Not allowing to set RW for added TCS pages leads only to a special case to be handled in the user space run-time. Thus, allow permissions to be set RW. Originally, it would have probably made more sense to check up that the permissions are RW. Signed-off-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> --- arch/x86/kernel/cpu/sgx/ioctl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c index 83df20e3e633..f79761ad0400 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -215,7 +215,7 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) * CPU will silently overwrite the permissions as zero, which means * that we need to validate it ourselves. */ - if (pt == SGX_SECINFO_TCS && perm) + if (pt == SGX_SECINFO_TCS && (perm != 0 || perm != (PROT_READ | PROT_WRITE))) return -EINVAL; if (secinfo->flags & SGX_SECINFO_RESERVED_MASK) -- 2.35.1
