1. 17 Feb, 2021 1 commit
  2. 09 Feb, 2021 1 commit
  3. 08 Feb, 2021 1 commit
  4. 03 Feb, 2021 2 commits
    • Yang Weijiang's avatar
      x86: Add test cases for user-mode CET validation · 79e53994
      Yang Weijiang authored
      This unit test is intended to test user-mode CET support of KVM,
      it's tested on Intel new platform. Two CET features: Shadow Stack
      Protection(SHSTK) and Indirect-Branch Tracking(IBT) are enclosed.
      
      In SHSTK test, if the function return-address in normal stack is
      tampered with a value not equal to the one on shadow-stack, #CP
      (Control Protection Exception)will generated on function returning.
      This feature is supported by processor itself, no compiler/link
      option is required.
      
      However, to enabled IBT, we need to add -fcf-protection=full in
      compiler options, this makes the compiler insert endbr64 at the
      very beginning of each jmp/call target given the binary is for
      x86_64.
      
      To get PASS results, the following conditions must be met:
      1) The processor is powered with CET feature.
      2) The kernel is patched with the latest CET kernel patches.
      3) The KVM and QEMU are patched with the latest CET patches.
      4) Use CET-enabled gcc to compile the test app.
      
      v2:
      - Removed extra dependency on test framework for user/kernel mode switch.
      - Directly set #CP handler instead of through TSS.
      Signed-off-by: default avatarYang Weijiang <weijiang.yang@intel.com>
      Message-Id: <20200506082110.25441-12-weijiang.yang@intel.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      79e53994
    • Paolo Bonzini's avatar
      x86: add CR4.DE test to debug.flat · 2c6863b2
      Paolo Bonzini authored
      Check whether reading/writing DR4 generates an undefined opcode exception.
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      2c6863b2
  5. 02 Feb, 2021 3 commits
  6. 27 Jan, 2021 2 commits
  7. 23 Jan, 2021 2 commits
  8. 20 Jan, 2021 13 commits
  9. 19 Jan, 2021 13 commits
  10. 18 Jan, 2021 1 commit
    • Thomas Huth's avatar
      gitlab-ci.yml: Run test with KVM and macOS via cirrus-run · 990955ea
      Thomas Huth authored
      Since Travis changed their policy, we soon cannot use it for the
      kvm-unit-tests anymore, thus we lose the CI testing with KVM enabled
      and the compilation jobs on macOS. Fortunately there is an alternative:
      Cirrus-CI also provides containers with KVM enabled and CI jobs with
      macOS. Thanks to the so-call "cirrus-run" script, we can even start
      the jobs from the gitlab-CI, so we get all the test coverage in the
      gitlab-CI again. cirrus-run needs some configuration first, though.
      Please refer to the description from libvirt for the details how to
      set up your environment for these jobs:
      
       https://gitlab.com/libvirt/libvirt/-/blob/v7.0.0/ci/README.rst
      
      Message-Id: <20210115223017.271339-1-thuth@redhat.com>
      Signed-off-by: default avatarThomas Huth <thuth@redhat.com>
      990955ea
  11. 11 Dec, 2020 1 commit
    • Ricardo Koller's avatar
      Makefile: fix use of PWD in target "all" · ac54015f
      Ricardo Koller authored
      The "all" target creates the build-head file in the wrong location when
      using "make -C" or "sudo make". The reason is that the PWD environment
      variable gets the value of the current directory when calling "make -C"
      (before the -C changes directories), or is unset in the case of "sudo
      make".  Note that the PWD is not changed by the previous "cd $(SRCDIR)".
      
      	/a/b/c $ make -C ../kvm-unit-tests
      	=====> creates /a/b/c/build-head
      
      	/a/b/kvm-unit-tests $ sudo make
      	=====> creates /build-head
      		(note the root)
      
      The consequence of this is that the standalone script can't find the
      build-head file:
      
      	/a/b/c $ make -C kvm-unit-tests standalone
      	cat: build-head: No such file or directory
      	...
      
      	/a/b/kvm-unit-tests $ sudo make standalone
      	cat: build-head: No such file or directory
      	...
      
      The fix is to not use PWD. "cd $SRCDIR && git rev-parse" is run in a
      subshell in order to not break out-of-tree builds, which expect
      build-head in the current directory (/a/b/c/build-head below).
      
      Tested:
      	out-of-tree build:
      	/a/b/c $ ../kvm-unit-tests/configure && make standalone
      
      	sudo make:
      	/a/b/kvm-unit-tests $ ./configure && sudo make standalone
      
      	make -C:
      	/a/b/c $ (cd ../kvm-unit-tests && ./configure) && \
      				make -C ../kvm-unit-tests standalone
      Signed-off-by: default avatarRicardo Koller <ricarkol@google.com>
      Reviewed-by: default avatarJim Mattson <jmattson@google.com>
      Reviewed-by: default avatarOliver Upton <oupton@google.com>
      Message-Id: <20201211194331.3830000-1-ricarkol@google.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      ac54015f