Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6213393iob; Tue, 10 May 2022 13:00:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz/zZAAz/N5/nHoV55tMKwzqdMYbmBbqZQoWmSyXpE7NU6KNnNLbfvItbMy5SUBAgiw6JPz X-Received: by 2002:a17:902:cccc:b0:15a:30ec:2f56 with SMTP id z12-20020a170902cccc00b0015a30ec2f56mr22387463ple.169.1652212840991; Tue, 10 May 2022 13:00:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652212840; cv=none; d=google.com; s=arc-20160816; b=qzk8jcviRwspQS9Y28dYLeF7PmEL+CjAkzE0HvvEbaHBb+KpwCJNcLVHvuFT2vz3Fr ikd9L6LpdOdpMVb9glsu/54t52gzh8uuSk2wFgDgiKL0gqV7IPiNvwe7wkSdNYSHZWlU /rAzg8uqdeAj+vW9Wx2jT2qtKkE17hVcMdjQ0ZMkqv1McXx9mo5Ec41t9IfJGV1mMT1a L+SqU64VRPuoKkvjLTLTrwfBc/t8vtzlEQUlZu3RTyl8uWFYB8VmOdpqkpbjfXDba/1T YIz8Yka4XbjtEIWiVIPcj89endCKqNkaVWDI3Vb5OQqaoFjeJ2fvHjg4WC8PdcI23Rup sTzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1Mng+wyDSulu1P2L/1spCKPGUXtCsZ0XAD5wzl9Hdnk=; b=eTJPitSlr7IR8+iz3hZu3oisZqdfvGThRsJMqfDWQk4SggOtxuJHNWyMCuxPr4HE+T lO+0pQWX74RCjWvUaVqfibUc72eqpJWIihZvHdkePa5kPBSh4eDuJQ7+qlOrcI2CUGEa t0Kw2kWZTTXXSzTrll1ItPffTdkzXI6uIOqvcw/2mqvXsTo8nmhstaw2ZwJuiEIscCkr 2TP+DHHgSeSi7Uu8k4PZuYY0TfDAaZczlvGbG9aS7Hv6r5fQR6Wft9CRVIwRRLfepMRG /6CSoOEZ13GlDUdFDamUzBy3dj4lOk9JLtQyv4kqbwvLFDthHuNIhgn5HPCSeA7IL2i9 y4Eg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=TRCmAy66; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ot7-20020a17090b3b4700b001cb6eb55244si4153072pjb.93.2022.05.10.13.00.24; Tue, 10 May 2022 13:00:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=TRCmAy66; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348768AbiEJSOo (ORCPT + 99 others); Tue, 10 May 2022 14:14:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58148 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348565AbiEJSNW (ORCPT ); Tue, 10 May 2022 14:13:22 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57CFB2634; Tue, 10 May 2022 11:09:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652206164; x=1683742164; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=T3NibJYeFifD2Khb+6wDuupuzMBFL4C7BsZG+q3UhRg=; b=TRCmAy66FzsnSu85IPZIx++mBJ9qPTfq993/J1qyRkyWrJ16RXuM5lkD Vwpur0UDkjgHlwFHrqoVPop4h06NyFZNG/xHVD5sGkGiepeoQ2KrxlBnU yJ13bUu+WozHJ0nFtmRUKPmBuu+rVxBKiRjoVQLHM9ghK58nveohlVUga ED2yEvXD3t/tQP6Y24PXgCeOEzWOYZgMp/H6ZmLMBoBs6nYQYUPXQhXG6 awFTEdhoHuOYx2J/JTpT6udMmVN+braBY1CYf2R0AJbV1Ysw+bdfO6Afg Yj2Mxgw2onn2z3Kyvn788OmSKX11Rz4xRmKNL8W5O8aY7KsG5faE1l4yB w==; X-IronPort-AV: E=McAfee;i="6400,9594,10343"; a="330057529" X-IronPort-AV: E=Sophos;i="5.91,214,1647327600"; d="scan'208";a="330057529" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 May 2022 11:09:17 -0700 X-IronPort-AV: E=Sophos;i="5.91,214,1647327600"; d="scan'208";a="541908782" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 May 2022 11:09:16 -0700 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org, shuah@kernel.org, linux-kselftest@vger.kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, vijay.dhanraj@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V5 13/31] x86/sgx: Export sgx_encl_page_alloc() Date: Tue, 10 May 2022 11:08:49 -0700 Message-Id: <57ae71b4ea17998467670232e12d6617b95c6811.1652137848.git.reinette.chatre@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jarkko Sakkinen Move sgx_encl_page_alloc() to encl.c and export it so that it can be used in the implementation for support of adding pages to initialized enclaves, which requires to allocate new enclave pages. Signed-off-by: Jarkko Sakkinen Signed-off-by: Reinette Chatre --- No changes since V4. Changes since V2: - New patch Originally submitted at: https://lore.kernel.org/linux-sgx/20220308112833.262805-3-jarkko@kernel.org/ arch/x86/kernel/cpu/sgx/encl.c | 32 ++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/sgx/encl.h | 3 +++ arch/x86/kernel/cpu/sgx/ioctl.c | 32 -------------------------------- 3 files changed, 35 insertions(+), 32 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c index 91df05c6568f..2f053af9ce3e 100644 --- a/arch/x86/kernel/cpu/sgx/encl.c +++ b/arch/x86/kernel/cpu/sgx/encl.c @@ -882,6 +882,38 @@ int sgx_encl_test_and_clear_young(struct mm_struct *mm, return ret; } +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags) +{ + struct sgx_encl_page *encl_page; + unsigned long prot; + + encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); + if (!encl_page) + return ERR_PTR(-ENOMEM); + + encl_page->desc = encl->base + offset; + encl_page->encl = encl; + + prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | + _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); + + /* + * TCS pages must always RW set for CPU access while the SECINFO + * permissions are *always* zero - the CPU ignores the user provided + * values and silently overwrites them with zero permissions. + */ + if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) + prot |= PROT_READ | PROT_WRITE; + + /* Calculate maximum of the VM flags for the page. */ + encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); + + return encl_page; +} + /** * sgx_zap_enclave_ptes() - remove PTEs mapping the address from enclave * @encl: the enclave diff --git a/arch/x86/kernel/cpu/sgx/encl.h b/arch/x86/kernel/cpu/sgx/encl.h index b6b53c0346ad..2cb58ab868e5 100644 --- a/arch/x86/kernel/cpu/sgx/encl.h +++ b/arch/x86/kernel/cpu/sgx/encl.h @@ -112,6 +112,9 @@ int sgx_encl_get_backing(struct sgx_encl *encl, unsigned long page_index, void sgx_encl_put_backing(struct sgx_backing *backing); int sgx_encl_test_and_clear_young(struct mm_struct *mm, struct sgx_encl_page *page); +struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, + unsigned long offset, + u64 secinfo_flags); void sgx_zap_enclave_ptes(struct sgx_encl *encl, unsigned long addr); struct sgx_epc_page *sgx_alloc_va_page(void); unsigned int sgx_alloc_va_slot(struct sgx_va_page *va_page); diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 2df27dd8b30d..bb8cdb2ad0d1 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -169,38 +169,6 @@ static long sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg) return ret; } -static struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl, - unsigned long offset, - u64 secinfo_flags) -{ - struct sgx_encl_page *encl_page; - unsigned long prot; - - encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL); - if (!encl_page) - return ERR_PTR(-ENOMEM); - - encl_page->desc = encl->base + offset; - encl_page->encl = encl; - - prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) | - _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC); - - /* - * TCS pages must always RW set for CPU access while the SECINFO - * permissions are *always* zero - the CPU ignores the user provided - * values and silently overwrites them with zero permissions. - */ - if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS) - prot |= PROT_READ | PROT_WRITE; - - /* Calculate maximum of the VM flags for the page. */ - encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0); - - return encl_page; -} - static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) { u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; -- 2.25.1