On 23/09/16 06:37, Borislav Petkov wrote:
On Thu, Sep 22, 2016 at 08:23:36PM +0200, Paolo Bonzini wrote:
Unless this is part of some spec, it's easier if things are the same in
SME and SEV.
Yeah, I was pondering over how sprinkling sev_active checks might not be
so clean.
I'm wondering if we
On Mon, 2017-11-13 at 21:45 +0200, Jarkko Sakkinen wrote:
> Signed-off-by: Jarkko Sakkinen
> ---
> Documentation/index.rst | 1 +
> Documentation/x86/intel_sgx.rst | 131
>
> 2 files changed, 132 insertions(+)
> create mode 100644 Documentation/
On Tue, 2017-11-14 at 21:47 +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 04:01:05PM +1300, Kai Huang wrote:
> > Not sure whether you should talk about MEE staff here. They are not
> > in
> > SDM and (thus) may potentially be changed in the future.
>
> The
On Tue, 2018-07-17 at 14:20 +0300, Kirill A. Shutemov wrote:
> mktme_nr_keyids holds number of KeyIDs available for MKTME, excluding
> KeyID zero which used by TME. MKTME KeyIDs start from 1.
>
> mktme_keyid_shift holds shift of KeyID within physical address.
>
> mktme_keyid_mask holds mask to ex
ve to do this even if we are not going to use KeyID bits
> ourself. VM guests still have to know that these bits are not usable
> for physical address.
>
> Signed-off-by: Kirill A. Shutemov
> Cc: Dave Hansen
> Cc: Kai Huang
> Cc: Linus Torvalds
> Cc: Peter
On Tue, 2018-03-13 at 15:49 +0300, Kirill A. Shutemov wrote:
> On Tue, Mar 13, 2018 at 03:12:02PM +1300, Kai Huang wrote:
> > It seems setup_pku() will call get_cpu_cap to restore c-
> > >x86_phys_bits
> > later? In which case I think you need to change setup_pku as well.
27;high' not described in 'sgx_calc_section_metric'
...
The function sgx_calc_section_metric() is a simple helper which is only
used in sgx/main.c. There's no need to use k-doc style comment for it.
Downgrade to normal comment to silence this warning.
Signed-off-by: Kai H
On Wed, 24 Mar 2021 11:09:20 +0100 Paolo Bonzini wrote:
> On 24/03/21 10:38, Kai Huang wrote:
> > Hi Sean, Boris, Paolo,
> >
> > Thanks for the discussion. I tried to digest all your conversations and
> > hopefully I have understood you correctly. I pasted the new pat
>
> > +/* Error message for EREMOVE failure, when kernel is about to leak EPC
> > page */
> > +#define EREMOVE_ERROR_MESSAGE \
> > + "EREMOVE returned %d (0x%x), kernel bug likely. EPC page leaked,
> > SGX may become
> > unusuable. Please refer to Documentation/x86/sgx.rst for more inf
On Thu, 25 Mar 2021 00:39:01 +0100 Paolo Bonzini wrote:
> On 25/03/21 00:23, Kai Huang wrote:
> > I changed to below (with slight modification on Paolo's):
> >
> > /* Error message for EREMOVE failure, when kernel is about to leak EPC page
> > */
&
or message when EREMOVE fails, and add
documentation to explain to user what is the bug and suggest user what
to do when this bug happens, although extremely unlikely.
Signed-off-by: Kai Huang
---
Documentation/x86/sgx.rst | 27 +++
arch/x86/kernel/cpu/sgx/en
> +
> +static int sgx_vepc_free_page(struct sgx_epc_page *epc_page)
> +{
> + int ret;
> +
> + /*
> + * Take a previously guest-owned EPC page and return it to the
> + * general EPC page pool.
> + *
> + * Guests can not be trusted to have left this page in a good
> +
On Thu, 25 Mar 2021 09:42:41 +0100 Borislav Petkov wrote:
> ... so you could send the final version of this patch as a reply to this
> thread, now that everyone agrees, so that I can continue going through
> the rest.
>
I have sent it by replying to this patch.
[PATCH v4 03/25] x86/sgx: Wipe out
254.711480] CR2: 0008
[ 254.735494] ---[ end trace 970dce6d4cdf7f64 ]---
[ 254.759915] RIP: 0010:sgx_alloc_epc_page+0x46/0x152
...
Fixes: 5b8719504e3a("x86/sgx: Add a basic NUMA allocation scheme to
sgx_alloc_epc_page()")
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/sgx/main.c |
: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/cpuid-deps.c | 1 +
arch/x86/kernel/cpu/feat_ctl.c | 12 +++-
2 files changed, 4 insertions(+), 9 deletions(-)
diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-deps.c
index 42af31b64c2c
kernel support
for SGX1 and SGX2.
Suppress both SGX1 and SGX2 from /proc/cpuinfo. SGX1 basically means
SGX, and for SGX2 there is no concrete use case of using it in
/proc/cpuinfo.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
arch/x86/include/asm
() with sgx_encl_free_epc_page() in all call
sites. No functional change is intended, except the new WARNING message
when EREMOVE fails.
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
v2->v3:
- Changed to replace all call sites of sgx_free_epc_page() with
sgx_encl_free_epc_page()
to handle recoverable EREMOVE errors when
saniziting EPC pages after they are freed.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/sgx/arch.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/
SGX virtualization.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
arch/x86/Kconfig | 12 ++
arch/x86/kernel/cpu/sgx/Makefile | 1 +
arch/x86/kernel/cpu/sgx/sgx.h| 9 ++
arch/x86/kernel/cpu/sgx/virt.c
componments. Also update MAINTAINERS to include asm/sgx.h.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
v1->v3:
- Added MAINTAINERS file update to include new asm/sgx.h
- Changed 'line' to 'comment' in the
SGX.
Acked-by: Dave Hansen
Reviewed-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/sgx/main.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 6a734f484aa7..b73114150ff8
: Dave Hansen
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
v2->v3:
- Fix nit: s/Faunch/Launch.
---
arch/x86/kernel/cpu/feat_ctl.c | 59 +-
1 file changed, 44 insertions(+), 15 deletions(-)
diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/
Add a helper to update SGX_LEPUBKEYHASHn MSRs. SGX virtualization also
needs to update those MSRs based on guest's "virtual" SGX_LEPUBKEYHASHn
before EINIT from guest.
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/s
From: Sean Christopherson
Move the ENCLS leaf definitions to sgx.h so that they can be used by
KVM.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/include/asm/sgx.h | 15 +++
arch/x86/kernel/cpu/sgx
: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/include/asm/sgx.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
index 34f44238d1d1..3b025afec0a7 100644
--- a/arch/x86/include/asm/sgx.h
+++ b/arch/x86/include/asm/sgx.h
@@ -40,6
driver is not enabled due to flexible launch control is not available,
SGX virtualization can still be enabled, and use it to restrict VM's
capability of being able to access provisioning key.
Signed-off-by: Sean Christopherson
Reviewed-by: Jarkko Sakkinen
Acked-by: Dave Hansen
Signed-off-by
From: Sean Christopherson
Add a helper to extract the fault indicator from an encoded ENCLS return
value. SGX virtualization will also need to detect ENCLS faults.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86
are subject to
segmentation and paging mechanisms. It's also possible to generate
kernel mappings for ENCLS parameters by resolving PFN but using
__uaccess_xx() is simpler.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
v2->v3:
- Updated to use addr,size directly for acces
s for
non-EPC pages in order to pass user pointers directly to ECREATE and
EINIT, which avoids having to copy pages worth of data into the kernel.
Signed-off-by: Sean Christopherson
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kvm/x86.c | 2 ++
1 file changed, 2 insertions(+)
Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/cpuid.h | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
index 8925a929186c..a175ff75bbbe 100644
--- a/arch/x86/kvm/cpuid.h
+++ b/arch/x86/kvm/cpuid.h
@@ -
_LOOP_EXITING only affects CPL0 and enclaves exist only at
CPL3, so we also don't need to worry about that interaction.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/include/asm/vmx.h | 1 +
arch/x86/include/uapi/asm/vmx.h | 1 +
arch/x86/kvm/vmx/neste
-execute scheme for
virtualizing SGX Launch Control, e.g. to inject SGX-induced #PFs if
EINIT faults in the host, and to support live migration.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/include/asm/kvm_host.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch
-off-by: Kai Huang
---
arch/x86/kvm/Makefile | 2 ++
arch/x86/kvm/vmx/sgx.c | 50 ++
arch/x86/kvm/vmx/sgx.h | 15 +
arch/x86/kvm/vmx/vmx.c | 9 +---
4 files changed, 73 insertions(+), 3 deletions(-)
create mode 100644 arch/x86/kvm/vmx/sgx.c
masks diverges from hardware
in order to enforce the desired CPUID model, i.e. inject #GP if the
guest attempts to set a bit that hasn't been enumerated as allowed-1 in
CPUID.
Note, access to the PROVISIONKEY is not yet supported.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Sig
stopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/cpuid.c | 32 +++-
arch/x86/kvm/cpuid.h | 39 ++-
2 files changed, 61 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 6bd2f8b830e4..a0
e writable, e.g. to allow firmware to lock down the LE
root key with a non-Intel value.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
arch/x86/kvm/vmx/sgx.c | 35 +++
arch/x86/kvm/vmx/sgx.h | 6 ++
arch/x86/kvm
execute, the ~1500 cycle overhead to trap-and-execute EINIT is
unlikely to be noticed by the guest, let alone impact its overall SGX
performance.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/vmx/sgx.c | 55 ++
1 file changed, 55
guest access to privileged attributes by
default.
Cc: Andy Lutomirski
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
Documentation/virt/kvm/api.rst | 23 +++
arch/x86/kvm/cpuid.c | 2 +-
arch/x86/kvm/x86.c | 21
on key, all SGX
attribute bits may be exposed to the guest. Guest access to the
provision key, which is controlled via securityfs, will be added in a
future patch.
Note, KVM does not yet support exposing ENCLS_C leafs or ENCLV leafs.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/
n traps ECREATE from
guest, and only allows ECREATE with provisioning key bit to run when guest
supports KVM_CAP_SGX_ATTRIBUTE.
Kai Huang (4):
x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit
x86/sgx: Wipe out EREMOVE from sgx_free_epc_page()
x86/sgx: Initialize virtual EPC driver even whe
On Fri, 19 Mar 2021 09:45:23 +0100 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 05:06:02PM +1300, Kai Huang wrote:
> > Below kernel bug happened when running simple SGX application when EPC
> > is under pressure. The root cause is with commit 5b8719504e3a
> > ("
On Fri, 19 Mar 2021 22:01:41 +1300 Kai Huang wrote:
> On Fri, 19 Mar 2021 09:45:23 +0100 Borislav Petkov wrote:
> > On Fri, Mar 19, 2021 at 05:06:02PM +1300, Kai Huang wrote:
> > > Below kernel bug happened when running simple SGX application when EPC
> > > is under p
On Mon, 22 Mar 2021 22:06:45 +0100 Borislav Petkov wrote:
> On Mon, Mar 22, 2021 at 12:37:02PM -0700, Sean Christopherson wrote:
> > Yes. Note, it's still true if you strike out the "too", KVM support is
> > completely
> > orthogonal to this code. The purpose of this patch is to separate out the
>
> Btw, I probably have seen this and forgotten again so pls remind me,
> is the amount of pages available for SGX use static and limited by,
> I believe BIOS, or can a leakage in EPC pages cause system memory
> shortage?
>
Yes EPC size is fixed and configured in BIOS. Leaking EPC pages may c
On Mon, 22 Mar 2021 23:37:26 +0100 Borislav Petkov wrote:
> On Tue, Mar 23, 2021 at 11:06:43AM +1300, Kai Huang wrote:
> > This path is called by host SGX driver only, so yes this leaking is done by
> > host enclaves only.
>
> Yes, so I was told.
>
> > This patch
anation of this
bug to the commit msg (per Paolo). I am terrible Documentation writer, so
please help to check and give comments. Thanks!
---
commit 1e297a535bcb4f51a08343c40207520017d85efe (HEAD)
Author: Kai Huang
Date: Wed Jan 20 03:40:53 2021 +0200
x86/sgx: Wipe out EREMOVE from sgx_free_epc_page()
On Fri, 26 Mar 2021 16:03:55 +0100 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> > From: Sean Christopherson
> >
> > Add a misc device /dev/sgx_vepc to allow userspace to allocate "raw" EPC
> > without an associated
On Wed, 31 Mar 2021 08:44:23 +0200 Boris Petkov wrote:
> On March 31, 2021 3:10:32 AM GMT+02:00, Kai Huang
> wrote:
>
> > The admin will be aware of
> >such EPC
> >allocation disjoint situation, and deploy host enclaves/KVM SGX guests
> >accordingly.
>
On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang wrote:
> >How about adding explanation to Documentation/x86/sgx.rst?
>
> Sure, and then we should point users at it. The thing is also indexed by
> search engines so hop
On Wed, 31 Mar 2021 21:53:45 +1300 Kai Huang wrote:
> On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> > On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang
> > wrote:
> > >How about adding explanation to Documentation/x86/sgx.rst?
> >
> > Sure, and t
>
> I just say add my ack to SGX specific patches where it is missing.
> Good enough.
>
> /Jarkko
Thank you Jarkko!
Hi Boris,
If there's no other comments, should I send another version adding Jarkko's
Acked-by
for the x86 SGX patches that don't have it (patch 2, 5, 6, 7, 8, 13 -- in which
p
On Mon, 22 Mar 2021 12:37:02 -0700 Sean Christopherson wrote:
> On Mon, Mar 22, 2021, Borislav Petkov wrote:
> > On Mon, Mar 22, 2021 at 11:56:37AM -0700, Sean Christopherson wrote:
> > > Not necessarily. This can only trigger in the host, and thus require a
> > > host
> > > reboot, if the host i
On Mon, 22 Mar 2021 20:11:57 +0100 Paolo Bonzini wrote:
> On 22/03/21 19:56, Sean Christopherson wrote:
> > EREMOVE can only fail if there's a kernel or hardware bug (or a VMM bug if
> > running as a guest). IME, nearly every kernel/KVM bug that I introduced
> > that
> > led to EREMOVE failure wa
On Mon, 15 Mar 2021 15:19:32 +0200 Jarkko Sakkinen wrote:
> On Mon, Mar 15, 2021 at 03:18:16PM +0200, Jarkko Sakkinen wrote:
> > On Mon, Mar 15, 2021 at 08:12:36PM +1300, Kai Huang wrote:
> > > On Sat, 13 Mar 2021 12:45:53 +0200 Jarkko Sakkinen wrote:
> > > > On F
On Mon, 15 Mar 2021 15:51:17 +0200 Jarkko Sakkinen wrote:
> On Mon, Mar 15, 2021 at 03:04:59PM +0200, Jarkko Sakkinen wrote:
> > On Mon, Mar 15, 2021 at 04:13:17PM +1300, Kai Huang wrote:
> > > On Sun, 14 Mar 2021 17:27:18 +0200 Jarkko Sakkinen wrote:
> > > > On S
On Tue, 16 Mar 2021 01:08:44 +0200 Jarkko Sakkinen wrote:
> On Tue, Mar 16, 2021 at 01:05:05AM +0200, Jarkko Sakkinen wrote:
> > On Tue, Mar 16, 2021 at 09:48:59AM +1300, Kai Huang wrote:
> > > On Mon, 15 Mar 2021 15:51:17 +0200 Jarkko Sakkinen wrote:
> > > > On M
On Tue, 16 Mar 2021 00:59:31 +0200 Jarkko Sakkinen wrote:
> On Tue, Mar 16, 2021 at 09:29:34AM +1300, Kai Huang wrote:
> > On Mon, 15 Mar 2021 15:19:32 +0200 Jarkko Sakkinen wrote:
> > > On Mon, Mar 15, 2021 at 03:18:16PM +0200, Jarkko Sakkinen wrote:
> > > > On M
> > diff --git a/arch/x86/kernel/cpu/sgx/sgx.h b/arch/x86/kernel/cpu/sgx/sgx.h
> > index 653af8ca1a25..6b21a165500e 100644
> > --- a/arch/x86/kernel/cpu/sgx/sgx.h
> > +++ b/arch/x86/kernel/cpu/sgx/sgx.h
> > @@ -13,6 +13,11 @@
> > #undef pr_fmt
> > #define pr_fmt(fmt) "sgx: " fmt
> >
> > +/* E
On Tue, 6 Apr 2021 09:40:38 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 09:44:21AM +1200, Kai Huang wrote:
> > The intention was to catch KVM bug, since KVM is the only caller, and in
> > current
> > implementation KVM won't call this function if @secs is
On Tue, 6 Apr 2021 10:28:00 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 09:46:34AM +1200, Kai Huang wrote:
> > Fine to me. Please let me know if you want me to resend patches. Thanks.
>
> Patch updated:
Looks fine. Thank you!
>
> ---
> From: Sean Christopher
On Tue, 6 Apr 2021 11:09:01 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 08:59:58PM +1200, Kai Huang wrote:
> > OK. My thinking was that, returning negative error value basically means
> > guest
> > will be killed.
>
> You need to define how you're go
On Tue, 6 Apr 2021 11:32:11 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 09:24:24PM +1200, Kai Huang wrote:
> > Such invalid input has already been handled in handle_encls_xx() before
> > calling
> > the two helpers in this patch. KVM returns to Qemu and let it d
On Tue, 6 Apr 2021 19:08:58 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 09:41:52PM +1200, Kai Huang wrote:
> > > Ok, I'll make the changes and you can redo the KVM rest ontop.
> > >
> >
> > Thank you!
>
> I.e., something like this:
Looks
n
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
v3->v4:
- Added documentation to explain virtual EPC, and suggest user what to do if
user wants to run both host SGX apps and KVM SGX guests, since EPC pages
assigned to guest is no
On Wed, 31 Mar 2021 21:53:45 +1300 Kai Huang wrote:
> On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> > On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang
> > wrote:
> > >How about adding explanation to Documentation/x86/sgx.rst?
> >
> > Sure, and t
On Thu, 1 Apr 2021 20:31:59 +0200 Borislav Petkov wrote:
> On Thu, Apr 01, 2021 at 01:20:39AM +1300, Kai Huang wrote:
> > Could you help to review whether below change is OK?
>
> I ended up applying this:
Thank you!
>
> ---
> From: Sean Christopherson
> Date: Fri,
On Fri, 2 Apr 2021 11:48:16 +0200 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:23:02PM +1300, Kai Huang wrote:
> > Modify sgx_init() to always try to initialize the virtual EPC driver,
> > even if the SGX driver is disabled. The SGX driver might be disabled
> > if SGX
On Fri, 2 Apr 2021 13:22:35 +0200 Borislav Petkov wrote:
> On Sat, Apr 03, 2021 at 12:08:10AM +1300, Kai Huang wrote:
> > Do you want me to send updated patch?
>
> No need. If I do, I'll ask kindly, otherwise you don't have to do
> anything.
>
I see. Thanks.
On Tue, 16 Mar 2021 14:46:05 +0200 Jarkko Sakkinen wrote:
> On Mon, Mar 15, 2021 at 06:13:53PM -0700, Sean Christopherson wrote:
> > On Tue, Mar 16, 2021, Jarkko Sakkinen wrote:
> > > On Tue, Mar 16, 2021 at 01:05:05AM +0200, Jarkko Sakkinen wrote:
> > > > The way I've understood it is that given t
On Fri, 2 Apr 2021 15:42:51 + Sean Christopherson wrote:
> On Fri, Apr 02, 2021, Borislav Petkov wrote:
> > On Fri, Mar 19, 2021 at 08:23:02PM +1300, Kai Huang wrote:
> > > Modify sgx_init() to always try to initialize the virtual EPC driver,
> > > even if the SGX d
On Mon, 5 Apr 2021 11:07:59 +0200 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:23:08PM +1300, Kai Huang wrote:
> > + /*
> > +* @secs is an untrusted, userspace-provided address. It comes from
> > +* KVM and is assumed to be a valid pointer whic
On Mon, 5 Apr 2021 11:01:51 +0200 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 35391e94bd22..007912f67a06 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kcon
with provisioning key bit to run when guest
supports KVM_CAP_SGX_ATTRIBUTE.
Jarkko Sakkinen (1):
x86/sgx: Wipe out EREMOVE from sgx_free_epc_page()
Kai Huang (3):
x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit
x86/sgx: Initialize virtual EPC driver even when SGX driver is
disabled
: Kai Huang
---
arch/x86/kernel/cpu/cpuid-deps.c | 1 +
arch/x86/kernel/cpu/feat_ctl.c | 12 +++-
2 files changed, 4 insertions(+), 9 deletions(-)
diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-deps.c
index 42af31b64c2c..d40f8e0a54ce 100644
--- a/arch/x86
kernel support
for SGX1 and SGX2.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
arch/x86/include/asm/cpufeatures.h | 2 ++
arch/x86/kernel/cpu/cpuid-deps.c | 2 ++
arch/x86/kernel/cpu/scattered.c| 2 ++
3 files changed, 6 insertions(+)
diff --git
-by: Jarkko Sakkinen
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
RFC v6->v1:
- Removed sgx_reset_epc_page() since with it, I found it is hard to find
a place to print the msg saying EPC page is leaked.
- Implemented original sgx_free_epc_page() as sgx_encl_free_epc_page(),
-by: Kai Huang
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/feat_ctl.c | 57 ++
1 file changed, 44 insertions(+), 13 deletions(-)
diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/cpu/feat_ctl.c
index 27533a6e04fa
SGX.
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/sgx/main.c | 10 +-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 44fe91a5bfb3..8c922e68274d 100644
--- a/arch/x86/kernel/cpu/sgx
componments.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
.../cpu/sgx/arch.h => include/asm/sgx.h} | 20 ++-
arch/x86/kernel/cpu/sgx/encl.c| 2 +-
arch/x86/kernel/cpu/sgx/sg
From: Sean Christopherson
Move the ENCLS leaf definitions to sgx.h so that they can be used by
KVM. And because they're architectural.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/include/asm/sgx.h
to handle recoverable EREMOVE errors when
saniziting EPC pages after they are freed.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/sgx/arch.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/
driver is not enabled due to flexible launch control is not available,
SGX virtualization can still be enabled, and use it to restrict VM's
capability of being able to access provisioning key.
Signed-off-by: Sean Christopherson
Reviewed-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arc
: Kai Huang
---
arch/x86/include/asm/sgx.h | 7 +++
arch/x86/kernel/cpu/sgx/virt.c | 95 ++
2 files changed, 102 insertions(+)
diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
index 0db1e47a90c5..d2e1f9a6dd4d 100644
--- a/arch/x86/include/asm
-execute scheme for
virtualizing SGX Launch Control, e.g. to inject SGX-induced #PFs if
EINIT faults in the host, and to support live migration.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/include/asm/kvm_host.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch
s for
non-EPC pages in order to pass user pointers directly to ECREATE and
EINIT, which avoids having to copy pages worth of data into the kernel.
Signed-off-by: Sean Christopherson
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kvm/x86.c | 2 ++
1 file changed, 2 insertions(+)
From: Sean Christopherson
Add a helper to extract the fault indicator from an encoded ENCLS return
value. SGX virtualization will also need to detect ENCLS faults.
Signed-off-by: Sean Christopherson
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86
_LOOP_EXITING only affects CPL0 and enclaves exist only at
CPL3, so we also don't need to worry about that interaction.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/include/asm/vmx.h | 1 +
arch/x86/include/uapi/asm/vmx.h | 1 +
arch/x86/kvm/vmx/neste
stopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/cpuid.c | 32 +++-
arch/x86/kvm/cpuid.h | 39 ++-
2 files changed, 61 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 6bd2f8b830e4..a0
-off-by: Kai Huang
---
arch/x86/kvm/Makefile | 2 ++
arch/x86/kvm/vmx/sgx.c | 50 ++
arch/x86/kvm/vmx/sgx.h | 15 +
arch/x86/kvm/vmx/vmx.c | 9 +---
4 files changed, 73 insertions(+), 3 deletions(-)
create mode 100644 arch/x86/kvm/vmx/sgx.c
Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/cpuid.h | 13 -
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
index 8925a929186c..a175ff75bbbe 100644
--- a/arch/x86/kvm/cpuid.h
+++ b/arch/x86/kvm/cpuid.h
@@ -
masks diverges from hardware
in order to enforce the desired CPUID model, i.e. inject #GP if the
guest attempts to set a bit that hasn't been enumerated as allowed-1 in
CPUID.
Note, access to the PROVISIONKEY is not yet supported.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Sig
guest access to privileged attributes by
default.
Cc: Andy Lutomirski
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
Documentation/virt/kvm/api.rst | 23 +++
arch/x86/kvm/cpuid.c | 2 +-
arch/x86/kvm/x86.c | 21
SGX virtualization.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Acked-by: Dave Hansen
Signed-off-by: Kai Huang
---
arch/x86/Kconfig | 12 ++
arch/x86/kernel/cpu/sgx/Makefile | 1 +
arch/x86/kernel/cpu/sgx/sgx.h| 9 ++
arch/x86/kernel/cpu/sgx/virt.c
Add a helper to update SGX_LEPUBKEYHASHn MSRs. SGX virtualization also
needs to update those MSRs based on guest's "virtual" SGX_LEPUBKEYHASHn
before EINIT from guest.
Acked-by: Dave Hansen
Acked-by: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/kernel/cpu/s
: Jarkko Sakkinen
Signed-off-by: Kai Huang
---
arch/x86/include/asm/sgx.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
index 48f0c42027c0..0db1e47a90c5 100644
--- a/arch/x86/include/asm/sgx.h
+++ b/arch/x86/include/asm/sgx.h
@@ -40,6
e writable, e.g. to allow firmware to lock down the LE
root key with a non-Intel value.
Signed-off-by: Sean Christopherson
Co-developed-by: Kai Huang
Signed-off-by: Kai Huang
---
arch/x86/kvm/vmx/sgx.c | 35 +++
arch/x86/kvm/vmx/sgx.h | 6 ++
arch/x86/kvm
execute, the ~1500 cycle overhead to trap-and-execute EINIT is
unlikely to be noticed by the guest, let alone impact its overall SGX
performance.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/x86/kvm/vmx/sgx.c | 55 ++
1 file changed, 55
on key, all SGX
attribute bits may be exposed to the guest. Guest access to the
provision key, which is controlled via securityfs, will be added in a
future patch.
Note, KVM does not yet support exposing ENCLS_C leafs or ENCLV leafs.
Signed-off-by: Sean Christopherson
Signed-off-by: Kai Huang
---
arch/
On Mon, 2021-03-01 at 11:00 +0100, Borislav Petkov wrote:
> On Mon, Mar 01, 2021 at 10:44:29PM +1300, Kai Huang wrote:
> > From: Sean Christopherson
> >
> > Add SGX1 and SGX2 feature flags, via CPUID.0x12.0x0.EAX, as scattered
> > features, since adding a new leaf
On Mon, 2021-03-01 at 11:30 +0100, Borislav Petkov wrote:
> On Mon, Mar 01, 2021 at 11:19:15PM +1300, Kai Huang wrote:
> > "sgx2" is useful because it adds additional functionality.
>
> Useful for what?
SGX2 means "Enclave Dynamic Memory Management", which s
1 - 100 of 197 matches
Mail list logo
