selftests/sgx: Test reclaiming of untouched page

Removing a page from an initialized enclave involves three steps:
(1) the user requests changing the page type to PT_TRIM via the
    SGX_IOC_ENCLAVE_MODIFY_TYPES ioctl()
(2) on success the ENCLU[EACCEPT] instruction is run from within
    the enclave to accept the page removal
(3) the user initiates the actual removal of the page via the
    SGX_IOC_ENCLAVE_REMOVE_PAGES ioctl().

Remove a page that has never been accessed. This means that when the
first ioctl() requesting page removal arrives, there will be no page
table entry, yet a valid page table entry needs to exist for the
ENCLU[EACCEPT] function to succeed. In this test it is verified that
a page table entry can still be installed for a page that is in the
process of being removed.

Suggested-by: Haitao Huang <haitao.huang@intel.com>
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
Link: https://lkml.kernel.org/r/45e1b2a2fcd8c14597d04e40af5d8a9c1c5b017e.1652137848.git.reinette.chatre@intel.com

diff --git a/tools/testing/selftests/sgx/main.c b/tools/testing/selftests/sgx/main.c
index 2c69045..ba16671 100644 (file)
--- a/tools/testing/selftests/sgx/main.c
+++ b/tools/testing/selftests/sgx/main.c
@@ -1790,4 +1790,84 @@ TEST_F(enclave, remove_added_page_invalid_access_after_eaccept)
        EXPECT_EQ(self->run.exception_addr, data_start);
 }
 
+TEST_F(enclave, remove_untouched_page)
+{
+       struct sgx_enclave_remove_pages remove_ioc;
+       struct sgx_enclave_modify_types modt_ioc;
+       struct encl_op_eaccept eaccept_op;
+       unsigned long data_start;
+       int ret, errno_save;
+
+       ASSERT_TRUE(setup_test_encl(ENCL_HEAP_SIZE_DEFAULT, &self->encl, _metadata));
+
+       /*
+        * Hardware (SGX2) and kernel support is needed for this test. Start
+        * with check that test has a chance of succeeding.
+        */
+       memset(&modt_ioc, 0, sizeof(modt_ioc));
+       ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc);
+
+       if (ret == -1) {
+               if (errno == ENOTTY)
+                       SKIP(return,
+                            "Kernel does not support SGX_IOC_ENCLAVE_MODIFY_TYPES ioctl()");
+               else if (errno == ENODEV)
+                       SKIP(return, "System does not support SGX2");
+       }
+
+       /*
+        * Invalid parameters were provided during sanity check,
+        * expect command to fail.
+        */
+       EXPECT_EQ(ret, -1);
+
+       /* SGX2 is supported by kernel and hardware, test can proceed. */
+       memset(&self->run, 0, sizeof(self->run));
+       self->run.tcs = self->encl.encl_base;
+
+       data_start = self->encl.encl_base +
+                        encl_get_data_offset(&self->encl) + PAGE_SIZE;
+
+       memset(&modt_ioc, 0, sizeof(modt_ioc));
+
+       modt_ioc.offset = encl_get_data_offset(&self->encl) + PAGE_SIZE;
+       modt_ioc.length = PAGE_SIZE;
+       modt_ioc.page_type = SGX_PAGE_TYPE_TRIM;
+       ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_MODIFY_TYPES, &modt_ioc);
+       errno_save = ret == -1 ? errno : 0;
+
+       EXPECT_EQ(ret, 0);
+       EXPECT_EQ(errno_save, 0);
+       EXPECT_EQ(modt_ioc.result, 0);
+       EXPECT_EQ(modt_ioc.count, 4096);
+
+       /*
+        * Enter enclave via TCS #1 and approve page removal by sending
+        * EACCEPT for removed page.
+        */
+
+       eaccept_op.epc_addr = data_start;
+       eaccept_op.flags = SGX_SECINFO_TRIM | SGX_SECINFO_MODIFIED;
+       eaccept_op.ret = 0;
+       eaccept_op.header.type = ENCL_OP_EACCEPT;
+
+       EXPECT_EQ(ENCL_CALL(&eaccept_op, &self->run, true), 0);
+       EXPECT_EEXIT(&self->run);
+       EXPECT_EQ(self->run.exception_vector, 0);
+       EXPECT_EQ(self->run.exception_error_code, 0);
+       EXPECT_EQ(self->run.exception_addr, 0);
+       EXPECT_EQ(eaccept_op.ret, 0);
+
+       memset(&remove_ioc, 0, sizeof(remove_ioc));
+
+       remove_ioc.offset = encl_get_data_offset(&self->encl) + PAGE_SIZE;
+       remove_ioc.length = PAGE_SIZE;
+       ret = ioctl(self->encl.fd, SGX_IOC_ENCLAVE_REMOVE_PAGES, &remove_ioc);
+       errno_save = ret == -1 ? errno : 0;
+
+       EXPECT_EQ(ret, 0);
+       EXPECT_EQ(errno_save, 0);
+       EXPECT_EQ(remove_ioc.count, 4096);
+}
+
 TEST_HARNESS_MAIN