On Tue, Jun 16, 2020 at 05:06:55PM -0700, Sean Christopherson wrote: > On Tue, Jun 16, 2020 at 11:09:58PM +0300, Jarkko Sakkinen wrote: > > On Wed, Jun 10, 2020 at 01:59:03PM -0700, Sean Christopherson wrote: > > > On Mon, Jun 01, 2020 at 10:51:57AM +0300, Jarkko Sakkinen wrote: > > > > v29: > > > > * The selftest has been moved to selftests/sgx. Because SGX is an > > > > execution > > > > environment of its own, it really isn't a great fit with more > > > > "standard" > > > > x86 tests. > > > > > > > > The RSA key is now generated on fly and the whole signing process has > > > > been made as part of the enclave loader instead of signing the enclave > > > > during the compilation time. > > > > > > > > Finally, the enclave loader loads now the test enclave directly from > > > > its > > > > ELF file, which means that ELF file does not need to be coverted as > > > > raw > > > > binary during the build process. > > > > > > Something in the above rework broke the selftest. I'm getting > > > intermittent > > > EINIT failures with SGX_INVALID_SIGNATURE. I'm guessing it's related to > > > the dynamic RSA key generation, e.g. only ~15% of runs fail. Verified > > > that > > > v29 selftest fails and v28 passes. My internal tests also pass, i.e. it's > > > all but guaranteed to be a selftest issue, not a kernel issue. > > > > > > Jarkko, I don't have bandwidth to dig into this right now, hopefully this > > > reproduces in your environment. Let me know if that's not the case. > > > > I haven't experienced but I'll try to stress test it. > > > > Just to know how complex test should reproduce your issue, can you > > reproduce the issue by running the selftest sequentially in a loop or > > do I need to do something more complex than that? > > I didn't even get that complex, just running the selftest manually will > eventually fail for me, e.g. the first failure I saw was a one-off run of > the selftest.
OK, I'll see how it behaves in my Geminilake NUC. /Jarkko
