Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp732131pxb; Tue, 8 Feb 2022 00:53:56 -0800 (PST) X-Google-Smtp-Source: ABdhPJzaWUVE1QK3sRs4vpH1z5///KGsjwMqnVVFxgq2O10varvSjiuYoGwXbVt/Wvb0gu5gN8AG X-Received: by 2002:a17:906:60d5:: with SMTP id f21mr2837576ejk.482.1644310436393; Tue, 08 Feb 2022 00:53:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644310436; cv=none; d=google.com; s=arc-20160816; b=fHvDQ+uS2ZkjuR8OtnFUr58XWmtoj14qeudyDKVRPa3jebEJDYLylcD1F6jr4x078K F+4bZ37iBJ0ZzVv/QqhN36TsSivrgZzOVU86QzRVb3XaKvxZDzFlC+RSNI35GGyaeghp XJon/470ttdboAm/ei2lRgTLFKpYQHPQ/6ByJDlQTEp+ZwBcDTZYS85IVPRIZWsBpEmM scFD8ecivJEAjuvzLOIo9oYc9b8263LSTRppyLBlugOMhcY0RmpyVnxNmZ9+1Zr9+f99 drjebH7212feoCPorAKcYL576GFgRm7Wi1W2n6F6bxJ/RQEzy4r61RYfv8kUhMxyl6Hl ZG8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=DYtUjykLs6FHl9i15Ef7os9QBRXM8NiY53MQaABw3/w=; b=E9IkqatXAmiKAdHbrKyoJAzCPdXz4gUICD+deLIIEMg5RwORoB7GEOaNUQHWqNcWWF 05BTnHd6hs5NN+Bq/5zqz3MAh+Xbl13CWBEJjtw4iDO9ODPULvKkgeCsZhNE2x/Kr5aF GZJFFDTrAptu0Lh9UTJ1uIvx9a9fKoOm+u5AumiPFWyrrM0y5i7JgtJLJCNVUPpzgbCw AnnsB2Orl6BM0kO5dTFZ0xR6RM42hRR+rPNCu5alUTBQtqAKcPlfpRX5FofvO4X8KsOC 5CfhKLq0GOJvFpllU/gwmV0Oo+nSu1n2mFdAP3/ogCDba4E53stn8kmnUZ5O+scDBLPP wq7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=jncTULn+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c6si9451980edk.343.2022.02.08.00.53.30; Tue, 08 Feb 2022 00:53:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=jncTULn+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233199AbiBHBJD (ORCPT + 99 others); Mon, 7 Feb 2022 20:09:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344151AbiBHAqM (ORCPT ); Mon, 7 Feb 2022 19:46:12 -0500 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B0269C043181; Mon, 7 Feb 2022 16:46:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1644281171; x=1675817171; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=PfFKQUYsisNJvtRLUabwqlbFIDfYMcDljQNrmHgAK4w=; b=jncTULn+583U3weeG//hYnkibXdbS0mWX8zx93RadO9P/eqMA6Ot87HD 5pfG03rXC8LDMv5o1scRYgACfG8xkkYhatMJ+YDU1lJxMtWoCiaalBVHF cQcGhqkhA1f38IJLwvE0QVFEHg3EzyQCJ3enB8LKO40XFKIAxfRLrLhUl W3juDx/7SHakCjPJIHQcLpz9IRppatH9zEB9NAdGAdwluOur2u9l3pLfg Lqx9WrpV0qFFsc8Bfq9dPLycl8RIDJenvi68hVbf1pOCluUP1X0OSda/z keJAaijuketU4iLT7Pcmj2WSRXyaHChvv7waGdwuz3+hQL8o5bEeGQ/0Y g==; X-IronPort-AV: E=McAfee;i="6200,9189,10251"; a="249050724" X-IronPort-AV: E=Sophos;i="5.88,351,1635231600"; d="scan'208";a="249050724" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2022 16:46:10 -0800 X-IronPort-AV: E=Sophos;i="5.88,351,1635231600"; d="scan'208";a="499389565" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2022 16:46:09 -0800 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V2 32/32] selftests/sgx: Page removal stress test Date: Mon, 7 Feb 2022 16:45:54 -0800 Message-Id: <7a72cb20b7cda2bb40aaf661a28a6368f92b6151.1644274683.git.reinette.chatre@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Create enclave with additional heap that consumes all physical SGX memory and then remove it. Depending on the available SGX memory this test could take a significant time to run (several minutes) as it (1) creates the enclave, (2) changes the type of every page to be trimmed, (3) enters the enclave once per page to run EACCEPT, before (4) the pages are finally removed. Signed-off-by: Reinette Chatre --- Changes since V1: - Exit test completely on first failure of EACCEPT of a removed page. Since this is an oversubscribed test the number of pages on which this is attempted can be significant and in case of failure the per-page error logging would overwhelm the system. - Update test to call renamed ioctl() (SGX_IOC_PAGE_MODT -> SGX_IOC_ENCLAVE_MODIFY_TYPE) and provide secinfo as parameter (Jarkko). - Fixup definitions to be reverse xmas tree. - Update test to reflect page removal ioctl() and struct name change: SGX_IOC_PAGE_REMOVE->SGX_IOC_ENCLAVE_REMOVE_PAGES, struct sgx_page_remove -> struct sgx_enclave_remove_pages (Jarkko). - Ensure test is skipped when SGX2 not supported by kernel. - Cleanup comments. tools/testing/selftests/sgx/main.c | 122 +++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index 4fe5a0324c97..22abda2696e2 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -378,7 +378,129 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed) EXPECT_EQ(get_op.value, MAGIC); EXPECT_EEXIT(&self->run); EXPECT_EQ(self->run.user_data, 0); +} + +TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900) +{ + struct sgx_enclave_remove_pages remove_ioc; + struct encl_op_get_from_buf get_op; + struct encl_op_eaccept eaccept_op; + struct encl_op_put_to_buf put_op; + struct sgx_enclave_modt modt_ioc; + struct sgx_secinfo secinfo; + struct encl_segment *heap; + unsigned long total_mem; + int ret, errno_save; + unsigned long addr; + unsigned long i; + + /* + * Create enclave with additional heap that is as big as all + * available physical SGX memory. + */ + total_mem = get_total_epc_mem(); + ASSERT_NE(total_mem, 0); + TH_LOG("Creating an enclave with %lu bytes heap may take a while ...", + total_mem); + ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata)); + + /* + * Hardware (SGX2) and kernel support is needed for this test. Start + * with check that test has a chance of succeeding. + */ + memset(&modt_ioc, 0, sizeof(modt_ioc)); + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPE, &modt_ioc); + + if (ret == -1) { + if (errno == ENOTTY) + SKIP(return, "Kernel does not support SGX_IOC_ENCLAVE_MODIFY_TYPE ioctl()"); + else if (errno == ENODEV) + SKIP(return, "System does not support SGX2"); + } + + /* + * Invalid parameters were provided during sanity check, + * expect command to fail. + */ + EXPECT_EQ(ret, -1); + + /* SGX2 is supported by kernel and hardware, test can proceed. */ + memset(&self->run, 0, sizeof(self->run)); + self->run.tcs = self->encl.encl_base; + + heap = &self->encl.segment_tbl[self->encl.nr_segments - 1]; + + put_op.header.type = ENCL_OP_PUT_TO_BUFFER; + put_op.value = MAGIC; + + EXPECT_EQ(ENCL_CALL(&put_op, &self->run, false), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.user_data, 0); + + get_op.header.type = ENCL_OP_GET_FROM_BUFFER; + get_op.value = 0; + + EXPECT_EQ(ENCL_CALL(&get_op, &self->run, false), 0); + + EXPECT_EQ(get_op.value, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.user_data, 0); + + /* Trim entire heap. */ + memset(&modt_ioc, 0, sizeof(modt_ioc)); + memset(&secinfo, 0, sizeof(secinfo)); + + secinfo.flags = SGX_PAGE_TYPE_TRIM << 8; + modt_ioc.offset = heap->offset; + modt_ioc.length = heap->size; + modt_ioc.secinfo = (unsigned long)&secinfo; + + TH_LOG("Changing type of %zd bytes to trimmed may take a while ...", + heap->size); + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPE, &modt_ioc); + errno_save = ret == -1 ? errno : 0; + + EXPECT_EQ(ret, 0); + EXPECT_EQ(errno_save, 0); + EXPECT_EQ(modt_ioc.result, 0); + EXPECT_EQ(modt_ioc.count, heap->size); + + /* EACCEPT all removed pages. */ + addr = self->encl.encl_base + heap->offset; + + eaccept_op.flags = SGX_SECINFO_TRIM | SGX_SECINFO_MODIFIED; + eaccept_op.header.type = ENCL_OP_EACCEPT; + + TH_LOG("Entering enclave to run EACCEPT for each page of %zd bytes may take a while ...", + heap->size); + for (i = 0; i < heap->size; i += 4096) { + eaccept_op.epc_addr = addr + i; + eaccept_op.ret = 0; + EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0); + + EXPECT_EQ(self->run.exception_vector, 0); + EXPECT_EQ(self->run.exception_error_code, 0); + EXPECT_EQ(self->run.exception_addr, 0); + ASSERT_EQ(eaccept_op.ret, 0); + ASSERT_EQ(self->run.function, EEXIT); + } + + /* Complete page removal. */ + memset(&remove_ioc, 0, sizeof(remove_ioc)); + + remove_ioc.offset = heap->offset; + remove_ioc.length = heap->size; + + TH_LOG("Removing %zd bytes from enclave may take a while ...", + heap->size); + ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc); + errno_save = ret == -1 ? errno : 0; + + EXPECT_EQ(ret, 0); + EXPECT_EQ(errno_save, 0); + EXPECT_EQ(remove_ioc.count, heap->size); } TEST_F(enclave, clobbered_vdso) -- 2.25.1