On Tue, Nov 28, 2017 at 09:16:11AM -0800, Sean Christopherson wrote: > On Sat, 2017-11-25 at 21:29 +0200, Jarkko Sakkinen wrote: > > When IA32_FEATURE_CONTROL.SGX_LC identifies that the root key for > > enclave signatures can be configured either by the OS or pre-boot > > firmware. > > > > If this the case, IA32_SGXLEPUBKEYHASHn MSRs (0 < n < 4) can be used > > to > > set the SHA256 of the root key. IA32_FEATURE_CONTROL bit 17 controls > > whether the MSRs are writable by the OS. The pre-boot firmware can > > decided whether to set this bit before setting > > IA32_FEATURE_CONTROL.LOCK. > > The commit message (feature control bit) doesn't match the patch (CPUID > bit). Oops. I'll move most of this the patch that defines the MSRs. I think the latter part was meant for that I had been awake for too long time :-) I'll fix these commit messages with extra care for v7. Thank you. /Jarkko
