Skip to content

Commit 4b451a5

Browse files
minipli-osssean-jc
minipli-oss
authored and
sean-jc
committed
KVM: selftests: Test max vCPU IDs corner cases
The KVM_CREATE_VCPU ioctl ABI had an implicit integer truncation bug, allowing 2^32 aliases for a vCPU ID by setting the upper 32 bits of a 64 bit ioctl() argument. It also allowed excluding a once set boot CPU ID. Verify this no longer works and gets rejected with an error. Signed-off-by: Mathias Krause <minipli@grsecurity.net> Link: https://lore.kernel.org/r/20240614202859.3597745-5-minipli@grsecurity.net [sean: tweak assert message+comment for 63:32!=0 testcase] Signed-off-by: Sean Christopherson <seanjc@google.com>
1 parent d29bf2c commit 4b451a5

1 file changed

Lines changed: 20 additions & 2 deletions

File tree

tools/testing/selftests/kvm/x86_64/max_vcpuid_cap_test.c

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,19 +26,37 @@ int main(int argc, char *argv[])
2626
TEST_ASSERT(ret < 0,
2727
"Setting KVM_CAP_MAX_VCPU_ID beyond KVM cap should fail");
2828

29+
/* Test BOOT_CPU_ID interaction (MAX_VCPU_ID cannot be lower) */
30+
if (kvm_has_cap(KVM_CAP_SET_BOOT_CPU_ID)) {
31+
vm_ioctl(vm, KVM_SET_BOOT_CPU_ID, (void *)MAX_VCPU_ID);
32+
33+
/* Try setting KVM_CAP_MAX_VCPU_ID below BOOT_CPU_ID */
34+
ret = __vm_enable_cap(vm, KVM_CAP_MAX_VCPU_ID, MAX_VCPU_ID - 1);
35+
TEST_ASSERT(ret < 0,
36+
"Setting KVM_CAP_MAX_VCPU_ID below BOOT_CPU_ID should fail");
37+
}
38+
2939
/* Set KVM_CAP_MAX_VCPU_ID */
3040
vm_enable_cap(vm, KVM_CAP_MAX_VCPU_ID, MAX_VCPU_ID);
3141

32-
3342
/* Try to set KVM_CAP_MAX_VCPU_ID again */
3443
ret = __vm_enable_cap(vm, KVM_CAP_MAX_VCPU_ID, MAX_VCPU_ID + 1);
3544
TEST_ASSERT(ret < 0,
3645
"Setting KVM_CAP_MAX_VCPU_ID multiple times should fail");
3746

38-
/* Create vCPU with id beyond KVM_CAP_MAX_VCPU_ID cap*/
47+
/* Create vCPU with id beyond KVM_CAP_MAX_VCPU_ID cap */
3948
ret = __vm_ioctl(vm, KVM_CREATE_VCPU, (void *)MAX_VCPU_ID);
4049
TEST_ASSERT(ret < 0, "Creating vCPU with ID > MAX_VCPU_ID should fail");
4150

51+
/* Create vCPU with bits 63:32 != 0, but an otherwise valid id */
52+
ret = __vm_ioctl(vm, KVM_CREATE_VCPU, (void *)(1L << 32));
53+
TEST_ASSERT(ret < 0, "Creating vCPU with ID[63:32] != 0 should fail");
54+
55+
/* Create vCPU with id within bounds */
56+
ret = __vm_ioctl(vm, KVM_CREATE_VCPU, (void *)0);
57+
TEST_ASSERT(ret >= 0, "Creating vCPU with ID 0 should succeed");
58+
59+
close(ret);
4260
kvm_vm_free(vm);
4361
return 0;
4462
}

0 commit comments

Comments
 (0)