Rename symbols for better clarity:
* 'eenter' -> 'vdso_sgx_enter_enclave'
* 'sgx_call_vdso' -> 'sgx_enter_enclave'
Signed-off-by: Jarkko Sakkinen <[email protected]>
---
v2:
Refined thh renames just a bit.
tools/testing/selftests/sgx/call.S | 6 +++---
tools/testing/selftests/sgx/main.c | 25 +++++++++++++------------
tools/testing/selftests/sgx/main.h | 4 ++--
3 files changed, 18 insertions(+), 17 deletions(-)
diff --git a/tools/testing/selftests/sgx/call.S b/tools/testing/selftests/sgx/call.S
index 4ecadc7490f4..b09a25890f3b 100644
--- a/tools/testing/selftests/sgx/call.S
+++ b/tools/testing/selftests/sgx/call.S
@@ -5,8 +5,8 @@
.text
- .global sgx_call_vdso
-sgx_call_vdso:
+ .global sgx_enter_enclave
+sgx_enter_enclave:
.cfi_startproc
push %r15
.cfi_adjust_cfa_offset 8
@@ -27,7 +27,7 @@ sgx_call_vdso:
.cfi_adjust_cfa_offset 8
push 0x38(%rsp)
.cfi_adjust_cfa_offset 8
- call *eenter(%rip)
+ call *vdso_sgx_enter_enclave(%rip)
add $0x10, %rsp
.cfi_adjust_cfa_offset -0x10
pop %rbx
diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
index d304a4044eb9..43da68388e25 100644
--- a/tools/testing/selftests/sgx/main.c
+++ b/tools/testing/selftests/sgx/main.c
@@ -21,7 +21,7 @@
#include "../kselftest.h"
static const uint64_t MAGIC = 0x1122334455667788ULL;
-vdso_sgx_enter_enclave_t eenter;
+vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave;
struct vdso_symtab {
Elf64_Sym *elf_symtab;
@@ -149,7 +149,7 @@ int main(int argc, char *argv[])
{
struct sgx_enclave_run run;
struct vdso_symtab symtab;
- Elf64_Sym *eenter_sym;
+ Elf64_Sym *sgx_enter_enclave_sym;
uint64_t result = 0;
struct encl encl;
unsigned int i;
@@ -194,29 +194,30 @@ int main(int argc, char *argv[])
if (!vdso_get_symtab(addr, &symtab))
goto err;
- eenter_sym = vdso_symtab_get(&symtab, "__vdso_sgx_enter_enclave");
- if (!eenter_sym)
+ sgx_enter_enclave_sym = vdso_symtab_get(&symtab, "__vdso_sgx_enter_enclave");
+ if (!sgx_enter_enclave_sym)
goto err;
- eenter = addr + eenter_sym->st_value;
+ vdso_sgx_enter_enclave = addr + sgx_enter_enclave_sym->st_value;
- ret = sgx_call_vdso((void *)&MAGIC, &result, 0, EENTER, NULL, NULL, &run);
- if (!report_results(&run, ret, result, "sgx_call_vdso"))
+ ret = sgx_enter_enclave((void *)&MAGIC, &result, 0, EENTER,
+ NULL, NULL, &run);
+ if (!report_results(&run, ret, result, "sgx_enter_enclave_unclobbered"))
goto err;
/* Invoke the vDSO directly. */
result = 0;
- ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER,
- 0, 0, &run);
- if (!report_results(&run, ret, result, "eenter"))
+ ret = vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result,
+ 0, EENTER, 0, 0, &run);
+ if (!report_results(&run, ret, result, "sgx_enter_enclave"))
goto err;
/* And with an exit handler. */
run.user_handler = (__u64)user_handler;
run.user_data = 0xdeadbeef;
- ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER,
- 0, 0, &run);
+ ret = vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result,
+ 0, EENTER, 0, 0, &run);
if (!report_results(&run, ret, result, "user_handler"))
goto err;
diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h
index 67211a708f04..68672fd86cf9 100644
--- a/tools/testing/selftests/sgx/main.h
+++ b/tools/testing/selftests/sgx/main.h
@@ -35,7 +35,7 @@ bool encl_load(const char *path, struct encl *encl);
bool encl_measure(struct encl *encl);
bool encl_build(struct encl *encl);
-int sgx_call_vdso(void *rdi, void *rsi, long rdx, u32 function, void *r8, void *r9,
- struct sgx_enclave_run *run);
+int sgx_enter_enclave(void *rdi, void *rsi, long rdx, u32 function, void *r8, void *r9,
+ struct sgx_enclave_run *run);
#endif /* MAIN_H */
--
2.31.1
Migrate to kselftest harness. Use a fixture test with enclave initialized
and de-initialized for each of the existing three tests, in other words:
1. One FIXTURE() for managing the enclave life-cycle.
2. Three TEST_F()'s, one for each test case.
This gives a leaps better reporting than before. Here's an example
transcript:
TAP version 13
1..3
0x0000000000000000 0x0000000000002000 0x03
0x0000000000002000 0x0000000000001000 0x05
0x0000000000003000 0x0000000000003000 0x03
ok 1 enclave.unclobbered_vdso
0x0000000000000000 0x0000000000002000 0x03
0x0000000000002000 0x0000000000001000 0x05
0x0000000000003000 0x0000000000003000 0x03
ok 2 enclave.clobbered_vdso
0x0000000000000000 0x0000000000002000 0x03
0x0000000000002000 0x0000000000001000 0x05
0x0000000000003000 0x0000000000003000 0x03
ok 3 enclave.clobbered_vdso_and_user_function
Signed-off-by: Jarkko Sakkinen <[email protected]>
---
v4:
* Refine to take better use of the kselftest harness macros.
* Fix: TCS base address was not initialized for a run struct.
v3:
* Use helper macros.
v2:
* Add the missing string argument to ksft_test_result_pass() and
ksft_test_result_fail() calls.
tools/testing/selftests/sgx/main.c | 163 ++++++++++++++---------------
1 file changed, 78 insertions(+), 85 deletions(-)
diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
index 43da68388e25..2a29883179e1 100644
--- a/tools/testing/selftests/sgx/main.c
+++ b/tools/testing/selftests/sgx/main.c
@@ -18,7 +18,7 @@
#include <sys/auxv.h>
#include "defines.h"
#include "main.h"
-#include "../kselftest.h"
+#include "../kselftest_harness.h"
static const uint64_t MAGIC = 0x1122334455667788ULL;
vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave;
@@ -107,85 +107,42 @@ static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name)
return NULL;
}
-bool report_results(struct sgx_enclave_run *run, int ret, uint64_t result,
- const char *test)
-{
- bool valid = true;
-
- if (ret) {
- printf("FAIL: %s() returned: %d\n", test, ret);
- valid = false;
- }
-
- if (run->function != EEXIT) {
- printf("FAIL: %s() function, expected: %u, got: %u\n", test, EEXIT,
- run->function);
- valid = false;
- }
-
- if (result != MAGIC) {
- printf("FAIL: %s(), expected: 0x%lx, got: 0x%lx\n", test, MAGIC,
- result);
- valid = false;
- }
-
- if (run->user_data) {
- printf("FAIL: %s() user data, expected: 0x0, got: 0x%llx\n",
- test, run->user_data);
- valid = false;
- }
-
- return valid;
-}
-
-static int user_handler(long rdi, long rsi, long rdx, long ursp, long r8, long r9,
- struct sgx_enclave_run *run)
-{
- run->user_data = 0;
- return 0;
-}
+FIXTURE(enclave) {
+ struct encl encl;
+ struct sgx_enclave_run run;
+};
-int main(int argc, char *argv[])
+FIXTURE_SETUP(enclave)
{
- struct sgx_enclave_run run;
+ Elf64_Sym *sgx_enter_enclave_sym = NULL;
struct vdso_symtab symtab;
- Elf64_Sym *sgx_enter_enclave_sym;
- uint64_t result = 0;
- struct encl encl;
unsigned int i;
void *addr;
- int ret;
- memset(&run, 0, sizeof(run));
-
- if (!encl_load("test_encl.elf", &encl)) {
- encl_delete(&encl);
+ if (!encl_load("test_encl.elf", &self->encl)) {
+ encl_delete(&self->encl);
ksft_exit_skip("cannot load enclaves\n");
}
- if (!encl_measure(&encl))
+ if (!encl_measure(&self->encl))
goto err;
- if (!encl_build(&encl))
+ if (!encl_build(&self->encl))
goto err;
/*
* An enclave consumer only must do this.
*/
- for (i = 0; i < encl.nr_segments; i++) {
- struct encl_segment *seg = &encl.segment_tbl[i];
-
- addr = mmap((void *)encl.encl_base + seg->offset, seg->size,
- seg->prot, MAP_SHARED | MAP_FIXED, encl.fd, 0);
- if (addr == MAP_FAILED) {
- perror("mmap() segment failed");
- exit(KSFT_FAIL);
- }
+ for (i = 0; i < self->encl.nr_segments; i++) {
+ struct encl_segment *seg = &self->encl.segment_tbl[i];
+
+ addr = mmap((void *)self->encl.encl_base + seg->offset, seg->size,
+ seg->prot, MAP_SHARED | MAP_FIXED, self->encl.fd, 0);
+ EXPECT_NE(addr, MAP_FAILED);
+ if (addr == MAP_FAILED)
+ goto err;
}
- memset(&run, 0, sizeof(run));
- run.tcs = encl.encl_base;
-
/* Get vDSO base address */
addr = (void *)getauxval(AT_SYSINFO_EHDR);
if (!addr)
@@ -200,32 +157,68 @@ int main(int argc, char *argv[])
vdso_sgx_enter_enclave = addr + sgx_enter_enclave_sym->st_value;
- ret = sgx_enter_enclave((void *)&MAGIC, &result, 0, EENTER,
- NULL, NULL, &run);
- if (!report_results(&run, ret, result, "sgx_enter_enclave_unclobbered"))
- goto err;
+ memset(&self->run, 0, sizeof(self->run));
+ self->run.tcs = self->encl.encl_base;
+err:
+ if (!sgx_enter_enclave_sym)
+ encl_delete(&self->encl);
- /* Invoke the vDSO directly. */
- result = 0;
- ret = vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result,
- 0, EENTER, 0, 0, &run);
- if (!report_results(&run, ret, result, "sgx_enter_enclave"))
- goto err;
+ ASSERT_NE(sgx_enter_enclave_sym, NULL);
+}
- /* And with an exit handler. */
- run.user_handler = (__u64)user_handler;
- run.user_data = 0xdeadbeef;
- ret = vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result,
- 0, EENTER, 0, 0, &run);
- if (!report_results(&run, ret, result, "user_handler"))
- goto err;
+FIXTURE_TEARDOWN(enclave)
+{
+ encl_delete(&self->encl);
+ vdso_sgx_enter_enclave = NULL;
+}
- printf("SUCCESS\n");
- encl_delete(&encl);
- exit(KSFT_PASS);
-err:
- encl_delete(&encl);
- exit(KSFT_FAIL);
+TEST_F(enclave, unclobbered_vdso)
+{
+ uint64_t result = 0;
+
+ EXPECT_EQ(sgx_enter_enclave((void *)&MAGIC, &result, 0, EENTER, NULL, NULL, &self->run), 0);
+
+ EXPECT_EQ(result, MAGIC);
+ EXPECT_EQ(self->run.function, EEXIT);
+ EXPECT_EQ(self->run.user_data, 0);
+}
+
+TEST_F(enclave, clobbered_vdso)
+{
+ uint64_t result = 0;
+
+ EXPECT_EQ(vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result, 0,
+ EENTER, 0, 0, &self->run), 0);
+
+
+ EXPECT_EQ(result, MAGIC);
+ EXPECT_EQ(self->run.function, EEXIT);
+ EXPECT_EQ(self->run.user_data, 0);
}
+
+static int test_handler(long rdi, long rsi, long rdx, long ursp, long r8, long r9,
+ struct sgx_enclave_run *run)
+{
+ run->user_data = 0;
+
+ return 0;
+}
+
+TEST_F(enclave, clobbered_vdso_and_user_function)
+{
+ uint64_t result = 0;
+
+ self->run.user_handler = (__u64)test_handler;
+ self->run.user_data = 0xdeadbeef;
+
+ EXPECT_EQ(vdso_sgx_enter_enclave((unsigned long)&MAGIC, (unsigned long)&result, 0,
+ EENTER, 0, 0, &self->run), 0);
+
+ EXPECT_EQ(result, MAGIC);
+ EXPECT_EQ(self->run.function, EEXIT);
+ EXPECT_EQ(self->run.user_data, 0);
+}
+
+TEST_HARNESS_MAIN
--
2.31.1
Hi Jarkko,
On 5/7/2021 8:56 PM, Jarkko Sakkinen wrote:
> Migrate to kselftest harness. Use a fixture test with enclave initialized
> and de-initialized for each of the existing three tests, in other words:
>
> 1. One FIXTURE() for managing the enclave life-cycle.
> 2. Three TEST_F()'s, one for each test case.
These changes make it easier to add tests and I think it is a valuable
addition.
>
> This gives a leaps better reporting than before. Here's an example
> transcript:
>
> TAP version 13
> 1..3
> 0x0000000000000000 0x0000000000002000 0x03
> 0x0000000000002000 0x0000000000001000 0x05
> 0x0000000000003000 0x0000000000003000 0x03
> ok 1 enclave.unclobbered_vdso
> 0x0000000000000000 0x0000000000002000 0x03
> 0x0000000000002000 0x0000000000001000 0x05
> 0x0000000000003000 0x0000000000003000 0x03
> ok 2 enclave.clobbered_vdso
> 0x0000000000000000 0x0000000000002000 0x03
> 0x0000000000002000 0x0000000000001000 0x05
> 0x0000000000003000 0x0000000000003000 0x03
> ok 3 enclave.clobbered_vdso_and_user_function
>
The output claims to conform to TAP13 but it does not seem as though all
of the output conforms to TAP13. I assume such output would confuse
automated systems.
Reinette
On 5/7/21 8:56 PM, Jarkko Sakkinen wrote:
> Rename symbols for better clarity:
>
> * 'eenter' -> 'vdso_sgx_enter_enclave'
> * 'sgx_call_vdso' -> 'sgx_enter_enclave'
Another sentence or two here would do wonders:
'eenter' might be confused for directly calling ENCLU[EENTER]. It does
not. It calls into the VDSO, which actually has the EENTER instruction.
'sgx_call_vdso' is *only* used for entering the enclave. It's not some
generic SGX call into the VDSO.
Make the naming reflect that.
Right?
On Tue, May 11, 2021 at 11:42:49AM -0700, Reinette Chatre wrote:
> Hi Jarkko,
>
> On 5/7/2021 8:56 PM, Jarkko Sakkinen wrote:
> > Migrate to kselftest harness. Use a fixture test with enclave initialized
> > and de-initialized for each of the existing three tests, in other words:
> >
> > 1. One FIXTURE() for managing the enclave life-cycle.
> > 2. Three TEST_F()'s, one for each test case.
>
> These changes make it easier to add tests and I think it is a valuable
> addition.
>
> >
> > This gives a leaps better reporting than before. Here's an example
> > transcript:
> >
> > TAP version 13
> > 1..3
> > 0x0000000000000000 0x0000000000002000 0x03
> > 0x0000000000002000 0x0000000000001000 0x05
> > 0x0000000000003000 0x0000000000003000 0x03
> > ok 1 enclave.unclobbered_vdso
> > 0x0000000000000000 0x0000000000002000 0x03
> > 0x0000000000002000 0x0000000000001000 0x05
> > 0x0000000000003000 0x0000000000003000 0x03
> > ok 2 enclave.clobbered_vdso
> > 0x0000000000000000 0x0000000000002000 0x03
> > 0x0000000000002000 0x0000000000001000 0x05
> > 0x0000000000003000 0x0000000000003000 0x03
> > ok 3 enclave.clobbered_vdso_and_user_function
> >
>
> The output claims to conform to TAP13 but it does not seem as though all of
> the output conforms to TAP13. I assume such output would confuse automated
> systems.
You mean
0x0000000000000000 0x0000000000002000 0x03
0x0000000000002000 0x0000000000001000 0x05
0x0000000000003000 0x0000000000003000 0x03
?
/Jarkko
>
On Tue, May 11, 2021 at 11:49:18AM -0700, Dave Hansen wrote:
> On 5/7/21 8:56 PM, Jarkko Sakkinen wrote:
> > Rename symbols for better clarity:
> >
> > * 'eenter' -> 'vdso_sgx_enter_enclave'
> > * 'sgx_call_vdso' -> 'sgx_enter_enclave'
>
> Another sentence or two here would do wonders:
>
> 'eenter' might be confused for directly calling ENCLU[EENTER]. It does
> not. It calls into the VDSO, which actually has the EENTER instruction.
>
> 'sgx_call_vdso' is *only* used for entering the enclave. It's not some
> generic SGX call into the VDSO.
>
> Make the naming reflect that.
>
> Right?
Agreed.
I'll spin off a yet new version of the series, taking also care
of the log messages that the enclave loader emits (Renette's
feedback). They should be wrapped with TH_LOG() macro I suppose.
/Jarkko
Hi Jarkko,
On 5/11/2021 6:10 PM, Jarkko Sakkinen wrote:
> On Tue, May 11, 2021 at 11:42:49AM -0700, Reinette Chatre wrote:
>> Hi Jarkko,
>>
>> On 5/7/2021 8:56 PM, Jarkko Sakkinen wrote:
>>> Migrate to kselftest harness. Use a fixture test with enclave initialized
>>> and de-initialized for each of the existing three tests, in other words:
>>>
>>> 1. One FIXTURE() for managing the enclave life-cycle.
>>> 2. Three TEST_F()'s, one for each test case.
>>
>> These changes make it easier to add tests and I think it is a valuable
>> addition.
>>
>>>
>>> This gives a leaps better reporting than before. Here's an example
>>> transcript:
>>>
>>> TAP version 13
>>> 1..3
>>> 0x0000000000000000 0x0000000000002000 0x03
>>> 0x0000000000002000 0x0000000000001000 0x05
>>> 0x0000000000003000 0x0000000000003000 0x03
>>> ok 1 enclave.unclobbered_vdso
>>> 0x0000000000000000 0x0000000000002000 0x03
>>> 0x0000000000002000 0x0000000000001000 0x05
>>> 0x0000000000003000 0x0000000000003000 0x03
>>> ok 2 enclave.clobbered_vdso
>>> 0x0000000000000000 0x0000000000002000 0x03
>>> 0x0000000000002000 0x0000000000001000 0x05
>>> 0x0000000000003000 0x0000000000003000 0x03
>>> ok 3 enclave.clobbered_vdso_and_user_function
>>>
>>
>> The output claims to conform to TAP13 but it does not seem as though all of
>> the output conforms to TAP13. I assume such output would confuse automated
>> systems.
>
> You mean
>
> 0x0000000000000000 0x0000000000002000 0x03
> 0x0000000000002000 0x0000000000001000 0x05
> 0x0000000000003000 0x0000000000003000 0x03
>
> ?
Yes
Reinette
On Wed, May 12, 2021 at 08:56:03AM -0700, Reinette Chatre wrote:
> Hi Jarkko,
>
> On 5/11/2021 6:10 PM, Jarkko Sakkinen wrote:
> > On Tue, May 11, 2021 at 11:42:49AM -0700, Reinette Chatre wrote:
> > > Hi Jarkko,
> > >
> > > On 5/7/2021 8:56 PM, Jarkko Sakkinen wrote:
> > > > Migrate to kselftest harness. Use a fixture test with enclave initialized
> > > > and de-initialized for each of the existing three tests, in other words:
> > > >
> > > > 1. One FIXTURE() for managing the enclave life-cycle.
> > > > 2. Three TEST_F()'s, one for each test case.
> > >
> > > These changes make it easier to add tests and I think it is a valuable
> > > addition.
> > >
> > > >
> > > > This gives a leaps better reporting than before. Here's an example
> > > > transcript:
> > > >
> > > > TAP version 13
> > > > 1..3
> > > > 0x0000000000000000 0x0000000000002000 0x03
> > > > 0x0000000000002000 0x0000000000001000 0x05
> > > > 0x0000000000003000 0x0000000000003000 0x03
> > > > ok 1 enclave.unclobbered_vdso
> > > > 0x0000000000000000 0x0000000000002000 0x03
> > > > 0x0000000000002000 0x0000000000001000 0x05
> > > > 0x0000000000003000 0x0000000000003000 0x03
> > > > ok 2 enclave.clobbered_vdso
> > > > 0x0000000000000000 0x0000000000002000 0x03
> > > > 0x0000000000002000 0x0000000000001000 0x05
> > > > 0x0000000000003000 0x0000000000003000 0x03
> > > > ok 3 enclave.clobbered_vdso_and_user_function
> > > >
> > >
> > > The output claims to conform to TAP13 but it does not seem as though all of
> > > the output conforms to TAP13. I assume such output would confuse automated
> > > systems.
> >
> > You mean
> >
> > 0x0000000000000000 0x0000000000002000 0x03
> > 0x0000000000002000 0x0000000000001000 0x05
> > 0x0000000000003000 0x0000000000003000 0x03
> >
> > ?
>
> Yes
Thanks, just sanity checking :-)
/Jarkko