Add initial minimal nested-svm-vmrun testcase#1
Open
bernhardkaindl wants to merge 1 commit into
Open
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new in-development XTF test intended to smoke-test Xen’s nested SVM support by entering an L2 guest via VMRUN using a minimal VMCB definition and a small assembly trampoline.
Changes:
- Introduces a new
nested-svm-vmruntest target (Makefile + Xen config snippet). - Adds a minimal VMCB layout header with compile-time offset/size checks.
- Implements the L1/L2 test logic in C plus an SVM
VMLOAD/VMRUN/VMSAVEtrampoline in assembly, and wires the test into the documentation index.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/nested-svm-vmrun/vmcb.h | Minimal VMCB struct layout + intercept/exitcode constants for the new test. |
| tests/nested-svm-vmrun/Makefile | Registers the new test build target and objects. |
| tests/nested-svm-vmrun/main.c | Implements L1 setup and L2 entry/handshake logic using a constructed VMCB. |
| tests/nested-svm-vmrun/extra.cfg.in | Enables nested HVM for the test domain. |
| tests/nested-svm-vmrun/entry.S | Provides the svm_vmrun() trampoline executing VMLOAD/VMRUN/VMSAVE. |
| docs/all-tests.dox | Adds the new test page to the global test list. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
bernhardkaindl
force-pushed
the
nested-svm-vmrun-0.1
branch
2 times, most recently
from
dd9f8a3 to
33d50b7
Compare
bernhardkaindl
force-pushed
the
nested-svm-vmrun-0.1
branch
from
3cfd6ee to
c9bb971
Compare
Based on an initial experiment by Ross Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: Bernhard Kaindl <bernhard.kaindl@citrix.com>
bernhardkaindl
force-pushed
the
nested-svm-vmrun-0.1
branch
from
c9bb971 to
1c3bbd8
Compare
Author
|
As I saw no further issues, I opened a PR for Andy's in repo: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Based on an initial experiment by Ross with these changes (summary):
vmcb.h: replaced the GPL-only 640-line copy of Xen's vmcb_struct (with all its bit-fields, unions and VMCB_ACCESSORS macros) with a 128-line BSD-licensed minimal struct vmcb. Only the fields the test actually uses are named; reserved areas are kept as anonymous padding. _Static_asserts pin all named fields to their architectural offsets per the AMD APM Vol. 2 Appendix B layout.main.c: dropped the horrible vmcb_set_* accessors in favour of plain field assignments (l2_vmcb.cr3 = read_cr3();). Replaced the lidt + ud2 shutdown trick (which depended on SHUTDOWN intercept) with a clean L2 → L1 handshake: L2 writes a sentinel, executes HLT (intercepted), L1 verifies both the exit code and the sentinel. Removed dead code (l2_cpuinfo, the GDT/TSS plumbing the test never used, the result/shutdown_ptr globals, the #if 0 block).entry.S: collapsed the 100-line l2_cpuinfo save/restore (which was never populated from C) to a 6-instruction trampoline. Documented why VMSAVE/VMLOAD of the L2 VMCB bracket the VMRUN.setup.c: restored the original xen_console_write body — the L2-side console garbling went away once L2 stopped trying to invoke the inherited Xen hypercall page (in Xen's nested-SVM model, VMMCALL from L2 unconditionally exits to L1, so L2 cannot hit Xen's hypercall path; the new test sticks to a pure HLT exit)Signed-off-by: Ross Lagerwall ross.lagerwall@citrix.com
Signed-off-by: Bernhard Kaindl bernhard.kaindl@citrix.com