On all your patches for the future: don't forget to Cc LKML.
On Wed, Mar 09, 2022 at 06:40:48PM +0800, Cathy Zhang wrote:
> EUPDATESVN is the SGX instruction which allows enclave attestation
> to include information about updated microcode without a reboot.
>
> Microcode updates which affect SGX require two phases:
>
> 1. Do the main microcode update
> 2. Make the new CPUSVN available for enclave attestation via
> EUPDATESVN.
>
> Before a EUPDATESVN can succeed, all enclave pages (EPC) must be
> marked as unused in the SGX metadata (EPCM). This operation destroys
> all preexisting SGX enclave data and metadata. This is by design and
> mitigates the impact of vulnerabilities that may have compromised
> enclaves or the SGX hardware itself prior to the update.
>
> Signed-off-by: Cathy Zhang <[email protected]>
> ---
> arch/x86/include/asm/microcode.h | 5 ++++
> arch/x86/include/asm/sgx.h | 5 ++++
> arch/x86/kernel/cpu/microcode/core.c | 44 ++++++++++++++++++++++++++++
Why is all this code here at all?
What does that have *actually* to do with microcode loading?
AFAICT, you want to hook into microcode_check() which runs after the
microcode update and do your EUPDATESVN there...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
On 3/9/22 03:20, Borislav Petkov wrote:
> AFAICT, you want to hook into microcode_check() which runs after the
> microcode update and do your EUPDATESVN there...
There's a little bit in the cover letter that _implies_ why EUPDATESVN
isn't called during the actual microcode update:
> This series implements the infrastructure needed to track and tear
> down bare-metal enclaves and then run EUPDATESVN. This is expected
> to be triggered by administrators via sysfs at some convenient time
> after a microcode update, probably by the microcode update tooling
> itself.
This allows the (non-destructive) ucode update and the destructive
EUPDATESVN procedure to happen at different times.
If we just want to make the ucode update itself call EUPDATESVN via
microcode_check(), that makes the ucode update itself destructive to SGX
enclaves. That's not the end of the world, but this series is going to
some amount of trouble (including new ABI) to avoid it.
Perhaps we need to hear more about why this is so much of an issue.
> On all your patches for the future: don't forget to Cc LKML.
Thanks Boris! I will do it.