Possible Regression: 5.14.18 => 5.15.6

All of lore.kernel.org
 help / color / mirror / Atom feed

* Possible Regression: 5.14.18 => 5.15.6
@ 2021-12-04 13:54 Nathaniel McCallum
  2021-12-04 20:47 ` Jarkko Sakkinen
  0 siblings, 1 reply; 4+ messages in thread
From: Nathaniel McCallum @ 2021-12-04 13:54 UTC (permalink / raw)
  To: linux-sgx, Reinette Chatre, jarkko

We are seeing a possible regression between 5.14.18 and 5.15.6. Our
trace logging shows the following output:

enclave location: 00007f3c00000000-00007f3c80000000
creating enclave: Secs { size: 2147483648, baseaddr: 139895674765312,
ssaframesize: 1, miscselect: (empty), attributes: Attributes {
features: MODE64BIT, xfrm: X87 | SSE }, pid: 0, svn: 0 }
adding pages: 00007f3c00000000-00007f3c00004000 R
adding pages: 00007f3c00004000-00007f3c0000c000 RW
adding pages: 00007f3c0000c000-00007f3c00039000 RX
adding pages: 00007f3c00201000-00007f3c003fc000 RW
adding pages: 00007f3c003fc000-00007f3c003fd000 T
adding pages: 00007f3c003fd000-00007f3c00400000 RW
adding pages: 00007f3c00400000-00007f3c00401000 R
adding pages: 00007f3c00401000-00007f3c00402000 RX
adding pages: 00007f3c00402000-00007f3c00403000 R
adding pages: 00007f3c00403000-00007f3c00404000 RW
enclave initialized
remapping: 00007f3c00000000-00007f3c00004000 R
remapping: 00007f3c00004000-00007f3c0000c000 RW
remapping: 00007f3c0000c000-00007f3c00039000 RX
Error: Operation not permitted (os error 1)

Using strace shows this:
...
mmap(0x7f6e80000000, 16384, PROT_READ, MAP_SHARED|MAP_FIXED, 3, 0) =
0x7f6e80000000
mmap(0x7f6e80004000, 32768, PROT_READ|PROT_WRITE,
MAP_SHARED|MAP_FIXED, 3, 0) = 0x7f6e80004000
mmap(0x7f6e8000c000, 184320, PROT_READ|PROT_EXEC,
MAP_SHARED|MAP_FIXED, 3, 0) = -1 EPERM (Operation not permitted)

We've followed the selftest structure pretty closely. The first two
remapping calls succeed, but the third one fails. This works on
5.14.18, but fails on 5.15.6.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Possible Regression: 5.14.18 => 5.15.6
  2021-12-04 13:54 Possible Regression: 5.14.18 => 5.15.6 Nathaniel McCallum
@ 2021-12-04 20:47 ` Jarkko Sakkinen
  2021-12-05 13:09   ` Nathaniel McCallum
  0 siblings, 1 reply; 4+ messages in thread
From: Jarkko Sakkinen @ 2021-12-04 20:47 UTC (permalink / raw)
  To: Nathaniel McCallum; +Cc: linux-sgx, Reinette Chatre

On Sat, Dec 04, 2021 at 08:54:08AM -0500, Nathaniel McCallum wrote:
> We are seeing a possible regression between 5.14.18 and 5.15.6. Our
> trace logging shows the following output:
> 
> enclave location: 00007f3c00000000-00007f3c80000000
> creating enclave: Secs { size: 2147483648, baseaddr: 139895674765312,
> ssaframesize: 1, miscselect: (empty), attributes: Attributes {
> features: MODE64BIT, xfrm: X87 | SSE }, pid: 0, svn: 0 }
> adding pages: 00007f3c00000000-00007f3c00004000 R
> adding pages: 00007f3c00004000-00007f3c0000c000 RW
> adding pages: 00007f3c0000c000-00007f3c00039000 RX
> adding pages: 00007f3c00201000-00007f3c003fc000 RW
> adding pages: 00007f3c003fc000-00007f3c003fd000 T
> adding pages: 00007f3c003fd000-00007f3c00400000 RW
> adding pages: 00007f3c00400000-00007f3c00401000 R
> adding pages: 00007f3c00401000-00007f3c00402000 RX
> adding pages: 00007f3c00402000-00007f3c00403000 R
> adding pages: 00007f3c00403000-00007f3c00404000 RW
> enclave initialized
> remapping: 00007f3c00000000-00007f3c00004000 R
> remapping: 00007f3c00004000-00007f3c0000c000 RW
> remapping: 00007f3c0000c000-00007f3c00039000 RX
> Error: Operation not permitted (os error 1)
> 
> Using strace shows this:
> ...
> mmap(0x7f6e80000000, 16384, PROT_READ, MAP_SHARED|MAP_FIXED, 3, 0) =
> 0x7f6e80000000
> mmap(0x7f6e80004000, 32768, PROT_READ|PROT_WRITE,
> MAP_SHARED|MAP_FIXED, 3, 0) = 0x7f6e80004000
> mmap(0x7f6e8000c000, 184320, PROT_READ|PROT_EXEC,
> MAP_SHARED|MAP_FIXED, 3, 0) = -1 EPERM (Operation not permitted)
> 
> We've followed the selftest structure pretty closely. The first two
> remapping calls succeed, but the third one fails. This works on
> 5.14.18, but fails on 5.15.6.

What are the mount options of /dev?

/Jarkko

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Possible Regression: 5.14.18 => 5.15.6
  2021-12-04 20:47 ` Jarkko Sakkinen
@ 2021-12-05 13:09   ` Nathaniel McCallum
  2021-12-11  4:58     ` Jarkko Sakkinen
  0 siblings, 1 reply; 4+ messages in thread
From: Nathaniel McCallum @ 2021-12-05 13:09 UTC (permalink / raw)
  To: Jarkko Sakkinen; +Cc: linux-sgx, Reinette Chatre

That was it! We had switched to debian for our work on SGX2 and they
use noexec. Thanks!

On Sat, Dec 4, 2021 at 3:47 PM Jarkko Sakkinen <jarkko@kernel.org> wrote:
>
> On Sat, Dec 04, 2021 at 08:54:08AM -0500, Nathaniel McCallum wrote:
> > We are seeing a possible regression between 5.14.18 and 5.15.6. Our
> > trace logging shows the following output:
> >
> > enclave location: 00007f3c00000000-00007f3c80000000
> > creating enclave: Secs { size: 2147483648, baseaddr: 139895674765312,
> > ssaframesize: 1, miscselect: (empty), attributes: Attributes {
> > features: MODE64BIT, xfrm: X87 | SSE }, pid: 0, svn: 0 }
> > adding pages: 00007f3c00000000-00007f3c00004000 R
> > adding pages: 00007f3c00004000-00007f3c0000c000 RW
> > adding pages: 00007f3c0000c000-00007f3c00039000 RX
> > adding pages: 00007f3c00201000-00007f3c003fc000 RW
> > adding pages: 00007f3c003fc000-00007f3c003fd000 T
> > adding pages: 00007f3c003fd000-00007f3c00400000 RW
> > adding pages: 00007f3c00400000-00007f3c00401000 R
> > adding pages: 00007f3c00401000-00007f3c00402000 RX
> > adding pages: 00007f3c00402000-00007f3c00403000 R
> > adding pages: 00007f3c00403000-00007f3c00404000 RW
> > enclave initialized
> > remapping: 00007f3c00000000-00007f3c00004000 R
> > remapping: 00007f3c00004000-00007f3c0000c000 RW
> > remapping: 00007f3c0000c000-00007f3c00039000 RX
> > Error: Operation not permitted (os error 1)
> >
> > Using strace shows this:
> > ...
> > mmap(0x7f6e80000000, 16384, PROT_READ, MAP_SHARED|MAP_FIXED, 3, 0) =
> > 0x7f6e80000000
> > mmap(0x7f6e80004000, 32768, PROT_READ|PROT_WRITE,
> > MAP_SHARED|MAP_FIXED, 3, 0) = 0x7f6e80004000
> > mmap(0x7f6e8000c000, 184320, PROT_READ|PROT_EXEC,
> > MAP_SHARED|MAP_FIXED, 3, 0) = -1 EPERM (Operation not permitted)
> >
> > We've followed the selftest structure pretty closely. The first two
> > remapping calls succeed, but the third one fails. This works on
> > 5.14.18, but fails on 5.15.6.
>
> What are the mount options of /dev?
>
> /Jarkko

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Possible Regression: 5.14.18 => 5.15.6
  2021-12-05 13:09   ` Nathaniel McCallum
@ 2021-12-11  4:58     ` Jarkko Sakkinen
  0 siblings, 0 replies; 4+ messages in thread
From: Jarkko Sakkinen @ 2021-12-11  4:58 UTC (permalink / raw)
  To: Nathaniel McCallum; +Cc: linux-sgx, Reinette Chatre

On Sun, 2021-12-05 at 08:09 -0500, Nathaniel McCallum wrote:
> That was it! We had switched to debian for our work on SGX2 and they
> use noexec. Thanks!

OK, great!

I just submitted PR for /dev/sgx_vepc:

https://github.com/systemd/systemd/pull/21732/checks

/Jarkko

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-12-11  4:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-12-04 13:54 Possible Regression: 5.14.18 => 5.15.6 Nathaniel McCallum
2021-12-04 20:47 ` Jarkko Sakkinen
2021-12-05 13:09   ` Nathaniel McCallum
2021-12-11  4:58     ` Jarkko Sakkinen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.