Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp942748pxb; Wed, 13 Apr 2022 16:20:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxhqKFPB2z9GQEZaqb/s843+Hp09QkhFBbvaMwhnTUL28ZS1Qp6iViye7hmOwhPB00veg8P X-Received: by 2002:a17:906:478c:b0:6df:6b35:156d with SMTP id cw12-20020a170906478c00b006df6b35156dmr33134ejc.578.1649892034226; Wed, 13 Apr 2022 16:20:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649892034; cv=none; d=google.com; s=arc-20160816; b=Tpqk7D8aRTlHzJtNS6/1znRQRYt3qHz02X6nhy0KMB/AcIeC89CLDS5cqF4TxJAenM V5EM27q7LOCV57Thzc/Dleev00D73m2IJbFH1y3g/zeBWrimI4CGuqBxV1bXDjgFkMV/ jpj2fqg4fSE536COmxNs2NejzHA0VNLjrMcxUsKov6bbG2sABifgFUoZXmCKztBS1TKm BU9fLxSYjAN18bBcGshSCT8kGryoYxdJfASwR6mWkNEEpvXk/SCYjaanETcPqehSoCF8 1Y3pTBNiXTubfvgS6dTWC83FVug+R/gx/YiWFvkuebNT0OXKEyZK+cRijPLVG+PY62qk UhrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=0RD+GJCjsuoPNgUeE+sDp/5Ji2cpmYCOLXB8bORaAGI=; b=A/cqp/kQUKyhkAJx2CUtPplfak6FYmdK4ouSLQp/1Od2I/10ljWU+ne/oH4lI5HerY E/QWIiSyVJHSTQ5BgaNmfjP61pZHRXLNEusTIqHHSQWf8rU/hRaUAaxsXAXAvZrOnsb9 TnMiicA7sl6k5oPwqIX2Wbku8od2RRQZfURydS29FPYI2smxNp0ZZmu1umP6B+aP7uch GOZ/6/Kjfv0LjSAvesVt4MbF6qIUKNayRd2UNLV2i1FhHF3g+pyoC+QaNVIP4NuH5OUb VW7YYwhAtyniCnMT2RRz7babK79FiO/kf5UdnIRy0jN5B40oMVJVhKqLnM/6zSO94Qfn Ij2g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Op3Y+D91; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ga19-20020a170906b85300b006df76385cf1si889053ejb.401.2022.04.13.16.20.08; Wed, 13 Apr 2022 16:20:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Op3Y+D91; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239072AbiDMVPY (ORCPT + 99 others); Wed, 13 Apr 2022 17:15:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55290 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239021AbiDMVNI (ORCPT ); Wed, 13 Apr 2022 17:13:08 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9E303A5C1; Wed, 13 Apr 2022 14:10:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649884246; x=1681420246; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=2QeKF7uBH8LKmya6UOwD9E8IOWVV1+CcDsY7OQxbP+8=; b=Op3Y+D91M8cDHqMKbBC2243WOcSigM4SSVO1OXjZZ6SkNnrPvAoDZORo Z3VoDY80jirap7odeq2IlKvuoufSKyYfCVnTCprXzMx6H7AXSzU0JBlB9 b5qKagFSgP8LHO0O5vG+TJj9H8bdBa0sX3ZtejJoPxnFBPHJZ3ZbgNLvz u0Z5rRE6/3m1AsksogCuwes/JG05ajOwOolWedV7wevrCli6rhOI5ZNR4 1Sin2aBkpZhkF5drFfBi6by3Bu0/1EL3fKAPv1w658mvMxXjMKKbttHKr 1zDLrwvYBWERiLstdwJWJe7YyGAAA8OkyEI/kkstZ1VUIC620R31w/m1l g==; X-IronPort-AV: E=McAfee;i="6400,9594,10316"; a="323219028" X-IronPort-AV: E=Sophos;i="5.90,257,1643702400"; d="scan'208";a="323219028" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Apr 2022 14:10:43 -0700 X-IronPort-AV: E=Sophos;i="5.90,257,1643702400"; d="scan'208";a="725054276" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Apr 2022 14:10:43 -0700 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org, shuah@kernel.org, linux-kselftest@vger.kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, vijay.dhanraj@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V4 13/31] x86/sgx: Export sgx_encl_page_alloc() Date: Wed, 13 Apr 2022 14:10:13 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jarkko Sakkinen Move sgx_encl_page_alloc() to encl.c and export it so that it can be used in the implementation for support of adding pages to initialized enclaves, which requires to allocate new enclave pages. Signed-off-by: Jarkko Sakkinen Signed-off-by: Reinette Chatre --- No changes since V3. Changes since V2: - New patch Originally submitted at: https://lore.kernel.org/linux-sgx/20220308112833.262805-3-jarkko@kernel.org/ arch/x86/kernel/cpu/sgx/encl.c | 32 ++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/sgx/encl.h | 3 +++ arch/x86/kernel/cpu/sgx/ioctl.c | 32 -------------------------------- 3 files changed, 35 insertions(+), 32 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c index c77a62432862..546423753e4c 100644 --- a/arch/x86/kernel/cpu/sgx/encl.c +++ b/arch/x86/kernel/cpu/sgx/encl.c @@ -792,6 +792,38 @@ int sgx_encl_test_and_clear_young(struct mm_struct *mm, return ret; } +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags) +{ + struct sgx_encl_page *encl_page; + unsigned long prot; + + encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); + if (!encl_page) + return ERR_PTR(-ENOMEM); + + encl_page->desc = encl->base + offset; + encl_page->encl = encl; + + prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); + + /* + * TCS pages must always RW set for CPU access while the SECINFO + * permissions are *always* zero - the CPU ignores the user provided + * values and silently overwrites them with zero permissions. + */ + if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) + prot |= PROT_READ | PROT_WRITE; + + /* Calculate maximum of the VM flags for the page. */ + encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); + + return encl_page; +} + /** * sgx_zap_enclave_ptes() - remove PTEs mapping the address from enclave * @encl: the enclave diff --git a/arch/x86/kernel/cpu/sgx/encl.h b/arch/x86/kernel/cpu/sgx/encl.h index 9d673d9531f0..253ebdd1c5be 100644 --- a/arch/x86/kernel/cpu/sgx/encl.h +++ b/arch/x86/kernel/cpu/sgx/encl.h @@ -112,6 +112,9 @@ int sgx_encl_get_backing(struct sgx_encl *encl, unsigned long page_index, void sgx_encl_put_backing(struct sgx_backing *backing, bool do_write); int sgx_encl_test_and_clear_young(struct mm_struct *mm, struct sgx_encl_page *page); +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags); void sgx_zap_enclave_ptes(struct sgx_encl *encl, unsigned long addr); struct sgx_epc_page *sgx_alloc_va_page(void); unsigned int sgx_alloc_va_slot(struct sgx_va_page *va_page); diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 2df27dd8b30d..bb8cdb2ad0d1 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -169,38 +169,6 @@ static long sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg) return ret; } -static struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, - unsigned long offset, - u64 secinfo_flags) -{ - struct sgx_encl_page *encl_page; - unsigned long prot; - - encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); - if (!encl_page) - return ERR_PTR(-ENOMEM); - - encl_page->desc = encl->base + offset; - encl_page->encl = encl; - - prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); - - /* - * TCS pages must always RW set for CPU access while the SECINFO - * permissions are *always* zero - the CPU ignores the user provided - * values and silently overwrites them with zero permissions. - */ - if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) - prot |= PROT_READ | PROT_WRITE; - - /* Calculate maximum of the VM flags for the page. */ - encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); - - return encl_page; -} - static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) { u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; -- 2.25.1