On Mon, Oct 19, 2020 at 07:30:32AM -0700, Dave Hansen wrote:
> On 10/2/20 9:50 PM, Jarkko Sakkinen wrote:
> > +/**
> > + * encls_failed() - Check if an ENCLS leaf function failed
> > + * @ret: the return value of an ENCLS leaf function call
> > + *
> > + * Check if an ENCLS leaf function failed. This happens when the leaf function
> > + * causes a fault that is not caused by an EPCM conflict or when the leaf
> > + * function returns a non-zero value.
> > + */
> > +static inline bool encls_failed(int ret)
> > +{
> > + int epcm_trapnr;
> > +
> > + if (boot_cpu_has(X86_FEATURE_SGX2))
> > + epcm_trapnr = X86_TRAP_PF;
> > + else
> > + epcm_trapnr = X86_TRAP_GP;
>
> So, the SDM makes it sound like the only thing that changes from
> SGX1->SGX2 is the ENCLS leafs supported. Since the kernel doesn't use
> any SGX2 leaf functions, this would imply there is some other
> architecture change which is visible. *But* I don't see any evidence of
> this in the SDM, at least from a quick scan.
>
> Why is this here?
SGX1 CPUs take an erratum on the #PF behavior, e.g. "KBW90 Violation of Intel
SGX Access-Control Requirements Produce #GP Instead of #PF".
https://www.intel.com/content/dam/www/public/us/en/documents/specification-updates/xeon-e3-1200v6-spec-update.pdf
> > + if (ret & ENCLS_FAULT_FLAG)
> > + return ENCLS_TRAPNR(ret) != epcm_trapnr;
> > +
> > + return !!ret;
> > +}
>
>
