git.kernel.dk Git - linux-2.6-block.git/commit

author	Reinette Chatre <reinette.chatre@intel.com>
	Mon, 15 Nov 2021 18:35:24 +0000 (10:35 -0800)
committer	Dave Hansen <dave.hansen@linux.intel.com>
	Mon, 15 Nov 2021 19:34:13 +0000 (11:34 -0800)
commit	abc5cec4735080d12d644c2d39f96cf98c0a367c
tree	aced6266c92db59651b9cc7ab725c9fb6edc96ff	tree \| snapshot
parent	c085dfc7685c8c36698b851b03990b75a3226e97	commit \| diff

selftests/sgx: Add page permission and exception test

The Enclave Page Cache Map (EPCM) is a secure structure used by the
processor to track the contents of the enclave page cache. The EPCM
contains permissions with which enclave pages can be accessed. SGX
support allows EPCM and PTE page permissions to differ - as long as
the PTE permissions do not exceed the EPCM permissions.

Add a test that:
(1) Creates an SGX enclave page with writable EPCM permission.
(2) Changes the PTE permission on the page to read-only. This should
    be permitted because the permission does not exceed the EPCM
    permission.
(3) Attempts a write to the page. This should generate a page fault
    (#PF) because of the read-only PTE even though the EPCM
    permissions allow the page to be written to.

This introduces the first test of SGX exception handling. In this test
the issue that caused the exception (PTE page permissions) can be fixed
from outside the enclave and after doing so it is possible to re-enter
enclave at original entrypoint with ERESUME.

Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Acked-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://lkml.kernel.org/r/3bcc73a4b9fe8780bdb40571805e7ced59e01df7.1636997631.git.reinette.chatre@intel.com

tools/testing/selftests/sgx/defines.h		diff \| blob \| blame \| history
tools/testing/selftests/sgx/main.c		diff \| blob \| blame \| history
tools/testing/selftests/sgx/test_encl.c		diff \| blob \| blame \| history