On Wed, Jun 03, 2020 at 03:06:34PM -0700, Sean Christopherson wrote:
On Mon, Jun 01, 2020 at 10:52:16AM +0300, Jarkko Sakkinen wrote:
Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations.
...
--- /dev/null +++ b/tools/testing/selftests/sgx/Makefile @@ -0,0 +1,53 @@ +top_srcdir = ../../../..
+include ../lib.mk
+.PHONY: all clean
+CAN_BUILD_X86_64 := $(shell ../x86/check_cc.sh $(CC) \
../x86/trivial_64bit_program.c)+ifndef OBJCOPY +OBJCOPY := $(CROSS_COMPILE)objcopy +endif
+INCLUDES := -I$(top_srcdir)/tools/include +HOST_CFLAGS := -Wall -Werror -g $(INCLUDES) -fPIC -z noexecstack
There's a pending pull request for 5.8[1] that includes a patch that turns off automatic READ_IMPLIES_EXEC for x86_64[2]. Assuming that gets pulled for 5.8, we should drop noexecstack to verify/ensure that the workaround is no longer needed to avoid conflicts with the EPCM permissions.
[1] https://lkml.kernel.org/r/20200603213452.GG19667@zn.tnic [2] https://lkml.kernel.org/r/20200327064820.12602-4-keescook@chromium.org
If the check is removed from encl.c, then this needs to be taken into account in backporting.
/Jarkko