On Mon, Jun 01, 2020 at 08:15:17AM -0700, Randy Dunlap wrote: > Hi, > > Sorry I didn't respond to v31 with this so that it could > have been fixed in v32. v32 was just a quick update to v31 (did both within maybe 2h window). > > On 6/1/20 12:52 AM, Jarkko Sakkinen wrote: > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > > index 2d3f963fd6f1..d246c6071e8d 100644 > > --- a/arch/x86/Kconfig > > +++ b/arch/x86/Kconfig > > @@ -1948,6 +1948,22 @@ config X86_INTEL_TSX_MODE_AUTO > > side channel attacks- equals the tsx=auto command line parameter. > > endchoice > > > > +config INTEL_SGX > > + bool "Intel SGX" > > + depends on X86_64 && CPU_SUP_INTEL > > + depends on CRYPTO=y > > + depends on CRYPTO_SHA256=y > > + select SRCU > > + select MMU_NOTIFIER > > + help > > + Intel(R) SGX is a set of CPU instructions that can be used by > > + applications to set aside private regions of code and data, referred > > + to as enclaves. An enclave's private memory can only be accessed by > > + code running within the enclave. Accesses from outside the enclave, > > + including other enclaves, are disallowed by hardware. > > Either the prompt > bool "Intel SGX" > or the help text should tell us what SGX means. > (Software Guard eXtensions) Agreed. > > > + > > + If unsure, say N. > > + > > config EFI > > bool "EFI runtime service support" > > depends on ACPI > > thanks. > -- > ~Randy > Thanks for the feedback. I updated https://github.com/jsakkine-intel/linux-sgx.git accordingly. /Jarkko
