Re: [PATCH v28 11/22] x86/sgx: Linux Enclave Driver

Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> · Fri, 6 Mar 2020 21:00:03 +0200

On Thu, Mar 05, 2020 at 07:24:11PM +0100, Jethro Beekman wrote:
> On 2020-03-05 18:40, Sean Christopherson wrote:
> > On Wed, Mar 04, 2020 at 01:35:58AM +0200, Jarkko Sakkinen wrote:
> >> diff --git a/arch/x86/include/uapi/asm/sgx.h b/arch/x86/include/uapi/asm/sgx.h
> >> new file mode 100644
> >> index 000000000000..5edb08ab8fd0
> >> --- /dev/null
> >> +++ b/arch/x86/include/uapi/asm/sgx.h
> >> @@ -0,0 +1,66 @@
> >> +/* SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause) WITH Linux-syscall-note */
> >> +/*
> >> + * Copyright(c) 2016-19 Intel Corporation.
> >> + */
> >> +#ifndef _UAPI_ASM_X86_SGX_H
> >> +#define _UAPI_ASM_X86_SGX_H
> >> +
> >> +#include <linux/types.h>
> >> +#include <linux/ioctl.h>
> >> +
> >> +/**
> >> + * enum sgx_epage_flags - page control flags
> >> + * %SGX_PAGE_MEASURE:	Measure the page contents with a sequence of
> >> + *			ENCLS[EEXTEND] operations.
> >> + */
> >> +enum sgx_page_flags {
> >> +	SGX_PAGE_MEASURE	= 0x01,
> >> +};
> >> +
> >> +#define SGX_MAGIC 0xA4
> >> +
> >> +#define SGX_IOC_ENCLAVE_CREATE \
> >> +	_IOW(SGX_MAGIC, 0x00, struct sgx_enclave_create)
> >> +#define SGX_IOC_ENCLAVE_ADD_PAGES \
> >> +	_IOWR(SGX_MAGIC, 0x01, struct sgx_enclave_add_pages)
> >> +#define SGX_IOC_ENCLAVE_INIT \
> >> +	_IOW(SGX_MAGIC, 0x02, struct sgx_enclave_init)
> >> +
> >> +/**
> >> + * struct sgx_enclave_create - parameter structure for the
> >> + *                             %SGX_IOC_ENCLAVE_CREATE ioctl
> >> + * @src:	address for the SECS page data
> >> + */
> >> +struct sgx_enclave_create  {
> >> +	__u64	src;
> > 
> > Would it make sense to add reserved fields to the structs so that new
> > features can be added in a backwards compatible way?  E.g. if we want to
> > allow userspace to control the backing store by passing in a file
> > descriptor ENCLAVE_CREATE.
> 
> Reserving space for future fields is not necessary because the size of
> the struct is encoded in the ioctl number. The kernel can use this to
> differentiate between different call versions from userspace.

Sure but I still would never change the signature once a ioctl is added.

/Jarkko