Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Fri, Aug 09, 2019 at 06:02:08PM +0300, Jarkko Sakkinen wrote: > On Thu, 2019-08-08 at 08:40 -0700, Sean Christopherson wrote: > > On Wed, Aug 07, 2019 at 06:15:34PM +0300, Jarkko Sakkinen wrote: > > > On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: > > > > > + /* TCS pages

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Thu, 2019-08-08 at 08:40 -0700, Sean Christopherson wrote: > On Wed, Aug 07, 2019 at 06:15:34PM +0300, Jarkko Sakkinen wrote: > > On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: > > > > + /* TCS pages need to be RW in the PTEs, but can be 0 in the > > > > EPCM. */ > > > > +

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Wed, Aug 07, 2019 at 06:15:34PM +0300, Jarkko Sakkinen wrote: > On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: > > > + /* TCS pages need to be RW in the PTEs, but can be 0 in the EPCM. */ > > > + if ((secinfo.flags & SGX_SECINFO_PAGE_TYPE_MASK) == > > > SGX_SECINFO_TCS) > > > +

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

ECPM permissions are mentioned in SDM EADD instruction operation. PTE I don't know. -- Jethro Beekman | Fortanix On 2019-08-07 08:17, Jarkko Sakkinen wrote: On Wed, Aug 07, 2019 at 06:15:34PM +0300, Jarkko Sakkinen wrote: On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: +

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: > > + /* TCS pages need to be RW in the PTEs, but can be 0 in the EPCM. */ > > + if ((secinfo.flags & SGX_SECINFO_PAGE_TYPE_MASK) == > > SGX_SECINFO_TCS) > > + prot |= PROT_READ | PROT_WRITE; > > For TCS pages you add

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Wed, Aug 07, 2019 at 06:15:34PM +0300, Jarkko Sakkinen wrote: > On Mon, Jul 29, 2019 at 11:17:57AM +, Ayoun, Serge wrote: > > > + /* TCS pages need to be RW in the PTEs, but can be 0 in the EPCM. */ > > > + if ((secinfo.flags & SGX_SECINFO_PAGE_TYPE_MASK) == > > > SGX_SECINFO_TCS) > > > +

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Mon, Aug 05, 2019 at 09:16:44AM -0700, Sean Christopherson wrote: > On Sat, Jul 13, 2019 at 08:07:52PM +0300, Jarkko Sakkinen wrote: > > +static unsigned long sgx_get_unmapped_area(struct file *file, > > + unsigned long addr, > > +

Re: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

On Sat, Jul 13, 2019 at 08:07:52PM +0300, Jarkko Sakkinen wrote: > +static unsigned long sgx_get_unmapped_area(struct file *file, > +unsigned long addr, > +unsigned long len, > +

RE: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

> From: Jarkko Sakkinen > Sent: Saturday, July 13, 2019 20:08 > Subject: [PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver > +static long sgx_ioc_enclave_add_page(struct file *filep, void __user > +*arg) { > + struct sgx_encl *encl = filep->private

[PATCH v21 16/28] x86/sgx: Add the Linux SGX Enclave Driver

Intel Software Guard eXtensions (SGX) is a set of CPU instructions that can be used by applications to set aside private regions of code and data. The code outside the enclave is disallowed to access the memory inside the enclave by the CPU access control. This commit adds the Linux SGX Enclave