lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Sep 2021 18:21:37 +0300
From:   Jarkko Sakkinen <jarkko@...nel.org>
To:     Reinette Chatre <reinette.chatre@...el.com>,
        linux-sgx@...r.kernel.org, shuah@...nel.org
Cc:     seanjc@...gle.com, bp@...en8.de, dave.hansen@...ux.intel.com,
        linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 12/14] selftests/sgx: Add page permission and exception
 test

On Wed, 2021-09-15 at 13:31 -0700, Reinette Chatre wrote:
> The Enclave Page Cache Map (EPCM) is a secure structure used by the
> processor to track the contents of the enclave page cache. The EPCM
> contains permissions with which enclave pages can be accessed. SGX
> support allows EPCM and PTE page permissions to differ - as long as
> the PTE permissions do not exceed the EPCM permissions.
> 
> Add a test to ensure that (1) PTE permissions can be changed as long as
> they do not exceed EPCM permissions, and (2) even if EPCM permissions
> allow a page to be written to, if the PTE permissions do not then a #PF
> should be generated when attempting to write to a (from PTE perspective)
> read-only page.
> 
> This introduces the first test of SGX exception handling. In this test
> the issue that caused the exception (PTE page permissions) can be fixed
> from outside the enclave and after doing so it is possible to re-enter
> enclave at original entrypoint with ERESUME.
> 
> Signed-off-by: Reinette Chatre <reinette.chatre@...el.com>
> ---
>  tools/testing/selftests/sgx/defines.h   |  14 +++
>  tools/testing/selftests/sgx/main.c      | 134 ++++++++++++++++++++++++
>  tools/testing/selftests/sgx/test_encl.c |  21 ++++
>  3 files changed, 169 insertions(+)
> 
> diff --git a/tools/testing/selftests/sgx/defines.h b/tools/testing/selftests/sgx/defines.h
> index 9ea0c7882dfb..0bbda6f0c7d3 100644
> --- a/tools/testing/selftests/sgx/defines.h
> +++ b/tools/testing/selftests/sgx/defines.h
> @@ -21,6 +21,8 @@
>  enum encl_op_type {
>  	ENCL_OP_PUT_TO_BUFFER,
>  	ENCL_OP_GET_FROM_BUFFER,
> +	ENCL_OP_PUT_TO_ADDRESS,
> +	ENCL_OP_GET_FROM_ADDRESS,
>  	ENCL_OP_MAX,
>  };
>  
> @@ -38,4 +40,16 @@ struct encl_op_get_from_buf {
>  	uint64_t value;
>  };
>  
> +struct encl_op_put_to_addr {
> +	struct encl_op_header header;
> +	uint64_t value;
> +	uint64_t addr;
> +};
> +
> +struct encl_op_get_from_addr {
> +	struct encl_op_header header;
> +	uint64_t value;
> +	uint64_t addr;
> +};
> +
>  #endif /* DEFINES_H */
> diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
> index 3eb9b89ece5f..308cf09ab02a 100644
> --- a/tools/testing/selftests/sgx/main.c
> +++ b/tools/testing/selftests/sgx/main.c
> @@ -21,6 +21,7 @@
>  #include "main.h"
>  
>  static const uint64_t MAGIC = 0x1122334455667788ULL;
> +static const uint64_t MAGIC2 = 0x8877665544332211ULL;
>  vdso_sgx_enter_enclave_t vdso_sgx_enter_enclave;
>  
>  struct vdso_symtab {
> @@ -107,6 +108,25 @@ static Elf64_Sym *vdso_symtab_get(struct vdso_symtab *symtab, const char *name)
>  	return NULL;
>  }
>  
> +/*
> + * Return the offset in the enclave where the data segment can be found.
> + * The first RW segment loaded is the TCS, skip that to get info on the
> + * data segment.
> + */
> +static off_t encl_get_data_offset(struct encl *encl)
> +{
> +	int i;
> +
> +	for (i = 0; i < encl->nr_segments; i++) {
> +		struct encl_segment *seg = &encl->segment_tbl[i];
> +
> +		if (i != 0 && seg->prot == (PROT_READ | PROT_WRITE))
> +			return seg->offset;

So, why not

	for (i = 1; i < encl->nr_segments; i++)

?

> +	}
> +
> +	return -1;
> +}
> +
>  FIXTURE(enclave) {
>  	struct encl encl;
>  	struct sgx_enclave_run run;
> @@ -373,4 +393,118 @@ TEST_F(enclave, clobbered_vdso_and_user_function)
>  	EXPECT_EQ(self->run.user_data, 0);
>  }
>  
> +/*
> + * Second page of .data segment is used to test changing PTE permissions.
> + * This spans the local encl_buffer within the test enclave.
> + *
> + * 1) Start with a sanity check: a value is written to the target page within
> + *    the enclave and read back to ensure target page can be written to.
> + * 2) Change PTE permissions (RW -> RO) of target page within enclave.
> + * 3) Repeat (1) - this time expecting a regular #PF communicated via the
> + *    vDSO.
> + * 4) Change PTE permissions of target page within enclave back to be RW.
> + * 5) Repeat (1) by resuming enclave, now expected to be possible to write to
> + *    and read from target page within enclave.
> + */
> +TEST_F(enclave, pte_permissions)
> +{
> +	struct encl_op_get_from_addr get_addr_op;
> +	struct encl_op_put_to_addr put_addr_op;
> +	unsigned long data_start;
> +	int ret;
> +
> +	ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata));
> +
> +	memset(&self->run, 0, sizeof(self->run));
> +	self->run.tcs = self->encl.encl_base;
> +
> +	data_start = self->encl.encl_base +
> +		     encl_get_data_offset(&self->encl) +
> +		     PAGE_SIZE;
> +
> +	/*
> +	 * Sanity check to ensure it is possible to write to page that will
> +	 * have its permissions manipulated.
> +	 */
> +
> +	/* Write MAGIC to page */
> +	put_addr_op.value = MAGIC;
> +	put_addr_op.addr = data_start;
> +	put_addr_op.header.type = ENCL_OP_PUT_TO_ADDRESS;
> +
> +	EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0);
> +
> +	EXPECT_EEXIT(&self->run);
> +	EXPECT_EQ(self->run.exception_vector, 0);
> +	EXPECT_EQ(self->run.exception_error_code, 0);
> +	EXPECT_EQ(self->run.exception_addr, 0);
> +
> +	/*
> +	 * Read memory that was just written to, confirming that it is the
> +	 * value previously written (MAGIC).
> +	 */
> +	get_addr_op.value = 0;
> +	get_addr_op.addr = data_start;
> +	get_addr_op.header.type = ENCL_OP_GET_FROM_ADDRESS;
> +
> +	EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0);
> +
> +	EXPECT_EQ(get_addr_op.value, MAGIC);
> +	EXPECT_EEXIT(&self->run);
> +	EXPECT_EQ(self->run.exception_vector, 0);
> +	EXPECT_EQ(self->run.exception_error_code, 0);
> +	EXPECT_EQ(self->run.exception_addr, 0);
> +
> +	/* Change PTE permissions of target page within the enclave */
> +	ret = mprotect((void *)data_start, PAGE_SIZE, PROT_READ);
> +	if (ret)
> +		perror("mprotect");
> +
> +	/*
> +	 * PTE permissions of target page changed to read-only, EPCM
> +	 * permissions unchanged (EPCM permissions are RW), attempt to
> +	 * write to the page, expecting a regular #PF.
> +	 */
> +
> +	put_addr_op.value = MAGIC2;
> +
> +	EXPECT_EQ(ENCL_CALL(&put_addr_op, &self->run, true), 0);
> +
> +	EXPECT_EQ(self->run.exception_vector, 14);
> +	EXPECT_EQ(self->run.exception_error_code, 0x7);
> +	EXPECT_EQ(self->run.exception_addr, data_start);
> +
> +	self->run.exception_vector = 0;
> +	self->run.exception_error_code = 0;
> +	self->run.exception_addr = 0;
> +
> +	/*
> +	 * Change PTE permissions back to enable enclave to write to the
> +	 * target page and resume enclave - do not expect any exceptions this
> +	 * time.
> +	 */
> +	ret = mprotect((void *)data_start, PAGE_SIZE, PROT_READ | PROT_WRITE);
> +	if (ret)
> +		perror("mprotect");
> +
> +	EXPECT_EQ(vdso_sgx_enter_enclave((unsigned long)&put_addr_op, 0,
> +					 0, ERESUME, 0, 0, &self->run),
> +		 0);
> +
> +	EXPECT_EEXIT(&self->run);
> +	EXPECT_EQ(self->run.exception_vector, 0);
> +	EXPECT_EQ(self->run.exception_error_code, 0);
> +	EXPECT_EQ(self->run.exception_addr, 0);
> +
> +	get_addr_op.value = 0;
> +
> +	EXPECT_EQ(ENCL_CALL(&get_addr_op, &self->run, true), 0);
> +
> +	EXPECT_EQ(get_addr_op.value, MAGIC2);
> +	EXPECT_EEXIT(&self->run);
> +	EXPECT_EQ(self->run.exception_vector, 0);
> +	EXPECT_EQ(self->run.exception_error_code, 0);
> +	EXPECT_EQ(self->run.exception_addr, 0);
> +}
> +
>  TEST_HARNESS_MAIN
> diff --git a/tools/testing/selftests/sgx/test_encl.c b/tools/testing/selftests/sgx/test_encl.c
> index 4e8da738173f..5d86e3e6456a 100644
> --- a/tools/testing/selftests/sgx/test_encl.c
> +++ b/tools/testing/selftests/sgx/test_encl.c
> @@ -4,6 +4,11 @@
>  #include <stddef.h>
>  #include "defines.h"
>  
> +/*
> + * Data buffer spanning two pages that will be placed first in .data
> + * segment. Even if not used internally the second page is needed by
> + * external test manipulating page permissions.
> + */
>  static uint8_t encl_buffer[8192] = { 1 };
>  
>  static void *memcpy(void *dest, const void *src, size_t n)
> @@ -30,11 +35,27 @@ static void do_encl_op_get_from_buf(void *op)
>  	memcpy(&op2->value, &encl_buffer[0], 8);
>  }
>  
> +static void do_encl_op_put_to_addr(void *_op)
> +{
> +	struct encl_op_put_to_addr *op = _op;
> +
> +	memcpy((void *)op->addr, &op->value, 8);
> +}
> +
> +static void do_encl_op_get_from_addr(void *_op)
> +{
> +	struct encl_op_get_from_addr *op = _op;
> +
> +	memcpy(&op->value, (void *)op->addr, 8);
> +}
> +
>  void encl_body(void *rdi,  void *rsi)
>  {
>  	const void (*encl_op_array[ENCL_OP_MAX])(void *) = {
>  		do_encl_op_put_to_buf,
>  		do_encl_op_get_from_buf,
> +		do_encl_op_put_to_addr,
> +		do_encl_op_get_from_addr,
>  	};
>  
>  	struct encl_op_header *op = (struct encl_op_header *)rdi;

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ