mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
c6d26d3707
SGX enclave pages are inaccessible to normal software. They must be populated with data by copying from normal memory with the help of the EADD and EEXTEND functions of the ENCLS instruction. Add an ioctl() which performs EADD that adds new data to an enclave, and optionally EEXTEND functions that hash the page contents and use the hash as part of enclave “measurement” to ensure enclave integrity. The enclave author gets to decide which pages will be included in the enclave measurement with EEXTEND. Measurement is very slow and has sometimes has very little value. For instance, an enclave _could_ measure every page of data and code, but would be slow to initialize. Or, it might just measure its code and then trust that code to initialize the bulk of its data after it starts running. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Borislav Petkov <bp@suse.de> Tested-by: Jethro Beekman <jethro@fortanix.com> Link: https://lkml.kernel.org/r/20201112220135.165028-14-jarkko@kernel.org |
||
|---|---|---|
| .. | ||
| mce | ||
| microcode | ||
| mtrr | ||
| resctrl | ||
| sgx | ||
| .gitignore | ||
| acrn.c | ||
| amd.c | ||
| aperfmperf.c | ||
| bugs.c | ||
| cacheinfo.c | ||
| centaur.c | ||
| common.c | ||
| cpu.h | ||
| cpuid-deps.c | ||
| cyrix.c | ||
| feat_ctl.c | ||
| hygon.c | ||
| hypervisor.c | ||
| intel.c | ||
| intel_epb.c | ||
| intel_pconfig.c | ||
| Makefile | ||
| match.c | ||
| mkcapflags.sh | ||
| mshyperv.c | ||
| perfctr-watchdog.c | ||
| powerflags.c | ||
| proc.c | ||
| rdrand.c | ||
| scattered.c | ||
| topology.c | ||
| transmeta.c | ||
| tsx.c | ||
| umc.c | ||
| umwait.c | ||
| vmware.c | ||
| zhaoxin.c | ||