CR0_FETCH_PROTECTION_OVERRIDE; 545 t.run->kvm_dirty_regs = KVM_SYNC_CRS; 546 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 547 548 /* vcpu, mismatching keys on fetch, fetch protection override applies */ 549 prepare_mem12(); 550 MOP(t.vcpu, LOGICAL, WRITE, mem1, PAGE_SIZE, GADDR_V(mem1)); 551 HOST_SYNC(t.vcpu, STAGE_COPIED); 552 CHECK_N_DO(MOP, t.vcpu, LOGICAL, READ, mem2, 2048, GADDR_V(guest_0_page), KEY(2)); 553 ASSERT_MEM_EQ(mem1, mem2, 2048); 554 555 /* 556 * vcpu, mismatching keys on fetch, fetch protection override applies, 557 * wraparound 558 */ 559 prepare_mem12(); 560 MOP(t.vcpu, LOGICAL, WRITE, mem1, 2 * PAGE_SIZE, GADDR_V(guest_last_page)); 561 HOST_SYNC(t.vcpu, STAGE_COPIED); 562 CHECK_N_DO(MOP, t.vcpu, LOGICAL, READ, mem2, PAGE_SIZE + 2048, 563 GADDR_V(guest_last_page), KEY(2)); 564 ASSERT_MEM_EQ(mem1, mem2, 2048); 565 566 out: 567 kvm_vm_free(t.kvm_vm); 568 } 569 570 static void test_errors_key_fetch_prot_override_not_enabled(void) 571 { 572 struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); 573 vm_vaddr_t guest_0_page, guest_last_page; 574 575 guest_0_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, 0); 576 guest_last_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, last_page_addr); 577 if (guest_0_page != 0 || guest_last_page != last_page_addr) { 578 print_skip("did not allocate guest pages at required positions"); 579 goto out; 580 } 581 HOST_SYNC(t.vcpu, STAGE_INITED); 582 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 583 584 /* vcpu, mismatching keys on fetch, fetch protection override not enabled */ 585 CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, 2048, GADDR_V(0), KEY(2)); 586 587 out: 588 kvm_vm_free(t.kvm_vm); 589 } 590 591 static void test_errors_key_fetch_prot_override_enabled(void) 592 { 593 struct test_default t = test_default_init(guest_copy_key_fetch_prot_override); 594 vm_vaddr_t guest_0_page, guest_last_page; 595 596 guest_0_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, 0); 597 guest_last_page = vm_vaddr_alloc(t.kvm_vm, PAGE_SIZE, last_page_addr); 598 if (guest_0_page != 0 || guest_last_page != last_page_addr) { 599 print_skip("did not allocate guest pages at required positions"); 600 goto out; 601 } 602 HOST_SYNC(t.vcpu, STAGE_INITED); 603 t.run->s.regs.crs[0] |= CR0_FETCH_PROTECTION_OVERRIDE; 604 t.run->kvm_dirty_regs = KVM_SYNC_CRS; 605 HOST_SYNC(t.vcpu, STAGE_SKEYS_SET); 606 607 /* 608 * vcpu, mismatching keys on fetch, 609 * fetch protection override does not apply because memory range acceeded 610 */ 611 CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, 2048 + 1, GADDR_V(0), KEY(2)); 612 CHECK_N_DO(ERR_PROT_MOP, t.vcpu, LOGICAL, READ, mem2, PAGE_SIZE + 2048 + 1, 613 GADDR_V(guest_last_page), KEY(2)); 614 /* vm, fetch protected override does not apply */ 615 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, 2048, GADDR(0), KEY(2)); 616 CHECK_N_DO(ERR_PROT_MOP, t.vm, ABSOLUTE, READ, mem2, 2048, GADDR_V(guest_0_page), KEY(2)); 617 618 out: 619 kvm_vm_free(t.kvm_vm); 620 } 621 622 static void guest_idle(void) 623 { 624 GUEST_SYNC(STAGE_INITED); /* for consistency's sake */ 625 for (;;) 626 GUEST_SYNC(STAGE_IDLED); 627 } 628 629 static void _test_errors_common(struct test_info info, enum mop_target target, int size) 630 { 631 int rv; 632 633 /* Bad size: */ 634 rv = ERR_MOP(info, target, WRITE, mem1, -1, GADDR_V(mem1)); 635 TEST_ASSERT(rv == -1 && errno == E2BIG, "ioctl allows insane sizes"); 636 637 /* Zero size: */ 638 rv = ERR_MOP(info, target, WRITE, mem1, 0, GADDR_V(mem1)); 639 TEST_ASSERT(rv == -1 && (errno == EINVAL || errno == ENOMEM), 640 "ioctl allows 0 as size"); 641 642 /* Bad flags: */ 643 rv = ERR_MOP(info, target, WRITE, mem1, size, GADDR_V(mem1), SET_FLAGS(-1)); 644 TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows all flags"); 645 646 /* Bad guest address: */ 647 rv = ERR_MOP(info, target, WRITE, mem1, size, GADDR((void *)~0xfffUL), CHECK_ONLY); 648 TEST_ASSERT(rv > 0, "ioctl does not report bad guest memory access"); 649 650 /* Bad host address: */ 651 rv = ERR_MOP(info, target, WRITE, 0, size, GADDR_V(mem1)); 652 TEST_ASSERT(rv == -1 && errno == EFAULT, 653 "ioctl does not report bad host memory address"); 654 655 /* Bad key: */ 656 rv = ERR_MOP(info, target, WRITE, mem1, size, GADDR_V(mem1), KEY(17)); 657 TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows invalid key"); 658 } 659 660 static void test_errors(void) 661 { 662 struct test_default t = test_default_init(guest_idle); 663 int rv; 664 665 HOST_SYNC(t.vcpu, STAGE_INITED); 666 667 _test_errors_common(t.vcpu, LOGICAL, t.size); 668 _test_errors_common(t.vm, ABSOLUTE, t.size); 669 670 /* Bad operation: */ 671 rv = ERR_MOP(t.vcpu, INVALID, WRITE, mem1, t.size, GADDR_V(mem1)); 672 TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); 673 /* virtual addresses are not translated when passing INVALID */ 674 rv = ERR_MOP(t.vm, INVALID, WRITE, mem1, PAGE_SIZE, GADDR(0)); 675 TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows bad operations"); 676 677 /* Bad access register: */ 678 t.run->psw_mask &= ~(3UL << (63 - 17)); 679 t.run->psw_mask |= 1UL << (63 - 17); /* Enable AR mode */ 680 HOST_SYNC(t.vcpu, STAGE_IDLED); /* To sync new state to SIE block */ 681 rv = ERR_MOP(t.vcpu, LOGICAL, WRITE, mem1, t.size, GADDR_V(mem1), AR(17)); 682 TEST_ASSERT(rv == -1 && errno == EINVAL, "ioctl allows ARs > 15"); 683 t.run->psw_mask &= ~(3UL << (63 - 17)); /* Disable AR mode */ 684 HOST_SYNC(t.vcpu, STAGE_IDLED); /* Run to sync new state */ 685 686 /* Check that the SIDA calls are rejected for non-protected guests */ 687 rv = ERR_MOP(t.vcpu, SIDA, READ, mem1, 8, GADDR(0), SIDA_OFFSET(0x1c0)); 688 TEST_ASSERT(rv == -1 && errno == EINVAL, 689 "ioctl does not reject SIDA_READ in non-protected mode"); 690 rv = ERR_MOP(t.vcpu, SIDA, WRITE, mem1, 8, GADDR(0), SIDA_OFFSET(0x1c0)); 691 TEST_ASSERT(rv == -1 && errno == EINVAL, 692 "ioctl does not reject SIDA_WRITE in non-protected mode"); 693 694 kvm_vm_free(t.kvm_vm); 695 } 696 697 struct testdef { 698 const char *name; 699 void (*test)(void); 700 int extension; 701 } testlist[] = { 702 { 703 .name = "simple copy", 704 .test = test_copy, 705 }, 706 { 707 .name = "generic error checks", 708 .test = test_errors, 709 }, 710 { 711 .name = "copy with storage keys", 712 .test = test_copy_key, 713 .extension = 1, 714 }, 715 { 716 .name = "copy with key storage protection override", 717 .test = test_copy_key_storage_prot_override, 718 .extension = 1, 719 }, 720 { 721 .name = "copy with key fetch protection", 722 .test = test_copy_key_fetch_prot, 723 .extension = 1, 724 }, 725 { 726 .name = "copy with key fetch protection override", 727 .test = test_copy_key_fetch_prot_override, 728 .extension = 1, 729 }, 730 { 731 .name = "error checks with key", 732 .test = test_errors_key, 733 .extension = 1, 734 }, 735 { 736 .name = "termination", 737 .test = test_termination, 738 .extension = 1, 739 }, 740 { 741 .name = "error checks with key storage protection override", 742 .test = test_errors_key_storage_prot_override, 743 .extension = 1, 744 }, 745 { 746 .name = "error checks without key fetch prot override", 747 .test = test_errors_key_fetch_prot_override_not_enabled, 748 .extension = 1, 749 }, 750 { 751 .name = "error checks with key fetch prot override", 752 .test = test_errors_key_fetch_prot_override_enabled, 753 .extension = 1, 754 }, 755 }; 756 757 int main(int argc, char *argv[]) 758 { 759 int extension_cap, idx; 760 761 TEST_REQUIRE(kvm_has_cap(KVM_CAP_S390_MEM_OP)); 762 763 setbuf(stdout, NULL); /* Tell stdout not to buffer its content */ 764 765 ksft_print_header(); 766 767 ksft_set_plan(ARRAY_SIZE(testlist)); 768 769 extension_cap = kvm_check_cap(KVM_CAP_S390_MEM_OP_EXTENSION); 770 for (idx = 0; idx < ARRAY_SIZE(testlist); idx++) { 771 if (extension_cap >= testlist[idx].extension) { 772 testlist[idx].test(); 773 ksft_test_result_pass("%s\n", testlist[idx].name); 774 } else { 775 ksft_test_result_skip("%s - extension level %d not supported\n", 776 testlist[idx].name, 777 testlist[idx].extension); 778 } 779 } 780 781 ksft_finished(); /* Print results and exit() accordingly */ 782 } 783