lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <DM8PR11MB5750515E878BAC6199882330E723A@DM8PR11MB5750.namprd11.prod.outlook.com>
Date: Mon, 4 Aug 2025 07:21:09 +0000
From: "Reshetova, Elena" <elena.reshetova@...el.com>
To: "Hansen, Dave" <dave.hansen@...el.com>
CC: "jarkko@...nel.org" <jarkko@...nel.org>, "seanjc@...gle.com"
	<seanjc@...gle.com>, "Huang, Kai" <kai.huang@...el.com>, "mingo@...nel.org"
	<mingo@...nel.org>, "linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"x86@...nel.org" <x86@...nel.org>, "Mallick, Asit K"
	<asit.k.mallick@...el.com>, "Scarlata, Vincent R"
	<vincent.r.scarlata@...el.com>, "Cai, Chong" <chongc@...gle.com>, "Aktas,
 Erdem" <erdemaktas@...gle.com>, "Annapurve, Vishal" <vannapurve@...gle.com>,
	"Bondarevska, Nataliia" <bondarn@...gle.com>, "Raynor, Scott"
	<scott.raynor@...el.com>
Subject: RE: [PATCH v10 4/6] x86/sgx: Define error codes for use by
 ENCLS[EUPDATESVN]



> -----Original Message-----
> From: Hansen, Dave <dave.hansen@...el.com>
> Sent: Friday, August 1, 2025 7:57 PM
> To: Reshetova, Elena <elena.reshetova@...el.com>
> Cc: jarkko@...nel.org; seanjc@...gle.com; Huang, Kai
> <kai.huang@...el.com>; mingo@...nel.org; linux-sgx@...r.kernel.org; linux-
> kernel@...r.kernel.org; x86@...nel.org; Mallick, Asit K
> <asit.k.mallick@...el.com>; Scarlata, Vincent R <vincent.r.scarlata@...el.com>;
> Cai, Chong <chongc@...gle.com>; Aktas, Erdem <erdemaktas@...gle.com>;
> Annapurve, Vishal <vannapurve@...gle.com>; Bondarevska, Nataliia
> <bondarn@...gle.com>; Raynor, Scott <scott.raynor@...el.com>
> Subject: Re: [PATCH v10 4/6] x86/sgx: Define error codes for use by
> ENCLS[EUPDATESVN]
> 
> On 8/1/25 04:25, Elena Reshetova wrote:
> > Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
> > process can know the execution state of EUPDATESVN and notify
> > userspace.
> >
> > Signed-off-by: Elena Reshetova <elena.reshetova@...el.com>
> > ---
> >  arch/x86/include/asm/sgx.h | 37 ++++++++++++++++++++++---------------
> >  1 file changed, 22 insertions(+), 15 deletions(-)
> >
> > diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
> > index 6a0069761508..1abf1461fab6 100644
> > --- a/arch/x86/include/asm/sgx.h
> > +++ b/arch/x86/include/asm/sgx.h
> > @@ -28,21 +28,22 @@
> >  #define SGX_CPUID_EPC_MASK	GENMASK(3, 0)
> >
> >  enum sgx_encls_function {
> > -	ECREATE	= 0x00,
> > -	EADD	= 0x01,
> > -	EINIT	= 0x02,
> > -	EREMOVE	= 0x03,
> > -	EDGBRD	= 0x04,
> > -	EDGBWR	= 0x05,
> > -	EEXTEND	= 0x06,
> > -	ELDU	= 0x08,
> > -	EBLOCK	= 0x09,
> > -	EPA	= 0x0A,
> > -	EWB	= 0x0B,
> > -	ETRACK	= 0x0C,
> > -	EAUG	= 0x0D,
> > -	EMODPR	= 0x0E,
> > -	EMODT	= 0x0F,
> > +	ECREATE		= 0x00,
> > +	EADD		= 0x01,
> > +	EINIT		= 0x02,
> > +	EREMOVE		= 0x03,
> > +	EDGBRD		= 0x04,
> > +	EDGBWR		= 0x05,
> > +	EEXTEND		= 0x06,
> > +	ELDU		= 0x08,
> > +	EBLOCK		= 0x09,
> > +	EPA		= 0x0A,
> > +	EWB		= 0x0B,
> > +	ETRACK		= 0x0C,
> > +	EAUG		= 0x0D,
> > +	EMODPR		= 0x0E,
> > +	EMODT		= 0x0F,
> > +	EUPDATESVN	= 0x18,
> >  };
> 
> This update is not consistent with the changelog nor the patch subject.

I can remove the alignment fix.  

> 
> >  /**
> > @@ -73,6 +74,10 @@ enum sgx_encls_function {
> >   *				public key does not match
> IA32_SGXLEPUBKEYHASH.
> >   * %SGX_PAGE_NOT_MODIFIABLE:	The EPC page cannot be modified
> because it
> >   *				is in the PENDING or MODIFIED state.
> > + * %SGX_INSUFFICIENT_ENTROPY:	Insufficient entropy in RNG.
> > + * %SGX_NO_UPDATE:		EUPDATESVN was successful, but
> CPUSVN was not
> > + *				updated because current SVN was not newer
> than
> > + *				CPUSVN.
> 
> This comment bothers me. This is an *ERROR* code. It means that
> EUPDATESVN was *NOT* successful. It failed. It didn't do an update.
> 
> Now, it's not a _bad_ error code. It's kinda like read() returning 0.
> It's a "no harm no foul" kind of thing. But it's *NOT* success.

Yes, agree on both. 

> 
> Ideally, we find a way to relay this in a very succinct way.

Could you please elaborate what you mean by this? 
Changing the description? The name or? 

Best Regards,
Elena. 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ