diff --git a/cet/.gitignore b/cet/.gitignore index e9aeb735..2d44e090 100644 --- a/cet/.gitignore +++ b/cet/.gitignore @@ -1,4 +1,5 @@ cet_app +glibc_shstk_test glibc_supported_shstk_test quick_test shstk_alloc diff --git a/cet/cet_driver/cet_app.c b/cet/cet_driver/cet_app.c index ab18174a..1be0ee7d 100644 --- a/cet/cet_driver/cet_app.c +++ b/cet/cet_driver/cet_app.c @@ -4,6 +4,8 @@ /* * cet_app.c * + * Author: Pengfei Xu + * * This file will test cet driver with parameters * - Test CET driver app */ diff --git a/cet/cet_driver/cet_ioctl.c b/cet/cet_driver/cet_ioctl.c index fb8badba..a6fa3721 100644 --- a/cet/cet_driver/cet_ioctl.c +++ b/cet/cet_driver/cet_ioctl.c @@ -4,6 +4,8 @@ /* * cet_ioctl.c * + * Author: Pengfei Xu + * * This file simulated stack changed by hack, CET should block hack func * - For cet hack simulation driver */ diff --git a/cet/cet_tests.sh b/cet/cet_tests.sh index fe747570..b5533efe 100755 --- a/cet/cet_tests.sh +++ b/cet/cet_tests.sh @@ -1,6 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0-only # Copyright (c) 2022 Intel Corporation +# Author: Pengfei Xu # @Desc Test script to verify Intel CET functionality cd "$(dirname "$0")" 2>/dev/null && source ../.env diff --git a/cet/glibc_shstk_test.c b/cet/glibc_shstk_test.c index 0d2495d1..75760561 100644 --- a/cet/glibc_shstk_test.c +++ b/cet/glibc_shstk_test.c @@ -2,6 +2,9 @@ // Copyright (c) 2022 Intel Corporation. /* * glibc_shstk_test.c: + * + * Author: Pengfei Xu + * * - Test CET shadow stack function, should trigger #CP protection. * - Some stack changes that don't affect sp should not trigger #CP. * - Add more print to show stack address and content before and after diff --git a/cet/shstk_alloc.c b/cet/shstk_alloc.c index 510bdd20..8ccb335d 100644 --- a/cet/shstk_alloc.c +++ b/cet/shstk_alloc.c @@ -2,6 +2,8 @@ /* * shstk_alloc.c - allocate a new shadow stack buffer aligenment by instructions * + * Author: Pengfei Xu + * * 1. Test shstk buffer allocation for one new shstk buffer * 2. Test rstorssp, saveprevssp, rdsspq to load new shstk buffer * 3. Test rstorssp, saveprevssp to restore the previous shstk buffer diff --git a/cet/shstk_cp.c b/cet/shstk_cp.c index 02b8d39b..a9f00ea3 100644 --- a/cet/shstk_cp.c +++ b/cet/shstk_cp.c @@ -4,6 +4,9 @@ /* * shstk_cp.c: enable shstk and then do shstk violation * expected #CP should be triggered + * + * Author: Pengfei Xu + * */ #include diff --git a/cet/shstk_huge_page.c b/cet/shstk_huge_page.c index 8c2822bd..1a5bb3bd 100644 --- a/cet/shstk_huge_page.c +++ b/cet/shstk_huge_page.c @@ -1,7 +1,12 @@ // SPDX-License-Identifier: GPL-2.0-only // Copyright (c) 2022 Intel Corporation. -/* shstk_huge_page.c - allocate a 4M shadow stack buffer and works well. */ +/* + * shstk_huge_page.c - allocate a 4M shadow stack buffer and works well. + * + * Author: Pengfei Xu + * + */ #include #include diff --git a/cet/shstk_unlock_test.c b/cet/shstk_unlock_test.c index 9c035606..8b74388e 100644 --- a/cet/shstk_unlock_test.c +++ b/cet/shstk_unlock_test.c @@ -2,6 +2,9 @@ // Copyright (c) 2022 Intel Corporation. /* + * + * Author: Pengfei Xu + * * shstk_unlock_test.c: unlock child process shstk by ptrace and then tests * get/set shstk regsets and shstk status syscalls */ diff --git a/cet/wrss.c b/cet/wrss.c index 71e91192..906ce037 100644 --- a/cet/wrss.c +++ b/cet/wrss.c @@ -4,6 +4,8 @@ /* * wrss.c: enable writable shadow stack and write value into shadow stack. * + * Author: Pengfei Xu + * * 1. Enable writable shadow stack via syscall "ARCH_CET_ENABLE and ARCH_SHSTK_WRSS" * 2. Write one incorrect value into shadow stack * 3. The expected SISEGV should be received after ret instruction diff --git a/common/common.sh b/common/common.sh index 8c986ca7..e0b0e191 100755 --- a/common/common.sh +++ b/common/common.sh @@ -9,6 +9,7 @@ BIN_OUTPUT="" BIN_DMESG="" BIN_RET="" +export LAST_DMESG_TIMESTAMP="" # Check whether current user is root, if not, exit directly root_check() { @@ -218,7 +219,7 @@ get_kconfig() { [[ -n "$value" ]] || value="n" - echo $value + echo "$value" } # Test if specified kconfig options and value matche on current system. @@ -361,7 +362,6 @@ dmesg_pattern_check() { last_dmesg_timestamp() { LAST_DMESG_TIMESTAMP=$(dmesg | tail -n1 | awk -F "]" '{print $1}' | tr -d "[]") test_print_trc "recorded dmesg timestamp: $LAST_DMESG_TIMESTAMP" - export LAST_DMESG_TIMESTAMP } # Extract dmesg generated since the recorded dmesg timestamp @@ -394,8 +394,6 @@ extract_case_dmesg() { else grep -v "$LAST_DMESG_TIMESTAMP" <<< "$dmesg" fi - - unset LAST_DMESG_TIMESTAMP } # Check specified pattern in dmesg diff --git a/ifs/README.md b/ifs/README.md index 2c99739e..4abd6abe 100644 --- a/ifs/README.md +++ b/ifs/README.md @@ -10,6 +10,7 @@ in non-array portions of the Core. ## Usage make +### ifs_0 scan test cases, it works on SPR(Sapphire Rapids) platform and future server ``` ./ifs_tests.sh -m 0 -p all -n load_ifs It loads ifs driver with ifs mode 0 without any exceptions. @@ -38,3 +39,21 @@ It will check image version output is same as MSR output. ./ifs_tests.sh -m 0 -p all -b 1 -n reload_ifs It tests reloading the ifs module without issue. ``` + +### ifs_1 array BIST(Board Integrated System Test), it works on EMR(Emerald Rapids) and future server +``` +./ifs_tests.sh -m 1 -p all -n ifs_array_scan +It tests all cpu ifs_1 array BIST scan test. + +./ifs_tests.sh -m 1 -p ran -n ifs_array_off_sib -t 10 +It tests random cpu offline, and then ifs_1 scan the sibling cpu should fail as expected. + +./ifs_tests.sh -m 1 -p ran -n ifs_array_offran -t 5 +It tests the random cpu off line, and then ifs_1 scan this cpu should fail as expected. + +./ifs_tests.sh -m 1 -p ran -n ifs_array_cpuran_fullload -t 10 +It tests the random cpu with full load, and ifs_1 scan should pass. + +./ifs_tests.sh -m 1 -p ran -b 1 -n ifs_loop -t 500 +It tests the random cpu with ifs_1 scan 500 times, all the scan should pass. +``` \ No newline at end of file diff --git a/ifs/ifs_common.sh b/ifs/ifs_common.sh index 5e06f42a..16c8500e 100755 --- a/ifs/ifs_common.sh +++ b/ifs/ifs_common.sh @@ -1,6 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0-only # Copyright (c) 2023 Intel Corporation +# Author: Pengfei Xu # Description: Test script for Intel IFS(In Field SCAN) common function cd "$(dirname "$0")" 2>/dev/null || exit 1 @@ -887,6 +888,7 @@ ifs_array_off_cpu_scan() { local key_word="cannot test on the offline cpu" local ret="" + last_dmesg_timestamp [[ -z "$off_cpus" ]] && skip_test "No off_cpus:$off_cpus" for off_cpu in $off_cpus; do do_cmd "echo 0 | sudo tee /sys/devices/system/cpu/cpu${off_cpu}/online" diff --git a/ifs/ifs_tests.sh b/ifs/ifs_tests.sh index 3b2fb938..c96ac97c 100755 --- a/ifs/ifs_tests.sh +++ b/ifs/ifs_tests.sh @@ -1,6 +1,7 @@ #!/bin/bash # SPDX-License-Identifier: GPL-2.0-only # Copyright (c) 2023 Intel Corporation +# Author: Pengfei Xu # Description: Test script to verify Intel IFS(In Field SCAN) functionality cd "$(dirname "$0")" 2>/dev/null || exit 1 @@ -97,6 +98,8 @@ run_ifs_tests() { do_cmd "echo $BATCH_NUM > ${IFS_PATH}/${BATCH}" # Need to wait after boot up 1800s, then could test ifs wait_up_time + # At least sleep 2 for common situation + do_cmd "sleep 2" # Execute normal scan test in first round and need to wait cooling time test_print_trc "***** Will run 1st round normal scan: *****" init_log "${CASE_NORM}_${BATCH_NUM}" diff --git a/ifs/tests b/ifs/tests index fcb298a2..c86db81e 100755 --- a/ifs/tests +++ b/ifs/tests @@ -1,7 +1,7 @@ # This file collects Intel IFS(In Field SCAN) tests on # IntelĀ® Architecture-based platforms. -# ifs_0 scan test cases +# ifs_0 scan test cases, it works on SPR(Sapphire Rapids) platform and future server ifs_tests.sh -m 0 -p all -n load_ifs ifs_tests.sh -m 0 -p all -b 1 -n ifs_batch ifs_tests.sh -m 0 -p all -b 1 -n legacy_twice_run @@ -9,3 +9,10 @@ ifs_tests.sh -m 0 -p all -b 2 -n legacy_twice_run ifs_tests.sh -m 0 -p all -b 3 -n legacy_twice_run ifs_tests.sh -m 0 -p all -b 1 -n img_version ifs_tests.sh -m 0 -p all -b 1 -n reload_ifs + +# ifs_1 array BIST(Board Integrated System Test), it works on EMR(Emerald Rapids) and future server +ifs_tests.sh -m 1 -p all -n ifs_array_scan +ifs_tests.sh -m 1 -p ran -n ifs_array_off_sib -t 10 +ifs_tests.sh -m 1 -p ran -n ifs_array_offran -t 5 +ifs_tests.sh -m 1 -p ran -n ifs_array_cpuran_fullload -t 10 +ifs_tests.sh -m 1 -p ran -b 1 -n ifs_loop -t 500 diff --git a/tools/cpuid_check/.gitignore b/tools/cpuid_check/.gitignore new file mode 100644 index 00000000..bb33efbb --- /dev/null +++ b/tools/cpuid_check/.gitignore @@ -0,0 +1 @@ +cpuid_check diff --git a/tools/cpuid_check/cpuid_check.c b/tools/cpuid_check/cpuid_check.c index 2af06a2b..e87f8226 100644 --- a/tools/cpuid_check/cpuid_check.c +++ b/tools/cpuid_check/cpuid_check.c @@ -1,5 +1,11 @@ // SPDX-License-Identifier: GPL-2.0-only // Copyright (c) 2022 Intel Corporation. +/* + * cpuid_check.c: one CPU ID check tool for script usage + * + * Author: Pengfei Xu + * + */ #include #include diff --git a/xsave/xstate.c b/xsave/xstate.c index 8da301cc..ef304e09 100644 --- a/xsave/xstate.c +++ b/xsave/xstate.c @@ -4,6 +4,8 @@ /* * xstate.c - tests XSAVE feature with fork and signal handling. * + * Author: Pengfei Xu + * * The XSAVE feature set supports the saving and restoring of state components. * It tests "FP, SSE(XMM), AVX2(YMM), AVX512_OPMASK/AVX512_ZMM_Hi256/ * AVX512_Hi16_ZMM and PKRU parts" xstates with the following cases: diff --git a/xsave/xstate_helpers.c b/xsave/xstate_helpers.c index 36862a25..2a0b6007 100644 --- a/xsave/xstate_helpers.c +++ b/xsave/xstate_helpers.c @@ -4,6 +4,8 @@ /* * xstate_helpers.c - xstate helpers to prevent GCC from generating any FP code. * + * Author: Pengfei Xu + * * Because xstate like XMM will not be preserved across function calls, it uses * assembly instruction to call a system call of fork or raise signal, and uses * the "inline" keyword in test functions in this file.