Destroy enclave on ENCLS[EADD] failure in order to get consistent
behavior when any ENCLS fails in this ioctl.
Cc: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
---
arch/x86/kernel/cpu/sgx/ioctl.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
index 2d6f7b8cc429..a2b411a8236d 100644
--- a/arch/x86/kernel/cpu/sgx/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/ioctl.c
@@ -413,8 +413,13 @@ static int sgx_encl_add_page(struct sgx_encl *encl,
ret = __sgx_encl_add_page(encl, encl_page, epc_page, secinfo,
addp->src);
- if (ret)
+ if (ret) {
+ /* ENCLS failure. */
+ if (ret == -EIO)
+ sgx_encl_destroy(encl);
+
goto err_out;
+ }
/*
* Complete the "add" before doing the "extend" so that the "add"
@@ -428,10 +433,7 @@ static int sgx_encl_add_page(struct sgx_encl *encl,
if (addp->flags & SGX_PAGE_MEASURE) {
ret = __sgx_encl_extend(encl, epc_page);
- /*
- * Destroy the enclave if EEXTEND fails, EADD can't be undone.
- * Note, destroy() also frees the resources for the added page.
- */
+ /* ENCLS failure. */
if (ret) {
sgx_encl_destroy(encl);
goto out_unlock;
@@ -494,6 +496,10 @@ static int sgx_encl_add_page(struct sgx_encl *encl,
* re-invoke SGX_IOC_ENCLAVE_ADD_PAGES using the same struct in response to an
* ERESTARTSYS error.
*
+ * If ENCLS opcode fails, that effectively means that EPC has been invalidated.
+ * When this happens the enclave is destroyed and -EIO is returned to the
+ * caller.
+ *
* Return:
* 0 on success,
* -EACCES if an executable source page is located in a noexec partition,
--
2.20.1
