Re: [PATCH v28 14/22] selftests/x86: Add a selftest for SGX

From: Dr. Greg
Date: Mon Mar 16 2020 - 21:10:24 EST

Next message: Lu Baolu: "[PATCH 1/1] iommu/vt-d: Fix page request descriptor size"
Previous message: Xiao Yang: "Re: [PATCH] modpost: Get proper section index by get_secindex() instead of st_shndx"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 10, 2020 at 02:29:41PM -0500, Haitao Huang wrote:

Good evening, I hope the week is going well for everyone.

> >Just as a clarification, are you testing the new driver against
> >signed production class enclaves in .so format that also include
> >metadata layout directives or is the driver just getting tested
> >against the two page toy enclave that copies a word of memory from
> >one memory location to another?

> We (Intel SGX SDK/PSW team) tested this driver for enclaves in .so
> format with metadata. Our 2.8 release supports v24 and 2.9 supports
> v25+. Both production signed and debug signed enclaves worked.
>
> *Note* we did make some code changes in our runtime for v24+, mainly
> dealing with src & EPC page alignment for EADD, open one fd per
> enclave, use -z noexecstack linker option, etc. You can see the
> changes on GitHub.

Lots of knobs getting turned at the same time but we sorted out all
the issues and our runtime is now passing its regression tests with
the new driver, with an exception that we note below.

I suspect that we might have the only complete and architecturally
independent runtime implementation so if the new driver is working
against yours and ours it would seem to be a reasonable test spectrum
for the driver.

> >We see the same behavior from both our unit test enclaves and the
> >Quoting Enclave from the Intel SGX runtime.

> We did not see any issue loading QE in our tests. Please directly
> email me on this test if you have specific questions.

As it turns out the major problem we were running into with respect to
the QE test was the fact that generic use of atexit() handlers was
disabled by changes that went into the 2.8 SDK. Our runtime and SDK
assume that enclave atexit() handling works.

The enclave UNINIT ECALL is only allowed on runtimes that are
advertising EDMM support. That seems excessively restrictive since
atexit() handling is generically useful for enclaves that are not
using EDMM. Our runtime allows EDMM to be disabled and we have
enclaves that gate on that for security purposes.

On a quasi-related note, it appears that the 1.4 compatibility
metadata created by post 2.0 signing tools is leaking layout
descriptors that a version 1.4 runtime doesn't understand.

Do you want to exchange e-mail on this or should we direct
conversations about these issues with others on your SDK team.

Have a good remainder of the week.

Dr. Greg

As always,
Dr. Greg Wettstein, Ph.D, Worker SGX secured infrastructure and
Enjellic Systems Development, LLC autonomously self-defensive
4206 N. 19th Ave. platforms.
Fargo, ND 58102
PH: 701-281-1686 EMAIL: greg@xxxxxxxxxxxx
------------------------------------------------------------------------------
"All parts should go together without forcing. You must remember that
the parts you are reassembling were disassembled by you. Therefore,
if you can't get them together again, there must be a reason. By all
means, do not use a hammer."
-- IBM maintenance manual, 1925

Next message: Lu Baolu: "[PATCH 1/1] iommu/vt-d: Fix page request descriptor size"
Previous message: Xiao Yang: "Re: [PATCH] modpost: Get proper section index by get_secindex() instead of st_shndx"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]