lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 9 Mar 2020 14:56:22 -0700
From:   Sean Christopherson <sean.j.christopherson@...el.com>
To:     Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        linux-sgx@...r.kernel.org, akpm@...ux-foundation.org,
        dave.hansen@...el.com, nhorman@...hat.com, npmccallum@...hat.com,
        haitao.huang@...el.com, andriy.shevchenko@...ux.intel.com,
        tglx@...utronix.de, kai.svahn@...el.com, bp@...en8.de,
        josh@...htriplett.org, luto@...nel.org, kai.huang@...el.com,
        rientjes@...gle.com, cedric.xing@...el.com, puiterwijk@...hat.com
Subject: Re: [PATCH v28 07/22] x86/cpu/intel: Detect SGX supprt

s/supprt/support

On Wed, Mar 04, 2020 at 01:35:54AM +0200, Jarkko Sakkinen wrote:
> @@ -123,13 +132,21 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
>  			msr |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX;
>  	}
>  
> +	/*
> +	 * Enable SGX if and only if the kernel supports SGX and Launch Control
> +	 * is supported, i.e. disable SGX if the LE hash MSRs can't be written.
> +	 */
> +	if (cpu_has(c, X86_FEATURE_SGX) && cpu_has(c, X86_FEATURE_SGX_LC) &&
> +	    IS_ENABLED(CONFIG_INTEL_SGX))

This should probably check X86_FEATURE_SGX1 to handle the (unlikely) case
where SGX is supported but is soft disabled, e.g. due to a (corrected) #MC.

> +		msr |= FEAT_CTL_SGX_ENABLED | FEAT_CTL_SGX_LC_ENABLED;
> +
>  	wrmsrl(MSR_IA32_FEAT_CTL, msr);
>  
>  update_caps:
>  	set_cpu_cap(c, X86_FEATURE_MSR_IA32_FEAT_CTL);
>  
>  	if (!cpu_has(c, X86_FEATURE_VMX))
> -		return;
> +		goto update_sgx;
>  
>  	if ( (tboot && !(msr & FEAT_CTL_VMX_ENABLED_INSIDE_SMX)) ||
>  	    (!tboot && !(msr & FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX))) {
> @@ -142,4 +159,14 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
>  		init_vmx_capabilities(c);
>  #endif
>  	}
> +
> +update_sgx:
> +	if (!cpu_has(c, X86_FEATURE_SGX) || !cpu_has(c, X86_FEATURE_SGX_LC)) {

Same thing here for SGX1.  Since the checks are getting rather lengthy, it
probably makes sense to consolidate the logic using a local bool, e.g. as a
delta patch:

---
 arch/x86/kernel/cpu/feat_ctl.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/arch/x86/kernel/cpu/feat_ctl.c b/arch/x86/kernel/cpu/feat_ctl.c
index b16b71a6da74..ef4ddd6c8630 100644
--- a/arch/x86/kernel/cpu/feat_ctl.c
+++ b/arch/x86/kernel/cpu/feat_ctl.c
@@ -103,6 +103,7 @@ static void clear_sgx_caps(void)
 void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
 {
 	bool tboot = tboot_enabled();
+	bool enable_sgx;
 	u64 msr;
 
 	if (rdmsrl_safe(MSR_IA32_FEAT_CTL, &msr)) {
@@ -111,6 +112,15 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
 		return;
 	}
 
+	/*
+	 * Enable SGX if and only if the kernel supports SGX and Launch Control
+	 * is supported, i.e. disable SGX if the LE hash MSRs can't be written.
+	 */
+	enable_sgx = cpu_has(c, X86_FEATURE_SGX) &&
+		     cpu_has(c, X86_FEATURE_SGX1) &&
+		     cpu_has(c, X86_FEATURE_SGX_LC) &&
+		     IS_ENABLED(CONFIG_INTEL_SGX);
+
 	if (msr & FEAT_CTL_LOCKED)
 		goto update_caps;
 
@@ -132,12 +142,7 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
 			msr |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX;
 	}
 
-	/*
-	 * Enable SGX if and only if the kernel supports SGX and Launch Control
-	 * is supported, i.e. disable SGX if the LE hash MSRs can't be written.
-	 */
-	if (cpu_has(c, X86_FEATURE_SGX) && cpu_has(c, X86_FEATURE_SGX_LC) &&
-	    IS_ENABLED(CONFIG_INTEL_SGX))
+	if (enable_sgx)
 		msr |= FEAT_CTL_SGX_ENABLED | FEAT_CTL_SGX_LC_ENABLED;
 
 	wrmsrl(MSR_IA32_FEAT_CTL, msr);
@@ -161,11 +166,9 @@ void init_ia32_feat_ctl(struct cpuinfo_x86 *c)
 	}
 
 update_sgx:
-	if (!cpu_has(c, X86_FEATURE_SGX) || !cpu_has(c, X86_FEATURE_SGX_LC)) {
-		clear_sgx_caps();
-	} else if (!(msr & FEAT_CTL_SGX_ENABLED) ||
-		   !(msr & FEAT_CTL_SGX_LC_ENABLED)) {
-		if (IS_ENABLED(CONFIG_INTEL_SGX))
+	if (!(msr & FEAT_CTL_SGX_ENABLED) ||
+	    !(msr & FEAT_CTL_SGX_LC_ENABLED) || !enable_sgx) {
+		if (enable_sgx)
 			pr_err_once("SGX disabled by BIOS\n");
 		clear_sgx_caps();
 	}
-- 
2.24.1

> +		clear_sgx_caps();
> +	} else if (!(msr & FEAT_CTL_SGX_ENABLED) ||
> +		   !(msr & FEAT_CTL_SGX_LC_ENABLED)) {
> +		if (IS_ENABLED(CONFIG_INTEL_SGX))
> +			pr_err_once("SGX disabled by BIOS\n");
> +		clear_sgx_caps();
> +	}
>  }
> -- 
> 2.25.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ