[v13,02/13] x86/cpufeature: Add SGX and SGX_LC CPU features

Message ID	20180827185507.17087-3-jarkko.sakkinen@linux.intel.com (mailing list archive)
State	Deferred, archived
Headers	show Return-Path: <platform-driver-x86-owner@kernel.org> From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: x86@kernel.org, platform-driver-x86@vger.kernel.org Cc: dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, linux-sgx@vger.kernel.org, Kai Huang <kai.huang@linux.intel.com>, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>, Borislav Petkov <bp@suse.de>, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>, David Woodhouse <dwmw@amazon.co.uk>, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v13 02/13] x86/cpufeature: Add SGX and SGX_LC CPU features Date: Mon, 27 Aug 2018 21:53:23 +0300 Message-Id: <20180827185507.17087-3-jarkko.sakkinen@linux.intel.com> In-Reply-To: <20180827185507.17087-1-jarkko.sakkinen@linux.intel.com> References: <20180827185507.17087-1-jarkko.sakkinen@linux.intel.com> Sender: platform-driver-x86-owner@vger.kernel.org Precedence: bulk
Series	Intel SGX1 support \| expand [v13,00/13] Intel SGX1 support [v13,01/13] x86/sgx: Update MAINTAINERS [v13,02/13] x86/cpufeature: Add SGX and SGX_LC CPU features [v13,03/13] x86/cpufeatures: Add Intel-defined SGX leaf CPUID_12_EAX [v13,04/13] x86/sgx: Architectural structures [v13,05/13] x86/msr: Add SGX definitions to msr-index.h [v13,06/13] x86/sgx: Detect Intel SGX [v13,07/13] x86/sgx: Add data structures for tracking the EPC pages [v13,08/13] x86/sgx: Add wrappers for ENCLS leaf functions [v13,09/13] x86/sgx: Enclave Page Cache (EPC) memory manager [v13,10/13] x86/sgx: Add sgx_einit() for initializing enclaves [v13,11/13] platform/x86: Intel SGX driver [v13,12/13] platform/x86: ptrace() support for the SGX driver [v13,13/13] x86/sgx: Driver documentation

Jarkko Sakkinen Aug. 27, 2018, 6:53 p.m. UTC

From: Kai Huang <kai.huang@linux.intel.com>

Add X86_FEATURE_SGX and X86_FEATURE_SGX_LC that define the bits
determining whether the CPU supports SGX and user launch configuration
i.e. using a custom root key rather the Intel proprietary key for
enclave signing.

Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 arch/x86/include/asm/cpufeatures.h | 2 ++
 1 file changed, 2 insertions(+)

Huang, Kai Aug. 28, 2018, 12:07 a.m. UTC | #1

> +#define X86_FEATURE_SGX_LC		(16*32+30) /* supports SGX launch
> configuration */

Sorry if it was me who wrote the comment "SGX launch configuration". I think we should just use "SGX launch control". :)

Thanks,
-Kai
> 
>  /* AMD-defined CPU features, CPUID level 0x80000007 (EBX), word 17 */
>  #define X86_FEATURE_OVERFLOW_RECOV	(17*32+ 0) /* MCA overflow
> recovery support */
> --
> 2.17.1

Jarkko Sakkinen Aug. 28, 2018, 7:17 a.m. UTC | #2

On Tue, Aug 28, 2018 at 12:07:41AM +0000, Huang, Kai wrote:
> > +#define X86_FEATURE_SGX_LC		(16*32+30) /* supports SGX launch
> > configuration */
> 
> Sorry if it was me who wrote the comment "SGX launch configuration". I
> think we should just use "SGX launch control". :)

Not sure if we should change though. The former is more self-explaining,
the latter is "more official".

/Jarkko

Huang, Kai Aug. 29, 2018, 7:36 a.m. UTC | #3

> -----Original Message-----
> From: Jarkko Sakkinen [mailto:jarkko.sakkinen@linux.intel.com]
> Sent: Tuesday, August 28, 2018 7:17 PM
> To: Huang, Kai <kai.huang@intel.com>
> Cc: x86@kernel.org; platform-driver-x86@vger.kernel.org; Hansen, Dave
> <dave.hansen@intel.com>; Christopherson, Sean J
> <sean.j.christopherson@intel.com>; nhorman@redhat.com;
> npmccallum@redhat.com; linux-sgx@vger.kernel.org; Kai Huang
> <kai.huang@linux.intel.com>; Thomas Gleixner <tglx@linutronix.de>; Ingo
> Molnar <mingo@redhat.com>; H. Peter Anvin <hpa@zytor.com>; Borislav
> Petkov <bp@suse.de>; Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>;
> David Woodhouse <dwmw@amazon.co.uk>; open list:X86 ARCHITECTURE (32-
> BIT AND 64-BIT) <linux-kernel@vger.kernel.org>
> Subject: Re: [PATCH v13 02/13] x86/cpufeature: Add SGX and SGX_LC CPU
> features
> 
> On Tue, Aug 28, 2018 at 12:07:41AM +0000, Huang, Kai wrote:
> > > +#define X86_FEATURE_SGX_LC		(16*32+30) /* supports SGX
> launch
> > > configuration */
> >
> > Sorry if it was me who wrote the comment "SGX launch configuration". I
> > think we should just use "SGX launch control". :)
> 
> Not sure if we should change though. The former is more self-explaining, the
> latter is "more official".

I'll let you decide.  To me the comment should explain what does "LC" mean, and to me it means "launch control". :)

Thanks,
-Kai
> 
> /Jarkko

Jarkko Sakkinen Aug. 31, 2018, 12:19 p.m. UTC | #4

On Wed, Aug 29, 2018 at 07:36:13AM +0000, Huang, Kai wrote:
> > -----Original Message-----
> > From: Jarkko Sakkinen [mailto:jarkko.sakkinen@linux.intel.com]
> > Sent: Tuesday, August 28, 2018 7:17 PM
> > To: Huang, Kai <kai.huang@intel.com>
> > Cc: x86@kernel.org; platform-driver-x86@vger.kernel.org; Hansen, Dave
> > <dave.hansen@intel.com>; Christopherson, Sean J
> > <sean.j.christopherson@intel.com>; nhorman@redhat.com;
> > npmccallum@redhat.com; linux-sgx@vger.kernel.org; Kai Huang
> > <kai.huang@linux.intel.com>; Thomas Gleixner <tglx@linutronix.de>; Ingo
> > Molnar <mingo@redhat.com>; H. Peter Anvin <hpa@zytor.com>; Borislav
> > Petkov <bp@suse.de>; Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>;
> > David Woodhouse <dwmw@amazon.co.uk>; open list:X86 ARCHITECTURE (32-
> > BIT AND 64-BIT) <linux-kernel@vger.kernel.org>
> > Subject: Re: [PATCH v13 02/13] x86/cpufeature: Add SGX and SGX_LC CPU
> > features
> > 
> > On Tue, Aug 28, 2018 at 12:07:41AM +0000, Huang, Kai wrote:
> > > > +#define X86_FEATURE_SGX_LC		(16*32+30) /* supports SGX
> > launch
> > > > configuration */
> > >
> > > Sorry if it was me who wrote the comment "SGX launch configuration". I
> > > think we should just use "SGX launch control". :)
> > 
> > Not sure if we should change though. The former is more self-explaining, the
> > latter is "more official".
> 
> I'll let you decide.  To me the comment should explain what does "LC"
> mean, and to me it means "launch control". :)

Yea, maybe it is better to change as SDM speaks about launch control...

> Thanks,
> -Kai
> > 
> > /Jarkko

/Jarkko

Dr. Greg Aug. 31, 2018, 4:18 p.m. UTC | #5

On Mon, Aug 27, 2018 at 09:53:23PM +0300, Jarkko Sakkinen wrote:

Good morning, I hope the week has gone well for everyone.

> From: Kai Huang <kai.huang@linux.intel.com>
> 
> Add X86_FEATURE_SGX and X86_FEATURE_SGX_LC that define the bits
> determining whether the CPU supports SGX and user launch configuration
> i.e. using a custom root key rather the Intel proprietary key for
> enclave signing.

First of all thanks to Jarkko, Sean et.al who have been working on
Linux SGX eco-system support.  Given the nature and apparent mystique
surrounding this technology, we are assuming that Intel has you locked
away in dungeons somewhere... :-)

I direct engineering efforts for an SGX development company.  We are a
licensed Intel ISV, ie. we have a signing key on the launch enclave
whitelist.  Due to the nature of our products we designed an
independent implementation of the PSW which includes enclave loading
and execution, EPID provisioning and remote attestation
infrastructure.  We have also done initial engineering on the
feasibility of developing an independent authentication and
attestation service.

So I think we understand this technology about as well as anyone.

Our reflections on the patch series are not technical as much as
operational.  To wit; are you guys developing this driver 'blind',
ie. simply based on guidance from the SDM or are you testing them on
simulators or do you actually have real live hardware with these
capabilities?

If you boil these 'new' patches down they basically address three
primary areas of functionality; Enclave Dynamic Memory Management
(EDMM), Flexible Launch Control (Unlocked identity modulus signature
registers) and NUMA support.  You could also throw in virtualization
as that is another whole can of worms given a VM may not end up on the
same die, ie. TCB base.

Other then a smattering of machines which advertise basic SGX2
instruction support for EDMM, there is virtually no hardware available
to test any of this functionality on.  Also of interest, there is
virtually no guidance available as to when any of this functionality
will become available.

We don't see how the Linux/SGX community can effectively debug and
support this driver without some kind of an idea as to what hardware
to be acquiring to test this functionality.  I'm assuming that Intel
has 'preferred partners' which do have access to this knowledge, which
is fine, but it would seem odd to expect general community support of
a driver that uses this model.

It would be a significant statement in support of the community if the
documentation for the driver included a table of functionality and the
chip and chipset versions needed to support the stated functionality.
That would significantly increase the ability for this driver to be
supported and tested.

Once again, thanks for all the legwork on the driver, however you are
managing to exercise its functionality.

Dr. Greg

As always,
Dr. Greg Wettstein, Ph.D.   Enjellic Systems Development, LLC.
4206 N. 19th Ave.           Specializing in information infra-structure
Fargo, ND  58102            development.
PH: 701-281-1686
FAX: 701-281-3949           EMAIL: greg@enjellic.com
------------------------------------------------------------------------------
"The couple is registered at Herbergers, Target and Fleet Farm."
                                -- Wedding invitation
                                   West Central Minnesota

[v13,02/13] x86/cpufeature: Add SGX and SGX_LC CPU features

Commit Message

Comments

Patch