| Message ID | 20210610083021.392269-5-jarkko@kernel.org |
|---|---|
| State | Accepted |
| Commit | 22118ce17eb8dcf2a6ba2f6fb250816ddb59685a |
| Headers | show |
| Series | [v8,1/5] selftests/sgx: Rename 'eenter' and 'sgx_call_vdso' | expand |
On 6/10/21 2:30 AM, Jarkko Sakkinen wrote: > Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. > ENCL_OP_PUT stores value inside the enclave address space and > ENCL_OP_GET reads it. The internal buffer can be later extended to be > variable size, and allow reclaimer tests. > > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> > --- > tools/testing/selftests/sgx/defines.h | 10 ++++ > tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- > tools/testing/selftests/sgx/test_encl.c | 19 +++++++- > tools/testing/selftests/sgx/test_encl.lds | 3 +- > 4 files changed, 74 insertions(+), 15 deletions(-) > Test output before applying the series: TAP version 13 1..1 # selftests: sgx: test_sgx # Unable to open /dev/sgx_enclave: No such file or directory # 1..0 # SKIP cannot load enclaves ok 1 selftests: sgx: test_sgx # SKIP Test output after applying second patch selftests/sgx: Migrate to kselftest harness Output changes to the following. It doesn't look like the second patch adds any new tests. What is the point in running the tests that fail if /dev/sgx_enclave is missing. Unfortunately this series doesn't have a cover letter that explains what this series is doing. I don't like the fact that the test output and behavior changes when migrating the test to kselftest harness. Shouldn't the output stay the same as in skip the tests if /dev/sgx_enclave fails. TAP version 13 1..1 # selftests: sgx: test_sgx # TAP version 13 # 1..3 # # Starting 3 tests from 2 test cases. # # RUN enclave.unclobbered_vdso ... # Unable to open /dev/sgx_enclave: No such file or directory # ok 2 # SKIP cannot load enclaves # # Planned tests != run tests (3 != 1) # # Totals: pass:0 fail:0 xfail:0 xpass:0 skip:1 error:0 # # unclobbered_vdso: Test failed at step #4 # # FAIL enclave.unclobbered_vdso # not ok 1 enclave.unclobbered_vdso # # RUN enclave.clobbered_vdso ... # Unable to open /dev/sgx_enclave: No such file or directory # ok 3 # SKIP cannot load enclaves # # Planned tests != run tests (3 != 2) # # Totals: pass:0 fail:1 xfail:0 xpass:0 skip:1 error:0 # # clobbered_vdso: Test failed at step #4 # # FAIL enclave.clobbered_vdso # not ok 2 enclave.clobbered_vdso # # RUN enclave.clobbered_vdso_and_user_function ... # Unable to open /dev/sgx_enclave: No such file or directory # ok 4 # SKIP cannot load enclaves # # Totals: pass:0 fail:2 xfail:0 xpass:0 skip:1 error:0 # # clobbered_vdso_and_user_function: Test failed at step #4 # # FAIL enclave.clobbered_vdso_and_user_function # not ok 3 enclave.clobbered_vdso_and_user_function # # FAILED: 0 / 3 tests passed. # # Totals: pass:0 fail:3 xfail:0 xpass:0 skip:0 error:0 not ok 1 selftests: sgx: test_sgx # exit=1 thanks, -- Shuah
On Mon, Jun 14, 2021 at 02:16:15PM -0600, Shuah Khan wrote: > On 6/10/21 2:30 AM, Jarkko Sakkinen wrote: > > Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. > > ENCL_OP_PUT stores value inside the enclave address space and > > ENCL_OP_GET reads it. The internal buffer can be later extended to be > > variable size, and allow reclaimer tests. > > > > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> > > --- > > tools/testing/selftests/sgx/defines.h | 10 ++++ > > tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- > > tools/testing/selftests/sgx/test_encl.c | 19 +++++++- > > tools/testing/selftests/sgx/test_encl.lds | 3 +- > > 4 files changed, 74 insertions(+), 15 deletions(-) > > > > Test output before applying the series: > > TAP version 13 > 1..1 > # selftests: sgx: test_sgx > # Unable to open /dev/sgx_enclave: No such file or directory > # 1..0 # SKIP cannot load enclaves > ok 1 selftests: sgx: test_sgx # SKIP > > Test output after applying second patch > > selftests/sgx: Migrate to kselftest harness > > Output changes to the following. It doesn't look like the second > patch adds any new tests. What is the point in running the tests > that fail if /dev/sgx_enclave is missing. > > Unfortunately this series doesn't have a cover letter that explains > what this series is doing. I don't like the fact that the test > output and behavior changes when migrating the test to kselftest > harness. Shouldn't the output stay the same as in skip the tests > if /dev/sgx_enclave fails. I get what you are saying but actually I do not know how with fixtures I can skip "the rest" when FIXTURE_SETUP() fails. The reason for the output below is that with fixtures for all tests enclave is initialized for each test case. And it kind of makes sense because all tests start from the clean expected state. I don't how to do that with zero change in the output. The reason to do this change is to make it easy to add more tests, and return correct status codes to the framework. > TAP version 13 > 1..1 > # selftests: sgx: test_sgx > # TAP version 13 > # 1..3 > # # Starting 3 tests from 2 test cases. > # # RUN enclave.unclobbered_vdso ... > # Unable to open /dev/sgx_enclave: No such file or directory > # ok 2 # SKIP cannot load enclaves > # # Planned tests != run tests (3 != 1) > # # Totals: pass:0 fail:0 xfail:0 xpass:0 skip:1 error:0 > # # unclobbered_vdso: Test failed at step #4 > # # FAIL enclave.unclobbered_vdso > # not ok 1 enclave.unclobbered_vdso > # # RUN enclave.clobbered_vdso ... > # Unable to open /dev/sgx_enclave: No such file or directory > # ok 3 # SKIP cannot load enclaves > # # Planned tests != run tests (3 != 2) > # # Totals: pass:0 fail:1 xfail:0 xpass:0 skip:1 error:0 > # # clobbered_vdso: Test failed at step #4 > # # FAIL enclave.clobbered_vdso > # not ok 2 enclave.clobbered_vdso > # # RUN enclave.clobbered_vdso_and_user_function ... > # Unable to open /dev/sgx_enclave: No such file or directory > # ok 4 # SKIP cannot load enclaves > # # Totals: pass:0 fail:2 xfail:0 xpass:0 skip:1 error:0 > # # clobbered_vdso_and_user_function: Test failed at step #4 > # # FAIL enclave.clobbered_vdso_and_user_function > # not ok 3 enclave.clobbered_vdso_and_user_function > # # FAILED: 0 / 3 tests passed. > # # Totals: pass:0 fail:3 xfail:0 xpass:0 skip:0 error:0 > not ok 1 selftests: sgx: test_sgx # exit=1 > > thanks, > -- Shuah /Jarkko
On Tue, Jun 15, 2021 at 04:14:02PM +0300, Jarkko Sakkinen wrote: > On Mon, Jun 14, 2021 at 02:16:15PM -0600, Shuah Khan wrote: > > On 6/10/21 2:30 AM, Jarkko Sakkinen wrote: > > > Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. > > > ENCL_OP_PUT stores value inside the enclave address space and > > > ENCL_OP_GET reads it. The internal buffer can be later extended to be > > > variable size, and allow reclaimer tests. > > > > > > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> > > > --- > > > tools/testing/selftests/sgx/defines.h | 10 ++++ > > > tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- > > > tools/testing/selftests/sgx/test_encl.c | 19 +++++++- > > > tools/testing/selftests/sgx/test_encl.lds | 3 +- > > > 4 files changed, 74 insertions(+), 15 deletions(-) > > > > > > > Test output before applying the series: > > > > TAP version 13 > > 1..1 > > # selftests: sgx: test_sgx > > # Unable to open /dev/sgx_enclave: No such file or directory > > # 1..0 # SKIP cannot load enclaves > > ok 1 selftests: sgx: test_sgx # SKIP > > > > Test output after applying second patch > > > > selftests/sgx: Migrate to kselftest harness > > > > Output changes to the following. It doesn't look like the second > > patch adds any new tests. What is the point in running the tests > > that fail if /dev/sgx_enclave is missing. > > > > Unfortunately this series doesn't have a cover letter that explains > > what this series is doing. I don't like the fact that the test > > output and behavior changes when migrating the test to kselftest > > harness. Shouldn't the output stay the same as in skip the tests > > if /dev/sgx_enclave fails. > > I get what you are saying but actually I do not know how with > fixtures I can skip "the rest" when FIXTURE_SETUP() fails. > > The reason for the output below is that with fixtures for all > tests enclave is initialized for each test case. And it kind of > makes sense because all tests start from the clean expected > state. > > I don't how to do that with zero change in the output. > > The reason to do this change is to make it easy to add more tests, > and return correct status codes to the framework. To add: everything I did I based purely to the existing kernel documentation, following the examples on how to use fixture. /Jarkko
On 6/15/21 7:15 AM, Jarkko Sakkinen wrote: > On Tue, Jun 15, 2021 at 04:14:02PM +0300, Jarkko Sakkinen wrote: >> On Mon, Jun 14, 2021 at 02:16:15PM -0600, Shuah Khan wrote: >>> On 6/10/21 2:30 AM, Jarkko Sakkinen wrote: >>>> Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. >>>> ENCL_OP_PUT stores value inside the enclave address space and >>>> ENCL_OP_GET reads it. The internal buffer can be later extended to be >>>> variable size, and allow reclaimer tests. >>>> >>>> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> >>>> --- >>>> tools/testing/selftests/sgx/defines.h | 10 ++++ >>>> tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- >>>> tools/testing/selftests/sgx/test_encl.c | 19 +++++++- >>>> tools/testing/selftests/sgx/test_encl.lds | 3 +- >>>> 4 files changed, 74 insertions(+), 15 deletions(-) >>>> >>> >>> Test output before applying the series: >>> >>> TAP version 13 >>> 1..1 >>> # selftests: sgx: test_sgx >>> # Unable to open /dev/sgx_enclave: No such file or directory >>> # 1..0 # SKIP cannot load enclaves >>> ok 1 selftests: sgx: test_sgx # SKIP >>> >>> Test output after applying second patch >>> >>> selftests/sgx: Migrate to kselftest harness >>> >>> Output changes to the following. It doesn't look like the second >>> patch adds any new tests. What is the point in running the tests >>> that fail if /dev/sgx_enclave is missing. >>> >>> Unfortunately this series doesn't have a cover letter that explains >>> what this series is doing. I don't like the fact that the test >>> output and behavior changes when migrating the test to kselftest >>> harness. Shouldn't the output stay the same as in skip the tests >>> if /dev/sgx_enclave fails. >> >> I get what you are saying but actually I do not know how with >> fixtures I can skip "the rest" when FIXTURE_SETUP() fails. >> >> The reason for the output below is that with fixtures for all >> tests enclave is initialized for each test case. And it kind of >> makes sense because all tests start from the clean expected >> state. >> >> I don't how to do that with zero change in the output. >> Yeah. I took a look at the FIXTURE. Doesn't look like it is possible. >> The reason to do this change is to make it easy to add more tests, >> and return correct status codes to the framework. > > To add: everything I did I based purely to the existing kernel > documentation, following the examples on how to use fixture. > I will pick these up and will add a note to the last commit that output changes, so test rings that run kselftest are aware of the change. thanks, -- Shuah
On Tue, Jun 15, 2021 at 03:55:25PM -0600, Shuah Khan wrote: > On 6/15/21 7:15 AM, Jarkko Sakkinen wrote: > > On Tue, Jun 15, 2021 at 04:14:02PM +0300, Jarkko Sakkinen wrote: > > > On Mon, Jun 14, 2021 at 02:16:15PM -0600, Shuah Khan wrote: > > > > On 6/10/21 2:30 AM, Jarkko Sakkinen wrote: > > > > > Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. > > > > > ENCL_OP_PUT stores value inside the enclave address space and > > > > > ENCL_OP_GET reads it. The internal buffer can be later extended to be > > > > > variable size, and allow reclaimer tests. > > > > > > > > > > Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> > > > > > --- > > > > > tools/testing/selftests/sgx/defines.h | 10 ++++ > > > > > tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- > > > > > tools/testing/selftests/sgx/test_encl.c | 19 +++++++- > > > > > tools/testing/selftests/sgx/test_encl.lds | 3 +- > > > > > 4 files changed, 74 insertions(+), 15 deletions(-) > > > > > > > > > > > > > Test output before applying the series: > > > > > > > > TAP version 13 > > > > 1..1 > > > > # selftests: sgx: test_sgx > > > > # Unable to open /dev/sgx_enclave: No such file or directory > > > > # 1..0 # SKIP cannot load enclaves > > > > ok 1 selftests: sgx: test_sgx # SKIP > > > > > > > > Test output after applying second patch > > > > > > > > selftests/sgx: Migrate to kselftest harness > > > > > > > > Output changes to the following. It doesn't look like the second > > > > patch adds any new tests. What is the point in running the tests > > > > that fail if /dev/sgx_enclave is missing. > > > > > > > > Unfortunately this series doesn't have a cover letter that explains > > > > what this series is doing. I don't like the fact that the test > > > > output and behavior changes when migrating the test to kselftest > > > > harness. Shouldn't the output stay the same as in skip the tests > > > > if /dev/sgx_enclave fails. > > > > > > I get what you are saying but actually I do not know how with > > > fixtures I can skip "the rest" when FIXTURE_SETUP() fails. > > > > > > The reason for the output below is that with fixtures for all > > > tests enclave is initialized for each test case. And it kind of > > > makes sense because all tests start from the clean expected > > > state. > > > > > > I don't how to do that with zero change in the output. > > > > > Yeah. I took a look at the FIXTURE. Doesn't look like it is possible. > > > > The reason to do this change is to make it easy to add more tests, > > > and return correct status codes to the framework. > > > > To add: everything I did I based purely to the existing kernel > > documentation, following the examples on how to use fixture. > > > > I will pick these up and will add a note to the last commit that > output changes, so test rings that run kselftest are aware of the > change. > > thanks, > -- Shuah OK, great, thank you! /Jarkko
diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h index 0bd73428d2f3..f88562afcaa0 100644 --- a/tools/testing/selftests/sgx/defines.h +++ b/tools/testing/selftests/sgx/defines.h @@ -18,4 +18,14 @@ #include "../../../../arch/x86/include/asm/enclu.h" #include "../../../../arch/x86/include/uapi/asm/sgx.h" +enum encl_op_type { + ENCL_OP_PUT, + ENCL_OP_GET, +}; + +struct encl_op { + uint64_t type; + uint64_t buffer; +}; + #endif /* DEFINES_H */ diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c index bcd0257f48e0..e252015e0c15 100644 --- a/tools/testing/selftests/sgx/main.c +++ b/tools/testing/selftests/sgx/main.c @@ -193,14 +193,14 @@ FIXTURE_TEARDOWN(enclave) encl_delete(&self->encl); } -#define ENCL_CALL(in, out, run, clobbered) \ +#define ENCL_CALL(op, run, clobbered) \ ({ \ int ret; \ if ((clobbered)) \ - ret = vdso_sgx_enter_enclave((unsigned long)(in), (unsigned long)(out), 0, \ + ret = vdso_sgx_enter_enclave((unsigned long)(op), 0, 0, \ EENTER, 0, 0, (run)); \ else \ - ret = sgx_enter_enclave((void *)(in), (void *)(out), 0, EENTER, NULL, NULL, \ + ret = sgx_enter_enclave((void *)(op), NULL, 0, EENTER, NULL, NULL, \ (run)); \ ret; \ }) @@ -215,22 +215,44 @@ FIXTURE_TEARDOWN(enclave) TEST_F(enclave, unclobbered_vdso) { - uint64_t result = 0; + struct encl_op op; - EXPECT_EQ(ENCL_CALL(&MAGIC, &result, &self->run, false), 0); + op.type = ENCL_OP_PUT; + op.buffer = MAGIC; + + EXPECT_EQ(ENCL_CALL(&op, &self->run, false), 0); - EXPECT_EQ(result, MAGIC); + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.user_data, 0); + + op.type = ENCL_OP_GET; + op.buffer = 0; + + EXPECT_EQ(ENCL_CALL(&op, &self->run, false), 0); + + EXPECT_EQ(op.buffer, MAGIC); EXPECT_EEXIT(&self->run); EXPECT_EQ(self->run.user_data, 0); } TEST_F(enclave, clobbered_vdso) { - uint64_t result = 0; + struct encl_op op; + + op.type = ENCL_OP_PUT; + op.buffer = MAGIC; + + EXPECT_EQ(ENCL_CALL(&op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.user_data, 0); + + op.type = ENCL_OP_GET; + op.buffer = 0; - EXPECT_EQ(ENCL_CALL(&MAGIC, &result, &self->run, true), 0); + EXPECT_EQ(ENCL_CALL(&op, &self->run, true), 0); - EXPECT_EQ(result, MAGIC); + EXPECT_EQ(op.buffer, MAGIC); EXPECT_EEXIT(&self->run); EXPECT_EQ(self->run.user_data, 0); } @@ -245,14 +267,25 @@ static int test_handler(long rdi, long rsi, long rdx, long ursp, long r8, long r TEST_F(enclave, clobbered_vdso_and_user_function) { - uint64_t result = 0; + struct encl_op op; self->run.user_handler = (__u64)test_handler; self->run.user_data = 0xdeadbeef; - EXPECT_EQ(ENCL_CALL(&MAGIC, &result, &self->run, true), 0); + op.type = ENCL_OP_PUT; + op.buffer = MAGIC; + + EXPECT_EQ(ENCL_CALL(&op, &self->run, true), 0); + + EXPECT_EEXIT(&self->run); + EXPECT_EQ(self->run.user_data, 0); + + op.type = ENCL_OP_GET; + op.buffer = 0; + + EXPECT_EQ(ENCL_CALL(&op, &self->run, true), 0); - EXPECT_EQ(result, MAGIC); + EXPECT_EQ(op.buffer, MAGIC); EXPECT_EEXIT(&self->run); EXPECT_EQ(self->run.user_data, 0); } diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c index cf25b5dc1e03..734ea52f9924 100644 --- a/tools/testing/selftests/sgx/test_encl.c +++ b/tools/testing/selftests/sgx/test_encl.c @@ -4,6 +4,8 @@ #include <stddef.h> #include "defines.h" +static uint8_t encl_buffer[8192] = { 1 }; + static void *memcpy(void *dest, const void *src, size_t n) { size_t i; @@ -14,7 +16,20 @@ static void *memcpy(void *dest, const void *src, size_t n) return dest; } -void encl_body(void *rdi, void *rsi) +void encl_body(void *rdi, void *rsi) { - memcpy(rsi, rdi, 8); + struct encl_op *op = (struct encl_op *)rdi; + + switch (op->type) { + case ENCL_OP_PUT: + memcpy(&encl_buffer[0], &op->buffer, 8); + break; + + case ENCL_OP_GET: + memcpy(&op->buffer, &encl_buffer[0], 8); + break; + + default: + break; + } } diff --git a/tools/testing/selftests/sgx/test_encl.lds b/tools/testing/selftests/sgx/test_encl.lds index 0fbbda7e665e..a1ec64f7d91f 100644 --- a/tools/testing/selftests/sgx/test_encl.lds +++ b/tools/testing/selftests/sgx/test_encl.lds @@ -18,9 +18,10 @@ SECTIONS .text : { *(.text*) *(.rodata*) + FILL(0xDEADBEEF); + . = ALIGN(4096); } : text - . = ALIGN(4096); .data : { *(.data*) } : data
Extend the enclave to have two operations: ENCL_OP_PUT and ENCL_OP_GET. ENCL_OP_PUT stores value inside the enclave address space and ENCL_OP_GET reads it. The internal buffer can be later extended to be variable size, and allow reclaimer tests. Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> --- tools/testing/selftests/sgx/defines.h | 10 ++++ tools/testing/selftests/sgx/main.c | 57 ++++++++++++++++++----- tools/testing/selftests/sgx/test_encl.c | 19 +++++++- tools/testing/selftests/sgx/test_encl.lds | 3 +- 4 files changed, 74 insertions(+), 15 deletions(-)