From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: platform-driver-x86@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Borislav Petkov <bp@suse.de>,
Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
Paolo Bonzini <pbonzini@redhat.com>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Kyle Huey <me@kylehuey.com>,
Vikas Shivappa <vikas.shivappa@linux.intel.com>,
Piotr Luc <piotr.luc@intel.com>,
Grzegorz Andrejczuk <grzegorz.andrejczuk@intel.com>
Subject: Re: [PATCH v6 04/11] x86: define IA32_FEATUE_CONTROL.SGX_LC
Date: Tue, 28 Nov 2017 14:00:03 -0800 [thread overview]
Message-ID: <1511906403.18982.17.camel@intel.com> (raw)
In-Reply-To: <20171128215513.qp2bs6462eq4pkz4@linux.intel.com>
On Tue, 2017-11-28 at 23:55 +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 28, 2017 at 01:33:14PM -0800, Sean Christopherson wrote:
> >
> > On Tue, 2017-11-28 at 23:24 +0200, Jarkko Sakkinen wrote:
> > >
> > > On Tue, Nov 28, 2017 at 10:53:24PM +0200, Jarkko Sakkinen wrote:
> > > >
> > > >
> > > > >
> > > > >
> > > > > So, maybe something like this?
> > > > >
> > > > > After SGX is activated[1] the IA32_SGXLEPUBKEYHASHn MSRs are writable
> > > > > if and only if SGX_LC is set in the IA32_FEATURE_CONTROL MSR and the
> > > > > IA32_FEATURE_CONTROL MSR is locked, otherwise they are read-only.
> > > > >
> > > > > For example, firmware can allow the OS to change the launch enclave
> > > > > root key by setting IA32_FEATURE_CONTROL.SGX_LC, and thus give the
> > > > > OS complete control over the enclaves it runs. Alternatively,
> > > > > firmware can clear IA32_FEATURE_CONTROL.SGX_LC to lock down the root
> > > > > key and restrict the OS to running enclaves signed with the root key
> > > > > or whitelisted/trusted by a launch enclave (which must be signed with
> > > > > the root key).
> > > > >
> > > > > [1] SGX related bits in IA32_FEATURE_CONTROL cannot be set until SGX
> > > > > is activated, e.g. by firmware. SGX activation is triggered by
> > > > > setting bit 0 in MSR 0x7a. Until SGX is activated, the LE hash
> > > > > MSRs are writable, e.g. to allow firmware to lock down the LE
> > > > > root key with a non-Intel value.
> > > > Thanks I'll use this as a basis and move most of the crappy commit
> > > > message to the commit (with some editing) that defines the MSRs.
> > > Not sure after all if I'm following this.
> > >
> > > IA32_FEATURE_CONTROL[17] contols whether the MSRs are writable or not
> > > after the feature control MSR is locked. SGX_LC means just that the
> > > CPU supports the launch configuration.
> > >
> > > /Jarkko
> > My comments were referring to improving the commit message for defining
> > IA32_FEATURE_CONTROL.SGX_LC, i.e. bit 17, not the CPUID bit.
> My bad but SGX_LC is referring here to the CPUID bit.
>
> In SGX chapters there is no specific name for IA32_FEATURE_CONTROL[17].
> I would call it something else than SGX_LC. Maybe SGX_LC_WRITABLE.
>
> /Jarkko
What about SGX_LC_ENABLE? The title in the MSR section of the SDM is
"SGX Launch Control Enable", and it's more consistent with the other
bits defined in feature control. I'd also prefer that name for the
actual #define too, SGX_LAUNCH_CONTROL_ENABLE is overly verbose IMO.
next prev parent reply other threads:[~2017-11-28 22:04 UTC|newest]
Thread overview: 87+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-25 19:29 [PATCH v6 00/11] Intel SGX Driver Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 01/11] intel_sgx: updated MAINTAINERS Jarkko Sakkinen
2017-11-25 20:19 ` Joe Perches
2017-11-26 10:41 ` Bjørn Mork
2017-11-26 15:33 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 02/11] x86: add SGX definition to cpufeature Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 03/11] x86: define IA32_FEATURE_CONTROL.SGX_ENABLE Jarkko Sakkinen
2017-11-28 17:13 ` Sean Christopherson
2017-11-28 20:47 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 04/11] x86: define IA32_FEATUE_CONTROL.SGX_LC Jarkko Sakkinen
2017-11-28 17:16 ` Sean Christopherson
2017-11-28 18:28 ` Sean Christopherson
2017-11-28 20:53 ` Jarkko Sakkinen
2017-11-28 21:24 ` Jarkko Sakkinen
2017-11-28 21:33 ` Sean Christopherson
2017-11-28 21:55 ` Jarkko Sakkinen
2017-11-28 22:00 ` Sean Christopherson [this message]
2017-11-28 22:21 ` Jarkko Sakkinen
2017-11-29 15:38 ` Jarkko Sakkinen
2017-11-30 3:05 ` Kai Huang
2017-11-30 16:44 ` Jarkko Sakkinen
2017-11-28 21:40 ` Jarkko Sakkinen
2017-11-28 21:44 ` Sean Christopherson
2017-11-28 22:03 ` Jarkko Sakkinen
2017-11-28 22:11 ` Jarkko Sakkinen
2017-11-28 20:51 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 05/11] x86: add SGX MSRs to msr-index.h Jarkko Sakkinen
2017-11-28 17:22 ` Sean Christopherson
2017-11-28 20:48 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 06/11] intel_sgx: driver for Intel Software Guard Extensions Jarkko Sakkinen
2017-11-26 17:33 ` Jarkko Sakkinen
2017-11-26 18:46 ` Jarkko Sakkinen
2017-11-26 19:01 ` Jarkko Sakkinen
2017-11-29 18:02 ` Jarkko Sakkinen
2017-11-28 19:07 ` Sean Christopherson
2017-11-30 17:32 ` Sean Christopherson
2017-12-04 8:59 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 07/11] intel_sgx: ptrace() support Jarkko Sakkinen
2017-11-26 15:44 ` Jarkko Sakkinen
2017-11-26 15:50 ` Joe Perches
2017-11-26 16:53 ` Jarkko Sakkinen
2017-11-26 17:01 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 08/11] intel_sgx: in-kernel launch enclave Jarkko Sakkinen
2017-11-27 9:58 ` Till Smejkal
2017-11-28 20:17 ` Jarkko Sakkinen
2017-11-28 22:38 ` Jarkko Sakkinen
2017-12-04 9:23 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 09/11] fs/pipe.c: export create_pipe_files() and replace_fd() Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-11-28 14:35 ` Christoph Hellwig
2017-11-28 20:42 ` Jarkko Sakkinen
2017-11-28 21:05 ` Christoph Hellwig
2017-11-28 21:57 ` Jarkko Sakkinen
2017-11-29 23:13 ` Christoph Hellwig
2017-11-30 16:43 ` Jarkko Sakkinen
2017-11-30 18:38 ` James Bottomley
2017-12-04 9:00 ` Jarkko Sakkinen
2017-12-04 9:00 ` Jarkko Sakkinen
2017-12-07 17:37 ` Jarkko Sakkinen
2017-12-07 17:37 ` Jarkko Sakkinen
2017-12-08 13:05 ` Jarkko Sakkinen
2017-11-25 19:29 ` [PATCH v6 10/11] intel_sgx: glue code for in-kernel LE Jarkko Sakkinen
2017-12-13 23:34 ` Christopherson, Sean J
2017-11-25 19:29 ` [PATCH v6 11/11] intel_sgx: driver documentation Jarkko Sakkinen
2017-11-25 19:29 ` Jarkko Sakkinen
2017-12-12 14:07 ` [PATCH v6 00/11] Intel SGX Driver Pavel Machek
2017-12-12 14:07 ` Pavel Machek
2017-12-14 11:18 ` Jarkko Sakkinen
2017-12-14 11:18 ` Jarkko Sakkinen
2017-12-19 23:33 ` Jarkko Sakkinen
2017-12-19 23:33 ` Jarkko Sakkinen
2017-12-20 13:18 ` Jarkko Sakkinen
2017-12-20 13:18 ` Jarkko Sakkinen
2018-01-04 14:17 ` Cedric Blancher
2018-01-04 14:17 ` Cedric Blancher
2018-01-04 14:27 ` Greg Kroah-Hartman
2018-01-04 14:27 ` Greg Kroah-Hartman
2018-01-04 19:18 ` Ozgur
2018-01-04 15:08 ` James Bottomley
2018-01-04 15:08 ` James Bottomley
2018-01-09 14:27 ` Jarkko Sakkinen
2018-01-09 14:27 ` Jarkko Sakkinen
2018-02-08 8:46 ` Pavel Machek
2018-02-08 8:46 ` Pavel Machek
2018-02-08 13:48 ` Jarkko Sakkinen
2018-02-08 13:48 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1511906403.18982.17.camel@intel.com \
--to=sean.j.christopherson@intel.com \
--cc=Janakarajan.Natarajan@amd.com \
--cc=bp@suse.de \
--cc=grzegorz.andrejczuk@intel.com \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=me@kylehuey.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=piotr.luc@intel.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=vikas.shivappa@linux.intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.