linux-stable/arch/x86/kernel
Paolo Bonzini fd5128e622 x86/sgx/virt: extract sgx_vepc_remove_page
For bare-metal SGX on real hardware, the hardware provides guarantees
SGX state at reboot.  For instance, all pages start out uninitialized.
The vepc driver provides a similar guarantee today for freshly-opened
vepc instances, but guests such as Windows expect all pages to be in
uninitialized state on startup, including after every guest reboot.

One way to do this is to simply close and reopen the /dev/sgx_vepc file
descriptor and re-mmap the virtual EPC.  However, this is problematic
because it prevents sandboxing the userspace (for example forbidding
open() after the guest starts; this is doable with heavy use of SCM_RIGHTS
file descriptor passing).

In order to implement this, we will need a ioctl that performs
EREMOVE on all pages mapped by a /dev/sgx_vepc file descriptor:
other possibilities, such as closing and reopening the device,
are racy.

Start the implementation by creating a separate function with just
the __eremove wrapper.

Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Link: https://lkml.kernel.org/r/20211021201155.1523989-2-pbonzini@redhat.com
2021-10-22 08:30:09 -07:00
..
acpi x86: Fix typo s/ECLR/ELCR/ for the PIC register 2021-08-10 23:31:44 +02:00
apic A set of updates to support port 0x22/0x23 based PCI configuration space 2021-08-30 15:20:05 -07:00
cpu x86/sgx/virt: extract sgx_vepc_remove_page 2021-10-22 08:30:09 -07:00
fpu x86/fpu: Mask out the invalid MXCSR bits properly 2021-10-16 12:37:50 +02:00
kprobes Merge branch 'akpm' (patches from Andrew) 2021-07-02 12:08:10 -07:00
.gitignore
alternative.c Linux 5.13-rc5 2021-06-07 11:02:30 +02:00
amd_gart_64.c x86/amd_gart: don't set failed sg dma_address to DMA_MAPPING_ERROR 2021-08-09 17:13:06 +02:00
amd_nb.c hwmon: (k10temp) Add support for yellow carp 2021-08-27 13:54:58 -07:00
aperture_64.c memblock: make memblock_find_in_range method private 2021-09-03 09:58:17 -07:00
apm_32.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
asm-offsets.c x86/paravirt: Switch iret pvops to ALTERNATIVE 2021-03-11 19:58:54 +01:00
asm-offsets_32.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
asm-offsets_64.c x86/xen: Drop USERGS_SYSRET64 paravirt call 2021-02-10 12:32:07 +01:00
audit_64.c
bootflag.c
check.c
cpuid.c smp: Cleanup smp_call_function*() 2020-11-24 16:47:49 +01:00
crash.c x86/crash: Remove crash_reserve_low_1M() 2021-06-07 12:14:45 +02:00
crash_core_32.c
crash_core_64.c
crash_dump_32.c x86/crashdump/32: Simplify copy_oldmem_page() 2020-11-24 14:42:09 +01:00
crash_dump_64.c
devicetree.c x86/devicetree: Fix the ioapic interrupt type table 2020-10-28 20:26:24 +01:00
doublefault_32.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
dumpstack.c x86/dumpstack: use %pSb/%pBb for backtrace printing 2021-07-08 11:48:22 -07:00
dumpstack_32.c
dumpstack_64.c x86/irq/64: Adjust the per CPU irq stack pointer by 8 2021-02-10 23:34:14 +01:00
e820.c Power management updates for 5.13-rc1 2021-04-26 15:10:25 -07:00
early-quirks.c x86/hpet: Use another crystalball to evaluate HPET usability 2021-10-01 13:38:13 +02:00
early_printk.c
ebda.c
eisa.c
espfix_64.c
ftrace.c x86: Remove dynamic NOP selection 2021-03-15 16:24:59 +01:00
ftrace_32.S
ftrace_64.S x86/ftrace: Support objtool vmlinux.o validation in ftrace_64.S 2021-01-26 11:33:02 -06:00
head32.c
head64.c x86/sev-es: Rename sev-es.{ch} to sev.{ch} 2021-05-10 07:40:27 +02:00
head_32.S printk: Userspace format indexing support 2021-07-19 11:57:48 +02:00
head_64.S x86/entry: Unify definitions from <asm/calling.h> and <asm/ptrace-abi.h> 2021-05-12 10:49:13 +02:00
hpet.c x86/hpet: Use another crystalball to evaluate HPET usability 2021-10-01 13:38:13 +02:00
hw_breakpoint.c x86/debug: Prevent data breakpoints on cpu_dr7 2021-02-05 20:13:12 +01:00
i8237.c
i8253.c
i8259.c x86: Avoid magic number with ELCR register accesses 2021-08-10 23:31:43 +02:00
idt.c X86 interrupt related changes: 2021-06-29 12:36:59 -07:00
io_delay.c
ioport.c
irq.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
irq_32.c softirq: Move do_softirq_own_stack() to generic asm header 2021-02-10 23:34:16 +01:00
irq_64.c x86/softirq/64: Inline do_softirq_own_stack() 2021-02-10 23:34:17 +01:00
irq_work.c
irqflags.S x86/pv: Rework arch_local_irq_restore() to not use popf 2021-02-10 12:36:45 +01:00
irqinit.c x86/headers: Remove APIC headers from <asm/smp.h> 2020-08-06 16:13:09 +02:00
itmt.c
jailhouse.c locking/seqlock, headers: Untangle the spaghetti monster 2020-08-06 16:13:13 +02:00
jump_label.c jump_labels: Mark __jump_label_transform() as __always_inlined to work around aggressive compiler un-inlining 2021-07-13 06:32:05 +02:00
kdebugfs.c
kexec-bzimage64.c x86: Use ELF fields defined in 'struct kimage' 2021-03-08 12:06:29 -07:00
kgdb.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
ksysfs.c
kvm.c x86/kvm: Don't enable IRQ when IRQ enabled in kvm_wait 2021-09-06 06:32:35 -04:00
kvmclock.c x86/kvmclock: Move this_cpu_pvti into kvmclock.h 2021-09-30 04:08:01 -04:00
ldt.c memcg: enable accounting for ldt_struct objects 2021-09-03 09:58:13 -07:00
machine_kexec_32.c x86/kexec: Set_[gi]dt() -> native_[gi]dt_invalidate() in machine_kexec_*.c 2021-05-21 12:36:45 +02:00
machine_kexec_64.c x86/kexec: Set_[gi]dt() -> native_[gi]dt_invalidate() in machine_kexec_*.c 2021-05-21 12:36:45 +02:00
Makefile drm-misc-next for v5.15-rc1: 2021-07-23 11:32:43 +10:00
mmconf-fam10h_64.c x86/msr: Rename MSR_K8_SYSCFG to MSR_AMD64_SYSCFG 2021-05-10 07:51:38 +02:00
module.c x86/build: Treat R_386_PLT32 relocation as R_386_PC32 2021-01-28 12:24:06 +01:00
mpparse.c x86: Avoid magic number with ELCR register accesses 2021-08-10 23:31:43 +02:00
msr.c x86/MSR: Filter MSR writes through X86_IOC_WRMSR_REGS ioctl too 2021-01-27 19:06:47 +01:00
nmi.c x86/sev-es: Rename sev-es.{ch} to sev.{ch} 2021-05-10 07:40:27 +02:00
nmi_selftest.c
paravirt-spinlocks.c x86/paravirt: Add new features for paravirt patching 2021-03-11 19:51:49 +01:00
paravirt.c The x86 MM changes in this cycle were: 2021-04-29 11:41:43 -07:00
pci-dma.c dma-mapping: move dma-debug.h to kernel/dma/ 2020-10-06 07:07:05 +02:00
pci-iommu_table.c x86: Remove definition of DEBUG 2021-01-15 08:23:10 +01:00
pci-swiotlb.c
pcspeaker.c
perf_regs.c - Remove all uses of TIF_IA32 and TIF_X32 and reclaim the two bits in the end 2020-12-14 13:45:26 -08:00
platform-quirks.c
pmem.c
probe_roms.c maccess: make get_kernel_nofault() check for minimal type compatibility 2020-06-18 12:10:37 -07:00
process.c Fixes and improvements for FPU handling on x86: 2021-07-07 11:12:01 -07:00
process.h
process_32.c x86/dumpstack: Add log_lvl to __show_regs() 2020-07-22 23:56:53 +02:00
process_64.c x86/fpu: Add PKRU storage outside of task XSAVE buffer 2021-06-23 19:37:45 +02:00
ptrace.c x86/regs: Syscall_get_nr() returns -1 for a non-system call 2021-05-12 10:49:15 +02:00
pvclock.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
quirks.c x86, powerpc: Rename memcpy_mcsafe() to copy_mc_to_{user, kernel}() 2020-10-06 11:18:04 +02:00
reboot.c x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions 2021-08-12 12:06:58 +02:00
reboot_fixups_32.c
relocate_kernel_32.S x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
relocate_kernel_64.S x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
resource.c
rtc.c
setup.c x86/setup: Call early_reserve_memory() earlier 2021-09-21 09:52:08 +02:00
setup_percpu.c memblock: introduce saner 'memblock_free_ptr()' interface 2021-09-14 13:23:22 -07:00
sev-shared.c x86/sev: Return an error on a returned non-zero SW_EXITINFO1[31:0] 2021-10-01 11:14:41 +02:00
sev.c x86/sev: Use "SEV: " prefix for messages from sev.c 2021-06-23 11:56:18 +02:00
sev_verify_cbit.S x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path 2020-10-29 18:06:52 +01:00
signal.c Fixes and improvements for FPU handling on x86: 2021-07-07 11:12:01 -07:00
signal_compat.c signal: Verify the alignment and size of siginfo_t 2021-07-23 13:15:31 -05:00
smp.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
smpboot.c x86/smp: Add a per-cpu view of SMT state 2021-07-28 11:42:23 +02:00
stacktrace.c stacktrace: Move documentation for arch_stack_walk_reliable() to header 2021-03-10 15:52:31 +01:00
static_call.c x86: Remove dynamic NOP selection 2021-03-15 16:24:59 +01:00
step.c entry: Ensure trap after single-step on system call return 2021-02-06 00:21:42 +01:00
sys_ia32.c x86: switch to kernel_clone() 2020-08-20 13:12:58 +02:00
sys_x86_64.c x86/mm: Refine mmap syscall implementation 2021-01-05 19:07:42 +01:00
tboot.c x86/boot/tboot: Avoid Wstringop-overread-warning 2021-03-23 00:16:13 +01:00
time.c
tls.c x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
tls.h x86: switch to ->regset_get() 2020-07-27 14:31:07 -04:00
topology.c x86: Fix various typos in comments 2021-03-18 15:31:53 +01:00
trace.c trace/osnoise: Fix 'no previous prototype' warnings 2021-06-28 14:12:26 -04:00
trace_clock.c
tracepoint.c
traps.c Fixes and improvements for FPU handling on x86: 2021-07-07 11:12:01 -07:00
tsc.c clocksource: Reduce clocksource-skew threshold 2021-06-22 16:53:16 +02:00
tsc_msr.c Misc fixes and small updates all around the place: 2020-08-15 10:38:03 -07:00
tsc_sync.c x86: Fix various typos in comments, take #2 2021-03-21 23:50:28 +01:00
umip.c x86/insn: Extend error reporting from insn_fetch_from_user[_inatomic]() 2021-06-15 11:39:30 +02:00
unwind_frame.c fork-v5.9 2020-08-04 14:47:45 -07:00
unwind_guess.c
unwind_orc.c x86/unwind/orc: Silence warnings caused by missing ORC data 2021-03-06 13:09:45 +01:00
uprobes.c x86/uprobes: Convert to insn_decode() 2021-03-15 12:05:03 +01:00
verify_cpu.S
vm86_32.c x86/vm86/32: Remove VM86_SCREEN_BITMAP support 2021-01-21 20:08:53 +01:00
vmlinux.lds.S x86/build: Fix vmlinux size check on 64-bit 2020-10-29 21:54:35 +01:00
vsmp_64.c
x86_init.c x86/apic: Support 15 bits of APIC ID in MSI where available 2020-10-28 20:26:29 +01:00