Add KVM_MEMORY_ENCRYPT_{UN,}REG_REGION test

Signed-off-by: Roman Volosatovs <[email protected]>
rust-vmm · Oct 13, 2021 · 1333183 · 1333183
1 parent 21ea4dd
commit 1333183
Showing 1 changed file with 55 additions and 0 deletions.
diff --git a/src/ioctls/vm.rs b/src/ioctls/vm.rs
@@ -1541,6 +1541,9 @@ mod tests {
     use super::*;
     use Kvm;
 
+    #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
+    use std::{fs::OpenOptions, path::Path, ptr::null_mut};
+
     use libc::EFD_NONBLOCK;
 
     #[test]
@@ -2027,4 +2030,56 @@ mod tests {
         let vm = kvm.create_vm().unwrap();
         assert!(vm.check_extension(Cap::MpState));
     }
+
+    #[test]
+    #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
+    fn test_register_unregister_enc_memory_region() {
+        if !Path::new("/dev/sev").exists() {
+            // This functionality is SEV-specific, skip test if SEV device does not exist.
+            return;
+        }
+        let sev = OpenOptions::new()
+            .read(true)
+            .write(true)
+            .open("/dev/sev")
+            .unwrap();
+
+        let kvm = Kvm::new().unwrap();
+        let vm = kvm.create_vm().unwrap();
+
+        // Perform SEV launch sequence according to
+        // https://github.com/torvalds/linux/blob/5af4055fa8133662831ae2fb6e188e8f6c172688/Documentation/virt/kvm/amd-memory-encryption.rst
+
+        let mut init: kvm_sev_cmd = Default::default();
+        assert!(unsafe { vm.encrypt_op(&mut init) }.is_ok());
+
+        let start_data: kvm_sev_launch_start = Default::default();
+        let mut start = kvm_sev_cmd {
+            id: sev_cmd_id_KVM_SEV_LAUNCH_START,
+            data: &start_data as *const kvm_sev_launch_start as _,
+            sev_fd: sev.as_raw_fd() as _,
+            ..Default::default()
+        };
+
+        assert!(unsafe { vm.encrypt_op(&mut start) }.is_ok());
+
+        let addr = unsafe {
+            libc::mmap(
+                null_mut(),
+                128,
+                libc::PROT_READ | libc::PROT_WRITE,
+                libc::MAP_PRIVATE | libc::MAP_ANONYMOUS,
+                -1,
+                0,
+            )
+        };
+        assert_ne!(addr, libc::MAP_FAILED);
+
+        let memory_region = kvm_enc_region {
+            addr: addr as _,
+            size: 128,
+        };
+        assert!(vm.register_enc_memory_region(&memory_region).is_ok());
+        assert!(vm.unregister_enc_memory_region(&memory_region).is_ok());
+    }
 }