lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7b7732ec-c7ff-cf92-510f-64c83ed985cd@intel.com>
Date:   Mon, 28 Mar 2022 14:49:04 -0700
From:   Reinette Chatre <reinette.chatre@...el.com>
To:     Jarkko Sakkinen <jarkko@...nel.org>,
        Shuah Khan <skhan@...uxfoundation.org>
CC:     Dave Hansen <dave.hansen@...ux.intel.com>,
        Shuah Khan <shuah@...nel.org>,
        "open list:INTEL SGX" <linux-sgx@...r.kernel.org>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@...r.kernel.org>,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 1/2] selftests/sgx: Use rip relative addressing for
 encl_stack

Hi Jarkko,

On 3/22/2022 12:43 AM, Jarkko Sakkinen wrote:
> Simplify the test_encl_bootstrap.S flow by using rip-relative addressing.
> Compiler does the right thing here, and this removes dependency on where
> TCS entries need to be located in the binary, i.e. allows the binary layout
> changed freely in the future.
> 
> Cc: Reinette Chatre <reinette.chatre@...el.com>
> Cc: Dave Hansen <dave.hansen@...ux.intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko@...nel.org>
> ---
>  tools/testing/selftests/sgx/test_encl_bootstrap.S | 6 +-----
>  1 file changed, 1 insertion(+), 5 deletions(-)
> 
> diff --git a/tools/testing/selftests/sgx/test_encl_bootstrap.S b/tools/testing/selftests/sgx/test_encl_bootstrap.S
> index 82fb0dfcbd23..1c1b5c6c4ffe 100644
> --- a/tools/testing/selftests/sgx/test_encl_bootstrap.S
> +++ b/tools/testing/selftests/sgx/test_encl_bootstrap.S
> @@ -40,11 +40,7 @@
>  	.text
>  
>  encl_entry:
> -	# RBX contains the base address for TCS, which is the first address
> -	# inside the enclave for TCS #1 and one page into the enclave for
> -	# TCS #2. By adding the value of encl_stack to it, we get
> -	# the absolute address for the stack.
> -	lea	(encl_stack)(%rbx), %rax
> +	lea	(encl_stack)(%rip), %rax
>  	xchg	%rsp, %rax
>  	push	%rax
>  

The goal of the above snippet is to set RSP to ensure that each thread has its own stack.

Since EENTER computes RIP as EnclaveBase + TCS.OENTRY, by using offset from RIP this
would result in all TCS with OENTRY of encl_entry to use the same stack, no?

Could you please consider the following as an alternative:
https://lore.kernel.org/lkml/65c137c875bd4da675eaba35316ff43d7cfd52f8.1644274683.git.reinette.chatre@intel.com/

The idea in that patch is that a new TCS would always need to be accompanied by a
dedicated stack so, at least for testing purposes, the TCS and stack can be dynamically
allocated together with the TCS page following its stack.  This seems much simpler
to me and also makes the following patch unnecessary.

Reinette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ