Message ID | 20220304093524.397485-18-jarkko@kernel.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show
Return-Path: <linux-sgx-owner@kernel.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88689C4321E for <linux-sgx@archiver.kernel.org>; Fri, 4 Mar 2022 09:38:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237514AbiCDJip (ORCPT <rfc822;linux-sgx@archiver.kernel.org>); Fri, 4 Mar 2022 04:38:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239440AbiCDJiK (ORCPT <rfc822;linux-sgx@vger.kernel.org>); Fri, 4 Mar 2022 04:38:10 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 245A91A7DB4; Fri, 4 Mar 2022 01:37:05 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id AD3D161631; Fri, 4 Mar 2022 09:37:04 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 834E1C340E9; Fri, 4 Mar 2022 09:37:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1646386623; bh=XaeaiWxlktYedaApb7MGtb/X/9dEnZ9X6kqkinK/b0U=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=HmrMGkMMpwoInVQeT4IEeiAsGsS0L0Sv9FciUvaMHj6505mx8UlDLTc2bHYTh00Wb 3nSNjNXa4z2yEN0Alc5ntYJ5k7wNc5gvjlTua4V6Mn5rB2L55SUBksx9HpTcmlI1NY w5hncpQ1HZlZse3Mryx5A9wA3F+sYlJfFVfVL+DiGw1zRtkdVjpfXX0U3C3shjySTj zpgcoGAlnC+0hzzKtY6f4awbZSvqJCIWWCTAvtPuJrfCymKhqUfbrPeuy70TqedEq8 mclRCeuSx8RYcmv2eWqlO3M746VCv8ihyViNOo2wbG9b/oh+EPkyl6GNJENHoB1iUn eXQUlHNI7zWFw== From: Jarkko Sakkinen <jarkko@kernel.org> To: linux-sgx@vger.kernel.org Cc: Nathaniel McCallum <nathaniel@profian.com>, Reinette Chatre <reinette.chatre@intel.com>, Jarkko Sakkinen <jarkko@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, x86@kernel.org (maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)), "H. Peter Anvin" <hpa@zytor.com>, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [RFC PATCH v2.1 18/30] x86/sgx: Tighten accessible memory range after enclave initialization Date: Fri, 4 Mar 2022 11:35:12 +0200 Message-Id: <20220304093524.397485-18-jarkko@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220304093524.397485-1-jarkko@kernel.org> References: <20220304093524.397485-1-jarkko@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: <linux-sgx.vger.kernel.org> X-Mailing-List: linux-sgx@vger.kernel.org |
Series |
[RFC,v2.1,01/30] x86/sgx: Add short descriptions to ENCLS wrappers
|
expand
|
diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c index 9602b6db831b..f775995a75e2 100644 --- a/arch/x86/kernel/cpu/sgx/encl.c +++ b/arch/x86/kernel/cpu/sgx/encl.c @@ -402,6 +402,11 @@ int sgx_encl_may_map(struct sgx_encl *encl, unsigned long start, XA_STATE(xas, &encl->page_array, PFN_DOWN(start)); + /* Disallow mapping outside enclave's address range. */ + if (test_bit(SGX_ENCL_INITIALIZED, &encl->flags) && + (start < encl->base || end > encl->base + encl->size)) + return -EACCES; + /* * Disallow READ_IMPLIES_EXEC tasks as their VMA permissions might * conflict with the enclave page permissions.