Re: [PATCH v36 03/24] x86/mm: x86/sgx: Signal SIGSEGV with PF_SGX
From: Jarkko Sakkinen
Date: Fri Aug 21 2020 - 13:35:46 EST
On Thu, Aug 20, 2020 at 05:31:14PM +0200, Borislav Petkov wrote:
> On Thu, Jul 16, 2020 at 04:52:42PM +0300, Jarkko Sakkinen wrote:
> > From: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> >
> > Include SGX bit to the PF error codes and throw SIGSEGV with PF_SGX when
> > a #PF with SGX set happens.
> >
> > CPU throws a #PF with the SGX set in the event of Enclave Page Cache Map
> > (EPCM) conflict. The EPCM is a CPU-internal table, which describes the
> > properties for a enclave page. Enclaves are measured and signed software
> > entities, which SGX hosts. [1]
> >
> > Although the primary purpose of the EPCM conflict checks is to prevent
> > malicious accesses to an enclave, an illegit access can happen also for
> > legit reasons.
> >
> > All SGX reserved memory, including EPCM is encrypted with a transient key
> > that does not survive from the power transition. Throwing a SIGSEGV allows
> > user space software to react when this happens (e.g. recreate the enclave,
> > which was invalidated).
> >
> > [1] Intel SDM: 36.5.1 Enclave Page Cache Map (EPCM)
> >
> > Acked-by: Jethro Beekman <jethro@xxxxxxxxxxxx>
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
> > ---
> > arch/x86/include/asm/traps.h | 14 ++++++++------
> > arch/x86/mm/fault.c | 13 +++++++++++++
> > 2 files changed, 21 insertions(+), 6 deletions(-)
>
> Reviewed-by: Borislav Petkov <bp@xxxxxxx>
Thank you. Appended to the commit.
>
> --
> Regards/Gruss,
> Boris.
>
> https://people.kernel.org/tglx/notes-about-netiquette
/Jarkko