|
Xen Test Framework
|
Index of all tests, sorted by category.
Example - A hello-world example, more as a development reference than useful test.
Selftest - A set of sanity tests of the framework environment and functionality.
CPUID Faulting support - Guest CPUID Faulting support.
FPU Exception Emulation - FPU Exception Emulation. Covers XSA-190.
Invlpg Handling - invlpg instruction behaviour.
LBR/TSX VMentry failure - Haswell and later LBR/TSX Vmentry failure test.
Live Patch Privilege Check - Live Patch Privilege Check.
Long Mode #TS exception - Long Mode #TS exception.
Memory operand and segment emulation - Memory operand and segment interaction test.
NMI Taskswitch with increasing privilege - Task Gate handling of interrupts.
PV FSGSBASE behaviour - FSGSBASE behaviour for PV guests.
PV IOPL Emulation - IOPL emulation for PV guests.
Software Interrupt Emulation - Software interrupt emulation for HVM guests. Coveres XSA-106 and XSA-156.
User-Mode Instruction Prevention - Guest User-Mode Instruction Prevention support.
XSA-44 - See XSA-339.
XSA-106 - See Software Interrupt Emulation.
XSA-122 - Hypervisor stack leak via xen_version() hypercall.
XSA-123 - Hypervisor memory corruption due to x86 emulator flaw.
XSA-156 - See Software Interrupt Emulation.
XSA-167 - PV superpage sanity checks.
XSA-168 - invvpid non-canonical guest address.
XSA-170 - VMX: guest user mode may crash guest with non-canonical RIP.
XSA-173 - x86 shadow pagetables: address width overflow.
XSA-182 - x86: Privilege escalation in PV guests.
XSA-183 - x86: Missing SMAP whitelisting in 32-bit exception / event delivery.
XSA-185 - x86: Disallow L3 recursive pagetable for 32-bit PV guests.
XSA-186 - x86: Mishandling of instruction pointer truncation during emulation.
XSA-188 - use after free in FIFO event channel code.
XSA-190 - See FPU Exception Emulation.
XSA-191 - x86: Null segments not always treated as unusable.
XSA-192 - x86: Task switch to VM86 mode mis-handled.
XSA-193 - x86: Segment base write emulation lacking canonical address checks.
XSA-194 - Guest 32-bit ELF symbol table load leaking host data.
XSA-195 - x86: 64-bit bit test instruction emulation broken.
XSA-196 - x86: Software interrupt injection mis-handled.
XSA-200 - x86: CMPXCHG8B emulation fails to ignore operand size override.
XSA-203 - x86: missing NULL pointer check in VMFUNC emulation.
XSA-204 - x86: Mishandling of SYSCALL singlestep during emulation.
XSA-212 - x86: broken check in memory_exchange() permits PV guest breakout.
XSA-213 - multicall: deal with early exit conditions.
XSA-221 - NULL pointer deref in event channel poll.
XSA-224 - grant table operations mishandle reference counts.
XSA-227 - x86: PV privilege escalation via map_grant_ref.
XSA-231 - Missing NUMA node parameter verification.
XSA-232 - Missing check for grant table.
XSA-234 - insufficient grant unmapping checks for x86 PV guests.
XSA-239 - hypervisor stack leak in x86 I/O intercept code.
XSA-255 - grant table v2 -> v1 transition may crash Xen.
XSA-259 - x86: PV guest may crash Xen with XPTI.
XSA-260 - x86: mishandling of debug exceptions.
XSA-261 - vHPET interrupt injection memory corruption.
XSA-265 - x86: #DB exception safety check can be triggered by a guest.
XSA-269 - x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS.
XSA-277 - x86: incorrect error handling for guest p2m page removals.
XSA-278 - x86: Nested VT-x usable even when disabled.
XSA-279 - x86: DoS from attempting to use INVPCID with a non-canonical addresses.
XSA-286 - x86 PV guest INVLPG-like flushes may leave stale TLB entries.
XSA-293 - See PV FSGSBASE behaviour.
XSA-296 - VCPUOP_initialise DoS.
XSA-298 - missing descriptor table limit checking in x86 PV emulation.
XSA-304 - x86: Machine Check Error on Page Size Change DoS.
CONSOLEIO_write stack overflow - CONSOLEIO_write stack overflow.
XSA-308 - VMX: VMentry failure with debug exceptions and blocked states.
XSA-316 - Bad error path in GNTTABOP_map_grant.
XSA-317 - Incorrect error handling in event channel port allocation.
XSA-333 - x86 pv: Crash when handling guest access to MSR_MISC_ENABLE.
XSA-339 - x86 pv guest kernel DoS via SYSENTER.
XSA-444 - x86/AMD: Debug Mask handling.
XSA-451 - x86: shadow stack vs exceptions from emulation stubs.
XSA-454 - x86 HVM hypercalls may trigger Xen bug check.
CPUID - Print CPUID information.
FEP - Test availability of HVM Forced Emulation Prefix.
MSR - Print MSR information.
rtm-check - Probe for the RTM behaviour.
Debug register and control tests - Debugging facility tests.
Nested SVM - Nested SVM tests.
Nested VT-x - Nested VT-x tests.
1.9.4