From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Nathaniel McCallum <npmccallum@redhat.com>,
Cedric Xing <cedric.xing@intel.com>,
Jethro Beekman <jethro@fortanix.com>,
Andy Lutomirski <luto@amacapital.net>,
linux-sgx@vger.kernel.org
Subject: [PATCH for_v29 v3 2/2] selftests/sgx: Add selftest to invoke __vsgx_enter_enclave() from C
Date: Fri, 17 Apr 2020 21:36:09 -0700 [thread overview]
Message-ID: <20200418043609.29406-3-sean.j.christopherson@intel.com> (raw)
In-Reply-To: <20200418043609.29406-1-sean.j.christopherson@intel.com>
Add a selftest to call __vsgx_enter_enclave() from C. Stop clearing
non-volatile registers in the enclave's trampoline code to avoid
clobbering the untrusted runtime's state when the vDSO is called from C.
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
tools/testing/selftests/sgx/main.c | 18 +++++++++++++++---
.../selftests/sgx/test_encl_bootstrap.S | 6 +-----
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
index f6bb40f22884..5394b2f6af8e 100644
--- a/tools/testing/selftests/sgx/main.c
+++ b/tools/testing/selftests/sgx/main.c
@@ -19,7 +19,7 @@
#include "main.h"
static const uint64_t MAGIC = 0x1122334455667788ULL;
-void *eenter;
+vdso_sgx_enter_enclave_t eenter;
struct vdso_symtab {
Elf64_Sym *elf_symtab;
@@ -173,15 +173,27 @@ int main(int argc, char *argv[], char *envp[])
sgx_call_vdso((void *)&MAGIC, &result, 0, EENTER, NULL, NULL,
(void *)encl.encl_base, &exception, NULL);
- if (result != MAGIC)
+ if (result != MAGIC) {
+ printf("FAIL: sgx_call_vdso(), expected: 0x%lx, got: 0x%lx\n",
+ MAGIC, result);
goto err;
+ }
+
+ /* Invoke the vDSO directly. */
+ result = 0;
+ eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, 0, 0,
+ (void *)encl.encl_base, &exception, NULL);
+ if (result != MAGIC) {
+ printf("FAIL: eenter(), expected: 0x%lx, got: 0x%lx\n",
+ MAGIC, result);
+ goto err;
+ }
printf("SUCCESS\n");
encl_delete(&encl);
exit(0);
err:
- printf("FAILURE\n");
encl_delete(&encl);
exit(1);
}
diff --git a/tools/testing/selftests/sgx/test_encl_bootstrap.S b/tools/testing/selftests/sgx/test_encl_bootstrap.S
index 6a5d734cbf16..6836ea86126e 100644
--- a/tools/testing/selftests/sgx/test_encl_bootstrap.S
+++ b/tools/testing/selftests/sgx/test_encl_bootstrap.S
@@ -54,7 +54,7 @@ encl_entry:
pop %rbx # pop the enclave base address
- # Clear GPRs.
+ /* Clear volatile GPRs, except RAX (EEXIT leaf). */
xor %rcx, %rcx
xor %rdx, %rdx
xor %rdi, %rdi
@@ -63,10 +63,6 @@ encl_entry:
xor %r9, %r9
xor %r10, %r10
xor %r11, %r11
- xor %r12, %r12
- xor %r13, %r13
- xor %r14, %r14
- xor %r15, %r15
# Reset status flags.
add %rdx, %rdx # OF = SF = AF = CF = 0; ZF = PF = 1
--
2.26.0
next prev parent reply other threads:[~2020-04-18 4:36 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-18 4:36 [PATCH for_v29 v3 0/2] x86/sgx: Make vDSO callable from C Sean Christopherson
2020-04-18 4:36 ` [PATCH for_v29 v3 1/2] x86/sgx: vdso: Make __vdso_sgx_enter_enclave() callable from C code Sean Christopherson
2020-04-18 4:36 ` Sean Christopherson [this message]
2020-04-20 21:52 ` [PATCH for_v29 v3 0/2] x86/sgx: Make vDSO callable from C Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200418043609.29406-3-sean.j.christopherson@intel.com \
--to=sean.j.christopherson@intel.com \
--cc=cedric.xing@intel.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jethro@fortanix.com \
--cc=linux-sgx@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=npmccallum@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).