Re: [PATCH v39 05/24] x86/sgx: Add wrappers for ENCLS leaf functions

From: Dave Hansen
Date: Mon Oct 19 2020 - 10:30:54 EST


On 10/2/20 9:50 PM, Jarkko Sakkinen wrote:
> +/**
> + * encls_failed() - Check if an ENCLS leaf function failed
> + * @ret: the return value of an ENCLS leaf function call
> + *
> + * Check if an ENCLS leaf function failed. This happens when the leaf function
> + * causes a fault that is not caused by an EPCM conflict or when the leaf
> + * function returns a non-zero value.
> + */
> +static inline bool encls_failed(int ret)
> +{
> + int epcm_trapnr;
> +
> + if (boot_cpu_has(X86_FEATURE_SGX2))
> + epcm_trapnr = X86_TRAP_PF;
> + else
> + epcm_trapnr = X86_TRAP_GP;

So, the SDM makes it sound like the only thing that changes from
SGX1->SGX2 is the ENCLS leafs supported. Since the kernel doesn't use
any SGX2 leaf functions, this would imply there is some other
architecture change which is visible. *But* I don't see any evidence of
this in the SDM, at least from a quick scan.

Why is this here?

> + if (ret & ENCLS_FAULT_FLAG)
> + return ENCLS_TRAPNR(ret) != epcm_trapnr;
> +
> + return !!ret;
> +}