Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ifs 0102 #159

Merged
merged 4 commits into from
Jan 3, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cet/.gitignore
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
cet_app
glibc_shstk_test
glibc_supported_shstk_test
quick_test
shstk_alloc
Expand Down
2 changes: 2 additions & 0 deletions cet/cet_driver/cet_app.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
/*
* cet_app.c
*
* Author: Pengfei Xu <[email protected]>
*
* This file will test cet driver with parameters
* - Test CET driver app
*/
Expand Down
2 changes: 2 additions & 0 deletions cet/cet_driver/cet_ioctl.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
/*
* cet_ioctl.c
*
* Author: Pengfei Xu <[email protected]>
*
* This file simulated stack changed by hack, CET should block hack func
* - For cet hack simulation driver
*/
Expand Down
1 change: 1 addition & 0 deletions cet/cet_tests.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0-only
# Copyright (c) 2022 Intel Corporation
# Author: Pengfei Xu <[email protected]>
# @Desc Test script to verify Intel CET functionality

cd "$(dirname "$0")" 2>/dev/null && source ../.env
Expand Down
3 changes: 3 additions & 0 deletions cet/glibc_shstk_test.c
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
// Copyright (c) 2022 Intel Corporation.
/*
* glibc_shstk_test.c:
*
* Author: Pengfei Xu <[email protected]>
*
* - Test CET shadow stack function, should trigger #CP protection.
* - Some stack changes that don't affect sp should not trigger #CP.
* - Add more print to show stack address and content before and after
Expand Down
2 changes: 2 additions & 0 deletions cet/shstk_alloc.c
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
/*
* shstk_alloc.c - allocate a new shadow stack buffer aligenment by instructions
*
* Author: Pengfei Xu <[email protected]>
*
* 1. Test shstk buffer allocation for one new shstk buffer
* 2. Test rstorssp, saveprevssp, rdsspq to load new shstk buffer
* 3. Test rstorssp, saveprevssp to restore the previous shstk buffer
Expand Down
3 changes: 3 additions & 0 deletions cet/shstk_cp.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
/*
* shstk_cp.c: enable shstk and then do shstk violation
* expected #CP should be triggered
*
* Author: Pengfei Xu <[email protected]>
*
*/

#include <sys/syscall.h>
Expand Down
7 changes: 6 additions & 1 deletion cet/shstk_huge_page.c
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
// SPDX-License-Identifier: GPL-2.0-only
// Copyright (c) 2022 Intel Corporation.

/* shstk_huge_page.c - allocate a 4M shadow stack buffer and works well. */
/*
* shstk_huge_page.c - allocate a 4M shadow stack buffer and works well.
*
* Author: Pengfei Xu <[email protected]>
*
*/

#include <stdio.h>
#include <stdlib.h>
Expand Down
3 changes: 3 additions & 0 deletions cet/shstk_unlock_test.c
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
// Copyright (c) 2022 Intel Corporation.

/*
*
* Author: Pengfei Xu <[email protected]>
*
* shstk_unlock_test.c: unlock child process shstk by ptrace and then tests
* get/set shstk regsets and shstk status syscalls
*/
Expand Down
2 changes: 2 additions & 0 deletions cet/wrss.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
/*
* wrss.c: enable writable shadow stack and write value into shadow stack.
*
* Author: Pengfei Xu <[email protected]>
*
* 1. Enable writable shadow stack via syscall "ARCH_CET_ENABLE and ARCH_SHSTK_WRSS"
* 2. Write one incorrect value into shadow stack
* 3. The expected SISEGV should be received after ret instruction
Expand Down
6 changes: 2 additions & 4 deletions common/common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
BIN_OUTPUT=""
BIN_DMESG=""
BIN_RET=""
export LAST_DMESG_TIMESTAMP=""

# Check whether current user is root, if not, exit directly
root_check() {
Expand Down Expand Up @@ -218,7 +219,7 @@ get_kconfig() {

[[ -n "$value" ]] || value="n"

echo $value
echo "$value"
}

# Test if specified kconfig options and value matche on current system.
Expand Down Expand Up @@ -361,7 +362,6 @@ dmesg_pattern_check() {
last_dmesg_timestamp() {
LAST_DMESG_TIMESTAMP=$(dmesg | tail -n1 | awk -F "]" '{print $1}' | tr -d "[]")
test_print_trc "recorded dmesg timestamp: $LAST_DMESG_TIMESTAMP"
export LAST_DMESG_TIMESTAMP
}

# Extract dmesg generated since the recorded dmesg timestamp
Expand Down Expand Up @@ -394,8 +394,6 @@ extract_case_dmesg() {
else
grep -v "$LAST_DMESG_TIMESTAMP" <<< "$dmesg"
fi

unset LAST_DMESG_TIMESTAMP
}

# Check specified pattern in dmesg
Expand Down
19 changes: 19 additions & 0 deletions ifs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ in non-array portions of the Core.

## Usage
make
### ifs_0 scan test cases, it works on SPR(Sapphire Rapids) platform and future server
```
./ifs_tests.sh -m 0 -p all -n load_ifs
It loads ifs driver with ifs mode 0 without any exceptions.
Expand Down Expand Up @@ -38,3 +39,21 @@ It will check image version output is same as MSR output.
./ifs_tests.sh -m 0 -p all -b 1 -n reload_ifs
It tests reloading the ifs module without issue.
```

### ifs_1 array BIST(Board Integrated System Test), it works on EMR(Emerald Rapids) and future server
```
./ifs_tests.sh -m 1 -p all -n ifs_array_scan
It tests all cpu ifs_1 array BIST scan test.

./ifs_tests.sh -m 1 -p ran -n ifs_array_off_sib -t 10
It tests random cpu offline, and then ifs_1 scan the sibling cpu should fail as expected.

./ifs_tests.sh -m 1 -p ran -n ifs_array_offran -t 5
It tests the random cpu off line, and then ifs_1 scan this cpu should fail as expected.

./ifs_tests.sh -m 1 -p ran -n ifs_array_cpuran_fullload -t 10
It tests the random cpu with full load, and ifs_1 scan should pass.

./ifs_tests.sh -m 1 -p ran -b 1 -n ifs_loop -t 500
It tests the random cpu with ifs_1 scan 500 times, all the scan should pass.
```
2 changes: 2 additions & 0 deletions ifs/ifs_common.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0-only
# Copyright (c) 2023 Intel Corporation
# Author: Pengfei Xu <[email protected]>
# Description: Test script for Intel IFS(In Field SCAN) common function

cd "$(dirname "$0")" 2>/dev/null || exit 1
Expand Down Expand Up @@ -887,6 +888,7 @@ ifs_array_off_cpu_scan() {
local key_word="cannot test on the offline cpu"
local ret=""

last_dmesg_timestamp
[[ -z "$off_cpus" ]] && skip_test "No off_cpus:$off_cpus"
for off_cpu in $off_cpus; do
do_cmd "echo 0 | sudo tee /sys/devices/system/cpu/cpu${off_cpu}/online"
Expand Down
3 changes: 3 additions & 0 deletions ifs/ifs_tests.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0-only
# Copyright (c) 2023 Intel Corporation
# Author: Pengfei Xu <[email protected]>
# Description: Test script to verify Intel IFS(In Field SCAN) functionality

cd "$(dirname "$0")" 2>/dev/null || exit 1
Expand Down Expand Up @@ -97,6 +98,8 @@ run_ifs_tests() {
do_cmd "echo $BATCH_NUM > ${IFS_PATH}/${BATCH}"
# Need to wait after boot up 1800s, then could test ifs
wait_up_time
# At least sleep 2 for common situation
do_cmd "sleep 2"
# Execute normal scan test in first round and need to wait cooling time
test_print_trc "***** Will run 1st round normal scan: *****"
init_log "${CASE_NORM}_${BATCH_NUM}"
Expand Down
9 changes: 8 additions & 1 deletion ifs/tests
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
# This file collects Intel IFS(In Field SCAN) tests on
# Intel® Architecture-based platforms.

# ifs_0 scan test cases
# ifs_0 scan test cases, it works on SPR(Sapphire Rapids) platform and future server
ifs_tests.sh -m 0 -p all -n load_ifs
ifs_tests.sh -m 0 -p all -b 1 -n ifs_batch
ifs_tests.sh -m 0 -p all -b 1 -n legacy_twice_run
ifs_tests.sh -m 0 -p all -b 2 -n legacy_twice_run
ifs_tests.sh -m 0 -p all -b 3 -n legacy_twice_run
ifs_tests.sh -m 0 -p all -b 1 -n img_version
ifs_tests.sh -m 0 -p all -b 1 -n reload_ifs

# ifs_1 array BIST(Board Integrated System Test), it works on EMR(Emerald Rapids) and future server
ifs_tests.sh -m 1 -p all -n ifs_array_scan
ifs_tests.sh -m 1 -p ran -n ifs_array_off_sib -t 10
ifs_tests.sh -m 1 -p ran -n ifs_array_offran -t 5
ifs_tests.sh -m 1 -p ran -n ifs_array_cpuran_fullload -t 10
ifs_tests.sh -m 1 -p ran -b 1 -n ifs_loop -t 500
1 change: 1 addition & 0 deletions tools/cpuid_check/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
cpuid_check
6 changes: 6 additions & 0 deletions tools/cpuid_check/cpuid_check.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
// SPDX-License-Identifier: GPL-2.0-only
// Copyright (c) 2022 Intel Corporation.
/*
* cpuid_check.c: one CPU ID check tool for script usage
*
* Author: Pengfei Xu <[email protected]>
*
*/

#include <stdio.h>
#include <stdlib.h>
Expand Down
2 changes: 2 additions & 0 deletions xsave/xstate.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
/*
* xstate.c - tests XSAVE feature with fork and signal handling.
*
* Author: Pengfei Xu <[email protected]>
*
* The XSAVE feature set supports the saving and restoring of state components.
* It tests "FP, SSE(XMM), AVX2(YMM), AVX512_OPMASK/AVX512_ZMM_Hi256/
* AVX512_Hi16_ZMM and PKRU parts" xstates with the following cases:
Expand Down
2 changes: 2 additions & 0 deletions xsave/xstate_helpers.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
/*
* xstate_helpers.c - xstate helpers to prevent GCC from generating any FP code.
*
* Author: Pengfei Xu <[email protected]>
*
* Because xstate like XMM will not be preserved across function calls, it uses
* assembly instruction to call a system call of fork or raise signal, and uses
* the "inline" keyword in test functions in this file.
Expand Down
Loading