| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250522092237.7895-6-elena.reshetova@intel.com>
Date: Thu, 22 May 2025 12:21:38 +0300
From: Elena Reshetova <elena.reshetova@...el.com>
To: dave.hansen@...el.com
Cc: jarkko@...nel.org,
seanjc@...gle.com,
kai.huang@...el.com,
mingo@...nel.org,
linux-sgx@...r.kernel.org,
linux-kernel@...r.kernel.org,
x86@...nel.org,
asit.k.mallick@...el.com,
vincent.r.scarlata@...el.com,
chongc@...gle.com,
erdemaktas@...gle.com,
vannapurve@...gle.com,
dionnaglaze@...gle.com,
bondarn@...gle.com,
scott.raynor@...el.com,
Elena Reshetova <elena.reshetova@...el.com>
Subject: [PATCH v6 5/5] x86/sgx: Enable automatic SVN updates for SGX enclaves
== Background ==
ENCLS[EUPDATESVN] is a new SGX instruction [1] which allows enclave
attestation to include information about updated microcode SVN without a
reboot. Before an EUPDATESVN operation can be successful, all SGX memory
(aka. EPC) must be marked as “unused” in the SGX hardware metadata
(aka.EPCM). This requirement ensures that no compromised enclave can
survive the EUPDATESVN procedure and provides an opportunity to generate
new cryptographic assets.
== Patch Contents ==
Attempt to execute ENCLS[EUPDATESVN] every time the first file descriptor
is obtained via sgx_(vepc_)open(). In the most common case the microcode
SVN is already up-to-date, and the operation succeeds without updating SVN.
If it fails with any other error code than SGX_INSUFFICIENT_ENTROPY, this
is considered unexpected and the *open() returns an error. This should not
happen in practice. On contrary, SGX_INSUFFICIENT_ENTROPY might happen due
to a pressure on the system's DRNG (RDSEED) and therefore the *open() can
be safely retried to allow normal enclave operation.
[1] Runtime Microcode Updates with Intel Software Guard Extensions,
https://cdrdv2.intel.com/v1/dl/getContent/648682
Signed-off-by: Elena Reshetova <elena.reshetova@...el.com>
---
arch/x86/kernel/cpu/sgx/main.c | 35 ++++++++++++++++++++++++++++++++--
1 file changed, 33 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 109d40c89fe8..73ec5ccff3ae 100644
--- a/arch/x86/kernel/cpu/sgx/main.c
+++ b/arch/x86/kernel/cpu/sgx/main.c
@@ -920,6 +920,8 @@ EXPORT_SYMBOL_GPL(sgx_set_attribute);
/* Counter to count the active SGX users */
static atomic64_t sgx_usage_count;
+/* Mutex to ensure no concurrent EPC accesses during EUPDATESVN */
+static DEFINE_MUTEX(sgx_svn_lock);
/**
* sgx_updatesvn() - Attempt to call ENCLS[EUPDATESVN].
@@ -989,8 +991,37 @@ static int sgx_update_svn(void)
int sgx_inc_usage_count(void)
{
- atomic64_inc(&sgx_usage_count);
- return 0;
+ int ret;
+
+ /*
+ * Increments from non-zero indicate potential other
+ * active EPC users and EUPDATESVN is not attempted.
+ */
+ if (atomic64_inc_not_zero(&sgx_usage_count))
+ return 0;
+
+ /*
+ * Ensure no other concurrent threads can start
+ * touching EPC while EUPDATESVN is running.
+ */
+ guard(mutex)(&sgx_svn_lock);
+
+ if (atomic64_inc_not_zero(&sgx_usage_count))
+ return 0;
+
+ /*
+ * Attempt to call EUPDATESVN since EPC must be
+ * empty at this point.
+ */
+ ret = sgx_update_svn();
+
+ /*
+ * If EUPDATESVN failed, return failure to sgx_(vepc_)open and
+ * do not increment the sgx_usage_count.
+ */
+ if (!ret)
+ atomic64_inc(&sgx_usage_count);
+ return ret;
}
void sgx_dec_usage_count(void)
--
2.45.2
Powered by blists - more mailing lists