[PATCH v5 5/9] KVM: selftests: Introduce SEV VM type check

In preparation for SNP, declutter the vm type check by introducing a SEV-SNP VM type check as well a transitive set of helper functions. The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP types are subset of the SEV VM type check. Signed-off-by: Pratik R. Sampat --- v4..v5 *

[PATCH v5 9/9] KVM: selftests: Add a basic SEV-SNP smoke test

Extend sev_smoke_test to also run a minimal SEV-SNP smoke test that initializes and sets up private memory regions required to run a simple SEV-SNP guest. Similar to its SEV-ES smoke test counterpart, this also does not support GHCB and ucall yet and uses the GHCB MSR protocol to trigger an exit o

[PATCH v5 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type

In preparation for SNP, cleanup the smoke test to decouple deriving type from policy. Introduce, wrappers for SEV and SEV-ES types to abstract the parametrized launch tests calls and reduce verbosity. No functional change intended. Signed-off-by: Pratik R. Sampat --- .../selftests/kvm/x86/sev_s

[PATCH v5 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type

Force the SEV-SNP VM type to set the KVM_MEM_GUEST_MEMFD flag for the creation of private memslots. Signed-off-by: Pratik R. Sampat --- tools/testing/selftests/kvm/lib/kvm_util.c | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c

[PATCH v5 6/9] KVM: selftests: Add library support for interacting with SNP

Extend the SEV library to include support for SNP ioctl() wrappers, which aid in launching and interacting with a SEV-SNP guest. Signed-off-by: Pratik R. Sampat --- v4..v5 * encrypt_region() cleanup of code flow * minor changes to comments --- --- tools/testing/selftests/kvm/include/x86/sev.h |

[PATCH v5 4/9] KVM: selftests: Add VMGEXIT helper

Abstract rep vmmcall coded into the VMGEXIT helper for the sev library. No functional change intended. Signed-off-by: Pratik R. Sampat --- tools/testing/selftests/kvm/include/x86/sev.h| 2 ++ tools/testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 2 files changed, 3 insertions(+), 1 deleti

[PATCH v5 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2

Add the X86_FEATURE_SNP CPU feature to the architectural definition for the SEV-SNP VM type to exercise the KVM_SEV_INIT2 call. Ensure that the SNP test is skipped in scenarios where CPUID supports it but KVM does not, preventing reporting of failure in such cases. Signed-off-by: Pratik R. Sampat

[PATCH v5 2/9] KVM: SEV: Disable SEV on platform init failure

If the platform initialization sev_platform_init() fails, SEV cannot be set up and a secure VM cannot be spawned. Therefore, in this case, ensure that KVM does not set up, nor advertise support for SEV, SEV-ES, and SEV-SNP. Suggested-by: Nikunj A Dadhania Signed-off-by: Pratik R. Sampat --- v4..

[PATCH v5 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure

On incompatible firmware versions, SEV-SNP support is pulled and the setup is not performed. However, the platform and subsequently the KVM capability may continue to advertise support for it. Disable support for SEV-SNP if the FW version validation fails. Fixes: 1dfe571c12cf ("KVM: SEV: Add initi

[PATCH v5 0/9] Basic SEV-SNP Selftests

This patch series extends the sev_init2 and the sev_smoke test to exercise the SEV-SNP VM launch workflow. Primarily, it introduces the architectural defines, its support in the SEV library and extends the tests to interact with the SEV-SNP ioctl() wrappers. Patch 1 - Do not advertize SNP on inco