On Sun, Sep 04, 2022 at 07:02:08AM +0300, Jarkko Sakkinen wrote:
On Fri, Sep 02, 2022 at 01:22:59AM +0300, Jarkko Sakkinen wrote:
Is this test passing on your system? This version is missing the change to mrenclave_ecreate() that causes SGX_IOC_ENCLAVE_INIT to fail when I try it out.
I *did* get a pass in my test machine. Hmm... I'll check if the kernel tree was out-of-sync, which could be the reason.
I do not compile kernel on that machine but have the kernel tree for running selftests. So there is a possiblity for a human error. Thanks for pointing this out.
Apparently, v1 and v2 break the encl->src_size calculation: the dynamic heap size is not added.
So, in order to revert sigstruct change:
diff --git a/tools/testing/selftests/sgx/load.c b/tools/testing/selftests/sgx/load.c index 47b2786d6a77..0e4e12e1e3eb 100644 --- a/tools/testing/selftests/sgx/load.c +++ b/tools/testing/selftests/sgx/load.c @@ -172,7 +172,7 @@ uint64_t encl_get_entry(struct encl *encl, const char *symbol) }
bool encl_load(const char *path, struct encl *encl, unsigned long heap_size,
unsigned long edmm_size)
unsigned long dynamic_heap_size){ const char device_path[] = "/dev/sgx_enclave"; struct encl_segment *seg; @@ -299,9 +299,9 @@ bool encl_load(const char *path, struct encl *encl, unsigned long heap_size, if (seg->src == MAP_FAILED) goto err;
encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size;
encl->src_size = encl->segment_tbl[j].offset + encl->segment_tbl[j].size + dynamic_heap_size;
for (encl->encl_size = 4096; encl->encl_size < encl->src_size + edmm_size;)
for (encl->encl_size = 4096; encl->encl_size < encl->src_size;) encl->encl_size <<= 1;
Actually, it is correct after all how Vijay changed it. We should use the final pre-calculated enclave address range in sigstruct.c. It's the re-calculation of that in sigstruct is a reminiscent of it being a separate command-line utility, instead of calculating the sigstruct on-fly. I.e. there has been sane reasons why it has been like that.
BR, Jarkko