Rollup merge of #108986 - fortanix:raoul/sync_lvi_patches, r=cuviper

matthiaskrgr · web-flow · commit cfd8105f3f8a · 2023-03-24T01:22:05.000+01:00
sync LVI tests

The LVI tests for the `x86_64-fortanix-unknown-sgx` target have gotten out of sync. LVI is still mitigated correctly, but the LVI tests need minor modifications. Other (non LVI-related) tests fail when the target applies LVI mitigations as they assume the generated code contains forbidden instructions such as `retq`. These tests are ignored for the sgx environment.

cc: `@jethrogb`
diff --git a/tests/assembly/is_aligned.rs b/tests/assembly/is_aligned.rs
@@ -1,6 +1,7 @@
 // assembly-output: emit-asm
 // min-llvm-version: 15.0
 // only-x86_64
+// ignore-sgx
 // revisions: opt-speed opt-size
 // [opt-speed] compile-flags: -Copt-level=1
 // [opt-size] compile-flags: -Copt-level=s
diff --git a/tests/assembly/strict_provenance.rs b/tests/assembly/strict_provenance.rs
@@ -1,6 +1,7 @@
 // assembly-output: emit-asm
 // compile-flags: -Copt-level=1
 // only-x86_64
+// ignore-sgx
 // min-llvm-version: 15.0
 #![crate_type = "rlib"]
 
diff --git a/tests/assembly/x86_64-floating-point-clamp.rs b/tests/assembly/x86_64-floating-point-clamp.rs
@@ -4,6 +4,7 @@
 // assembly-output: emit-asm
 // compile-flags: --crate-type=lib -O -C llvm-args=-x86-asm-syntax=intel
 // only-x86_64
+// ignore-sgx
 
 // CHECK-LABEL: clamp_demo:
 #[no_mangle]
diff --git a/tests/assembly/x86_64-fortanix-unknown-sgx-lvi-generic-load.rs b/tests/assembly/x86_64-fortanix-unknown-sgx-lvi-generic-load.rs
@@ -11,7 +11,7 @@ pub extern fn plus_one(r: &mut u64) {
 
 // CHECK: plus_one
 // CHECK: lfence
-// CHECK-NEXT: addq
+// CHECK-NEXT: incq
 // CHECK: popq [[REGISTER:%[a-z]+]]
 // CHECK-NEXT: lfence
 // CHECK-NEXT: jmpq *[[REGISTER]]
diff --git a/tests/assembly/x86_64-fortanix-unknown-sgx-lvi-inline-assembly.rs b/tests/assembly/x86_64-fortanix-unknown-sgx-lvi-inline-assembly.rs
@@ -10,34 +10,25 @@ use std::arch::asm;
 pub extern "C" fn get(ptr: *const u64) -> u64 {
     let value: u64;
     unsafe {
-        asm!(".start_inline_asm:",
-            "mov {}, [{}]",
-            ".end_inline_asm:",
+        asm!("mov {}, [{}]",
             out(reg) value,
             in(reg) ptr);
     }
     value
 }
 
 // CHECK: get
-// CHECK: .start_inline_asm
-// CHECK-NEXT: movq
+// CHECK: movq
 // CHECK-NEXT: lfence
-// CHECK-NEXT: .end_inline_asm
 
 #[no_mangle]
 pub extern "C" fn myret() {
     unsafe {
-        asm!(
-            ".start_myret_inline_asm:",
-            "ret",
-            ".end_myret_inline_asm:",
-        );
+        asm!("ret");
     }
 }
 
 // CHECK: myret
-// CHECK: .start_myret_inline_asm
-// CHECK-NEXT: shlq $0, (%rsp)
+// CHECK: shlq $0, (%rsp)
 // CHECK-NEXT: lfence
 // CHECK-NEXT: retq
diff --git a/tests/assembly/x86_64-no-jump-tables.rs b/tests/assembly/x86_64-no-jump-tables.rs
@@ -6,6 +6,7 @@
 // compile-flags: -O
 // [set] compile-flags: -Zno-jump-tables
 // only-x86_64
+// ignore-sgx
 
 #![crate_type = "lib"]
 
diff --git a/tests/run-make/issue-36710/Makefile b/tests/run-make/issue-36710/Makefile
@@ -4,6 +4,7 @@
 # ignore-nvptx64-nvidia-cuda FIXME: can't find crate for `std`
 # ignore-musl FIXME: this makefile needs teaching how to use a musl toolchain
 #                    (see dist-i586-gnu-i586-i686-musl Dockerfile)
+# ignore-sgx
 
 include ../../run-make-fulldeps/tools.mk
 
diff --git a/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/cc_plus_one_asm.checks b/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/cc_plus_one_asm.checks
@@ -1,8 +1,7 @@
 CHECK: cc_plus_one_asm
 CHECK-NEXT: movl
 CHECK-NEXT: lfence
-CHECK-NEXT: inc
-CHECK-NEXT: notq (%rsp)
-CHECK-NEXT: notq (%rsp)
+CHECK-NEXT: incl
+CHECK-NEXT: shlq $0, (%rsp)
 CHECK-NEXT: lfence
 CHECK-NEXT: retq
diff --git a/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/jumpto.checks b/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/jumpto.checks
@@ -1,8 +1,24 @@
-CHECK: libunwind::Registers_x86_64::jumpto
+CHECK: __libunwind_Registers_x86_64_jumpto
 CHECK:      lfence
 CHECK:      lfence
 CHECK:      lfence
 CHECK:      lfence
-CHECK:      shlq    $0, (%rsp)
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK:      lfence
+CHECK-NEXT: popq [[REGISTER:%[a-z]+]]
+CHECK-NEXT: lfence
+CHECK-NEXT: popq [[REGISTER:%[a-z]+]]
 CHECK-NEXT: lfence
-CHECK-NEXT: retq
+CHECK-NEXT: jmpq *[[REGISTER]]
diff --git a/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/print.checks b/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/print.checks
@@ -2,6 +2,5 @@ CHECK: print
 CHECK:      lfence
 CHECK:      lfence
 CHECK:      lfence
-CHECK:      popq
 CHECK:      callq 0x{{[[:xdigit:]]*}} <_Unwind_Resume>
 CHECK-NEXT: ud2
diff --git a/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/script.sh b/tests/run-make/x86_64-fortanix-unknown-sgx-lvi/script.sh
@@ -20,39 +20,38 @@ function build {
 }
 
 function check {
-    local func=$1
+    local func_re="$1"
     local checks="${TEST_DIR}/$2"
     local asm=$(mktemp)
-    local objdump="${BUILD_DIR}/x86_64-unknown-linux-gnu/llvm/build/bin/llvm-objdump"
-    local filecheck="${BUILD_DIR}/x86_64-unknown-linux-gnu/llvm/build/bin/FileCheck"
-
-    ${objdump} --disassemble-symbols=${func} --demangle \
-      ${WORK_DIR}/enclave/target/x86_64-fortanix-unknown-sgx/debug/enclave > ${asm}
+    local objdump="${LLVM_BIN_DIR}/llvm-objdump"
+    local filecheck="${LLVM_BIN_DIR}/FileCheck"
+    local enclave=${WORK_DIR}/enclave/target/x86_64-fortanix-unknown-sgx/debug/enclave
+
+    func="$(${objdump} --syms --demangle ${enclave} | \
+            grep --only-matching -E "[[:blank:]]+${func_re}\$" | \
+            sed -e 's/^[[:space:]]*//' )"
+    ${objdump} --disassemble-symbols="${func}" --demangle \
+      ${enclave} > ${asm}
     ${filecheck} --input-file ${asm} ${checks}
 }
 
 build
 
-check unw_getcontext unw_getcontext.checks
-check "libunwind::Registers_x86_64::jumpto()" jumpto.checks
-check "std::io::stdio::_print::h87f0c238421c45bc" print.checks
-check rust_plus_one_global_asm rust_plus_one_global_asm.checks \
-  || echo "warning: module level assembly currently not hardened"
+check "unw_getcontext" unw_getcontext.checks
+check "__libunwind_Registers_x86_64_jumpto" jumpto.checks
+check 'std::io::stdio::_print::[[:alnum:]]+' print.checks
+check rust_plus_one_global_asm rust_plus_one_global_asm.checks
 
 check cc_plus_one_c cc_plus_one_c.checks
 check cc_plus_one_c_asm cc_plus_one_c_asm.checks
 check cc_plus_one_cxx cc_plus_one_cxx.checks
 check cc_plus_one_cxx_asm cc_plus_one_cxx_asm.checks
-check cc_plus_one_asm cc_plus_one_asm.checks \
-  || echo "warning: the cc crate forwards assembly files to the CC compiler." \
-           "Clang uses its own integrated assembler, which does not include the LVI passes."
+check cc_plus_one_asm cc_plus_one_asm.checks
 
 check cmake_plus_one_c cmake_plus_one_c.checks
 check cmake_plus_one_c_asm cmake_plus_one_c_asm.checks
-check cmake_plus_one_c_global_asm cmake_plus_one_c_global_asm.checks \
-  || echo "warning: module level assembly currently not hardened"
+check cmake_plus_one_c_global_asm cmake_plus_one_c_global_asm.checks
 check cmake_plus_one_cxx cmake_plus_one_cxx.checks
 check cmake_plus_one_cxx_asm cmake_plus_one_cxx_asm.checks
-check cmake_plus_one_cxx_global_asm cmake_plus_one_cxx_global_asm.checks \
-  || echo "warning: module level assembly currently not hardened"
+check cmake_plus_one_cxx_global_asm cmake_plus_one_cxx_global_asm.checks
 check cmake_plus_one_asm cmake_plus_one_asm.checks
