Hi,
This is the fourth iteration of a patch series to ensure that all SGX selftests
succeed when compiling with optimizations (as tested with -O{0,1,2,3,s} for
both gcc 11.3.0 and clang 14.0.0). The aim of the patches is to avoid reliance
on undefined, compiler-specific behavior that can make the test results
fragile.
This series appends 4 new commits compared to the previous series (do let me
know if appending commits to this series is not the preferred way to handle
these?):
1. Another fix for possibly uninitialized pointer dereferences in
encl_get_entry. Note that this was only brought up as a compiler warning
when compiling the loader itself (i.e., not only the enclave) with
optimizations. Also not that the uninitialized pointers shouldn't show up
for "well-formed" enclave ELF files that properly contain a symbol table
section, but I considered it is nevertheless good practice to harden the
code against this (unlikely) case.
2. Split off the ".dyn*" and ".gnu.hash" discarding in a separate commit, as
suggested by Kay [1].
3. Split off the removal of the redundant push/pop pair in a separate commit,
as suggested by Kai [2].
4. Remove all (incomplete) CPU register cleansing assembly code on enclave
exit, reflecting earlier discussions that highlight that the test enclave
should *not* be confused with exemplary, security-hardened enclave code, and
in line with Dave's suggestion to make the test enclave more *obviously*
insecure [3].
If useful, I can also include an elementary wrapper shell script to compile and
run the tests for different compilers (gcc/clang) and optimization levels.
Reference output below:
.. Testing gcc -O0 [OK]
.. Testing gcc -O1 [OK]
.. Testing gcc -O2 [OK]
.. Testing gcc -O3 [OK]
.. Testing gcc -Os [OK]
.. Testing gcc -Ofast [OK]
.. Testing gcc -Og [OK]
.. Testing clang -O0 [OK]
.. Testing clang -O1 [OK]
.. Testing clang -O2 [OK]
.. Testing clang -O3 [OK]
.. Testing clang -Os [OK]
.. Testing clang -Ofast [OK]
.. Testing clang -Og [OK]
Changelog
---------
v4
- Remove redundant -nostartfiles compiler flag (Jarkko)
- Split dynamic symbol table removal in separate commit (Kai)
- Split redundant push/pop elimination in separate commit (Kai)
- Remove (incomplete) register cleansing on enclave exit
- Fix possibly uninitialized pointer dereferences in load.c
v3
- Refactor encl_op_array declaration and indexing (Jarkko)
- Annotate encl_buffer with "used" attribute (Kai)
- Split encl_buffer size and placement commits (Kai)
v2
- Add additional check for NULL pointer (Kai)
- Refine to produce proper static-pie executable
- Fix linker script assertions
- Specify memory clobber for inline asm instead of volatile (Kai)
- Clarify why encl_buffer non-static (Jarkko, Kai)
- Clarify -ffreestanding (Jarkko)
References
----------
[1] https://lore.kernel.org/all/90ad8638bc1c26505e33b3f436fdbc22c8d74ba9.camel@xxxxxxxxx/
[2] https://lore.kernel.org/all/71ad6389da7db8541dada0276db33f98e2a4fdcf.camel@xxxxxxxxx/
[3] https://lore.kernel.org/all/da0cfb1e-e347-f7f2-ac72-aec0ee0d867d@xxxxxxxxx/
Best,
Jo
Jo Van Bulck (13):
selftests/sgx: Fix uninitialized pointer dereference in error path
selftests/sgx: Produce static-pie executable for test enclave
selftests/sgx: Handle relocations in test enclave
selftests/sgx: Fix linker script asserts
selftests/sgx: Include memory clobber for inline asm in test enclave
selftests/sgx: Ensure test enclave buffer is entirely preserved
selftests/sgx: Ensure expected location of test enclave buffer
selftests/sgx: Separate linker options
selftests/sgx: Specify freestanding environment for enclave
compilation
selftests/sgx: Fix uninitialized pointer dereferences
selftests/sgx: Discard unsupported ELF sections
selftests/sgx: Remove redundant enclave base address save/restore
selftests/sgx: Remove incomplete ABI sanitization code in test enclave
tools/testing/selftests/sgx/Makefile | 14 ++--
tools/testing/selftests/sgx/defines.h | 2 +
tools/testing/selftests/sgx/load.c | 9 ++-
tools/testing/selftests/sgx/sigstruct.c | 5 +-
tools/testing/selftests/sgx/test_encl.c | 65 ++++++++++++-------
tools/testing/selftests/sgx/test_encl.lds | 10 +--
.../selftests/sgx/test_encl_bootstrap.S | 28 +++-----
7 files changed, 76 insertions(+), 57 deletions(-)
--
2.25.1
