On Tue, Sep 29, 2020 at 12:52:35AM +0100, Andrew Cooper wrote:
> On 28/09/2020 21:42, Jarkko Sakkinen wrote:
> > On Mon, Sep 28, 2020 at 05:44:35PM +0100, Andrew Cooper wrote:
> >> On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> >>> On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
>
On 29/09/2020 15:10, Dave Hansen wrote:
> On 9/28/20 4:38 PM, Andrew Cooper wrote:
CET=y, BUG_SPECTRE_V2=y: does not exist
CET=n, BUG_SPECTRE_V2=y: vulnerable, use retpoline
CET=y, BUG_SPECTRE_V2=n: no retpoline, not vulnerable
CET=n, BUG_SPECTRE_V2=n: no retpoline, not
On 9/28/20 4:38 PM, Andrew Cooper wrote:
>>> CET=y, BUG_SPECTRE_V2=y: does not exist
>>> CET=n, BUG_SPECTRE_V2=y: vulnerable, use retpoline
>>> CET=y, BUG_SPECTRE_V2=n: no retpoline, not vulnerable
>>> CET=n, BUG_SPECTRE_V2=n: no retpoline, not vulnerable
>> Just to confirm: does this mean that
On Mon, Sep 28, 2020 at 11:17:42AM -0700, Dave Hansen wrote:
> On 9/28/20 11:12 AM, Andy Lutomirski wrote:
> >> endbr64
> >> /* Check if shadow stack is in use. NB: R11 is the only usable
> >>scratch register for function calls. */
> >> xorl %r11d, %r11d
> >> rdsspq %r11
> >> testq %r11,
On Mon, Sep 28, 2020 at 11:12:08AM -0700, Andy Lutomirski wrote:
> On Mon, Sep 28, 2020 at 11:08 AM H.J. Lu wrote:
> >
> > On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper
> > wrote:
> > >
> > > On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > > > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew
On 28/09/2020 21:42, Jarkko Sakkinen wrote:
> On Mon, Sep 28, 2020 at 05:44:35PM +0100, Andrew Cooper wrote:
>> On 28/09/2020 01:58, Jarkko Sakkinen wrote:
>>> On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> diff --git
On 28/09/2020 23:41, Andy Lutomirski wrote:
> On Mon, Sep 28, 2020 at 3:18 PM Dave Hansen wrote:
>> On 9/28/20 3:06 PM, H.J. Lu wrote:
I'm open to do either solution. My thinking was to initially do things
vsgx.S local (i.e. consider ALTERNATIVE post upstreaming) and use the
above
On Mon, Sep 28, 2020 at 2:56 PM Jarkko Sakkinen
wrote:
>
> On Mon, Sep 28, 2020 at 11:12:08AM -0700, Andy Lutomirski wrote:
> > On Mon, Sep 28, 2020 at 11:08 AM H.J. Lu wrote:
> > >
> > > On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper
> > > wrote:
> > > >
> > > > On 28/09/2020 01:58, Jarkko
On 9/28/20 3:06 PM, H.J. Lu wrote:
>> I'm open to do either solution. My thinking was to initially do things
>> vsgx.S local (i.e. consider ALTERNATIVE post upstreaming) and use the
>> above solution but I'm also fine doing ALTERNATIVE. Dave kindly briefed
>> on details how that thing works and it
On Mon, Sep 28, 2020 at 3:18 PM Dave Hansen wrote:
>
> On 9/28/20 3:06 PM, H.J. Lu wrote:
> >> I'm open to do either solution. My thinking was to initially do things
> >> vsgx.S local (i.e. consider ALTERNATIVE post upstreaming) and use the
> >> above solution but I'm also fine doing ALTERNATIVE.
On Mon, Sep 28, 2020 at 11:07:47AM -0700, H.J. Lu wrote:
> On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper
> wrote:
> >
> > On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> > >> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > >>>
On Mon, Sep 28, 2020 at 08:54:01AM -0700, H.J. Lu wrote:
> On Mon, Sep 28, 2020 at 8:43 AM Yu, Yu-cheng wrote:
> >
> > On 9/25/2020 11:23 AM, Andrew Cooper wrote:
> > > On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > >> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > >>
On Mon, Sep 28, 2020 at 08:43:16AM -0700, Yu, Yu-cheng wrote:
> On 9/25/2020 11:23 AM, Andrew Cooper wrote:
> > On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > > diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > > b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > > new file mode 100644
> > >
On Mon, Sep 28, 2020 at 05:44:35PM +0100, Andrew Cooper wrote:
> On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> >> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> >>> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> >>>
On 9/28/20 11:12 AM, Andy Lutomirski wrote:
>> endbr64
>> /* Check if shadow stack is in use. NB: R11 is the only usable
>>scratch register for function calls. */
>> xorl %r11d, %r11d
>> rdsspq %r11
>> testq %r11, %r11
>> jnz 3f
>> call 2f
>> 1:
>> pause
>> lfence
>> jmp 1b
>> 2:
>> mov
On Mon, Sep 28, 2020 at 11:08 AM H.J. Lu wrote:
>
> On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper
> wrote:
> >
> > On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> > >> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > >>> diff
On Mon, Sep 28, 2020 at 9:44 AM Andrew Cooper wrote:
>
> On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> > On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> >> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> >>> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> >>>
On 28/09/2020 01:58, Jarkko Sakkinen wrote:
> On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
>> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
>>> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
>>> b/arch/x86/entry/vdso/vsgx_enter_enclave.S
>>> new file mode 100644
>>> index
On 9/28/2020 8:54 AM, H.J. Lu wrote:
On Mon, Sep 28, 2020 at 8:43 AM Yu, Yu-cheng wrote:
On 9/25/2020 11:23 AM, Andrew Cooper wrote:
On 15/09/2020 12:28, Jarkko Sakkinen wrote:
diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
b/arch/x86/entry/vdso/vsgx_enter_enclave.S
new file mode
On Mon, Sep 28, 2020 at 8:43 AM Yu, Yu-cheng wrote:
>
> On 9/25/2020 11:23 AM, Andrew Cooper wrote:
> > On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> >> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> >> b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> >> new file mode 100644
> >> index
On 9/25/2020 11:23 AM, Andrew Cooper wrote:
On 15/09/2020 12:28, Jarkko Sakkinen wrote:
diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
b/arch/x86/entry/vdso/vsgx_enter_enclave.S
new file mode 100644
index ..adbd59d41517
--- /dev/null
+++
On Mon, Sep 28, 2020 at 10:30:32AM +0200, Borislav Petkov wrote:
> On Mon, Sep 28, 2020 at 02:37:00AM +0300, Jarkko Sakkinen wrote:
> > I did not get Sean's reply, and neither can find it from lore:
> >
> >
On Thu, Sep 24, 2020 at 05:38:10PM -0700, Sean Christopherson wrote:
> > I can see why you would write "TCS" though - there's a thread control
> > structure thing too in that patch.
>
> Argh, it's actually supposed to be TCS, SGX_ENCLAVE_RUN_TSC is the one that's
> wrong.
So I presume that I
On Mon, Sep 28, 2020 at 02:37:00AM +0300, Jarkko Sakkinen wrote:
> I did not get Sean's reply, and neither can find it from lore:
>
> https://lore.kernel.org/linux-sgx/20200915112842.897265-1-jarkko.sakki...@linux.intel.com/T/#t
Yah, your mail server upgrade broke a lot of stuff. And lore even
On Tue, Sep 15, 2020 at 02:05:19PM +0300, Jarkko Sakkinen wrote:
> +struct sgx_enclave_run {
> + __u64 tcs;
> + __u32 flags;
> + __u32 exit_reason;
> +
> + union {
> + sgx_enclave_exit_handler_t user_handler;
> + __u64 __user_handler;
> + };
I will
On Fri, Sep 25, 2020 at 07:23:59PM +0100, Andrew Cooper wrote:
> On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> > diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > new file mode 100644
> > index ..adbd59d41517
> > --- /dev/null
> >
On Fri, Sep 25, 2020 at 10:28:07AM +0200, Borislav Petkov wrote:
> > > I can see why you would write "TCS" though - there's a thread control
> > > structure thing too in that patch.
> >
> > Renamed.
>
> See Sean's reply.
I did not get Sean's reply, and neither can find it from lore:
On 15/09/2020 12:28, Jarkko Sakkinen wrote:
> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> new file mode 100644
> index ..adbd59d41517
> --- /dev/null
> +++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> @@ -0,0 +1,157 @@
>
On 2020-09-25 13:17, Jarkko Sakkinen wrote:
> On Fri, Sep 25, 2020 at 10:39:58AM +0200, Jethro Beekman wrote:
>> On 2020-09-25 03:00, Jarkko Sakkinen wrote:
>>> End result:
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-sgx.git/tree/arch/x86/include/uapi/asm/sgx.h
>>>
>>> I'm
On Fri, Sep 25, 2020 at 10:39:58AM +0200, Jethro Beekman wrote:
> On 2020-09-25 03:00, Jarkko Sakkinen wrote:
> > End result:
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-sgx.git/tree/arch/x86/include/uapi/asm/sgx.h
> >
> > I'm wondering this sentence:
> >
> > "The
On Fri, Sep 25, 2020 at 10:14:41AM +0200, Borislav Petkov wrote:
> > > > +#define SGX_ENCLAVE_RUN_EXCEPTION 4*8
> > > > +
> > > > +#define SGX_SYNCHRONOUS_EXIT 0
> > > > +#define SGX_EXCEPTION_EXIT 1
> > >
> > > Those are in ...uapi/asm/sgx.h too. Unify?
>
On 2020-09-25 03:00, Jarkko Sakkinen wrote:
> End result:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-sgx.git/tree/arch/x86/include/uapi/asm/sgx.h
>
> I'm wondering this sentence:
>
> "The calling convention is custom and does not follow System V x86-64 ABI."
>
> AFAIK,
On Fri, Sep 25, 2020 at 04:00:40AM +0300, Jarkko Sakkinen wrote:
> I renamed it as vsgx.S (for the sake of convention).
Right.
> I have not authored this patch but what I would propose is to use just
> raw value in the place of these constants. It is practially just a
> boolean value.
>
> I can
On Thu, Sep 24, 2020 at 05:38:10PM -0700, Sean Christopherson wrote:
> > Why not simply
> >
> > arch/x86/entry/vdso/sgx.S
> >
> > ?
>
> I really like typing?
I'll say.
> Yes, to call out that there's a field there, but a field that the vDSO should
> never touch.
You wanna enforce that in the
On Thu, Sep 24, 2020 at 05:38:10PM -0700, Sean Christopherson wrote:
> On Thu, Sep 24, 2020 at 08:04:07PM +0200, Borislav Petkov wrote:
> > On Tue, Sep 15, 2020 at 02:28:39PM +0300, Jarkko Sakkinen wrote:
> > > diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > >
On Thu, Sep 24, 2020 at 08:04:07PM +0200, Borislav Petkov wrote:
> On Tue, Sep 15, 2020 at 02:28:39PM +0300, Jarkko Sakkinen wrote:
> > diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> > new file mode 100644
> > index
On Tue, Sep 15, 2020 at 02:28:39PM +0300, Jarkko Sakkinen wrote:
> diff --git a/arch/x86/entry/vdso/vsgx_enter_enclave.S
> b/arch/x86/entry/vdso/vsgx_enter_enclave.S
> new file mode 100644
> index ..adbd59d41517
> --- /dev/null
> +++ b/arch/x86/entry/vdso/vsgx_enter_enclave.S
Why not
From: Sean Christopherson
An SGX runtime must be aware of the exceptions, which happen inside an
enclave. Introduce a vDSO call that wraps EENTER/ERESUME cycle and returns
the CPU exception back to the caller exactly when it happens.
Kernel fixups the exception information to RDI, RSI and RDX.
From: Sean Christopherson
An SGX runtime must be aware of the exceptions, which happen inside an
enclave. Introduce a vDSO call that wraps EENTER/ERESUME cycle and returns
the CPU exception back to the caller exactly when it happens.
Kernel fixups the exception information to RDI, RSI and RDX.
39 matches
Mail list logo
