Commit 8123073c authored by Jarkko Sakkinen's avatar Jarkko Sakkinen Committed by Dave Hansen
Browse files

x86/sgx: Export sgx_encl_page_alloc() 



Move sgx_encl_page_alloc() to encl.c and export it so that it can be
used in the implementation for support of adding pages to initialized
enclaves, which requires to allocate new enclave pages.

Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: default avatarReinette Chatre <reinette.chatre@intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Link: https://lkml.kernel.org/r/57ae71b4ea17998467670232e12d6617b95c6811.1652137848.git.reinette.chatre@intel.com
parent 3a535141

arch/x86/kernel/cpu/sgx/encl.c

+32 −0
Original line number Diff line number Diff line
@@ -887,6 +887,38 @@ int sgx_encl_test_and_clear_young(struct mm_struct *mm, 
	return ret;

}



struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl,

					  unsigned long offset,

					  u64 secinfo_flags)

{

	struct sgx_encl_page *encl_page;

	unsigned long prot;



	encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL);

	if (!encl_page)

		return ERR_PTR(-ENOMEM);



	encl_page->desc = encl->base + offset;

	encl_page->encl = encl;



	prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ)  |

	       _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) |

	       _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC);



	/*

	 * TCS pages must always RW set for CPU access while the SECINFO

	 * permissions are *always* zero - the CPU ignores the user provided

	 * values and silently overwrites them with zero permissions.

	 */

	if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS)

		prot |= PROT_READ | PROT_WRITE;



	/* Calculate maximum of the VM flags for the page. */

	encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0);



	return encl_page;

}



/**

 * sgx_zap_enclave_ptes() - remove PTEs mapping the address from enclave

 * @encl: the enclave

arch/x86/kernel/cpu/sgx/encl.h

+3 −0
Original line number Diff line number Diff line
@@ -112,6 +112,9 @@ int sgx_encl_get_backing(struct sgx_encl *encl, unsigned long page_index, 
void sgx_encl_put_backing(struct sgx_backing *backing);

int sgx_encl_test_and_clear_young(struct mm_struct *mm,

				  struct sgx_encl_page *page);

struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl,

					  unsigned long offset,

					  u64 secinfo_flags);

void sgx_zap_enclave_ptes(struct sgx_encl *encl, unsigned long addr);

struct sgx_epc_page *sgx_alloc_va_page(void);

unsigned int sgx_alloc_va_slot(struct sgx_va_page *va_page);

arch/x86/kernel/cpu/sgx/ioctl.c

+0 −32
Original line number Diff line number Diff line
@@ -169,38 +169,6 @@ static long sgx_ioc_enclave_create(struct sgx_encl *encl, void __user *arg) 
	return ret;

}



static struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl,

						 unsigned long offset,

						 u64 secinfo_flags)

{

	struct sgx_encl_page *encl_page;

	unsigned long prot;



	encl_page = kzalloc(sizeof(*encl_page), GFP_KERNEL);

	if (!encl_page)

		return ERR_PTR(-ENOMEM);



	encl_page->desc = encl->base + offset;

	encl_page->encl = encl;



	prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ)  |

	       _calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) |

	       _calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC);



	/*

	 * TCS pages must always RW set for CPU access while the SECINFO

	 * permissions are *always* zero - the CPU ignores the user provided

	 * values and silently overwrites them with zero permissions.

	 */

	if ((secinfo_flags & SGX_SECINFO_PAGE_TYPE_MASK) == SGX_SECINFO_TCS)

		prot |= PROT_READ | PROT_WRITE;



	/* Calculate maximum of the VM flags for the page. */

	encl_page->vm_max_prot_bits = calc_vm_prot_bits(prot, 0);



	return encl_page;

}



static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)

{

	u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK;