| // SPDX-License-Identifier: GPL-2.0-only |
| #include <fcntl.h> |
| #include <stdio.h> |
| #include <stdlib.h> |
| #include <string.h> |
| #include <sys/ioctl.h> |
| |
| #include "test_util.h" |
| #include "kvm_util.h" |
| #include "processor.h" |
| #include "svm_util.h" |
| #include "linux/psp-sev.h" |
| #include "sev.h" |
| |
| |
| static void guest_sev_es_code(void) |
| { |
| /* TODO: Check CPUID after GHCB-based hypercall support is added. */ |
| GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); |
| GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ES_ENABLED); |
| |
| /* |
| * TODO: Add GHCB and ucall support for SEV-ES guests. For now, simply |
| * force "termination" to signal "done" via the GHCB MSR protocol. |
| */ |
| wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); |
| __asm__ __volatile__("rep; vmmcall"); |
| } |
| |
| static void guest_sev_code(void) |
| { |
| GUEST_ASSERT(this_cpu_has(X86_FEATURE_SEV)); |
| GUEST_ASSERT(rdmsr(MSR_AMD64_SEV) & MSR_AMD64_SEV_ENABLED); |
| |
| GUEST_DONE(); |
| } |
| |
| static void test_sev(void *guest_code, uint64_t policy) |
| { |
| struct kvm_vcpu *vcpu; |
| struct kvm_vm *vm; |
| struct ucall uc; |
| |
| vm = vm_sev_create_with_one_vcpu(policy, guest_code, &vcpu); |
| |
| for (;;) { |
| vcpu_run(vcpu); |
| |
| if (policy & SEV_POLICY_ES) { |
| TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT, |
| "Wanted SYSTEM_EVENT, got %s", |
| exit_reason_str(vcpu->run->exit_reason)); |
| TEST_ASSERT_EQ(vcpu->run->system_event.type, KVM_SYSTEM_EVENT_SEV_TERM); |
| TEST_ASSERT_EQ(vcpu->run->system_event.ndata, 1); |
| TEST_ASSERT_EQ(vcpu->run->system_event.data[0], GHCB_MSR_TERM_REQ); |
| break; |
| } |
| |
| switch (get_ucall(vcpu, &uc)) { |
| case UCALL_SYNC: |
| continue; |
| case UCALL_DONE: |
| return; |
| case UCALL_ABORT: |
| REPORT_GUEST_ASSERT(uc); |
| default: |
| TEST_FAIL("Unexpected exit: %s", |
| exit_reason_str(vcpu->run->exit_reason)); |
| } |
| } |
| |
| kvm_vm_free(vm); |
| } |
| |
| int main(int argc, char *argv[]) |
| { |
| TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV)); |
| |
| test_sev(guest_sev_code, SEV_POLICY_NO_DBG); |
| test_sev(guest_sev_code, 0); |
| |
| if (kvm_cpu_has(X86_FEATURE_SEV_ES)) { |
| test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); |
| test_sev(guest_sev_es_code, SEV_POLICY_ES); |
| } |
| |
| return 0; |
| } |