[PATCH] x86/sgx: Always deregister /dev/sgx_provision on failure

Jarkko Sakkinen <jarkko@xxxxxxxxxx> · Wed, 11 Aug 2021 01:56:27 +0300

When /dev/sgx_vepc for KVM was added, the initialization was relaxed so
that this file can be accessed even when the driver is disabled.

Deregister /dev/sgx_provision when the driver is disabled, because it is
only useful for the driver.

Fixes: faa7d3e6f3b9 ("x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled")
Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
---
 arch/x86/kernel/cpu/sgx/driver.c | 17 +++++++++++++++++
 arch/x86/kernel/cpu/sgx/main.c   | 20 +-------------------
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/arch/x86/kernel/cpu/sgx/driver.c b/arch/x86/kernel/cpu/sgx/driver.c
index aa9b8b868867..b7698f7628d4 100644
--- a/arch/x86/kernel/cpu/sgx/driver.c
+++ b/arch/x86/kernel/cpu/sgx/driver.c
@@ -143,6 +143,17 @@ static struct miscdevice sgx_dev_enclave = {
 	.fops = &sgx_encl_fops,
 };
 
+const struct file_operations sgx_provision_fops = {
+	.owner			= THIS_MODULE,
+};
+
+static struct miscdevice sgx_dev_provision = {
+	.minor = MISC_DYNAMIC_MINOR,
+	.name = "sgx_provision",
+	.nodename = "sgx_provision",
+	.fops = &sgx_provision_fops,
+};
+
 int __init sgx_drv_init(void)
 {
 	unsigned int eax, ebx, ecx, edx;
@@ -176,5 +187,11 @@ int __init sgx_drv_init(void)
 	if (ret)
 		return ret;
 
+	ret = misc_register(&sgx_dev_provision);
+	if (ret) {
+		misc_deregister(&sgx_dev_enclave);
+		return ret;
+	}
+
 	return 0;
 }
diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c
index 63d3de02bbcc..b8f210f15b62 100644
--- a/arch/x86/kernel/cpu/sgx/main.c
+++ b/arch/x86/kernel/cpu/sgx/main.c
@@ -745,17 +745,6 @@ void sgx_update_lepubkeyhash(u64 *lepubkeyhash)
 		wrmsrl(MSR_IA32_SGXLEPUBKEYHASH0 + i, lepubkeyhash[i]);
 }
 
-const struct file_operations sgx_provision_fops = {
-	.owner			= THIS_MODULE,
-};
-
-static struct miscdevice sgx_dev_provision = {
-	.minor = MISC_DYNAMIC_MINOR,
-	.name = "sgx_provision",
-	.nodename = "sgx_provision",
-	.fops = &sgx_provision_fops,
-};
-
 /**
  * sgx_set_attribute() - Update allowed attributes given file descriptor
  * @allowed_attributes:		Pointer to allowed enclave attributes
@@ -806,10 +795,6 @@ static int __init sgx_init(void)
 		goto err_page_cache;
 	}
 
-	ret = misc_register(&sgx_dev_provision);
-	if (ret)
-		goto err_kthread;
-
 	/*
 	 * Always try to initialize the native *and* KVM drivers.
 	 * The KVM driver is less picky than the native one and
@@ -821,13 +806,10 @@ static int __init sgx_init(void)
 	ret = sgx_drv_init();
 
 	if (sgx_vepc_init() && ret)
-		goto err_provision;
+		goto err_kthread;
 
 	return 0;
 
-err_provision:
-	misc_deregister(&sgx_dev_provision);
-
 err_kthread:
 	kthread_stop(ksgxd_tsk);
 
-- 
2.32.0







