Re: [PATCH] x86/sgx: Fix sgx_ioc_enclave_add_page() documentation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Aug 26, 2019 at 08:59:34AM +0300, Jarkko Sakkinen wrote:
> On Mon, Aug 26, 2019 at 08:32:48AM +0300, Jarkko Sakkinen wrote:
> > Refine the kdoc of sgx_ioc_enclave_add_page() with a proper description
> > about the interaction with mmap(). Without documentation, it is
> > impossible to review the code change.
> > 
> > Cc: Serge Ayoun <serge.ayoun@xxxxxxxxx>
> > Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> > Cc: Sean Christoherson <sean.j.christopherson@xxxxxxxxx>
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
> 
> I squashed this.

Further defined the documentation to also address TCS:

/**
 * sgx_ioc_enclave_add_page() - The handler for %SGX_IOC_ENCLAVE_ADD_PAGE
 * @filep:	open file to /dev/sgx
 * @arg:	a user pointer to a struct sgx_enclave_add_page instance
 *
 * Add (EADD) a page to an uninitialized enclave, and optionally extend
 * (EEXTEND) the measurement with the contents of the page. A SECINFO for a TCS
 * is required to always contain zero permissions because CPU silently zeros
 * them. Allowing anything else would cause a mismatch in the measurement.
 *
 * mmap()'s protection bits are capped by the page permissions. For each page
 * address, the maximum protection bits are computed with the following
 * heuristics:
 *
 * 1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
 * 2. A TCS page: PROT_R | PROT_W.
 * 3. No page: PROT_NONE.
 *
 * mmap() is not allowed to surpass the minimum of the maximum protection bits
 * within the given address range.
 *
 * As stated above, a non-existent page is interpreted as a page with no
 * permissions. In effect, this allows mmap() with PROT_NONE to be used to seek
 * an address range for the enclave that can be then populated into SECS.
 *
 * Return:
 *   0 on success,
 *   -EINVAL if the SECINFO contains invalid data,
 *   -EACCES if the source page is located in a noexec partition,
 *   -ENOMEM if any memory allocation, including EPC, fails,
 *   -errno otherwise
 */

Saw no point to cycle this here other than mention about the change. I'd
say now it starts to be throughout enough.

/Jarkko
[Index of Archives]     [AMD Graphics]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux