On Wed, 2021-09-15 at 13:31 -0700, Reinette Chatre wrote:
> The Enclave Page Cache Map (EPCM) is a secure structure used by the
> processor to track the contents of the enclave page cache. The EPCM
> contains permissions with which enclave pages can be accessed. SGX
> support allows EPCM and PTE page permissions to differ - as long as
> the PTE permissions do not exceed the EPCM permissions.
>
> Add a test to ensure that (1) PTE permissions can be changed as long as
> they do not exceed EPCM permissions, and (2) even if EPCM permissions
> allow a page to be written to, if the PTE permissions do not then a #PF
> should be generated when attempting to write to a (from PTE perspective)
> read-only page.
>
> This introduces the first test of SGX exception handling. In this test
> the issue that caused the exception (PTE page permissions) can be fixed
> from outside the enclave and after doing so it is possible to re-enter
> enclave at original entrypoint with ERESUME.
>
> Signed-off-by: Reinette Chatre <reinette.chatre@xxxxxxxxx>
> ---
> tools/testing/selftests/sgx/defines.h | 14 +++
> tools/testing/selftests/sgx/main.c | 134 ++++++++++++++++++++++++
> tools/testing/selftests/sgx/test_encl.c | 21 ++++
> 3 files changed, 169 insertions(+)
>
> diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h
> index 9ea0c7882dfb..0bbda6f0c7d3 100644
> --- a/tools/testing/selftests/sgx/defines.h
> +++ b/tools/testing/selftests/sgx/defines.h
> @@ -21,6 +21,8 @@
> enum encl_op_type {
> ENCL_OP_PUT_TO_BUFFER,
> ENCL_OP_GET_FROM_BUFFER,
> + ENCL_OP_PUT_TO_ADDRESS,
> + ENCL_OP_GET_FROM_ADDRESS,
> ENCL_OP_MAX,
> };
>
> @@ -38,4 +40,16 @@ struct encl_op_get_from_buf {
> uint64_t value;
> };
>
> +struct encl_op_put_to_addr {
> + struct encl_op_header header;
> + uint64_t value;
> + uint64_t addr;
> +};
> +
> +struct encl_op_get_from_addr {
> + struct encl_op_header header;
> + uint64_t value;
> + uint64_t addr;
> +};
> +
> #endif /* DEFINES_H */
> diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
> index 3eb9b89ece5f..308cf09ab02a 100644
> --- a/tools/testing/selftests/sgx/main.c
> +++ b/tools/testing/selftests/sgx/main.c
> @@ -21,6 +21,7 @@
> #include "main.h"
>
> static const uint64_t MAGIC = 0x1122334455667788ULL;
> +static const uint64_t MAGIC2 = 0x8877665544332211ULL;
> vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave;
>
> struct vdso_symtab {
> @@ -107,6 +108,25 @@ static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name)
> return NULL;
> }
>
> +/*
> + * Return the offset in the enclave where the data segment can be found.
> + * The first RW segment loaded is the TCS, skip that to get info on the
> + * data segment.
> + */
> +static off_t encl_get_data_offset(struct encl *encl)
> +{
> + int i;
> +
> + for (i = 0; i < encl->nr_segments; i++) {
> + struct encl_segment *seg = &encl->segment_tbl[i];
> +
> + if (i != 0 && seg->prot == (PROT_READ | PROT_WRITE))
> + return seg->offset;
So, why not
for (i = 1; i < encl->nr_segments; i++)
?
> + }
> +
> + return -1;
> +}
> +
> FIXTURE(enclave) {
> struct encl encl;
> struct sgx_enclave_run run;
> @@ -373,4 +393,118 @@ TEST_F(enclave, clobbered_vdso_and_user_function)
> EXPECT_EQ(self->run.user_data, 0);
> }
>
> +/*
> + * Second page of .data segment is used to test changing PTE permissions.
> + * This spans the local encl_buffer within the test enclave.
> + *
> + * 1) Start with a sanity check: a value is written to the target page within
> + * the enclave and read back to ensure target page can be written to.
> + * 2) Change PTE permissions (RW -> RO) of target page within enclave.
> + * 3) Repeat (1) - this time expecting a regular #PF communicated via the
> + * vDSO.
> + * 4) Change PTE permissions of target page within enclave back to be RW.
> + * 5) Repeat (1) by resuming enclave, now expected to be possible to write to
> + * and read from target page within enclave.
> + */
> +TEST_F(enclave, pte_permissions)
> +{
> + struct encl_op_get_from_addr get_addr_op;
> + struct encl_op_put_to_addr put_addr_op;
> + unsigned long data_start;
> + int ret;
> +
> + ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata));
> +
> + memset(&self->run, 0, sizeof(self->run));
> + self->run.tcs = self->encl.encl_base;
> +
> + data_start = self->encl.encl_base +
> + encl_get_data_offset(&self->encl) +
> + PAGE_SIZE;
> +
> + /*
> + * Sanity check to ensure it is possible to write to page that will
> + * have its permissions manipulated.
> + */
> +
> + /* Write MAGIC to page */
> + put_addr_op.value = MAGIC;
> + put_addr_op.addr = data_start;
> + put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS;
> +
> + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0);
> +
> + EXPECT_EEXIT(&self->run);
> + EXPECT_EQ(self->run.exception_vector, 0);
> + EXPECT_EQ(self->run.exception_error_code, 0);
> + EXPECT_EQ(self->run.exception_addr, 0);
> +
> + /*
> + * Read memory that was just written to, confirming that it is the
> + * value previously written (MAGIC).
> + */
> + get_addr_op.value = 0;
> + get_addr_op.addr = data_start;
> + get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS;
> +
> + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0);
> +
> + EXPECT_EQ(get_addr_op.value, MAGIC);
> + EXPECT_EEXIT(&self->run);
> + EXPECT_EQ(self->run.exception_vector, 0);
> + EXPECT_EQ(self->run.exception_error_code, 0);
> + EXPECT_EQ(self->run.exception_addr, 0);
> +
> + /* Change PTE permissions of target page within the enclave */
> + ret = mprotect((void *)data_start, PAGE_SIZE, PROT_READ);
> + if (ret)
> + perror("mprotect");
> +
> + /*
> + * PTE permissions of target page changed to read-only, EPCM
> + * permissions unchanged (EPCM permissions are RW), attempt to
> + * write to the page, expecting a regular #PF.
> + */
> +
> + put_addr_op.value = MAGIC2;
> +
> + EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0);
> +
> + EXPECT_EQ(self->run.exception_vector, 14);
> + EXPECT_EQ(self->run.exception_error_code, 0x7);
> + EXPECT_EQ(self->run.exception_addr, data_start);
> +
> + self->run.exception_vector = 0;
> + self->run.exception_error_code = 0;
> + self->run.exception_addr = 0;
> +
> + /*
> + * Change PTE permissions back to enable enclave to write to the
> + * target page and resume enclave - do not expect any exceptions this
> + * time.
> + */
> + ret = mprotect((void *)data_start, PAGE_SIZE, PROT_READ | PROT_WRITE);
> + if (ret)
> + perror("mprotect");
> +
> + EXPECT_EQ(vdso_sgx_enter_enclave((unsigned long)&put_addr_op, 0,
> + 0, ERESUME, 0, 0, &self->run),
> + 0);
> +
> + EXPECT_EEXIT(&self->run);
> + EXPECT_EQ(self->run.exception_vector, 0);
> + EXPECT_EQ(self->run.exception_error_code, 0);
> + EXPECT_EQ(self->run.exception_addr, 0);
> +
> + get_addr_op.value = 0;
> +
> + EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0);
> +
> + EXPECT_EQ(get_addr_op.value, MAGIC2);
> + EXPECT_EEXIT(&self->run);
> + EXPECT_EQ(self->run.exception_vector, 0);
> + EXPECT_EQ(self->run.exception_error_code, 0);
> + EXPECT_EQ(self->run.exception_addr, 0);
> +}
> +
> TEST_HARNESS_MAIN
> diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c
> index 4e8da738173f..5d86e3e6456a 100644
> --- a/tools/testing/selftests/sgx/test_encl.c
> +++ b/tools/testing/selftests/sgx/test_encl.c
> @@ -4,6 +4,11 @@
> #include <stddef.h>
> #include "defines.h"
>
> +/*
> + * Data buffer spanning two pages that will be placed first in .data
> + * segment. Even if not used internally the second page is needed by
> + * external test manipulating page permissions.
> + */
> static uint8_t encl_buffer[8192] = { 1 };
>
> static void *memcpy(void *dest, const void *src, size_t n)
> @@ -30,11 +35,27 @@ static void do_encl_op_get_from_buf(void *op)
> memcpy(&op2->value, &encl_buffer[0], 8);
> }
>
> +static void do_encl_op_put_to_addr(void *_op)
> +{
> + struct encl_op_put_to_addr *op = _op;
> +
> + memcpy((void *)op->addr, &op->value, 8);
> +}
> +
> +static void do_encl_op_get_from_addr(void *_op)
> +{
> + struct encl_op_get_from_addr *op = _op;
> +
> + memcpy(&op->value, (void *)op->addr, 8);
> +}
> +
> void encl_body(void *rdi, void *rsi)
> {
> const void (*encl_op_array[ENCL_OP_MAX])(void *) = {
> do_encl_op_put_to_buf,
> do_encl_op_get_from_buf,
> + do_encl_op_put_to_addr,
> + do_encl_op_get_from_addr,
> };
>
> struct encl_op_header *op = (struct encl_op_header *)rdi;
/Jarkko
