From: Sean Christopherson <seanjc@google.com>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: Dave Hansen <dave.hansen@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
Tony Luck <tony.luck@intel.com>,
linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Subject: Re: [PATCH] x86/sgx: Declare sgx_set_attribute() for !CONFIG_X86_SGX
Date: Fri, 3 Sep 2021 15:29:57 +0000 [thread overview]
Message-ID: <YTI/dTORBZEmGgux@google.com> (raw)
In-Reply-To: <20210903064156.387979-1-jarkko@kernel.org>
On Fri, Sep 03, 2021, Jarkko Sakkinen wrote:
> Simplify sgx_set_attribute() usage by declaring a fallback
> implementation for it rather than requiring to have compilation
> flag checks in the call site. The fallback unconditionally returns
> -EINVAL.
>
> Refactor the call site in kvm_vm_ioctl_enable_cap() accordingly.
> The net result is the same: KVM_CAP_SGX_ATTRIBUTE causes -EINVAL
> when kernel is compiled without CONFIG_X86_SGX_KVM.
Eh, it doesn't really simplify the usage. If anything it makes it more convoluted
because the capability check in kvm_vm_ioctl_check_extension() still needs an
#ifdef, e.g. readers will wonder why the check is conditional but the usage is not.
> Cc: Tony Luck <tony.luck@intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
> ---
> arch/x86/include/asm/sgx.h | 8 ++++++++
> arch/x86/kvm/x86.c | 2 --
> 2 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
> index 05f3e21f01a7..31ee106c0f4b 100644
> --- a/arch/x86/include/asm/sgx.h
> +++ b/arch/x86/include/asm/sgx.h
> @@ -372,7 +372,15 @@ int sgx_virt_einit(void __user *sigstruct, void __user *token,
> void __user *secs, u64 *lepubkeyhash, int *trapnr);
> #endif
>
> +#ifdef CONFIG_X86_SGX
> int sgx_set_attribute(unsigned long *allowed_attributes,
> unsigned int attribute_fd);
> +#else
> +static inline int sgx_set_attribute(unsigned long *allowed_attributes,
> + unsigned int attribute_fd)
> +{
> + return -EINVAL;
> +}
> +#endif
>
> #endif /* _ASM_X86_SGX_H */
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index e5d5c5ed7dd4..a6a27a8f41eb 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -5633,7 +5633,6 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
> kvm->arch.bus_lock_detection_enabled = true;
> r = 0;
> break;
> -#ifdef CONFIG_X86_SGX_KVM
> case KVM_CAP_SGX_ATTRIBUTE: {
> unsigned long allowed_attributes = 0;
>
> @@ -5649,7 +5648,6 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm,
> r = -EINVAL;
> break;
> }
> -#endif
> case KVM_CAP_VM_COPY_ENC_CONTEXT_FROM:
> r = -EINVAL;
> if (kvm_x86_ops.vm_copy_enc_context_from)
> --
> 2.25.1
>
next prev parent reply other threads:[~2021-09-03 15:30 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-03 6:41 [PATCH] x86/sgx: Declare sgx_set_attribute() for !CONFIG_X86_SGX Jarkko Sakkinen
2021-09-03 15:29 ` Sean Christopherson [this message]
2021-09-03 15:58 ` Jarkko Sakkinen
2021-09-03 16:33 ` Jarkko Sakkinen
2021-09-06 8:35 ` Paolo Bonzini
2021-09-07 13:37 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YTI/dTORBZEmGgux@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jarkko@kernel.org \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.