In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com --- arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes; - encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS; + encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
/* Set only after completion, as encl->lock has not been taken. */ set_bit(SGX_ENCL_CREATED, &encl->flags);
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
Alternatively, move the existing code to sgx_open()? Initializing the field when the encl object is allocated feels more correct.
/* Set only after completion, as encl->lock has not been taken. */ set_bit(SGX_ENCL_CREATED, &encl->flags); -- 2.19.1.3.ge56e4f7
Hi,
On 1/20/21 4:05 AM, Sean Christopherson wrote:
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
Alternatively, move the existing code to sgx_open()? Initializing the field when the encl object is allocated feels more correct.
This seems like a good idea. Thanks for your suggestion. I have sent v2 patch, include the next two patches.
Best regards, Tianjia
On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
Hi,
On 1/20/21 4:05 AM, Sean Christopherson wrote:
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
Alternatively, move the existing code to sgx_open()? Initializing the field when the encl object is allocated feels more correct.
This seems like a good idea. Thanks for your suggestion. I have sent v2 patch, include the next two patches.
Did you ask from Sean about suggested-by's? Now it looks like that doing these patches were originally proposed by Sean.
/Jarkko
On Thu, Jan 21, 2021 at 12:34:49AM +0200, Jarkko Sakkinen wrote:
On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
Hi,
On 1/20/21 4:05 AM, Sean Christopherson wrote:
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
Alternatively, move the existing code to sgx_open()? Initializing the field when the encl object is allocated feels more correct.
This seems like a good idea. Thanks for your suggestion. I have sent v2 patch, include the next two patches.
Did you ask from Sean about suggested-by's? Now it looks like that doing these patches were originally proposed by Sean.
Please do not add tags from people *unauthentically*. I do not see anything from Sean to any of the patches that would suggest adding those tags. You are basically just stamping that to all patches, which he has given a code review. Can you stop doing this?
/Jarkko
On 1/21/21 6:37 AM, Jarkko Sakkinen wrote:
On Thu, Jan 21, 2021 at 12:34:49AM +0200, Jarkko Sakkinen wrote:
On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
Hi,
On 1/20/21 4:05 AM, Sean Christopherson wrote:
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
Alternatively, move the existing code to sgx_open()? Initializing the field when the encl object is allocated feels more correct.
This seems like a good idea. Thanks for your suggestion. I have sent v2 patch, include the next two patches.
Did you ask from Sean about suggested-by's? Now it looks like that doing these patches were originally proposed by Sean.
Please do not add tags from people *unauthentically*. I do not see anything from Sean to any of the patches that would suggest adding those tags. You are basically just stamping that to all patches, which he has given a code review. Can you stop doing this?
/Jarkko
I am very sorry for the trouble caused to you, I have made improvements in the new patch, thanks for your suggestions.
Best regards, Tianjia
On Mon, Jan 18, 2021 at 09:33:35PM +0800, Tianjia Zhang wrote:
In function sgx_encl_create(), the logic of directly assigning value to attributes_mask determines that the call to SGX_IOC_ENCLAVE_PROVISION must be after the command of SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to or operation, the PROVISION command can be executed earlier and more flexibly.
Reported-by: Jia Zhang zhang.jia@linux.alibaba.com Signed-off-by: Tianjia Zhang tianjia.zhang@linux.alibaba.com
Why?
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index f45957c05f69..0ca3fc238bc2 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs) encl->base = secs->base; encl->size = secs->size; encl->attributes = secs->attributes;
- encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
- encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
/* Set only after completion, as encl->lock has not been taken. */ set_bit(SGX_ENCL_CREATED, &encl->flags); -- 2.19.1.3.ge56e4f7
linux-kselftest-mirror@lists.linaro.org
-
Jarkko Sakkinen -
Sean Christopherson -
Tianjia Zhang