Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6244703iob; Tue, 10 May 2022 13:49:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwWvg8svE6LXeakqECI/WLrUB5fL0SiHWUwElJArT8NilHhZPCG27JJ7o+QsP1SvHSfD2j+ X-Received: by 2002:a17:907:3e86:b0:6f5:917:10cc with SMTP id hs6-20020a1709073e8600b006f5091710ccmr20773702ejc.53.1652215759040; Tue, 10 May 2022 13:49:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652215759; cv=none; d=google.com; s=arc-20160816; b=m9NMk75Newtn2f9COuyvrtjit5lsSbL8l7e83tJAnkbRhjD9yHf7bX13f4m9rI5D6u 0ZzAl028akkRBFjypwQJZBbDCaseH6+aBHWWB9shHbsJrnvfC0w+5oiBdY480hDpsCgh F0aaYcbCsGM+b+d9bHcP+BUCdaszNaMJo09H5WUm0IqNmsLcYgWFR7Z+aOKJcB2lIFTV +6n+PeMSEhXlo6CqtQawppEnAewFG78b8ikRnGebJnkyX+N7rx32PmGRhgBbTfKtbDBk +eDk+XdYLIQSePHwDdtB+9ztABIoX539UYnhY5JKbGO3lcWhYCL35C3iD41e8l3hILPK 22XQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ivn4+5+c/dgLBd1HnNouJMi6U3sH+TrFvqiK3xOnboE=; b=lyUEx67SEfFlkr4B9wMoIdvWkhCfNjDwGFsOYb9kGsZlz85D49qiczImaoZy3WHO3N 66pddZ0HAbKHCDCB+Sm/xBP51KMjP4xvRxckRncM8L4kKbwlf0PkqJmcQjyiEMZyTEsu pITiB9vFAtJV4zcluGxSDWieOi36tkJDGMFPm3IOPncgzR13dhyx9nM32vXM3pndOxZr R6c2wbgbD+ryqDyieli5fGJ2ch1K7EvXdW4aYoX02DSh9+s5kFNOTTxUojIj8DOQIPbu /AKyL72XzJhOFnBtwF7+tpG9/svjnyR01u0xCVuy3YSvVcUL2s4XHcAKNgVMeYSgLjmP +qiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=C8zfSixe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gb27-20020a170907961b00b006f3c6cd2f9asi338480ejc.993.2022.05.10.13.48.55; Tue, 10 May 2022 13:49:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=C8zfSixe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245423AbiEJSPo (ORCPT + 99 others); Tue, 10 May 2022 14:15:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58792 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348608AbiEJSN0 (ORCPT ); Tue, 10 May 2022 14:13:26 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C67F29820; Tue, 10 May 2022 11:09:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652206168; x=1683742168; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=6MmFC/P7PHWENM/7pD3aeR70sEQG/z/SlZ7AM86ayZc=; b=C8zfSixeRKXpsOMaMbzr8+szYq7r9dFBiM6RR0xfmjRMFGKBX2kelXOq 40ka31EFjUdH3MlxSGDSi48TyU/dPyfcewsejZRBHiAwU4dR0w6chIgde stDWx5gvQbJqeYTdqas79EzzatvXDfUxrGdfpOKHaksb50TfhZo0bo5Dd 5shBl03JqHhBJj6I+0eW31waSYCHNVslZhxbqhn7/+vh13Q95QCzzNYNT EWlZtbhcCj6s+EcyMfVF2sjH3wyHzyla4rwFggx44PS17Vuw1Kr5lQ66z ta59wL0q75b207HLH179oiE2khKze6DQfEO+KVcxx8uvdzsTp9aUuEU3O w==; X-IronPort-AV: E=McAfee;i="6400,9594,10343"; a="330057540" X-IronPort-AV: E=Sophos;i="5.91,214,1647327600"; d="scan'208";a="330057540" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 May 2022 11:09:17 -0700 X-IronPort-AV: E=Sophos;i="5.91,214,1647327600"; d="scan'208";a="541908815" Received: from rchatre-ws.ostc.intel.com ([10.54.69.144]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 May 2022 11:09:17 -0700 From: Reinette Chatre To: dave.hansen@linux.intel.com, jarkko@kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org, shuah@kernel.org, linux-kselftest@vger.kernel.org Cc: seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com, cedric.xing@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, vijay.dhanraj@intel.com, hpa@zytor.com, linux-kernel@vger.kernel.org Subject: [PATCH V5 21/31] Documentation/x86: Introduce enclave runtime management section Date: Tue, 10 May 2022 11:08:57 -0700 Message-Id: <1da0b9a938b28e68e6870ebd5291490d680e700b.1652137848.git.reinette.chatre@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Enclave runtime management is introduced following the pattern of the section describing enclave building. Provide a brief summary of enclave runtime management, pointing to the functions implementing the ioctl()s that will contain details within their kernel-doc. Reviewed-by: Jarkko Sakkinen Signed-off-by: Reinette Chatre --- Changes since V4: - Rename sgx_ioc_enclave_modify_type -> sgx_ioc_enclave_modify_types. (Jarkko) - Add Jarkko's Reviewed-by tag. Changes since V2: - Remove references to ioctl() to relax permissions and update to reflect function renaming sgx_ioc_enclave_restrict_perm() -> sgx_ioc_enclave_restrict_permissions(). - Rename sgx_ioc_enclave_modt -> sgx_ioc_enclave_modify_type Changes since V1: - New patch. Documentation/x86/sgx.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/Documentation/x86/sgx.rst b/Documentation/x86/sgx.rst index 265568a9292c..2bcbffacbed5 100644 --- a/Documentation/x86/sgx.rst +++ b/Documentation/x86/sgx.rst @@ -100,6 +100,21 @@ pages and establish enclave page permissions. sgx_ioc_enclave_init sgx_ioc_enclave_provision +Enclave runtime management +-------------------------- + +Systems supporting SGX2 additionally support changes to initialized +enclaves: modifying enclave page permissions and type, and dynamically +adding and removing of enclave pages. When an enclave accesses an address +within its address range that does not have a backing page then a new +regular page will be dynamically added to the enclave. The enclave is +still required to run EACCEPT on the new page before it can be used. + +.. kernel-doc:: arch/x86/kernel/cpu/sgx/ioctl.c + :functions: sgx_ioc_enclave_restrict_permissions + sgx_ioc_enclave_modify_types + sgx_ioc_enclave_remove_pages + Enclave vDSO ------------ -- 2.25.1