Re: [PATCH] x86/sgx: Allow RW for TCS pages
From: Reinette Chatre
Date: Mon Mar 28 2022 - 16:29:07 EST
Hi Jarkko,
On 3/19/2022 9:30 AM, Jarkko Sakkinen wrote:
> Not allowing to set RW for added TCS pages leads only to a special case
> to be handled in the user space run-time. Thus, allow permissions to be
> set RW. Originally, it would have probably made more sense to check up
> that the permissions are RW.
>
> Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
> ---
> arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> index 83df20e3e633..f79761ad0400 100644
> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> @@ -215,7 +215,7 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)
> * CPU will silently overwrite the permissions as zero, which means
> * that we need to validate it ourselves.
> */
> - if (pt == SGX_SECINFO_TCS && perm)
> + if (pt == SGX_SECINFO_TCS && (perm != 0 || perm != (PROT_READ | PROT_WRITE)))
> return -EINVAL;
>
> if (secinfo->flags & SGX_SECINFO_RESERVED_MASK)
The comments above sgx_ioc_enclave_add_pages() seem to indicate that zero
permissions are required:
"A SECINFO for a TCS is required to always contain zero permissions because
CPU silently zeros them. Allowing anything else would cause a mismatch in
the measurement."
Reinette