@@ -352,14 +352,9 @@ static int sgx_vma_mprotect(struct vm_area_struct *vma, unsigned long start,
static int sgx_edbgrd(struct sgx_encl *encl, struct sgx_encl_page *page,
unsigned long addr, void *data)
{
- unsigned long offset;
+ unsigned long offset = addr & ~PAGE_MASK;
int ret;
- offset = addr & ~PAGE_MASK;
-
- if ((page->desc & SGX_ENCL_PAGE_TCS) &&
- offset > offsetof(struct sgx_tcs, gs_limit))
- return -ECANCELED;
ret = __edbgrd(sgx_epc_addr(page->epc_page) + offset, data);
if (ret)
@@ -371,16 +366,9 @@ static int sgx_edbgrd(struct sgx_encl *encl, struct sgx_encl_page *page,
static int sgx_edbgwr(struct sgx_encl *encl, struct sgx_encl_page *page,
unsigned long addr, void *data)
{
- unsigned long offset;
+ unsigned long offset = addr & ~PAGE_MASK;
int ret;
- offset = addr & ~PAGE_MASK;
-
- /* Writing anything else than flags will cause #GP */
- if ((page->desc & SGX_ENCL_PAGE_TCS) &&
- offset != offsetof(struct sgx_tcs, flags))
- return -ECANCELED;
-
ret = __edbgwr(sgx_epc_addr(page->epc_page) + offset, data);
if (ret)
return -EIO;
@@ -19,7 +19,6 @@
/**
* enum sgx_encl_page_desc - defines bits for an enclave page's descriptor
- * %SGX_ENCL_PAGE_TCS: The page is a TCS page.
* %SGX_ENCL_PAGE_RECLAIMED: The page is in the process of being
* reclaimed.
* %SGX_ENCL_PAGE_VA_OFFSET_MASK: Holds the offset in the Version Array
@@ -30,7 +29,6 @@
* the SECS page.
*/
enum sgx_encl_page_desc {
- SGX_ENCL_PAGE_TCS = BIT(0),
/* Bits 11:3 are available when the page is not swapped. */
SGX_ENCL_PAGE_RECLAIMED = BIT(3),
SGX_ENCL_PAGE_VA_OFFSET_MASK = GENMASK_ULL(11, 3),
@@ -126,9 +126,6 @@ static struct sgx_encl_page *sgx_encl_page_alloc(struct sgx_encl *encl,
encl_page->desc = addr;
encl_page->encl = encl;
- if (secinfo_flags & SGX_SECINFO_TCS)
- encl_page->desc |= SGX_ENCL_PAGE_TCS;
-
prot = _calc_vm_trans(secinfo_flags, SGX_SECINFO_R, PROT_READ) |
_calc_vm_trans(secinfo_flags, SGX_SECINFO_W, PROT_WRITE) |
_calc_vm_trans(secinfo_flags, SGX_SECINFO_X, PROT_EXEC);
When validating a TCS page one should consider the man page of ptrace (man 2 ptrace): "request is invalid, or an attempt was made to read from or write to an invalid area in the tracer's or the tracee's memory, or there was a word-alignment violation, or an invalid signal was specified during a restart request." Thus, returning -ECANCELED is not right thing to do. Instead, return -EIO when TCS validation fails. In effect, this renders out the validation code. Remove SGX_ENCL_PAGE_TCS as it is no longer used for anything. Cc: Sean Christopherson <sean.j.christopherson@intel.com> Cc: Shay Katz-zamir <shay.katz-zamir@intel.com> Cc: Serge Ayoun <serge.ayoun@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- arch/x86/kernel/cpu/sgx/encl.c | 16 ++-------------- arch/x86/kernel/cpu/sgx/encl.h | 2 -- arch/x86/kernel/cpu/sgx/ioctl.c | 3 --- 3 files changed, 2 insertions(+), 19 deletions(-)