From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: platform-driver-x86@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Borislav Petkov <bp@suse.de>,
Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
Paolo Bonzini <pbonzini@redhat.com>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Kyle Huey <me@kylehuey.com>,
Vikas Shivappa <vikas.shivappa@linux.intel.com>,
Piotr Luc <piotr.luc@intel.com>,
Grzegorz Andrejczuk <grzegorz.andrejczuk@intel.com>
Subject: Re: [PATCH v6 04/11] x86: define IA32_FEATUE_CONTROL.SGX_LC
Date: Tue, 28 Nov 2017 13:44:50 -0800 [thread overview]
Message-ID: <1511905490.18982.13.camel@intel.com> (raw)
In-Reply-To: <20171128214055.gx7bre62iysz6px5@linux.intel.com>
On Tue, 2017-11-28 at 23:40 +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 28, 2017 at 11:24:07PM +0200, Jarkko Sakkinen wrote:
> >
> > On Tue, Nov 28, 2017 at 10:53:24PM +0200, Jarkko Sakkinen wrote:
> > >
> > > >
> > > > So, maybe something like this?
> > > >
> > > > After SGX is activated[1] the IA32_SGXLEPUBKEYHASHn MSRs are writable
> > > > if and only if SGX_LC is set in the IA32_FEATURE_CONTROL MSR and the
> > > > IA32_FEATURE_CONTROL MSR is locked, otherwise they are read-only.
> > > >
> > > > For example, firmware can allow the OS to change the launch enclave
> > > > root key by setting IA32_FEATURE_CONTROL.SGX_LC, and thus give the
> > > > OS complete control over the enclaves it runs. Alternatively,
> > > > firmware can clear IA32_FEATURE_CONTROL.SGX_LC to lock down the root
> > > > key and restrict the OS to running enclaves signed with the root key
> > > > or whitelisted/trusted by a launch enclave (which must be signed with
> > > > the root key).
> > > >
> > > > [1] SGX related bits in IA32_FEATURE_CONTROL cannot be set until SGX
> > > > is activated, e.g. by firmware. SGX activation is triggered by
> > > > setting bit 0 in MSR 0x7a. Until SGX is activated, the LE hash
> > > > MSRs are writable, e.g. to allow firmware to lock down the LE
> > > > root key with a non-Intel value.
> > > Thanks I'll use this as a basis and move most of the crappy commit
> > > message to the commit (with some editing) that defines the MSRs.
> > Not sure after all if I'm following this.
> >
> > IA32_FEATURE_CONTROL[17] contols whether the MSRs are writable or not
> > after the feature control MSR is locked. SGX_LC means just that the
> > CPU supports the launch configuration.
> >
> > /Jarkko
> I used this commit message with some minor editing in the commit that
> defines the MSRs and squashed commits that define cpuid level 7 bits.
> Can you peer check the commit messages? They are in the le branch.
>
> /Jarkko
The commit defines FEATURE_CONTROL_SGX_LAUNCH_CONTROL_ENABLE in addition
to the LE hash MSRs, which is why my suggestion referred to "SGX_LC" and
not simply bit 17. I used "SGX_LC" instead of the full name because
that's what your original commit messaged used (though it was attached
to the CPUID patch, thus all the confusion).
Anyways, I think the commit should have a blurb about defining bit 17,
and then refer to SGX_LAUNCH_CONTROL_ENABLE (or some variation) rather
than bit 17 when talking about its effects on SGX.
next prev parent reply other threads:[~2017-11-28 21:49 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-25 19:29 [PATCH v6 00/11] Intel SGX Driver Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 01/11] intel_sgx: updated MAINTAINERS Jarkko Sakkinen
2017-11-25 20:19 ` Joe Perches
2017-11-26 10:41 ` Bjørn Mork
2017-11-26 15:33 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 02/11] x86: add SGX definition to cpufeature Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 03/11] x86: define IA32_FEATURE_CONTROL.SGX_ENABLE Jarkko Sakkinen
2017-11-28 17:13 ` Sean Christopherson
2017-11-28 20:47 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 04/11] x86: define IA32_FEATUE_CONTROL.SGX_LC Jarkko Sakkinen
2017-11-28 17:16 ` Sean Christopherson
2017-11-28 18:28 ` Sean Christopherson
2017-11-28 20:53 ` Jarkko Sakkinen
2017-11-28 21:24 ` Jarkko Sakkinen
2017-11-28 21:33 ` Sean Christopherson
2017-11-28 21:55 ` Jarkko Sakkinen
2017-11-28 22:00 ` Sean Christopherson
2017-11-28 22:21 ` Jarkko Sakkinen
2017-11-29 15:38 ` Jarkko Sakkinen
2017-11-30 3:05 ` Kai Huang
2017-11-30 16:44 ` Jarkko Sakkinen
2017-11-28 21:40 ` Jarkko Sakkinen
2017-11-28 21:44 ` Sean Christopherson [this message]
2017-11-28 22:03 ` Jarkko Sakkinen
2017-11-28 22:11 ` Jarkko Sakkinen
2017-11-28 20:51 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 05/11] x86: add SGX MSRs to msr-index.h Jarkko Sakkinen
2017-11-28 17:22 ` Sean Christopherson
2017-11-28 20:48 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 06/11] intel_sgx: driver for Intel Software Guard Extensions Jarkko Sakkinen
2017-11-26 17:33 ` Jarkko Sakkinen
2017-11-26 18:46 ` Jarkko Sakkinen
2017-11-26 19:01 ` Jarkko Sakkinen
2017-11-29 18:02 ` Jarkko Sakkinen
2017-11-28 19:07 ` Sean Christopherson
2017-11-30 17:32 ` Sean Christopherson
2017-12-04 8:59 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 07/11] intel_sgx: ptrace() support Jarkko Sakkinen
2017-11-26 15:44 ` Jarkko Sakkinen
2017-11-26 15:50 ` Joe Perches
2017-11-26 16:53 ` Jarkko Sakkinen
2017-11-26 17:01 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 08/11] intel_sgx: in-kernel launch enclave Jarkko Sakkinen
2017-11-27 9:58 ` Till Smejkal
2017-11-28 20:17 ` Jarkko Sakkinen
2017-11-28 22:38 ` Jarkko Sakkinen
2017-12-04 9:23 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 09/11] fs/pipe.c: export create_pipe_files() and replace_fd() Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-11-28 14:35 ` Christoph Hellwig
2017-11-28 20:42 ` Jarkko Sakkinen
2017-11-28 21:05 ` Christoph Hellwig
2017-11-28 21:57 ` Jarkko Sakkinen
2017-11-29 23:13 ` Christoph Hellwig
2017-11-30 16:43 ` Jarkko Sakkinen
2017-11-30 18:38 ` James Bottomley
2017-12-04 9:00 ` Jarkko Sakkinen
2017-12-04 9:00 ` Jarkko Sakkinen
2017-12-07 17:37 ` Jarkko Sakkinen
2017-12-07 17:37 ` Jarkko Sakkinen
2017-12-08 13:05 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 10/11] intel_sgx: glue code for in-kernel LE Jarkko Sakkinen
2017-12-13 23:34 ` Christopherson, Sean J
2017-11-25 19:29 ` [PATCH v6 11/11] intel_sgx: driver documentation Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-12-12 14:07 ` [PATCH v6 00/11] Intel SGX Driver Pavel Machek
2017-12-12 14:07 ` Pavel Machek
2017-12-14 11:18 ` Jarkko Sakkinen
2017-12-14 11:18 ` Jarkko Sakkinen
2017-12-19 23:33 ` Jarkko Sakkinen
2017-12-19 23:33 ` Jarkko Sakkinen
2017-12-20 13:18 ` Jarkko Sakkinen
2017-12-20 13:18 ` Jarkko Sakkinen
2018-01-04 14:17 ` Cedric Blancher
2018-01-04 14:17 ` Cedric Blancher
2018-01-04 14:27 ` Greg Kroah-Hartman
2018-01-04 14:27 ` Greg Kroah-Hartman
2018-01-04 19:18 ` Ozgur
2018-01-04 15:08 ` James Bottomley
2018-01-04 15:08 ` James Bottomley
2018-01-09 14:27 ` Jarkko Sakkinen
2018-01-09 14:27 ` Jarkko Sakkinen
2018-02-08 8:46 ` Pavel Machek
2018-02-08 8:46 ` Pavel Machek
2018-02-08 13:48 ` Jarkko Sakkinen
2018-02-08 13:48 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1511905490.18982.13.camel@intel.com \
--to=sean.j.christopherson@intel.com \
--cc=Janakarajan.Natarajan@amd.com \
--cc=bp@suse.de \
--cc=grzegorz.andrejczuk@intel.com \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=me@kylehuey.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=piotr.luc@intel.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=vikas.shivappa@linux.intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.