x86/sgx: Add SGX_IOC_ENCLAVE_ADD_PAGES

mainline inclusion
from mainline-v5.11-rc1
commit c6d26d37
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4SIGI


CVE: NA

--------------------------------

SGX enclave pages are inaccessible to normal software. They must be
populated with data by copying from normal memory with the help of the
EADD and EEXTEND functions of the ENCLS instruction.

Add an ioctl() which performs EADD that adds new data to an enclave, and
optionally EEXTEND functions that hash the page contents and use the
hash as part of enclave “measurement” to ensure enclave integrity.

The enclave author gets to decide which pages will be included in the
enclave measurement with EEXTEND. Measurement is very slow and has
sometimes has very little value. For instance, an enclave _could_
measure every page of data and code, but would be slow to initialize.
Or, it might just measure its code and then trust that code to
initialize the bulk of its data after it starts running.

Intel-SIG: commit c6d26d37 x86/sgx: Add SGX_IOC_ENCLAVE_ADD_PAGES
Backport for SGX Foundations support

Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Jethro Beekman <jethro@fortanix.com>
Link: https://lkml.kernel.org/r/20201112220135.165028-14-jarkko@kernel.org


Signed-off-by: Fan Du <fan.du@intel.com> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Bamvor Zhang <bamvor.zhang@suse.com>
Signed-off-by: Zheng Zengkai <zhengzengkai@huawei.com>