@@ -36,4 +36,32 @@ typedef uint64_t u64;
#include "../../../../../arch/x86/kernel/cpu/sgx/arch.h"
#include "../../../../../arch/x86/include/uapi/asm/sgx.h"
+/* Used to tack on unused data to the enclave to test reclaim and replicate. */
+#define SGX_SELFTEST_FILL_VALUE 0xcc
+
+static inline uint64_t get_epc_size(void)
+{
+ uint32_t eax, ebx, ecx, edx;
+ uint64_t size = 0;
+ int i;
+
+ for (i = 2; ; i++) {
+ asm volatile("cpuid"
+ : "=a"(eax), "=b"(ebx), "=c"(ecx), "=d"(edx)
+ : "a"(0x12), "c"(i));
+
+ if ((eax & SGX_CPUID_SUB_LEAF_TYPE_MASK) !=
+ SGX_CPUID_SUB_LEAF_EPC_SECTION)
+ break;
+
+ size += ((ecx & 0xfffff000UL) | ((uint64_t)edx << 32));
+ }
+ return size;
+}
+
+static inline uint64_t get_fill_size(void)
+{
+ return get_epc_size() * 2;
+}
+
#endif /* TYPES_H */
@@ -198,6 +198,8 @@ static bool encl_add_pages(int dev_fd, unsigned long offset, void *data,
static bool encl_build(struct sgx_secs *secs, void *bin,
unsigned long bin_size, struct sgx_sigstruct *sigstruct)
{
+ uint8_t fill_page[PAGE_SIZE] __aligned(4096);
+ uint64_t fill_size = get_fill_size();
struct sgx_enclave_init ioc;
void *addr;
int dev_fd;
@@ -209,12 +211,16 @@ static bool encl_build(struct sgx_secs *secs, void *bin,
return false;
}
- if (!encl_create(dev_fd, bin_size, secs))
+ if (!encl_create(dev_fd, bin_size + fill_size, secs))
goto out_dev_fd;
+ memset(fill_page, SGX_SELFTEST_FILL_VALUE, PAGE_SIZE);
+
encl_add_pages(dev_fd, 0, bin, 1, SGX_SECINFO_TCS, 0);
encl_add_pages(dev_fd, PAGE_SIZE, bin + PAGE_SIZE,
(bin_size / PAGE_SIZE) - 1, SGX_REG_PAGE_FLAGS, 0);
+ encl_add_pages(dev_fd, bin_size, fill_page, fill_size / PAGE_SIZE,
+ SGX_REG_PAGE_FLAGS, SGX_ADD_PAGES_REPLICATE_SRC);
ioc.sigstruct = (uint64_t)sigstruct;
rc = ioctl(dev_fd, SGX_IOC_ENCLAVE_INIT, &ioc);
@@ -231,8 +231,9 @@ static bool measure_encl(const char *path, uint8_t *mrenclave)
struct stat sb;
EVP_MD_CTX *ctx;
uint64_t flags;
- uint64_t offset;
+ uint64_t offset, i;
uint8_t data[0x1000];
+ uint64_t fill_size;
int rc;
ctx = EVP_MD_CTX_create();
@@ -257,7 +258,9 @@ static bool measure_encl(const char *path, uint8_t *mrenclave)
goto out;
}
- if (!mrenclave_ecreate(ctx, sb.st_size))
+ fill_size = get_fill_size();
+
+ if (!mrenclave_ecreate(ctx, sb.st_size + fill_size))
goto out;
for (offset = 0; offset < sb.st_size; offset += 0x1000) {
@@ -280,6 +283,19 @@ static bool measure_encl(const char *path, uint8_t *mrenclave)
goto out;
}
+ memset(data, SGX_SELFTEST_FILL_VALUE, 0x1000);
+
+ for (i = 0; i < fill_size; i += 0x1000) {
+ flags = SGX_SECINFO_REG |
+ SGX_SECINFO_R | SGX_SECINFO_W | SGX_SECINFO_X;
+
+ if (!mrenclave_eadd(ctx, offset + i, flags))
+ goto out;
+
+ if (!mrenclave_eextend(ctx, offset + i, data))
+ goto out;
+ }
+
if (!mrenclave_commit(ctx, mrenclave))
goto out;
Pad 2*epc_size bytes to the end of the selftest enclave to test basic reclaim functionality, and use the new replicate flag when adding the pages. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> --- tools/testing/selftests/x86/sgx/defines.h | 28 +++++++++++++++++++++++ tools/testing/selftests/x86/sgx/main.c | 8 ++++++- tools/testing/selftests/x86/sgx/sgxsign.c | 20 ++++++++++++++-- 3 files changed, 53 insertions(+), 3 deletions(-)