On Tue, Jun 16, 2020 at 11:09:58PM +0300, Jarkko Sakkinen wrote: > On Wed, Jun 10, 2020 at 01:59:03PM -0700, Sean Christopherson wrote: > > On Mon, Jun 01, 2020 at 10:51:57AM +0300, Jarkko Sakkinen wrote: > > > v29: > > > * The selftest has been moved to selftests/sgx. Because SGX is an execution > > > environment of its own, it really isn't a great fit with more "standard" > > > x86 tests. > > > > > > The RSA key is now generated on fly and the whole signing process has > > > been made as part of the enclave loader instead of signing the enclave > > > during the compilation time. > > > > > > Finally, the enclave loader loads now the test enclave directly from its > > > ELF file, which means that ELF file does not need to be coverted as raw > > > binary during the build process. > > > > Something in the above rework broke the selftest. I'm getting intermittent > > EINIT failures with SGX_INVALID_SIGNATURE. I'm guessing it's related to > > the dynamic RSA key generation, e.g. only ~15% of runs fail. Verified that > > v29 selftest fails and v28 passes. My internal tests also pass, i.e. it's > > all but guaranteed to be a selftest issue, not a kernel issue. > > > > Jarkko, I don't have bandwidth to dig into this right now, hopefully this > > reproduces in your environment. Let me know if that's not the case. > > I haven't experienced but I'll try to stress test it. > > Just to know how complex test should reproduce your issue, can you > reproduce the issue by running the selftest sequentially in a loop or > do I need to do something more complex than that? I didn't even get that complex, just running the selftest manually will eventually fail for me, e.g. the first failure I saw was a one-off run of the selftest.
