On Thu, Jan 23, 2020 at 03:07:46PM +0200, Jarkko Sakkinen wrote: > As suggested by Borislav, disallow SGX if the PK MSRs are not writable. > > Link: https://patchwork.kernel.org/patch/11267757/#23072371 > Cc: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > Suggested-by: Borislav Petkov <bp@xxxxxxxxx> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > --- > Just a sanity check before merge, please ack that this is what you > wanted. > arch/x86/kernel/cpu/intel.c | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c > index 06252c82b8f7..0d57e9666de0 100644 > --- a/arch/x86/kernel/cpu/intel.c > +++ b/arch/x86/kernel/cpu/intel.c > @@ -600,7 +600,7 @@ static void __maybe_unused detect_sgx(struct cpuinfo_x86 *c) > > if (!(fc & FEATURE_CONTROL_SGX_LE_WR)) { > pr_info_once("sgx: The launch control MSRs are not writable\n"); > - goto err_msrs_rdonly; > + goto err_unsupported; > } > > return; > @@ -609,8 +609,6 @@ static void __maybe_unused detect_sgx(struct cpuinfo_x86 *c) > setup_clear_cpu_cap(X86_FEATURE_SGX); > setup_clear_cpu_cap(X86_FEATURE_SGX1); > setup_clear_cpu_cap(X86_FEATURE_SGX2); > - > -err_msrs_rdonly: > setup_clear_cpu_cap(X86_FEATURE_SGX_LC); > } > > -- Yap, looks about right. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette
