[RFC PATCH 3/9] x86/sgx: Allow userspace to add multiple pages in single ioctl()
Sean Christopherson
sean.j.christopherson at intel.com
Fri May 31 23:31:53 UTC 2019
...to improve performance when building enclaves by reducing the number
of user<->system transitions. Rather than provide arbitrary batching,
e.g. with per-page SECINFO and mrmask, take advantage of the fact that
any sane enclave will have large swaths of pages with identical
properties, e.g. code vs. data sections.
For simplicity and stability in the initial implementation, loop over
the existing add page flow instead of taking a more agressive approach,
which would require tracking transitions between VMAs and holding
mmap_sem for an extended duration.
Signed-off-by: Sean Christopherson <sean.j.christopherson at intel.com>
---
arch/x86/include/uapi/asm/sgx.h | 21 ++---
arch/x86/kernel/cpu/sgx/driver/ioctl.c | 104 +++++++++++++++----------
2 files changed, 74 insertions(+), 51 deletions(-)
diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
index 9ed690a38c70..4a12d6abbcb7 100644
--- a/arch/x86/include/uapi/asm/sgx.h
+++ b/arch/x86/include/uapi/asm/sgx.h
@@ -12,8 +12,8 @@
#define SGX_IOC_ENCLAVE_CREATE \
_IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
-#define SGX_IOC_ENCLAVE_ADD_PAGE \
- _IOW(SGX_MAGIC, 0x01, struct sgx_enclave_add_page)
+#define SGX_IOC_ENCLAVE_ADD_PAGES \
+ _IOW(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
#define SGX_IOC_ENCLAVE_INIT \
_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
#define SGX_IOC_ENCLAVE_SET_ATTRIBUTE \
@@ -32,21 +32,22 @@ struct sgx_enclave_create {
};
/**
- * struct sgx_enclave_add_page - parameter structure for the
- * %SGX_IOC_ENCLAVE_ADD_PAGE ioctl
- * @addr: address within the ELRANGE
- * @src: address for the page data
- * @secinfo: address for the SECINFO data
- * @mrmask: bitmask for the measured 256 byte chunks
+ * struct sgx_enclave_add_pages - parameter structure for the
+ * %SGX_IOC_ENCLAVE_ADD_PAGES ioctl
+ * @addr: start address within the ELRANGE
+ * @src: start address for the pages' data
+ * @secinfo: address for the SECINFO data (common to all pages)
+ * @nr_pages: number of pages (must be virtually contiguous)
+ * @mrmask: bitmask for the measured 256 byte chunks (common to all pages)
*/
-struct sgx_enclave_add_page {
+struct sgx_enclave_add_pages {
__u64 addr;
__u64 src;
__u64 secinfo;
+ __u32 nr_pages;
__u16 mrmask;
} __attribute__((__packed__));
-
/**
* struct sgx_enclave_init - parameter structure for the
* %SGX_IOC_ENCLAVE_INIT ioctl
diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
index a27ec26a9350..6acfcbdeca9a 100644
--- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
@@ -487,10 +487,9 @@ static int sgx_validate_tcs(struct sgx_encl *encl, struct sgx_tcs *tcs)
return 0;
}
-static int __sgx_encl_add_page(struct sgx_encl *encl,
+static int sgx_encl_queue_page(struct sgx_encl *encl,
struct sgx_encl_page *encl_page,
- void *data,
- struct sgx_secinfo *secinfo,
+ void *data, struct sgx_secinfo *secinfo,
unsigned int mrmask)
{
unsigned long page_index = sgx_encl_get_index(encl, encl_page);
@@ -529,9 +528,9 @@ static int __sgx_encl_add_page(struct sgx_encl *encl,
return 0;
}
-static int sgx_encl_add_page(struct sgx_encl *encl, unsigned long addr,
- void *data, struct sgx_secinfo *secinfo,
- unsigned int mrmask)
+static int __sgx_encl_add_page(struct sgx_encl *encl, unsigned long addr,
+ void *data, struct sgx_secinfo *secinfo,
+ unsigned int mrmask)
{
u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK;
struct sgx_encl_page *encl_page;
@@ -563,7 +562,7 @@ static int sgx_encl_add_page(struct sgx_encl *encl, unsigned long addr,
goto out;
}
- ret = __sgx_encl_add_page(encl, encl_page, data, secinfo, mrmask);
+ ret = sgx_encl_queue_page(encl, encl_page, data, secinfo, mrmask);
if (ret) {
radix_tree_delete(&encl_page->encl->page_tree,
PFN_DOWN(encl_page->desc));
@@ -575,56 +574,79 @@ static int sgx_encl_add_page(struct sgx_encl *encl, unsigned long addr,
return ret;
}
-/**
- * sgx_ioc_enclave_add_page - handler for %SGX_IOC_ENCLAVE_ADD_PAGE
- *
- * @filep: open file to /dev/sgx
- * @cmd: the command value
- * @arg: pointer to an &sgx_enclave_add_page instance
- *
- * Add a page to an uninitialized enclave (EADD), and optionally extend the
- * enclave's measurement with the contents of the page (EEXTEND). EADD and
- * EEXTEND are done asynchronously via worker threads. A successful
- * sgx_ioc_enclave_add_page() only indicates the page has been added to the
- * work queue, it does not guarantee adding the page to the enclave will
- * succeed.
- *
- * Return:
- * 0 on success,
- * -errno otherwise
- */
-static long sgx_ioc_enclave_add_page(struct file *filep, unsigned int cmd,
- unsigned long arg)
+static int sgx_encl_add_page(struct sgx_encl *encl, unsigned long addr,
+ unsigned long src, struct sgx_secinfo *secinfo,
+ unsigned int mrmask)
{
- struct sgx_enclave_add_page *addp = (void *)arg;
- struct sgx_encl *encl = filep->private_data;
- struct sgx_secinfo secinfo;
struct page *data_page;
void *data;
int ret;
- if (copy_from_user(&secinfo, (void __user *)addp->secinfo,
- sizeof(secinfo)))
- return -EFAULT;
-
data_page = alloc_page(GFP_HIGHUSER);
if (!data_page)
return -ENOMEM;
data = kmap(data_page);
- if (copy_from_user((void *)data, (void __user *)addp->src, PAGE_SIZE)) {
+ if (copy_from_user((void *)data, (void __user *)src, PAGE_SIZE)) {
ret = -EFAULT;
goto out;
}
- ret = sgx_encl_add_page(encl, addp->addr, data, &secinfo, addp->mrmask);
- if (ret)
- goto out;
-
+ ret = __sgx_encl_add_page(encl, addr, data, secinfo, mrmask);
out:
kunmap(data_page);
__free_page(data_page);
+
+ return ret;
+}
+
+/**
+ * sgx_ioc_enclave_add_pages - handler for %SGX_IOC_ENCLAVE_ADD_PAGES
+ *
+ * @filep: open file to /dev/sgx
+ * @cmd: the command value
+ * @arg: pointer to an &sgx_enclave_add_page instance
+ *
+ * Add a range of pages to an uninitialized enclave (EADD), and optionally
+ * extend the enclave's measurement with the contents of the page (EEXTEND).
+ * The range of pages must be virtually contiguous. The SECINFO and
+ * measurement maskare applied to all pages, i.e. pages with different
+ * properties must be added in separate calls.
+ *
+ * EADD and EEXTEND are done asynchronously via worker threads. A successful
+ * sgx_ioc_enclave_add_page() only indicates the pages have been added to the
+ * work queue, it does not guarantee adding the pages to the enclave will
+ * succeed.
+ *
+ * Return:
+ * 0 on success,
+ * -errno otherwise
+ */
+static long sgx_ioc_enclave_add_pages(struct file *filep, unsigned int cmd,
+ unsigned long arg)
+{
+ struct sgx_enclave_add_pages *addp = (void *)arg;
+ struct sgx_encl *encl = filep->private_data;
+ struct sgx_secinfo secinfo;
+ unsigned int i;
+ int ret;
+
+ if (copy_from_user(&secinfo, (void __user *)addp->secinfo,
+ sizeof(secinfo)))
+ return -EFAULT;
+
+ for (i = 0, ret = 0; i < addp->nr_pages && !ret; i++) {
+ if (signal_pending(current))
+ return -ERESTARTSYS;
+
+ if (need_resched())
+ cond_resched();
+
+ ret = sgx_encl_add_page(encl, addp->addr + i*PAGE_SIZE,
+ addp->src + i*PAGE_SIZE,
+ &secinfo, addp->mrmask);
+ }
return ret;
}
@@ -823,8 +845,8 @@ long sgx_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
case SGX_IOC_ENCLAVE_CREATE:
handler = sgx_ioc_enclave_create;
break;
- case SGX_IOC_ENCLAVE_ADD_PAGE:
- handler = sgx_ioc_enclave_add_page;
+ case SGX_IOC_ENCLAVE_ADD_PAGES:
+ handler = sgx_ioc_enclave_add_pages;
break;
case SGX_IOC_ENCLAVE_INIT:
handler = sgx_ioc_enclave_init;
--
2.21.0
More information about the Linux-security-module-archive
mailing list