Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.6.131 2024-02-05T20:14:32+00:00 2024-02-05T20:14:32+00:00 Jo Van Bulck jo.vanbulck@cs.kuleuven.be 2023-10-05T15:38:50+00:00 urn:sha1:10800685fd7d92bce55a9bb73f583bbd3e17a620 [ Upstream commit 9fd552ee32c6c1e27c125016b87d295bea6faea7 ] DEFINED only considers symbols, not section names. Hence, replace the check for .got.plt with the _GLOBAL_OFFSET_TABLE_ symbol and remove other (non-essential) asserts. Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/all/20231005153854.25566-10-jo.vanbulck%40cs.kuleuven.be Signed-off-by: Sasha Levin <sashal@kernel.org> 2024-01-25T23:35:52+00:00 Zhao Mengmeng zhaomengmeng@kylinos.cn 2023-12-06T02:56:05+00:00 urn:sha1:1075fafe8d3c62334a997608acfae23ac937c30f [ Upstream commit 981cf568a8644161c2f15c02278ebc2834b51ba6 ] When building whole selftests on arm64, rsync gives an erorr about sgx: rsync: [sender] link_stat "/root/linux-next/tools/testing/selftests/sgx/test_encl.elf" failed: No such file or directory (2) rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1327) [sender=3.2.5] The root casue is sgx only used on X86_64, and shall be skipped on other platforms. Fix this by moving TEST_CUSTOM_PROGS and TEST_FILES inside the if check, then the build result will be "Skipping non-existent dir: sgx". Fixes: 2adcba79e69d ("selftests/x86: Add a selftest for SGX") Signed-off-by: Zhao Mengmeng <zhaomengmeng@kylinos.cn> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/all/20231206025605.3965302-1-zhaomzhao%40126.com Signed-off-by: Sasha Levin <sashal@kernel.org> 2024-01-25T23:35:52+00:00 Jo Van Bulck jo.vanbulck@cs.kuleuven.be 2023-10-05T15:38:44+00:00 urn:sha1:88fe67d40044140210c15df100ce434515fbbf86 [ Upstream commit 853a57a43ebdb8c024160c1a0990bae85f4bcc2f ] Add the "memory" clobber to the EMODPE and EACCEPT asm blocks to tell the compiler the assembly code accesses to the secinfo struct. This ensures the compiler treats the asm block as a memory barrier and the write to secinfo will be visible to ENCLU. Fixes: 20404a808593 ("selftests/sgx: Add test for EPCM permission changes") Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Kai Huang <kai.huang@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/all/20231005153854.25566-4-jo.vanbulck%40cs.kuleuven.be Signed-off-by: Sasha Levin <sashal@kernel.org> 2024-01-25T23:35:52+00:00 Jo Van Bulck jo.vanbulck@cs.kuleuven.be 2023-10-05T15:38:43+00:00 urn:sha1:5a734a0ec4e3dc74550cd3b26dba22bfe63ac555 [ Upstream commit b84fc2e0139ba4b23b8039bd7cfd242894fe8f8b ] Ensure sym_tab and sym_names are zero-initialized and add an early-out condition in the unlikely (erroneous) case that the enclave ELF file would not contain a symbol table. This addresses -Werror=maybe-uninitialized compiler warnings for gcc -O2. Fixes: 33c5aac3bf32 ("selftests/sgx: Test complete changing of page type flow") Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lore.kernel.org/all/20231005153854.25566-3-jo.vanbulck%40cs.kuleuven.be Signed-off-by: Sasha Levin <sashal@kernel.org> 2024-01-25T23:35:52+00:00 Jo Van Bulck jo.vanbulck@cs.kuleuven.be 2023-10-05T15:38:42+00:00 urn:sha1:c4aee34ea772287acc0baaa0ce501a54370ed7c3 [ Upstream commit 79eba8c924f7decfa71ddf187d38cb9f5f2cd7b3 ] Ensure ctx is zero-initialized, such that the encl_measure function will not call EVP_MD_CTX_destroy with an uninitialized ctx pointer in case of an early error during key generation. Fixes: 2adcba79e69d ("selftests/x86: Add a selftest for SGX") Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Acked-by: Kai Huang <kai.huang@intel.com> Link: https://lore.kernel.org/all/20231005153854.25566-2-jo.vanbulck%40cs.kuleuven.be Signed-off-by: Sasha Levin <sashal@kernel.org> 2023-05-08T17:01:03+00:00 Yi Lai yi1.lai@intel.com 2023-04-21T03:31:23+00:00 urn:sha1:4b79f76920a49fc13766b95df1df1f4d700acbad The "test_encl.elf" file used by test_sgx is not installed in INSTALL_PATH. Attempting to execute test_sgx causes false negative: " enclave executable open(): No such file or directory main.c:188:unclobbered_vdso:Failed to load the test enclave. " Add "test_encl.elf" to TEST_FILES so that it will be installed. Fixes: 2adcba79e69d ("selftests/x86: Add a selftest for SGX") Signed-off-by: Yi Lai <yi1.lai@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> 2022-08-15T22:50:07+00:00 Kristen Carlson Accardi kristen@linux.intel.com 2022-08-12T18:07:13+00:00 urn:sha1:5f4d1fd5b5d3506759b5d9cf20bb5fb5b8bdcab1 OpenSSL 3.0 deprecates some of the functions used in the SGX selftests, causing build errors on new distros. For now ignore the warnings until support for the functions is no longer available and mark FIXME so that it can be clear this should be removed at some point. Signed-off-by: Kristen Carlson Accardi <kristen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org> 2022-07-07T17:13:05+00:00 Reinette Chatre reinette.chatre@intel.com 2022-05-10T18:09:07+00:00 urn:sha1:6507cce561b43b071999502103804e3dc1478e60 Create enclave with additional heap that consumes all physical SGX memory and then remove it. Depending on the available SGX memory this test could take a significant time to run (several minutes) as it (1) creates the enclave, (2) changes the type of every page to be trimmed, (3) enters the enclave once per page to run EACCEPT, before (4) the pages are finally removed. Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lkml.kernel.org/r/e7c6aa2ab30cb1c41e52b776958409c06970d168.1652137848.git.reinette.chatre@intel.com 2022-07-07T17:13:05+00:00 Reinette Chatre reinette.chatre@intel.com 2022-05-10T18:09:06+00:00 urn:sha1:08ceab2c37d32f422f8d98540656ee5a416ba729 Removing a page from an initialized enclave involves three steps: (1) the user requests changing the page type to PT_TRIM via the SGX_IOC_ENCLAVE_MODIFY_TYPES ioctl() (2) on success the ENCLU[EACCEPT] instruction is run from within the enclave to accept the page removal (3) the user initiates the actual removal of the page via the SGX_IOC_ENCLAVE_REMOVE_PAGES ioctl(). Remove a page that has never been accessed. This means that when the first ioctl() requesting page removal arrives, there will be no page table entry, yet a valid page table entry needs to exist for the ENCLU[EACCEPT] function to succeed. In this test it is verified that a page table entry can still be installed for a page that is in the process of being removed. Suggested-by: Haitao Huang <haitao.huang@intel.com> Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lkml.kernel.org/r/45e1b2a2fcd8c14597d04e40af5d8a9c1c5b017e.1652137848.git.reinette.chatre@intel.com 2022-07-07T17:13:04+00:00 Reinette Chatre reinette.chatre@intel.com 2022-05-10T18:09:05+00:00 urn:sha1:35c7e6dacb038e9311e98901d56bb1abd56f9ae0 Removing a page from an initialized enclave involves three steps: (1) the user requests changing the page type to SGX_PAGE_TYPE_TRIM via the SGX_IOC_ENCLAVE_MODIFY_TYPES ioctl(), (2) on success the ENCLU[EACCEPT] instruction is run from within the enclave to accept the page removal, (3) the user initiates the actual removal of the page via the SGX_IOC_ENCLAVE_REMOVE_PAGES ioctl(). Test two possible invalid accesses during the page removal flow: * Test the behavior when a request to remove the page by changing its type to SGX_PAGE_TYPE_TRIM completes successfully but instead of executing ENCLU[EACCEPT] from within the enclave the enclave attempts to read from the page. Even though the page is accessible from the page table entries its type is SGX_PAGE_TYPE_TRIM and thus not accessible according to SGX. The expected behavior is a page fault with the SGX flag set in the error code. * Test the behavior when the page type is changed successfully and ENCLU[EACCEPT] was run from within the enclave. The final ioctl(), SGX_IOC_ENCLAVE_REMOVE_PAGES, is omitted and replaced with an attempt to access the page. Even though the page is accessible from the page table entries its type is SGX_PAGE_TYPE_TRIM and thus not accessible according to SGX. The expected behavior is a page fault with the SGX flag set in the error code. Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> Link: https://lkml.kernel.org/r/189a86c25d6d62da7cfdd08ee97abc1a06fcc179.1652137848.git.reinette.chatre@intel.com