Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp1647500rwn; Fri, 9 Sep 2022 01:35:15 -0700 (PDT) X-Google-Smtp-Source: AA6agR6dOaR4dr7TzGfQUP8cEx9+KA58YlJD6qwKg0izd+DPKmOg5TVYKns1koVbXRMHrjEYm4aC X-Received: by 2002:a05:6512:1399:b0:486:2ae5:be71 with SMTP id p25-20020a056512139900b004862ae5be71mr3794160lfa.246.1662712515092; Fri, 09 Sep 2022 01:35:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662712515; cv=none; d=google.com; s=arc-20160816; b=Oq1gJcztqKuTh2vznjjjhTE0daQb6rSeOBSr9rSr47a8mxB+CYY8pn1vfWD//U0Z6A /ae57/PMaxd6xvnGAFX9cZgM3SDuwEmfSqwppyTWJjTiB0B+/mGa6QOc/F58c3RpdEu7 7cb6lVkZdlJ09isp6mWLmdUiU+Qdex36q8vPd956XYO7x30+E0jXDbHNCvAmvz7XeLWr SrLqCqJVh1EWTCPFJyoCMjWqeLLt4XAh0Z0BsxjTF3xKm0pANNukVr3eq0sWuI6iHSn2 g7v+0R/D90C8V2Ch4cQzPImgDuHmFtJLZTcxXtnQP+qraLsbOifXBDKuwCU0u7mtc3ZH wzlA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=0sB25VnueJ0yQrNdK21oEKEloRjYfhrnV0b6TV2aXLY=; b=Ry54T1kfuaxpFPi3k6+B7CI2ieA1pKNTVcDug7IZOYgmqHZkt4kQ7ae7JN4sH1tUB1 zwQvvbq5HYHSCU+PN4TmkL32hvS+eiUJ8u9BUw5fl/dicDvIxvXayCtdSTdpEGBgHsDV 9awXDMhcFGsRLU1Z/DASAkw9yyI3vZ8CW08JIgTP3DXkee7VLtmG4Xro0/WiholmHofS /Pxx7kDhB+IqUcyBSLUKYSI+/NQSHvLh2nUhco/pvyRIaHbTmLZdNtbyRdoWYbNh98ij cUES/SN+1Kb39f8yyn1mupxluGR/LZOStRJ+9JbB9tpnf3prBoBByQ5h73gDOGfNX0H3 he3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=hWI+SDRi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a22-20020ac25e76000000b004979dd35186si586720lfr.88.2022.09.09.01.34.45; Fri, 09 Sep 2022 01:35:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=hWI+SDRi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230385AbiIIIJG (ORCPT + 99 others); Fri, 9 Sep 2022 04:09:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41360 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229862AbiIIIJF (ORCPT ); Fri, 9 Sep 2022 04:09:05 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 158F3D6B9D; Fri, 9 Sep 2022 01:09:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1662710944; x=1694246944; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=pHcMr/HNr8GqXxikW+gg67wqAAdhnAbWd7qTUYLTQA0=; b=hWI+SDRipT9KS06Qz5SReoxHfX8cAJlpA1rMYfrqdvCERDAh59yeaZDJ wJ42lWr/AAP+1qvesv2Z58PewJWin6rHS8SUYYUHqR6vghhbDrtBqnICP eSTkLYhkCnCSjNAK7gLfB3kE6CLymI+jKW/502WCdKVBATY5luSVrYWQ4 cOvn+H9y3A0AWlO8nZCi0m2IYwmfv0U90m35qPu1nYLTDr4BT01yRid85 R1/lhm5E4Cb0MeWUO9UHq8cH43z0EgvSeXdNblPPp6JoMhfwahIlKJodi PGPPqSGrDr3CyJUjWhr07EWXj7mz4lGIBF2zcJtY+T3y0l90hI/ErTy5g A==; X-IronPort-AV: E=McAfee;i="6500,9779,10464"; a="298762966" X-IronPort-AV: E=Sophos;i="5.93,302,1654585200"; d="scan'208";a="298762966" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Sep 2022 01:09:03 -0700 X-IronPort-AV: E=Sophos;i="5.93,302,1654585200"; d="scan'208";a="740976284" Received: from lmongeax-mobl.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.212.106.181]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Sep 2022 01:09:02 -0700 From: Kai Huang To: linux-sgx@vger.kernel.org Cc: dave.hansen@linux.intel.com, seanjc@google.com, jarkko@kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] x86/intel: Clear SGX bit if both SGX driver and KVM SGX are not enabled Date: Fri, 9 Sep 2022 20:08:53 +1200 Message-Id: <20220909080853.547058-1-kai.huang@intel.com> X-Mailer: git-send-email 2.37.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Currently on platform which has SGX enabled, if CONFIG_X86_SGX is not enabled, the X86_FEATURE_SGX is not cleared, resulting in /proc/cpuinfo shows "sgx" feature. This is not desired. Clear SGX feature bit if both SGX driver and KVM SGX are not enabled in init_ia32_feat_ctl(). Signed-off-by: Kai Huang --- Hi Dave, Sean, Jarkko, Could you help to review? Tested on SGX (BIOS) enabled machine with CONFIG_X86_SGX unset. This patch is generated on latest tip/master, but it applies to tip/x86/sgx cleanly as well. --- arch/x86/kernel/cpu/feat_ctl.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/cpu/feat_ctl.c index 993697e71854..2f67409f5f00 100644 --- a/arch/x86/kernel/cpu/feat_ctl.c +++ b/arch/x86/kernel/cpu/feat_ctl.c @@ -191,6 +191,19 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c) return; } + /* + * By reaching here, it is certain that: + * - CPU supports SGX. + * - SGX is enabled by BIOS. + * + * However if both SGX driver and KVM SGX are not enabled, just + * need to clear SGX feature bit. + */ + if (!enable_sgx_driver && !enable_sgx_kvm) { + clear_cpu_cap(c, X86_FEATURE_SGX); + return; + } + /* * VMX feature bit may be cleared due to being disabled in BIOS, * in which case SGX virtualization cannot be supported either. base-commit: b8b09110cf290fdab4006b717da7a776ffb0cb73 -- 2.37.1