From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: <x86@kernel.org>, <platform-driver-x86@vger.kernel.org>, <linux-sgx@vger.kernel.org> Cc: <dave.hansen@intel.com>, <sean.j.christopherson@intel.com>, <nhorman@redhat.com>, <npmccallum@redhat.com>, <serge.ayoun@intel.com>, <shay.katz-zamir@intel.com>, <haitao.huang@intel.com>, <mark.shanahan@intel.com>, <andriy.shevchenko@linux.intel.com>, "Jarkko Sakkinen" <jarkko.sakkinen@linux.intel.com>, Jonathan Corbet <corbet@lwn.net>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>, "open list" <linux-kernel@vger.kernel.org> Subject: [PATCH v15 23/23] x86/sgx: Driver documentation Date: Sat, 3 Nov 2018 01:11:22 +0200 [thread overview] Message-ID: <20181102231320.29164-24-jarkko.sakkinen@linux.intel.com> (raw) In-Reply-To: <20181102231320.29164-1-jarkko.sakkinen@linux.intel.com> Documentation of the features of the Software Guard eXtensions used by the Linux kernel and basic design choices for the core and driver and functionality. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- Documentation/index.rst | 1 + Documentation/x86/intel_sgx.rst | 185 ++++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+) create mode 100644 Documentation/x86/intel_sgx.rst diff --git a/Documentation/index.rst b/Documentation/index.rst index 5db7e87c7cb1..1cdc139adb40 100644 --- a/Documentation/index.rst +++ b/Documentation/index.rst @@ -104,6 +104,7 @@ implementation. :maxdepth: 2 sh/index + x86/index Filesystem Documentation ------------------------ diff --git a/Documentation/x86/intel_sgx.rst b/Documentation/x86/intel_sgx.rst new file mode 100644 index 000000000000..f6b7979c41f2 --- /dev/null +++ b/Documentation/x86/intel_sgx.rst @@ -0,0 +1,185 @@ +=================== +Intel(R) SGX driver +=================== + +Introduction +============ + +Intel(R) SGX is a set of CPU instructions that can be used by applications to +set aside private regions of code and data. The code outside the enclave is +disallowed to access the memory inside the enclave by the CPU access control. +In a way you can think that SGX provides inverted sandbox. It protects the +application from a malicious host. + +You can tell if your CPU supports SGX by looking into ``/proc/cpuinfo``: + + ``cat /proc/cpuinfo | grep sgx`` + +Overview of SGX +=============== + +SGX has a set of data structures to maintain information about the enclaves and +their security properties. BIOS reserves a fixed size region of physical memory +for these structures by setting Processor Reserved Memory Range Registers +(PRMRR). + +This memory range is protected from outside access by the CPU and all the data +coming in and out of the CPU package is encrypted by a key that is generated for +each boot cycle. + +Enclaves execute in ring-3 in a special enclave submode using pages from the +reserved memory range. A fixed logical address range for the enclave is reserved +by ENCLS(ECREATE), a leaf instruction used to create enclaves. It is referred in +the documentation commonly as the ELRANGE. + +Every memory access to the ELRANGE is asserted by the CPU. If the CPU is not +executing in the enclave mode inside the enclave, #GP is raised. On the other +hand enclave code can make memory accesses both inside and outside of the +ELRANGE. + +Enclave can only execute code inside the ELRANGE. Instructions that may cause +VMEXIT, IO instructions and instructions that require a privilege change are +prohibited inside the enclave. Interrupts and exceptions always cause enclave +to exit and jump to an address outside the enclave given when the enclave is +entered by using the leaf instruction ENCLS(EENTER). + +Data types +---------- + +The protected memory range contains the following data: + +* **Enclave Page Cache (EPC):** protected pages +* **Enclave Page Cache Map (EPCM):** a database that describes the state of the + pages and link them to an enclave. + +EPC has a number of different types of pages: + +* **SGX Enclave Control Structure (SECS)**: describes the global + properties of an enclave. +* **Regular (REG):** code and data pages in the ELRANGE. +* **Thread Control Structure (TCS):** pages that define entry points inside an + enclave. The enclave can only be entered through these entry points and each + can host a single hardware thread at a time. +* **Version Array (VA)**: 64-bit version numbers for pages that have been + swapped outside the enclave. Each page contains 512 version numbers. + +Launch control +-------------- + +To launch an enclave, two structures must be provided for ENCLS(EINIT): + +1. **SIGSTRUCT:** signed measurement of the enclave binary. +2. **EINITTOKEN:** a cryptographic token CMAC-signed with a AES256-key called + *launch key*, which is re-generated for each boot cycle. + +The CPU holds a SHA256 hash of a 3072-bit RSA public key inside +IA32_SGXLEPUBKEYHASHn MSRs. Enclaves with a SIGSTRUCT that is signed with this +key do not require a valid EINITTOKEN and can be authorized with special +privileges. One of those privileges is ability to acquire the launch key with +ENCLS(EGETKEY). + +**IA32_FEATURE_CONTROL[17]** is used by the BIOS configure whether +IA32_SGXLEPUBKEYHASH MSRs are read-only or read-write before locking the +feature control register and handing over control to the operating system. + +Enclave construction +-------------------- + +The construction is started by filling out the SECS that contains enclave +address range, privileged attributes and measurement of TCS and REG pages (pages +that will be mapped to the address range) among the other things. This structure +is passed out to the ENCLS(ECREATE) together with a physical address of a page +in EPC that will hold the SECS. + +The pages are added with ENCLS(EADD) and measured with ENCLS(EEXTEND) i.e. +SHA256 hash MRENCLAVE residing in the SECS is extended with the page data. + +After all of the pages have been added, the enclave is initialized with +ENCLS(EINIT). ENCLS(INIT) checks that the SIGSTRUCT is signed with the contained +public key. If the given EINITTOKEN has the valid bit set, the CPU checks that +the token is valid (CMAC'd with the launch key). If the token is not valid, +the CPU will check whether the enclave is signed with a key matching to the +IA32_SGXLEPUBKEYHASHn MSRs. + +Swapping pages +-------------- + +Enclave pages can be swapped out with ENCLS(EWB) to the unprotected memory. In +addition to the EPC page, ENCLS(EWB) takes in a VA page and address for PCMD +structure (Page Crypto MetaData) as input. The VA page will seal a version +number for the page. PCMD is 128 byte structure that contains tracking +information for the page, most importantly its MAC. With these structures the +enclave is sealed and rollback protected while it resides in the unprotected +memory. + +Before the page can be swapped out it must not have any active TLB references. +ENCLS(EBLOCK) instruction moves a page to the *blocked* state, which means +that no new TLB entries can be created to it by the hardware threads. + +After this a shootdown sequence is started with ENCLS(ETRACK), which sets an +increased counter value to the entering hardware threads. ENCLS(EWB) will +return SGX_NOT_TRACKED error while there are still threads with the earlier +couner value because that means that there might be hardware thread inside +the enclave with TLB entries to pages that are to be swapped. + +Kernel internals +================ + +Requirements +------------ + +Because SGX has an ever evolving and expanding feature set, it's possible for +a BIOS or VMM to configure a system in such a way that not all CPUs are equal, +e.g. where Launch Control is only enabled on a subset of CPUs. Linux does +*not* support such a heterogeneous system configuration, nor does it even +attempt to play nice in the face of a misconfigured system. With the exception +of Launch Control's hash MSRs, which can vary per CPU, Linux assumes that all +CPUs have a configuration that is identical to the boot CPU. + + +Roles and responsibilities +-------------------------- + +SGX introduces system resources, e.g. EPC memory, that must be accessible to +multiple entities, e.g. the native kernel driver (to expose SGX to userspace) +and KVM (to expose SGX to VMs), ideally without introducing any dependencies +between each SGX entity. To that end, the kernel owns and manages the shared +system resources, i.e. the EPC and Launch Control MSRs, and defines functions +that provide appropriate access to the shared resources. SGX support for +user space and VMs is left to the SGX platform driver and KVM respectively. + +Launching enclaves +------------------ + +The current kernel implementation supports only unlocked MSRs i.e. +FEATURE_CONTROL_SGX_LE_WR must be set. The launch is performed by setting the +MSRs to the hash of the public key modulus of the enclave signer, which is one +f the fields in the SIGSTRUCT. + +EPC management +-------------- + +Due to the unique requirements for swapping EPC pages, and because EPC pages +(currently) do not have associated page structures, management of the EPC is +not handled by the standard Linux swapper. SGX directly handles swapping +of EPC pages, including a kthread to initiate reclaim and a rudimentary LRU +mechanism. The consumers of EPC pages, e.g. the SGX driver, are required to +implement function callbacks that can be invoked by the kernel to age, +swap, and/or forcefully reclaim a target EPC page. In effect, the kernel +controls what happens and when, while the consumers (driver, KVM, etc..) do +the actual work. + +SGX uapi +======== + +.. kernel-doc:: drivers/platform/x86/intel_sgx/sgx_ioctl.c + :functions: sgx_ioc_enclave_create + sgx_ioc_enclave_add_page + sgx_ioc_enclave_init + +.. kernel-doc:: arch/x86/include/uapi/asm/sgx.h + +References +========== + +* System Programming Manual: 39.1.4 Intel® SGX Launch Control Configuration -- 2.19.1
WARNING: multiple messages have this Message-ID (diff)
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: x86@kernel.org, platform-driver-x86@vger.kernel.org, linux-sgx@vger.kernel.org Cc: dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com, shay.katz-zamir@intel.com, haitao.huang@intel.com, mark.shanahan@intel.com, andriy.shevchenko@linux.intel.com, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Jonathan Corbet <corbet@lwn.net>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, linux-doc@vger.kernel.org (open list:DOCUMENTATION), linux-kernel@vger.kernel.org (open list) Subject: [PATCH v15 23/23] x86/sgx: Driver documentation Date: Sat, 3 Nov 2018 01:11:22 +0200 [thread overview] Message-ID: <20181102231320.29164-24-jarkko.sakkinen@linux.intel.com> (raw) Message-ID: <20181102231122.fLVm02ozfhkSj1UQ6GrB4URaI6WAjCARp16FsuI9Wq8@z> (raw) In-Reply-To: <20181102231320.29164-1-jarkko.sakkinen@linux.intel.com> Documentation of the features of the Software Guard eXtensions used by the Linux kernel and basic design choices for the core and driver and functionality. Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- Documentation/index.rst | 1 + Documentation/x86/intel_sgx.rst | 185 ++++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+) create mode 100644 Documentation/x86/intel_sgx.rst diff --git a/Documentation/index.rst b/Documentation/index.rst index 5db7e87c7cb1..1cdc139adb40 100644 --- a/Documentation/index.rst +++ b/Documentation/index.rst @@ -104,6 +104,7 @@ implementation. :maxdepth: 2 sh/index + x86/index Filesystem Documentation ------------------------ diff --git a/Documentation/x86/intel_sgx.rst b/Documentation/x86/intel_sgx.rst new file mode 100644 index 000000000000..f6b7979c41f2 --- /dev/null +++ b/Documentation/x86/intel_sgx.rst @@ -0,0 +1,185 @@ +=================== +Intel(R) SGX driver +=================== + +Introduction +============ + +Intel(R) SGX is a set of CPU instructions that can be used by applications to +set aside private regions of code and data. The code outside the enclave is +disallowed to access the memory inside the enclave by the CPU access control. +In a way you can think that SGX provides inverted sandbox. It protects the +application from a malicious host. + +You can tell if your CPU supports SGX by looking into ``/proc/cpuinfo``: + + ``cat /proc/cpuinfo | grep sgx`` + +Overview of SGX +=============== + +SGX has a set of data structures to maintain information about the enclaves and +their security properties. BIOS reserves a fixed size region of physical memory +for these structures by setting Processor Reserved Memory Range Registers +(PRMRR). + +This memory range is protected from outside access by the CPU and all the data +coming in and out of the CPU package is encrypted by a key that is generated for +each boot cycle. + +Enclaves execute in ring-3 in a special enclave submode using pages from the +reserved memory range. A fixed logical address range for the enclave is reserved +by ENCLS(ECREATE), a leaf instruction used to create enclaves. It is referred in +the documentation commonly as the ELRANGE. + +Every memory access to the ELRANGE is asserted by the CPU. If the CPU is not +executing in the enclave mode inside the enclave, #GP is raised. On the other +hand enclave code can make memory accesses both inside and outside of the +ELRANGE. + +Enclave can only execute code inside the ELRANGE. Instructions that may cause +VMEXIT, IO instructions and instructions that require a privilege change are +prohibited inside the enclave. Interrupts and exceptions always cause enclave +to exit and jump to an address outside the enclave given when the enclave is +entered by using the leaf instruction ENCLS(EENTER). + +Data types +---------- + +The protected memory range contains the following data: + +* **Enclave Page Cache (EPC):** protected pages +* **Enclave Page Cache Map (EPCM):** a database that describes the state of the + pages and link them to an enclave. + +EPC has a number of different types of pages: + +* **SGX Enclave Control Structure (SECS)**: describes the global + properties of an enclave. +* **Regular (REG):** code and data pages in the ELRANGE. +* **Thread Control Structure (TCS):** pages that define entry points inside an + enclave. The enclave can only be entered through these entry points and each + can host a single hardware thread at a time. +* **Version Array (VA)**: 64-bit version numbers for pages that have been + swapped outside the enclave. Each page contains 512 version numbers. + +Launch control +-------------- + +To launch an enclave, two structures must be provided for ENCLS(EINIT): + +1. **SIGSTRUCT:** signed measurement of the enclave binary. +2. **EINITTOKEN:** a cryptographic token CMAC-signed with a AES256-key called + *launch key*, which is re-generated for each boot cycle. + +The CPU holds a SHA256 hash of a 3072-bit RSA public key inside +IA32_SGXLEPUBKEYHASHn MSRs. Enclaves with a SIGSTRUCT that is signed with this +key do not require a valid EINITTOKEN and can be authorized with special +privileges. One of those privileges is ability to acquire the launch key with +ENCLS(EGETKEY). + +**IA32_FEATURE_CONTROL[17]** is used by the BIOS configure whether +IA32_SGXLEPUBKEYHASH MSRs are read-only or read-write before locking the +feature control register and handing over control to the operating system. + +Enclave construction +-------------------- + +The construction is started by filling out the SECS that contains enclave +address range, privileged attributes and measurement of TCS and REG pages (pages +that will be mapped to the address range) among the other things. This structure +is passed out to the ENCLS(ECREATE) together with a physical address of a page +in EPC that will hold the SECS. + +The pages are added with ENCLS(EADD) and measured with ENCLS(EEXTEND) i.e. +SHA256 hash MRENCLAVE residing in the SECS is extended with the page data. + +After all of the pages have been added, the enclave is initialized with +ENCLS(EINIT). ENCLS(INIT) checks that the SIGSTRUCT is signed with the contained +public key. If the given EINITTOKEN has the valid bit set, the CPU checks that +the token is valid (CMAC'd with the launch key). If the token is not valid, +the CPU will check whether the enclave is signed with a key matching to the +IA32_SGXLEPUBKEYHASHn MSRs. + +Swapping pages +-------------- + +Enclave pages can be swapped out with ENCLS(EWB) to the unprotected memory. In +addition to the EPC page, ENCLS(EWB) takes in a VA page and address for PCMD +structure (Page Crypto MetaData) as input. The VA page will seal a version +number for the page. PCMD is 128 byte structure that contains tracking +information for the page, most importantly its MAC. With these structures the +enclave is sealed and rollback protected while it resides in the unprotected +memory. + +Before the page can be swapped out it must not have any active TLB references. +ENCLS(EBLOCK) instruction moves a page to the *blocked* state, which means +that no new TLB entries can be created to it by the hardware threads. + +After this a shootdown sequence is started with ENCLS(ETRACK), which sets an +increased counter value to the entering hardware threads. ENCLS(EWB) will +return SGX_NOT_TRACKED error while there are still threads with the earlier +couner value because that means that there might be hardware thread inside +the enclave with TLB entries to pages that are to be swapped. + +Kernel internals +================ + +Requirements +------------ + +Because SGX has an ever evolving and expanding feature set, it's possible for +a BIOS or VMM to configure a system in such a way that not all CPUs are equal, +e.g. where Launch Control is only enabled on a subset of CPUs. Linux does +*not* support such a heterogeneous system configuration, nor does it even +attempt to play nice in the face of a misconfigured system. With the exception +of Launch Control's hash MSRs, which can vary per CPU, Linux assumes that all +CPUs have a configuration that is identical to the boot CPU. + + +Roles and responsibilities +-------------------------- + +SGX introduces system resources, e.g. EPC memory, that must be accessible to +multiple entities, e.g. the native kernel driver (to expose SGX to userspace) +and KVM (to expose SGX to VMs), ideally without introducing any dependencies +between each SGX entity. To that end, the kernel owns and manages the shared +system resources, i.e. the EPC and Launch Control MSRs, and defines functions +that provide appropriate access to the shared resources. SGX support for +user space and VMs is left to the SGX platform driver and KVM respectively. + +Launching enclaves +------------------ + +The current kernel implementation supports only unlocked MSRs i.e. +FEATURE_CONTROL_SGX_LE_WR must be set. The launch is performed by setting the +MSRs to the hash of the public key modulus of the enclave signer, which is one +f the fields in the SIGSTRUCT. + +EPC management +-------------- + +Due to the unique requirements for swapping EPC pages, and because EPC pages +(currently) do not have associated page structures, management of the EPC is +not handled by the standard Linux swapper. SGX directly handles swapping +of EPC pages, including a kthread to initiate reclaim and a rudimentary LRU +mechanism. The consumers of EPC pages, e.g. the SGX driver, are required to +implement function callbacks that can be invoked by the kernel to age, +swap, and/or forcefully reclaim a target EPC page. In effect, the kernel +controls what happens and when, while the consumers (driver, KVM, etc..) do +the actual work. + +SGX uapi +======== + +.. kernel-doc:: drivers/platform/x86/intel_sgx/sgx_ioctl.c + :functions: sgx_ioc_enclave_create + sgx_ioc_enclave_add_page + sgx_ioc_enclave_init + +.. kernel-doc:: arch/x86/include/uapi/asm/sgx.h + +References +========== + +* System Programming Manual: 39.1.4 Intel® SGX Launch Control Configuration -- 2.19.1
next prev parent reply other threads:[~2018-11-02 23:11 UTC|newest] Thread overview: 109+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-11-02 23:10 [PATCH v15 00/23] Intel SGX1 Jarkko Sakkinen 2018-11-02 23:10 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 01/23] x86/sgx: Update MAINTAINERS Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 02/23] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:33 ` Borislav Petkov 2018-11-02 23:33 ` Borislav Petkov 2018-11-02 23:55 ` Jarkko Sakkinen 2018-11-02 23:55 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 03/23] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 04/23] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 05/23] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-03 13:05 ` Andy Shevchenko 2018-11-03 13:05 ` Andy Shevchenko 2018-11-05 14:09 ` Jarkko Sakkinen 2018-11-05 14:09 ` Jarkko Sakkinen 2018-11-05 14:11 ` Jarkko Sakkinen 2018-11-05 14:11 ` Jarkko Sakkinen 2018-11-05 14:31 ` Andy Shevchenko 2018-11-05 14:31 ` Andy Shevchenko 2018-11-02 23:11 ` [PATCH v15 06/23] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 07/23] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 08/23] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 09/23] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 10/23] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 11/23] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-03 13:11 ` Andy Shevchenko 2018-11-03 13:11 ` Andy Shevchenko 2018-11-05 14:35 ` Jarkko Sakkinen 2018-11-05 14:35 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 12/23] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 13/23] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 14/23] x86/cpu/intel: Clear SGX_LC capability if not enabled in FEATURE_CONTROL Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-03 13:15 ` Andy Shevchenko 2018-11-03 13:15 ` Andy Shevchenko 2018-11-05 14:37 ` Jarkko Sakkinen 2018-11-05 14:37 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 15/23] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-03 13:17 ` Andy Shevchenko 2018-11-03 13:17 ` Andy Shevchenko 2018-11-05 17:30 ` Jarkko Sakkinen 2018-11-05 17:30 ` Jarkko Sakkinen 2018-11-05 20:39 ` Andy Shevchenko 2018-11-05 20:39 ` Andy Shevchenko 2018-11-06 12:03 ` Jarkko Sakkinen 2018-11-06 12:03 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 16/23] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-03 1:07 ` Jethro Beekman 2018-11-03 1:07 ` Jethro Beekman 2018-11-05 17:31 ` Jarkko Sakkinen 2018-11-05 17:31 ` Jarkko Sakkinen 2018-11-03 13:22 ` Andy Shevchenko 2018-11-03 13:22 ` Andy Shevchenko 2018-11-05 17:35 ` Jarkko Sakkinen 2018-11-05 17:35 ` Jarkko Sakkinen 2018-11-06 12:10 ` Jarkko Sakkinen 2018-11-06 12:10 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 17/23] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 18/23] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 19/23] platform/x86: Intel SGX driver Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 20/23] platform/x86: sgx: Add swapping functionality to the " Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 21/23] x86/sgx: Add a simple swapper for the EPC memory manager Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` [PATCH v15 22/23] platform/x86: ptrace() support for the SGX driver Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen 2018-11-02 23:11 ` Jarkko Sakkinen [this message] 2018-11-02 23:11 ` [PATCH v15 23/23] x86/sgx: Driver documentation Jarkko Sakkinen 2018-11-04 8:15 ` Mike Rapoport 2018-11-04 8:15 ` Mike Rapoport 2018-11-05 17:39 ` Jarkko Sakkinen 2018-11-05 17:39 ` Jarkko Sakkinen 2018-11-05 20:27 ` Dave Hansen 2018-11-05 20:27 ` Dave Hansen 2018-11-06 5:49 ` Jarkko Sakkinen 2018-11-06 5:49 ` Jarkko Sakkinen 2018-11-06 6:20 ` Jarkko Sakkinen 2018-11-06 6:20 ` Jarkko Sakkinen 2018-11-06 16:45 ` Dave Hansen 2018-11-06 16:45 ` Dave Hansen 2018-11-07 16:30 ` Jarkko Sakkinen 2018-11-07 16:30 ` Jarkko Sakkinen 2018-11-07 17:09 ` Dave Hansen 2018-11-07 17:09 ` Dave Hansen 2018-11-08 14:39 ` Jarkko Sakkinen 2018-11-08 14:39 ` Jarkko Sakkinen 2018-11-08 19:20 ` Jarkko Sakkinen 2018-11-08 19:20 ` Jarkko Sakkinen 2018-11-13 15:13 ` Jarkko Sakkinen 2018-11-06 6:26 ` Jarkko Sakkinen 2018-11-06 6:26 ` Jarkko Sakkinen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181102231320.29164-24-jarkko.sakkinen@linux.intel.com \ --to=jarkko.sakkinen@linux.intel.com \ --cc=andriy.shevchenko@linux.intel.com \ --cc=bp@alien8.de \ --cc=corbet@lwn.net \ --cc=dave.hansen@intel.com \ --cc=haitao.huang@intel.com \ --cc=hpa@zytor.com \ --cc=linux-doc@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-sgx@vger.kernel.org \ --cc=mark.shanahan@intel.com \ --cc=mingo@redhat.com \ --cc=nhorman@redhat.com \ --cc=npmccallum@redhat.com \ --cc=platform-driver-x86@vger.kernel.org \ --cc=sean.j.christopherson@intel.com \ --cc=serge.ayoun@intel.com \ --cc=shay.katz-zamir@intel.com \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).