diff mbox series

x86/sgx: Allows ioctl PROVISION to execute before CREATE

Message ID 20210118133335.98907-1-tianjia.zhang@linux.alibaba.com (mailing list archive)
State New
Headers show
Series x86/sgx: Allows ioctl PROVISION to execute before CREATE | expand

Commit Message

tianjia.zhang Jan. 18, 2021, 1:33 p.m. UTC
In function sgx_encl_create(), the logic of directly assigning
value to attributes_mask determines that the call to
SGX_IOC_ENCLAVE_PROVISION must be after the command of
SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
or operation, the PROVISION command can be executed earlier and
more flexibly.

Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Sean Christopherson Jan. 19, 2021, 8:05 p.m. UTC | #1
On Mon, Jan 18, 2021, Tianjia Zhang wrote:
> In function sgx_encl_create(), the logic of directly assigning
> value to attributes_mask determines that the call to
> SGX_IOC_ENCLAVE_PROVISION must be after the command of
> SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
> or operation, the PROVISION command can be executed earlier and
> more flexibly.
> 
> Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> ---
>  arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> index f45957c05f69..0ca3fc238bc2 100644
> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
>  	encl->base = secs->base;
>  	encl->size = secs->size;
>  	encl->attributes = secs->attributes;
> -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;

Alternatively, move the existing code to sgx_open()?  Initializing the field
when the encl object is allocated feels more correct.

>  	/* Set only after completion, as encl->lock has not been taken. */
>  	set_bit(SGX_ENCL_CREATED, &encl->flags);
> -- 
> 2.19.1.3.ge56e4f7
>
tianjia.zhang Jan. 20, 2021, 3:57 a.m. UTC | #2
Hi,

On 1/20/21 4:05 AM, Sean Christopherson wrote:
> On Mon, Jan 18, 2021, Tianjia Zhang wrote:
>> In function sgx_encl_create(), the logic of directly assigning
>> value to attributes_mask determines that the call to
>> SGX_IOC_ENCLAVE_PROVISION must be after the command of
>> SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
>> or operation, the PROVISION command can be executed earlier and
>> more flexibly.
>>
>> Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
>> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
>> ---
>>   arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
>> index f45957c05f69..0ca3fc238bc2 100644
>> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
>> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
>> @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
>>   	encl->base = secs->base;
>>   	encl->size = secs->size;
>>   	encl->attributes = secs->attributes;
>> -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
>> +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> 
> Alternatively, move the existing code to sgx_open()?  Initializing the field
> when the encl object is allocated feels more correct.
> 


This seems like a good idea. Thanks for your suggestion. I have sent v2 
patch, include the next two patches.

Best regards,
Tianjia
Jarkko Sakkinen Jan. 20, 2021, 2:31 p.m. UTC | #3
On Mon, Jan 18, 2021 at 09:33:35PM +0800, Tianjia Zhang wrote:
> In function sgx_encl_create(), the logic of directly assigning
> value to attributes_mask determines that the call to
> SGX_IOC_ENCLAVE_PROVISION must be after the command of
> SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
> or operation, the PROVISION command can be executed earlier and
> more flexibly.
> 
> Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> ---

Why?

>  arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> index f45957c05f69..0ca3fc238bc2 100644
> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
>  	encl->base = secs->base;
>  	encl->size = secs->size;
>  	encl->attributes = secs->attributes;
> -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
>  
>  	/* Set only after completion, as encl->lock has not been taken. */
>  	set_bit(SGX_ENCL_CREATED, &encl->flags);
> -- 
> 2.19.1.3.ge56e4f7
> 
>
Jarkko Sakkinen Jan. 20, 2021, 10:34 p.m. UTC | #4
On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
> Hi,
> 
> On 1/20/21 4:05 AM, Sean Christopherson wrote:
> > On Mon, Jan 18, 2021, Tianjia Zhang wrote:
> > > In function sgx_encl_create(), the logic of directly assigning
> > > value to attributes_mask determines that the call to
> > > SGX_IOC_ENCLAVE_PROVISION must be after the command of
> > > SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
> > > or operation, the PROVISION command can be executed earlier and
> > > more flexibly.
> > > 
> > > Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> > > ---
> > >   arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
> > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > 
> > > diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> > > index f45957c05f69..0ca3fc238bc2 100644
> > > --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> > > +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> > > @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
> > >   	encl->base = secs->base;
> > >   	encl->size = secs->size;
> > >   	encl->attributes = secs->attributes;
> > > -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> > > +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> > 
> > Alternatively, move the existing code to sgx_open()?  Initializing the field
> > when the encl object is allocated feels more correct.
> > 
> 
> 
> This seems like a good idea. Thanks for your suggestion. I have sent v2
> patch, include the next two patches.

Did you ask from Sean about suggested-by's? Now it looks like
that doing these patches were originally proposed by Sean.

/Jarkko
Jarkko Sakkinen Jan. 20, 2021, 10:37 p.m. UTC | #5
On Thu, Jan 21, 2021 at 12:34:49AM +0200, Jarkko Sakkinen wrote:
> On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
> > Hi,
> > 
> > On 1/20/21 4:05 AM, Sean Christopherson wrote:
> > > On Mon, Jan 18, 2021, Tianjia Zhang wrote:
> > > > In function sgx_encl_create(), the logic of directly assigning
> > > > value to attributes_mask determines that the call to
> > > > SGX_IOC_ENCLAVE_PROVISION must be after the command of
> > > > SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
> > > > or operation, the PROVISION command can be executed earlier and
> > > > more flexibly.
> > > > 
> > > > Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
> > > > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> > > > ---
> > > >   arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
> > > >   1 file changed, 1 insertion(+), 1 deletion(-)
> > > > 
> > > > diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> > > > index f45957c05f69..0ca3fc238bc2 100644
> > > > --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> > > > +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> > > > @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
> > > >   	encl->base = secs->base;
> > > >   	encl->size = secs->size;
> > > >   	encl->attributes = secs->attributes;
> > > > -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> > > > +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
> > > 
> > > Alternatively, move the existing code to sgx_open()?  Initializing the field
> > > when the encl object is allocated feels more correct.
> > > 
> > 
> > 
> > This seems like a good idea. Thanks for your suggestion. I have sent v2
> > patch, include the next two patches.
> 
> Did you ask from Sean about suggested-by's? Now it looks like
> that doing these patches were originally proposed by Sean.

Please do not add tags from people *unauthentically*. I do not
see anything from Sean to any of the patches that would suggest
adding those tags. You are basically just stamping that to all
patches, which he has given a code review. Can you stop doing
this?

/Jarkko
tianjia.zhang Jan. 24, 2021, 6:36 a.m. UTC | #6
On 1/21/21 6:37 AM, Jarkko Sakkinen wrote:
> On Thu, Jan 21, 2021 at 12:34:49AM +0200, Jarkko Sakkinen wrote:
>> On Wed, Jan 20, 2021 at 11:57:18AM +0800, Tianjia Zhang wrote:
>>> Hi,
>>>
>>> On 1/20/21 4:05 AM, Sean Christopherson wrote:
>>>> On Mon, Jan 18, 2021, Tianjia Zhang wrote:
>>>>> In function sgx_encl_create(), the logic of directly assigning
>>>>> value to attributes_mask determines that the call to
>>>>> SGX_IOC_ENCLAVE_PROVISION must be after the command of
>>>>> SGX_IOC_ENCLAVE_CREATE. If change this assignment statement to
>>>>> or operation, the PROVISION command can be executed earlier and
>>>>> more flexibly.
>>>>>
>>>>> Reported-by: Jia Zhang <zhang.jia@linux.alibaba.com>
>>>>> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
>>>>> ---
>>>>>    arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
>>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
>>>>> index f45957c05f69..0ca3fc238bc2 100644
>>>>> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
>>>>> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
>>>>> @@ -108,7 +108,7 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
>>>>>    	encl->base = secs->base;
>>>>>    	encl->size = secs->size;
>>>>>    	encl->attributes = secs->attributes;
>>>>> -	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
>>>>> +	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
>>>>
>>>> Alternatively, move the existing code to sgx_open()?  Initializing the field
>>>> when the encl object is allocated feels more correct.
>>>>
>>>
>>>
>>> This seems like a good idea. Thanks for your suggestion. I have sent v2
>>> patch, include the next two patches.
>>
>> Did you ask from Sean about suggested-by's? Now it looks like
>> that doing these patches were originally proposed by Sean.
> 
> Please do not add tags from people *unauthentically*. I do not
> see anything from Sean to any of the patches that would suggest
> adding those tags. You are basically just stamping that to all
> patches, which he has given a code review. Can you stop doing
> this?
> 
> /Jarkko
> 

I am very sorry for the trouble caused to you, I have made improvements 
in the new patch, thanks for your suggestions.

Best regards,
Tianjia
diff mbox series

Patch

diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
index f45957c05f69..0ca3fc238bc2 100644
--- a/arch/x86/kernel/cpu/sgx/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/ioctl.c
@@ -108,7 +108,7 @@  static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
 	encl->base = secs->base;
 	encl->size = secs->size;
 	encl->attributes = secs->attributes;
-	encl->attributes_mask = SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
+	encl->attributes_mask |= SGX_ATTR_DEBUG | SGX_ATTR_MODE64BIT | SGX_ATTR_KSS;
 
 	/* Set only after completion, as encl->lock has not been taken. */
 	set_bit(SGX_ENCL_CREATED, &encl->flags);