[v40,09/24] x86/sgx: Add SGX page allocator functions

Message ID	20201104145430.300542-10-jarkko.sakkinen@linux.intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=W5EA=EK=vger.kernel.org=linux-sgx-owner@kernel.org> From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: x86@kernel.org, linux-sgx@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Jethro Beekman <jethro@fortanix.com>, Darren Kenny <darren.kenny@oracle.com>, Sean Christopherson <sean.j.christopherson@intel.com>, akpm@linux-foundation.org, andriy.shevchenko@linux.intel.com, asapek@google.com, bp@alien8.de, cedric.xing@intel.com, chenalexchen@google.com, conradparker@google.com, cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com, kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com, ludloff@google.com, luto@kernel.org, nhorman@redhat.com, npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com, tglx@linutronix.de, yaozhangx@google.com, mikko.ylinen@intel.com Subject: [PATCH v40 09/24] x86/sgx: Add SGX page allocator functions Date: Wed, 4 Nov 2020 16:54:15 +0200 Message-Id: <20201104145430.300542-10-jarkko.sakkinen@linux.intel.com> In-Reply-To: <20201104145430.300542-1-jarkko.sakkinen@linux.intel.com> References: <20201104145430.300542-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Intel SGX foundations \| expand [v40,00/24] Intel SGX foundations [v40,01/24] x86/sgx: Add SGX architectural data structures [v40,02/24] x86/sgx: Add wrappers for ENCLS functions [v40,03/24] x86/sgx: Initialize metadata for Enclave Page Cache (EPC) sections [v40,04/24] x86/cpufeatures: x86/msr: Add Intel SGX hardware bits [v40,05/24] x86/cpufeatures: x86/msr: Add Intel SGX Launch Control hardware bits [v40,06/24] x86/mm: x86/sgx: Signal SIGSEGV with PF_SGX [v40,07/24] x86/cpu/intel: Detect SGX support [v40,08/24] x86/cpu/intel: Add nosgx kernel parameter [v40,09/24] x86/sgx: Add SGX page allocator functions [v40,10/24] mm: Add 'mprotect' hook to struct vm_operations_struct [v40,11/24] x86/sgx: Add SGX misc driver interface [v40,12/24] x86/sgx: Add SGX_IOC_ENCLAVE_CREATE [v40,13/24] x86/sgx: Add SGX_IOC_ENCLAVE_ADD_PAGES [v40,14/24] x86/sgx: Add SGX_IOC_ENCLAVE_INIT [v40,15/24] x86/sgx: Add SGX_IOC_ENCLAVE_PROVISION [v40,16/24] x86/vdso: Add support for exception fixup in vDSO functions [v40,17/24] x86/fault: Add helper function to sanitize error code [v40,18/24] x86/traps: Attempt to fixup exceptions in vDSO before signaling [v40,19/24] x86/vdso: Implement a vDSO for Intel SGX enclave call [v40,20/24] selftests/x86: Add a selftest for SGX [v40,21/24] x86/sgx: Add a page reclaimer [v40,22/24] x86/sgx: Add ptrace() support for the SGX driver [v40,23/24] docs: x86/sgx: Document SGX kernel architecture [v40,24/24] x86/sgx: Update MAINTAINERS

Message ID

20201104145430.300542-10-jarkko.sakkinen@linux.intel.com (mailing list archive)

State

New, archived

Headers

From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: x86@kernel.org, linux-sgx@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Jethro Beekman <jethro@fortanix.com>,
        Darren Kenny <darren.kenny@oracle.com>,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        akpm@linux-foundation.org, andriy.shevchenko@linux.intel.com,
        asapek@google.com, bp@alien8.de, cedric.xing@intel.com,
        chenalexchen@google.com, conradparker@google.com,
        cyhanish@google.com, dave.hansen@intel.com, haitao.huang@intel.com,
        kai.huang@intel.com, kai.svahn@intel.com, kmoy@google.com,
        ludloff@google.com, luto@kernel.org, nhorman@redhat.com,
        npmccallum@redhat.com, puiterwijk@redhat.com, rientjes@google.com,
        tglx@linutronix.de, yaozhangx@google.com, mikko.ylinen@intel.com
Subject: [PATCH v40 09/24] x86/sgx: Add SGX page allocator functions
Date: Wed,  4 Nov 2020 16:54:15 +0200
Message-Id: <20201104145430.300542-10-jarkko.sakkinen@linux.intel.com>
In-Reply-To: <20201104145430.300542-1-jarkko.sakkinen@linux.intel.com>
References: <20201104145430.300542-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Intel SGX foundations | expand

Commit Message

Jarkko Sakkinen Nov. 4, 2020, 2:54 p.m. UTC

The previous patch initialized a simple SGX page allocator.  Add functions
for runtime allocation and free.

This allocator and its algorithms are as simple as it gets.  They do a
linear search across all EPC sections and find the first free page.  They
are not NUMA aware and only hand out individual pages.  The SGX hardware
does not support large pages, so something more complicated like a buddy
allocator is unwarranted.

The free function (sgx_free_epc_page()) implicitly calls ENCLS[EREMOVE],
which returns the page to the uninitialized state.  This ensures that the
page is ready for use at the next allocation.

Acked-by: Jethro Beekman <jethro@fortanix.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 arch/x86/kernel/cpu/sgx/main.c | 62 ++++++++++++++++++++++++++++++++++
 arch/x86/kernel/cpu/sgx/sgx.h  |  3 ++
 2 files changed, 65 insertions(+)

Comments

Borislav Petkov Nov. 5, 2020, 3:08 p.m. UTC | #1

On Wed, Nov 04, 2020 at 04:54:15PM +0200, Jarkko Sakkinen wrote:
> The previous patch initialized a simple SGX page allocator.  Add functions
> for runtime allocation and free.
> 
> This allocator and its algorithms are as simple as it gets.  They do a
> linear search across all EPC sections and find the first free page.  They
> are not NUMA aware and only hand out individual pages.  The SGX hardware
> does not support large pages, so something more complicated like a buddy
> allocator is unwarranted.
> 
> The free function (sgx_free_epc_page()) implicitly calls ENCLS[EREMOVE],
> which returns the page to the uninitialized state.  This ensures that the
> page is ready for use at the next allocation.
> 
> Acked-by: Jethro Beekman <jethro@fortanix.com>
> Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
> Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  arch/x86/kernel/cpu/sgx/main.c | 62 ++++++++++++++++++++++++++++++++++
>  arch/x86/kernel/cpu/sgx/sgx.h  |  3 ++
>  2 files changed, 65 insertions(+)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
> index 956055a0eff6..b9ac438a13a4 100644
> --- a/arch/x86/kernel/cpu/sgx/main.c
> +++ b/arch/x86/kernel/cpu/sgx/main.c
> @@ -85,6 +85,68 @@ static bool __init sgx_page_reclaimer_init(void)
>  	return true;
>  }
>  
> +static struct sgx_epc_page *__sgx_alloc_epc_page_from_section(struct sgx_epc_section *section)
> +{
> +	struct sgx_epc_page *page;
> +
> +	if (list_empty(&section->page_list))
> +		return NULL;
> +
> +	page = list_first_entry(&section->page_list, struct sgx_epc_page, list);
> +	list_del_init(&page->list);
> +
> +	return page;
> +}
> +
> +/**
> + * __sgx_alloc_epc_page() - Allocate an EPC page
> + *
> + * Iterate through EPC sections and borrow a free EPC page to the caller. When a
> + * page is no longer needed it must be released with sgx_free_epc_page().
> + *
> + * Return:
> + *   an EPC page,
> + *   -errno on error
> + */
> +struct sgx_epc_page *__sgx_alloc_epc_page(void)
> +{
> +	struct sgx_epc_section *section;
> +	struct sgx_epc_page *page;
> +	int i;
> +
> +	for (i = 0; i < sgx_nr_epc_sections; i++) {
> +		section = &sgx_epc_sections[i];
> +		spin_lock(&section->lock);
> +		page = __sgx_alloc_epc_page_from_section(section);
> +		spin_unlock(&section->lock);

Something for a future cleanup: you can put that logic into
__sgx_alloc_epc_page_from_section() and simplify this one call site.

But not now - you can do that later or if v41 needs to be sent out...

Thx.

diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 956055a0eff6..b9ac438a13a4 100644
--- a/arch/x86/kernel/cpu/sgx/main.c
+++ b/arch/x86/kernel/cpu/sgx/main.c
@@ -85,6 +85,68 @@  static bool __init sgx_page_reclaimer_init(void)
 	return true;
 }
 
+static struct sgx_epc_page *__sgx_alloc_epc_page_from_section(struct sgx_epc_section *section)
+{
+	struct sgx_epc_page *page;
+
+	if (list_empty(&section->page_list))
+		return NULL;
+
+	page = list_first_entry(&section->page_list, struct sgx_epc_page, list);
+	list_del_init(&page->list);
+
+	return page;
+}
+
+/**
+ * __sgx_alloc_epc_page() - Allocate an EPC page
+ *
+ * Iterate through EPC sections and borrow a free EPC page to the caller. When a
+ * page is no longer needed it must be released with sgx_free_epc_page().
+ *
+ * Return:
+ *   an EPC page,
+ *   -errno on error
+ */
+struct sgx_epc_page *__sgx_alloc_epc_page(void)
+{
+	struct sgx_epc_section *section;
+	struct sgx_epc_page *page;
+	int i;
+
+	for (i = 0; i < sgx_nr_epc_sections; i++) {
+		section = &sgx_epc_sections[i];
+		spin_lock(&section->lock);
+		page = __sgx_alloc_epc_page_from_section(section);
+		spin_unlock(&section->lock);
+
+		if (page)
+			return page;
+	}
+
+	return ERR_PTR(-ENOMEM);
+}
+
+/**
+ * sgx_free_epc_page() - Free an EPC page
+ * @page:	an EPC page
+ *
+ * Call EREMOVE for an EPC page and insert it back to the list of free pages.
+ */
+void sgx_free_epc_page(struct sgx_epc_page *page)
+{
+	struct sgx_epc_section *section = &sgx_epc_sections[page->section];
+	int ret;
+
+	ret = __eremove(sgx_get_epc_virt_addr(page));
+	if (WARN_ONCE(ret, "EREMOVE returned %d (0x%x)", ret, ret))
+		return;
+
+	spin_lock(&section->lock);
+	list_add_tail(&page->list, &section->page_list);
+	spin_unlock(&section->lock);
+}
+
 static bool __init sgx_setup_epc_section(u64 phys_addr, u64 size,
 					 unsigned long index,
 					 struct sgx_epc_section *section)
diff --git a/arch/x86/kernel/cpu/sgx/sgx.h b/arch/x86/kernel/cpu/sgx/sgx.h
index 02afa84dd8fd..bd9dcb1ffcfa 100644
--- a/arch/x86/kernel/cpu/sgx/sgx.h
+++ b/arch/x86/kernel/cpu/sgx/sgx.h
@@ -57,4 +57,7 @@  static inline void *sgx_get_epc_virt_addr(struct sgx_epc_page *page)
 	return section->virt_addr + index * PAGE_SIZE;
 }
 
+struct sgx_epc_page *__sgx_alloc_epc_page(void);
+void sgx_free_epc_page(struct sgx_epc_page *page);
+
 #endif /* _X86_SGX_H */

[v40,09/24] x86/sgx: Add SGX page allocator functions

Commit Message

Comments

Patch