LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: "Xing, Cedric" <cedric.xing@intel.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
	linux-sgx@vger.kernel.org, akpm@linux-foundation.org,
	dave.hansen@intel.com, sean.j.christopherson@intel.com,
	nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com,
	shay.katz-zamir@intel.com, haitao.huang@intel.com,
	andriy.shevchenko@linux.intel.com, tglx@linutronix.de,
	kai.svahn@intel.com, bp@alien8.de, josh@joshtriplett.org,
	luto@kernel.org, kai.huang@intel.com, rientjes@google.com
Subject: Re: [PATCH v21 24/28] selftests/x86: Add a selftest for SGX
Date: Fri, 2 Aug 2019 23:46:53 +0300
Message-ID: <20190802204653.hsfd55zu2pp5vun7@linux.intel.com> (raw)
In-Reply-To: <e7b51875-c190-bab6-28ec-0eaa6caf2955@intel.com>

On Wed, Jul 17, 2019 at 03:37:03PM -0700, Xing, Cedric wrote:
> On 7/13/2019 10:08 AM, Jarkko Sakkinen wrote:
> > Add a selftest for SGX. It is a trivial test where a simple enclave
> > copies one 64-bit word of memory between two memory locations given to
> > the enclave as arguments.
> > 
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > ---
> >   tools/testing/selftests/x86/Makefile          |  10 +
> >   tools/testing/selftests/x86/sgx/Makefile      |  48 ++
> >   tools/testing/selftests/x86/sgx/defines.h     |  39 ++
> >   tools/testing/selftests/x86/sgx/encl.c        |  20 +
> >   tools/testing/selftests/x86/sgx/encl.lds      |  33 ++
> >   .../selftests/x86/sgx/encl_bootstrap.S        |  94 ++++
> >   tools/testing/selftests/x86/sgx/encl_piggy.S  |  18 +
> >   tools/testing/selftests/x86/sgx/encl_piggy.h  |  14 +
> >   tools/testing/selftests/x86/sgx/main.c        | 301 +++++++++++
> >   tools/testing/selftests/x86/sgx/sgx_call.S    |  49 ++
> >   tools/testing/selftests/x86/sgx/sgxsign.c     | 508 ++++++++++++++++++
> >   .../testing/selftests/x86/sgx/signing_key.pem |  39 ++
> >   12 files changed, 1173 insertions(+)
> >   create mode 100644 tools/testing/selftests/x86/sgx/Makefile
> >   create mode 100644 tools/testing/selftests/x86/sgx/defines.h
> >   create mode 100644 tools/testing/selftests/x86/sgx/encl.c
> >   create mode 100644 tools/testing/selftests/x86/sgx/encl.lds
> >   create mode 100644 tools/testing/selftests/x86/sgx/encl_bootstrap.S
> >   create mode 100644 tools/testing/selftests/x86/sgx/encl_piggy.S
> >   create mode 100644 tools/testing/selftests/x86/sgx/encl_piggy.h
> >   create mode 100644 tools/testing/selftests/x86/sgx/main.c
> >   create mode 100644 tools/testing/selftests/x86/sgx/sgx_call.S
> >   create mode 100644 tools/testing/selftests/x86/sgx/sgxsign.c
> >   create mode 100644 tools/testing/selftests/x86/sgx/signing_key.pem
> > 
> > diff --git a/tools/testing/selftests/x86/Makefile b/tools/testing/selftests/x86/Makefile
> > index fa07d526fe39..a1831406fd01 100644
> > --- a/tools/testing/selftests/x86/Makefile
> > +++ b/tools/testing/selftests/x86/Makefile
> > @@ -1,4 +1,7 @@
> >   # SPDX-License-Identifier: GPL-2.0
> > +
> > +SUBDIRS_64 := sgx
> > +
> >   all:
> >   include ../lib.mk
> > @@ -68,6 +71,13 @@ all_32: $(BINARIES_32)
> >   all_64: $(BINARIES_64)
> > +all_64: $(SUBDIRS_64)
> 
> $(SUBDIRS_64) aren't targets. No need for all_64 to depend on them.
> 
> > +	@for DIR in $(SUBDIRS_64); do			\
> > +		BUILD_TARGET=$(OUTPUT)/$$DIR;		\
> > +		mkdir $$BUILD_TARGET  -p;		\
> > +		make OUTPUT=$$BUILD_TARGET -C $$DIR $@;	\
> 
> Please use $(MAKE), otherwise command line options cannot be passed onto
> sub-makes.
> 
> > +	done
> 
> The above only builds but will not run SGX tests.
> 
> Also, 'clean' target will not descend into sgx folder either.
> 
> > +
> >   EXTRA_CLEAN := $(BINARIES_32) $(BINARIES_64)
> >   $(BINARIES_32): $(OUTPUT)/%_32: %.c
> > diff --git a/tools/testing/selftests/x86/sgx/Makefile b/tools/testing/selftests/x86/sgx/Makefile
> > new file mode 100644
> > index 000000000000..10136b73096b
> > --- /dev/null
> > +++ b/tools/testing/selftests/x86/sgx/Makefile
> > @@ -0,0 +1,48 @@
> > +top_srcdir = ../../../../..
> > +
> > +include ../../lib.mk
> > +
> > +HOST_CFLAGS := -Wall -Werror -g $(INCLUDES) -fPIC -z noexecstack
> > +ENCL_CFLAGS := -Wall -Werror -static -nostdlib -nostartfiles -fPIC \
> > +	       -fno-stack-protector -mrdrnd $(INCLUDES)
> > +
> > +TEST_CUSTOM_PROGS := $(OUTPUT)/test_sgx
> > +all_64: $(TEST_CUSTOM_PROGS)
> > +
> > +$(TEST_CUSTOM_PROGS): $(OUTPUT)/main.o $(OUTPUT)/sgx_call.o \
> > +		      $(OUTPUT)/encl_piggy.o
> > +	$(CC) $(HOST_CFLAGS) -o $@ $^
> > +
> > +$(OUTPUT)/main.o: main.c
> > +	$(CC) $(HOST_CFLAGS) -c $< -o $@
> 
> .o files don't have to be generated/kept. And to be consistent with other
> selftests, please don't generate/keep them.
> 
> > +
> > +$(OUTPUT)/sgx_call.o: sgx_call.S
> > +	$(CC) $(HOST_CFLAGS) -c $< -o $@
> > +
> > +$(OUTPUT)/encl_piggy.o: $(OUTPUT)/encl.bin $(OUTPUT)/encl.ss
> > +	$(CC) $(HOST_CFLAGS) -c encl_piggy.S -o $@
> 
> Without -I, the above command breaks when "O=<target dir>" is specified.
> 
> > +
> > +$(OUTPUT)/encl.bin: $(OUTPUT)/encl.elf $(OUTPUT)/sgxsign
> > +	objcopy --remove-section=.got.plt -O binary $< $@
> 
> .got.plt section will never be present for statically linked binaries.
> 
> > +
> > +$(OUTPUT)/encl.elf: $(OUTPUT)/encl.o $(OUTPUT)/encl_bootstrap.o
> > +	$(CC) $(ENCL_CFLAGS) -T encl.lds -o $@ $^
> 
> Please fix the warning of ".note.gnu.build-id section discarded".
> 
> > +
> > +$(OUTPUT)/encl.o: encl.c
> > +	$(CC) $(ENCL_CFLAGS) -c $< -o $@
> > +
> > +$(OUTPUT)/encl_bootstrap.o: encl_bootstrap.S
> > +	$(CC) $(ENCL_CFLAGS) -c $< -o $@
> > +
> > +$(OUTPUT)/encl.ss: $(OUTPUT)/encl.bin  $(OUTPUT)/sgxsign
> > +	$(OUTPUT)/sgxsign signing_key.pem $(OUTPUT)/encl.bin $(OUTPUT)/encl.ss
> > +
> > +$(OUTPUT)/sgxsign: sgxsign.c
> > +	$(CC) -o $@ $< -lcrypto
> > +
> > +EXTRA_CLEAN := $(OUTPUT)/sgx-selftest $(OUTPUT)/sgx-selftest.o \
> > +	       $(OUTPUT)/sgx_call.o $(OUTPUT)/encl.bin $(OUTPUT)/encl.ss \
> > +	       $(OUTPUT)/encl.elf $(OUTPUT)/encl.o $(OUTPUT)/encl_bootstrap.o \
> > +	       $(OUTPUT)/sgxsign
> > +
> 
> encl_piggy.o, main.o and test_sgx are not cleaned.
> 
> > +.PHONY: clean

Thanks. Probably have to construct a patch set for selftest fixes
with one patch for each issue.

/Jarkko

  reply index

Thread overview: 51+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-13 17:07 [PATCH v21 00/28] Intel SGX foundations Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 01/28] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 02/28] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 03/28] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 04/28] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 05/28] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 06/28] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 07/28] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 08/28] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen
2019-07-24 19:35   ` Sean Christopherson
2019-08-02 20:48     ` Jarkko Sakkinen
2019-08-07 15:17     ` Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 09/28] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 10/28] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 11/28] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 12/28] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 13/28] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 14/28] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 15/28] mm: Introduce vm_ops->may_mprotect() Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver Jarkko Sakkinen
2019-07-29 11:17   ` Ayoun, Serge
2019-08-07 15:15     ` Jarkko Sakkinen
2019-08-07 15:17       ` Jarkko Sakkinen
2019-08-07 16:45         ` Jethro Beekman
2019-08-08 15:40       ` Sean Christopherson
2019-08-09 15:02         ` Jarkko Sakkinen
2019-08-09 15:24           ` Sean Christopherson
2019-08-05 16:16   ` Sean Christopherson
2019-08-05 21:39     ` Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 17/28] x86/sgx: Add provisioning Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 18/28] x86/sgx: Add swapping code to the core and SGX driver Jarkko Sakkinen
2019-08-07  6:33   ` Jethro Beekman
2019-08-07 19:12     ` Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 19/28] x86/sgx: ptrace() support for the " Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 20/28] x86/vdso: Add support for exception fixup in vDSO functions Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 21/28] x86/fault: Add helper function to sanitize error code Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 22/28] x86/traps: Attempt to fixup exceptions in vDSO before signaling Jarkko Sakkinen
2019-07-13 17:07 ` [PATCH v21 23/28] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions Jarkko Sakkinen
2019-07-17 22:07   ` Xing, Cedric
2019-07-13 17:08 ` [PATCH v21 24/28] selftests/x86: Add a selftest for SGX Jarkko Sakkinen
2019-07-17 22:37   ` Xing, Cedric
2019-08-02 20:46     ` Jarkko Sakkinen [this message]
2019-08-16 15:43     ` Jarkko Sakkinen
2019-08-16 15:51       ` Jarkko Sakkinen
2019-08-16 16:56     ` Jarkko Sakkinen
2019-07-13 17:08 ` [PATCH v21 25/28] x86/sgx: Update MAINTAINERS Jarkko Sakkinen
2019-07-13 17:08 ` [PATCH v21 26/28] docs: x86/sgx: Add Architecture documentation Jarkko Sakkinen
2019-07-13 17:08 ` [PATCH v21 27/28] docs: x86/sgx: Document kernel internals Jarkko Sakkinen
2019-07-13 17:08 ` [PATCH v21 28/28] docs: x86/sgx: Document the enclave API Jarkko Sakkinen
2019-07-14 14:36 ` [PATCH v21 00/28] Intel SGX foundations Jarkko Sakkinen
2019-08-07  6:40   ` Jethro Beekman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190802204653.hsfd55zu2pp5vun7@linux.intel.com \
    --to=jarkko.sakkinen@linux.intel.com \
    --cc=akpm@linux-foundation.org \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=cedric.xing@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=haitao.huang@intel.com \
    --cc=josh@joshtriplett.org \
    --cc=kai.huang@intel.com \
    --cc=kai.svahn@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-sgx@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=nhorman@redhat.com \
    --cc=npmccallum@redhat.com \
    --cc=rientjes@google.com \
    --cc=sean.j.christopherson@intel.com \
    --cc=serge.ayoun@intel.com \
    --cc=shay.katz-zamir@intel.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git
	git clone --mirror https://lore.kernel.org/lkml/9 lkml/git/9.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git