On Sat, 2026-07-11 at 12:00 +0200, Thorsten Blum wrote:
> Both sgx_ioc_enclave_init() and __sgx_virt_einit() use the same 304-byte
> launch token. Use SGX_LAUNCH_TOKEN_SIZE in __sgx_virt_einit() instead of
> maintaining a second local definition, 
> 

[...]

> ensuring the token initialization
> and validation paths use the same size.

Nit: 

This part isn't that accurate to me.  sgx_ioc_enclave_init() is for running host
SGX enclave and __sgx_virt_einit() is for executing the EINIT trapped from KVM
guests.  I.e., IMHO they are not "token initialization" and "token validation"
which sounds like two sides of the same coin.  And the access_ok() doesn't
validate the content of the EINITTOKEN anyway.

IHMO we can just remove this part.

> 
> Signed-off-by: Thorsten Blum <[email protected]>
> ---
>  arch/x86/kernel/cpu/sgx/virt.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/virt.c b/arch/x86/kernel/cpu/sgx/virt.c
> index db6806c40483..fa9173a9384a 100644
> --- a/arch/x86/kernel/cpu/sgx/virt.c
> +++ b/arch/x86/kernel/cpu/sgx/virt.c
> @@ -394,9 +394,8 @@ static int __sgx_virt_einit(void __user *sigstruct, void 
> __user *token,
>        * All other checks deferred to ENCLS itself.  Also see comment
>        * for @secs in sgx_virt_ecreate().
>        */
> -#define SGX_EINITTOKEN_SIZE  304
>       if (WARN_ON_ONCE(!access_ok(sigstruct, sizeof(struct sgx_sigstruct)) ||
> -                      !access_ok(token, SGX_EINITTOKEN_SIZE) ||
> +                      !access_ok(token, SGX_LAUNCH_TOKEN_SIZE) ||
>                        !access_ok(secs, PAGE_SIZE)))
>               return -EINVAL;
>  

Not sure whether the name SGX_EINITTOKEN_SIZE slightly matches better, but I am
fine with both.

With the nit mentioned in changelog fixed:

Reviewed-by: Kai Huang <[email protected]>

Reply via email to