[v16,09/22] x86/sgx: Define SGX1 and SGX2 ENCLS leafs

Message ID	20181106134758.10572-10-jarkko.sakkinen@linux.intel.com (mailing list archive)
State	Deferred, archived
Headers	show Return-Path: <platform-driver-x86-owner@kernel.org> From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: x86@kernel.org, platform-driver-x86@vger.kernel.org, linux-sgx@vger.kernel.org Cc: dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com, shay.katz-zamir@intel.com, haitao.huang@intel.com, andriy.shevchenko@linux.intel.com, tglx@linutronix.de, kai.svahn@intel.com, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)) Subject: [PATCH v16 09/22] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Date: Tue, 6 Nov 2018 15:45:48 +0200 Message-Id: <20181106134758.10572-10-jarkko.sakkinen@linux.intel.com> In-Reply-To: <20181106134758.10572-1-jarkko.sakkinen@linux.intel.com> References: <20181106134758.10572-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: platform-driver-x86-owner@vger.kernel.org Precedence: bulk
Series	Intel SGX1 support \| expand [v16,00/22] Intel SGX1 support [v16,01/22] x86/sgx: Update MAINTAINERS [v16,02/22] x86/cpufeatures: Add Intel-defined SGX feature bit [v16,03/22] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) [v16,04/22] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition [v16,05/22] x86/cpufeatures: Add Intel-defined SGX_LC feature bit [v16,06/22] x86/cpu/intel: Detect SGX support and update caps appropriately [v16,07/22] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit [v16,08/22] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX [v16,09/22] x86/sgx: Define SGX1 and SGX2 ENCLS leafs [v16,10/22] x86/sgx: Add ENCLS architectural error codes [v16,11/22] x86/sgx: Add SGX1 and SGX2 architectural data structures [v16,12/22] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs [v16,13/22] x86/msr: Add SGX Launch Control MSR definitions [v16,14/22] x86/sgx: Add wrappers for ENCLS leaf functions [v16,15/22] x86/sgx: Enumerate and track EPC sections [v16,16/22] x86/sgx: Add functions to allocate and free EPC pages [v16,17/22] x86/sgx: Add sgx_einit() for initializing enclaves [v16,18/22] platform/x86: Intel SGX driver [v16,19/22] platform/x86: sgx: Add swapping functionality to the Intel SGX driver [v16,20/22] x86/sgx: Add a simple swapper for the EPC memory manager [v16,21/22] platform/x86: ptrace() support for the SGX driver [v16,22/22] x86/sgx: SGX documentation

Message ID

20181106134758.10572-10-jarkko.sakkinen@linux.intel.com (mailing list archive)

State

Deferred, archived

Headers

From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: x86@kernel.org, platform-driver-x86@vger.kernel.org,
        linux-sgx@vger.kernel.org
Cc: dave.hansen@intel.com, sean.j.christopherson@intel.com,
        nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com,
        shay.katz-zamir@intel.com, haitao.huang@intel.com,
        andriy.shevchenko@linux.intel.com, tglx@linutronix.de,
        kai.svahn@intel.com,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        linux-kernel@vger.kernel.org (open list:X86 ARCHITECTURE (32-BIT AND
        64-BIT))
Subject: [PATCH v16 09/22] x86/sgx: Define SGX1 and SGX2 ENCLS leafs
Date: Tue,  6 Nov 2018 15:45:48 +0200
Message-Id: <20181106134758.10572-10-jarkko.sakkinen@linux.intel.com>
In-Reply-To: <20181106134758.10572-1-jarkko.sakkinen@linux.intel.com>
References: <20181106134758.10572-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: platform-driver-x86-owner@vger.kernel.org
Precedence: bulk

Series

Intel SGX1 support | expand

Commit Message

Jarkko Sakkinen Nov. 6, 2018, 1:45 p.m. UTC

ENCLS, a.k.a. Enclave System instruction, is an umbrella instruction
for a variety of privileged SGX functions.  The ENCLS function to be
executed is specified in EAX, a la GETSEC of SMX/TXT fame.  Leafs may
use additional registers for function-specific operands.  ENCLS also
introduces its own set of error codes that (some) leafs use to return
pass/fail information to software.  Leafs that return an error code
also modify RFLAGS.  And finally, ENCLS generates ENCLS-specific #GPs
and #PFs.

ENCLS leafs functions are organized under SGX sub-features, e.g. SGX1
defines the base ENCLS function set and SGX2 adds ENCLS functions to
enable dynamic EPC management.  At this time, only the SGX1 and SGX2
function sets are supported by Linux; the other published sets relate
to VMM EPC oversubscription, which is far out on the horizon.

Define the ENCLS leafs in a dedicated file as more architecturally
defined SGX constants and data structures will be introduced in short
order.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/include/asm/sgx_arch.h | 54 +++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 arch/x86/include/asm/sgx_arch.h

diff --git a/arch/x86/include/asm/sgx_arch.h b/arch/x86/include/asm/sgx_arch.h
new file mode 100644
index 000000000000..e068db46835e
--- /dev/null
+++ b/arch/x86/include/asm/sgx_arch.h
@@ -0,0 +1,54 @@ 
+/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) */
+/**
+ * Copyright(c) 2016-18 Intel Corporation.
+ *
+ * Contains data structures defined by the SGX architecture.  Data structures
+ * defined by the Linux software stack should not be placed here.
+ */
+#ifndef _ASM_X86_SGX_ARCH_H
+#define _ASM_X86_SGX_ARCH_H
+
+/**
+ * enum sgx_encls_leaves - ENCLS leaf functions
+ * %SGX_ECREATE:	Create an enclave.
+ * %SGX_EADD:		Add a page to an uninitialized enclave.
+ * %SGX_EINIT:		Initialize an enclave, i.e. launch an enclave.
+ * %SGX_EREMOVE:	Remove a page from an enclave.
+ * %SGX_EDBGRD:		Read a word from an enclve (peek).
+ * %SGX_EDBGWR:		Write a word to an enclave (poke).
+ * %SGX_EEXTEND:	Measure 256 bytes of an added enclave page.
+ * %SGX_ELDB:		Load a swapped page in blocked state.
+ * %SGX_ELDU:		Load a swapped page in unblocked state.
+ * %SGX_EBLOCK:		Change page state to blocked i.e. entering hardware
+ *			threads cannot access it and create new TLB entries.
+ * %SGX_EPA:		Create a Version Array (VA) page used to store isvsvn
+ *			number for a swapped EPC page.
+ * %SGX_EWB:		Swap an enclave page to the regular memory. Checks that
+ *			all threads have exited that were in the previous
+ *			shoot-down sequence.
+ * %SGX_ETRACK:		Start a new shoot down sequence. Used to together with
+ *			EBLOCK to make sure that a page is safe to swap.
+ * %SGX_EAUG:		Add a page to an initialized enclave.
+ * %SGX_EMODPR:		Restrict an EPC page's permissions.
+ * %SGX_EMODT:		Modify the page type of an EPC page.
+ */
+enum sgx_encls_leaves {
+	SGX_ECREATE	= 0x00,
+	SGX_EADD	= 0x01,
+	SGX_EINIT	= 0x02,
+	SGX_EREMOVE	= 0x03,
+	SGX_EDGBRD	= 0x04,
+	SGX_EDGBWR	= 0x05,
+	SGX_EEXTEND	= 0x06,
+	SGX_ELDB	= 0x07,
+	SGX_ELDU	= 0x08,
+	SGX_EBLOCK	= 0x09,
+	SGX_EPA		= 0x0A,
+	SGX_EWB		= 0x0B,
+	SGX_ETRACK	= 0x0C,
+	SGX_EAUG	= 0x0D,
+	SGX_EMODPR	= 0x0E,
+	SGX_EMODT	= 0x0F,
+};
+
+#endif /* _ASM_X86_SGX_ARCH_H */

[v16,09/22] x86/sgx: Define SGX1 and SGX2 ENCLS leafs

Commit Message

Patch