From patchwork Thu Oct 12 09:44:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 10001385 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F2060603B5 for ; Thu, 12 Oct 2017 09:44:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E365E28CA8 for ; Thu, 12 Oct 2017 09:44:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D818628CD9; Thu, 12 Oct 2017 09:44:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 84D0128CA8 for ; Thu, 12 Oct 2017 09:44:20 +0000 (UTC) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 7DAB221F3883B; Thu, 12 Oct 2017 02:40:49 -0700 (PDT) X-Original-To: intel-sgx-kernel-dev@lists.01.org Delivered-To: intel-sgx-kernel-dev@lists.01.org Received-SPF: None (no SPF record) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=jarkko.sakkinen@linux.intel.com; receiver=intel-sgx-kernel-dev@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id E33A021F3883A for ; Thu, 12 Oct 2017 02:40:47 -0700 (PDT) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga105.fm.intel.com with ESMTP; 12 Oct 2017 02:44:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos; i="5.43,365,1503385200"; d="scan'208"; a="1229950519" Received: from jsakkine-mobl1.tm.intel.com (HELO localhost) ([10.237.50.92]) by fmsmga002.fm.intel.com with ESMTP; 12 Oct 2017 02:44:16 -0700 From: Jarkko Sakkinen To: intel-sgx-kernel-dev@lists.01.org Date: Thu, 12 Oct 2017 12:44:08 +0300 Message-Id: <20171012094408.10301-1-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.14.1 Subject: [intel-sgx-kernel-dev] [PATCH] intel_sgx: tie LE proxy life-cycle to the device file X-BeenThere: intel-sgx-kernel-dev@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: =?iso-8859-1?q?Project=3A_Intel=AE_Software_Guard_Extensions_for_Linux*=3A_https=3A//01=2Eorg/intel-software-guard-extensions?= List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: platform-driver-x86@vger.kernel.org MIME-Version: 1.0 Errors-To: intel-sgx-kernel-dev-bounces@lists.01.org Sender: "intel-sgx-kernel-dev" X-Virus-Scanned: ClamAV using ClamSMTP Added sgx_file_sem to keep track of the device file. The LE proxy is started when it is first opened and closed after no thread is using it anymore. By doing this LE proxy does not need to be started and stopped for every token generated. This will also make sure that the ioctl API is accessible if and only if the kernel is able to launch enclaves. Signed-off-by: Jarkko Sakkinen --- This an update to the RFC v3 patch set. It will be included to v4. drivers/platform/x86/intel_sgx/sgx.h | 2 + drivers/platform/x86/intel_sgx/sgx_le.c | 66 ++++++++++++++++++++----------- drivers/platform/x86/intel_sgx/sgx_main.c | 31 +++++++++++++++ 3 files changed, 76 insertions(+), 23 deletions(-) diff --git a/drivers/platform/x86/intel_sgx/sgx.h b/drivers/platform/x86/intel_sgx/sgx.h index cf66bda37c1f..69b61c63b53d 100644 --- a/drivers/platform/x86/intel_sgx/sgx.h +++ b/drivers/platform/x86/intel_sgx/sgx.h @@ -255,6 +255,8 @@ extern struct sgx_le_ctx sgx_le_ctx; int sgx_le_init(struct sgx_le_ctx *ctx); void sgx_le_exit(struct sgx_le_ctx *ctx); +void sgx_le_stop(struct sgx_le_ctx *ctx); +int sgx_le_start(struct sgx_le_ctx *ctx); int sgx_le_get_token(struct sgx_le_ctx *ctx, const struct sgx_encl *encl, diff --git a/drivers/platform/x86/intel_sgx/sgx_le.c b/drivers/platform/x86/intel_sgx/sgx_le.c index c4ed8e1ea70b..7c78dc6bf512 100644 --- a/drivers/platform/x86/intel_sgx/sgx_le.c +++ b/drivers/platform/x86/intel_sgx/sgx_le.c @@ -178,7 +178,7 @@ static int sgx_le_task_init(struct subprocess_info *subinfo, struct cred *new) return 0; } -static void sgx_le_stop(struct sgx_le_ctx *ctx) +static void __sgx_le_stop(struct sgx_le_ctx *ctx) { int i; @@ -198,7 +198,15 @@ static void sgx_le_stop(struct sgx_le_ctx *ctx) } } -static int sgx_le_start(struct sgx_le_ctx *ctx) + +void sgx_le_stop(struct sgx_le_ctx *ctx) +{ + mutex_lock(&ctx->lock); + __sgx_le_stop(ctx); + mutex_unlock(&ctx->lock); +} + +static int __sgx_le_start(struct sgx_le_ctx *ctx) { struct subprocess_info *subinfo; int ret; @@ -217,13 +225,24 @@ static int sgx_le_start(struct sgx_le_ctx *ctx) ret = call_usermodehelper_exec(subinfo, UMH_WAIT_EXEC); if (ret) { - sgx_le_stop(ctx); + __sgx_le_stop(ctx); return ret; } return 0; } +int sgx_le_start(struct sgx_le_ctx *ctx) +{ + int ret; + + mutex_lock(&ctx->lock); + ret = __sgx_le_start(ctx); + mutex_unlock(&ctx->lock); + + return ret; +} + int sgx_le_init(struct sgx_le_ctx *ctx) { struct crypto_shash *tfm; @@ -241,50 +260,51 @@ int sgx_le_init(struct sgx_le_ctx *ctx) void sgx_le_exit(struct sgx_le_ctx *ctx) { mutex_lock(&ctx->lock); - sgx_le_stop(ctx); crypto_free_shash(ctx->tfm); mutex_unlock(&ctx->lock); } -int sgx_le_get_token(struct sgx_le_ctx *ctx, - const struct sgx_encl *encl, - const struct sgx_sigstruct *sigstruct, - struct sgx_einittoken *token) +static int __sgx_le_get_token(struct sgx_le_ctx *ctx, + const struct sgx_encl *encl, + const struct sgx_sigstruct *sigstruct, + struct sgx_einittoken *token) { u8 mrsigner[32]; ssize_t ret; - mutex_lock(&ctx->lock); - ret = sgx_get_key_hash(ctx->tfm, sigstruct->modulus, mrsigner); if (ret) - goto out_unlock; - - ret = sgx_le_start(ctx); - if (ret) - goto out_unlock; + return ret; ret = sgx_le_write(ctx->pipes[0], sigstruct->body.mrenclave, 32); if (ret) - goto out_stop; + return ret; ret = sgx_le_write(ctx->pipes[0], mrsigner, 32); if (ret) - goto out_stop; + return ret; ret = sgx_le_write(ctx->pipes[0], &encl->attributes, sizeof(uint64_t)); if (ret) - goto out_stop; + return ret; ret = sgx_le_write(ctx->pipes[0], &encl->xfrm, sizeof(uint64_t)); if (ret) - goto out_stop; + return ret; - ret = sgx_le_read(ctx->pipes[1], token, sizeof(*token)); + return sgx_le_read(ctx->pipes[1], token, sizeof(*token)); +} -out_stop: - sgx_le_stop(ctx); -out_unlock: +int sgx_le_get_token(struct sgx_le_ctx *ctx, + const struct sgx_encl *encl, + const struct sgx_sigstruct *sigstruct, + struct sgx_einittoken *token) +{ + int ret; + + mutex_lock(&ctx->lock); + ret = __sgx_le_get_token(ctx, encl, sigstruct, token); mutex_unlock(&ctx->lock); + return ret; } diff --git a/drivers/platform/x86/intel_sgx/sgx_main.c b/drivers/platform/x86/intel_sgx/sgx_main.c index 8c5fbe9ee870..c15a063bfc7e 100644 --- a/drivers/platform/x86/intel_sgx/sgx_main.c +++ b/drivers/platform/x86/intel_sgx/sgx_main.c @@ -93,6 +93,35 @@ u32 sgx_xsave_size_tbl[64]; bool sgx_locked_msrs; u64 sgx_le_pubkeyhash[4]; +static DECLARE_RWSEM(sgx_file_sem); + +static int sgx_open(struct inode *inode, struct file *file) +{ + int ret; + + down_read(&sgx_file_sem); + + ret = sgx_le_start(&sgx_le_ctx); + if (ret) { + up_read(&sgx_file_sem); + return ret; + } + + return 0; +} + +static int sgx_release(struct inode *inode, struct file *file) +{ + up_read(&sgx_file_sem); + + if (down_write_trylock(&sgx_file_sem)) { + sgx_le_stop(&sgx_le_ctx); + up_write(&sgx_file_sem); + } + + return 0; +} + #ifdef CONFIG_COMPAT long sgx_compat_ioctl(struct file *filep, unsigned int cmd, unsigned long arg) { @@ -147,6 +176,8 @@ static unsigned long sgx_get_unmapped_area(struct file *file, const struct file_operations sgx_fops = { .owner = THIS_MODULE, + .open = sgx_open, + .release = sgx_release, .unlocked_ioctl = sgx_ioctl, #ifdef CONFIG_COMPAT .compat_ioctl = sgx_compat_ioctl,