[PATCH v38 11/24] x86/sgx: Add SGX enclave driver

Jarkko Sakkinen jarkko.sakkinen at linux.intel.com
Thu Oct 1 18:49:56 UTC 2020


On Thu, Oct 01, 2020 at 10:36:53AM -0700, Sean Christopherson wrote:
> On Tue, Sep 15, 2020 at 02:28:29PM +0300, Jarkko Sakkinen wrote:
> > +int __init sgx_drv_init(void)
> > +{
> > +	unsigned int eax, ebx, ecx, edx;
> > +	u64 attr_mask, xfrm_mask;
> > +	int ret;
> > +	int i;
> > +
> > +	if (!boot_cpu_has(X86_FEATURE_SGX_LC)) {
> > +		pr_info("The public key MSRs are not writable.\n");
> > +		return -ENODEV;
> > +	}
> > +
> > +	cpuid_count(SGX_CPUID, 0, &eax, &ebx, &ecx, &edx);
> > +	sgx_misc_reserved_mask = ~ebx | SGX_MISC_RESERVED_MASK;
> > +	sgx_encl_size_max_64 = 1ULL << ((edx >> 8) & 0xFF);
> > +	sgx_encl_size_max_32 = 1ULL << (edx & 0xFF);
> > +
> > +	cpuid_count(SGX_CPUID, 1, &eax, &ebx, &ecx, &edx);
> > +
> > +	attr_mask = (((u64)ebx) << 32) + (u64)eax;
> > +	sgx_attributes_reserved_mask = ~attr_mask | SGX_ATTR_RESERVED_MASK;
> > +
> > +	if (boot_cpu_has(X86_FEATURE_OSXSAVE)) {
> > +		xfrm_mask = (((u64)edx) << 32) + (u64)ecx;
> > +
> > +		for (i = 2; i < 64; i++) {
> > +			cpuid_count(0x0D, i, &eax, &ebx, &ecx, &edx);
> > +			if ((1UL << i) & xfrm_mask)
> 
> Any reason not to use BIT()?  The max size computations are arguably not
> bit operation, but XFRM is a set of bits.

AFAIK, yes.

If you have bandwidth drop a patch for this and provision thing. I'm
busy with the documentation. If not, that's fine, I'll do it once I'm
able to.

Thanks.

/Jarkko



More information about the Linux-security-module-archive mailing list