Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp576880imd; Sat, 3 Nov 2018 06:16:05 -0700 (PDT) X-Google-Smtp-Source: AJdET5cnca9qWNSXfSz5i4ywQA7JPRlPdboOeIh6yIJ8DS5QZ7RsbDCte8l1V/bis22zJygIGcJX X-Received: by 2002:a63:1e5c:: with SMTP id p28mr14325872pgm.376.1541250965199; Sat, 03 Nov 2018 06:16:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541250965; cv=none; d=google.com; s=arc-20160816; b=QqakoJOuT1jJWTEbTOBWHxuSlA9zjcz95zGm1pZUsNSCc8NO/+CIYNflqFEIyiYmVK DGbJ1QBRljeD1ZdrEHI/tUXvAbUJgb+aVLayzOs8GQM02QJK7EjZEiD4MwY+Rgv1PatA 5YHdppYXg6GV8tcQ+OYNkb6HCT5I+P+yJlnkHqLKBD9H2PWwpDwbysngB3GkiDsTnmV/ XcHIVilG/2/uTYjP/tyPZBpM/eiWEwwIbdugreqF767N/zv1q63MMC1M+crwDmZlBZzt hOlWuPwj+xs4IksJhGnH4BpQ43vKhwmA65BXNAVsWSayk4k1aqdRoJ1mn+3EhstFGhZN zwUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=dTSd7ETL/2YZCStrIYOT7JHFdH59w9vpDKocxhwuc4U=; b=qrUBU5ibf2CFlHhe/GhibBKqDxxAwwHxnGUerAWY04RiKSVFjt8MgN6GLUehxnUOXW 4m34RVaqesnJT/iE8l9gPSboVT2psBnv87illDX7CInXzMrc9+WjiS1Kr3vrNvgyCgZm 7mtbvBm74m0gXOmylyJCa25DIQPSP87x1IGyXuGP20qM+O8l4kQtJ2QIgDUN5WJSQBL5 jAhlUAqil+AF8+/PEs0WcTeRo9zcVAp4Pz6T2Vj4dC4QVJYiM88HdNKeL8WNcN9qG6u3 QBlmb/7Fs2pDKfB8R5SsX97NWx3L/WdyN3bNabPXJ8G+5uOtCKTF095wEK9Upsb0dVlW YmQw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=vCO2twoH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u9-v6si36380207pls.150.2018.11.03.06.15.50; Sat, 03 Nov 2018 06:16:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=vCO2twoH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728662AbeKCW0r (ORCPT + 99 others); Sat, 3 Nov 2018 18:26:47 -0400 Received: from mail-qk1-f195.google.com ([209.85.222.195]:33701 "EHLO mail-qk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727658AbeKCW0r (ORCPT ); Sat, 3 Nov 2018 18:26:47 -0400 Received: by mail-qk1-f195.google.com with SMTP id o89so7585552qko.0; Sat, 03 Nov 2018 06:15:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dTSd7ETL/2YZCStrIYOT7JHFdH59w9vpDKocxhwuc4U=; b=vCO2twoHmnVgZhTtVLSwkmF60UUy/TqC8I4HnKKdJykPVTTXsk2mZxomITzxIeuFcN v144RPKMV0qSLYJ4umAgixIWJSzw5h/wfLiFDPs+t6NBEO8OZDAZIp/xeYn+dPfDBWee 2Wh0Im59hzt5GCdKUEaq7Jyt8lX5jYOOuAKlvV21JrZ8X8wnTL8EeS3paR1U4l6C2lbw HiAIYZ/VmewTJAFVXe3aXHQCiPLKWrTJNA20c0Fk+1JViPcOyNEFCWZZk7Typ/qH/YVu hzXIw5DmuPSHvZZz6dO2UzvocEEs722wcQfS9cxvbQQJAdQRpfb5ZPDZku87gM8uPK3g nEng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dTSd7ETL/2YZCStrIYOT7JHFdH59w9vpDKocxhwuc4U=; b=H3rcCTdq+FnB78M/g9sgPq1+0X1RU8p62mU3tpBBdsjICWHuIkGRR2OHeu7dWPYNbH J7FY7Mp7IRlX5C8Q1mUC+AKTfZl/CSm+HCNqIQmHkCKfYL+7MtxtklzBD7GQuZtFJZq2 JdYkSuHrPLq20Is2r/HvViiy+HDBdcuDsV6cqxhCUO0q+aNXrktYdxkOC2u6cU/+as3n j3BFn03m6yvlsVBOqbsfpsZkplhZmy5elfw0kIcWiy6dinyNQ4YQy1PCLKnm+yOklOpC BPwAH1W6ACWNPOdbZqkJVsJbfWNoaiZ3ebH5Lm/F8VUBjwYbrQk5UV5zTtIx/BJsh9cU jP7g== X-Gm-Message-State: AGRZ1gJPT9+EWyXmnnld1wtmTdUoCRTuonfFU+IpGvQntEVZB9gIAglr 1kE6tsBnQ5kMbuygMY8fuVEXdvVMUP6wBravJTs= X-Received: by 2002:ac8:684:: with SMTP id f4-v6mr4315514qth.194.1541250927218; Sat, 03 Nov 2018 06:15:27 -0700 (PDT) MIME-Version: 1.0 References: <20181102231320.29164-1-jarkko.sakkinen@linux.intel.com> <20181102231320.29164-15-jarkko.sakkinen@linux.intel.com> In-Reply-To: <20181102231320.29164-15-jarkko.sakkinen@linux.intel.com> From: Andy Shevchenko Date: Sat, 3 Nov 2018 15:15:15 +0200 Message-ID: Subject: Re: [PATCH v15 14/23] x86/cpu/intel: Clear SGX_LC capability if not enabled in FEATURE_CONTROL To: Jarkko Sakkinen Cc: "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , Platform Driver , linux-sgx@vger.kernel.org, Dave Hansen , sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com, shay.katz-zamir@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, Andy Shevchenko , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Konrad Rzeszutek Wilk , David Woodhouse , "Kirill A. Shutemov" , davidwang@zhaoxin.com, "Levin, Alexander (Sasha Levin)" , qianyue.zj@alibaba-inc.com, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Nov 3, 2018 at 1:17 AM Jarkko Sakkinen wrote: > > From: Sean Christopherson > > Like SGX itself, SGX Launch Control must be explicitly enabled via a > flag in IA32_FEATURE_CONTROL. Clear the SGX_LC capability if Launch > Control is not fully enabled (or obviously if SGX itself is disabled). > > Note that clearing X86_FEATURE_SGX_LC creates a bit of a conundrum > regarding the SGXLEPUBKEYHASH MSRs, as it may be desirable to read the > MSRs even if they are not writable, e.g. to query the configured key, > but clearing the capability leaves no breadcrum for discerning whether > or not the MSRs exist. But, such usage will be rare (KVM is the only > known case at this time) and not performance critical, so it's not > unreasonable to require the use of rdmsr_safe(). Clearing the cap bit > eliminates the need for an additional flag to track whether or not > Launch Control is truly enabled, which is what we care about the vast > majority of the time. > @@ -618,6 +618,8 @@ static void detect_sgx(struct cpuinfo_x86 *c) > setup_clear_cpu_cap(X86_FEATURE_SGX1); > setup_clear_cpu_cap(X86_FEATURE_SGX2); > } > + if (unsupported || !(fc & FEATURE_CONTROL_SGX_LE_WR)) > + setup_clear_cpu_cap(X86_FEATURE_SGX_LC); > } A-ha, I see how you use this variable here (though it's still possible to get rid of it, choose what is better for readability / maintenance). -- With Best Regards, Andy Shevchenko