On Mon, Jan 11, 2021 at 08:04:50AM -0600, Josh Poimboeuf wrote: > On Tue, Dec 15, 2020 at 11:03:16AM -0300, Bruno Meneguele wrote: > > On Tue, Dec 15, 2020 at 01:04:00PM -0000, GitLab Bridge on behalf of redhat-patchlab wrote: > > > From: Fedora Kernel Team <kernel-team@xxxxxxxxxxxxxxxxx> > > > > > > Hi, > > > > > > As part of the ongoing rebase effort, the following configuration > > > options need to be reviewed. > > > > > > As a reminder, the ARK configuration flow involves moving unreviewed > > > configuration options from the pending directory to the ark directory. > > > In the diff below, options are removed from the pending directory and > > > added to the ark hierarchy. The final options that need to be ACKed > > > are the files that are being added to the ark hierarchy. > > > > > > If the value for a file that is added should be changed, please reply > > > with a better option. > > > > > > CONFIG_X86_SGX: > > > > > > Intel(R) Software Guard eXtensions (SGX) is a set of CPU instructions > > > that can be used by applications to set aside private regions of code > > > and data, referred to as enclaves. An enclave's private memory can > > > only be accessed by code running within the enclave. Accesses from > > > outside the enclave, including other enclaves, are disallowed by > > > hardware. > > > > > > If unsure, say N. > > > > > > Symbol: X86_SGX [=n] > > > Type : bool > > > Defined at arch/x86/Kconfig:1937 > > > Prompt: Software Guard eXtensions (SGX) > > > Depends on: X86_64 [=y] && CPU_SUP_INTEL [=y] && CRYPTO [=y]=y && CRYPTO_SHA256 [=y]=y > > > Location: > > > -> Processor type and features > > > Selects: SRCU [=y] && MMU_NOTIFIER [=y] > > > > > > --- > > > > > > Cc: David Arcari <darcari@xxxxxxxxxx> > > > Cc: Prarit Bhargava <prarit@xxxxxxxxxx> > > > Signed-off-by: Fedora Kernel Team <kernel-team@xxxxxxxxxxxxxxxxx> > > > --- > > > redhat/configs/common/generic/CONFIG_X86_SGX | 1 + > > > .../pending-common/generic/CONFIG_X86_SGX | 23 ------------------- > > > 2 files changed, 1 insertion(+), 23 deletions(-) > > > create mode 100644 redhat/configs/common/generic/CONFIG_X86_SGX > > > delete mode 100644 redhat/configs/pending-common/generic/CONFIG_X86_SGX > > > > > > diff --git a/redhat/configs/common/generic/CONFIG_X86_SGX b/redhat/configs/common/generic/CONFIG_X86_SGX > > > new file mode 100644 > > > index 000000000000..631f4c45acc5 > > > --- /dev/null > > > +++ b/redhat/configs/common/generic/CONFIG_X86_SGX > > > @@ -0,0 +1 @@ > > > +# CONFIG_X86_SGX is not set > > > diff --git a/redhat/configs/pending-common/generic/CONFIG_X86_SGX b/redhat/configs/pending-common/generic/CONFIG_X86_SGX > > > deleted file mode 100644 > > > index 860ef06185c1..000000000000 > > > --- a/redhat/configs/pending-common/generic/CONFIG_X86_SGX > > > +++ /dev/null > > > @@ -1,23 +0,0 @@ > > > -# CONFIG_X86_SGX: > > > -# > > > -# Intel(R) Software Guard eXtensions (SGX) is a set of CPU instructions > > > -# that can be used by applications to set aside private regions of code > > > -# and data, referred to as enclaves. An enclave's private memory can > > > -# only be accessed by code running within the enclave. Accesses from > > > -# outside the enclave, including other enclaves, are disallowed by > > > -# hardware. > > > -# > > > -# If unsure, say N. > > > -# > > > -# Symbol: X86_SGX [=n] > > > -# Type : bool > > > -# Defined at arch/x86/Kconfig:1937 > > > -# Prompt: Software Guard eXtensions (SGX) > > > -# Depends on: X86_64 [=y] && CPU_SUP_INTEL [=y] && CRYPTO [=y]=y && CRYPTO_SHA256 [=y]=y > > > -# Location: > > > -# -> Processor type and features > > > -# Selects: SRCU [=y] && MMU_NOTIFIER [=y] > > > -# > > > -# > > > -# > > > -# CONFIG_X86_SGX is not set > > > > It's interesting to see, after 41 versions of the patchset, SGX was > > finally upstreamed :). > > > > I also noticed we already have some internal requests for enabling it, > > but I'm not sure if it'll land hw-enablament or core-kernel space. > > > > I would opt for setting it =y on both Fedora and RHEL, but I prefer to > > hear more feedback on it. > > Agreed, I think it makes sense to enable SGX for both Fedora and RHEL. > It's a useful feature with a lot of interest, and it has a variety of > uses for both desktop and server. > > Nacked-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx> > > I can submit a merge request to enable it. > Right. I can ack it as soon as I see your MR. Thanks Josh. -- bmeneg PGP Key: http://bmeneg.com/pubkey.txt
_______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
