Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1663798pxb; Wed, 9 Feb 2022 01:34:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJzn30tHUuE8u5vD/A6QyNR6dQehtfYOlVfuGN3i8qnXG9vUBTC5rHiPAVBAqDQ0JHauclnC X-Received: by 2002:a62:d107:: with SMTP id z7mr1308806pfg.49.1644399262051; Wed, 09 Feb 2022 01:34:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644399262; cv=none; d=google.com; s=arc-20160816; b=Izxq7nsHcqpcFZN+koU/h4QJtXr9XqmENAW2KGwFnrCLlR4uSNBLAA4ubj3RKStUni EHwKXeHpVpGkwxvTEa2YVYoj/6g0owTFWjWQTqRArKs7ExBpWWZXslRH5mZ0PWoV2ZFj +gj6ztLXpJyL02kH42KBU6l+hM6pIQ1W1ECD/XqW9iabwLxuf8/uchduILAZrujwKLMA 2JekOxdP7pcUK4zAi7VvkZDfzRWCSKniHdarCqJz/jahdITwEbx/Z23gvRyj2vqBrQKH zjcLCH4tPkT5gACGEe/lPFuev/Ub29eYpagIUcJxn1WNRrlumiV3vr4x0O/2axzNhXjR k+jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7VARMhdGU03K3U+bZmMrFNWMdGrB/ILFG/YKw2AHlF4=; b=o+PxqWGdGObMDcRwulof6b4/tZUdkoMkNM5kOULd9xJ3YfLFUvi8BhxrHegmthKtWn K0TsqgtoQH2Jn6wkL5wCnhhIftVSbYKKyoIJKLj/ElAZ+0xTSMV14FsekAcGLwtPJkh4 09v3vJPtyAwDKQ08W26RtnnAdtUHzO8B9Mv8ueFh1QTeFtAlYCDvFQM+BhfHdEczxmu8 kTfzgpJ2vsGIfm8r73UEjUFhN1/E2+lIsps3c3RHSfc79KVkidOi2z84nUm36aL1u481 405PYUUSVUtwhe3xU8bKJoBFIQk3I1ESggaNCVl8BRQgu9+54eyuRW0/OZniW8Wv2mwO hNUg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=SFpFVQ5p; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id n8si17103595plh.598.2022.02.09.01.34.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 09 Feb 2022 01:34:22 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=SFpFVQ5p; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 26884E061446; Wed, 9 Feb 2022 01:00:42 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344708AbiBHBKy (ORCPT + 99 others); Mon, 7 Feb 2022 20:10:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59450 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344213AbiBHAqQ (ORCPT ); Mon, 7 Feb 2022 19:46:16 -0500 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2DF49C061A73; Mon, 7 Feb 2022 16:46:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1644281176; x=1675817176; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=jpG9hfXpHnLcADFZTQ12jgZ85kq17DbfUnpfb4LgYcQ=; b=SFpFVQ5pTiisUFeTwZhD0qKgOduvaDnBALDaxUav5w86+85aQf1ypcmw UwXwH+vWj/2oRiVFAIw6TubOpwkGnCDZT4IF5Zn6iK2Rnmo3OakDq8p+6 qx95t9TWtrCO6csy8yTtOd+K25URrXO3jrFExz6g+arM6Vk6f+DA8HJkf NDCT1NRGJyoKO+6vGRn1J9B0b7FDrDHLFRd/U3ZoznxvxDW7mVpJ0DdyF uvkHrqIiNQByhNel5embOIbxt6U6a1nd9A9KbULddNnnFI5vcYJrHMc3J G4gH8UNsMCnoAIeazloG0M16Wfpq/FKfKYnJuKb1q+xub8vn4Z0av7rz8 A==; X-IronPort-AV: E=McAfee;i="6200,9189,10251"; a="232407986" X-IronPort-AV: E=Sophos;i="5.88,351,1635231600"; d="scan'208";a="232407986" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2022 16:46:09 -0800 X-IronPort-AV: E=Sophos;i="5.88,351,1635231600"; d="scan'208";a="499389541" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Feb 2022 16:46:09 -0800 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V2 24/32] Documentation/x86: Introduce enclave runtime management section Date: Mon, 7 Feb 2022 16:45:46 -0800 Message-Id: <81387cc6cfee70a98165377f234908037e40dcf8.1644274683.git.reinette.chatre@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Enclave runtime management is introduced following the pattern of the section describing enclave building. Provide a brief summary of enclave runtime management, pointing to the functions implementing the ioctl()s that will contain details within their kernel-doc. Signed-off-by: Reinette Chatre --- Changes since V1: - New patch. Documentation/x86/sgx.rst | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/Documentation/x86/sgx.rst b/Documentation/x86/sgx.rst index 9df620b59f83..4059efbb4d2e 100644 --- a/Documentation/x86/sgx.rst +++ b/Documentation/x86/sgx.rst @@ -138,6 +138,22 @@ pages and establish enclave page permissions. sgx_ioc_enclave_init sgx_ioc_enclave_provision +Enclave runtime management +-------------------------- + +Systems supporting SGX2 additionally support changes to initialized +enclaves: modifying enclave page permissions and type, and dynamically +adding and removing of enclave pages. When an enclave accesses an address +within its address range that does not have a backing page then a new +regular page will be dynamically added to the enclave. The enclave is +still required to run EACCEPT on the new page before it can be used. + +.. kernel-doc:: arch/x86/kernel/cpu/sgx/ioctl.c + :functions: sgx_ioc_enclave_relax_perm + sgx_ioc_enclave_restrict_perm + sgx_ioc_enclave_modt + sgx_ioc_enclave_remove_pages + Enclave vDSO ------------ -- 2.25.1