Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp431932pxk; Fri, 11 Sep 2020 10:41:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxxTvZ6ntlFjHWtcj2GzI7JqvnRn8GFpBNdgsD0810/dJEw2TaDg8OKtr0PbXYFwinyP3hj X-Received: by 2002:a50:a694:: with SMTP id e20mr3362605edc.114.1599846117636; Fri, 11 Sep 2020 10:41:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599846117; cv=none; d=google.com; s=arc-20160816; b=zqEy85Q6HlU/ZGBS1Gc5Y5OEakCphVKz+7TG7ZdxY1tHpnv7zyr49jpNEbTiyC1fyo lHV9jL4K9XvsajILIoB5M2NeHRPVc4y1+mzUsrNLUSvjl1ZnVOb6DLpueKxZdBYGx1Ul oiYOIxLguSZsfCu3YHK5uG4T1yW2SNc4u6r92d+9w1sFPfuAeCEdGFHWmlCkpdkdUx2l AW8WXX66VBir8jL7UjWzeNZsAP5fEt4BIa3lVnkjKpcHRlWuCgAu4SrnQpWvOjBsEyUl RW78yo7Dqcr552WGsVPvvEmGZQNUcUGg/jntARAq2awYgNyyL2iibdydfS3hiZa2Pb7a f17g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=lvV5dm55/OKyBhwvV5etfoyxsu7a4AZFhoyfFJhYHUU=; b=jzC6MrFpIw5aC9gN2LybK9LJ+U7VkqJw0ypZ1+rrKxoSdNjU6jjyaNbQMhKkoal/T2 WQ0T73//u/85r9qbpZgHbaxjOMtQhklDFiKG7J1DDrNw1kNbLhFSeBp4Z+Pwe7SN9roR i+2GEMiyRrPORL+L/6j9HZd28I7hsNCkgLlOttk3kPTawYxdf5OKGS/hsi5MSjWjsUcS CBm1DVHg9rh1y1fjjHwCkydc25IApJZRrKOJeaVfBBsR2dPyMAHKib1ix6aEbW+EvsZz zNU4wXUdxoPTAQikCGxm8JF1E6vG/QctZMaRCM0Mb7ro9vUdVQMp4jgFiQ8wGJ7il/xF zgoQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l60si1824132ede.535.2020.09.11.10.41.34; Fri, 11 Sep 2020 10:41:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726323AbgIKRk6 (ORCPT + 99 others); Fri, 11 Sep 2020 13:40:58 -0400 Received: from mga02.intel.com ([134.134.136.20]:60815 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725952AbgIKMmS (ORCPT ); Fri, 11 Sep 2020 08:42:18 -0400 IronPort-SDR: WchHbHvp/qK6ZZVAOjQNU31AUR8Lth1BEwlMMLqA6IoG1TK6Nyr48nO+U8Tq0ptYZKkvoFzRTu oA4MQW/XGmww== X-IronPort-AV: E=McAfee;i="6000,8403,9740"; a="146436485" X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; d="scan'208";a="146436485" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:42:05 -0700 IronPort-SDR: B35NahDuDJckS2C8N0dW1uYzhmtcYWtnk+N9mhvH9u8i2V4jS/KtFLH/gomMMrfIleM35PwN+Y cjOmUkY4W9fg== X-IronPort-AV: E=Sophos;i="5.76,415,1592895600"; d="scan'208";a="305259042" Received: from amaksymi-mobl.ger.corp.intel.com (HELO localhost) ([10.252.60.247]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Sep 2020 05:41:56 -0700 From: Jarkko Sakkinen To: x86@kernel.org, linux-sgx@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Sean Christopherson , Jethro Beekman , Darren Kenny , Jarkko Sakkinen , akpm@linux-foundation.org, andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, josh@joshtriplett.org, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, luto@kernel.org, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com Subject: [PATCH v37 06/24] x86/cpu/intel: Detect SGX support Date: Fri, 11 Sep 2020 15:40:01 +0300 Message-Id: <20200911124019.42178-7-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com> References: <20200911124019.42178-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson Configure SGX as part of feature control MSR initialization and update the associated X86_FEATURE flags accordingly. Because the kernel will require the LE hash MSRs to be writable when running native enclaves, disable X86_FEATURE_SGX (and all derivatives) if SGX Launch Control is not (or cannot) be fully enabled via feature control MSR. The check is done for every CPU, not just BSP, in order to verify that MSR_IA32_FEATURE_CONTROL is correctly configured on all CPUs. The other parts of the kernel, like the enclave driver, expect the same configuration from all CPUs. Note, unlike VMX, clear the X86_FEATURE_SGX* flags for all CPUs if any CPU lacks SGX support as the kernel expects SGX to be available on all CPUs. X86_FEATURE_VMX is intentionally cleared only for the current CPU so that KVM can provide additional information if KVM fails to load, e.g. print which CPU doesn't support VMX. KVM/VMX requires additional per-CPU enabling, e.g. to set CR4.VMXE and do VMXON, and so already has the necessary infrastructure to do per-CPU checks. SGX on the other hand doesn't require additional enabling, so clearing the feature flags on all CPUs means the SGX subsystem doesn't need to manually do support checks on a per-CPU basis. Acked-by: Jethro Beekman Reviewed-by: Darren Kenny Signed-off-by: Sean Christopherson Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/feat_ctl.c | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/cpu/feat_ctl.c index 29a3bedabd06..c3afcd2e4342 100644 --- a/arch/x86/kernel/cpu/feat_ctl.c +++ b/arch/x86/kernel/cpu/feat_ctl.c @@ -93,16 +93,35 @@ static void init_vmx_capabilities(struct cpuinfo_x86 *c) } #endif /* CONFIG_X86_VMX_FEATURE_NAMES */ +static void clear_sgx_caps(void) +{ + setup_clear_cpu_cap(X86_FEATURE_SGX); + setup_clear_cpu_cap(X86_FEATURE_SGX_LC); + setup_clear_cpu_cap(X86_FEATURE_SGX1); + setup_clear_cpu_cap(X86_FEATURE_SGX2); +} + void init_ia32_feat_ctl(struct cpuinfo_x86 *c) { bool tboot = tboot_enabled(); + bool enable_sgx; u64 msr; if (rdmsrl_safe(MSR_IA32_FEAT_CTL, &msr)) { clear_cpu_cap(c, X86_FEATURE_VMX); + clear_sgx_caps(); return; } + /* + * Enable SGX if and only if the kernel supports SGX and Launch Control + * is supported, i.e. disable SGX if the LE hash MSRs can't be written. + */ + enable_sgx = cpu_has(c, X86_FEATURE_SGX) && + cpu_has(c, X86_FEATURE_SGX1) && + cpu_has(c, X86_FEATURE_SGX_LC) && + IS_ENABLED(CONFIG_INTEL_SGX); + if (msr & FEAT_CTL_LOCKED) goto update_caps; @@ -124,13 +143,16 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c) msr |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX; } + if (enable_sgx) + msr |= FEAT_CTL_SGX_ENABLED | FEAT_CTL_SGX_LC_ENABLED; + wrmsrl(MSR_IA32_FEAT_CTL, msr); update_caps: set_cpu_cap(c, X86_FEATURE_MSR_IA32_FEAT_CTL); if (!cpu_has(c, X86_FEATURE_VMX)) - return; + goto update_sgx; if ( (tboot && !(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX)) || (!tboot && !(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX))) { @@ -143,4 +165,12 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c) init_vmx_capabilities(c); #endif } + +update_sgx: + if (!(msr & FEAT_CTL_SGX_ENABLED) || + !(msr & FEAT_CTL_SGX_LC_ENABLED) || !enable_sgx) { + if (enable_sgx) + pr_err_once("SGX disabled by BIOS\n"); + clear_sgx_caps(); + } } -- 2.25.1