leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b0c7459be0
linux/arch/x86/kernel
History
Kai Huang b0c7459be0 x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() 
EREMOVE takes a page and removes any association between that page and
an enclave. It must be run on a page before it can be added into another
enclave. Currently, EREMOVE is run as part of pages being freed into the
SGX page allocator. It is not expected to fail, as it would indicate a
use-after-free of EPC pages. Rather than add the page back to the pool
of available EPC pages, the kernel intentionally leaks the page to avoid
additional errors in the future.

However, KVM does not track how guest pages are used, which means that
SGX virtualization use of EREMOVE might fail. Specifically, it is
legitimate that EREMOVE returns SGX_CHILD_PRESENT for EPC assigned to
KVM guest, because KVM/kernel doesn't track SECS pages.

To allow SGX/KVM to introduce a more permissive EREMOVE helper and
to let the SGX virtualization code use the allocator directly, break
out the EREMOVE call from the SGX page allocator. Rename the original
sgx_free_epc_page() to sgx_encl_free_epc_page(), indicating that
it is used to free an EPC page assigned to a host enclave. Replace
sgx_free_epc_page() with sgx_encl_free_epc_page() in all call sites so
there's no functional change.

At the same time, improve the error message when EREMOVE fails, and
add documentation to explain to the user what that failure means and
to suggest to the user what to do when this bug happens in the case it
happens.

 [ bp: Massage commit message, fix typos and sanitize text, simplify. ]

Signed-off-by: Kai Huang <kai.huang@intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Link: https://lkml.kernel.org/r/20210325093057.122834-1-kai.huang@intel.com
2021-03-26 22:51:23 +01:00
..
acpi x86/acpi: Support objtool validation in wakeup_64.S 2021-01-26 11:33:03 -06:00
apic Rework of the X86 irq stack handling: 2021-02-24 16:32:23 -08:00
cpu x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() 2021-03-26 22:51:23 +01:00
fpu x86/fpu/xstate: Use sizeof() instead of a constant 2021-01-29 12:33:17 +01:00
kprobes x86/kprobes: Do not decode opcode in resume_execution() 2021-01-05 15:42:30 +01:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
alternative.c - Remove all uses of TIF_IA32 and TIF_X32 and reclaim the two bits in the end 2020-12-14 13:45:26 -08:00
amd_gart_64.c dma-mapping: split <linux/dma-mapping.h> 2020-10-06 07:07:03 +02:00
amd_nb.c x86/CPU/AMD: Remove amd_get_nb_id() 2020-11-19 11:43:17 +01:00
aperture_64.c
apm_32.c
asm-offsets_32.c x86 entry code updates: 2020-03-30 19:14:28 -07:00
asm-offsets_64.c x86/xen: Drop USERGS_SYSRET64 paravirt call 2021-02-10 12:32:07 +01:00
asm-offsets.c x86/head/64: Remove unused GET_CR2_INTO() macro 2020-11-18 18:09:38 +01:00
audit_64.c x86/audit: Fix a -Wmissing-prototypes warning for ia32_classify_syscall() 2020-05-19 18:03:07 +02:00
bootflag.c
check.c
cpuid.c smp: Cleanup smp_call_function*() 2020-11-24 16:47:49 +01:00
crash_core_32.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
crash_core_64.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
crash_dump_32.c x86/crashdump/32: Simplify copy_oldmem_page() 2020-11-24 14:42:09 +01:00
crash_dump_64.c fs/core/vmcore: Move sev_active() reference to x86 arch code 2019-08-09 22:52:10 +10:00
crash.c x86/crash: Correct the address boundary of function parameters 2020-08-07 01:32:00 +02:00
devicetree.c x86/devicetree: Fix the ioapic interrupt type table 2020-10-28 20:26:24 +01:00
doublefault_32.c x86/entry: Convert double fault exception to IDTENTRY_DF 2020-06-11 15:15:03 +02:00
dumpstack_32.c x86/32: Remove CONFIG_DOUBLEFAULT 2020-04-14 14:24:05 +02:00
dumpstack_64.c x86/irq/64: Adjust the per CPU irq stack pointer by 8 2021-02-10 23:34:14 +01:00
dumpstack.c - Remove all uses of TIF_IA32 and TIF_X32 and reclaim the two bits in the end 2020-12-14 13:45:26 -08:00
e820.c efi/fake_mem: arrange for a resource entry per efi_fake_mem instance 2020-10-13 18:38:27 -07:00
early_printk.c mm: reorder includes after introduction of linux/pgtable.h 2020-06-09 09:39:13 -07:00
early-quirks.c x86/gpu: add RKL stolen memory support 2020-05-20 08:35:22 -07:00
ebda.c
eisa.c
espfix_64.c mm: introduce include/linux/pgtable.h 2020-06-09 09:39:13 -07:00
ftrace_32.S x86: Change {JMP,CALL}_NOSPEC argument 2020-04-30 20:14:34 +02:00
ftrace_64.S x86/ftrace: Support objtool vmlinux.o validation in ftrace_64.S 2021-01-26 11:33:02 -06:00
ftrace.c x86/ftrace: Do not jump to direct code in created trampolines 2020-06-29 11:42:48 -04:00
head32.c
head64.c x86/head64: Remove duplicate include 2020-11-20 17:43:15 +01:00
head_32.S x86/xen: remove 32-bit Xen PV guest support 2020-08-11 08:26:48 +02:00
head_64.S - Fix the vmlinux size check on 64-bit along with adding useful clarifications on the topic 2020-12-14 13:54:50 -08:00
hpet.c x86/hpet: Use irq_find_matching_fwspec() to find remapping irqdomain 2020-10-28 20:26:28 +01:00
hw_breakpoint.c x86/debug: Prevent data breakpoints on cpu_dr7 2021-02-05 20:13:12 +01:00
i8237.c
i8253.c
i8259.c x86/i8259: Use printk_deferred() to prevent deadlock 2020-07-29 16:27:16 +02:00
idt.c This feature enhances the current guest memory encryption support 2020-10-14 10:21:34 -07:00
io_delay.c
ioport.c x86/ioperm: Prevent a memory leak when fork fails 2020-05-28 21:36:20 +02:00
irq_32.c softirq: Move do_softirq_own_stack() to generic asm header 2021-02-10 23:34:16 +01:00
irq_64.c x86/softirq/64: Inline do_softirq_own_stack() 2021-02-10 23:34:17 +01:00
irq_work.c x86/entry: Convert various system vectors 2020-06-11 15:15:14 +02:00
irq.c Rework of the X86 irq stack handling: 2021-02-24 16:32:23 -08:00
irqflags.S x86/pv: Rework arch_local_irq_restore() to not use popf 2021-02-10 12:36:45 +01:00
irqinit.c x86/headers: Remove APIC headers from <asm/smp.h> 2020-08-06 16:13:09 +02:00
itmt.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
jailhouse.c locking/seqlock, headers: Untangle the spaghetti monster 2020-08-06 16:13:13 +02:00
jump_label.c x86/jump_label: Move 'inline' keyword placement 2020-03-27 11:05:41 +01:00
kdebugfs.c x86/boot: Introduce setup_indirect 2019-11-12 16:21:15 +01:00
kexec-bzimage64.c x86/kexec: Use up-to-dated screen_info copy to fill boot params 2020-10-14 17:05:03 +02:00
kgdb.c x86/debug: Change thread.debugreg6 to thread.virtual_dr6 2020-09-04 15:12:58 +02:00
ksysfs.c x86/boot: Introduce setup_indirect 2019-11-12 16:21:15 +01:00
kvm.c x86/kvm: Enable 15-bit extension when KVM_FEATURE_MSI_EXT_DEST_ID detected 2020-10-28 20:26:33 +01:00
kvmclock.c KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged 2021-03-12 13:18:16 -05:00
ldt.c x86/ldt: Use tlb_gather_mmu_fullmm() when freeing LDT page-tables 2021-01-29 20:02:29 +01:00
machine_kexec_32.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
machine_kexec_64.c mm: don't include asm/pgtable.h if linux/mm.h is already included 2020-06-09 09:39:13 -07:00
Makefile x86/apb_timer: Remove driver for deprecated platform 2021-02-09 15:28:37 +01:00
mmconf-fam10h_64.c
module.c x86/build: Treat R_386_PLT32 relocation as R_386_PC32 2021-01-28 12:24:06 +01:00
mpparse.c Surgery of the MSI interrupt handling to prepare the support of upcoming 2020-10-12 11:40:41 -07:00
msr.c x86/MSR: Filter MSR writes through X86_IOC_WRMSR_REGS ioctl too 2021-01-27 19:06:47 +01:00
nmi_selftest.c
nmi.c x86/entry: Move nmi entry/exit into common code 2020-11-04 22:55:36 +01:00
paravirt_patch.c x86/pv: Rework arch_local_irq_restore() to not use popf 2021-02-10 12:36:45 +01:00
paravirt-spinlocks.c
paravirt.c x86/pv: Rework arch_local_irq_restore() to not use popf 2021-02-10 12:36:45 +01:00
pci-dma.c dma-mapping: move dma-debug.h to kernel/dma/ 2020-10-06 07:07:05 +02:00
pci-iommu_table.c x86: Remove definition of DEBUG 2021-01-15 08:23:10 +01:00
pci-swiotlb.c dma-mapping: fix filename references 2019-09-03 08:36:30 +02:00
pcspeaker.c
perf_regs.c - Remove all uses of TIF_IA32 and TIF_X32 and reclaim the two bits in the end 2020-12-14 13:45:26 -08:00
platform-quirks.c
pmem.c
probe_roms.c maccess: make get_kernel_nofault() check for minimal type compatibility 2020-06-18 12:10:37 -07:00
process_32.c x86/dumpstack: Add log_lvl to __show_regs() 2020-07-22 23:56:53 +02:00
process_64.c x86/irq: Sanitize irq stack tracking 2021-02-10 23:34:13 +01:00
process.c arch: setup PF_IO_WORKER threads like PF_KTHREAD 2021-02-21 17:25:22 -07:00
process.h x86: Use the correct SPDX License Identifier in headers 2019-10-01 20:31:35 +02:00
ptrace.c x86/ptrace: Clean up PTRACE_GETREGS/PTRACE_PUTREGS regset selection 2021-02-04 12:33:15 +01:00
pvclock.c x86/vdso: Use generic VDSO clock mode storage 2020-02-17 14:40:23 +01:00
quirks.c x86, powerpc: Rename memcpy_mcsafe() to copy_mc_to_{user, kernel}() 2020-10-06 11:18:04 +02:00
reboot_fixups_32.c
reboot.c x86: 2021-02-21 13:31:43 -08:00
relocate_kernel_32.S x86/asm: Annotate relocate_kernel_{32,64}.c 2019-10-18 09:53:19 +02:00
relocate_kernel_64.S x86/kexec: Make relocate_kernel_64.S objtool clean 2020-03-25 18:28:28 +01:00
resource.c
rtc.c
setup_percpu.c x86/mm: remove vmalloc faulting 2020-06-02 10:59:12 -07:00
setup.c sfi: Remove framework for deprecated firmware 2021-02-15 20:09:46 +01:00
sev_verify_cbit.S x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path 2020-10-29 18:06:52 +01:00
sev-es-shared.c x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling 2021-01-05 18:55:00 +01:00
sev-es.c x86/sev-es: Use __copy_from_user_inatomic() 2021-03-09 12:37:54 +01:00
signal_compat.c A set of updates for entry/exit handling: 2020-12-14 17:13:53 -08:00
signal.c Merge branch 'core/urgent' into core/entry 2020-11-04 18:14:52 +01:00
smp.c x86/entry: Convert reschedule interrupt to IDTENTRY_SYSVEC_SIMPLE 2020-06-11 15:15:16 +02:00
smpboot.c cpufreq: ACPI: Update arch scale-invariance max perf ratio if CPPC is not there 2021-02-08 13:45:51 +01:00
stacktrace.c stacktrace: Remove reliable argument from arch_stack_walk() callback 2020-09-18 14:24:16 +01:00
static_call.c static_call/x86: Add __static_call_return0() 2021-02-17 14:08:43 +01:00
step.c entry: Ensure trap after single-step on system call return 2021-02-06 00:21:42 +01:00
sys_ia32.c x86: switch to kernel_clone() 2020-08-20 13:12:58 +02:00
sys_x86_64.c x86/mm: Refine mmap syscall implementation 2021-01-05 19:07:42 +01:00
sysfb_efi.c x86/sysfb_efi: Add quirks for some devices with swapped width and height 2019-07-22 10:47:11 +02:00
sysfb_simplefb.c x86/sysfb: Fix check for bad VRAM size 2020-01-20 10:57:53 +01:00
sysfb.c
tboot.c mm/gup: prevent gup_fast from racing with COW during fork 2020-12-15 12:13:39 -08:00
time.c A set of fixes and updates for x86: 2020-06-11 15:54:31 -07:00
tls.c x86: switch to ->regset_get() 2020-07-27 14:31:07 -04:00
tls.h x86: switch to ->regset_get() 2020-07-27 14:31:07 -04:00
topology.c genirq: Move irq_has_action() into core code 2020-12-15 16:19:30 +01:00
trace_clock.c
tracepoint.c x86/entry: Convert reschedule interrupt to IDTENTRY_SYSVEC_SIMPLE 2020-06-11 15:15:16 +02:00
traps.c x86/sev-es: Introduce ip_within_syscall_gap() helper 2021-03-08 14:22:17 +01:00
tsc_msr.c Misc fixes and small updates all around the place: 2020-08-15 10:38:03 -07:00
tsc_sync.c x86: Fix a handful of typos 2020-02-16 20:58:06 +01:00
tsc.c x86/tsc: Use seqcount_latch_t 2020-09-10 11:19:29 +02:00
umip.c x86/umip: Factor out instruction decoding 2020-09-07 19:45:24 +02:00
unwind_frame.c fork-v5.9 2020-08-04 14:47:45 -07:00
unwind_guess.c
unwind_orc.c x86/unwind/orc: Silence warnings caused by missing ORC data 2021-03-06 13:09:45 +01:00
uprobes.c Perf updates: 2020-12-14 17:34:12 -08:00
verify_cpu.S x86/asm: Annotate local pseudo-functions 2019-10-18 10:04:04 +02:00
vm86_32.c x86/vm86/32: Remove VM86_SCREEN_BITMAP support 2021-01-21 20:08:53 +01:00
vmlinux.lds.S x86/build: Fix vmlinux size check on 64-bit 2020-10-29 21:54:35 +01:00
vsmp_64.c
x86_init.c x86/apic: Support 15 bits of APIC ID in MSI where available 2020-10-28 20:26:29 +01:00