Remove from sgx_validate_secs(): if (secs->miscselect & sgx_misc_reserved_mask || secs->attributes & sgx_attributes_reserved_mask || secs->xfrm & sgx_xfrm_reserved_mask) return -EINVAL; SECS can surpass the platform limits because it's the SIGSTRUCT that defines the limits that are used at run-time. What SECS does is that it defines the overall limits that must apply for any platform, i.e. SECS limits and platform limits are orthogonal. They are not dependent. Cc: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> Cc: Jethro Beekman <jethro@xxxxxxxxxxxx> Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> Suggested-by: Haitao Huang <haitao.huang@xxxxxxxxxxxxxxx> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> --- arch/x86/kernel/cpu/sgx/ioctl.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 6b3cc8483008..008752cb54f0 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -86,11 +86,6 @@ static int sgx_validate_secs(const struct sgx_secs *secs) if (secs->base & (secs->size - 1)) return -EINVAL; - if (secs->miscselect & sgx_misc_reserved_mask || - secs->attributes & sgx_attributes_reserved_mask || - secs->xfrm & sgx_xfrm_reserved_mask) - return -EINVAL; - if (secs->size > max_size) return -EINVAL; -- 2.25.1
