On Mon, Oct 05, 2020 at 06:38:03AM +0300, Jarkko Sakkinen wrote: > Remove from sgx_validate_secs(): > > if (secs->miscselect & sgx_misc_reserved_mask || > secs->attributes & sgx_attributes_reserved_mask || > secs->xfrm & sgx_xfrm_reserved_mask) > return -EINVAL; > > SECS can surpass the platform limits because it's the SIGSTRUCT that > defines the limits that are used at run-time. > > What SECS does is that it defines the overall limits that must apply for > any platform, i.e. SECS limits and platform limits are orthogonal. They are > not dependent. > > Rename sgx_*_reserved_mask as sgx_cpu_* in order to bring some clarity > and separate them from SIGSTRUCT limits. > > Cc: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > Cc: Jethro Beekman <jethro@xxxxxxxxxxxx> > Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> > Suggested-by: Haitao Huang <haitao.huang@xxxxxxxxxxxxxxx> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> Ugh, forgot that the masks are describing things that *are not* allowed. Please just ignore this version. I'll take the first version. NAK from my side. /Jarkko
