On Wed, May 20, 2020 at 08:47:45PM +0200, Borislav Petkov wrote: > On Fri, May 15, 2020 at 03:43:54AM +0300, Jarkko Sakkinen wrote: > > +/** > > + * struct sgx_sigstruct_header - defines author of the enclave > > + * @header1: constant byte string > > + * @vendor: must be either 0x0000 or 0x8086 > > Out of pure curiosity: what is that about? > > Nothing in the patchset enforces this, so hw does? If so, why? > > Are those vendor IDs going to be assigned by someone or what's up? > > Thx. In SGX1 world 0x8086 was used to mark architectural enclaves and 0x0000 user run enclaves. In SGX2 world they are irrelevant. In order to retain compatiblity I'd add an explicit check to: 1. Allow vendor ID of 0x0000 or 0x8086. 2. Reject other vendor ID's (-EINVAL). /Jarkko
