On Wed, Mar 20, 2019 at 03:41:53PM -0400, Neil Horman wrote: > On Wed, Mar 20, 2019 at 06:20:53PM +0200, Jarkko Sakkinen wrote: > > From: Kai Huang <kai.huang@xxxxxxxxxxxxxxx> > > > > X86_FEATURE_SGX reflects whether or not the CPU supports Intel's > > Software Guard eXtensions (SGX). > > > > Signed-off-by: Kai Huang <kai.huang@xxxxxxxxxxxxxxx> > > Co-developed-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > > Reviewed-by: Borislav Petkov <bp@xxxxxxx> > > --- > > arch/x86/include/asm/cpufeatures.h | 1 + > > arch/x86/include/asm/disabled-features.h | 8 +++++++- > > 2 files changed, 8 insertions(+), 1 deletion(-) > > > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > > index 981ff9479648..a16325db4cff 100644 > > --- a/arch/x86/include/asm/cpufeatures.h > > +++ b/arch/x86/include/asm/cpufeatures.h > > @@ -236,6 +236,7 @@ > > /* Intel-defined CPU features, CPUID level 0x00000007:0 (EBX), word 9 */ > > #define X86_FEATURE_FSGSBASE ( 9*32+ 0) /* RDFSBASE, WRFSBASE, RDGSBASE, WRGSBASE instructions*/ > > #define X86_FEATURE_TSC_ADJUST ( 9*32+ 1) /* TSC adjustment MSR 0x3B */ > > +#define X86_FEATURE_SGX ( 9*32+ 2) /* Software Guard Extensions */ > > #define X86_FEATURE_BMI1 ( 9*32+ 3) /* 1st group bit manipulation extensions */ > > #define X86_FEATURE_HLE ( 9*32+ 4) /* Hardware Lock Elision */ > > #define X86_FEATURE_AVX2 ( 9*32+ 5) /* AVX2 instructions */ > > diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h > > index a5ea841cc6d2..74de07d0f390 100644 > > --- a/arch/x86/include/asm/disabled-features.h > > +++ b/arch/x86/include/asm/disabled-features.h > > @@ -62,6 +62,12 @@ > > # define DISABLE_PTI (1 << (X86_FEATURE_PTI & 31)) > > #endif > > > > +#ifdef CONFIG_INTEL_SGX > > +# define DISABLE_SGX_CORE 0 > > +#else > > +# define DISABLE_SGX_CORE (1 << (X86_FEATURE_SGX & 31)) > > +#endif > > + > > /* > > * Make sure to add features to the correct mask > > */ > > @@ -74,7 +80,7 @@ > > #define DISABLED_MASK6 0 > > #define DISABLED_MASK7 (DISABLE_PTI) > > #define DISABLED_MASK8 0 > > -#define DISABLED_MASK9 (DISABLE_MPX|DISABLE_SMAP) > > +#define DISABLED_MASK9 (DISABLE_MPX|DISABLE_SMAP|DISABLE_SGX_CORE) > > #define DISABLED_MASK10 0 > > #define DISABLED_MASK11 0 > > #define DISABLED_MASK12 0 > > -- > > 2.19.1 > > > Just out of curiosity, would it be worthwhile to separate out the cpufeature > patches here to post and integrate them separately? It would at least reduce > the size of this patch set slightly, as these aren't controversial changes I can prepare such patch set if that is what people want. I also see a benefit of single patch though that you can git am and try out. Most of the changes do not play much of a role without the functionality. /Jarkko
