[intel-sgx-kernel-dev,v4,6/8] intel_sgx: reduce the use of SGX_ENCL_SUSPEND

Commit Message

Jarkko Sakkinen Dec. 1, 2016, 8:56 p.m. UTC

Reduced the use of SGX_ENCL_SUSPEND only to three situations:

- sgx_free_epc_page() checks this flags in order not to call
  ENCLS(EREMOVE) to an uninitialized EPC page.
- sgx_find_encl() must be able to return SGX_POWER_LOST_ENCLAVE error
  code.

In other cases SGX_ENCL_INVALIDATED will fully cover it.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/platform/x86/intel_sgx_ioctl.c | 2 +-
 drivers/platform/x86/intel_sgx_util.c  | 9 +++------
 drivers/platform/x86/intel_sgx_vma.c   | 5 +----
 3 files changed, 5 insertions(+), 11 deletions(-)

Comments

Jarkko Sakkinen Dec. 2, 2016, 10:28 a.m. UTC | #1

On Thu, Dec 01, 2016 at 10:56:30PM +0200, Jarkko Sakkinen wrote:
> Reduced the use of SGX_ENCL_SUSPEND only to three situations:
> 
> - sgx_free_epc_page() checks this flags in order not to call
>   ENCLS(EREMOVE) to an uninitialized EPC page.
> - sgx_find_encl() must be able to return SGX_POWER_LOST_ENCLAVE error
>   code.
> 
> In other cases SGX_ENCL_INVALIDATED will fully cover it.
> 
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

I would squash this to the previous patch as long as the commit message
explains the SUSPEND flag behavior.

/Jarkko

Patch

diff --git a/drivers/platform/x86/intel_sgx_ioctl.c b/drivers/platform/x86/intel_sgx_ioctl.c
index 5a68dbe..0c3fd29 100644
--- a/drivers/platform/x86/intel_sgx_ioctl.c
+++ b/drivers/platform/x86/intel_sgx_ioctl.c
@@ -320,7 +320,7 @@  static void sgx_add_page_worker(struct work_struct *work)
 	do {
 		schedule();
 
-		if (encl->flags & SGX_ENCL_SUSPEND)
+		if (encl->flags & SGX_ENCL_INVALIDATED)
 			skip_rest = true;
 
 		mutex_lock(&encl->lock);
diff --git a/drivers/platform/x86/intel_sgx_util.c b/drivers/platform/x86/intel_sgx_util.c
index 8ba2abd..41ccc18 100644
--- a/drivers/platform/x86/intel_sgx_util.c
+++ b/drivers/platform/x86/intel_sgx_util.c
@@ -135,16 +135,13 @@  void sgx_zap_tcs_ptes(struct sgx_encl *encl, struct vm_area_struct *vma)
 
 bool sgx_pin_mm(struct sgx_encl *encl)
 {
-	if (encl->flags & SGX_ENCL_SUSPEND)
-		return false;
-
 	mutex_lock(&encl->lock);
-	if (!(encl->flags & SGX_ENCL_INVALIDATED)) {
-		atomic_inc(&encl->mm->mm_count);
-	} else {
+	if (encl->flags & SGX_ENCL_INVALIDATED) {
 		mutex_unlock(&encl->lock);
 		return false;
 	}
+
+	atomic_inc(&encl->mm->mm_count);
 	mutex_unlock(&encl->lock);
 
 	down_read(&encl->mm->mmap_sem);
diff --git a/drivers/platform/x86/intel_sgx_vma.c b/drivers/platform/x86/intel_sgx_vma.c
index 88a316a..3ea200c 100644
--- a/drivers/platform/x86/intel_sgx_vma.c
+++ b/drivers/platform/x86/intel_sgx_vma.c
@@ -259,8 +259,6 @@  static struct sgx_encl_page *sgx_vma_do_fault(struct vm_area_struct *vma,
 	list_add_tail(&entry->load_list, &encl->load_list);
 out:
 	mutex_unlock(&encl->lock);
-	if (encl->flags & SGX_ENCL_SUSPEND)
-		free_flags |= SGX_FREE_SKIP_EREMOVE;
 	if (epc_page)
 		sgx_free_page(epc_page, encl, free_flags);
 	if (secs_epc_page)
@@ -361,8 +359,7 @@  static int sgx_vma_access(struct vm_area_struct *vma, unsigned long addr,
 
 	if (!(encl->flags & SGX_ENCL_DEBUG) ||
 	    !(encl->flags & SGX_ENCL_INITIALIZED) ||
-	    (encl->flags & SGX_ENCL_INVALIDATED) ||
-	    (encl->flags & SGX_ENCL_SUSPEND))
+	    (encl->flags & SGX_ENCL_INVALIDATED))
 		return -EFAULT;
 
 	sgx_dbg(encl, "%s addr=0x%lx, len=%d\n", op_str, addr, len);