Re: [PATCH v28 11/22] x86/sgx: Linux Enclave Driver

From: Jethro Beekman
Date: Thu Mar 05 2020 - 13:24:32 EST


On 2020-03-05 18:40, Sean Christopherson wrote:
> On Wed, Mar 04, 2020 at 01:35:58AM +0200, Jarkko Sakkinen wrote:
>> diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
>> new file mode 100644
>> index 000000000000..5edb08ab8fd0
>> --- /dev/null
>> +++ b/arch/x86/include/uapi/asm/sgx.h
>> @@ -0,0 +1,66 @@
>> +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) WITH Linux-syscall-note */
>> +/*
>> + * Copyright(c) 2016-19 Intel Corporation.
>> + */
>> +#ifndef _UAPI_ASM_X86_SGX_H
>> +#define _UAPI_ASM_X86_SGX_H
>> +
>> +#include <linux/types.h>
>> +#include <linux/ioctl.h>
>> +
>> +/**
>> + * enum sgx_epage_flags - page control flags
>> + * %SGX_PAGE_MEASURE: Measure the page contents with a sequence of
>> + * ENCLS[EEXTEND] operations.
>> + */
>> +enum sgx_page_flags {
>> + SGX_PAGE_MEASURE = 0x01,
>> +};
>> +
>> +#define SGX_MAGIC 0xA4
>> +
>> +#define SGX_IOC_ENCLAVE_CREATE \
>> + _IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
>> +#define SGX_IOC_ENCLAVE_ADD_PAGES \
>> + _IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
>> +#define SGX_IOC_ENCLAVE_INIT \
>> + _IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
>> +
>> +/**
>> + * struct sgx_enclave_create - parameter structure for the
>> + * %SGX_IOC_ENCLAVE_CREATE ioctl
>> + * @src: address for the SECS page data
>> + */
>> +struct sgx_enclave_create {
>> + __u64 src;
>
> Would it make sense to add reserved fields to the structs so that new
> features can be added in a backwards compatible way? E.g. if we want to
> allow userspace to control the backing store by passing in a file
> descriptor ENCLAVE_CREATE.

Reserving space for future fields is not necessary because the size of the struct is encoded in the ioctl number. The kernel can use this to differentiate between different call versions from userspace.

--
Jethro Beekman | Fortanix

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature