selftests/powerpc: Add test to verify rfi flush across a system call
authorNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Mon, 21 May 2018 15:13:57 +0000 (20:43 +0530)
committerMichael Ellerman <mpe@ellerman.id.au>
Sat, 20 Oct 2018 02:26:47 +0000 (13:26 +1100)
This adds a test to verify proper functioning of the rfi flush
capability implemented to mitigate meltdown. The test works by
measuring the number of L1d cache misses encountered while loading
data from memory. Across a system call, since the L1d cache is flushed
when rfi_flush is enabled, the number of cache misses is expected to
be relative to the number of cachelines corresponding to the data
being loaded.

The current system setting is reflected via powerpc/rfi_flush under
debugfs (assumed to be /sys/kernel/debug/). This test verifies the
expected result with rfi_flush enabled as well as when it is disabled.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
[mpe: Add SPDX tags, clang format, skip if the debugfs is missing, use
 __u64 and SANE_USERSPACE_TYPES to avoid printf() build errors.]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
tools/testing/selftests/powerpc/Makefile
tools/testing/selftests/powerpc/include/utils.h
tools/testing/selftests/powerpc/security/Makefile [new file with mode: 0644]
tools/testing/selftests/powerpc/security/rfi_flush.c [new file with mode: 0644]
tools/testing/selftests/powerpc/utils.c

index 201b598558b9c89d3e3c2c6ff8a944f75aeeb8cb..b3ad909aefbcebe107a17ddcdadbbd286f18e3c2 100644 (file)
@@ -28,7 +28,8 @@ SUB_DIRS = alignment          \
           tm                   \
           vphn         \
           math         \
-          ptrace
+          ptrace       \
+          security
 
 endif
 
index da1b963cdb322ee506372287da192e49e05fb26d..49621822d7c31b242866c3e461263f817806cde1 100644 (file)
@@ -11,6 +11,7 @@
 #include <stdint.h>
 #include <stdbool.h>
 #include <linux/auxvec.h>
+#include <linux/perf_event.h>
 #include "reg.h"
 
 /* Avoid headaches with PRI?64 - just use %ll? always */
@@ -31,6 +32,15 @@ void *get_auxv_entry(int type);
 
 int pick_online_cpu(void);
 
+int read_debugfs_file(char *debugfs_file, int *result);
+int write_debugfs_file(char *debugfs_file, int result);
+void set_dscr(unsigned long val);
+int perf_event_open_counter(unsigned int type,
+                           unsigned long config, int group_fd);
+int perf_event_enable(int fd);
+int perf_event_disable(int fd);
+int perf_event_reset(int fd);
+
 static inline bool have_hwcap(unsigned long ftr)
 {
        return ((unsigned long)get_auxv_entry(AT_HWCAP) & ftr) == ftr;
diff --git a/tools/testing/selftests/powerpc/security/Makefile b/tools/testing/selftests/powerpc/security/Makefile
new file mode 100644 (file)
index 0000000..44690f1
--- /dev/null
@@ -0,0 +1,9 @@
+# SPDX-License-Identifier: GPL-2.0+
+
+TEST_GEN_PROGS := rfi_flush
+
+CFLAGS += -I../../../../../usr/include
+
+include ../../lib.mk
+
+$(TEST_GEN_PROGS): ../harness.c ../utils.c
diff --git a/tools/testing/selftests/powerpc/security/rfi_flush.c b/tools/testing/selftests/powerpc/security/rfi_flush.c
new file mode 100644 (file)
index 0000000..564ed45
--- /dev/null
@@ -0,0 +1,132 @@
+// SPDX-License-Identifier: GPL-2.0+
+
+/*
+ * Copyright 2018 IBM Corporation.
+ */
+
+#define __SANE_USERSPACE_TYPES__
+
+#include <sys/types.h>
+#include <stdint.h>
+#include <malloc.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include "utils.h"
+
+#define CACHELINE_SIZE 128
+
+struct perf_event_read {
+       __u64 nr;
+       __u64 l1d_misses;
+};
+
+static inline __u64 load(void *addr)
+{
+       __u64 tmp;
+
+       asm volatile("ld %0,0(%1)" : "=r"(tmp) : "b"(addr));
+
+       return tmp;
+}
+
+static void syscall_loop(char *p, unsigned long iterations,
+                        unsigned long zero_size)
+{
+       for (unsigned long i = 0; i < iterations; i++) {
+               for (unsigned long j = 0; j < zero_size; j += CACHELINE_SIZE)
+                       load(p + j);
+               getppid();
+       }
+}
+
+int rfi_flush_test(void)
+{
+       char *p;
+       int repetitions = 10;
+       int fd, passes = 0, iter, rc = 0;
+       struct perf_event_read v;
+       __u64 l1d_misses_total = 0;
+       unsigned long iterations = 100000, zero_size = 24 * 1024;
+       int rfi_flush_org, rfi_flush;
+
+       SKIP_IF(geteuid() != 0);
+
+       if (read_debugfs_file("powerpc/rfi_flush", &rfi_flush_org)) {
+               perror("Unable to read powerpc/rfi_flush debugfs file");
+               SKIP_IF(1);
+       }
+
+       rfi_flush = rfi_flush_org;
+
+       fd = perf_event_open_counter(PERF_TYPE_RAW, /* L1d miss */ 0x400f0, -1);
+       FAIL_IF(fd < 0);
+
+       p = (char *)memalign(zero_size, CACHELINE_SIZE);
+
+       FAIL_IF(perf_event_enable(fd));
+
+       set_dscr(1);
+
+       iter = repetitions;
+
+again:
+       FAIL_IF(perf_event_reset(fd));
+
+       syscall_loop(p, iterations, zero_size);
+
+       FAIL_IF(read(fd, &v, sizeof(v)) != sizeof(v));
+
+       /* Expect at least zero_size/CACHELINE_SIZE misses per iteration */
+       if (v.l1d_misses >= (iterations * zero_size / CACHELINE_SIZE) && rfi_flush)
+               passes++;
+       else if (v.l1d_misses < iterations && !rfi_flush)
+               passes++;
+
+       l1d_misses_total += v.l1d_misses;
+
+       while (--iter)
+               goto again;
+
+       if (passes < repetitions) {
+               printf("FAIL (L1D misses with rfi_flush=%d: %llu %c %lu) [%d/%d failures]\n",
+                      rfi_flush, l1d_misses_total, rfi_flush ? '<' : '>',
+                      rfi_flush ? (repetitions * iterations * zero_size / CACHELINE_SIZE) : iterations,
+                      repetitions - passes, repetitions);
+               rc = 1;
+       } else
+               printf("PASS (L1D misses with rfi_flush=%d: %llu %c %lu) [%d/%d pass]\n",
+                      rfi_flush, l1d_misses_total, rfi_flush ? '>' : '<',
+                      rfi_flush ? (repetitions * iterations * zero_size / CACHELINE_SIZE) : iterations,
+                      passes, repetitions);
+
+       if (rfi_flush == rfi_flush_org) {
+               rfi_flush = !rfi_flush_org;
+               if (write_debugfs_file("powerpc/rfi_flush", rfi_flush) < 0) {
+                       perror("error writing to powerpc/rfi_flush debugfs file");
+                       return 1;
+               }
+               iter = repetitions;
+               l1d_misses_total = 0;
+               passes = 0;
+               goto again;
+       }
+
+       perf_event_disable(fd);
+       close(fd);
+
+       set_dscr(0);
+
+       if (write_debugfs_file("powerpc/rfi_flush", rfi_flush_org) < 0) {
+               perror("unable to restore original value of powerpc/rfi_flush debugfs file");
+               return 1;
+       }
+
+       return rc;
+}
+
+int main(int argc, char *argv[])
+{
+       return test_harness(rfi_flush_test, "rfi_flush_test");
+}
index aa8fc1e6365bf8e047b3cf4d49a6eded6e5837fd..43c342845be0ee1326214319ce8dabb64a958e94 100644 (file)
 #include <fcntl.h>
 #include <link.h>
 #include <sched.h>
+#include <signal.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
+#include <sys/ioctl.h>
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/utsname.h>
 #include <unistd.h>
+#include <asm/unistd.h>
+#include <linux/limits.h>
 
 #include "utils.h"
 
 static char auxv[4096];
+extern unsigned int dscr_insn[];
 
 int read_auxv(char *buf, ssize_t buf_size)
 {
@@ -121,3 +127,149 @@ bool is_ppc64le(void)
 
        return strcmp(uts.machine, "ppc64le") == 0;
 }
+
+int read_debugfs_file(char *debugfs_file, int *result)
+{
+       int rc = -1, fd;
+       char path[PATH_MAX];
+       char value[16];
+
+       strcpy(path, "/sys/kernel/debug/");
+       strncat(path, debugfs_file, PATH_MAX - strlen(path) - 1);
+
+       if ((fd = open(path, O_RDONLY)) < 0)
+               return rc;
+
+       if ((rc = read(fd, value, sizeof(value))) < 0)
+               return rc;
+
+       value[15] = 0;
+       *result = atoi(value);
+       close(fd);
+
+       return 0;
+}
+
+int write_debugfs_file(char *debugfs_file, int result)
+{
+       int rc = -1, fd;
+       char path[PATH_MAX];
+       char value[16];
+
+       strcpy(path, "/sys/kernel/debug/");
+       strncat(path, debugfs_file, PATH_MAX - strlen(path) - 1);
+
+       if ((fd = open(path, O_WRONLY)) < 0)
+               return rc;
+
+       snprintf(value, 16, "%d", result);
+
+       if ((rc = write(fd, value, strlen(value))) < 0)
+               return rc;
+
+       close(fd);
+
+       return 0;
+}
+
+static long perf_event_open(struct perf_event_attr *hw_event, pid_t pid,
+               int cpu, int group_fd, unsigned long flags)
+{
+       return syscall(__NR_perf_event_open, hw_event, pid, cpu,
+                     group_fd, flags);
+}
+
+static void perf_event_attr_init(struct perf_event_attr *event_attr,
+                                       unsigned int type,
+                                       unsigned long config)
+{
+       memset(event_attr, 0, sizeof(*event_attr));
+
+       event_attr->type = type;
+       event_attr->size = sizeof(struct perf_event_attr);
+       event_attr->config = config;
+       event_attr->read_format = PERF_FORMAT_GROUP;
+       event_attr->disabled = 1;
+       event_attr->exclude_kernel = 1;
+       event_attr->exclude_hv = 1;
+       event_attr->exclude_guest = 1;
+}
+
+int perf_event_open_counter(unsigned int type,
+                           unsigned long config, int group_fd)
+{
+       int fd;
+       struct perf_event_attr event_attr;
+
+       perf_event_attr_init(&event_attr, type, config);
+
+       fd = perf_event_open(&event_attr, 0, -1, group_fd, 0);
+
+       if (fd < 0)
+               perror("perf_event_open() failed");
+
+       return fd;
+}
+
+int perf_event_enable(int fd)
+{
+       if (ioctl(fd, PERF_EVENT_IOC_ENABLE, PERF_IOC_FLAG_GROUP) == -1) {
+               perror("error while enabling perf events");
+               return -1;
+       }
+
+       return 0;
+}
+
+int perf_event_disable(int fd)
+{
+       if (ioctl(fd, PERF_EVENT_IOC_DISABLE, PERF_IOC_FLAG_GROUP) == -1) {
+               perror("error disabling perf events");
+               return -1;
+       }
+
+       return 0;
+}
+
+int perf_event_reset(int fd)
+{
+       if (ioctl(fd, PERF_EVENT_IOC_RESET, PERF_IOC_FLAG_GROUP) == -1) {
+               perror("error resetting perf events");
+               return -1;
+       }
+
+       return 0;
+}
+
+static void sigill_handler(int signr, siginfo_t *info, void *unused)
+{
+       static int warned = 0;
+       ucontext_t *ctx = (ucontext_t *)unused;
+       unsigned long *pc = &UCONTEXT_NIA(ctx);
+
+       if (*pc == (unsigned long)&dscr_insn) {
+               if (!warned++)
+                       printf("WARNING: Skipping over dscr setup. Consider running 'ppc64_cpu --dscr=1' manually.\n");
+               *pc += 4;
+       } else {
+               printf("SIGILL at %p\n", pc);
+               abort();
+       }
+}
+
+void set_dscr(unsigned long val)
+{
+       static int init = 0;
+       struct sigaction sa;
+
+       if (!init) {
+               memset(&sa, 0, sizeof(sa));
+               sa.sa_sigaction = sigill_handler;
+               sa.sa_flags = SA_SIGINFO;
+               if (sigaction(SIGILL, &sa, NULL))
+                       perror("sigill_handler");
+               init = 1;
+       }
+
+       asm volatile("dscr_insn: mtspr %1,%0" : : "r" (val), "i" (SPRN_DSCR));
+}