| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Sep 2022 14:34:11 -0400
From: Thomas Tai <thomas.tai@...cle.com>
To: tony.luck@...el.com, dave.hansen@...ux.intel.com,
jarkko@...nel.org, reinette.chatre@...el.co,
naoya.horiguchi@....com, linmiaohe@...wei.com,
akpm@...ux-foundation.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, thomas.tai@...cle.com
Subject: [PATCH] x86/sgx: Add code to inject hwpoison into SGX memory
Inspired by commit c6acb1e7bf46 (x86/sgx: Add hook to error injection
address validation), add a similar code in hwpoison_inject function to
check if the address is located in SGX Memory. The error will then be
handled by the arch_memory_failure function in the SGX driver.
Signed-off-by: Thomas Tai <thomas.tai@...cle.com>
---
Documentation/mm/hwpoison.rst | 44 +++++++++++++++++++++++++++++++++++
mm/hwpoison-inject.c | 3 +++
2 files changed, 47 insertions(+)
diff --git a/Documentation/mm/hwpoison.rst b/Documentation/mm/hwpoison.rst
index b9d5253c1305..8a542aca4744 100644
--- a/Documentation/mm/hwpoison.rst
+++ b/Documentation/mm/hwpoison.rst
@@ -162,6 +162,50 @@ Testing
Some portable hwpoison test programs in mce-test, see below.
+* Special notes for injection into SGX enclaves
+
+ 1) Determine physical address of enclave page
+
+ dmesg | grep "sgx: EPC"
+
+ sgx: EPC section 0x8000c00000-0x807f7fffff
+ sgx: EPC section 0x10000c00000-0x1007fffffff
+
+ 2) Convert the EPC address to page frame number.
+
+ For 4K page size, the page frame number for 0x8000c00000 is
+ 0x8000c00000 / 0x1000 = 0x8000c00.
+
+ 3) Trace memory_failure
+
+ echo nop > /sys/kernel/tracing/current_tracer
+ echo *memory_failure > /sys/kernel/tracing/set_ftrace_filter
+ echo function > /sys/kernel/tracing/current_tracer
+
+ 4) Inject a memory error
+
+ modprobe hwpoison-inject
+ echo "0x8000c00" > /sys/kernel/debug/hwpoison/corrupt-pfn
+
+ 5) Check the trace output
+
+ cat /sys/kernel/tracing/trace
+
+ # tracer: function
+ #
+ # entries-in-buffer/entries-written: 2/2 #P:128
+ #
+ # _-----=> irqs-off
+ # / _----=> need-resched
+ # | / _---=> hardirq/softirq
+ # || / _--=> preempt-depth
+ # ||| / _-=> migrate-disable
+ # |||| / delay
+ # TASK-PID CPU# ||||| TIMESTAMP FUNCTION
+ # | | | ||||| | |
+ bash-12167 [002] ..... 113.136808: memory_failure<-simple_attr_write
+ bash-12167 [002] ..... 113.136810: arch_memory_failure<-memory_failure
+
References
==========
diff --git a/mm/hwpoison-inject.c b/mm/hwpoison-inject.c
index 65e242b5a432..8134dc983699 100644
--- a/mm/hwpoison-inject.c
+++ b/mm/hwpoison-inject.c
@@ -21,6 +21,9 @@ static int hwpoison_inject(void *data, u64 val)
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
+ if (arch_is_platform_page(pfn << PAGE_SHIFT))
+ goto inject;
+
if (!pfn_valid(pfn))
return -ENXIO;
--
2.31.1
Powered by blists - more mailing lists