Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp3428369pxb; Mon, 4 Apr 2022 16:41:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwOyiA/AEUYFz9l/LT/c2MU1/7EN3uBynHie3ZHjiCGE3PGGPbM3IvFYK6s4qInVRJiKw1k X-Received: by 2002:a63:6c4:0:b0:382:8506:c127 with SMTP id 187-20020a6306c4000000b003828506c127mr507480pgg.279.1649115703713; Mon, 04 Apr 2022 16:41:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649115703; cv=none; d=google.com; s=arc-20160816; b=ilpD58gdPoXKSc1WlLtmefjSyiDN1A+F1PCxm53waPb3TUNGwO/84OYOuvjiFRKvWQ JDvNrO7dvG5PDRNxI5sCSazgaV0CVWTs/GVSu7fKHGwcA1IlS79snXf9MjJc0ZYlqL6R YhP5Al7/ma4KIMBQk+s4JqAQr6CaAxG3CJTtqvB68e27TduAzEuUgTH35vY9QjKowsbX D8X/a+xlIc0iO+OO/jY7XPLcaydM6mBLmA1J/mfTF8RuJDwzufEJ0zgRc8I6iYtfPvSW 4uRSjohPKwv+6AXcS7h5ExtC9bVRBbHyVLLWqpPPnGPVo77ALqrnRYGLQnSfU+4+sChA Ob6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GM/JNDme4VvBLKyRIqbEYlZ4g4U7Y+n0Rm4lA8q5yXg=; b=IghZ0o9AzFEP9BNtalNEk8iP6dKMgsLwds1m1MUrl34Z7k9c4XEkpxdY17+ics0PPt uLkIGplTvHBe66WszA+p9WoM2+MhVjtMXPetCLE29W6fj7khJp8qhzgY+uPZGQ2Jyzmr PsQan9L/xeB4kS6hmuvPjhslCX+ML6+ql6L4fdfBHDgaMh7PpvwIOaNKLsytnaAIjtSp 0GOiw7deIbLlTIe7n8LMTUgOzluDGJZ5+apuQkJwzylLSwZi593GErA8q18z7lC1bL68 VL7xM/8VXU92QBs8bQJF28OL0jSCaWQ9ei8OgAfz4JY7tpsAwXwXfxMzhY3F0tFSA8B6 yV+w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=QckznjSl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id h3-20020a170902f54300b00153b2d1651fsi1558692plf.295.2022.04.04.16.41.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Apr 2022 16:41:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=QckznjSl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 53E205521A; Mon, 4 Apr 2022 16:33:03 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1381229AbiDDVWo (ORCPT + 99 others); Mon, 4 Apr 2022 17:22:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46590 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1379272AbiDDQvx (ORCPT ); Mon, 4 Apr 2022 12:51:53 -0400 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C60A83206F; Mon, 4 Apr 2022 09:49:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649090996; x=1680626996; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=mmcZSIlJkv/9k53+32pFDDB02AXmc/mojSxyVAU4Ycg=; b=QckznjSltzWUfdN+fbzweFp+rod5jfHHsQjZiBGhh5ufm5icc0nKKupz ix63v2nmCgs7GO+d1PURJkwKbeiX3mQ/NCd3PRBVXP+6hS31uM8qRe8T1 n7p9fj0BZmqn2D0NTduIG9ZoJ/VMysPkP+paEVDUbjHVLZ+NKxH4SRH7m PwS5v81Jvbr4o7h9QE7e8Rvs1Bj85eNXoWQGLwEVgklU/4KUEw17b+VTi UFp/4Zknog6Bc/kl+dKCStM2VzIvfQoD4rS/PVNeMCvlpqTu8ZcPZOHXR C9p4JoEW8laUqnpFXADY85MUaAsCTSX/dVA7p+sb3GDcD1arBBbsT0sYH Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10307"; a="323734049" X-IronPort-AV: E=Sophos;i="5.90,234,1643702400"; d="scan'208";a="323734049" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Apr 2022 09:49:51 -0700 X-IronPort-AV: E=Sophos;i="5.90,234,1643702400"; d="scan'208";a="523105186" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Apr 2022 09:49:50 -0700 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V3 13/30] x86/sgx: Export sgx_encl_page_alloc() Date: Mon, 4 Apr 2022 09:49:21 -0700 Message-Id: <794f92c110f79c94b6aa969d9ddc7a73a4c5b67b.1648847675.git.reinette.chatre@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jarkko Sakkinen Move sgx_encl_page_alloc() to encl.c and export it so that it can be used in the implementation for support of adding pages to initialized enclaves, which requires to allocate new enclave pages. Signed-off-by: Jarkko Sakkinen Signed-off-by: Reinette Chatre --- Changes since V2: - New patch Originally submitted at: https://lore.kernel.org/linux-sgx/20220308112833.262805-3-jarkko@kernel.org/ arch/x86/kernel/cpu/sgx/encl.c | 32 ++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/sgx/encl.h | 3 +++ arch/x86/kernel/cpu/sgx/ioctl.c | 32 -------------------------------- 3 files changed, 35 insertions(+), 32 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c index c77a62432862..546423753e4c 100644 --- a/arch/x86/kernel/cpu/sgx/encl.c +++ b/arch/x86/kernel/cpu/sgx/encl.c @@ -792,6 +792,38 @@ int sgx_encl_test_and_clear_young(struct mm_struct *mm, return ret; } +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags) +{ + struct sgx_encl_page *encl_page; + unsigned long prot; + + encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); + if (!encl_page) + return ERR_PTR(-ENOMEM); + + encl_page->desc = encl->base + offset; + encl_page->encl = encl; + + prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); + + /* + * TCS pages must always RW set for CPU access while the SECINFO + * permissions are *always* zero - the CPU ignores the user provided + * values and silently overwrites them with zero permissions. + */ + if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) + prot |= PROT_READ | PROT_WRITE; + + /* Calculate maximum of the VM flags for the page. */ + encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); + + return encl_page; +} + /** * sgx_zap_enclave_ptes() - remove PTEs mapping the address from enclave * @encl: the enclave diff --git a/arch/x86/kernel/cpu/sgx/encl.h b/arch/x86/kernel/cpu/sgx/encl.h index 9d673d9531f0..253ebdd1c5be 100644 --- a/arch/x86/kernel/cpu/sgx/encl.h +++ b/arch/x86/kernel/cpu/sgx/encl.h @@ -112,6 +112,9 @@ int sgx_encl_get_backing(struct sgx_encl *encl, unsigned long page_index, void sgx_encl_put_backing(struct sgx_backing *backing, bool do_write); int sgx_encl_test_and_clear_young(struct mm_struct *mm, struct sgx_encl_page *page); +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags); void sgx_zap_enclave_ptes(struct sgx_encl *encl, unsigned long addr); struct sgx_epc_page *sgx_alloc_va_page(void); unsigned int sgx_alloc_va_slot(struct sgx_va_page *va_page); diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 746acddbb774..0460fd224a05 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -169,38 +169,6 @@ static long sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg) return ret; } -static struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, - unsigned long offset, - u64 secinfo_flags) -{ - struct sgx_encl_page *encl_page; - unsigned long prot; - - encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); - if (!encl_page) - return ERR_PTR(-ENOMEM); - - encl_page->desc = encl->base + offset; - encl_page->encl = encl; - - prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); - - /* - * TCS pages must always RW set for CPU access while the SECINFO - * permissions are *always* zero - the CPU ignores the user provided - * values and silently overwrites them with zero permissions. - */ - if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) - prot |= PROT_READ | PROT_WRITE; - - /* Calculate maximum of the VM flags for the page. */ - encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); - - return encl_page; -} - static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) { u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; -- 2.25.1