[intel-sgx-kernel-dev,RFC,v2,07/10] x86: add SGX MSRs to msr-index.h
diff mbox

Message ID 20170913152104.21532-8-jarkko.sakkinen@linux.intel.com
State New
Headers show

Commit Message

Jarkko Sakkinen Sept. 13, 2017, 3:21 p.m. UTC
From: Haim Cohen <haim.cohen@intel.com>

These MSRs define a SHA256 checksum of the launch enclave public key.

Signed-off-by: Haim Cohen <haim.cohen@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 arch/x86/include/asm/msr-index.h | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Sean Christopherson Sept. 19, 2017, 8:10 p.m. UTC | #1
On Wed, Sep 13, 2017 at 08:21:01AM -0700, Jarkko Sakkinen wrote:
> From: Haim Cohen <haim.cohen@intel.com>
>
> These MSRs define a SHA256 checksum of the launch enclave public key.

Nitpicking, but the word "define" might be misleading.  Based on the
commit message I was expecting the actual #defines to contain a SHA256
hash.  Maybe "These MSRs hold the SHA256 checksum of the currently
configured launch enclave public key."?

>
> Signed-off-by: Haim Cohen <haim.cohen@intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  arch/x86/include/asm/msr-index.h | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
> index 5573c75f8e4c..53a35c1409e9 100644
> --- a/arch/x86/include/asm/msr-index.h
> +++ b/arch/x86/include/asm/msr-index.h
> @@ -433,6 +433,7 @@
>  #define FEATURE_CONTROL_LOCKED                               (1<<0)
>  #define FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX     (1<<1)
>  #define FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX    (1<<2)
> +#define FEATURE_CONTROL_SGX_LAUNCH_CONTROL_ENABLE    (1<<17)
>  #define FEATURE_CONTROL_LMCE                         (1<<20)
>
>  #define MSR_IA32_APICBASE            0x0000001b
> @@ -499,6 +500,12 @@
>  #define PACKAGE_THERM_INT_LOW_ENABLE         (1 << 1)
>  #define PACKAGE_THERM_INT_PLN_ENABLE         (1 << 24)
>
> +/* Intel SGX MSRs */
> +#define MSR_IA32_SGXLEPUBKEYHASH0    0x0000008C
> +#define MSR_IA32_SGXLEPUBKEYHASH1    0x0000008D
> +#define MSR_IA32_SGXLEPUBKEYHASH2    0x0000008E
> +#define MSR_IA32_SGXLEPUBKEYHASH3    0x0000008F
> +
>  /* Thermal Thresholds Support */
>  #define THERM_INT_THRESHOLD0_ENABLE    (1 << 15)
>  #define THERM_SHIFT_THRESHOLD0        8
Jarkko Sakkinen Sept. 21, 2017, 3:11 p.m. UTC | #2
On Tue, Sep 19, 2017 at 08:10:00PM +0000, Christopherson, Sean J wrote:
> On Wed, Sep 13, 2017 at 08:21:01AM -0700, Jarkko Sakkinen wrote:
> > From: Haim Cohen <haim.cohen@intel.com>
> >
> > These MSRs define a SHA256 checksum of the launch enclave public key.
> 
> Nitpicking, but the word "define" might be misleading.  Based on the
> commit message I was expecting the actual #defines to contain a SHA256
> hash.  Maybe "These MSRs hold the SHA256 checksum of the currently
> configured launch enclave public key."?

That's a way better description. Thank you.

/Jarkko

Patch
diff mbox

diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index 5573c75f8e4c..53a35c1409e9 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -433,6 +433,7 @@ 
 #define FEATURE_CONTROL_LOCKED				(1<<0)
 #define FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX	(1<<1)
 #define FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX	(1<<2)
+#define FEATURE_CONTROL_SGX_LAUNCH_CONTROL_ENABLE	(1<<17)
 #define FEATURE_CONTROL_LMCE				(1<<20)
 
 #define MSR_IA32_APICBASE		0x0000001b
@@ -499,6 +500,12 @@ 
 #define PACKAGE_THERM_INT_LOW_ENABLE		(1 << 1)
 #define PACKAGE_THERM_INT_PLN_ENABLE		(1 << 24)
 
+/* Intel SGX MSRs */
+#define MSR_IA32_SGXLEPUBKEYHASH0	0x0000008C
+#define MSR_IA32_SGXLEPUBKEYHASH1	0x0000008D
+#define MSR_IA32_SGXLEPUBKEYHASH2	0x0000008E
+#define MSR_IA32_SGXLEPUBKEYHASH3	0x0000008F
+
 /* Thermal Thresholds Support */
 #define THERM_INT_THRESHOLD0_ENABLE    (1 << 15)
 #define THERM_SHIFT_THRESHOLD0        8