lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <28d7a4bf-591f-3afa-b9ea-526a14abc587@intel.com>
Date:   Mon, 12 Sep 2022 07:34:33 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Reinette Chatre <reinette.chatre@...el.com>,
        Jarkko Sakkinen <jarkko@...nel.org>,
        Kai Huang <kai.huang@...el.com>
Cc:     linux-sgx@...r.kernel.org, dave.hansen@...ux.intel.com,
        seanjc@...gle.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/intel: Clear SGX bit if both SGX driver and KVM SGX
 are not enabled

On 9/12/22 07:31, Reinette Chatre wrote:
> 
> On 9/12/2022 3:47 AM, Jarkko Sakkinen wrote:
>> On Fri, Sep 09, 2022 at 08:08:53PM +1200, Kai Huang wrote:
>>> Currently on platform which has SGX enabled, if CONFIG_X86_SGX is not
>>> enabled, the X86_FEATURE_SGX is not cleared, resulting in /proc/cpuinfo
>>> shows "sgx" feature.  This is not desired.
>>>
>>> Clear SGX feature bit if both SGX driver and KVM SGX are not enabled in
>>> init_ia32_feat_ctl().
>>>
>>> Signed-off-by: Kai Huang <kai.huang@...el.com>
>> Is it a pattern that flags are cleared when they are disabled by the
>> kernel? I don't know the answer for this.

There's no good pattern.

But, one guideline is that the X86_FEATURE_*'s are for the *kernel*.
They are *not* for userspace.  The fact that the features are exposed to
userspace in cpuinfo is unfortunate, but it doesn't change our guideline.

So, if this patch is done only for the benefit of userspace, I don't
think we should apply it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ