From patchwork Mon Nov 4 20:01:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 11226355 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3C08F13A4 for ; Mon, 4 Nov 2019 20:02:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 22CD220869 for ; Mon, 4 Nov 2019 20:02:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728766AbfKDUCM (ORCPT ); Mon, 4 Nov 2019 15:02:12 -0500 Received: from mga11.intel.com ([192.55.52.93]:7136 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728409AbfKDUCM (ORCPT ); Mon, 4 Nov 2019 15:02:12 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Nov 2019 12:02:13 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,268,1569308400"; d="scan'208";a="200584333" Received: from rczubala-mobl.ger.corp.intel.com (HELO localhost) ([10.252.7.245]) by fmsmga007.fm.intel.com with ESMTP; 04 Nov 2019 12:02:10 -0800 From: Jarkko Sakkinen To: linux-sgx@vger.kernel.org Cc: Jarkko Sakkinen Subject: [PATCH for v24 1/3] x86/sgx: Use GFP_KERNEL for allocations Date: Mon, 4 Nov 2019 22:01:39 +0200 Message-Id: <20191104200141.5385-1-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Sender: linux-sgx-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-sgx@vger.kernel.org The reasoning is the same as in http://git.infradead.org/users/jjs/linux-tpmdd.git/commit/abd55954f91a3aacc1d260d2411cf776ec4d5fd2 Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/ioctl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 5b28a9c0cb68..d53aee5a64c1 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -259,7 +259,7 @@ static long sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg) if (copy_from_user(&ecreate, arg, sizeof(ecreate))) return -EFAULT; - secs_page = alloc_page(GFP_HIGHUSER); + secs_page = alloc_page(GFP_KERNEL); if (!secs_page) return -ENOMEM; @@ -674,7 +674,7 @@ static long sgx_ioc_enclave_init(struct sgx_encl *encl, void __user *arg) if (copy_from_user(&einit, arg, sizeof(einit))) return -EFAULT; - initp_page = alloc_page(GFP_HIGHUSER); + initp_page = alloc_page(GFP_KERNEL); if (!initp_page) return -ENOMEM; From patchwork Mon Nov 4 20:01:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 11226357 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8B22013A4 for ; Mon, 4 Nov 2019 20:02:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 68E4720869 for ; Mon, 4 Nov 2019 20:02:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728829AbfKDUCQ (ORCPT ); Mon, 4 Nov 2019 15:02:16 -0500 Received: from mga17.intel.com ([192.55.52.151]:48552 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728409AbfKDUCQ (ORCPT ); Mon, 4 Nov 2019 15:02:16 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Nov 2019 12:02:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,268,1569308400"; d="scan'208";a="213645747" Received: from rczubala-mobl.ger.corp.intel.com (HELO localhost) ([10.252.7.245]) by orsmga002.jf.intel.com with ESMTP; 04 Nov 2019 12:02:13 -0800 From: Jarkko Sakkinen To: linux-sgx@vger.kernel.org Cc: Jarkko Sakkinen Subject: [PATCH for v24 2/3] x86/sgx: Destroy enclave if EADD fails Date: Mon, 4 Nov 2019 22:01:40 +0200 Message-Id: <20191104200141.5385-2-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191104200141.5385-1-jarkko.sakkinen@linux.intel.com> References: <20191104200141.5385-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Sender: linux-sgx-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-sgx@vger.kernel.org __sgx_encl_add_page() can only fail in the case of EPCM conflict at least in non-artificial situations. Also, it consistent semantics in rollback is something to pursue for. Thus, destroy enclave when the EADD fails as we do when EEXTEND fails already. In the cases it is sane to return -EIO. From this the caller can deduce the failure and knows that the enclave was destroyed. The previous -EFAULT could happen in numerous situations. Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/ioctl.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index d53aee5a64c1..289af607f634 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -338,7 +338,7 @@ static int __sgx_encl_add_page(struct sgx_encl *encl, kunmap_atomic((void *)pginfo.contents); put_page(src_page); - return ret ? -EFAULT : 0; + return ret ? -EIO : 0; } static int __sgx_encl_extend(struct sgx_encl *encl, @@ -353,7 +353,7 @@ static int __sgx_encl_extend(struct sgx_encl *encl, if (ret) { if (encls_failed(ret)) ENCLS_WARN(ret, "EEXTEND"); - return -EFAULT; + return -EIO; } } @@ -413,8 +413,10 @@ static int sgx_encl_add_page(struct sgx_encl *encl, ret = __sgx_encl_add_page(encl, encl_page, epc_page, secinfo, addp->src); - if (ret) + if (ret) { + sgx_encl_destroy(encl); goto err_out; + } /* * Complete the "add" before doing the "extend" so that the "add" @@ -498,10 +500,9 @@ static int sgx_encl_add_page(struct sgx_encl *encl, * * Return: * 0 on success, - * -EINVAL if any input param or the SECINFO contains invalid data, * -EACCES if an executable source page is located in a noexec partition, - * -ENOMEM if any memory allocation, including EPC, fails, - * -ERESTARTSYS if a pending signal is recognized + * -EIO if either ENCLS[EADD] or ENCLS[EEXTEND] fails + * -errno otherwise */ static long sgx_ioc_enclave_add_pages(struct sgx_encl *encl, void __user *arg) { From patchwork Mon Nov 4 20:01:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 11226359 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D84D01390 for ; Mon, 4 Nov 2019 20:02:19 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B68432084D for ; Mon, 4 Nov 2019 20:02:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728876AbfKDUCT (ORCPT ); Mon, 4 Nov 2019 15:02:19 -0500 Received: from mga17.intel.com ([192.55.52.151]:48552 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728409AbfKDUCT (ORCPT ); Mon, 4 Nov 2019 15:02:19 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Nov 2019 12:02:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,268,1569308400"; d="scan'208";a="213645768" Received: from rczubala-mobl.ger.corp.intel.com (HELO localhost) ([10.252.7.245]) by orsmga002.jf.intel.com with ESMTP; 04 Nov 2019 12:02:17 -0800 From: Jarkko Sakkinen To: linux-sgx@vger.kernel.org Cc: Jarkko Sakkinen Subject: [PATCH for v24 3/3] x86/sgx: Remove a subordinate clause Date: Mon, 4 Nov 2019 22:01:41 +0200 Message-Id: <20191104200141.5385-3-jarkko.sakkinen@linux.intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191104200141.5385-1-jarkko.sakkinen@linux.intel.com> References: <20191104200141.5385-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Sender: linux-sgx-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-sgx@vger.kernel.org The subordinate clause of last sentence of the sgx_ioc_enclave_pages() does not provide any insight not already provided. Thus, remove it. Also, using "i.e." (and "e.g.") in the documentation should be considered a bad practice because it leaves it open ended. Signed-off-by: Jarkko Sakkinen --- arch/x86/kernel/cpu/sgx/ioctl.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 289af607f634..87b2fb62825a 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -468,11 +468,9 @@ static int sgx_encl_add_page(struct sgx_encl *encl, * @encl: pointer to an enclave instance (via ioctl() file pointer) * @arg: a user pointer to a struct sgx_enclave_add_pages instance * - * Add (EADD) one or more pages to an uninitialized enclave, and optionally - * extend (EEXTEND) the measurement with the contents of the page. The range of - * pages must be virtually contiguous. The SECINFO and measurement mask are - * applied to all pages, i.e. pages with different properties must be added in - * separate calls. + * Add one or more pages to an uninitialized enclave, and optionally extend the + * measurement with the contents of the page. The address range of pages must + * be contiguous. The SECINFO and measurement mask are applied to all pages. * * A SECINFO for a TCS is required to always contain zero permissions because * CPU silently zeros them. Allowing anything else would cause a mismatch in