[intel-sgx-kernel-dev,v2] intel_sgx: Fix max enclave size calculation
diff mbox

Message ID 1498146953-13117-1-git-send-email-angie.v.chinchilla@intel.com
State New
Headers show

Commit Message

Angie Chinchilla June 22, 2017, 3:55 p.m. UTC
sgx_encl_size_max_64 and sgx_encl_size_max_32 calculations are
incorrect, causing failures creating large enclaves.
2^EDX[7:0] should be used for max enclave size in 32-bit mode
2^EDX[15:8] should be used for max enclave size in 64-bit mode

Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
---
Changes in v2:
 - 1ULL should be shifted, not 2ULL

 drivers/platform/x86/intel_sgx/sgx_main.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Jarkko Sakkinen June 28, 2017, 5:34 p.m. UTC | #1
On Thu, Jun 22, 2017 at 11:55:53AM -0400, Angie Chinchilla wrote:
> sgx_encl_size_max_64 and sgx_encl_size_max_32 calculations are
> incorrect, causing failures creating large enclaves.
> 2^EDX[7:0] should be used for max enclave size in 32-bit mode
> 2^EDX[15:8] should be used for max enclave size in 64-bit mode
> 
> Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
> ---
> Changes in v2:
>  - 1ULL should be shifted, not 2ULL
> 
>  drivers/platform/x86/intel_sgx/sgx_main.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/platform/x86/intel_sgx/sgx_main.c b/drivers/platform/x86/intel_sgx/sgx_main.c
> index cf1e6ec..962768d 100644
> --- a/drivers/platform/x86/intel_sgx/sgx_main.c
> +++ b/drivers/platform/x86/intel_sgx/sgx_main.c
> @@ -312,9 +312,9 @@ static int sgx_drv_probe(struct platform_device *pdev)
>  	cpuid_count(SGX_CPUID, 0x0, &eax, &ebx, &ecx, &edx);
>  	if (edx & 0xFFFF) {
>  #ifdef CONFIG_X86_64
> -		sgx_encl_size_max_64 = 2ULL << (edx & 0xFF);
> +		sgx_encl_size_max_64 = 1ULL << ((edx >> 8) & 0xFF);
>  #endif
> -		sgx_encl_size_max_32 = 2ULL << ((edx >> 8) & 0xFF);
> +		sgx_encl_size_max_32 = 1ULL << (edx & 0xFF);
>  	}
>  
>  	return sgx_dev_init(&pdev->dev);
> -- 
> 2.7.4

The patch does not address my earlier comment. It would make a sense to
branch

if (!(edx & 0xFFFF))
	return -ENODEV;

as we don't want to continue initialization in a broken environment.

I can do the modification myself when I merge this as it is not directly
related to the fix itself.

/Jarkko
Jarkko Sakkinen June 29, 2017, 1:12 p.m. UTC | #2
On Wed, Jun 28, 2017 at 08:34:30PM +0300, Jarkko Sakkinen wrote:
> On Thu, Jun 22, 2017 at 11:55:53AM -0400, Angie Chinchilla wrote:
> > sgx_encl_size_max_64 and sgx_encl_size_max_32 calculations are
> > incorrect, causing failures creating large enclaves.
> > 2^EDX[7:0] should be used for max enclave size in 32-bit mode
> > 2^EDX[15:8] should be used for max enclave size in 64-bit mode
> > 
> > Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
> > ---
> > Changes in v2:
> >  - 1ULL should be shifted, not 2ULL
> > 
> >  drivers/platform/x86/intel_sgx/sgx_main.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/drivers/platform/x86/intel_sgx/sgx_main.c b/drivers/platform/x86/intel_sgx/sgx_main.c
> > index cf1e6ec..962768d 100644
> > --- a/drivers/platform/x86/intel_sgx/sgx_main.c
> > +++ b/drivers/platform/x86/intel_sgx/sgx_main.c
> > @@ -312,9 +312,9 @@ static int sgx_drv_probe(struct platform_device *pdev)
> >  	cpuid_count(SGX_CPUID, 0x0, &eax, &ebx, &ecx, &edx);
> >  	if (edx & 0xFFFF) {
> >  #ifdef CONFIG_X86_64
> > -		sgx_encl_size_max_64 = 2ULL << (edx & 0xFF);
> > +		sgx_encl_size_max_64 = 1ULL << ((edx >> 8) & 0xFF);
> >  #endif
> > -		sgx_encl_size_max_32 = 2ULL << ((edx >> 8) & 0xFF);
> > +		sgx_encl_size_max_32 = 1ULL << (edx & 0xFF);
> >  	}
> >  
> >  	return sgx_dev_init(&pdev->dev);
> > -- 
> > 2.7.4
> 
> The patch does not address my earlier comment. It would make a sense to
> branch
> 
> if (!(edx & 0xFFFF))
> 	return -ENODEV;
> 
> as we don't want to continue initialization in a broken environment.
> 
> I can do the modification myself when I merge this as it is not directly
> related to the fix itself.
> 
> /Jarkko

I merged it.

/Jarkko

Patch
diff mbox

diff --git a/drivers/platform/x86/intel_sgx/sgx_main.c b/drivers/platform/x86/intel_sgx/sgx_main.c
index cf1e6ec..962768d 100644
--- a/drivers/platform/x86/intel_sgx/sgx_main.c
+++ b/drivers/platform/x86/intel_sgx/sgx_main.c
@@ -312,9 +312,9 @@  static int sgx_drv_probe(struct platform_device *pdev)
 	cpuid_count(SGX_CPUID, 0x0, &eax, &ebx, &ecx, &edx);
 	if (edx & 0xFFFF) {
 #ifdef CONFIG_X86_64
-		sgx_encl_size_max_64 = 2ULL << (edx & 0xFF);
+		sgx_encl_size_max_64 = 1ULL << ((edx >> 8) & 0xFF);
 #endif
-		sgx_encl_size_max_32 = 2ULL << ((edx >> 8) & 0xFF);
+		sgx_encl_size_max_32 = 1ULL << (edx & 0xFF);
 	}
 
 	return sgx_dev_init(&pdev->dev);