> -----Original Message----- > From: kvm-ow...@vger.kernel.org [mailto:kvm-ow...@vger.kernel.org] On > Behalf Of Paolo Bonzini > Sent: Friday, April 04, 2014 12:46 AM > To: Wu, Feng; g...@redhat.com; h...@zytor.com; kvm@vger.kernel.org > Subject: Re: [PATCH v4 0/4] KVM: enable Intel SMAP for KVM > > Il 01/04/2014 11:46, Feng Wu ha scritto: > > Feng Wu (4): > > KVM: Remove SMAP bit from CR4_RESERVED_BITS. > > KVM: Add SMAP support when setting CR4 > > KVM: Disable SMAP for guests in EPT realmode and EPT unpaging mode > > KVM: expose SMAP feature to guest > > > > Hi, > > I prepared some testcases. You can find them in branch "smap" of > git://git.kernel.org/pub/scm/virt/kvm/kvm-unit-tests.git > > To compile them for 32-bits: > git clean -xdf > ./configure --arch=i386 > make > ./x86-run x86/smap.flat -cpu host > > For 64-bits: > git clean -xdf > ./configure > make > ./x86-run x86/smap.flat -cpu host > > I tried them with QEMU and they all pass. The output should be > something like this: > > enabling apic > paging enabled > cr0 = 80010011 > cr3 = 7fff000 > cr4 = 10 > testing without INVLPG > PASS: write to supervisor page > PASS: read from user page with AC=1 > PASS: read from user page with AC=0 > PASS: write to user page with AC=1 > PASS: read from user page with AC=0 > PASS: write to user stack with AC=1 > PASS: write to user stack with AC=0 > PASS: executing on user page with AC=0 > testing with INVLPG > PASS: write to supervisor page > PASS: read from user page with AC=1 > PASS: read from user page with AC=0 > PASS: write to user page with AC=1 > PASS: read from user page with AC=0 > PASS: write to user stack with AC=1 > PASS: write to user stack with AC=0 > PASS: executing on user page with AC=0 > > SUMMARY: 16 tests, 0 failures > > Please test them (both 32- and 64-bits) with both ept=1 and ept=0. If > the tests pass, the series is okay.
Thank you for providing these test cases. I tested it in related hardware (both 32- and 64-bits) with both ept=1 and ept=0, they all pass. I also did some similar testing before posting the patch set. Since SMAP has been already supported in Linux kernel, in which, stac() and clac() are added in functions like copy_from_user(), copy_to_user(), etc.. From my previous test, Linux guest can run well on top of KVM with SMAP enabled. I think this covers the AC bit logic for testing. I also tested whether it can induce an SMAP violation when accessing user pages in kernel mode with AC bit cleared, I successfully got the SMAP violation fault in guest in that case. Besides that, I got some patches for SMAP testing in native Linux, which are attached, I applied them to the guest kernel and everything works well. > > The only part that is not covered is the implicit kernel accesses at > CPL=3, which QEMU doesn't implement that (I fixed it, but didn't have > time to think about tests). Since I'm going on vacation next week, I > wanted to throw this out today. I'll post the test patches when I'm back. > > Paolo > -- > To unsubscribe from this list: send the line "unsubscribe kvm" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html
0001-x86-smap-add-debug-code-for-local-interrupts.patch
Description: 0001-x86-smap-add-debug-code-for-local-interrupts.patch
0002-x86-smap-add-debug-code-for-STAC-opcode.patch
Description: 0002-x86-smap-add-debug-code-for-STAC-opcode.patch
0003-x86-smap-add-debug-code-for-CLAC-opcode.patch
Description: 0003-x86-smap-add-debug-code-for-CLAC-opcode.patch
0004-x86-smap-add-debug-points-for-CLAC-calls.patch
Description: 0004-x86-smap-add-debug-points-for-CLAC-calls.patch
0007-x86-smap-add-more-debug-points-for-CLAC-calls.patch
Description: 0007-x86-smap-add-more-debug-points-for-CLAC-calls.patch
