git.osdn.net Git - tomoyo/tomoyo-test1.git/commit

author	Sean Christopherson <sean.j.christopherson@intel.com>
	Fri, 19 Mar 2021 07:23:09 +0000 (20:23 +1300)
committer	Borislav Petkov <bp@suse.de>
	Tue, 6 Apr 2021 17:18:46 +0000 (19:18 +0200)
commit	b3754e5d3da320af2bebb7a690002685c7f5c15c
tree	c52a0aece828f8fece27a5bf4842d3426ac6783f	tree \| snapshot
parent	d155030b1e7c0e448aab22a803f7a71ea2e117d7	commit \| diff

x86/sgx: Move provisioning device creation out of SGX driver

And extract sgx_set_attribute() out of sgx_ioc_enclave_provision() and
export it as symbol for KVM to use.

The provisioning key is sensitive. The SGX driver only allows to create
an enclave which can access the provisioning key when the enclave
creator has permission to open /dev/sgx_provision. It should apply to
a VM as well, as the provisioning key is platform-specific, thus an
unrestricted VM can also potentially compromise the provisioning key.

Move the provisioning device creation out of sgx_drv_init() to
sgx_init() as a preparation for adding SGX virtualization support,
so that even if the SGX driver is not enabled due to flexible launch
control not being available, SGX virtualization can still be enabled,
and use it to restrict a VM's capability of being able to access the
provisioning key.

[ bp: Massage commit message. ]

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Link: https://lkml.kernel.org/r/0f4d044d621561f26d5f4ef73e8dc6cd18cc7e79.1616136308.git.kai.huang@intel.com

arch/x86/include/asm/sgx.h		diff \| blob \| history
arch/x86/kernel/cpu/sgx/driver.c		diff \| blob \| history
arch/x86/kernel/cpu/sgx/ioctl.c		diff \| blob \| history
arch/x86/kernel/cpu/sgx/main.c		diff \| blob \| history