Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp6463498ybf; Thu, 5 Mar 2020 21:33:16 -0800 (PST) X-Google-Smtp-Source: ADFU+vvOHmUSjZLeRg2N8WtKv22fb1xJ1dcDa2/dZYCCdb8SgQX5lAvB4TNQsqa7sjwjO50WU7ET X-Received: by 2002:a9d:6a9a:: with SMTP id l26mr1227381otq.104.1583472795864; Thu, 05 Mar 2020 21:33:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583472795; cv=none; d=google.com; s=arc-20160816; b=yopudnOfPhKJ5uwtLwxtRDr5N/d+QxF1iOOdxGzMmf9u0nuSet1MeqR1Lvjw5iCvJD AR0LZgFRpW/Pninvc0+CSxQIbJoxxzDPL9mUWAzhvajI0tFNh3aBCEFleu2RoldJdkY9 w8J3mPu5wGvafqbVvYpZMHAN8Lnl1njZhTIhKXOzfRgzZ1YAERVb++dK8j/c3Wsld6Lu H9ONCBiQn++u6NyiMMV8FjpyxzqsKay8E8aAUl9yXUEN7B2VCZwOi6zlgrYb0eQTJLDR VKMpB4iY2AFAK42dmK7XeTcxk0VcEyiBMdwlo4capIkdBAUTCBHXu+rchMKvjtRL/DeT AOdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=xjcQGyvmNaHfxTfo73etBPqmAg9sVr1EUCygLFnhy6A=; b=xOjvDYklwsOpXllkECQ5bUzOC81U+NUAjRuo3PSVm+2gDbligS9S9O8zxrXQ89R6pU 9YNCaBRT3uQUdVOQw9mQ1wlbDcWKKhitC5Tx5hfkqjemuvDcvH+SiSnZWTC5iOO1sTbe HEtPP7R9PmJclgQtPnlmYru+j1+jjowABW/9bOO88lzMwMySxH7DtPaBr9o/ojJ26WrB oI32TN9nco0HZRRTV42UKmtek3sFr4ojAKX6Z6thnvBd8MKUIiP1xFFMFu2STjnuUwx1 KD11FHMcErxHTgrvJoLQQPDD9IW0ACQeaTPsumNP8qDuUhVQ6kk4g+hElKBLEajqO2ee ddZg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v19si743107otq.57.2020.03.05.21.33.03; Thu, 05 Mar 2020 21:33:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725927AbgCFFci (ORCPT + 99 others); Fri, 6 Mar 2020 00:32:38 -0500 Received: from wind.enjellic.com ([76.10.64.91]:59354 "EHLO wind.enjellic.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725869AbgCFFci (ORCPT ); Fri, 6 Mar 2020 00:32:38 -0500 Received: from wind.enjellic.com (localhost [127.0.0.1]) by wind.enjellic.com (8.15.2/8.15.2) with ESMTP id 0265WBpF016522; Thu, 5 Mar 2020 23:32:11 -0600 Received: (from greg@localhost) by wind.enjellic.com (8.15.2/8.15.2/Submit) id 0265WAUZ016521; Thu, 5 Mar 2020 23:32:10 -0600 Date: Thu, 5 Mar 2020 23:32:10 -0600 From: "Dr. Greg" To: Jarkko Sakkinen Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-sgx@vger.kernel.org, akpm@linux-foundation.org, dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, haitao.huang@intel.com, andriy.shevchenko@linux.intel.com, tglx@linutronix.de, kai.svahn@intel.com, bp@alien8.de, josh@joshtriplett.org, luto@kernel.org, kai.huang@intel.com, rientjes@google.com, cedric.xing@intel.com, puiterwijk@redhat.com, linux-kselftest@vger.kernel.org Subject: Re: [PATCH v28 14/22] selftests/x86: Add a selftest for SGX Message-ID: <20200306053210.GA16297@wind.enjellic.com> Reply-To: "Dr. Greg" References: <20200303233609.713348-1-jarkko.sakkinen@linux.intel.com> <20200303233609.713348-15-jarkko.sakkinen@linux.intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200303233609.713348-15-jarkko.sakkinen@linux.intel.com> User-Agent: Mutt/1.4i X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.3 (wind.enjellic.com [127.0.0.1]); Thu, 05 Mar 2020 23:32:12 -0600 (CST) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 04, 2020 at 01:36:01AM +0200, Jarkko Sakkinen wrote: Good evening, I hope the end of the week is going well for everyone. > Add a selftest for SGX. It is a trivial test where a simple enclave > copies one 64-bit word of memory between two memory locations given > to the enclave as arguments. Use ENCLS[EENTER] to invoke the > enclave. Just as a clarification, are you testing the new driver against signed production class enclaves in .so format that also include metadata layout directives or is the driver just getting tested against the two page toy enclave that copies a word of memory from one memory location to another? Our PSW/runtime is currently failing to initialize production class enclaves secondary to a return value of -4 from the ENCLU[EINIT] instruction, which means the measurement of the loaded enclave has failed to match the value in the signature structure. The same enclave loads fine with the out of kernel driver. Our diagnostics tell us we are feeding identical page streams and permissions to the page add ioctl's of both drivers. The identity modulus signature of the signing key for the enclave is being written to the launch control registers. We see the same behavior from both our unit test enclaves and the Quoting Enclave from the Intel SGX runtime. When we ported our runtime loader to the new driver ABI we kept things simple and add only a single page at a time in order to replicate the behavior of the old driver. Secondly, we were wondering what distribution you are building the self-tests with? Initial indications are that the selftest signing utility doesn't build properly with OpenSSL 1.1.1. Have a good day. Dr. Greg As always, Dr. Greg Wettstein, Ph.D, Worker IDfusion, LLC SGX secured infrastructure and 4206 N. 19th Ave. autonomously self-defensive platforms. Fargo, ND 58102 PH: 701-281-1686 EMAIL: greg@idfusion.net ------------------------------------------------------------------------------ "Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats." -- Howard Aiken