From: "Dr. Greg" <greg@enjellic.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Andy Lutomirski <luto@amacapital.net>,
Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
Platform Driver <platform-driver-x86@vger.kernel.org>,
linux-sgx@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>,
"Christopherson, Sean J" <sean.j.christopherson@intel.com>,
nhorman@redhat.com, npmccallum@redhat.com, "Ayoun,
Serge" <serge.ayoun@intel.com>,
shay.katz-zamir@intel.com, haitao.huang@linux.intel.com,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
"Svahn, Kai" <kai.svahn@intel.com>,
mark.shanahan@intel.com,
Suresh Siddha <suresh.b.siddha@intel.com>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Darren Hart <dvhart@infradead.org>,
Andy Shevchenko <andy@infradead.org>,
LKML <linux-kernel@vger.kernel.org>,
jethro@fortanix.com
Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Date: Fri, 14 Dec 2018 17:59:17 -0600 [thread overview]
Message-ID: <20181214235917.GA14049@wind.enjellic.com> (raw)
In-Reply-To: <20181212180036.GC6333@linux.intel.com>
On Wed, Dec 12, 2018 at 08:00:36PM +0200, Jarkko Sakkinen wrote:
Good evening, I hope the week has gone well for everyone.
> On Mon, Dec 10, 2018 at 04:49:08AM -0600, Dr. Greg wrote:
> > In the meantime, I wanted to confirm that your jarkko-sgx/master
> > branch contains the proposed driver that is headed upstream.
> > Before adding the SFLC patches we thought it best to run the
> > driver through some testing in order to verify that any problems
> > we generated where attributable to our work and not the base
> > driver.
>
> The master branch is by definition unstable at the moment i.e. it
> can sometimes (not often) contain unfinished changes. Use next for
> testing. I update next when I consider the master contents "stable
> enough".
I noticed in the last day or so that you appeared to sync
jarkko-sgx/master with jarkko-sgx/next, so I checked out a local
branch against jarkko-sgx/next and ran it against our unit tests.
Based on what we are seeing the driver is still experiencing issues
with initialization of a non-trivial enclave.
On the first test boot of the new kernel, the EINIT ioctl consistently
returned EBUSY over multiple invocations of the unit test. This did
not appear to generate any negative issues with the kernel at large.
We rebooted the box to run the test against a fresh kernel load. This
time around we experienced issues similar to what we had previously
described. The EINIT ioctl generates a segmentation fault which seems
to largely incapacitate the kernel.
Here are the logs and first backtrace from the test:
---------------------------------------------------------------------------
Dec 14 13:25:06 nuc2 kernel: PGD 4f001067 P4D 4f001067 PUD 0
Dec 14 13:25:06 nuc2 kernel: BUG: unable to handle kernel paging request at ffff97bf3ae916fe
Dec 14 13:25:06 nuc2 kernel: Oops: 0002 [#1] SMP PTI
Dec 14 13:25:06 nuc2 kernel: CPU: 1 PID: 34 Comm: kworker/1:1 Not tainted 4.20.0-rc2-sgx-nuc2+ #12
Dec 14 13:25:06 nuc2 kernel: Hardware name: Intel Corporation NUC7CJYH/NUC7JYB, BIOS JYGLKCPX.86A.0046.2018.1103.1316 11/03/2018
Dec 14 13:25:06 nuc2 kernel: Workqueue: events cache_reap
Dec 14 13:25:06 nuc2 kernel: RIP: 0010:free_block+0xe3/0x182
Dec 14 13:25:06 nuc2 kernel: Code: 20 45 29 d4 41 d3 ec 0f b6 4f 1d 45 01 e2 41 d3 ea 41 8b 49 30 ff c9 49 83 79 20 00 41 89 49 30 75 04 4d 89 59 20 4d 8b 59 20 <45> 88 14 0b 49 8d 49 08 41 83 79 30 00 75 1a 4c 8b 50 28 49 89 4a
Dec 14 13:25:06 nuc2 kernel: RSP: 0018:ffffb90800123db0 EFLAGS: 00210046
Dec 14 13:25:06 nuc2 kernel: RAX: ffff97be3b419080 RBX: 000000000000000f RCX: 00000000ffffff7e
Dec 14 13:25:06 nuc2 kernel: RDX: 0000000000000018 RSI: ffffd907ffc82b70 RDI: ffff97be3b44c200
Dec 14 13:25:06 nuc2 kernel: RBP: ffffb90800123dd8 R08: ffffb90800123e10 R09: fffff9b345eba440
Dec 14 13:25:06 nuc2 kernel: R10: 000000000051f663 R11: ffff97be3ae91780 R12: 0000000011ede5c3
Dec 14 13:25:06 nuc2 kernel: R13: ffffffff80000000 R14: ffff97be3b419088 R15: ffff97be3b4190a8
Dec 14 13:25:06 nuc2 kernel: FS: 0000000000000000(0000) GS:ffff97be3be80000(0000) knlGS:0000000000000000
Dec 14 13:25:06 nuc2 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Dec 14 13:25:06 nuc2 kernel: CR2: ffff97bf3ae916fe CR3: 000000004ec0a000 CR4: 0000000000340ee0
Dec 14 13:25:06 nuc2 kernel: Call Trace:
Dec 14 13:25:06 nuc2 kernel: drain_array_locked+0x50/0x75
Dec 14 13:25:06 nuc2 kernel: drain_array.constprop.67+0x57/0x72
Dec 14 13:25:06 nuc2 kernel: cache_reap+0x58/0x101
Dec 14 13:25:06 nuc2 kernel: process_one_work+0x183/0x271
Dec 14 13:25:06 nuc2 kernel: worker_thread+0x1e5/0x2b4
Dec 14 13:25:06 nuc2 kernel: ? cancel_delayed_work_sync+0x10/0x10
Dec 14 13:25:06 nuc2 kernel: kthread+0x116/0x11e
Dec 14 13:25:06 nuc2 kernel: ? kthread_park+0x7e/0x7e
Dec 14 13:25:06 nuc2 kernel: ret_from_fork+0x1f/0x40
Dec 14 13:25:06 nuc2 kernel: Modules linked in:
Dec 14 13:25:06 nuc2 kernel: CR2: ffff97bf3ae916fe
Dec 14 13:25:06 nuc2 kernel: ---[ end trace 7f5dc24edc7285b3 ]---
Dec 14 13:25:06 nuc2 kernel: RIP: 0010:free_block+0xe3/0x182
Dec 14 13:25:06 nuc2 kernel: Code: 20 45 29 d4 41 d3 ec 0f b6 4f 1d 45 01 e2 41 d3 ea 41 8b 49 30 ff c9 49 83 79 20 00 41 89 49 30 75 04 4d 89 59 20 4d 8b 59 20 <45> 88 14 0b 49 8d 49 08 41 83 79 30 00 75 1a 4c 8b 50 28 49 89 4a
Dec 14 13:25:06 nuc2 kernel: RSP: 0018:ffffb90800123db0 EFLAGS: 00210046
Dec 14 13:25:06 nuc2 kernel: RAX: ffff97be3b419080 RBX: 000000000000000f RCX: 00000000ffffff7e
Dec 14 13:25:06 nuc2 kernel: RDX: 0000000000000018 RSI: ffffd907ffc82b70 RDI: ffff97be3b44c200
Dec 14 13:25:06 nuc2 kernel: RBP: ffffb90800123dd8 R08: ffffb90800123e10 R09: fffff9b345eba440
Dec 14 13:25:06 nuc2 kernel: R10: 000000000051f663 R11: ffff97be3ae91780 R12: 0000000011ede5c3
Dec 14 13:25:06 nuc2 kernel: R13: ffffffff80000000 R14: ffff97be3b419088 R15: ffff97be3b4190a8
Dec 14 13:25:06 nuc2 kernel: FS: 0000000000000000(0000) GS:ffff97be3be80000(0000) knlGS:0000000000000000
Dec 14 13:25:06 nuc2 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Dec 14 13:25:06 nuc2 kernel: CR2: ffff97bf3ae916fe CR3: 000000004ec0a000 CR4: 0000000000340ee0
Dec 14 13:25:21 nuc2 kernel: sgx-load[1596]: segfault at 80 ip 0000000000402015 sp 00007ffdb267e2f0 error 4 in sgx-load[400000+b000]
Dec 14 13:25:21 nuc2 kernel: Code: ff 41 b8 8c 02 00 00 b9 90 78 40 00 ba 5d 77 40 00 be cc 74 40 00 48 89 ef 31 c0 e8 35 ef ff ff e9 1e ff ff ff 48 83 4b 50 01 <49> 8b 8c 24 80 00 00 00 48 89 8b a0 00 00 00 49 8b 8c 24 88 00 00
---------------------------------------------------------------------------
This is a post 'make distclean' compile from a fresh branch of
jarkko-sgx/next with no modifications.
For testing purposes we created a branch of our PSW and dropped the
EINITTOKEN pointer from the sgx_enclave_init structure in order to
make our runtime compatible with the new variant of
SGX_IOC_ENCLAVE_INIT. As I noted in my previous e-mail, our runtime
doesn't appear to be having any issues with the creation and load of
the enclave.
We are assuming there is an intent for the new driver to be reasonably
compatible with the current Intel PSW/SDK. Even if this isn't the
case it would seem to be problematic if it is possible for a badly
formed IOCTL call to tip the kernel over.
Jethro are you guys testing the driver against any non-trivial
enclaves?
> Thanks.
>
> /Jarkko
Let us know if you would like us to experiment with anything in
particular.
Have a good weekend.
Dr. Greg
As always,
Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC.
4206 N. 19th Ave. Specializing in information infra-structure
Fargo, ND 58102 development.
PH: 701-281-1686
FAX: 701-281-3949 EMAIL: greg@enjellic.com
------------------------------------------------------------------------------
"You and Uncle Pete drank the whole thing? That was a $250.00 bottle
of whisky.
Yeah, it was good."
-- Rick Engen
Resurrection.
next prev parent reply other threads:[~2018-12-15 0:00 UTC|newest]
Thread overview: 161+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com>
2018-11-16 1:01 ` [PATCH v17 01/23] x86/sgx: Update MAINTAINERS Jarkko Sakkinen
2018-11-16 14:22 ` Borislav Petkov
2018-11-16 15:07 ` Jarkko Sakkinen
2018-11-16 20:24 ` Borislav Petkov
2018-11-18 8:20 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 02/23] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen
2018-11-16 14:28 ` Borislav Petkov
2018-11-16 15:13 ` Jarkko Sakkinen
2018-11-16 15:18 ` Jarkko Sakkinen
2018-11-16 20:53 ` Borislav Petkov
2018-11-16 1:01 ` [PATCH v17 03/23] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen
2018-11-16 14:37 ` Borislav Petkov
2018-11-16 15:38 ` Sean Christopherson
2018-11-16 23:31 ` Dave Hansen
2018-11-18 8:36 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 04/23] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 05/23] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 06/23] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen
2018-11-16 23:32 ` Dave Hansen
2018-11-18 8:37 ` Jarkko Sakkinen
2018-11-21 18:17 ` Borislav Petkov
2018-11-24 13:54 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 07/23] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen
2018-11-16 23:33 ` Dave Hansen
2018-11-18 8:38 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 08/23] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 09/23] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 10/23] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 11/23] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 12/23] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 13/23] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen
2018-11-16 17:29 ` Sean Christopherson
2018-11-18 8:19 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 14/23] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 15/23] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 16/23] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 17/23] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 18/23] platform/x86: Intel SGX driver Jarkko Sakkinen
2018-11-16 1:37 ` Randy Dunlap
2018-11-16 11:23 ` Jarkko Sakkinen
2018-11-19 15:06 ` Jarkko Sakkinen
2018-11-19 16:22 ` Jethro Beekman
2018-11-19 17:19 ` Jarkko Sakkinen
2018-11-19 17:39 ` Jethro Beekman
2018-11-20 10:58 ` Jarkko Sakkinen
2018-11-21 15:24 ` Jarkko Sakkinen
2018-11-19 18:18 ` Andy Lutomirski
2018-11-20 11:00 ` Jarkko Sakkinen
2018-11-19 15:29 ` Andy Lutomirski
2018-11-19 16:19 ` Jarkko Sakkinen
2018-11-19 16:59 ` Andy Lutomirski
2018-11-20 12:04 ` Jarkko Sakkinen
2018-11-22 11:12 ` Dr. Greg
2018-11-22 15:21 ` Andy Lutomirski
2018-11-24 17:21 ` Jarkko Sakkinen
2018-11-24 20:13 ` Dr. Greg
2018-11-26 21:15 ` Jarkko Sakkinen
2018-11-25 14:53 ` Jarkko Sakkinen
2018-11-25 16:22 ` Andy Lutomirski
2018-11-25 18:55 ` Dr. Greg
2018-11-25 23:51 ` Jarkko Sakkinen
[not found] ` <D45BC005-5064-4C75-B486-4E43C454E2F6@amacapital.net>
2018-11-26 0:37 ` Andy Lutomirski
2018-11-26 11:00 ` Dr. Greg
2018-11-26 18:22 ` Andy Lutomirski
2018-11-26 22:16 ` Jarkko Sakkinen
2018-11-26 21:51 ` Jarkko Sakkinen
2018-11-26 23:04 ` Jarkko Sakkinen
2018-11-27 8:55 ` Dr. Greg
2018-11-27 16:41 ` Jarkko Sakkinen
2018-11-27 17:55 ` Andy Lutomirski
2018-11-28 10:49 ` Dr. Greg
2018-11-28 19:22 ` Jarkko Sakkinen
2018-12-10 10:49 ` Dr. Greg
2018-12-12 18:00 ` Jarkko Sakkinen
2018-12-14 23:59 ` Dr. Greg [this message]
2018-12-15 0:06 ` Sean Christopherson
2018-12-15 23:22 ` Dr. Greg
2018-12-17 14:27 ` Sean Christopherson
2018-12-17 13:28 ` Jarkko Sakkinen
2018-12-17 13:39 ` Jarkko Sakkinen
2018-12-17 14:08 ` Jarkko Sakkinen
2018-12-17 14:13 ` Jarkko Sakkinen
2018-12-17 16:34 ` Dr. Greg
2018-12-17 17:31 ` Sean Christopherson
2018-12-17 17:49 ` Jarkko Sakkinen
2018-12-17 18:09 ` Sean Christopherson
2018-12-17 18:23 ` Jarkko Sakkinen
2018-12-17 18:46 ` Sean Christopherson
2018-12-17 19:36 ` Jarkko Sakkinen
2018-11-27 16:46 ` Jarkko Sakkinen
2018-11-28 21:52 ` Andy Lutomirski
2018-11-27 7:46 ` Jethro Beekman
2018-11-27 16:36 ` Jarkko Sakkinen
2018-11-22 20:56 ` Andy Lutomirski
2018-11-23 10:39 ` Dr. Greg
2018-11-24 16:45 ` Jarkko Sakkinen
2018-11-28 5:08 ` Jarkko Sakkinen
2018-11-28 5:38 ` Jethro Beekman
2018-12-09 17:01 ` Pavel Machek
2018-11-20 11:15 ` Dr. Greg
2018-11-24 16:15 ` Jarkko Sakkinen
2018-11-24 19:24 ` Dr. Greg
2018-11-26 19:39 ` Jarkko Sakkinen
2018-12-09 17:01 ` Pavel Machek
2018-12-10 14:46 ` Dr. Greg
2018-12-17 17:45 ` Dave Hansen
2018-12-17 18:01 ` Jarkko Sakkinen
2018-12-17 18:07 ` Dave Hansen
2018-12-17 18:31 ` Jarkko Sakkinen
2018-12-17 18:36 ` Sean Christopherson
2018-12-17 18:43 ` Jarkko Sakkinen
2018-12-17 18:47 ` Dave Hansen
2018-12-17 19:12 ` Andy Lutomirski
2018-12-17 19:17 ` Dave Hansen
2018-12-17 19:25 ` Andy Lutomirski
2018-12-17 19:54 ` Jarkko Sakkinen
2018-12-17 19:49 ` Jarkko Sakkinen
2018-12-17 19:53 ` Dave Hansen
2018-12-17 19:55 ` Andy Lutomirski
2018-12-17 20:03 ` Dave Hansen
2018-12-17 20:10 ` Andy Lutomirski
2018-12-17 20:15 ` Dave Hansen
2018-12-17 22:36 ` Sean Christopherson
2018-12-18 1:40 ` Jarkko Sakkinen
2018-12-17 22:20 ` Sean Christopherson
2018-12-18 1:39 ` Jarkko Sakkinen
2018-12-18 3:27 ` Jarkko Sakkinen
2018-12-18 5:02 ` Andy Lutomirski
2018-12-18 13:27 ` Jarkko Sakkinen
2018-12-18 4:55 ` Andy Lutomirski
2018-12-18 13:18 ` Jarkko Sakkinen
2018-12-18 4:59 ` Andy Lutomirski
2018-12-18 13:11 ` Jarkko Sakkinen
2018-12-18 15:44 ` Sean Christopherson
2018-12-18 18:53 ` Sean Christopherson
2018-12-19 5:00 ` Jarkko Sakkinen
2018-12-19 5:13 ` Jarkko Sakkinen
2018-12-21 18:28 ` Sean Christopherson
2018-12-22 0:01 ` Jarkko Sakkinen
2018-12-19 4:47 ` Jarkko Sakkinen
2018-12-19 5:24 ` Jarkko Sakkinen
2018-12-18 1:17 ` Jarkko Sakkinen
2018-12-18 1:31 ` Jarkko Sakkinen
2018-12-17 18:48 ` Sean Christopherson
2018-12-17 19:09 ` Dave Hansen
2018-12-17 19:37 ` Jarkko Sakkinen
2018-12-17 19:40 ` Dave Hansen
2018-12-17 19:33 ` Jarkko Sakkinen
2018-12-17 20:21 ` Jarkko Sakkinen
2018-12-18 13:13 ` Jarkko Sakkinen
2018-12-18 15:46 ` Sean Christopherson
2018-12-18 5:55 ` Andy Lutomirski
2018-12-19 5:22 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 19/23] platform/x86: sgx: Add swapping functionality to the " Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 20/23] x86/sgx: Add a simple swapper for the EPC memory manager Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 21/23] platform/x86: ptrace() support for the SGX driver Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 22/23] x86/sgx: SGX documentation Jarkko Sakkinen
2018-12-03 3:28 ` Randy Dunlap
2018-12-03 9:32 ` Jarkko Sakkinen
2018-11-16 1:01 ` [PATCH v17 23/23] selftests/x86: Add a selftest for SGX Jarkko Sakkinen
2018-11-16 11:17 ` [PATCH v17 00/23] Intel SGX1 support Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181214235917.GA14049@wind.enjellic.com \
--to=greg@enjellic.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=andy@infradead.org \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dvhart@infradead.org \
--cc=haitao.huang@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jethro@fortanix.com \
--cc=kai.svahn@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mark.shanahan@intel.com \
--cc=mingo@redhat.com \
--cc=nhorman@redhat.com \
--cc=npmccallum@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=serge.ayoun@intel.com \
--cc=shay.katz-zamir@intel.com \
--cc=suresh.b.siddha@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).