Add test for sgxs-loaders

atomicjets · Sep 21, 2020 · 00f518e · 00f518e
1 parent 38513c9
commit 00f518e
Show file tree

Hide file tree

Showing 11 changed files with 63 additions and 9 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -29,7 +29,7 @@ matrix:
       before_script:
         - rustup target add x86_64-fortanix-unknown-sgx x86_64-unknown-linux-musl
       script:
-        - cargo test --verbose --all
+        - cargo test --verbose --all --exclude sgxs-loaders
         - cargo test --verbose -p sgx-isa --features sgxstd -Z package-features --target x86_64-fortanix-unknown-sgx --no-run
         - cargo test --verbose -p sgxs-tools --features pe2sgxs --bin isgx-pe2sgx -Z package-features
         - cargo test --verbose -p dcap-ql --features link -Z package-features

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/aesm-client/Cargo.toml b/aesm-client/Cargo.toml
@@ -55,4 +55,4 @@ protoc-rust = "2.8.0" # MIT/Apache-2.0
 [dev-dependencies]
 sgx-isa = { version = "0.3.0", path = "../sgx-isa" }
 "report-test" = { version = "0.3.1", path = "../report-test" }
-"sgxs-loaders" = { version = "0.2.0", path = "../sgxs-loaders" }
+"sgxs-loaders" = { version = "0.3.0", path = "../sgxs-loaders" }
diff --git a/dcap-ql/Cargo.toml b/dcap-ql/Cargo.toml
@@ -37,7 +37,7 @@ verify = ["mbedtls", "num", "yasna"]
 [dependencies]
 # Project dependencies
 "dcap-ql-sys" = { version = "0.2.0", path = "../dcap-ql-sys", optional = true }
-"sgxs-loaders" = { version = "0.2.0", path = "../sgxs-loaders", optional = true }
+"sgxs-loaders" = { version = "0.3.0", path = "../sgxs-loaders", optional = true }
 "sgx-isa" = { version = "0.3.0", path = "../sgx-isa" }
 
 # External dependencies

diff --git a/dcap-retrieve-pckid/Cargo.toml b/dcap-retrieve-pckid/Cargo.toml
@@ -18,4 +18,4 @@ categories = ["command-line-utilities"]
 "dcap-ql" = { version = "0.3.0", path = "../dcap-ql", default-features = false }
 "report-test" = { version = "0.3.1", path = "../report-test" }
 "sgx-isa" = { version = "0.3.0", path = "../sgx-isa" }
-"sgxs-loaders" = { version = "0.2.0", path = "../sgxs-loaders" }
+"sgxs-loaders" = { version = "0.3.0", path = "../sgxs-loaders" }
diff --git a/examples/usercall-extension/runner/Cargo.toml b/examples/usercall-extension/runner/Cargo.toml
@@ -7,5 +7,5 @@ license = "MPL-2.0"
 [dependencies]
 aesm-client = { version = "0.2.0", features = ["sgxs"], path="../../../aesm-client"}
 enclave-runner = { version = "0.2.0", path="../../../enclave-runner"}
-sgxs-loaders = { version = "0.2.0",   path="../../../sgxs-loaders"}
+sgxs-loaders = { version = "0.3.0",   path="../../../sgxs-loaders"}
 tokio = "0.1.22"         # MIT
diff --git a/fortanix-sgx-tools/Cargo.toml b/fortanix-sgx-tools/Cargo.toml
@@ -20,7 +20,7 @@ edition = "2018"
 [dependencies]
 # Project dependencies
 aesm-client = { version = "0.5.0", path = "../aesm-client", features = ["sgxs"] }
-sgxs-loaders = { version = "0.2.0", path = "../sgxs-loaders" }
+sgxs-loaders = { version = "0.3.0", path = "../sgxs-loaders" }
 enclave-runner = { version = "0.4.0", path = "../enclave-runner" }
 sgxs = { version = "0.7.0", path = "../sgxs" }
 sgx-isa = { version = "0.3.0", path = "../sgx-isa" }

diff --git a/sgxs-loaders/Cargo.toml b/sgxs-loaders/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "sgxs-loaders"
-version = "0.2.2"
+version = "0.3.0"
 authors = ["Fortanix, Inc."]
 license = "MPL-2.0"
 edition = "2018"
@@ -18,6 +18,11 @@ homepage = "https://edp.fortanix.com/"
 keywords = ["sgx", "enclave", "sgxs", "isgx"]
 categories = ["os", "hardware-support", "api-bindings"]
 
+[features]
+# This feature isn't used in the public API of this crate. It's used only to
+# disable testing the sgx_enclave_common loader
+no_sgx_enclave_common = []
+
 [dependencies]
 # Project dependencies
 "sgxs" = { version = "0.7.0", path = "../sgxs" }
@@ -33,3 +38,8 @@ libloading = "0.5"       # ISC
 
 [target.'cfg(windows)'.dependencies]
 winapi = { version = "0.3.7", features = ["enclaveapi","memoryapi","processthreadsapi"] }
+
+[dev-dependencies]
+# Project dependencies
+"report-test" = { version = "0.3.0", path = "../report-test" }
+"aesm-client" = { version = "0.5.0", path = "../aesm-client", features = ["sgxs"] }
diff --git a/sgxs-loaders/src/sgx_enclave_common/mod.rs b/sgxs-loaders/src/sgx_enclave_common/mod.rs
@@ -27,6 +27,7 @@ mod defs;
 use self::defs::*;
 
 #[derive(Fail, Debug)]
+#[non_exhaustive]
 pub enum LibraryError {
     #[fail(
         display = "Enclave type not supported, Intel SGX not supported, or Intel SGX device not present"
@@ -68,6 +69,8 @@ pub enum LibraryError {
     InvalidSize,
     #[fail(display = "Enclave is not initialized - the operation requires an initialized enclave")]
     NotInitialized,
+    #[fail(display = "Unexpected error in the API")]
+    Unexpected,
     #[fail(display = "Unknown error ({}) in SGX device interface", _0)]
     Other(u32),
     #[fail(display = "Failed to adjust the page table permissions: {}", _0)]
@@ -94,6 +97,7 @@ impl From<u32> for LibraryError {
             ENCLAVE_RETRY => Retry,
             ENCLAVE_INVALID_SIZE => InvalidSize,
             ENCLAVE_NOT_INITIALIZED => NotInitialized,
+            ENCLAVE_UNEXPECTED => Unexpected,
             _ => Other(error),
         }
     }

diff --git a/sgxs-loaders/tests/loaders.rs b/sgxs-loaders/tests/loaders.rs
@@ -0,0 +1,38 @@
+use aesm_client::AesmClient;
+#[cfg(target_os = "windows")]
+use sgxs_loaders::enclaveapi;
+#[cfg(target_os = "linux")]
+use sgxs_loaders::isgx;
+use sgxs_loaders::sgx_enclave_common;
+
+macro_rules! test_loader {
+    ($loader:expr) => {
+        let mut loader = $loader
+            .expect("enclave loader initialization error")
+            .einittoken_provider(AesmClient::new())
+            .build();
+
+        report_test::report(&Default::default(), &mut loader).expect("error getting report");
+    }
+}
+
+#[cfg_attr(not(target_os = "windows"), ignore)]
+#[test]
+fn enclaveapi() {
+    #[cfg(target_os = "windows")]
+    test_loader!(enclaveapi::Sgx::new());
+}
+
+#[cfg_attr(not(target_os = "linux"), ignore)]
+#[test]
+fn sgxdevice() {
+    #[cfg(target_os = "linux")]
+    test_loader!(isgx::Device::new());
+}
+
+#[cfg_attr(feature = "no_sgx_enclave_common", ignore)]
+#[test]
+fn sgx_enclave_common() {
+    eprintln!("NOTE: As of September 2020, this loader doesn't support launch tokens, due to missing support in the Intel library.");
+    test_loader!(sgx_enclave_common::Library::load(None));
+}
diff --git a/sgxs-tools/Cargo.toml b/sgxs-tools/Cargo.toml
@@ -30,7 +30,7 @@ path = "src/sgx_detect/main.rs"
 [dependencies]
 # Project dependencies
 "sgxs" = { version = "0.7.0", path = "../sgxs", features = ["crypto-openssl"] }
-"sgxs-loaders" = { version = "0.2.0", path = "../sgxs-loaders" }
+"sgxs-loaders" = { version = "0.3.0", path = "../sgxs-loaders" }
 "aesm-client" = { version = "0.5.0", path = "../aesm-client", features = ["sgxs"] }
 "sgx-isa" = { version = "0.3.0", path = "../sgx-isa" }
 "report-test" = { version = "0.3.1", path = "../report-test" }