summarylogtreecommitdiffstats
path: root/0032-selftests-sgx-Page-removal-stress-test.patch
diff options
context:
space:
mode:
Diffstat (limited to '0032-selftests-sgx-Page-removal-stress-test.patch')
-rw-r--r--0032-selftests-sgx-Page-removal-stress-test.patch156
1 files changed, 156 insertions, 0 deletions
diff --git a/0032-selftests-sgx-Page-removal-stress-test.patch b/0032-selftests-sgx-Page-removal-stress-test.patch
new file mode 100644
index 000000000000..538943044a94
--- /dev/null
+++ b/0032-selftests-sgx-Page-removal-stress-test.patch
@@ -0,0 +1,156 @@
+From b8bce2280c7d601d875229921cc6126ac55e84c3 Mon Sep 17 00:00:00 2001
+From: Reinette Chatre <reinette.chatre@intel.com>
+Date: Mon, 7 Feb 2022 16:45:54 -0800
+Subject: [PATCH 32/34] selftests/sgx: Page removal stress test
+
+Create enclave with additional heap that consumes all physical SGX
+memory and then remove it.
+
+Depending on the available SGX memory this test could take a
+significant time to run (several minutes) as it (1) creates the
+enclave, (2) changes the type of every page to be trimmed,
+(3) enters the enclave once per page to run EACCEPT, before
+(4) the pages are finally removed.
+
+Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
+---
+ tools/testing/selftests/sgx/main.c | 122 +++++++++++++++++++++++++++++
+ 1 file changed, 122 insertions(+)
+
+diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
+index 4fe5a0324c97..22abda2696e2 100644
+--- a/tools/testing/selftests/sgx/main.c
++++ b/tools/testing/selftests/sgx/main.c
+@@ -378,7 +378,129 @@ TEST_F(enclave, unclobbered_vdso_oversubscribed)
+ EXPECT_EQ(get_op.value, MAGIC);
+ EXPECT_EEXIT(&self->run);
+ EXPECT_EQ(self->run.user_data, 0);
++}
++
++TEST_F_TIMEOUT(enclave, unclobbered_vdso_oversubscribed_remove, 900)
++{
++ struct sgx_enclave_remove_pages remove_ioc;
++ struct encl_op_get_from_buf get_op;
++ struct encl_op_eaccept eaccept_op;
++ struct encl_op_put_to_buf put_op;
++ struct sgx_enclave_modt modt_ioc;
++ struct sgx_secinfo secinfo;
++ struct encl_segment *heap;
++ unsigned long total_mem;
++ int ret, errno_save;
++ unsigned long addr;
++ unsigned long i;
++
++ /*
++ * Create enclave with additional heap that is as big as all
++ * available physical SGX memory.
++ */
++ total_mem = get_total_epc_mem();
++ ASSERT_NE(total_mem, 0);
++ TH_LOG("Creating an enclave with %lu bytes heap may take a while ...",
++ total_mem);
++ ASSERT_TRUE(setup_test_encl(total_mem, &self->encl, _metadata));
++
++ /*
++ * Hardware (SGX2) and kernel support is needed for this test. Start
++ * with check that test has a chance of succeeding.
++ */
++ memset(&modt_ioc, 0, sizeof(modt_ioc));
++ ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPE, &modt_ioc);
++
++ if (ret == -1) {
++ if (errno == ENOTTY)
++ SKIP(return, "Kernel does not support SGX_IOC_ENCLAVE_MODIFY_TYPE ioctl()");
++ else if (errno == ENODEV)
++ SKIP(return, "System does not support SGX2");
++ }
++
++ /*
++ * Invalid parameters were provided during sanity check,
++ * expect command to fail.
++ */
++ EXPECT_EQ(ret, -1);
++
++ /* SGX2 is supported by kernel and hardware, test can proceed. */
++ memset(&self->run, 0, sizeof(self->run));
++ self->run.tcs = self->encl.encl_base;
++
++ heap = &self->encl.segment_tbl[self->encl.nr_segments - 1];
++
++ put_op.header.type = ENCL_OP_PUT_TO_BUFFER;
++ put_op.value = MAGIC;
++
++ EXPECT_EQ(ENCL_CALL(&put_op, &self->run, false), 0);
++
++ EXPECT_EEXIT(&self->run);
++ EXPECT_EQ(self->run.user_data, 0);
++
++ get_op.header.type = ENCL_OP_GET_FROM_BUFFER;
++ get_op.value = 0;
++
++ EXPECT_EQ(ENCL_CALL(&get_op, &self->run, false), 0);
++
++ EXPECT_EQ(get_op.value, MAGIC);
++ EXPECT_EEXIT(&self->run);
++ EXPECT_EQ(self->run.user_data, 0);
++
++ /* Trim entire heap. */
++ memset(&modt_ioc, 0, sizeof(modt_ioc));
++ memset(&secinfo, 0, sizeof(secinfo));
++
++ secinfo.flags = SGX_PAGE_TYPE_TRIM << 8;
++ modt_ioc.offset = heap->offset;
++ modt_ioc.length = heap->size;
++ modt_ioc.secinfo = (unsigned long)&secinfo;
++
++ TH_LOG("Changing type of %zd bytes to trimmed may take a while ...",
++ heap->size);
++ ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPE, &modt_ioc);
++ errno_save = ret == -1 ? errno : 0;
++
++ EXPECT_EQ(ret, 0);
++ EXPECT_EQ(errno_save, 0);
++ EXPECT_EQ(modt_ioc.result, 0);
++ EXPECT_EQ(modt_ioc.count, heap->size);
++
++ /* EACCEPT all removed pages. */
++ addr = self->encl.encl_base + heap->offset;
++
++ eaccept_op.flags = SGX_SECINFO_TRIM | SGX_SECINFO_MODIFIED;
++ eaccept_op.header.type = ENCL_OP_EACCEPT;
++
++ TH_LOG("Entering enclave to run EACCEPT for each page of %zd bytes may take a while ...",
++ heap->size);
++ for (i = 0; i < heap->size; i += 4096) {
++ eaccept_op.epc_addr = addr + i;
++ eaccept_op.ret = 0;
+
++ EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0);
++
++ EXPECT_EQ(self->run.exception_vector, 0);
++ EXPECT_EQ(self->run.exception_error_code, 0);
++ EXPECT_EQ(self->run.exception_addr, 0);
++ ASSERT_EQ(eaccept_op.ret, 0);
++ ASSERT_EQ(self->run.function, EEXIT);
++ }
++
++ /* Complete page removal. */
++ memset(&remove_ioc, 0, sizeof(remove_ioc));
++
++ remove_ioc.offset = heap->offset;
++ remove_ioc.length = heap->size;
++
++ TH_LOG("Removing %zd bytes from enclave may take a while ...",
++ heap->size);
++ ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc);
++ errno_save = ret == -1 ? errno : 0;
++
++ EXPECT_EQ(ret, 0);
++ EXPECT_EQ(errno_save, 0);
++ EXPECT_EQ(remove_ioc.count, heap->size);
+ }
+
+ TEST_F(enclave, clobbered_vdso)
+--
+2.35.1
+