Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp2080537pxk; Sat, 3 Oct 2020 07:33:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwU8/psIjUX9IHbTAK2WtW8PoipHA98SP8aymR3Oi4gX2uhyXRH2leG1Pia58SwYtxmtWER X-Received: by 2002:a17:906:28c4:: with SMTP id p4mr6738927ejd.345.1601735603380; Sat, 03 Oct 2020 07:33:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1601735603; cv=none; d=google.com; s=arc-20160816; b=V9c+Vp0rNa4XqxuYW60cO6YzG5lz9D/Kz9p9ukN6bYlmAYzuE0dBiB+it+Q4ZCN4lF rmcg5m0NF8wAVjZc4ZUW0e82p8n/0bRGcA/dQboVdxkyAcwn7y9Ol5ZUJ4bDd6bF1qxM uA5l9iAIP90rBq3y6y6e8FgFZQ/oA+X+wncL2jJObNAHQbRozpufWY7Y0aJ+l8y6NuA5 2oV/K1CZMTTGzoDVLdzmnrCmap1SDM8n9gb86q03EeeJ8r6Q9sXQa1sY6X05Y/H0V/zR Ifqyt8rqvGzfpakJbh3imUKKD2E+Vt3VyuGUgYtMV3F/jucP13jZOvtX/JzvtcYNje/c NzsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=cXe5Mfs4eUlsUERZRBwX2sHQuMoIEGW68bClqnuXVJw=; b=zAIdsdcmQSfVR0wu6TprsGo9eHJD2be/Kp70796BXca5xwOGKayp0frWrelAimmqsD rWcLqJNYUE4A8nYQY6ramCXQ+PsSZdwPQ7HVW6cZzoowxhPK/7LYlsII7g0xr67TGk1X 1/OHCryT9xyOtx8E2od60YK3LiVmJw7+PKXaKNdZuF8duyZ226EtCLxrCczMpRUGE4r0 cZOW3QM4cUi94lkHvNySA41+mfSG9tZsVhnVVsMdw7Ub4a5TSWIsRAxkkZNSJWlYqdW9 VG8UMXXX4pK79xJDMgpDCncBsnk/mxOCotO7MHxUyxqMsNGXXOQeMJQZv9Iyym2P3jk/ 9Y3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=FpIvtdwb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e6si3317897ejh.487.2020.10.03.07.33.00; Sat, 03 Oct 2020 07:33:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=FpIvtdwb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725808AbgJCOcD (ORCPT + 99 others); Sat, 3 Oct 2020 10:32:03 -0400 Received: from mail.kernel.org ([198.145.29.99]:49022 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725787AbgJCOcD (ORCPT ); Sat, 3 Oct 2020 10:32:03 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 64DD7206B8; Sat, 3 Oct 2020 14:32:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1601735520; bh=ewfSVLKWIxlh/mN5jtanPBaopxBzCdbn+TR8pcyPzlo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=FpIvtdwbmTv7OgJbiUJunMk+CIyDw7Zb8Y/f639/Hjs5oAGohFw8KdqE6JtoSQhc0 NBRugm1bhxII9OyzWDDxgw7E29MrmR7jLuCpIcxos1S08PZ+5Sac6JROcUEEKhFSwR 016U/ITIYy9kU2lMe4hYdHz1tStaYdAWQoju1dw4= Date: Sat, 3 Oct 2020 16:32:46 +0200 From: Greg KH To: Jarkko Sakkinen Cc: x86@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@linux-foundation.org, andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, luto@kernel.org, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, sean.j.christopherson@intel.com, tglx@linutronix.de, yaozhangx@google.com, mikko.ylinen@intel.com Subject: Re: [PATCH v39 00/24] Intel SGX foundations Message-ID: <20201003143246.GA800720@kroah.com> References: <20201003045059.665934-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201003045059.665934-1-jarkko.sakkinen@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Oct 03, 2020 at 07:50:35AM +0300, Jarkko Sakkinen wrote: > Intel(R) SGX is a set of CPU instructions that can be used by applications > to set aside private regions of code and data. The code outside the enclave > is disallowed to access the memory inside the enclave by the CPU access > control. > > There is a new hardware unit in the processor called Memory Encryption > Engine (MEE) starting from the Skylake microacrhitecture. BIOS can define > one or many MEE regions that can hold enclave data by configuring them with > PRMRR registers. > > The MEE automatically encrypts the data leaving the processor package to > the MEE regions. The data is encrypted using a random key whose life-time > is exactly one power cycle. > > The current implementation requires that the firmware sets > IA32_SGXLEPUBKEYHASH* MSRs as writable so that ultimately the kernel can > decide what enclaves it wants run. The implementation does not create > any bottlenecks to support read-only MSRs later on. > > You can tell if your CPU supports SGX by looking into /proc/cpuinfo: > > cat /proc/cpuinfo | grep sgx I might be late to the game, but why are you trying to dual-license the new files you are adding in this patch? How will that help anyone? I have had many talks with Intel about this in the past, and last I heard was that when dual-licensing made sense, they would be explicit as to why it was happening. Or is my memory failing me? thanks, greg k-h