OSDN Git Service

(root) / uclinux-h8 / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c6d26d3) | patch
x86/sgx: Add SGX_IOC_ENCLAVE_INIT
authorJarkko Sakkinen <jarkko@kernel.org>
Thu, 12 Nov 2020 22:01:25 +0000 (00:01 +0200)
committerBorislav Petkov <bp@suse.de>
Wed, 18 Nov 2020 17:02:49 +0000 (18:02 +0100)
commit9d0c151b41fed7b879030f4e533143d098781701
tree2a3545a00776ebbd81d2e3f39c61b7eef3576763tree | snapshot
parentc6d26d370767fa227fc44b98a8bdad112efdf563commit | diff
x86/sgx: Add SGX_IOC_ENCLAVE_INIT

Enclaves have two basic states. They are either being built and are
malleable and can be modified by doing things like adding pages. Or,
they are locked down and not accepting changes. They can only be run
after they have been locked down. The ENCLS[EINIT] function induces the
transition from being malleable to locked-down.

Add an ioctl() that performs ENCLS[EINIT]. After this, new pages can
no longer be added with ENCLS[EADD]. This is also the time where the
enclave can be measured to verify its integrity.

Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Jethro Beekman <jethro@fortanix.com>
Link: https://lkml.kernel.org/r/20201112220135.165028-15-jarkko@kernel.org
arch/x86/include/uapi/asm/sgx.h diff | blob | history
arch/x86/kernel/cpu/sgx/driver.c diff | blob | history
arch/x86/kernel/cpu/sgx/driver.h diff | blob | history
arch/x86/kernel/cpu/sgx/encl.h diff | blob | history
arch/x86/kernel/cpu/sgx/ioctl.c diff | blob | history
About OSDN
Find Software
Develop Software
Help