x86: access: Add test for illegal toggling of CR4.LA57 in 64-bit mode

Add a test to verify that KVM correctly injects a #GP if the guest
attempts to toggle CR4.LA57 while 64-bit mode is active.  Use two
versions of the toggling, one to toggle only LA57 and a second to toggle
PSE in addition to LA57.  KVM doesn't intercept LA57, i.e. toggling only
LA57 effectively tests the CPU, not KVM.  Use PSE as the whipping boy as
it will not trigger a #GP on its own, is universally available, is
ignored in 64-bit mode, and most importantly is trapped by KVM.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200703021903.5683-1-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

2 files changed, 13 insertions, 0 deletions

diff --git a/lib/x86/processor.h b/lib/x86/processor.h
index 6e0811e..74a2498 100644
--- a/lib/x86/processor.h
+++ b/lib/x86/processor.h
@@ -44,6 +44,7 @@
 #define X86_CR4_PGE    0x00000080
 #define X86_CR4_PCE    0x00000100
 #define X86_CR4_UMIP   0x00000800
+#define X86_CR4_LA57   0x00001000
 #define X86_CR4_VMXE   0x00002000
 #define X86_CR4_PCIDE  0x00020000
 #define X86_CR4_SMEP   0x00100000
diff --git a/x86/access.c b/x86/access.c
index ac879c3..7dc9eb6 100644
--- a/x86/access.c
+++ b/x86/access.c
@@ -1004,6 +1004,18 @@ static int ac_test_run(void)
 	}
     }
 
+    /* Toggling LA57 in 64-bit mode (guaranteed for this test) is illegal. */
+    if (this_cpu_has(X86_FEATURE_LA57)) {
+        tests++;
+        if (write_cr4_checking(shadow_cr4 ^ X86_CR4_LA57) == GP_VECTOR)
+            successes++;
+
+        /* Force a VM-Exit on KVM, which doesn't intercept LA57 itself. */
+        tests++;
+        if (write_cr4_checking(shadow_cr4 ^ (X86_CR4_LA57 | X86_CR4_PSE)) == GP_VECTOR)
+            successes++;
+    }
+
     ac_env_int(&pool);
     ac_test_init(&at, (void *)(0x123400000000 + 16 * smp_id()));
     do {