| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Mar 2019 15:41:53 -0400
From: Neil Horman <nhorman@...hat.com>
To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, x86@...nel.org,
linux-sgx@...r.kernel.org, akpm@...ux-foundation.org,
dave.hansen@...el.com, sean.j.christopherson@...el.com,
npmccallum@...hat.com, serge.ayoun@...el.com,
shay.katz-zamir@...el.com, haitao.huang@...el.com,
andriy.shevchenko@...ux.intel.com, tglx@...utronix.de,
kai.svahn@...el.com, bp@...en8.de, josh@...htriplett.org,
luto@...nel.org, kai.huang@...el.com, rientjes@...gle.com,
Kai Huang <kai.huang@...ux.intel.com>
Subject: Re: [PATCH v19,RESEND 01/27] x86/cpufeatures: Add Intel-defined SGX
feature bit
On Wed, Mar 20, 2019 at 06:20:53PM +0200, Jarkko Sakkinen wrote:
> From: Kai Huang <kai.huang@...ux.intel.com>
>
> X86_FEATURE_SGX reflects whether or not the CPU supports Intel's
> Software Guard eXtensions (SGX).
>
> Signed-off-by: Kai Huang <kai.huang@...ux.intel.com>
> Co-developed-by: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
> Reviewed-by: Borislav Petkov <bp@...e.de>
> ---
> arch/x86/include/asm/cpufeatures.h | 1 +
> arch/x86/include/asm/disabled-features.h | 8 +++++++-
> 2 files changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index 981ff9479648..a16325db4cff 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -236,6 +236,7 @@
> /* Intel-defined CPU features, CPUID level 0x00000007:0 (EBX), word 9 */
> #define X86_FEATURE_FSGSBASE ( 9*32+ 0) /* RDFSBASE, WRFSBASE, RDGSBASE, WRGSBASE instructions*/
> #define X86_FEATURE_TSC_ADJUST ( 9*32+ 1) /* TSC adjustment MSR 0x3B */
> +#define X86_FEATURE_SGX ( 9*32+ 2) /* Software Guard Extensions */
> #define X86_FEATURE_BMI1 ( 9*32+ 3) /* 1st group bit manipulation extensions */
> #define X86_FEATURE_HLE ( 9*32+ 4) /* Hardware Lock Elision */
> #define X86_FEATURE_AVX2 ( 9*32+ 5) /* AVX2 instructions */
> diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h
> index a5ea841cc6d2..74de07d0f390 100644
> --- a/arch/x86/include/asm/disabled-features.h
> +++ b/arch/x86/include/asm/disabled-features.h
> @@ -62,6 +62,12 @@
> # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31))
> #endif
>
> +#ifdef CONFIG_INTEL_SGX
> +# define DISABLE_SGX_CORE 0
> +#else
> +# define DISABLE_SGX_CORE (1 << (X86_FEATURE_SGX & 31))
> +#endif
> +
> /*
> * Make sure to add features to the correct mask
> */
> @@ -74,7 +80,7 @@
> #define DISABLED_MASK6 0
> #define DISABLED_MASK7 (DISABLE_PTI)
> #define DISABLED_MASK8 0
> -#define DISABLED_MASK9 (DISABLE_MPX|DISABLE_SMAP)
> +#define DISABLED_MASK9 (DISABLE_MPX|DISABLE_SMAP|DISABLE_SGX_CORE)
> #define DISABLED_MASK10 0
> #define DISABLED_MASK11 0
> #define DISABLED_MASK12 0
> --
> 2.19.1
>
Just out of curiosity, would it be worthwhile to separate out the cpufeature
patches here to post and integrate them separately? It would at least reduce
the size of this patch set slightly, as these aren't controversial changes
Neil
Powered by blists - more mailing lists