Re: [PATCH v3 1/3] kprobes: Add text_alloc() and text_free()

On Thu, Jul 16, 2020 at 11:02:53AM +0200, Peter Zijlstra wrote: > On Wed, Jul 15, 2020 at 01:32:27AM +0300, Jarkko Sakkinen wrote: > > +void *text_alloc(unsigned long size) > > +{ > > + void *p; > > + > > + if (PAGE_ALIGN(size) > MODULES_LEN) > >

Re: [PATCH v3 1/3] kprobes: Add text_alloc() and text_free()

On Wed, Jul 15, 2020 at 12:36:02PM -0700, Kees Cook wrote: > On Wed, Jul 15, 2020 at 01:32:27AM +0300, Jarkko Sakkinen wrote: > > Introduce new API for allocating space for code generaed at run-time > > leveraging from module_alloc() and module_memfree() code. Use this to >

Re: [PATCH] keys: asymmetric: fix error return code in software_key_query()

On Thu, Jul 23, 2020 at 04:32:38AM +0300, Jarkko Sakkinen wrote: > On Wed, Jul 15, 2020 at 11:28:38PM +0100, David Howells wrote: > > From: Wei Yongjun > > > > Fix to return negative error code -ENOMEM from kmalloc() error handling > > case instead of 0, as done

Re: [PATCH] keys: asymmetric: fix error return code in software_key_query()

On Wed, Jul 15, 2020 at 11:28:38PM +0100, David Howells wrote: > From: Wei Yongjun > > Fix to return negative error code -ENOMEM from kmalloc() error handling > case instead of 0, as done elsewhere in this function. > > Fixes: f1774cb8956a ("X.509: parse public key parameters from x509 for > ak

[PATCH v4 7/7] kprobes: Flag out CONFIG_MODULES dependent code

Remove CONFIG_MODULES dependency by flagging out the dependent code. This allows to use kprobes in a kernel without support for loadable modules, which could be useful for a test kernel or perhaps an embedded kernel. Cc: Andi Kleen Cc: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- arch

[PATCH v4 6/7] kprobes: Use text_alloc() and text_free()

dule_alloc() and module_memfree(). Cc: Andi Kleen Cc: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- kernel/kprobes.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index 4e46d96d4e16..f73cf71ef47d 100644 --- a/kernel/kprobes.c ++

[PATCH v4 3/7] vmalloc: Add text_alloc() and text_free()

Suggested-by: Peter Zijlstra Signed-off-by: Jarkko Sakkinen --- include/linux/vmalloc.h | 23 +++ 1 file changed, 23 insertions(+) diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h index 0221f852a7e1..e981436e30b6 100644 --- a/include/linux/vmalloc.h +++ b

[PATCH v4 5/7] arch/x86: kprobes: Use text_alloc() in alloc_insn_page()

Use text_alloc() as part of the arch specific implementation for alloc_insn_page(). Cc: Andi Kleen Cc: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen Im --- arch/x86/kernel/kprobes/core.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/arch/x86/kernel/kprobes/core.c

[PATCH v4 2/7] kprobes: Use lock_modules() and unlock_modules()

Use lock_modules() and unlock_modules() in order to remove compile time dependency to the module subsystem. Cc: Andi Kleen Cc: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- kernel/kprobes.c| 4 ++-- kernel/trace/trace_kprobe.c | 4 ++-- 2 files changed, 4 insertions(+), 4

[PATCH v4 0/7] arch/x86: kprobes: Remove MODULES dependency

pend "root=/dev/sda rw console=ttyS0,115200 acpi=off nokaslr" \ -serial stdio -display none v3: * Make text_alloc() API disjoint. * Remove all the possible extra clutter not absolutely required and split into more logical pieces. Jarkko Sakkinen (7): module: Add lock_modules() and unlock_mod

[PATCH v4 4/7] arch/x86: Implement text_alloc() and text_free()

Implement text_alloc() and text_free() with vmalloc() and vfree(), thus dropping the dependency to the module subsystem. Cc: Masami Hiramatsu Cc: Andi Kleen Suggested-by: Peter Zijlstra Signed-off-by: Jarkko Sakkinen --- arch/x86/Kconfig | 3 +++ arch/x86/kernel/Makefile

[PATCH v4 1/7] module: Add lock_modules() and unlock_modules()

Add wrapper functions for acquiring module_mutex so that the locking can be implicitly compiled out when CONFIG_MODULES is not enabled. Cc: Andi Kleen Suggested-by: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- include/linux/module.h | 18 ++ 1 file changed, 18

Re: [PATCH v3 2/3] module: Add lock_modules() and unlock_modules()

On Wed, Jul 15, 2020 at 05:39:39PM +0900, Masami Hiramatsu wrote: > On Wed, 15 Jul 2020 01:32:28 +0300 > Jarkko Sakkinen wrote: > > > Add wrappers to take the modules "big lock" in order to encapsulate > > conditional compilation (CONFIG_MODULES) inside the w

Re: [PATCH v3 3/3] kprobes: Flag out CONFIG_MODULES dependent code

On Wed, Jul 15, 2020 at 05:35:24PM +0900, Masami Hiramatsu wrote: > Hi Jarkko, > > On Wed, 15 Jul 2020 01:32:29 +0300 > Jarkko Sakkinen wrote: > > > Remove CONFIG_MODULES dependency by flagging out the dependent code. This > > allows to use kprobes in a kernel w

Re: [PATCH v3 1/3] kprobes: Add text_alloc() and text_free()

On Wed, Jul 15, 2020 at 05:27:32PM +0900, Masami Hiramatsu wrote: > Hi Jarkko, > > On Wed, 15 Jul 2020 01:32:27 +0300 > Jarkko Sakkinen wrote: > > > Introduce new API for allocating space for code generaed at run-time > > leveraging from module_alloc() and module_

Re: [PATCH v2] tpm: Require that all digests are present in TCG_PCR_EVENT2 structures

On Wed, Jul 15, 2020 at 10:50:53AM -0500, Tyler Hicks wrote: > On 2020-07-13 23:57:19, Jarkko Sakkinen wrote: > > On Fri, Jul 10, 2020 at 02:29:55PM -0500, Tyler Hicks wrote: > > > Require that the TCG_PCR_EVENT2.digests.count value strictly matches

Re: [PATCH] tpm: avoid accessing cleared ops during shutdown

On Tue, Jul 14, 2020 at 08:48:38AM -0700, Guenter Roeck wrote: > On Tue, Jul 14, 2020 at 4:32 AM Jarkko Sakkinen > wrote: > > > > On Fri, Jul 10, 2020 at 11:25:44AM -0700, Andrey Pronin wrote: > > > > Why does not tpm_del_char_device need this? > > > >

Re: [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table

On Tue, Jul 14, 2020 at 08:09:03AM -0400, Stefan Berger wrote: > On 7/14/20 7:20 AM, Jarkko Sakkinen wrote: > > On Wed, Jul 08, 2020 at 10:17:17AM -0400, Stefan Berger wrote: > > > > ❯ swtpm-mvo.swtpm socket --tpmstate dir=/tmp/mytpm1 \ > > > > --ctrl type=u

[PATCH v36 22/24] selftests/x86: Add a selftest for SGX

Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations. Cc: linux-kselft...@vger.kernel.org Signed-off-by: Jarkko Sakkinen --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/sgx/.gitignore

[PATCH v36 11/24] x86/sgx: Add SGX enclave driver

: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/Makefile | 2 + arch/x86/kernel/cpu/sgx/driver.c | 177 arch/x86/kernel/cpu/sgx/driver.h | 29 +++ arch/x86/kernel/cpu/sgx/encl.c | 333 +++ arch/x86/kernel/cpu/sgx/encl.h

[PATCH v36 16/24] x86/sgx: Add a page reclaimer

Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/driver.c | 1 + arch/x86/kernel/cpu/sgx/encl.c | 340 +- arch/x86/kernel/cpu/sgx/encl.h | 41 +++ arch/x86/kernel/cpu/sgx/ioctl.c | 77 - arch/x86/kernel/cpu

[PATCH v36 23/24] docs: x86/sgx: Document SGX micro architecture and kernel internals

Document the Intel SGX kernel architecture. The fine-grained micro architecture details can be looked up from Intel SDM Volume 3D. Cc: linux-...@vger.kernel.org Acked-by: Randy Dunlap Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen

[PATCH v36 24/24] x86/sgx: Update MAINTAINERS

Add the maintainer information for the SGX subsystem. Cc: Thomas Gleixner Cc: Borislav Petkov Signed-off-by: Jarkko Sakkinen --- MAINTAINERS | 11 +++ 1 file changed, 11 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index b4a43a9e7fbc..a9e77b6e4171 100644 --- a/MAINTAINERS

[PATCH v36 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

: Jethro Beekman Signed-off-by: Sean Christopherson Co-developed-by: Cedric Xing Signed-off-by: Cedric Xing Signed-off-by: Jarkko Sakkinen --- arch/x86/entry/vdso/Makefile | 2 + arch/x86/entry/vdso/vdso.lds.S | 1 + arch/x86/entry/vdso/vsgx_enter_enclave.S | 131

[PATCH v36 00/24] Intel SGX foundations

implementations when sgx in not enabled. * Removed cruft rdmsr-calls from sgx_set_pubkeyhash_msrs(). * return -ENOMEM in sgx_alloc_page() when VA pages consume too much space * removed unused global sgx_nr_pids * moved sgx_encl_release to sgx_encl.c * return -ERESTARTSYS instead of -EINTR in sgx_en

[PATCH v36 19/24] x86/fault: Add helper function to sanitize error code

Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/mm/fault.c | 24 +--- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 1db6fbd7af8e..8ba78384ea73 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c

[PATCH v36 20/24] x86/traps: Attempt to fixup exceptions in vDSO before signaling

the fixup vs. signal logic can be made function specific if/when necessary. Suggested-by: Andy Lutomirski Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/traps.c | 19 --- arch/x86/mm/fault.c | 8 +++

[PATCH v36 18/24] x86/vdso: Add support for exception fixup in vDSO functions

macro. Duplicating four lines of code is simpler than adding the necessary infrastructure to generate pre-compiled assembly and the intended benefit of massaging GCC's inlining algorithm is unlikely to realized in the vDSO any time soon, if ever. Suggested-by: Andy Lutomirski Acked-by: Je

[PATCH v36 17/24] x86/sgx: ptrace() support for the SGX driver

Add VMA callbacks for ptrace() that can be used with debug enclaves. With debug enclaves data can be read and write the memory word at a time by using ENCLS(EDBGRD) and ENCLS(EDBGWR) leaf instructions. Acked-by: Jethro Beekman Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/encl.c

[PATCH v36 13/24] x86/sgx: Add SGX_IOC_ENCLAVE_ADD_PAGES

Beekman Tested-by: Haitao Huang Tested-by: Chunyang Hui Tested-by: Jordan Hand Tested-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko

[PATCH v36 15/24] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation

A new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE is used to assign this token to an enclave. Cc: linux-security-mod...@vger.kernel.org Acked-by: Jethro Beekman Suggested-by: Andy Lutomirski Signed-off-by: Jarkko Sakkinen --- arch/x86/include/uapi/asm/sgx.h | 11 arch/x86/kernel/cp

[PATCH v36 14/24] x86/sgx: Add SGX_IOC_ENCLAVE_INIT

-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- arch/x86/include/uapi/asm/sgx.h | 11 ++ arch/x86/kernel/cpu/sgx/ioctl.c | 188

[PATCH v36 12/24] x86/sgx: Add SGX_IOC_ENCLAVE_CREATE

Tested-by: Jordan Hand Tested-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- .../userspace-api/ioctl/ioctl-number.rst

[PATCH v36 10/24] mm: Add vm_ops->mprotect()

d. Cc: linux...@kvack.org Cc: Andrew Morton Cc: Matthew Wilcox Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- include/linux/mm.h | 3 +++ mm/mprotect.c | 5 - 2 files changed, 7 insertions(+), 1 deletion(-)

[PATCH v36 09/24] x86/sgx: Add __sgx_alloc_epc_page() and sgx_free_epc_page()

state (i.e. not required from caller part). Acked-by: Jethro Beekman Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/main.c | 62 ++ arch/x86/kernel/cpu/sgx/sgx.h | 3 ++ 2

[PATCH v36 08/24] x86/sgx: Initialize metadata for Enclave Page Cache (EPC) sections

Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/Kconfig | 17 +++ arch/x86/kernel/cpu/Makefile | 1 + arch/x86/kernel/cpu/sgx/Makefile | 2 + arch/x86/kernel/cpu/sgx/main.c | 216 +++ arch/x86/kernel/cpu/sgx/sgx.h| 52 5 files

[PATCH v36 05/24] x86/sgx: Add wrappers for ENCLS leaf functions

. ENCLS leaf functions are documented in Intel SDM: 36.6 ENCLAVE INSTRUCTIONS AND INTEL® Acked-by: Jethro Beekman Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/encls.h | 238

[PATCH v36 07/24] x86/cpu/intel: Add nosgx kernel parameter

Add kernel parameter to disable Intel SGX kernel support. Tested-by: Sean Christopherson Reviewed-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- Documentation/admin-guide/kernel-parameters.txt | 2 ++ arch/x86/kernel/cpu/feat_ctl.c | 9 + 2 files changed

[PATCH v36 04/24] x86/sgx: Add SGX microarchitectural data structures

Beekman Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/arch.h | 343 + 1 file changed, 343 insertions(+) create mode 100644 arch/x86/kernel/cpu/sgx/arch.h diff --git a/arch/x86/kernel/cpu/sgx/arch.h b/arch/x86/kernel/cpu/sgx/arch.h new file mode 100644

[PATCH v36 06/24] x86/cpu/intel: Detect SGX support

ns the SGX subsystem doesn't need to manually do support checks on a per-CPU basis. Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/feat_ctl.c | 32 +++- 1 f

[PATCH v36 03/24] x86/mm: x86/sgx: Signal SIGSEGV with PF_SGX

Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/include/asm/traps.h | 14 -- arch/x86/mm/fault.c | 13 + 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/traps.h b/arch/x86/include/asm/traps.h index 714b1a30e7b0..4446f95ad997

[PATCH v36 02/24] x86/cpufeatures: x86/msr: Add Intel SGX Launch Control hardware bits

decisions from the kernel. [1] Intel SDM: 38.1.4 Intel SGX Launch Control Configuration Reviewed-by: Borislav Petkov Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/include/asm/cpufeatures.h | 1 + arch

[PATCH v36 01/24] x86/cpufeatures: x86/msr: Add Intel SGX hardware bits

Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/include/asm/cpufeature.h| 5 +++-- arch/x86/include/asm/cpufeatures.h | 7 ++- arch/x86/include/asm/disabled-features.h | 18 +++--- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/required

[PATCH v3 1/3] kprobes: Add text_alloc() and text_free()

and define a new config flag CONFIG_ARCH_HAS_TEXT_ALLOC to promote the availability of the new API. Cc: Andi Kleen Suggested-by: Peter Zijlstra Signed-off-by: Jarkko Sakkinen --- arch/Kconfig | 2 +- arch/x86/Kconfig | 3 ++ arch/x86/kernel/Makefile | 1 + arch/x86/kernel

[PATCH v3 3/3] kprobes: Flag out CONFIG_MODULES dependent code

Remove CONFIG_MODULES dependency by flagging out the dependent code. This allows to use kprobes in a kernel without support for loadable modules, which could be useful for a test kernel or perhaps an embedded kernel. Cc: Andi Kleen Signed-off-by: Jarkko Sakkinen --- include/linux/module.h

[PATCH v3 2/3] module: Add lock_modules() and unlock_modules()

Add wrappers to take the modules "big lock" in order to encapsulate conditional compilation (CONFIG_MODULES) inside the wrapper. Cc: Andi Kleen Suggested-by: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- include/linux/module.h | 15 ++ kernel/kprobes.c

[PATCH v3 0/3] kprobes: Remove MODULES dependency

more developer friendly. Jarkko Sakkinen (3): kprobes: Add text_alloc() and text_free() module: Add lock_modules() and unlock_modules() kprobes: Flag out CONFIG_MODULES dependent code arch/Kconfig| 2 +- arch/x86/Kconfig| 3 ++ arch/x86/kernel/Makefile| 1 + arc

Re: [PATCH v35 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

On Tue, Jul 14, 2020 at 12:07:54PM +0200, Jethro Beekman wrote: > On 2020-07-14 11:56, Jarkko Sakkinen wrote: > > On Tue, Jul 14, 2020 at 09:30:03AM +0200, Jethro Beekman wrote: > >> On 2020-07-07 05:37, Jarkko Sakkinen wrote: > >>> From: Sean Christopherson >

Re: [PATCH] tpm: avoid accessing cleared ops during shutdown

On Fri, Jul 10, 2020 at 11:25:44AM -0700, Andrey Pronin wrote: > > Why does not tpm_del_char_device need this? > > "Not" is a typo in the sentence above, right? tpm_del_char_device *does* > need the fix. When tpm_class_shutdown is called it sets chip->ops to > NULL. If tpm_del_char_device is calle

Re: [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table

On Wed, Jul 08, 2020 at 10:17:17AM -0400, Stefan Berger wrote: > > ❯ swtpm-mvo.swtpm socket --tpmstate dir=/tmp/mytpm1 \ > >--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \ > >--log level=20 > > swtpm: Could not open UnixIO socket: No such file or directory > > > Did you create the direct

Re: [PATCH v35 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

On Tue, Jul 14, 2020 at 09:30:03AM +0200, Jethro Beekman wrote: > On 2020-07-07 05:37, Jarkko Sakkinen wrote: > > From: Sean Christopherson > > > > An SGX runtime must be aware of the exceptions, which happen inside an > > enclave. Introduce a vDSO call that wra

[PATCH v2 2/3] module: Add lock_modules() and unlock_modules()

Add wrappers to take the modules "big lock" in order to encapsulate conditional compilation (CONFIG_MODULES) inside the wrapper. Cc: Andi Kleen Suggested-by: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- include/linux/module.h | 15 ++ kernel/kprobes.c

[PATCH v2 3/3] kprobes: Flag out CONFIG_MODULES dependent code

Remove CONFIG_MODULES dependency by flagging out the dependent code. This allows to use kprobes in a kernel without support for loadable modules, which could be useful for a test kernel or perhaps an embedded kernel. Cc: Andi Kleen Signed-off-by: Jarkko Sakkinen --- arch/Kconfig

Re: [PATCH v2] tpm: Require that all digests are present in TCG_PCR_EVENT2 structures

* immediately following a valid event log. The caller expects this > + * function to recognize that the byte sequence is not a valid event > + * and to return an event size of 0. > + */ > if (memcmp(efispecid->signature, TCG_SPECID_SIG, > -sizeof(TCG_SPECID_SIG)) || count > efispecid->num_algs) { > +sizeof(TCG_SPECID_SIG)) || > + !efispecid->num_algs || count != efispecid->num_algs) { > size = 0; > goto out; > } > -- > 2.25.1 > Reviewed-by: Jarkko Sakkinen /Jarkko

[PATCH 2/3] module: Add lock_modules() and unlock_modules()

Add wrappers to take the modules "big lock" in order to encapsulate conditional compilation (CONFIG_MODULES) inside the wrapper. Cc: Andi Kleen Suggested-by: Masami Hiramatsu Signed-off-by: Jarkko Sakkinen --- include/linux/module.h | 15 ++ kernel/kprobes.c

[PATCH 3/3] kprobes: Flag out CONFIG_MODULES dependent code

Remove CONFIG_MODULES dependency by flagging out the dependent code. This allows to use kprobes in a kernel without support for loadable modules, which could be useful for a test kernel or perhaps an embedded kernel. Cc: Andi Kleen Signed-off-by: Jarkko Sakkinen --- arch/Kconfig

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 08:51:56AM -0700, Kees Cook wrote: > On Fri, Jul 10, 2020 at 07:32:57PM +0900, Masami Hiramatsu wrote: > > On Fri, 10 Jul 2020 02:45:19 +0300 > > Jarkko Sakkinen wrote: > > > +#ifdef CONFIG_MODULES > > > /* Lock modules while optimiz

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 09:22:43AM -0400, Steven Rostedt wrote: > On Fri, 10 Jul 2020 22:18:02 +0900 > Masami Hiramatsu wrote: > > > > > Agreed. As far as I know, ftrace and bpf also depends on module_alloc(), > > so text_alloc() will help them too. > > > > Yes please. > > arch/x86/kernel/ftr

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 03:04:29PM +0200, Christoph Hellwig wrote: > On Fri, Jul 10, 2020 at 01:32:38PM +0200, Peter Zijlstra wrote: > > On Fri, Jul 10, 2020 at 07:32:57PM +0900, Masami Hiramatsu wrote: > > > > - page = module_alloc(PAGE_SIZE); > > > > + page = vmalloc(PAGE_SIZE); > > >

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 01:32:38PM +0200, Peter Zijlstra wrote: > On Fri, Jul 10, 2020 at 07:32:57PM +0900, Masami Hiramatsu wrote: > > > - page = module_alloc(PAGE_SIZE); > > > + page = vmalloc(PAGE_SIZE); > > > > No, you can not use vmalloc here. The reason why we use module_alloc() > > is to al

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 07:32:57PM +0900, Masami Hiramatsu wrote: > Hi Jarkko, > > On Fri, 10 Jul 2020 02:45:19 +0300 > Jarkko Sakkinen wrote: > > > Remove MODULES dependency and migrate from module_alloc to vmalloc(). > > According to Andi, the history with this

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 12:49:10PM +0200, Peter Zijlstra wrote: > On Fri, Jul 10, 2020 at 01:36:38PM +0300, Jarkko Sakkinen wrote: > > Just so that I know (and learn), what did exactly disable optprobes? > > So regular, old-skool style kprobe is: > > - copy ori

Re: [PATCH] tpm: avoid accessing cleared ops during shutdown

On Thu, Jul 09, 2020 at 05:22:09PM -0700, Andrey Pronin wrote: > This patch prevents NULL dereferencing when using chip->ops while > sending TPM2_Shutdown command if both tpm_class_shutdown handler and > tpm_del_char_device are called during system shutdown. > > Both these handlers set chip->ops t

Re: [PATCH] tpm: Require that all digests are present in TCG_PCR_EVENT2 structures

On Thu, Jul 09, 2020 at 05:58:23PM -0500, Tyler Hicks wrote: > On 2020-07-03 02:57:18, Jarkko Sakkinen wrote: > > On Tue, Jun 30, 2020 at 01:33:21PM -0500, Tyler Hicks wrote: > > > Jarkko, is this an ack from you? > > > > > > Is there anything I can do to he

Re: [GIT PULL] optee bus for v5.9

On Fri, Jul 10, 2020 at 10:52:30AM +0200, Jens Wiklander wrote: > Hello arm-soc maintainers, > > Please pull these patches enabling multi-stage OP-TEE bus enumeration > and also adds a TPM driver for a OP-TEE based fTPM Trusted Application. > > The TPM driver depends on and takes advantage of the

Re: [PATCH RFC] kprobes: Remove MODULES dependency

On Fri, Jul 10, 2020 at 11:03:44AM +0200, Peter Zijlstra wrote: > On Fri, Jul 10, 2020 at 02:45:19AM +0300, Jarkko Sakkinen wrote: > > Remove MODULES dependency and migrate from module_alloc to vmalloc(). > > According to Andi, the history with this dependency is that kprobes

[PATCH RFC] kprobes: Remove MODULES dependency

plied, it is somewhat easier to create custom test kernel's with a proper debugging capabilities, thus making Linux more developer friendly. Cc: Andi Kleen Signed-off-by: Jarkko Sakkinen --- arch/Kconfig | 1 - arch/x86/kernel/kprobes/core.c | 5 +++-- kernel

Re: [PATCH v3 0/2] synquacer: add TPM support

On Thu, Jul 09, 2020 at 08:46:35AM +0900, Masahisa Kojima wrote: > Hi Jarkko, > > > Hi Jakko, > I apologize for mis-spelling of your name. > Same mistake also appears in my another reply to "[PATCH v3 1/2] tpm: > tis: add support for MMIO TPM on SynQuacer" No worries :-) /Jarkko

Re: [PATCH v3 0/2] synquacer: add TPM support

On Thu, Jul 09, 2020 at 08:34:27AM +0900, Masahisa Kojima wrote: > Hi Jakko, > > > Overally the code looks great. You've run it through checkpatch.pl? > > Yes, I have run checkpatch.pl and removed errors. OK, cool. /Jarkko

Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect()

On Wed, Jul 08, 2020 at 07:10:27PM +0300, Jarkko Sakkinen wrote: > On Wed, Jul 08, 2020 at 03:37:08PM +0100, Matthew Wilcox wrote: > > On Wed, Jul 08, 2020 at 05:33:20PM +0300, Jarkko Sakkinen wrote: > > > I get the point but I don't think that your proposal could work gi

Re: [PATCH v3 1/2] tpm: tis: add support for MMIO TPM on SynQuacer

On Wed, Jul 08, 2020 at 10:14:23PM +0900, Masahisa Kojima wrote: > When fitted, the SynQuacer platform exposes its SPI TPM via a MMIO > window that is backed by the SPI command sequencer in the SPI bus > controller. This arrangement has the limitation that only byte size > accesses are supported, a

Re: [PATCH v3 0/2] synquacer: add TPM support

On Wed, Jul 08, 2020 at 10:14:22PM +0900, Masahisa Kojima wrote: > This adds support for driving the TPM on Socionext SynQuacer platform > using the driver for a memory mapped TIS frame. > > v3: > - prepare new module to handle TPM MMIO access on SynQuacer platform > > v2: > - don't use read/writ

Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect()

On Wed, Jul 08, 2020 at 03:37:08PM +0100, Matthew Wilcox wrote: > On Wed, Jul 08, 2020 at 05:33:20PM +0300, Jarkko Sakkinen wrote: > > I get the point but I don't think that your proposal could work given > > that mprotect-callback takes neither 'prev' nor 'n

Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect()

On Tue, Jul 07, 2020 at 05:10:46AM +0100, Matthew Wilcox wrote: > On Tue, Jul 07, 2020 at 07:01:51AM +0300, Jarkko Sakkinen wrote: > > On Tue, Jul 07, 2020 at 04:24:08AM +0100, Matthew Wilcox wrote: > > > On Mon, Jul 06, 2020 at 08:22:54PM -0700, Sean Christopherson wrote: >

Re: [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table

On Tue, Jul 07, 2020 at 12:09:11AM -0400, Stefan Berger wrote: > On 7/7/20 12:03 AM, Jarkko Sakkinen wrote: > > On Mon, Jul 06, 2020 at 11:08:12PM -0400, Stefan Berger wrote: > > > On 7/6/20 10:24 PM, Jarkko Sakkinen wrote: > > > > On Mon, Jul 06, 2020 at 07:55:2

Re: [PATCH] Revert commit e918e570415c ("tpm_tis: Remove the HID IFX0102")

On Tue, Jul 07, 2020 at 11:41:40AM +0200, Greg Kroah-Hartman wrote: > On Mon, Jul 06, 2020 at 11:53:42PM +0300, Jarkko Sakkinen wrote: > > Removing IFX0102 from tpm_tis was not a right move because both tpm_tis > > and tpm_infineon use the same device ID. Revert the commit and a

Re: [PATCH v34 11/24] x86/sgx: Add SGX enclave driver

On Tue, Jul 07, 2020 at 04:36:17AM +0100, Matthew Wilcox wrote: > On Tue, Jul 07, 2020 at 06:01:51AM +0300, Jarkko Sakkinen wrote: > > Intel Software Guard eXtensions (SGX) is a set of CPU instructions that > > can be used by applications to set aside private regions of code and >

Re: [PATCH v34 12/24] x86/sgx: Add SGX_IOC_ENCLAVE_CREATE

On Mon, Jul 06, 2020 at 08:29:15PM -0700, Sean Christopherson wrote: > On Tue, Jul 07, 2020 at 06:01:52AM +0300, Jarkko Sakkinen wrote: > > +long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg) > > +{ > > + struct sgx_encl *encl = filep->priva

Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect()

On Tue, Jul 07, 2020 at 04:14:24AM +0100, Matthew Wilcox wrote: > On Tue, Jul 07, 2020 at 06:01:50AM +0300, Jarkko Sakkinen wrote: > > +++ b/mm/mprotect.c > > @@ -603,13 +603,20 @@ static int do_mprotect_pkey(unsigned long start, > > size_t len, > >

Re: [PATCH v9 2/2] tpm: Add support for event log pointer found in TPM2 ACPI table

On Mon, Jul 06, 2020 at 11:08:12PM -0400, Stefan Berger wrote: > On 7/6/20 10:24 PM, Jarkko Sakkinen wrote: > > On Mon, Jul 06, 2020 at 07:55:26PM -0400, Stefan Berger wrote: > > > On 7/6/20 7:09 PM, Jarkko Sakkinen wrote: > > > > On Mon, Jul 06, 2020 at 02:19:5

Re: [PATCH v34 10/24] mm: Add vm_ops->mprotect()

On Tue, Jul 07, 2020 at 04:24:08AM +0100, Matthew Wilcox wrote: > On Mon, Jul 06, 2020 at 08:22:54PM -0700, Sean Christopherson wrote: > > On Tue, Jul 07, 2020 at 04:14:24AM +0100, Matthew Wilcox wrote: > > > > + if (vma->vm_ops && vma->vm_ops->mprotect) { > > > > +

[PATCH v35 22/24] selftests/x86: Add a selftest for SGX

Add a selftest for SGX. It is a trivial test where a simple enclave copies one 64-bit word of memory between two memory locations. Cc: linux-kselft...@vger.kernel.org Signed-off-by: Jarkko Sakkinen --- tools/testing/selftests/Makefile | 1 + tools/testing/selftests/sgx/.gitignore

[PATCH v35 24/24] x86/sgx: Update MAINTAINERS

Add the maintainer information for the SGX subsystem. Cc: Thomas Gleixner Cc: Borislav Petkov Signed-off-by: Jarkko Sakkinen --- MAINTAINERS | 11 +++ 1 file changed, 11 insertions(+) diff --git a/MAINTAINERS b/MAINTAINERS index 1d4aa7f942de..9b5268aa26db 100644 --- a/MAINTAINERS

[PATCH v35 23/24] docs: x86/sgx: Document SGX micro architecture and kernel internals

Document the Intel SGX kernel architecture. The fine-grained micro architecture details can be looked up from Intel SDM Volume 3D. Cc: linux-...@vger.kernel.org Acked-by: Randy Dunlap Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen

[PATCH v35 18/24] x86/vdso: Add support for exception fixup in vDSO functions

macro. Duplicating four lines of code is simpler than adding the necessary infrastructure to generate pre-compiled assembly and the intended benefit of massaging GCC's inlining algorithm is unlikely to realized in the vDSO any time soon, if ever. Suggested-by: Andy Lutomirski Acked-by: Je

[PATCH v35 20/24] x86/traps: Attempt to fixup exceptions in vDSO before signaling

the fixup vs. signal logic can be made function specific if/when necessary. Suggested-by: Andy Lutomirski Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/traps.c | 19 --- arch/x86/mm/fault.c | 8 +++

[PATCH v35 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

: Jethro Beekman Signed-off-by: Sean Christopherson Co-developed-by: Cedric Xing Signed-off-by: Cedric Xing Signed-off-by: Jarkko Sakkinen --- arch/x86/entry/vdso/Makefile | 2 + arch/x86/entry/vdso/vdso.lds.S | 1 + arch/x86/entry/vdso/vsgx_enter_enclave.S | 131

[PATCH v35 17/24] x86/sgx: ptrace() support for the SGX driver

Add VMA callbacks for ptrace() that can be used with debug enclaves. With debug enclaves data can be read and write the memory word at a time by using ENCLS(EDBGRD) and ENCLS(EDBGWR) leaf instructions. Acked-by: Jethro Beekman Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/encl.c

[PATCH v35 16/24] x86/sgx: Add a page reclaimer

Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/driver.c | 1 + arch/x86/kernel/cpu/sgx/encl.c | 340 +- arch/x86/kernel/cpu/sgx/encl.h | 41 +++ arch/x86/kernel/cpu/sgx/ioctl.c | 77 - arch/x86/kernel/cpu

[PATCH v35 19/24] x86/fault: Add helper function to sanitize error code

Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/mm/fault.c | 24 +--- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 1db6fbd7af8e..8ba78384ea73 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c

[PATCH v35 14/24] x86/sgx: Add SGX_IOC_ENCLAVE_INIT

-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- arch/x86/include/uapi/asm/sgx.h | 11 ++ arch/x86/kernel/cpu/sgx/ioctl.c | 188

[PATCH v35 15/24] x86/sgx: Allow a limited use of ATTRIBUTE.PROVISIONKEY for attestation

A new ioctl called SGX_IOC_ENCLAVE_SET_ATTRIBUTE is used to assign this token to an enclave. Cc: linux-security-mod...@vger.kernel.org Acked-by: Jethro Beekman Suggested-by: Andy Lutomirski Signed-off-by: Jarkko Sakkinen --- arch/x86/include/uapi/asm/sgx.h | 11 arch/x86/kernel/cp

[PATCH v35 13/24] x86/sgx: Add SGX_IOC_ENCLAVE_ADD_PAGES

Beekman Tested-by: Haitao Huang Tested-by: Chunyang Hui Tested-by: Jordan Hand Tested-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko

[PATCH v35 12/24] x86/sgx: Add SGX_IOC_ENCLAVE_CREATE

Tested-by: Jordan Hand Tested-by: Nathaniel McCallum Tested-by: Seth Moore Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Co-developed-by: Suresh Siddha Signed-off-by: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- .../userspace-api/ioctl/ioctl-number.rst

[PATCH v35 10/24] mm: Add vm_ops->mprotect()

d. Cc: linux...@kvack.org Cc: Andrew Morton Cc: Matthew Wilcox Acked-by: Jethro Beekman Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- include/linux/mm.h | 2 ++ mm/mprotect.c | 13 ++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/include

[PATCH v35 11/24] x86/sgx: Add SGX enclave driver

-off-by: Suresh Siddha Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/Makefile | 2 + arch/x86/kernel/cpu/sgx/driver.c | 178 arch/x86/kernel/cpu/sgx/driver.h | 29 +++ arch/x86/kernel/cpu/sgx/encl.c | 335 +++ arch/x86/kernel/cpu/sgx

[PATCH v35 08/24] x86/sgx: Initialize metadata for Enclave Page Cache (EPC) sections

Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/Kconfig | 17 +++ arch/x86/kernel/cpu/Makefile | 1 + arch/x86/kernel/cpu/sgx/Makefile | 2 + arch/x86/kernel/cpu/sgx/main.c | 216 +++ arch/x86/kernel/cpu/sgx/sgx.h| 52 5 files

[PATCH v35 09/24] x86/sgx: Add __sgx_alloc_epc_page() and sgx_free_epc_page()

state (i.e. not required from caller part). Acked-by: Jethro Beekman Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/main.c | 62 ++ arch/x86/kernel/cpu/sgx/sgx.h | 3 ++ 2

[PATCH v35 05/24] x86/sgx: Add wrappers for ENCLS leaf functions

. ENCLS leaf functions are documented in Intel SDM: 36.6 ENCLAVE INSTRUCTIONS AND INTEL® Acked-by: Jethro Beekman Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/encls.h | 238

[PATCH v35 04/24] x86/sgx: Add SGX microarchitectural data structures

Beekman Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/arch.h | 343 + 1 file changed, 343 insertions(+) create mode 100644 arch/x86/kernel/cpu/sgx/arch.h diff --git a/arch/x86/kernel/cpu/sgx/arch.h b/arch/x86/kernel/cpu/sgx/arch.h new file mode 100644

<    7   8   9   10   11   12   13   14   15   16   >