[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/4] tools/tests: Unit test for paging mempool size

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 17 Nov 2022 11:39:58 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hAvRLOg6w4mmvcA3i5mjaJkjOWFpZznd38q0eTok1IY=; b=lhEJCBuMQKa1TiZg68Z3R/bpzCkS7JCbMp/3ifNmRa0sIp7xyFXk/rNR3hTl6n24xFjoLSYE7jEA3ddkBEzBH6ZUqyfrs9FlqhujliwC6ei9vorcuMy/FcHWoIiqlK++bRAt9e4YFtVieWSGtherNtDVcfHfbQXLX11v+LbcZg9yIhvUvFIXXud+OsKtIVojccOTWJqkrBEySwfZ+WuSpNK1JZF8Hx9HLGvSiFxmzvq0bkPqJdu6rVQzskqQBZwIPUiG4ozXpH7QkeTPgf+lgbGPJJfTWlW4AwBvqVDPbSc1ifWt3cQOr+oaWHU6wmx0Ytmtt9/XddeGqrBbGcS/aQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cH++qI5O/3vot6Izply7klumLRLgqkT7n1aWmg0OD3MSCuYSkKZRp711TV/VnLOPPznvDQwVh1ofA6FG1mbdob4Bw3ZXHh26QA2e/fczz60msnT+noUKkHCjY/NoGOAvT4BzcKI/xD0NmdB/Uy0kdc9/yOVTL/NBGjAVJyP7PoayBvDoKOVgH2poRTR7oqegn4AZEcakcW8DyS4tb5qIkbCB8Z3LONI26+xtks0uo7hxrcPPV5KRlovAkEsyqIi3+w9oKL+/G2IgffYL5J9eNb8McGktkVXkCoVHA/CIihH0Ndybea0RCgQMmfwLa1G9ZZCbf378jOE5mFR4XbNi5w==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 17 Nov 2022 10:40:04 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 17.11.2022 02:08, Andrew Cooper wrote:
> Exercise some basic functionality of the new
> xc_{get,set}_paging_mempool_size() hypercalls.
> 
> This passes on x86, but fails currently on ARM.  ARM will be fixed up in
> future patches.
> 
> This is part of XSA-409 / CVE-2022-33747.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Release-acked-by: Henry Wang <Henry.Wang@xxxxxxx>

Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
(if this counts anything, since as it stands the new stuff all falls
under tool stack maintainership)

> --- /dev/null
> +++ b/tools/tests/paging-mempool/test-paging-mempool.c
> @@ -0,0 +1,181 @@
> +#include <err.h>
> +#include <errno.h>
> +#include <inttypes.h>
> +#include <stdio.h>
> +#include <string.h>
> +#include <sys/mman.h>
> +
> +#include <xenctrl.h>
> +#include <xenforeignmemory.h>
> +#include <xengnttab.h>
> +#include <xen-tools/libs.h>
> +
> +static unsigned int nr_failures;
> +#define fail(fmt, ...)                          \
> +({                                              \
> +    nr_failures++;                              \
> +    (void)printf(fmt, ##__VA_ARGS__);           \
> +})
> +
> +static xc_interface *xch;
> +static uint32_t domid;
> +
> +static struct xen_domctl_createdomain create = {
> +    .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap,

I understand that it is accepted that this test will thus fail when run
on HAP-incapable hardware (including when run with Xen itself running on
top of another hypervisor not surfacing HAP capabilities)? Oh, I notice
you're actually translating EINVAL and EOPNOTSUPP failures into "skip".
That'll probably do, albeit personally I consider skipping when EINVAL
(which we use all over the place) as a overly relaxed.

> +static void run_tests(void)
> +{
> +    xen_pfn_t physmap[] = { 0 };

I have to admit that I'm uncertain whether Arm (or other architectures
that Xen is being planned to be ported to) have constraints which may
cause populating of GFN 0 to fail.

> +    uint64_t size_bytes, old_size_bytes;
> +    int rc;
> +
> +    printf("Test default mempool size\n");
> +
> +    rc = xc_get_paging_mempool_size(xch, domid, &size_bytes);
> +    if ( rc )
> +        return fail("  Fail: get mempool size: %d - %s\n",
> +                    errno, strerror(errno));
> +
> +    printf("mempool size %"PRIu64" bytes (%"PRIu64"kB, %"PRIu64"MB)\n",
> +           size_bytes, size_bytes >> 10, size_bytes >> 20);
> +
> +
> +    /*
> +     * Check that the domain has the expected default allocation size.  This
> +     * will fail if the logic in Xen is altered without an equivelent

Nit: equivalent

> +     * adjustment here.
> +     */
> +    if ( size_bytes != default_mempool_size_bytes )
> +        return fail("  Fail: size %"PRIu64" != expected size %"PRIu64"\n",
> +                    size_bytes, default_mempool_size_bytes);
> +
> +
> +    printf("Test that allocate doesn't alter pool size\n");
> +
> +    /*
> +     * Populate the domain with some RAM.  This will cause more of the 
> mempool
> +     * to be used.
> +     */
> +    old_size_bytes = size_bytes;
> +
> +    rc = xc_domain_setmaxmem(xch, domid, -1);
> +    if ( rc )
> +        return fail("  Fail: setmaxmem: : %d - %s\n",
> +                    errno, strerror(errno));
> +
> +    rc = xc_domain_populate_physmap_exact(xch, domid, 1, 0, 0, physmap);
> +    if ( rc )
> +        return fail("  Fail: populate physmap: %d - %s\n",
> +                    errno, strerror(errno));
> +
> +    /*
> +     * Re-get the p2m size.  Should not have changed as a consequence of
> +     * populate physmap.
> +     */
> +    rc = xc_get_paging_mempool_size(xch, domid, &size_bytes);
> +    if ( rc )
> +        return fail("  Fail: get mempool size: %d - %s\n",
> +                    errno, strerror(errno));
> +
> +    if ( old_size_bytes != size_bytes )
> +        return fail("  Fail: mempool size changed %"PRIu64" => %"PRIu64"\n",
> +                    old_size_bytes, size_bytes);
> +
> +
> +
> +    printf("Test bad set size\n");
> +
> +    /*
> +     * Check that setting a non-page size results in failure.
> +     */
> +    rc = xc_set_paging_mempool_size(xch, domid, size_bytes + 1);
> +    if ( rc != -1 || errno != EINVAL )
> +        return fail("  Fail: Bad set size: expected -1/EINVAL, got %d/%d - 
> %s\n",
> +                    rc, errno, strerror(errno));
> +
> +
> +    printf("Test very large set size\n");

Maybe drop "very", as 64M isn't all that much (and would, in particular,
not expose any 32-bit truncation issues)?

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.