Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp45641ybz; Tue, 21 Apr 2020 14:56:00 -0700 (PDT) X-Google-Smtp-Source: APiQypLpBLyO/pt0Ive3LAkCJFreNxE8Izo9oZ6NK4IFTaE9vs9W/Zi3+tCvkaiAZDm8SL4RM5IZ X-Received: by 2002:a17:906:4cc3:: with SMTP id q3mr14290102ejt.170.1587506160122; Tue, 21 Apr 2020 14:56:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587506160; cv=none; d=google.com; s=arc-20160816; b=pS3eNgUPnxtFpjeI3wwdoUuI2UhHDogmHPDhfmpTF7L0COH5fKWQi8bWZTToYaoeBI bXJd15TWHwgQq5mxKbG3KqacEc1qaqIQVGqjSYCnwYHwaHx00wZsAnhC4OaZVeeolDJ4 qHnooM4DvXnaiImi7OV7nf/alwwODan9Scrm8m8kS8P21jy+rRYWsDvE0giN1HOyXLhy fv+R19wymJL4MaRHtwRzBmNC/1LcpDUH91X1WmgBjneyByyzylLHbhRc5L8Be4vCepm9 qtgyXRIp+d/swU8Ok5BoYoMsAZmP1EPZGxcErMwBKSTQiaHK/Kw5MSFc+jS8nL01EEKQ v0Yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=lLtGCIB3XK4BV7VV2ysJT4vWgk0QbpNbMBYMYX1xpVk=; b=CxzxCSvG4M/qlPqb1vtmDLf1il47K/Rtx1txhPzsUuje2A/19gOZTFe2Ot5R5lclYH C+MWffYeELObi6d0zzkjLfUBPp0FWwC6uk4p2yyQqjpm07vy05D6irnvcDw6DE/W8e6U hIz6epa1S/nf31OqIZfYo0J2AmcmoM8/6iEjdcsfvoFi0HToaIfddckrR8HBf/J41k8y C30A48IxE6WLUPXI86az30A75WMcolI/fexTzIsFdY3YRxfCf89RncDJfvlzJYOagw3n HI/WsNmPgrXBC216B6a1N29B4Y6YzzA363+1/1tdqRfJI+EJc1Gm0JzxKhCe4hh0JmDz nhiQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z2si2213651edp.320.2020.04.21.14.55.37; Tue, 21 Apr 2020 14:56:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726547AbgDUVyJ (ORCPT + 99 others); Tue, 21 Apr 2020 17:54:09 -0400 Received: from mga01.intel.com ([192.55.52.88]:30789 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726482AbgDUVyD (ORCPT ); Tue, 21 Apr 2020 17:54:03 -0400 IronPort-SDR: 9ojoTcyK2ZsDfhT0Ut9EPBlnLui6HE42i0KWB25QPPAGTRVrf9ots8SecY+627G+K58qs7DxHK S9mm/PAuG9mg== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Apr 2020 14:54:02 -0700 IronPort-SDR: hUsb/RoZhTdfchhTO8cZvzOIKEB6OKdbHiLeQoq6lX+5UXv9TozGF+rkCDlO1Mqvc1tOx3VJlR s3XqXjM93eSQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,411,1580803200"; d="scan'208";a="456260647" Received: from mnchalux-mobl2.gar.corp.intel.com (HELO localhost) ([10.252.44.234]) by fmsmga005.fm.intel.com with ESMTP; 21 Apr 2020 14:53:57 -0700 From: Jarkko Sakkinen To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-sgx@vger.kernel.org Cc: akpm@linux-foundation.org, dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, haitao.huang@intel.com, andriy.shevchenko@linux.intel.com, tglx@linutronix.de, kai.svahn@intel.com, bp@alien8.de, josh@joshtriplett.org, luto@kernel.org, kai.huang@intel.com, rientjes@google.com, cedric.xing@intel.com, puiterwijk@redhat.com, Jarkko Sakkinen Subject: [PATCH v29 07/20] x86/cpu/intel: Detect SGX support Date: Wed, 22 Apr 2020 00:53:03 +0300 Message-Id: <20200421215316.56503-8-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200421215316.56503-1-jarkko.sakkinen@linux.intel.com> References: <20200421215316.56503-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson Configure SGX as part of feature control MSR initialization and update the associated X86_FEATURE flags accordingly. Because the kernel will require the LE hash MSRs to be writable when running native enclaves, disable X86_FEATURE_SGX (and all derivatives) if SGX Launch Control is not (or cannot) be fully enabled via feature control MSR. The check is done for every CPU, not just BSP, in order to verify that MSR_IA32_FEATURE_CONTROL is correctly configured on all CPUs. The other parts of the kernel, like the enclave driver, expect the same configuration from all CPUs. Note, unlike VMX, clear the X86_FEATURE_SGX* flags for all CPUs if any CPU lacks SGX support as the kernel expects SGX to be available on all CPUs. X86_FEATURE_VMX is intentionally cleared only for the current CPU so that KVM can provide additional information if KVM fails to load, e.g. print which CPU doesn't support VMX. KVM/VMX requires additional per-CPU enabling, e.g. to set CR4.VMXE and do VMXON, and so already has the necessary infrastructure to do per-CPU checks. SGX on the other hand doesn't require additional enabling, so clearing the feature flags on all CPUs means the SGX subsystem doesn't need to manually do support checks on a per-CPU basis. Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/feat_ctl.c | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/cpu/feat_ctl.c index 0268185bef94..ef4ddd6c8630 100644 --- a/arch/x86/kernel/cpu/feat_ctl.c +++ b/arch/x86/kernel/cpu/feat_ctl.c @@ -92,16 +92,35 @@ static void init_vmx_capabilities(struct cpuinfo_x86 *c) } #endif /* CONFIG_X86_VMX_FEATURE_NAMES */ +static void clear_sgx_caps(void) +{ + setup_clear_cpu_cap(X86_FEATURE_SGX); + setup_clear_cpu_cap(X86_FEATURE_SGX_LC); + setup_clear_cpu_cap(X86_FEATURE_SGX1); + setup_clear_cpu_cap(X86_FEATURE_SGX2); +} + void init_ia32_feat_ctl(struct cpuinfo_x86 *c) { bool tboot = tboot_enabled(); + bool enable_sgx; u64 msr; if (rdmsrl_safe(MSR_IA32_FEAT_CTL, &msr)) { clear_cpu_cap(c, X86_FEATURE_VMX); + clear_sgx_caps(); return; } + /* + * Enable SGX if and only if the kernel supports SGX and Launch Control + * is supported, i.e. disable SGX if the LE hash MSRs can't be written. + */ + enable_sgx = cpu_has(c, X86_FEATURE_SGX) && + cpu_has(c, X86_FEATURE_SGX1) && + cpu_has(c, X86_FEATURE_SGX_LC) && + IS_ENABLED(CONFIG_INTEL_SGX); + if (msr & FEAT_CTL_LOCKED) goto update_caps; @@ -123,13 +142,16 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c) msr |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX; } + if (enable_sgx) + msr |= FEAT_CTL_SGX_ENABLED | FEAT_CTL_SGX_LC_ENABLED; + wrmsrl(MSR_IA32_FEAT_CTL, msr); update_caps: set_cpu_cap(c, X86_FEATURE_MSR_IA32_FEAT_CTL); if (!cpu_has(c, X86_FEATURE_VMX)) - return; + goto update_sgx; if ( (tboot && !(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX)) || (!tboot && !(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX))) { @@ -142,4 +164,12 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c) init_vmx_capabilities(c); #endif } + +update_sgx: + if (!(msr & FEAT_CTL_SGX_ENABLED) || + !(msr & FEAT_CTL_SGX_LC_ENABLED) || !enable_sgx) { + if (enable_sgx) + pr_err_once("SGX disabled by BIOS\n"); + clear_sgx_caps(); + } } -- 2.25.1