- Linux-kselftest-mirror - lists.linaro.org

Re: [PATCH 2/2 v7] rseq/selftests: test MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ

by Mathieu Desnoyers

[ Adding selftests maintainer and mailing list in CC. You should add them to the CC list of the selftests patches for the next round. ] ----- On Sep 15, 2020, at 2:55 PM, Peter Oskolkov posk(a)google.com wrote: > Based on Google-internal RSEQ work done by > Paul Turner and Andrew Hunter. > > This patch adds a selftest for MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ. > The test quite often fails without the previous patch in this patchset, > but consistently passes with it. Did you consider moving this test into tools/testing/selftests/rseq/param_test.c instead, and update the script "run_param_test.sh" accordingly ? You would leverage for free all the work I have done to insert configurable delay loops into the critical sections, which will very likely increase the likelihood of failure tremendously. Reproducible frequent and fast failure is really something we want to aim for here when a bug is hiding. > > v3: added rseq_offset_deref_addv() to x86_64 to make the test > more explicit; on other architectures I kept using existing > rseq_cmpeqv_cmpeqv_storev() as I have no easy way to test > there. Added a comment explaining why the test works this way. > v4: skipped the test if rseq_offset_deref_addv() is not present > (that is, on all architectures other than x86_64). > > Signed-off-by: Peter Oskolkov <posk(a)google.com> > --- > .../selftests/rseq/basic_percpu_ops_test.c | 187 ++++++++++++++++++ > tools/testing/selftests/rseq/rseq-x86.h | 57 ++++++ > 2 files changed, 244 insertions(+) > > diff --git a/tools/testing/selftests/rseq/basic_percpu_ops_test.c > b/tools/testing/selftests/rseq/basic_percpu_ops_test.c > index eb3f6db36d36..e6e10ba4b9ed 100644 > --- a/tools/testing/selftests/rseq/basic_percpu_ops_test.c > +++ b/tools/testing/selftests/rseq/basic_percpu_ops_test.c > @@ -3,16 +3,24 @@ > #include <assert.h> > #include <pthread.h> > #include <sched.h> > +#include <stdatomic.h> That would be the first time stdatomic.h is included in the kernel selftests. Do we want this dependency ? > #include <stdint.h> > #include <stdio.h> > #include <stdlib.h> > #include <string.h> > #include <stddef.h> > +#include <syscall.h> > +#include <unistd.h> > > #include "rseq.h" > > #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0])) > > +/* The local <linux/membarrier.h> may not contain the commands below. */ > +#define MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ (1<<7) > +#define MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_RSEQ (1<<8) > +#define MEMBARRIER_CMD_FLAG_CPU (1<<0) > + The usual way to build and run tests AFAIK is to do "make headers_install" first, and then build the tests against those headers. Therefore, when building the tests, the additional membarrier commands and flags should always be there. Please remove those duplicated preprocessor defines. > struct percpu_lock_entry { > intptr_t v; > } __attribute__((aligned(128))); > @@ -289,6 +297,183 @@ void test_percpu_list(void) > assert(sum == expected_sum); > } > > +struct test_membarrier_thread_args { > + int stop; > + intptr_t percpu_list_ptr; > +}; > + > +/* Worker threads modify data in their "active" percpu lists. */ > +void *test_membarrier_worker_thread(void *arg) > +{ > + struct test_membarrier_thread_args *args = > + (struct test_membarrier_thread_args *)arg; > + const int iters = 10 * 1000 * 1000; > + int i; > + > + if (rseq_register_current_thread()) { > + fprintf(stderr, "Error: rseq_register_current_thread(...) failed(%d): %s\n", > + errno, strerror(errno)); > + abort(); > + } > + > + /* Wait for initialization. */ > + while (!atomic_load(&args->percpu_list_ptr)) {} > + > + for (i = 0; i < iters; ++i) { > + int ret; > + > + do { > + int cpu = rseq_cpu_start(); > + > + ret = rseq_offset_deref_addv(&args->percpu_list_ptr, > + 128 * cpu, 1, cpu); That 128 happens to be related to: struct percpu_list_entry { struct percpu_list_node *head; } __attribute__((aligned(128))); struct percpu_list { struct percpu_list_entry c[CPU_SETSIZE]; }; Please don't hardcode numbers like that. Instead: + ret = rseq_offset_deref_addv(&args->percpu_list_ptr, + sizeof(struct percpu_list_entry) * cpu, 1, cpu); > + } while (rseq_unlikely(ret)); > + } > + > + if (rseq_unregister_current_thread()) { > + fprintf(stderr, "Error: rseq_unregister_current_thread(...) failed(%d): > %s\n", > + errno, strerror(errno)); > + abort(); > + } > + return NULL; > +} > + > +void test_membarrier_init_percpu_list(struct percpu_list *list) > +{ > + int i; > + > + memset(list, 0, sizeof(*list)); > + for (i = 0; i < CPU_SETSIZE; i++) { > + struct percpu_list_node *node; > + > + node = malloc(sizeof(*node)); > + assert(node); > + node->data = 0; > + node->next = NULL; > + list->c[i].head = node; > + } > +} > + > +void test_membarrier_free_percpu_list(struct percpu_list *list) > +{ > + int i; > + > + for (i = 0; i < CPU_SETSIZE; i++) > + free(list->c[i].head); > +} > + > +static int sys_membarrier(int cmd, int flags, int cpu_id) > +{ > + return syscall(__NR_membarrier, cmd, flags, cpu_id); > +} > + > +/* > + * The manager thread swaps per-cpu lists that worker threads see, > + * and validates that there are no unexpected modifications. > + */ > +void *test_membarrier_manager_thread(void *arg) > +{ > + struct test_membarrier_thread_args *args = > + (struct test_membarrier_thread_args *)arg; > + struct percpu_list list_a, list_b; > + intptr_t expect_a = 0, expect_b = 0; > + int cpu_a = 0, cpu_b = 0; > + > + if (rseq_register_current_thread()) { > + fprintf(stderr, "Error: rseq_register_current_thread(...) failed(%d): %s\n", > + errno, strerror(errno)); > + abort(); > + } > + > + /* Init lists. */ > + test_membarrier_init_percpu_list(&list_a); > + test_membarrier_init_percpu_list(&list_b); > + > + atomic_store(&args->percpu_list_ptr, (intptr_t)&list_a); > + > + while (!atomic_load(&args->stop)) { > + /* list_a is "active". */ > + cpu_a = rand() % CPU_SETSIZE; > + /* > + * As list_b is "inactive", we should never see changes > + * to list_b. > + */ > + if (expect_b != atomic_load(&list_b.c[cpu_b].head->data)) { > + fprintf(stderr, "Membarrier test failed\n"); > + abort(); > + } > + > + /* Make list_b "active". */ > + atomic_store(&args->percpu_list_ptr, (intptr_t)&list_b); > + sys_membarrier(MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ, > + MEMBARRIER_CMD_FLAG_CPU, cpu_a); missing error check. > + /* > + * Cpu A should now only modify list_b, so we values we -> the > + * in list_a should be stable. > + */ > + expect_a = atomic_load(&list_a.c[cpu_a].head->data); > + > + cpu_b = rand() % CPU_SETSIZE; > + /* > + * As list_a is "inactive", we should never see changes > + * to list_a. > + */ > + if (expect_a != atomic_load(&list_a.c[cpu_a].head->data)) { > + fprintf(stderr, "Membarrier test failed\n"); > + abort(); > + } > + > + /* Make list_a "active". */ > + atomic_store(&args->percpu_list_ptr, (intptr_t)&list_a); > + sys_membarrier(MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ, > + MEMBARRIER_CMD_FLAG_CPU, cpu_b); missing error check. > + /* Remember a value from list_b. */ > + expect_b = atomic_load(&list_b.c[cpu_b].head->data); > + } > + > + test_membarrier_free_percpu_list(&list_a); > + test_membarrier_free_percpu_list(&list_b); > + > + if (rseq_unregister_current_thread()) { > + fprintf(stderr, "Error: rseq_unregister_current_thread(...) failed(%d): > %s\n", > + errno, strerror(errno)); > + abort(); > + } > + return NULL; > +} > + > +/* Test MEMBARRIER_CMD_PRIVATE_RESTART_RSEQ_ON_CPU membarrier command. */ > +void test_membarrier(void) > +{ > +#ifndef RSEQ_ARCH_HAS_OFFSET_DEREF_ADDV Please lift the preprocessor conditional outside of the function, e.g.: #ifdef RSEQ_ARCH_HAS_OFFSET_DEREF_ADDV void test_membarrier(void) { [... code goes here...] } #else /* RSEQ_ARCH_HAS_OFFSET_DEREF_ADDV /* void test_membarrier(void) { } #endif /* RSEQ_ARCH_HAS_OFFSET_DEREF_ADDV */ > + fprintf(stderr, "rseq_offset_deref_addv is not implemented on this > architecture. " > + "Skipping membarrier test.\n"); > + return; > +#else > + struct test_membarrier_thread_args thread_args; > + pthread_t worker_threads[CPU_SETSIZE]; > + pthread_t manager_thread; > + int i; > + > + sys_membarrier(MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_RSEQ, 0, 0); Missing error handling. > + > + thread_args.stop = 0; > + thread_args.percpu_list_ptr = 0; > + pthread_create(&manager_thread, NULL, > + test_membarrier_manager_thread, &thread_args); > + > + for (i = 0; i < CPU_SETSIZE; i++) > + pthread_create(&worker_threads[i], NULL, > + test_membarrier_worker_thread, &thread_args); > + > + for (i = 0; i < CPU_SETSIZE; i++) > + pthread_join(worker_threads[i], NULL); > + > + atomic_store(&thread_args.stop, 1); > + pthread_join(manager_thread, NULL); Arguably the existing tests do not check pthread_* errors, but I guess it would not hurt to do so. > +#endif > +} > + > int main(int argc, char **argv) > { > if (rseq_register_current_thread()) { > @@ -300,6 +485,8 @@ int main(int argc, char **argv) > test_percpu_spinlock(); > printf("percpu_list\n"); > test_percpu_list(); > + printf("membarrier\n"); > + test_membarrier(); > if (rseq_unregister_current_thread()) { > fprintf(stderr, "Error: rseq_unregister_current_thread(...) failed(%d): %s\n", > errno, strerror(errno)); > diff --git a/tools/testing/selftests/rseq/rseq-x86.h > b/tools/testing/selftests/rseq/rseq-x86.h > index b2da6004fe30..640411518e46 100644 > --- a/tools/testing/selftests/rseq/rseq-x86.h > +++ b/tools/testing/selftests/rseq/rseq-x86.h > @@ -279,6 +279,63 @@ int rseq_addv(intptr_t *v, intptr_t count, int cpu) > #endif > } > > +#define RSEQ_ARCH_HAS_OFFSET_DEREF_ADDV > + > +/* > + * pval = *(ptr+off) > + * *pval += inc; > + */ Addition to rseq-x86.h should be split into its own commit. Thanks, Mathieu > +static inline __attribute__((always_inline)) > +int rseq_offset_deref_addv(intptr_t *ptr, off_t off, intptr_t inc, int cpu) > +{ > + RSEQ_INJECT_C(9) > + > + __asm__ __volatile__ goto ( > + RSEQ_ASM_DEFINE_TABLE(3, 1f, 2f, 4f) /* start, commit, abort */ > +#ifdef RSEQ_COMPARE_TWICE > + RSEQ_ASM_DEFINE_EXIT_POINT(1f, %l[error1]) > +#endif > + /* Start rseq by storing table entry pointer into rseq_cs. */ > + RSEQ_ASM_STORE_RSEQ_CS(1, 3b, RSEQ_CS_OFFSET(%[rseq_abi])) > + RSEQ_ASM_CMP_CPU_ID(cpu_id, RSEQ_CPU_ID_OFFSET(%[rseq_abi]), 4f) > + RSEQ_INJECT_ASM(3) > +#ifdef RSEQ_COMPARE_TWICE > + RSEQ_ASM_CMP_CPU_ID(cpu_id, RSEQ_CPU_ID_OFFSET(%[rseq_abi]), %l[error1]) > +#endif > + /* get p+v */ > + "movq %[ptr], %%rbx\n\t" > + "addq %[off], %%rbx\n\t" > + /* get pv */ > + "movq (%%rbx), %%rcx\n\t" > + /* *pv += inc */ > + "addq %[inc], (%%rcx)\n\t" > + "2:\n\t" > + RSEQ_INJECT_ASM(4) > + RSEQ_ASM_DEFINE_ABORT(4, "", abort) > + : /* gcc asm goto does not allow outputs */ > + : [cpu_id] "r" (cpu), > + [rseq_abi] "r" (&__rseq_abi), > + /* final store input */ > + [ptr] "m" (*ptr), > + [off] "er" (off), > + [inc] "er" (inc) > + : "memory", "cc", "rax", "rbx", "rcx" > + RSEQ_INJECT_CLOBBER > + : abort > +#ifdef RSEQ_COMPARE_TWICE > + , error1 > +#endif > + ); > + return 0; > +abort: > + RSEQ_INJECT_FAILED > + return -1; > +#ifdef RSEQ_COMPARE_TWICE > +error1: > + rseq_bug("cpu_id comparison failed"); > +#endif > +} > + > static inline __attribute__((always_inline)) > int rseq_cmpeqv_trystorev_storev(intptr_t *v, intptr_t expect, > intptr_t *v2, intptr_t newv2, > -- > 2.28.0.618.gf4bc123cb7-goog -- Mathieu Desnoyers EfficiOS Inc. http://www.efficios.com

4 years, 4 months

1
0
0 0

[REGRESSION] kselftest: next-20200915

by LKFT

## Kernel * kernel: 5.9.0-rc5 * git repo: ['https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git', 'https://gitlab.com/Linaro/lkft/mirrors/next/linux-next'] * git branch: master * git commit: 6b02addb1d1748d21dd1261e46029b264be4e5a0 * git describe: next-20200915 * Test details: https://qa-reports.linaro.org/lkft/linux-next-master/build/next-20200915 ## Regressions (compared to build next-20200914) juno-r2: kselftest: * memfd_memfd_test x86: kselftest-vsyscall-mode-native: * kvm_vmx_preemption_timer_test ## Fixes (compared to build next-20200914) x86: kselftest-vsyscall-mode-none: * kvm_vmx_preemption_timer_test ## Summary ### hi6220-hikey, kselftest * total: 161 * pass: 53 * fail: 79 * skip: 29 * xfail: 0 ### i386, kselftest * total: 166 * pass: 35 * fail: 102 * skip: 29 * xfail: 0 ### juno-r2, kselftest * total: 163 * pass: 57 * fail: 77 * skip: 29 * xfail: 0 ### x86, kselftest * total: 167 * pass: 59 * fail: 81 * skip: 27 * xfail: 0 ### x86, kselftest-vsyscall-mode-native * total: 168 * pass: 61 * fail: 80 * skip: 27 * xfail: 0 ### x86, kselftest-vsyscall-mode-none * total: 164 * pass: 58 * fail: 79 * skip: 27 * xfail: 0 ## Environments * dragonboard-410c * hi6220-hikey * i386 * juno-r2 * juno-r2-compat * juno-r2-kasan * nxp-ls2088 * qemu_arm * qemu_arm64 * qemu_i386 * qemu_x86_64 * x15 * x86 * x86-kasan ## Suites * kselftest * kselftest-vsyscall-mode-native * kselftest-vsyscall-mode-none ## Failures ### hi6220-hikey, kselftest * bpf_test_verifier * bpf_test_tag * bpf_test_maps * bpf_test_lpm_map * bpf_test_progs * bpf_test_dev_cgroup * bpf_test_tcpbpf_user * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_kmod.sh * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_lwt_ip_encap.sh * bpf_test_tcp_check_syncookie.sh * bpf_test_tc_tunnel.sh * bpf_test_tc_edt.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_cap_checkpoint_restore * core_close_range_test * firmware_fw_run_tests.sh * ftrace_ftracetest * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ### i386, kselftest * bpf_test_progs * bpf_test_dev_cgroup * bpf_test_tcpbpf_user * bpf_get_cgroup_id_user * bpf_test_socket_cookie * bpf_test_netcnt * bpf_test_tcpnotify_user * bpf_test_sock_fields * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_tc_tunnel.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_clear_sighand * clone3_clone3_cap_checkpoint_restore * core_close_range_test * firmware_fw_run_tests.sh * ftrace_ftracetest * intel_pstate_run.sh * kvm_cr4_cpuid_sync_test * kvm_evmcs_test * kvm_hyperv_cpuid * kvm_mmio_warning_test * kvm_platform_info_test * kvm_set_sregs_test * kvm_smm_test * kvm_state_test * kvm_vmx_preemption_timer_test * kvm_svm_vmcall_test * kvm_sync_regs_test * kvm_vmx_close_while_nested_test * kvm_vmx_dirty_log_test * kvm_vmx_set_nested_state_test * kvm_vmx_tsc_adjust_test * kvm_xss_msr_test * kvm_debug_regs * kvm_clear_dirty_log_test * kvm_demand_paging_test * kvm_dirty_log_test * kvm_kvm_create_max_vcpus * kvm_set_memory_region_test * kvm_steal_time * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ### juno-r2, kselftest * bpf_test_maps * bpf_get_cgroup_id_user * bpf_test_socket_cookie * bpf_test_netcnt * bpf_test_tcpnotify_user * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_lwt_ip_encap.sh * bpf_test_tcp_check_syncookie.sh * bpf_test_tc_tunnel.sh * bpf_test_tc_edt.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_cap_checkpoint_restore * core_close_range_test * cpufreq_main.sh * firmware_fw_run_tests.sh * ftrace_ftracetest * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ### x86, kselftest * bpf_test_progs * bpf_test_dev_cgroup * bpf_test_tcpbpf_user * bpf_get_cgroup_id_user * bpf_test_socket_cookie * bpf_test_netcnt * bpf_test_tcpnotify_user * bpf_test_sock_fields * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_lwt_ip_encap.sh * bpf_test_tc_tunnel.sh * bpf_test_tc_edt.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_cap_checkpoint_restore * core_close_range_test * firmware_fw_run_tests.sh * ftrace_ftracetest * intel_pstate_run.sh * kvm_vmx_preemption_timer_test * kvm_debug_regs * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ### x86, kselftest-vsyscall-mode-native * bpf_test_progs * bpf_test_dev_cgroup * bpf_test_tcpbpf_user * bpf_get_cgroup_id_user * bpf_test_socket_cookie * bpf_test_netcnt * bpf_test_tcpnotify_user * bpf_test_sock_fields * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_lwt_ip_encap.sh * bpf_test_tc_tunnel.sh * bpf_test_tc_edt.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_cap_checkpoint_restore * core_close_range_test * firmware_fw_run_tests.sh * ftrace_ftracetest * intel_pstate_run.sh * kvm_debug_regs * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ### x86, kselftest-vsyscall-mode-none * bpf_test_progs * bpf_test_dev_cgroup * bpf_test_tcpbpf_user * bpf_get_cgroup_id_user * bpf_test_tcpnotify_user * bpf_test_sock_fields * bpf_test_sysctl * bpf_test_progs-no_alu32 * bpf_test_sock_addr.sh * bpf_test_tunnel.sh * bpf_test_lwt_seg6local.sh * bpf_test_flow_dissector.sh * bpf_test_lwt_ip_encap.sh * bpf_test_tc_tunnel.sh * bpf_test_tc_edt.sh * bpf_test_xdping.sh * bpf_test_bpftool.sh * clone3_clone3_cap_checkpoint_restore * core_close_range_test * firmware_fw_run_tests.sh * ftrace_ftracetest * intel_pstate_run.sh * kvm_vmx_preemption_timer_test * kvm_debug_regs * lkdtm_BUG.sh * lkdtm_WARNING.sh * lkdtm_WARNING_MESSAGE.sh * lkdtm_EXCEPTION.sh * lkdtm_CORRUPT_LIST_ADD.sh * lkdtm_CORRUPT_LIST_DEL.sh * lkdtm_STACK_GUARD_PAGE_LEADING.sh * lkdtm_STACK_GUARD_PAGE_TRAILING.sh * lkdtm_UNSET_SMEP.sh * lkdtm_CORRUPT_PAC.sh * lkdtm_UNALIGNED_LOAD_STORE_WRITE.sh * lkdtm_READ_AFTER_FREE.sh * lkdtm_READ_BUDDY_AFTER_FREE.sh * lkdtm_SLAB_FREE_DOUBLE.sh * lkdtm_SLAB_FREE_CROSS.sh * lkdtm_SLAB_FREE_PAGE.sh * lkdtm_EXEC_DATA.sh * lkdtm_EXEC_STACK.sh * lkdtm_EXEC_KMALLOC.sh * lkdtm_EXEC_VMALLOC.sh * lkdtm_EXEC_RODATA.sh * lkdtm_EXEC_USERSPACE.sh * lkdtm_EXEC_NULL.sh * lkdtm_ACCESS_USERSPACE.sh * lkdtm_ACCESS_NULL.sh * lkdtm_WRITE_RO.sh * lkdtm_WRITE_RO_AFTER_INIT.sh * lkdtm_WRITE_KERN.sh * lkdtm_REFCOUNT_INC_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_OVERFLOW.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_OVERFLOW.sh * lkdtm_REFCOUNT_DEC_ZERO.sh * lkdtm_REFCOUNT_DEC_NEGATIVE.sh * lkdtm_REFCOUNT_DEC_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_SUB_AND_TEST_NEGATIVE.sh * lkdtm_REFCOUNT_INC_ZERO.sh * lkdtm_REFCOUNT_ADD_ZERO.sh * lkdtm_REFCOUNT_INC_SATURATED.sh * lkdtm_REFCOUNT_DEC_SATURATED.sh * lkdtm_REFCOUNT_ADD_SATURATED.sh * lkdtm_REFCOUNT_INC_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_ADD_NOT_ZERO_SATURATED.sh * lkdtm_REFCOUNT_DEC_AND_TEST_SATURATED.sh * lkdtm_REFCOUNT_SUB_AND_TEST_SATURATED.sh * lkdtm_USERCOPY_HEAP_SIZE_TO.sh * lkdtm_USERCOPY_HEAP_SIZE_FROM.sh * lkdtm_USERCOPY_HEAP_WHITELIST_TO.sh * lkdtm_USERCOPY_HEAP_WHITELIST_FROM.sh * lkdtm_USERCOPY_STACK_FRAME_TO.sh * lkdtm_USERCOPY_STACK_FRAME_FROM.sh * lkdtm_USERCOPY_STACK_BEYOND.sh * lkdtm_USERCOPY_KERNEL.sh * lkdtm_STACKLEAK_ERASING.sh * lkdtm_CFI_FORWARD_PROTO.sh ## Skips ### hi6220-hikey, kselftest * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * intel_pstate_run.sh * ir_ir_loopback.sh * livepatch_test-livepatch.sh * livepatch_test-callbacks.sh * livepatch_test-shadow-vars.sh * livepatch_test-state.sh * livepatch_test-ftrace.sh * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh ### i386, kselftest * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * ir_ir_loopback.sh * kexec_test_kexec_load.sh * kexec_test_kexec_file_load.sh * livepatch_test-livepatch.sh * livepatch_test-callbacks.sh * livepatch_test-shadow-vars.sh * livepatch_test-state.sh * livepatch_test-ftrace.sh * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh ### juno-r2, kselftest * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * intel_pstate_run.sh * ir_ir_loopback.sh * livepatch_test-livepatch.sh * livepatch_test-callbacks.sh * livepatch_test-shadow-vars.sh * livepatch_test-state.sh * livepatch_test-ftrace.sh * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh ### x86, kselftest * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * ir_ir_loopback.sh * kexec_test_kexec_load.sh * kexec_test_kexec_file_load.sh * kvm_mmio_warning_test * kvm_svm_vmcall_test * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh ### x86, kselftest-vsyscall-mode-native * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * ir_ir_loopback.sh * kexec_test_kexec_load.sh * kexec_test_kexec_file_load.sh * kvm_mmio_warning_test * kvm_svm_vmcall_test * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh ### x86, kselftest-vsyscall-mode-none * bpf_test_xdp_veth.sh * cgroup_test_memcontrol * cgroup_test_kmem * cgroup_test_core * cgroup_test_stress.sh * efivarfs_efivarfs.sh * fpu_run_test_fpu.sh * ir_ir_loopback.sh * kexec_test_kexec_load.sh * kexec_test_kexec_file_load.sh * kvm_mmio_warning_test * kvm_svm_vmcall_test * lkdtm_PANIC.sh * lkdtm_LOOP.sh * lkdtm_EXHAUST_STACK.sh * lkdtm_CORRUPT_STACK.sh * lkdtm_CORRUPT_STACK_STRONG.sh * lkdtm_DOUBLE_FAULT.sh * lkdtm_OVERWRITE_ALLOCATION.sh * lkdtm_WRITE_AFTER_FREE.sh * lkdtm_WRITE_BUDDY_AFTER_FREE.sh * lkdtm_SOFTLOCKUP.sh * lkdtm_HARDLOCKUP.sh * lkdtm_SPINLOCKUP.sh * lkdtm_HUNG_TASK.sh * lkdtm_REFCOUNT_TIMING.sh * lkdtm_ATOMIC_TIMING.sh -- Linaro LKFT https://lkft.linaro.org

4 years, 4 months

2
1
0 0

Re: [patch 00/13] preempt: Make preempt count unconditional

by Paul E. McKenney

On Mon, Sep 14, 2020 at 01:59:15PM -0700, Linus Torvalds wrote: > On Mon, Sep 14, 2020 at 1:45 PM Thomas Gleixner <tglx(a)linutronix.de> wrote: > > > > Recently merged code does: > > > > gfp = preemptible() ? GFP_KERNEL : GFP_ATOMIC; > > > > Looks obviously correct, except for the fact that preemptible() is > > unconditionally false for CONFIF_PREEMPT_COUNT=n, i.e. all allocations in > > that code use GFP_ATOMIC on such kernels. > > I don't think this is a good reason to entirely get rid of the no-preempt thing. > > The above is just garbage. It's bogus. You can't do it. > > Blaming the no-preempt code for this bug is extremely unfair, imho. > > And the no-preempt code does help make for much better code generation > for simple spinlocks. > > Where is that horribly buggy recent code? It's not in that exact > format, certainly, since 'grep' doesn't find it. It would be convenient for that "gfp =" code to work, as this would allow better cache locality while invoking RCU callbacks, and would further provide better robustness to callback floods. The full story is quite long, but here are alternatives have not yet been proven to be abject failures: 1. Use workqueues to do the allocations in a clean context. While waiting for the allocations, the callbacks are queued in the old cache-busting manner. This functions correctly, but in the meantime (which on busy systems can be some time) the cache locality and robustness are lost. 2. Provide the ability to allocate memory in raw atomic context. This is extremely effective, especially when used in combination with #1 above, but as you might suspect, the MM guys don't like it much. In contrast, with Thomas's patch series, call_rcu() and kvfree_rcu() could just look at preemptible() to see whether or not it was safe to allocate memory, even in !PREEMPT kernels -- and in the common case, it almost always would be safe. It is quite possible that this approach would work in isolation, or failing that, that adding #1 above would do the trick. I understand that this is all very hand-wavy, and I do apologize for that. If you really want the full sad story with performance numbers and the works, let me know! Thanx, Paul

4 years, 4 months

1
0
0 0

[PATCH 0/2] selftests/vm: fix some minor aggravating factors in the Makefile

by John Hubbard

Hi, This fixes a couple of minor aggravating factors that I ran across while trying to do some changes in selftests/vm. These are simple things, but like most things with GNU Make, it's rarely obvious what's wrong until you understand *the entire Makefile and all of its includes*. So while there is, of course, joy in learning those details, I thought I'd fix these little things, so as to allow others to skip out on the Joy if they so choose. :) First of all, if you have an item (let's choose userfaultfd for an example) that fails to build, you might do this: $ make -j32 # ...you observe a failed item in the threaded output # OK, let's get a closer look $ make # ...but now the build quietly "succeeds". That's what Patch 0001 fixes. Second, if you instead attempt this approach for your closer look (a casual mistake, as it's not supported): $ make userfaultfd # ...userfaultfd fails to link, due to incomplete LDLIBS That's what Patch 0002 fixes. John Hubbard (2): selftests/vm: fix false build success on the second and later attempts selftests/vm: fix incorrect gcc invocation in some cases tools/testing/selftests/vm/Makefile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) -- 2.28.0

4 years, 4 months

2
3
0 0

[PATCH bpf-next v2 4/5] bpf: selftests: add MPTCP test base

by Nicolas Rybowski

This patch adds a base for MPTCP specific tests. It is currently limited to the is_mptcp field in case of plain TCP connection because for the moment there is no easy way to get the subflow sk from a msk in userspace. This implies that we cannot lookup the sk_storage attached to the subflow sk in the sockops program. Acked-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> Signed-off-by: Nicolas Rybowski <nicolas.rybowski(a)tessares.net> --- Notes: v1 -> v2: - new patch: mandatory selftests (Alexei) tools/testing/selftests/bpf/config | 1 + tools/testing/selftests/bpf/network_helpers.c | 37 +++++- tools/testing/selftests/bpf/network_helpers.h | 3 + .../testing/selftests/bpf/prog_tests/mptcp.c | 119 ++++++++++++++++++ tools/testing/selftests/bpf/progs/mptcp.c | 48 +++++++ 5 files changed, 203 insertions(+), 5 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/mptcp.c create mode 100644 tools/testing/selftests/bpf/progs/mptcp.c diff --git a/tools/testing/selftests/bpf/config b/tools/testing/selftests/bpf/config index 2118e23ac07a..8377836ea976 100644 --- a/tools/testing/selftests/bpf/config +++ b/tools/testing/selftests/bpf/config @@ -39,3 +39,4 @@ CONFIG_BPF_JIT=y CONFIG_BPF_LSM=y CONFIG_SECURITY=y CONFIG_LIRC=y +CONFIG_MPTCP=y diff --git a/tools/testing/selftests/bpf/network_helpers.c b/tools/testing/selftests/bpf/network_helpers.c index 12ee40284da0..85cbb683965c 100644 --- a/tools/testing/selftests/bpf/network_helpers.c +++ b/tools/testing/selftests/bpf/network_helpers.c @@ -14,6 +14,10 @@ #include "bpf_util.h" #include "network_helpers.h" +#ifndef IPPROTO_MPTCP +#define IPPROTO_MPTCP 262 +#endif + #define clean_errno() (errno == 0 ? "None" : strerror(errno)) #define log_err(MSG, ...) ({ \ int __save = errno; \ @@ -66,8 +70,8 @@ static int settimeo(int fd, int timeout_ms) #define save_errno_close(fd) ({ int __save = errno; close(fd); errno = __save; }) -int start_server(int family, int type, const char *addr_str, __u16 port, - int timeout_ms) +static int start_server_proto(int family, int type, int protocol, + const char *addr_str, __u16 port, int timeout_ms) { struct sockaddr_storage addr = {}; socklen_t len; @@ -76,7 +80,7 @@ int start_server(int family, int type, const char *addr_str, __u16 port, if (make_sockaddr(family, addr_str, port, &addr, &len)) return -1; - fd = socket(family, type, 0); + fd = socket(family, type, protocol); if (fd < 0) { log_err("Failed to create server socket"); return -1; @@ -104,6 +108,19 @@ int start_server(int family, int type, const char *addr_str, __u16 port, return -1; } +int start_server(int family, int type, const char *addr_str, __u16 port, + int timeout_ms) +{ + return start_server_proto(family, type, 0, addr_str, port, timeout_ms); +} + +int start_mptcp_server(int family, const char *addr_str, __u16 port, + int timeout_ms) +{ + return start_server_proto(family, SOCK_STREAM, IPPROTO_MPTCP, addr_str, + port, timeout_ms); +} + int fastopen_connect(int server_fd, const char *data, unsigned int data_len, int timeout_ms) { @@ -153,7 +170,7 @@ static int connect_fd_to_addr(int fd, return 0; } -int connect_to_fd(int server_fd, int timeout_ms) +static int connect_to_fd_proto(int server_fd, int protocol, int timeout_ms) { struct sockaddr_storage addr; struct sockaddr_in *addr_in; @@ -173,7 +190,7 @@ int connect_to_fd(int server_fd, int timeout_ms) } addr_in = (struct sockaddr_in *)&addr; - fd = socket(addr_in->sin_family, type, 0); + fd = socket(addr_in->sin_family, type, protocol); if (fd < 0) { log_err("Failed to create client socket"); return -1; @@ -192,6 +209,16 @@ int connect_to_fd(int server_fd, int timeout_ms) return -1; } +int connect_to_fd(int server_fd, int timeout_ms) +{ + return connect_to_fd_proto(server_fd, 0, timeout_ms); +} + +int connect_to_mptcp_fd(int server_fd, int timeout_ms) +{ + return connect_to_fd_proto(server_fd, IPPROTO_MPTCP, timeout_ms); +} + int connect_fd_to_fd(int client_fd, int server_fd, int timeout_ms) { struct sockaddr_storage addr; diff --git a/tools/testing/selftests/bpf/network_helpers.h b/tools/testing/selftests/bpf/network_helpers.h index 7205f8afdba1..336423a789e9 100644 --- a/tools/testing/selftests/bpf/network_helpers.h +++ b/tools/testing/selftests/bpf/network_helpers.h @@ -35,7 +35,10 @@ extern struct ipv6_packet pkt_v6; int start_server(int family, int type, const char *addr, __u16 port, int timeout_ms); +int start_mptcp_server(int family, const char *addr, __u16 port, + int timeout_ms); int connect_to_fd(int server_fd, int timeout_ms); +int connect_to_mptcp_fd(int server_fd, int timeout_ms); int connect_fd_to_fd(int client_fd, int server_fd, int timeout_ms); int fastopen_connect(int server_fd, const char *data, unsigned int data_len, int timeout_ms); diff --git a/tools/testing/selftests/bpf/prog_tests/mptcp.c b/tools/testing/selftests/bpf/prog_tests/mptcp.c new file mode 100644 index 000000000000..0e65d64868e9 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/mptcp.c @@ -0,0 +1,119 @@ +// SPDX-License-Identifier: GPL-2.0 +#include <test_progs.h> +#include "cgroup_helpers.h" +#include "network_helpers.h" + +struct mptcp_storage { + __u32 invoked; + __u32 is_mptcp; +}; + +static int verify_sk(int map_fd, int client_fd, const char *msg, __u32 is_mptcp) +{ + int err = 0, cfd = client_fd; + struct mptcp_storage val; + + /* Currently there is no easy way to get back the subflow sk from the MPTCP + * sk, thus we cannot access here the sk_storage associated to the subflow + * sk. Also, there is no sk_storage associated with the MPTCP sk since it + * does not trigger sockops events. + * We silently pass this situation at the moment. + */ + if (is_mptcp == 1) + return 0; + + if (CHECK_FAIL(bpf_map_lookup_elem(map_fd, &cfd, &val) < 0)) { + perror("Failed to read socket storage"); + return -1; + } + + if (val.invoked != 1) { + log_err("%s: unexpected invoked count %d != %d", + msg, val.invoked, 1); + err++; + } + + if (val.is_mptcp != is_mptcp) { + log_err("%s: unexpected bpf_tcp_sock.is_mptcp %d != %d", + msg, val.is_mptcp, is_mptcp); + err++; + } + + return err; +} + +static int run_test(int cgroup_fd, int server_fd, bool is_mptcp) +{ + int client_fd, prog_fd, map_fd, err; + struct bpf_object *obj; + struct bpf_map *map; + + struct bpf_prog_load_attr attr = { + .prog_type = BPF_PROG_TYPE_SOCK_OPS, + .file = "./mptcp.o", + .expected_attach_type = BPF_CGROUP_SOCK_OPS, + }; + + err = bpf_prog_load_xattr(&attr, &obj, &prog_fd); + if (err) { + log_err("Failed to load BPF object"); + return -1; + } + + map = bpf_map__next(NULL, obj); + map_fd = bpf_map__fd(map); + + err = bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SOCK_OPS, 0); + if (err) { + log_err("Failed to attach BPF program"); + goto close_bpf_object; + } + + client_fd = is_mptcp ? connect_to_mptcp_fd(server_fd, 0) : + connect_to_fd(server_fd, 0); + if (client_fd < 0) { + err = -1; + goto close_client_fd; + } + + err += is_mptcp ? verify_sk(map_fd, client_fd, "MPTCP subflow socket", 1) : + verify_sk(map_fd, client_fd, "plain TCP socket", 0); + +close_client_fd: + close(client_fd); + +close_bpf_object: + bpf_object__close(obj); + return err; +} + +void test_mptcp(void) +{ + int server_fd, cgroup_fd; + + cgroup_fd = test__join_cgroup("/mptcp"); + if (CHECK_FAIL(cgroup_fd < 0)) + return; + + /* without MPTCP */ + server_fd = start_server(AF_INET, SOCK_STREAM, NULL, 0, 0); + if (CHECK_FAIL(server_fd < 0)) + goto with_mptcp; + + CHECK_FAIL(run_test(cgroup_fd, server_fd, false)); + + close(server_fd); + +with_mptcp: + /* with MPTCP */ + server_fd = start_mptcp_server(AF_INET, NULL, 0, 0); + if (CHECK_FAIL(server_fd < 0)) + goto close_cgroup_fd; + + CHECK_FAIL(run_test(cgroup_fd, server_fd, true)); + + close(server_fd); + +close_cgroup_fd: + close(cgroup_fd); +} diff --git a/tools/testing/selftests/bpf/progs/mptcp.c b/tools/testing/selftests/bpf/progs/mptcp.c new file mode 100644 index 000000000000..be5ee8dac2b3 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/mptcp.c @@ -0,0 +1,48 @@ +// SPDX-License-Identifier: GPL-2.0 +#include <linux/bpf.h> +#include <bpf/bpf_helpers.h> + +char _license[] SEC("license") = "GPL"; +__u32 _version SEC("version") = 1; + +struct mptcp_storage { + __u32 invoked; + __u32 is_mptcp; +}; + +struct { + __uint(type, BPF_MAP_TYPE_SK_STORAGE); + __uint(map_flags, BPF_F_NO_PREALLOC); + __type(key, int); + __type(value, struct mptcp_storage); +} socket_storage_map SEC(".maps"); + +SEC("sockops") +int _sockops(struct bpf_sock_ops *ctx) +{ + struct mptcp_storage *storage; + struct bpf_tcp_sock *tcp_sk; + int op = (int)ctx->op; + struct bpf_sock *sk; + + sk = ctx->sk; + if (!sk) + return 1; + + storage = bpf_sk_storage_get(&socket_storage_map, sk, 0, + BPF_SK_STORAGE_GET_F_CREATE); + if (!storage) + return 1; + + if (op != BPF_SOCK_OPS_TCP_CONNECT_CB) + return 1; + + tcp_sk = bpf_tcp_sock(sk); + if (!tcp_sk) + return 1; + + storage->invoked++; + storage->is_mptcp = tcp_sk->is_mptcp; + + return 1; +} -- 2.28.0

4 years, 4 months

3
3
0 0

Re: [patch 04/13] lockdep: Clenaup PREEMPT_COUNT leftovers

by Will Deacon

On Mon, Sep 14, 2020 at 10:42:13PM +0200, Thomas Gleixner wrote: > CONFIG_PREEMPT_COUNT is now unconditionally enabled and will be > removed. Cleanup the leftovers before doing so. > > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Cc: Peter Zijlstra <peterz(a)infradead.org> > Cc: Ingo Molnar <mingo(a)kernel.org> > Cc: Will Deacon <will(a)kernel.org> > --- > include/linux/lockdep.h | 6 ++---- > lib/Kconfig.debug | 1 - > 2 files changed, 2 insertions(+), 5 deletions(-) > > --- a/include/linux/lockdep.h > +++ b/include/linux/lockdep.h > @@ -585,16 +585,14 @@ do { \ > > #define lockdep_assert_preemption_enabled() \ > do { \ > - WARN_ON_ONCE(IS_ENABLED(CONFIG_PREEMPT_COUNT) && \ > - debug_locks && \ > + WARN_ON_ONCE(debug_locks && \ > (preempt_count() != 0 || \ > !raw_cpu_read(hardirqs_enabled))); \ > } while (0) > > #define lockdep_assert_preemption_disabled() \ > do { \ > - WARN_ON_ONCE(IS_ENABLED(CONFIG_PREEMPT_COUNT) && \ > - debug_locks && \ > + WARN_ON_ONCE(debug_locks && \ > (preempt_count() == 0 && \ > raw_cpu_read(hardirqs_enabled))); \ > } while (0) > --- a/lib/Kconfig.debug > +++ b/lib/Kconfig.debug > @@ -1161,7 +1161,6 @@ config PROVE_LOCKING > select DEBUG_RWSEMS > select DEBUG_WW_MUTEX_SLOWPATH > select DEBUG_LOCK_ALLOC > - select PREEMPT_COUNT > select TRACE_IRQFLAGS > default n > help Acked-by: Will Deacon <will(a)kernel.org> Will

4 years, 4 months

1
0
0 0

Re: [patch 06/13] locking/bitspinlock: Clenaup PREEMPT_COUNT leftovers

by Will Deacon

On Mon, Sep 14, 2020 at 10:42:15PM +0200, Thomas Gleixner wrote: > CONFIG_PREEMPT_COUNT is now unconditionally enabled and will be > removed. Cleanup the leftovers before doing so. > > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > --- > include/linux/bit_spinlock.h | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > --- a/include/linux/bit_spinlock.h > +++ b/include/linux/bit_spinlock.h > @@ -90,10 +90,8 @@ static inline int bit_spin_is_locked(int > { > #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) > return test_bit(bitnum, addr); > -#elif defined CONFIG_PREEMPT_COUNT > - return preempt_count(); > #else > - return 1; > + return preempt_count(); > #endif Acked-by: Will Deacon <will(a)kernel.org> Will

4 years, 4 months

1
0
0 0

[PATCH v38 22/24] selftests/x86: Add a selftest for SGX

by Jarkko Sakkinen

Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations. Cc: linux-kselftest(a)vger.kernel.org Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/sgx/.gitignore | 2 + tools/testing/selftests/sgx/Makefile | 53 +++ tools/testing/selftests/sgx/call.S | 44 ++ tools/testing/selftests/sgx/defines.h | 21 + tools/testing/selftests/sgx/load.c | 277 ++++++++++++ tools/testing/selftests/sgx/main.c | 232 ++++++++++ tools/testing/selftests/sgx/main.h | 38 ++ tools/testing/selftests/sgx/sigstruct.c | 395 ++++++++++++++++++ tools/testing/selftests/sgx/test_encl.c | 20 + tools/testing/selftests/sgx/test_encl.lds | 40 ++ .../selftests/sgx/test_encl_bootstrap.S | 89 ++++ 12 files changed, 1212 insertions(+) create mode 100644 tools/testing/selftests/sgx/.gitignore create mode 100644 tools/testing/selftests/sgx/Makefile create mode 100644 tools/testing/selftests/sgx/call.S create mode 100644 tools/testing/selftests/sgx/defines.h create mode 100644 tools/testing/selftests/sgx/load.c create mode 100644 tools/testing/selftests/sgx/main.c create mode 100644 tools/testing/selftests/sgx/main.h create mode 100644 tools/testing/selftests/sgx/sigstruct.c create mode 100644 tools/testing/selftests/sgx/test_encl.c create mode 100644 tools/testing/selftests/sgx/test_encl.lds create mode 100644 tools/testing/selftests/sgx/test_encl_bootstrap.S diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 9018f45d631d..fee80cda6304 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -68,6 +68,7 @@ TARGETS += user TARGETS += vm TARGETS += x86 TARGETS += zram +TARGETS += sgx #Please keep the TARGETS list alphabetically sorted # Run "make quicktest=1 run_tests" or # "make quicktest=1 kselftest" from top level Makefile diff --git a/tools/testing/selftests/sgx/.gitignore b/tools/testing/selftests/sgx/.gitignore new file mode 100644 index 000000000000..fbaf0bda9a92 --- /dev/null +++ b/tools/testing/selftests/sgx/.gitignore @@ -0,0 +1,2 @@ +test_sgx +test_encl.elf diff --git a/tools/testing/selftests/sgx/Makefile b/tools/testing/selftests/sgx/Makefile new file mode 100644 index 000000000000..95e5c4df8014 --- /dev/null +++ b/tools/testing/selftests/sgx/Makefile @@ -0,0 +1,53 @@ +top_srcdir = ../../../.. + +include ../lib.mk + +.PHONY: all clean + +CAN_BUILD_X86_64 := $(shell ../x86/check_cc.sh $(CC) \ + ../x86/trivial_64bit_program.c) + +ifndef OBJCOPY +OBJCOPY := $(CROSS_COMPILE)objcopy +endif + +INCLUDES := -I$(top_srcdir)/tools/include +HOST_CFLAGS := -Wall -Werror -g $(INCLUDES) -fPIC -z noexecstack +ENCL_CFLAGS := -Wall -Werror -static -nostdlib -nostartfiles -fPIC \ + -fno-stack-protector -mrdrnd $(INCLUDES) + +TEST_CUSTOM_PROGS := $(OUTPUT)/test_sgx $(OUTPUT)/test_encl.elf + +ifeq ($(CAN_BUILD_X86_64), 1) +all: $(TEST_CUSTOM_PROGS) +endif + +$(OUTPUT)/test_sgx: $(OUTPUT)/main.o \ + $(OUTPUT)/load.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/call.o + $(CC) $(HOST_CFLAGS) -o $@ $^ -lcrypto + +$(OUTPUT)/main.o: main.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/load.o: load.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/sigstruct.o: sigstruct.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/call.o: call.S + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/test_encl.elf: test_encl.lds test_encl.c test_encl_bootstrap.S + $(CC) $(ENCL_CFLAGS) -T $^ -o $@ + +EXTRA_CLEAN := \ + $(OUTPUT)/test_encl.elf \ + $(OUTPUT)/load.o \ + $(OUTPUT)/call.o \ + $(OUTPUT)/main.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/test_sgx \ + $(OUTPUT)/test_sgx.o \ diff --git a/tools/testing/selftests/sgx/call.S b/tools/testing/selftests/sgx/call.S new file mode 100644 index 000000000000..f640532cda93 --- /dev/null +++ b/tools/testing/selftests/sgx/call.S @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/** +* Copyright(c) 2016-18 Intel Corporation. +*/ + + .text + + .global sgx_call_vdso +sgx_call_vdso: + .cfi_startproc + push %r15 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r15, 0 + push %r14 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r14, 0 + push %r13 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r13, 0 + push %r12 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r12, 0 + push %rbx + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %rbx, 0 + push $0 + .cfi_adjust_cfa_offset 8 + push 0x38(%rsp) + .cfi_adjust_cfa_offset 8 + call *eenter(%rip) + add $0x10, %rsp + .cfi_adjust_cfa_offset -0x10 + pop %rbx + .cfi_adjust_cfa_offset -8 + pop %r12 + .cfi_adjust_cfa_offset -8 + pop %r13 + .cfi_adjust_cfa_offset -8 + pop %r14 + .cfi_adjust_cfa_offset -8 + pop %r15 + .cfi_adjust_cfa_offset -8 + ret + .cfi_endproc diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h new file mode 100644 index 000000000000..be8969922804 --- /dev/null +++ b/tools/testing/selftests/sgx/defines.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef DEFINES_H +#define DEFINES_H + +#include <stdint.h> + +#define PAGE_SIZE 4096 +#define PAGE_MASK (~(PAGE_SIZE - 1)) + +#define __aligned(x) __attribute__((__aligned__(x))) +#define __packed __attribute__((packed)) + +#include "../../../../arch/x86/kernel/cpu/sgx/arch.h" +#include "../../../../arch/x86/include/asm/enclu.h" +#include "../../../../arch/x86/include/uapi/asm/sgx.h" + +#endif /* DEFINES_H */ diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c new file mode 100644 index 000000000000..8ce0c4ac9a49 --- /dev/null +++ b/tools/testing/selftests/sgx/load.c @@ -0,0 +1,277 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <assert.h> +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +void encl_delete(struct encl *encl) +{ + if (encl->encl_base) + munmap((void *)encl->encl_base, encl->encl_size); + + if (encl->bin) + munmap(encl->bin, encl->bin_size); + + if (encl->fd) + close(encl->fd); + + if (encl->segment_tbl) + free(encl->segment_tbl); + + memset(encl, 0, sizeof(*encl)); +} + +static bool encl_map_bin(const char *path, struct encl *encl) +{ + struct stat sb; + void *bin; + int ret; + int fd; + + fd = open(path, O_RDONLY); + if (fd == -1) { + perror("open()"); + return false; + } + + ret = stat(path, &sb); + if (ret) { + perror("stat()"); + goto err; + } + + bin = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); + if (bin == MAP_FAILED) { + perror("mmap()"); + goto err; + } + + encl->bin = bin; + encl->bin_size = sb.st_size; + + close(fd); + return true; + +err: + close(fd); + return false; +} + +static bool encl_ioc_create(struct encl *encl) +{ + struct sgx_secs *secs = &encl->secs; + struct sgx_enclave_create ioc; + int rc; + + assert(encl->encl_base != 0); + + memset(secs, 0, sizeof(*secs)); + secs->ssa_frame_size = 1; + secs->attributes = SGX_ATTR_MODE64BIT; + secs->xfrm = 3; + secs->base = encl->encl_base; + secs->size = encl->encl_size; + + ioc.src = (unsigned long)secs; + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_CREATE, &ioc); + if (rc) { + fprintf(stderr, "SGX_IOC_ENCLAVE_CREATE failed: errno=%d\n", + errno); + munmap((void *)secs->base, encl->encl_size); + return false; + } + + return true; +} + +static bool encl_ioc_add_pages(struct encl *encl, struct encl_segment *seg) +{ + struct sgx_enclave_add_pages ioc; + struct sgx_secinfo secinfo; + int rc; + + memset(&secinfo, 0, sizeof(secinfo)); + secinfo.flags = seg->flags; + + ioc.src = (uint64_t)encl->src + seg->offset; + ioc.offset = seg->offset; + ioc.length = seg->size; + ioc.secinfo = (unsigned long)&secinfo; + ioc.flags = SGX_PAGE_MEASURE; + + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_ADD_PAGES, &ioc); + if (rc < 0) { + fprintf(stderr, "SGX_IOC_ENCLAVE_ADD_PAGES failed: errno=%d.\n", + errno); + return false; + } + + return true; +} + +bool encl_load(const char *path, struct encl *encl) +{ + Elf64_Phdr *phdr_tbl; + off_t src_offset; + Elf64_Ehdr *ehdr; + int i, j; + int ret; + + memset(encl, 0, sizeof(*encl)); + + ret = open("/dev/sgx/enclave", O_RDWR); + if (ret < 0) { + fprintf(stderr, "Unable to open /dev/sgx\n"); + goto err; + } + + encl->fd = ret; + + if (!encl_map_bin(path, encl)) + goto err; + + ehdr = encl->bin; + phdr_tbl = encl->bin + ehdr->e_phoff; + + for (i = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + + if (phdr->p_type == PT_LOAD) + encl->nr_segments++; + } + + encl->segment_tbl = calloc(encl->nr_segments, + sizeof(struct encl_segment)); + if (!encl->segment_tbl) + goto err; + + for (i = 0, j = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + unsigned int flags = phdr->p_flags; + struct encl_segment *seg; + + if (phdr->p_type != PT_LOAD) + continue; + + seg = &encl->segment_tbl[j]; + + if (!!(flags & ~(PF_R | PF_W | PF_X))) { + fprintf(stderr, + "%d has invalid segment flags 0x%02x.\n", i, + phdr->p_flags); + goto err; + } + + if (j == 0 && flags != (PF_R | PF_W)) { + fprintf(stderr, + "TCS has invalid segment flags 0x%02x.\n", + phdr->p_flags); + goto err; + } + + if (j == 0) { + src_offset = (phdr->p_offset & PAGE_MASK) - src_offset; + + seg->prot = PROT_READ | PROT_WRITE; + seg->flags = SGX_PAGE_TYPE_TCS << 8; + } else { + seg->prot = (phdr->p_flags & PF_R) ? PROT_READ : 0; + seg->prot |= (phdr->p_flags & PF_W) ? PROT_WRITE : 0; + seg->prot |= (phdr->p_flags & PF_X) ? PROT_EXEC : 0; + seg->flags = (SGX_PAGE_TYPE_REG << 8) | seg->prot; + } + + seg->offset = (phdr->p_offset & PAGE_MASK) - src_offset; + seg->size = (phdr->p_filesz + PAGE_SIZE - 1) & PAGE_MASK; + + printf("0x%016lx 0x%016lx 0x%02x\n", seg->offset, seg->size, + seg->prot); + + j++; + } + + assert(j == encl->nr_segments); + + encl->src = encl->bin + src_offset; + encl->src_size = encl->segment_tbl[j - 1].offset + + encl->segment_tbl[j - 1].size; + + for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + encl->encl_size <<= 1; + + return true; + +err: + encl_delete(encl); + return false; +} + +static bool encl_map_area(struct encl *encl) +{ + size_t encl_size = encl->encl_size; + void *area; + + area = mmap(NULL, encl_size * 2, PROT_NONE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + if (area == MAP_FAILED) { + perror("mmap"); + return false; + } + + encl->encl_base = ((uint64_t)area + encl_size - 1) & ~(encl_size - 1); + + munmap(area, encl->encl_base - (uint64_t)area); + munmap((void *)(encl->encl_base + encl_size), + (uint64_t)area + encl_size - encl->encl_base); + + return true; +} + +bool encl_build(struct encl *encl) +{ + struct sgx_enclave_init ioc; + int ret; + int i; + + if (!encl_map_area(encl)) + return false; + + if (!encl_ioc_create(encl)) + return false; + + /* + * Pages must be added before mapping VMAs because their permissions + * cap the VMA permissions. + */ + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!encl_ioc_add_pages(encl, seg)) + return false; + } + + ioc.sigstruct = (uint64_t)&encl->sigstruct; + ret = ioctl(encl->fd, SGX_IOC_ENCLAVE_INIT, &ioc); + if (ret) { + fprintf(stderr, "SGX_IOC_ENCLAVE_INIT failed: errno=%d\n", + errno); + return false; + } + + return true; +} diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c new file mode 100644 index 000000000000..44acb3c72067 --- /dev/null +++ b/tools/testing/selftests/sgx/main.c @@ -0,0 +1,232 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +static const uint64_t MAGIC = 0x1122334455667788ULL; +vdso_sgx_enter_enclave_t eenter; + +struct vdso_symtab { + Elf64_Sym *elf_symtab; + const char *elf_symstrtab; + Elf64_Word *elf_hashtab; +}; + +static void *vdso_get_base_addr(char *envp[]) +{ + Elf64_auxv_t *auxv; + int i; + + for (i = 0; envp[i]; i++) + ; + + auxv = (Elf64_auxv_t *)&envp[i + 1]; + + for (i = 0; auxv[i].a_type != AT_NULL; i++) { + if (auxv[i].a_type == AT_SYSINFO_EHDR) + return (void *)auxv[i].a_un.a_val; + } + + return NULL; +} + +static Elf64_Dyn *vdso_get_dyntab(void *addr) +{ + Elf64_Ehdr *ehdr = addr; + Elf64_Phdr *phdrtab = addr + ehdr->e_phoff; + int i; + + for (i = 0; i < ehdr->e_phnum; i++) + if (phdrtab[i].p_type == PT_DYNAMIC) + return addr + phdrtab[i].p_offset; + + return NULL; +} + +static void *vdso_get_dyn(void *addr, Elf64_Dyn *dyntab, Elf64_Sxword tag) +{ + int i; + + for (i = 0; dyntab[i].d_tag != DT_NULL; i++) + if (dyntab[i].d_tag == tag) + return addr + dyntab[i].d_un.d_ptr; + + return NULL; +} + +static bool vdso_get_symtab(void *addr, struct vdso_symtab *symtab) +{ + Elf64_Dyn *dyntab = vdso_get_dyntab(addr); + + symtab->elf_symtab = vdso_get_dyn(addr, dyntab, DT_SYMTAB); + if (!symtab->elf_symtab) + return false; + + symtab->elf_symstrtab = vdso_get_dyn(addr, dyntab, DT_STRTAB); + if (!symtab->elf_symstrtab) + return false; + + symtab->elf_hashtab = vdso_get_dyn(addr, dyntab, DT_HASH); + if (!symtab->elf_hashtab) + return false; + + return true; +} + +static unsigned long elf_sym_hash(const char *name) +{ + unsigned long h = 0, high; + + while (*name) { + h = (h << 4) + *name++; + high = h & 0xf0000000; + + if (high) + h ^= high >> 24; + + h &= ~high; + } + + return h; +} + +static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name) +{ + Elf64_Word bucketnum = symtab->elf_hashtab[0]; + Elf64_Word *buckettab = &symtab->elf_hashtab[2]; + Elf64_Word *chaintab = &symtab->elf_hashtab[2 + bucketnum]; + Elf64_Sym *sym; + Elf64_Word i; + + for (i = buckettab[elf_sym_hash(name) % bucketnum]; i != STN_UNDEF; + i = chaintab[i]) { + sym = &symtab->elf_symtab[i]; + if (!strcmp(name, &symtab->elf_symstrtab[sym->st_name])) + return sym; + } + + return NULL; +} + +int check_result(struct sgx_enclave_run *run, int ret, uint64_t result, + const char *test) +{ + if (ret) { + printf("FAIL: %s() returned: %d\n", test, ret); + return ret; + } else if (run->exit_reason != SGX_SYNCHRONOUS_EXIT) { + printf("FAIL: %s() exit reason, expected: %u, got: %u\n", + test, SGX_SYNCHRONOUS_EXIT, run->exit_reason); + return -EIO; + } else if (result != MAGIC) { + printf("FAIL: %s(), expected: 0x%lx, got: 0x%lx\n", + test, MAGIC, result); + return -EIO; + } else if (run->user_data) { + printf("FAIL: %s() user data, expected: 0x0, got: 0x%llx\n", + test, run->user_data); + return -EIO; + } + return 0; +} + +static int exit_handler(long rdi, long rsi, long rdx, long ursp, long r8, long r9, + struct sgx_enclave_run *run) +{ + run->user_data = 0; + return 0; +} + +int main(int argc, char *argv[], char *envp[]) +{ + struct sgx_enclave_run run; + struct vdso_symtab symtab; + Elf64_Sym *eenter_sym; + uint64_t result = 0; + struct encl encl; + unsigned int i; + void *addr; + int ret; + + if (!encl_load("test_encl.elf", &encl)) + goto err; + + if (!encl_measure(&encl)) + goto err; + + if (!encl_build(&encl)) + goto err; + + /* + * An enclave consumer only must do this. + */ + for (i = 0; i < encl.nr_segments; i++) { + struct encl_segment *seg = &encl.segment_tbl[i]; + + addr = mmap((void *)encl.encl_base + seg->offset, seg->size, + seg->prot, MAP_SHARED | MAP_FIXED, encl.fd, 0); + if (addr == MAP_FAILED) { + fprintf(stderr, "mmap() failed, errno=%d.\n", errno); + exit(1); + } + } + + memset(&run, 0, sizeof(run)); + run.tcs = encl.encl_base; + + addr = vdso_get_base_addr(envp); + if (!addr) + goto err; + + if (!vdso_get_symtab(addr, &symtab)) + goto err; + + eenter_sym = vdso_symtab_get(&symtab, "__vdso_sgx_enter_enclave"); + if (!eenter_sym) + goto err; + + eenter = addr + eenter_sym->st_value; + + ret = sgx_call_vdso((void *)&MAGIC, &result, 0, EENTER, NULL, NULL, &run); + if (check_result(&run, ret, result, "sgx_call_vdso")) + goto err; + + + /* Invoke the vDSO directly. */ + result = 0; + ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, + 0, 0, &run); + if (check_result(&run, ret, result, "eenter")) + goto err; + + /* And with an exit handler. */ + run.user_handler = exit_handler; + run.user_data = 0xdeadbeef; + ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, + 0, 0, &run); + if (check_result(&run, ret, result, "exit_handler")) + goto err; + + printf("SUCCESS\n"); + encl_delete(&encl); + exit(0); + +err: + encl_delete(&encl); + exit(1); +} diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h new file mode 100644 index 000000000000..2b4777942500 --- /dev/null +++ b/tools/testing/selftests/sgx/main.h @@ -0,0 +1,38 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef MAIN_H +#define MAIN_H + +struct encl_segment { + off_t offset; + size_t size; + unsigned int prot; + unsigned int flags; +}; + +struct encl { + int fd; + void *bin; + off_t bin_size; + void *src; + size_t src_size; + size_t encl_size; + off_t encl_base; + unsigned int nr_segments; + struct encl_segment *segment_tbl; + struct sgx_secs secs; + struct sgx_sigstruct sigstruct; +}; + +void encl_delete(struct encl *ctx); +bool encl_load(const char *path, struct encl *encl); +bool encl_measure(struct encl *encl); +bool encl_build(struct encl *encl); + +int sgx_call_vdso(void *rdi, void *rsi, long rdx, u32 leaf, void *r8, void *r9, + struct sgx_enclave_run *run); + +#endif /* MAIN_H */ diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c new file mode 100644 index 000000000000..ceddad478672 --- /dev/null +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -0,0 +1,395 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#define _GNU_SOURCE +#include <assert.h> +#include <getopt.h> +#include <stdbool.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> +#include <openssl/err.h> +#include <openssl/pem.h> +#include "defines.h" +#include "main.h" + +struct q1q2_ctx { + BN_CTX *bn_ctx; + BIGNUM *m; + BIGNUM *s; + BIGNUM *q1; + BIGNUM *qr; + BIGNUM *q2; +}; + +static void free_q1q2_ctx(struct q1q2_ctx *ctx) +{ + BN_CTX_free(ctx->bn_ctx); + BN_free(ctx->m); + BN_free(ctx->s); + BN_free(ctx->q1); + BN_free(ctx->qr); + BN_free(ctx->q2); +} + +static bool alloc_q1q2_ctx(const uint8_t *s, const uint8_t *m, + struct q1q2_ctx *ctx) +{ + ctx->bn_ctx = BN_CTX_new(); + ctx->s = BN_bin2bn(s, SGX_MODULUS_SIZE, NULL); + ctx->m = BN_bin2bn(m, SGX_MODULUS_SIZE, NULL); + ctx->q1 = BN_new(); + ctx->qr = BN_new(); + ctx->q2 = BN_new(); + + if (!ctx->bn_ctx || !ctx->s || !ctx->m || !ctx->q1 || !ctx->qr || + !ctx->q2) { + free_q1q2_ctx(ctx); + return false; + } + + return true; +} + +static bool calc_q1q2(const uint8_t *s, const uint8_t *m, uint8_t *q1, + uint8_t *q2) +{ + struct q1q2_ctx ctx; + + if (!alloc_q1q2_ctx(s, m, &ctx)) { + fprintf(stderr, "Not enough memory for Q1Q2 calculation\n"); + return false; + } + + if (!BN_mul(ctx.q1, ctx.s, ctx.s, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q1, ctx.qr, ctx.q1, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q1) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q1 %d bytes\n", + BN_num_bytes(ctx.q1)); + goto out; + } + + if (!BN_mul(ctx.q2, ctx.s, ctx.qr, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q2, NULL, ctx.q2, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q2) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q2 %d bytes\n", + BN_num_bytes(ctx.q2)); + goto out; + } + + BN_bn2bin(ctx.q1, q1); + BN_bn2bin(ctx.q2, q2); + + free_q1q2_ctx(&ctx); + return true; +out: + free_q1q2_ctx(&ctx); + return false; +} + +struct sgx_sigstruct_payload { + struct sgx_sigstruct_header header; + struct sgx_sigstruct_body body; +}; + +static bool check_crypto_errors(void) +{ + int err; + bool had_errors = false; + const char *filename; + int line; + char str[256]; + + for ( ; ; ) { + if (ERR_peek_error() == 0) + break; + + had_errors = true; + err = ERR_get_error_line(&filename, &line); + ERR_error_string_n(err, str, sizeof(str)); + fprintf(stderr, "crypto: %s: %s:%d\n", str, filename, line); + } + + return had_errors; +} + +static inline const BIGNUM *get_modulus(RSA *key) +{ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + return key->n; +#else + const BIGNUM *n; + + RSA_get0_key(key, &n, NULL, NULL); + return n; +#endif +} + +static RSA *gen_sign_key(void) +{ + BIGNUM *e; + RSA *key; + int ret; + + e = BN_new(); + key = RSA_new(); + + if (!e || !key) + goto err; + + ret = BN_set_word(e, RSA_3); + if (ret != 1) + goto err; + + ret = RSA_generate_key_ex(key, 3072, e, NULL); + if (ret != 1) + goto err; + + BN_free(e); + + return key; + +err: + RSA_free(key); + BN_free(e); + + return NULL; +} + +static void reverse_bytes(void *data, int length) +{ + int i = 0; + int j = length - 1; + uint8_t temp; + uint8_t *ptr = data; + + while (i < j) { + temp = ptr[i]; + ptr[i] = ptr[j]; + ptr[j] = temp; + i++; + j--; + } +} + +enum mrtags { + MRECREATE = 0x0045544145524345, + MREADD = 0x0000000044444145, + MREEXTEND = 0x00444E4554584545, +}; + +static bool mrenclave_update(EVP_MD_CTX *ctx, const void *data) +{ + if (!EVP_DigestUpdate(ctx, data, 64)) { + fprintf(stderr, "digest update failed\n"); + return false; + } + + return true; +} + +static bool mrenclave_commit(EVP_MD_CTX *ctx, uint8_t *mrenclave) +{ + unsigned int size; + + if (!EVP_DigestFinal_ex(ctx, (unsigned char *)mrenclave, &size)) { + fprintf(stderr, "digest commit failed\n"); + return false; + } + + if (size != 32) { + fprintf(stderr, "invalid digest size = %u\n", size); + return false; + } + + return true; +} + +struct mrecreate { + uint64_t tag; + uint32_t ssaframesize; + uint64_t size; + uint8_t reserved[44]; +} __attribute__((__packed__)); + + +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +{ + struct mrecreate mrecreate; + uint64_t encl_size; + + for (encl_size = 0x1000; encl_size < blob_size; ) + encl_size <<= 1; + + memset(&mrecreate, 0, sizeof(mrecreate)); + mrecreate.tag = MRECREATE; + mrecreate.ssaframesize = 1; + mrecreate.size = encl_size; + + if (!EVP_DigestInit_ex(ctx, EVP_sha256(), NULL)) + return false; + + return mrenclave_update(ctx, &mrecreate); +} + +struct mreadd { + uint64_t tag; + uint64_t offset; + uint64_t flags; /* SECINFO flags */ + uint8_t reserved[40]; +} __attribute__((__packed__)); + +static bool mrenclave_eadd(EVP_MD_CTX *ctx, uint64_t offset, uint64_t flags) +{ + struct mreadd mreadd; + + memset(&mreadd, 0, sizeof(mreadd)); + mreadd.tag = MREADD; + mreadd.offset = offset; + mreadd.flags = flags; + + return mrenclave_update(ctx, &mreadd); +} + +struct mreextend { + uint64_t tag; + uint64_t offset; + uint8_t reserved[48]; +} __attribute__((__packed__)); + +static bool mrenclave_eextend(EVP_MD_CTX *ctx, uint64_t offset, + const uint8_t *data) +{ + struct mreextend mreextend; + int i; + + for (i = 0; i < 0x1000; i += 0x100) { + memset(&mreextend, 0, sizeof(mreextend)); + mreextend.tag = MREEXTEND; + mreextend.offset = offset + i; + + if (!mrenclave_update(ctx, &mreextend)) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x00])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x40])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x80])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0xC0])) + return false; + } + + return true; +} + +static bool mrenclave_segment(EVP_MD_CTX *ctx, struct encl *encl, + struct encl_segment *seg) +{ + uint64_t end = seg->offset + seg->size; + uint64_t offset; + + for (offset = seg->offset; offset < end; offset += PAGE_SIZE) { + if (!mrenclave_eadd(ctx, offset, seg->flags)) + return false; + + if (!mrenclave_eextend(ctx, offset, encl->src + offset)) + return false; + } + + return true; +} + +bool encl_measure(struct encl *encl) +{ + uint64_t header1[2] = {0x000000E100000006, 0x0000000000010000}; + uint64_t header2[2] = {0x0000006000000101, 0x0000000100000060}; + struct sgx_sigstruct *sigstruct = &encl->sigstruct; + struct sgx_sigstruct_payload payload; + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int siglen; + RSA *key = NULL; + EVP_MD_CTX *ctx; + int i; + + memset(sigstruct, 0, sizeof(*sigstruct)); + + sigstruct->header.header1[0] = header1[0]; + sigstruct->header.header1[1] = header1[1]; + sigstruct->header.header2[0] = header2[0]; + sigstruct->header.header2[1] = header2[1]; + sigstruct->exponent = 3; + sigstruct->body.attributes = SGX_ATTR_MODE64BIT; + sigstruct->body.xfrm = 3; + + /* sanity check */ + if (check_crypto_errors()) + goto err; + + key = gen_sign_key(); + if (!key) + goto err; + + BN_bn2bin(get_modulus(key), sigstruct->modulus); + + ctx = EVP_MD_CTX_create(); + if (!ctx) + goto err; + + if (!mrenclave_ecreate(ctx, encl->src_size)) + goto err; + + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!mrenclave_segment(ctx, encl, seg)) + goto err; + } + + if (!mrenclave_commit(ctx, sigstruct->body.mrenclave)) + goto err; + + memcpy(&payload.header, &sigstruct->header, sizeof(sigstruct->header)); + memcpy(&payload.body, &sigstruct->body, sizeof(sigstruct->body)); + + SHA256((unsigned char *)&payload, sizeof(payload), digest); + + if (!RSA_sign(NID_sha256, digest, SHA256_DIGEST_LENGTH, + sigstruct->signature, &siglen, key)) + goto err; + + if (!calc_q1q2(sigstruct->signature, sigstruct->modulus, sigstruct->q1, + sigstruct->q2)) + goto err; + + /* BE -> LE */ + reverse_bytes(sigstruct->signature, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->modulus, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q1, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q2, SGX_MODULUS_SIZE); + + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return true; + +err: + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return false; +} diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c new file mode 100644 index 000000000000..ede915399742 --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <stddef.h> +#include "defines.h" + +static void *memcpy(void *dest, const void *src, size_t n) +{ + size_t i; + + for (i = 0; i < n; i++) + ((char *)dest)[i] = ((char *)src)[i]; + + return dest; +} + +void encl_body(void *rdi, void *rsi) +{ + memcpy(rsi, rdi, 8); +} diff --git a/tools/testing/selftests/sgx/test_encl.lds b/tools/testing/selftests/sgx/test_encl.lds new file mode 100644 index 000000000000..0fbbda7e665e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.lds @@ -0,0 +1,40 @@ +OUTPUT_FORMAT(elf64-x86-64) + +PHDRS +{ + tcs PT_LOAD; + text PT_LOAD; + data PT_LOAD; +} + +SECTIONS +{ + . = 0; + .tcs : { + *(.tcs*) + } : tcs + + . = ALIGN(4096); + .text : { + *(.text*) + *(.rodata*) + } : text + + . = ALIGN(4096); + .data : { + *(.data*) + } : data + + /DISCARD/ : { + *(.comment*) + *(.note*) + *(.debug*) + *(.eh_frame*) + } +} + +ASSERT(!DEFINED(.altinstructions), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.altinstr_replacement), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.retpoline_safe), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.nospec), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.got.plt), "Libcalls are not supported in enclaves") diff --git a/tools/testing/selftests/sgx/test_encl_bootstrap.S b/tools/testing/selftests/sgx/test_encl_bootstrap.S new file mode 100644 index 000000000000..6836ea86126e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl_bootstrap.S @@ -0,0 +1,89 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/* + * Copyright(c) 2016-18 Intel Corporation. + */ + + .macro ENCLU + .byte 0x0f, 0x01, 0xd7 + .endm + + .section ".tcs", "aw" + .balign 4096 + + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + # Identical to the previous TCS. + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + .text + +encl_entry: + # RBX contains the base address for TCS, which is also the first address + # inside the enclave. By adding the value of le_stack_end to it, we get + # the absolute address for the stack. + lea (encl_stack)(%rbx), %rax + xchg %rsp, %rax + push %rax + + push %rcx # push the address after EENTER + push %rbx # push the enclave base address + + call encl_body + + pop %rbx # pop the enclave base address + + /* Clear volatile GPRs, except RAX (EEXIT leaf). */ + xor %rcx, %rcx + xor %rdx, %rdx + xor %rdi, %rdi + xor %rsi, %rsi + xor %r8, %r8 + xor %r9, %r9 + xor %r10, %r10 + xor %r11, %r11 + + # Reset status flags. + add %rdx, %rdx # OF = SF = AF = CF = 0; ZF = PF = 1 + + # Prepare EEXIT target by popping the address of the instruction after + # EENTER to RBX. + pop %rbx + + # Restore the caller stack. + pop %rax + mov %rax, %rsp + + # EEXIT + mov $4, %rax + enclu + + .section ".data", "aw" + +encl_ssa: + .space 4096 + + .balign 4096 + .space 8192 +encl_stack: -- 2.25.1

4 years, 4 months

1
0
0 0

[PATCH v38 22/24] selftests/x86: Add a selftest for SGX

by Jarkko Sakkinen

Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations. Cc: linux-kselftest(a)vger.kernel.org Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/sgx/.gitignore | 2 + tools/testing/selftests/sgx/Makefile | 53 +++ tools/testing/selftests/sgx/call.S | 44 ++ tools/testing/selftests/sgx/defines.h | 21 + tools/testing/selftests/sgx/load.c | 277 ++++++++++++ tools/testing/selftests/sgx/main.c | 232 ++++++++++ tools/testing/selftests/sgx/main.h | 38 ++ tools/testing/selftests/sgx/sigstruct.c | 395 ++++++++++++++++++ tools/testing/selftests/sgx/test_encl.c | 20 + tools/testing/selftests/sgx/test_encl.lds | 40 ++ .../selftests/sgx/test_encl_bootstrap.S | 89 ++++ 12 files changed, 1212 insertions(+) create mode 100644 tools/testing/selftests/sgx/.gitignore create mode 100644 tools/testing/selftests/sgx/Makefile create mode 100644 tools/testing/selftests/sgx/call.S create mode 100644 tools/testing/selftests/sgx/defines.h create mode 100644 tools/testing/selftests/sgx/load.c create mode 100644 tools/testing/selftests/sgx/main.c create mode 100644 tools/testing/selftests/sgx/main.h create mode 100644 tools/testing/selftests/sgx/sigstruct.c create mode 100644 tools/testing/selftests/sgx/test_encl.c create mode 100644 tools/testing/selftests/sgx/test_encl.lds create mode 100644 tools/testing/selftests/sgx/test_encl_bootstrap.S diff --git a/tools/testing/selftests/Makefile b/tools/testing/selftests/Makefile index 9018f45d631d..fee80cda6304 100644 --- a/tools/testing/selftests/Makefile +++ b/tools/testing/selftests/Makefile @@ -68,6 +68,7 @@ TARGETS += user TARGETS += vm TARGETS += x86 TARGETS += zram +TARGETS += sgx #Please keep the TARGETS list alphabetically sorted # Run "make quicktest=1 run_tests" or # "make quicktest=1 kselftest" from top level Makefile diff --git a/tools/testing/selftests/sgx/.gitignore b/tools/testing/selftests/sgx/.gitignore new file mode 100644 index 000000000000..fbaf0bda9a92 --- /dev/null +++ b/tools/testing/selftests/sgx/.gitignore @@ -0,0 +1,2 @@ +test_sgx +test_encl.elf diff --git a/tools/testing/selftests/sgx/Makefile b/tools/testing/selftests/sgx/Makefile new file mode 100644 index 000000000000..95e5c4df8014 --- /dev/null +++ b/tools/testing/selftests/sgx/Makefile @@ -0,0 +1,53 @@ +top_srcdir = ../../../.. + +include ../lib.mk + +.PHONY: all clean + +CAN_BUILD_X86_64 := $(shell ../x86/check_cc.sh $(CC) \ + ../x86/trivial_64bit_program.c) + +ifndef OBJCOPY +OBJCOPY := $(CROSS_COMPILE)objcopy +endif + +INCLUDES := -I$(top_srcdir)/tools/include +HOST_CFLAGS := -Wall -Werror -g $(INCLUDES) -fPIC -z noexecstack +ENCL_CFLAGS := -Wall -Werror -static -nostdlib -nostartfiles -fPIC \ + -fno-stack-protector -mrdrnd $(INCLUDES) + +TEST_CUSTOM_PROGS := $(OUTPUT)/test_sgx $(OUTPUT)/test_encl.elf + +ifeq ($(CAN_BUILD_X86_64), 1) +all: $(TEST_CUSTOM_PROGS) +endif + +$(OUTPUT)/test_sgx: $(OUTPUT)/main.o \ + $(OUTPUT)/load.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/call.o + $(CC) $(HOST_CFLAGS) -o $@ $^ -lcrypto + +$(OUTPUT)/main.o: main.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/load.o: load.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/sigstruct.o: sigstruct.c + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/call.o: call.S + $(CC) $(HOST_CFLAGS) -c $< -o $@ + +$(OUTPUT)/test_encl.elf: test_encl.lds test_encl.c test_encl_bootstrap.S + $(CC) $(ENCL_CFLAGS) -T $^ -o $@ + +EXTRA_CLEAN := \ + $(OUTPUT)/test_encl.elf \ + $(OUTPUT)/load.o \ + $(OUTPUT)/call.o \ + $(OUTPUT)/main.o \ + $(OUTPUT)/sigstruct.o \ + $(OUTPUT)/test_sgx \ + $(OUTPUT)/test_sgx.o \ diff --git a/tools/testing/selftests/sgx/call.S b/tools/testing/selftests/sgx/call.S new file mode 100644 index 000000000000..f640532cda93 --- /dev/null +++ b/tools/testing/selftests/sgx/call.S @@ -0,0 +1,44 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/** +* Copyright(c) 2016-18 Intel Corporation. +*/ + + .text + + .global sgx_call_vdso +sgx_call_vdso: + .cfi_startproc + push %r15 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r15, 0 + push %r14 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r14, 0 + push %r13 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r13, 0 + push %r12 + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %r12, 0 + push %rbx + .cfi_adjust_cfa_offset 8 + .cfi_rel_offset %rbx, 0 + push $0 + .cfi_adjust_cfa_offset 8 + push 0x38(%rsp) + .cfi_adjust_cfa_offset 8 + call *eenter(%rip) + add $0x10, %rsp + .cfi_adjust_cfa_offset -0x10 + pop %rbx + .cfi_adjust_cfa_offset -8 + pop %r12 + .cfi_adjust_cfa_offset -8 + pop %r13 + .cfi_adjust_cfa_offset -8 + pop %r14 + .cfi_adjust_cfa_offset -8 + pop %r15 + .cfi_adjust_cfa_offset -8 + ret + .cfi_endproc diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h new file mode 100644 index 000000000000..be8969922804 --- /dev/null +++ b/tools/testing/selftests/sgx/defines.h @@ -0,0 +1,21 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef DEFINES_H +#define DEFINES_H + +#include <stdint.h> + +#define PAGE_SIZE 4096 +#define PAGE_MASK (~(PAGE_SIZE - 1)) + +#define __aligned(x) __attribute__((__aligned__(x))) +#define __packed __attribute__((packed)) + +#include "../../../../arch/x86/kernel/cpu/sgx/arch.h" +#include "../../../../arch/x86/include/asm/enclu.h" +#include "../../../../arch/x86/include/uapi/asm/sgx.h" + +#endif /* DEFINES_H */ diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c new file mode 100644 index 000000000000..8ce0c4ac9a49 --- /dev/null +++ b/tools/testing/selftests/sgx/load.c @@ -0,0 +1,277 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <assert.h> +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +void encl_delete(struct encl *encl) +{ + if (encl->encl_base) + munmap((void *)encl->encl_base, encl->encl_size); + + if (encl->bin) + munmap(encl->bin, encl->bin_size); + + if (encl->fd) + close(encl->fd); + + if (encl->segment_tbl) + free(encl->segment_tbl); + + memset(encl, 0, sizeof(*encl)); +} + +static bool encl_map_bin(const char *path, struct encl *encl) +{ + struct stat sb; + void *bin; + int ret; + int fd; + + fd = open(path, O_RDONLY); + if (fd == -1) { + perror("open()"); + return false; + } + + ret = stat(path, &sb); + if (ret) { + perror("stat()"); + goto err; + } + + bin = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); + if (bin == MAP_FAILED) { + perror("mmap()"); + goto err; + } + + encl->bin = bin; + encl->bin_size = sb.st_size; + + close(fd); + return true; + +err: + close(fd); + return false; +} + +static bool encl_ioc_create(struct encl *encl) +{ + struct sgx_secs *secs = &encl->secs; + struct sgx_enclave_create ioc; + int rc; + + assert(encl->encl_base != 0); + + memset(secs, 0, sizeof(*secs)); + secs->ssa_frame_size = 1; + secs->attributes = SGX_ATTR_MODE64BIT; + secs->xfrm = 3; + secs->base = encl->encl_base; + secs->size = encl->encl_size; + + ioc.src = (unsigned long)secs; + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_CREATE, &ioc); + if (rc) { + fprintf(stderr, "SGX_IOC_ENCLAVE_CREATE failed: errno=%d\n", + errno); + munmap((void *)secs->base, encl->encl_size); + return false; + } + + return true; +} + +static bool encl_ioc_add_pages(struct encl *encl, struct encl_segment *seg) +{ + struct sgx_enclave_add_pages ioc; + struct sgx_secinfo secinfo; + int rc; + + memset(&secinfo, 0, sizeof(secinfo)); + secinfo.flags = seg->flags; + + ioc.src = (uint64_t)encl->src + seg->offset; + ioc.offset = seg->offset; + ioc.length = seg->size; + ioc.secinfo = (unsigned long)&secinfo; + ioc.flags = SGX_PAGE_MEASURE; + + rc = ioctl(encl->fd, SGX_IOC_ENCLAVE_ADD_PAGES, &ioc); + if (rc < 0) { + fprintf(stderr, "SGX_IOC_ENCLAVE_ADD_PAGES failed: errno=%d.\n", + errno); + return false; + } + + return true; +} + +bool encl_load(const char *path, struct encl *encl) +{ + Elf64_Phdr *phdr_tbl; + off_t src_offset; + Elf64_Ehdr *ehdr; + int i, j; + int ret; + + memset(encl, 0, sizeof(*encl)); + + ret = open("/dev/sgx/enclave", O_RDWR); + if (ret < 0) { + fprintf(stderr, "Unable to open /dev/sgx\n"); + goto err; + } + + encl->fd = ret; + + if (!encl_map_bin(path, encl)) + goto err; + + ehdr = encl->bin; + phdr_tbl = encl->bin + ehdr->e_phoff; + + for (i = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + + if (phdr->p_type == PT_LOAD) + encl->nr_segments++; + } + + encl->segment_tbl = calloc(encl->nr_segments, + sizeof(struct encl_segment)); + if (!encl->segment_tbl) + goto err; + + for (i = 0, j = 0; i < ehdr->e_phnum; i++) { + Elf64_Phdr *phdr = &phdr_tbl[i]; + unsigned int flags = phdr->p_flags; + struct encl_segment *seg; + + if (phdr->p_type != PT_LOAD) + continue; + + seg = &encl->segment_tbl[j]; + + if (!!(flags & ~(PF_R | PF_W | PF_X))) { + fprintf(stderr, + "%d has invalid segment flags 0x%02x.\n", i, + phdr->p_flags); + goto err; + } + + if (j == 0 && flags != (PF_R | PF_W)) { + fprintf(stderr, + "TCS has invalid segment flags 0x%02x.\n", + phdr->p_flags); + goto err; + } + + if (j == 0) { + src_offset = (phdr->p_offset & PAGE_MASK) - src_offset; + + seg->prot = PROT_READ | PROT_WRITE; + seg->flags = SGX_PAGE_TYPE_TCS << 8; + } else { + seg->prot = (phdr->p_flags & PF_R) ? PROT_READ : 0; + seg->prot |= (phdr->p_flags & PF_W) ? PROT_WRITE : 0; + seg->prot |= (phdr->p_flags & PF_X) ? PROT_EXEC : 0; + seg->flags = (SGX_PAGE_TYPE_REG << 8) | seg->prot; + } + + seg->offset = (phdr->p_offset & PAGE_MASK) - src_offset; + seg->size = (phdr->p_filesz + PAGE_SIZE - 1) & PAGE_MASK; + + printf("0x%016lx 0x%016lx 0x%02x\n", seg->offset, seg->size, + seg->prot); + + j++; + } + + assert(j == encl->nr_segments); + + encl->src = encl->bin + src_offset; + encl->src_size = encl->segment_tbl[j - 1].offset + + encl->segment_tbl[j - 1].size; + + for (encl->encl_size = 4096; encl->encl_size < encl->src_size; ) + encl->encl_size <<= 1; + + return true; + +err: + encl_delete(encl); + return false; +} + +static bool encl_map_area(struct encl *encl) +{ + size_t encl_size = encl->encl_size; + void *area; + + area = mmap(NULL, encl_size * 2, PROT_NONE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + if (area == MAP_FAILED) { + perror("mmap"); + return false; + } + + encl->encl_base = ((uint64_t)area + encl_size - 1) & ~(encl_size - 1); + + munmap(area, encl->encl_base - (uint64_t)area); + munmap((void *)(encl->encl_base + encl_size), + (uint64_t)area + encl_size - encl->encl_base); + + return true; +} + +bool encl_build(struct encl *encl) +{ + struct sgx_enclave_init ioc; + int ret; + int i; + + if (!encl_map_area(encl)) + return false; + + if (!encl_ioc_create(encl)) + return false; + + /* + * Pages must be added before mapping VMAs because their permissions + * cap the VMA permissions. + */ + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!encl_ioc_add_pages(encl, seg)) + return false; + } + + ioc.sigstruct = (uint64_t)&encl->sigstruct; + ret = ioctl(encl->fd, SGX_IOC_ENCLAVE_INIT, &ioc); + if (ret) { + fprintf(stderr, "SGX_IOC_ENCLAVE_INIT failed: errno=%d\n", + errno); + return false; + } + + return true; +} diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c new file mode 100644 index 000000000000..44acb3c72067 --- /dev/null +++ b/tools/testing/selftests/sgx/main.c @@ -0,0 +1,232 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <elf.h> +#include <errno.h> +#include <fcntl.h> +#include <stdbool.h> +#include <stdio.h> +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/ioctl.h> +#include <sys/mman.h> +#include <sys/stat.h> +#include <sys/time.h> +#include <sys/types.h> +#include "defines.h" +#include "main.h" + +static const uint64_t MAGIC = 0x1122334455667788ULL; +vdso_sgx_enter_enclave_t eenter; + +struct vdso_symtab { + Elf64_Sym *elf_symtab; + const char *elf_symstrtab; + Elf64_Word *elf_hashtab; +}; + +static void *vdso_get_base_addr(char *envp[]) +{ + Elf64_auxv_t *auxv; + int i; + + for (i = 0; envp[i]; i++) + ; + + auxv = (Elf64_auxv_t *)&envp[i + 1]; + + for (i = 0; auxv[i].a_type != AT_NULL; i++) { + if (auxv[i].a_type == AT_SYSINFO_EHDR) + return (void *)auxv[i].a_un.a_val; + } + + return NULL; +} + +static Elf64_Dyn *vdso_get_dyntab(void *addr) +{ + Elf64_Ehdr *ehdr = addr; + Elf64_Phdr *phdrtab = addr + ehdr->e_phoff; + int i; + + for (i = 0; i < ehdr->e_phnum; i++) + if (phdrtab[i].p_type == PT_DYNAMIC) + return addr + phdrtab[i].p_offset; + + return NULL; +} + +static void *vdso_get_dyn(void *addr, Elf64_Dyn *dyntab, Elf64_Sxword tag) +{ + int i; + + for (i = 0; dyntab[i].d_tag != DT_NULL; i++) + if (dyntab[i].d_tag == tag) + return addr + dyntab[i].d_un.d_ptr; + + return NULL; +} + +static bool vdso_get_symtab(void *addr, struct vdso_symtab *symtab) +{ + Elf64_Dyn *dyntab = vdso_get_dyntab(addr); + + symtab->elf_symtab = vdso_get_dyn(addr, dyntab, DT_SYMTAB); + if (!symtab->elf_symtab) + return false; + + symtab->elf_symstrtab = vdso_get_dyn(addr, dyntab, DT_STRTAB); + if (!symtab->elf_symstrtab) + return false; + + symtab->elf_hashtab = vdso_get_dyn(addr, dyntab, DT_HASH); + if (!symtab->elf_hashtab) + return false; + + return true; +} + +static unsigned long elf_sym_hash(const char *name) +{ + unsigned long h = 0, high; + + while (*name) { + h = (h << 4) + *name++; + high = h & 0xf0000000; + + if (high) + h ^= high >> 24; + + h &= ~high; + } + + return h; +} + +static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name) +{ + Elf64_Word bucketnum = symtab->elf_hashtab[0]; + Elf64_Word *buckettab = &symtab->elf_hashtab[2]; + Elf64_Word *chaintab = &symtab->elf_hashtab[2 + bucketnum]; + Elf64_Sym *sym; + Elf64_Word i; + + for (i = buckettab[elf_sym_hash(name) % bucketnum]; i != STN_UNDEF; + i = chaintab[i]) { + sym = &symtab->elf_symtab[i]; + if (!strcmp(name, &symtab->elf_symstrtab[sym->st_name])) + return sym; + } + + return NULL; +} + +int check_result(struct sgx_enclave_run *run, int ret, uint64_t result, + const char *test) +{ + if (ret) { + printf("FAIL: %s() returned: %d\n", test, ret); + return ret; + } else if (run->exit_reason != SGX_SYNCHRONOUS_EXIT) { + printf("FAIL: %s() exit reason, expected: %u, got: %u\n", + test, SGX_SYNCHRONOUS_EXIT, run->exit_reason); + return -EIO; + } else if (result != MAGIC) { + printf("FAIL: %s(), expected: 0x%lx, got: 0x%lx\n", + test, MAGIC, result); + return -EIO; + } else if (run->user_data) { + printf("FAIL: %s() user data, expected: 0x0, got: 0x%llx\n", + test, run->user_data); + return -EIO; + } + return 0; +} + +static int exit_handler(long rdi, long rsi, long rdx, long ursp, long r8, long r9, + struct sgx_enclave_run *run) +{ + run->user_data = 0; + return 0; +} + +int main(int argc, char *argv[], char *envp[]) +{ + struct sgx_enclave_run run; + struct vdso_symtab symtab; + Elf64_Sym *eenter_sym; + uint64_t result = 0; + struct encl encl; + unsigned int i; + void *addr; + int ret; + + if (!encl_load("test_encl.elf", &encl)) + goto err; + + if (!encl_measure(&encl)) + goto err; + + if (!encl_build(&encl)) + goto err; + + /* + * An enclave consumer only must do this. + */ + for (i = 0; i < encl.nr_segments; i++) { + struct encl_segment *seg = &encl.segment_tbl[i]; + + addr = mmap((void *)encl.encl_base + seg->offset, seg->size, + seg->prot, MAP_SHARED | MAP_FIXED, encl.fd, 0); + if (addr == MAP_FAILED) { + fprintf(stderr, "mmap() failed, errno=%d.\n", errno); + exit(1); + } + } + + memset(&run, 0, sizeof(run)); + run.tcs = encl.encl_base; + + addr = vdso_get_base_addr(envp); + if (!addr) + goto err; + + if (!vdso_get_symtab(addr, &symtab)) + goto err; + + eenter_sym = vdso_symtab_get(&symtab, "__vdso_sgx_enter_enclave"); + if (!eenter_sym) + goto err; + + eenter = addr + eenter_sym->st_value; + + ret = sgx_call_vdso((void *)&MAGIC, &result, 0, EENTER, NULL, NULL, &run); + if (check_result(&run, ret, result, "sgx_call_vdso")) + goto err; + + + /* Invoke the vDSO directly. */ + result = 0; + ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, + 0, 0, &run); + if (check_result(&run, ret, result, "eenter")) + goto err; + + /* And with an exit handler. */ + run.user_handler = exit_handler; + run.user_data = 0xdeadbeef; + ret = eenter((unsigned long)&MAGIC, (unsigned long)&result, 0, EENTER, + 0, 0, &run); + if (check_result(&run, ret, result, "exit_handler")) + goto err; + + printf("SUCCESS\n"); + encl_delete(&encl); + exit(0); + +err: + encl_delete(&encl); + exit(1); +} diff --git a/tools/testing/selftests/sgx/main.h b/tools/testing/selftests/sgx/main.h new file mode 100644 index 000000000000..2b4777942500 --- /dev/null +++ b/tools/testing/selftests/sgx/main.h @@ -0,0 +1,38 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Copyright(c) 2016-19 Intel Corporation. + */ + +#ifndef MAIN_H +#define MAIN_H + +struct encl_segment { + off_t offset; + size_t size; + unsigned int prot; + unsigned int flags; +}; + +struct encl { + int fd; + void *bin; + off_t bin_size; + void *src; + size_t src_size; + size_t encl_size; + off_t encl_base; + unsigned int nr_segments; + struct encl_segment *segment_tbl; + struct sgx_secs secs; + struct sgx_sigstruct sigstruct; +}; + +void encl_delete(struct encl *ctx); +bool encl_load(const char *path, struct encl *encl); +bool encl_measure(struct encl *encl); +bool encl_build(struct encl *encl); + +int sgx_call_vdso(void *rdi, void *rsi, long rdx, u32 leaf, void *r8, void *r9, + struct sgx_enclave_run *run); + +#endif /* MAIN_H */ diff --git a/tools/testing/selftests/sgx/sigstruct.c b/tools/testing/selftests/sgx/sigstruct.c new file mode 100644 index 000000000000..ceddad478672 --- /dev/null +++ b/tools/testing/selftests/sgx/sigstruct.c @@ -0,0 +1,395 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#define _GNU_SOURCE +#include <assert.h> +#include <getopt.h> +#include <stdbool.h> +#include <stdint.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/stat.h> +#include <sys/types.h> +#include <unistd.h> +#include <openssl/err.h> +#include <openssl/pem.h> +#include "defines.h" +#include "main.h" + +struct q1q2_ctx { + BN_CTX *bn_ctx; + BIGNUM *m; + BIGNUM *s; + BIGNUM *q1; + BIGNUM *qr; + BIGNUM *q2; +}; + +static void free_q1q2_ctx(struct q1q2_ctx *ctx) +{ + BN_CTX_free(ctx->bn_ctx); + BN_free(ctx->m); + BN_free(ctx->s); + BN_free(ctx->q1); + BN_free(ctx->qr); + BN_free(ctx->q2); +} + +static bool alloc_q1q2_ctx(const uint8_t *s, const uint8_t *m, + struct q1q2_ctx *ctx) +{ + ctx->bn_ctx = BN_CTX_new(); + ctx->s = BN_bin2bn(s, SGX_MODULUS_SIZE, NULL); + ctx->m = BN_bin2bn(m, SGX_MODULUS_SIZE, NULL); + ctx->q1 = BN_new(); + ctx->qr = BN_new(); + ctx->q2 = BN_new(); + + if (!ctx->bn_ctx || !ctx->s || !ctx->m || !ctx->q1 || !ctx->qr || + !ctx->q2) { + free_q1q2_ctx(ctx); + return false; + } + + return true; +} + +static bool calc_q1q2(const uint8_t *s, const uint8_t *m, uint8_t *q1, + uint8_t *q2) +{ + struct q1q2_ctx ctx; + + if (!alloc_q1q2_ctx(s, m, &ctx)) { + fprintf(stderr, "Not enough memory for Q1Q2 calculation\n"); + return false; + } + + if (!BN_mul(ctx.q1, ctx.s, ctx.s, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q1, ctx.qr, ctx.q1, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q1) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q1 %d bytes\n", + BN_num_bytes(ctx.q1)); + goto out; + } + + if (!BN_mul(ctx.q2, ctx.s, ctx.qr, ctx.bn_ctx)) + goto out; + + if (!BN_div(ctx.q2, NULL, ctx.q2, ctx.m, ctx.bn_ctx)) + goto out; + + if (BN_num_bytes(ctx.q2) > SGX_MODULUS_SIZE) { + fprintf(stderr, "Too large Q2 %d bytes\n", + BN_num_bytes(ctx.q2)); + goto out; + } + + BN_bn2bin(ctx.q1, q1); + BN_bn2bin(ctx.q2, q2); + + free_q1q2_ctx(&ctx); + return true; +out: + free_q1q2_ctx(&ctx); + return false; +} + +struct sgx_sigstruct_payload { + struct sgx_sigstruct_header header; + struct sgx_sigstruct_body body; +}; + +static bool check_crypto_errors(void) +{ + int err; + bool had_errors = false; + const char *filename; + int line; + char str[256]; + + for ( ; ; ) { + if (ERR_peek_error() == 0) + break; + + had_errors = true; + err = ERR_get_error_line(&filename, &line); + ERR_error_string_n(err, str, sizeof(str)); + fprintf(stderr, "crypto: %s: %s:%d\n", str, filename, line); + } + + return had_errors; +} + +static inline const BIGNUM *get_modulus(RSA *key) +{ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + return key->n; +#else + const BIGNUM *n; + + RSA_get0_key(key, &n, NULL, NULL); + return n; +#endif +} + +static RSA *gen_sign_key(void) +{ + BIGNUM *e; + RSA *key; + int ret; + + e = BN_new(); + key = RSA_new(); + + if (!e || !key) + goto err; + + ret = BN_set_word(e, RSA_3); + if (ret != 1) + goto err; + + ret = RSA_generate_key_ex(key, 3072, e, NULL); + if (ret != 1) + goto err; + + BN_free(e); + + return key; + +err: + RSA_free(key); + BN_free(e); + + return NULL; +} + +static void reverse_bytes(void *data, int length) +{ + int i = 0; + int j = length - 1; + uint8_t temp; + uint8_t *ptr = data; + + while (i < j) { + temp = ptr[i]; + ptr[i] = ptr[j]; + ptr[j] = temp; + i++; + j--; + } +} + +enum mrtags { + MRECREATE = 0x0045544145524345, + MREADD = 0x0000000044444145, + MREEXTEND = 0x00444E4554584545, +}; + +static bool mrenclave_update(EVP_MD_CTX *ctx, const void *data) +{ + if (!EVP_DigestUpdate(ctx, data, 64)) { + fprintf(stderr, "digest update failed\n"); + return false; + } + + return true; +} + +static bool mrenclave_commit(EVP_MD_CTX *ctx, uint8_t *mrenclave) +{ + unsigned int size; + + if (!EVP_DigestFinal_ex(ctx, (unsigned char *)mrenclave, &size)) { + fprintf(stderr, "digest commit failed\n"); + return false; + } + + if (size != 32) { + fprintf(stderr, "invalid digest size = %u\n", size); + return false; + } + + return true; +} + +struct mrecreate { + uint64_t tag; + uint32_t ssaframesize; + uint64_t size; + uint8_t reserved[44]; +} __attribute__((__packed__)); + + +static bool mrenclave_ecreate(EVP_MD_CTX *ctx, uint64_t blob_size) +{ + struct mrecreate mrecreate; + uint64_t encl_size; + + for (encl_size = 0x1000; encl_size < blob_size; ) + encl_size <<= 1; + + memset(&mrecreate, 0, sizeof(mrecreate)); + mrecreate.tag = MRECREATE; + mrecreate.ssaframesize = 1; + mrecreate.size = encl_size; + + if (!EVP_DigestInit_ex(ctx, EVP_sha256(), NULL)) + return false; + + return mrenclave_update(ctx, &mrecreate); +} + +struct mreadd { + uint64_t tag; + uint64_t offset; + uint64_t flags; /* SECINFO flags */ + uint8_t reserved[40]; +} __attribute__((__packed__)); + +static bool mrenclave_eadd(EVP_MD_CTX *ctx, uint64_t offset, uint64_t flags) +{ + struct mreadd mreadd; + + memset(&mreadd, 0, sizeof(mreadd)); + mreadd.tag = MREADD; + mreadd.offset = offset; + mreadd.flags = flags; + + return mrenclave_update(ctx, &mreadd); +} + +struct mreextend { + uint64_t tag; + uint64_t offset; + uint8_t reserved[48]; +} __attribute__((__packed__)); + +static bool mrenclave_eextend(EVP_MD_CTX *ctx, uint64_t offset, + const uint8_t *data) +{ + struct mreextend mreextend; + int i; + + for (i = 0; i < 0x1000; i += 0x100) { + memset(&mreextend, 0, sizeof(mreextend)); + mreextend.tag = MREEXTEND; + mreextend.offset = offset + i; + + if (!mrenclave_update(ctx, &mreextend)) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x00])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x40])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0x80])) + return false; + + if (!mrenclave_update(ctx, &data[i + 0xC0])) + return false; + } + + return true; +} + +static bool mrenclave_segment(EVP_MD_CTX *ctx, struct encl *encl, + struct encl_segment *seg) +{ + uint64_t end = seg->offset + seg->size; + uint64_t offset; + + for (offset = seg->offset; offset < end; offset += PAGE_SIZE) { + if (!mrenclave_eadd(ctx, offset, seg->flags)) + return false; + + if (!mrenclave_eextend(ctx, offset, encl->src + offset)) + return false; + } + + return true; +} + +bool encl_measure(struct encl *encl) +{ + uint64_t header1[2] = {0x000000E100000006, 0x0000000000010000}; + uint64_t header2[2] = {0x0000006000000101, 0x0000000100000060}; + struct sgx_sigstruct *sigstruct = &encl->sigstruct; + struct sgx_sigstruct_payload payload; + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int siglen; + RSA *key = NULL; + EVP_MD_CTX *ctx; + int i; + + memset(sigstruct, 0, sizeof(*sigstruct)); + + sigstruct->header.header1[0] = header1[0]; + sigstruct->header.header1[1] = header1[1]; + sigstruct->header.header2[0] = header2[0]; + sigstruct->header.header2[1] = header2[1]; + sigstruct->exponent = 3; + sigstruct->body.attributes = SGX_ATTR_MODE64BIT; + sigstruct->body.xfrm = 3; + + /* sanity check */ + if (check_crypto_errors()) + goto err; + + key = gen_sign_key(); + if (!key) + goto err; + + BN_bn2bin(get_modulus(key), sigstruct->modulus); + + ctx = EVP_MD_CTX_create(); + if (!ctx) + goto err; + + if (!mrenclave_ecreate(ctx, encl->src_size)) + goto err; + + for (i = 0; i < encl->nr_segments; i++) { + struct encl_segment *seg = &encl->segment_tbl[i]; + + if (!mrenclave_segment(ctx, encl, seg)) + goto err; + } + + if (!mrenclave_commit(ctx, sigstruct->body.mrenclave)) + goto err; + + memcpy(&payload.header, &sigstruct->header, sizeof(sigstruct->header)); + memcpy(&payload.body, &sigstruct->body, sizeof(sigstruct->body)); + + SHA256((unsigned char *)&payload, sizeof(payload), digest); + + if (!RSA_sign(NID_sha256, digest, SHA256_DIGEST_LENGTH, + sigstruct->signature, &siglen, key)) + goto err; + + if (!calc_q1q2(sigstruct->signature, sigstruct->modulus, sigstruct->q1, + sigstruct->q2)) + goto err; + + /* BE -> LE */ + reverse_bytes(sigstruct->signature, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->modulus, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q1, SGX_MODULUS_SIZE); + reverse_bytes(sigstruct->q2, SGX_MODULUS_SIZE); + + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return true; + +err: + EVP_MD_CTX_destroy(ctx); + RSA_free(key); + return false; +} diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c new file mode 100644 index 000000000000..ede915399742 --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) +// Copyright(c) 2016-18 Intel Corporation. + +#include <stddef.h> +#include "defines.h" + +static void *memcpy(void *dest, const void *src, size_t n) +{ + size_t i; + + for (i = 0; i < n; i++) + ((char *)dest)[i] = ((char *)src)[i]; + + return dest; +} + +void encl_body(void *rdi, void *rsi) +{ + memcpy(rsi, rdi, 8); +} diff --git a/tools/testing/selftests/sgx/test_encl.lds b/tools/testing/selftests/sgx/test_encl.lds new file mode 100644 index 000000000000..0fbbda7e665e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl.lds @@ -0,0 +1,40 @@ +OUTPUT_FORMAT(elf64-x86-64) + +PHDRS +{ + tcs PT_LOAD; + text PT_LOAD; + data PT_LOAD; +} + +SECTIONS +{ + . = 0; + .tcs : { + *(.tcs*) + } : tcs + + . = ALIGN(4096); + .text : { + *(.text*) + *(.rodata*) + } : text + + . = ALIGN(4096); + .data : { + *(.data*) + } : data + + /DISCARD/ : { + *(.comment*) + *(.note*) + *(.debug*) + *(.eh_frame*) + } +} + +ASSERT(!DEFINED(.altinstructions), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.altinstr_replacement), "ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.retpoline_safe), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.discard.nospec), "RETPOLINE ALTERNATIVES are not supported in enclaves") +ASSERT(!DEFINED(.got.plt), "Libcalls are not supported in enclaves") diff --git a/tools/testing/selftests/sgx/test_encl_bootstrap.S b/tools/testing/selftests/sgx/test_encl_bootstrap.S new file mode 100644 index 000000000000..6836ea86126e --- /dev/null +++ b/tools/testing/selftests/sgx/test_encl_bootstrap.S @@ -0,0 +1,89 @@ +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */ +/* + * Copyright(c) 2016-18 Intel Corporation. + */ + + .macro ENCLU + .byte 0x0f, 0x01, 0xd7 + .endm + + .section ".tcs", "aw" + .balign 4096 + + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + # Identical to the previous TCS. + .fill 1, 8, 0 # STATE (set by CPU) + .fill 1, 8, 0 # FLAGS + .quad encl_ssa # OSSA + .fill 1, 4, 0 # CSSA (set by CPU) + .fill 1, 4, 1 # NSSA + .quad encl_entry # OENTRY + .fill 1, 8, 0 # AEP (set by EENTER and ERESUME) + .fill 1, 8, 0 # OFSBASE + .fill 1, 8, 0 # OGSBASE + .fill 1, 4, 0xFFFFFFFF # FSLIMIT + .fill 1, 4, 0xFFFFFFFF # GSLIMIT + .fill 4024, 1, 0 # Reserved + + .text + +encl_entry: + # RBX contains the base address for TCS, which is also the first address + # inside the enclave. By adding the value of le_stack_end to it, we get + # the absolute address for the stack. + lea (encl_stack)(%rbx), %rax + xchg %rsp, %rax + push %rax + + push %rcx # push the address after EENTER + push %rbx # push the enclave base address + + call encl_body + + pop %rbx # pop the enclave base address + + /* Clear volatile GPRs, except RAX (EEXIT leaf). */ + xor %rcx, %rcx + xor %rdx, %rdx + xor %rdi, %rdi + xor %rsi, %rsi + xor %r8, %r8 + xor %r9, %r9 + xor %r10, %r10 + xor %r11, %r11 + + # Reset status flags. + add %rdx, %rdx # OF = SF = AF = CF = 0; ZF = PF = 1 + + # Prepare EEXIT target by popping the address of the instruction after + # EENTER to RBX. + pop %rbx + + # Restore the caller stack. + pop %rax + mov %rax, %rsp + + # EEXIT + mov $4, %rax + enclu + + .section ".data", "aw" + +encl_ssa: + .space 4096 + + .balign 4096 + .space 8192 +encl_stack: -- 2.25.1

4 years, 4 months

1
0
0 0

Re: [patch 00/13] preempt: Make preempt count unconditional

by Ard Biesheuvel

On Tue, 15 Sep 2020 at 01:43, Linus Torvalds <torvalds(a)linux-foundation.org> wrote: > > On Mon, Sep 14, 2020 at 3:24 PM Linus Torvalds > <torvalds(a)linux-foundation.org> wrote: > > > > Ard and Herbert added to participants: see > > chacha20poly1305_crypt_sg_inplace(), which does > > > > flags = SG_MITER_TO_SG; > > if (!preemptible()) > > flags |= SG_MITER_ATOMIC; > > > > introduced in commit d95312a3ccc0 ("crypto: lib/chacha20poly1305 - > > reimplement crypt_from_sg() routine"). > > As far as I can tell, the only reason for this all is to try to use > "kmap()" rather than "kmap_atomic()". > > And kmap() actually has the much more complex "might_sleep()" tests, > and apparently the "preemptible()" check wasn't even the proper full > debug check, it was just a complete hack to catch the one that > triggered. > This was not driven by a failing check. The documentation of kmap_atomic() states the following: * The use of kmap_atomic/kunmap_atomic is discouraged - kmap/kunmap * gives a more generic (and caching) interface. But kmap_atomic can * be used in IRQ contexts, so in some (very limited) cases we need * it. so if this is no longer accurate, perhaps we should fix it? But another reason I tried to avoid kmap_atomic() is that it disables preemption unconditionally, even on 64-bit architectures where HIGHMEM is irrelevant. So using kmap_atomic() here means that the bulk of WireGuard packet encryption runs with preemption disabled, essentially for legacy reasons. > From a quick look, that code should probably just get rid of > SG_MITER_ATOMIC entirely, and alwayse use kmap_atomic(). > > kmap_atomic() is actually the faster and proper interface to use > anyway (never mind that any of this matters on any sane hardware). The > old kmap() and kunmap() interfaces should generally be avoided like > the plague - yes, they allow sleeping in the middle and that is > sometimes required, but if you don't need that, you should never ever > use them. > > We used to have a very nasty kmap_atomic() that required people to be > very careful and know exactly which atomic entry to use, and that was > admitedly quite nasty. > > So it _looks_ like this code started using kmap() - probably back when > kmap_atomic() was so cumbersome to use - and was then converted > (conditionally) to kmap_atomic() rather than just changed whole-sale. > Is there actually something that wants to use those sg_miter functions > and sleep? > > Because if there is, that choice should come from the outside, not > from inside lib/scatterlist.c trying to make some bad guess based on > the wrong thing entirely. > > Linus

4 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror