diff options
author | Jarkko Sakkinen | 2022-05-13 09:11:26 +0300 |
---|---|---|
committer | Jarkko Sakkinen | 2022-05-13 09:14:34 +0300 |
commit | 1c9f12ad04044fca8cbf602e3295c26b0829ea97 (patch) | |
tree | 4a0ec208cd7c2cb5d0354e98a03e4ed7a108dd70 /0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch | |
parent | 1197ad7586a7c19e4877147b740e6cecef3814f5 (diff) | |
download | aur-1c9f12ad04044fca8cbf602e3295c26b0829ea97.tar.gz |
build: update to 5.17.7.arch1
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Diffstat (limited to '0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch')
-rw-r--r-- | 0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch b/0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch deleted file mode 100644 index 02a8bd059f9d..000000000000 --- a/0002-x86-sgx-Add-wrapper-for-SGX2-EMODPR-function.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 7f9ca1bdebe92d16d0e176e7dbb0425e3563a2b5 Mon Sep 17 00:00:00 2001 -From: Reinette Chatre <reinette.chatre@intel.com> -Date: Wed, 13 Apr 2022 14:10:02 -0700 -Subject: [PATCH 02/31] x86/sgx: Add wrapper for SGX2 EMODPR function - -Add a wrapper for the EMODPR ENCLS leaf function used to -restrict enclave page permissions as maintained in the -SGX hardware's Enclave Page Cache Map (EPCM). - -EMODPR: -1) Updates the EPCM permissions of an enclave page by treating - the new permissions as a mask. Supplying a value that attempts - to relax EPCM permissions has no effect on EPCM permissions - (PR bit, see below, is changed). -2) Sets the PR bit in the EPCM entry of the enclave page to - indicate that permission restriction is in progress. The bit - is reset by the enclave by invoking ENCLU leaf function - EACCEPT or EACCEPTCOPY. - -The enclave may access the page throughout the entire process -if conforming to the EPCM permissions for the enclave page. - -After performing the permission restriction by issuing EMODPR -the kernel needs to collaborate with the hardware to ensure that -all logical processors sees the new restricted permissions. This -is required for the enclave's EACCEPT/EACCEPTCOPY to succeed and -is accomplished with the ETRACK flow. - -Expand enum sgx_return_code with the possible EMODPR return -values. - -Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> -Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> ---- - arch/x86/include/asm/sgx.h | 5 +++++ - arch/x86/kernel/cpu/sgx/encls.h | 6 ++++++ - 2 files changed, 11 insertions(+) - -diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h -index 3f9334ef67cd..d67810b50a81 100644 ---- a/arch/x86/include/asm/sgx.h -+++ b/arch/x86/include/asm/sgx.h -@@ -65,17 +65,22 @@ enum sgx_encls_function { - - /** - * enum sgx_return_code - The return code type for ENCLS, ENCLU and ENCLV -+ * %SGX_EPC_PAGE_CONFLICT: Page is being written by other ENCLS function. - * %SGX_NOT_TRACKED: Previous ETRACK's shootdown sequence has not - * been completed yet. - * %SGX_CHILD_PRESENT SECS has child pages present in the EPC. - * %SGX_INVALID_EINITTOKEN: EINITTOKEN is invalid and enclave signer's - * public key does not match IA32_SGXLEPUBKEYHASH. -+ * %SGX_PAGE_NOT_MODIFIABLE: The EPC page cannot be modified because it -+ * is in the PENDING or MODIFIED state. - * %SGX_UNMASKED_EVENT: An unmasked event, e.g. INTR, was received - */ - enum sgx_return_code { -+ SGX_EPC_PAGE_CONFLICT = 7, - SGX_NOT_TRACKED = 11, - SGX_CHILD_PRESENT = 13, - SGX_INVALID_EINITTOKEN = 16, -+ SGX_PAGE_NOT_MODIFIABLE = 20, - SGX_UNMASKED_EVENT = 128, - }; - -diff --git a/arch/x86/kernel/cpu/sgx/encls.h b/arch/x86/kernel/cpu/sgx/encls.h -index 0e22fa8f77c5..2b091912f038 100644 ---- a/arch/x86/kernel/cpu/sgx/encls.h -+++ b/arch/x86/kernel/cpu/sgx/encls.h -@@ -215,4 +215,10 @@ static inline int __ewb(struct sgx_pageinfo *pginfo, void *addr, - return __encls_ret_3(EWB, pginfo, addr, va); - } - -+/* Restrict the EPCM permissions of an EPC page. */ -+static inline int __emodpr(struct sgx_secinfo *secinfo, void *addr) -+{ -+ return __encls_ret_2(EMODPR, secinfo, addr); -+} -+ - #endif /* _X86_ENCLS_H */ --- -2.35.2 - |