From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: Randy Dunlap <rdunlap@infradead.org> Cc: x86@kernel.org, platform-driver-x86@vger.kernel.org, linux-sgx@vger.kernel.org, dave.hansen@intel.com, sean.j.christopherson@intel.com, nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com, shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, andriy.shevchenko@linux.intel.com, tglx@linutronix.de, kai.svahn@intel.com, mark.shanahan@intel.com, luto@amacapital.net, Jonathan Corbet <corbet@lwn.net>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>, open list <linux-kernel@vger.kernel.org> Subject: Re: [PATCH v17 22/23] x86/sgx: SGX documentation Date: Mon, 3 Dec 2018 01:32:21 -0800 Message-ID: <20181203093221.GA29174@linux.intel.com> (raw) In-Reply-To: <3e3e9338-9bf4-dbfd-e53d-ae26c39017c4@infradead.org> On Sun, Dec 02, 2018 at 07:28:55PM -0800, Randy Dunlap wrote: > Hi, > I have more editing comments below. > > > On 11/15/18 5:01 PM, Jarkko Sakkinen wrote: > > Documentation of the features of the Software Guard eXtensions used > > by the Linux kernel and basic design choices for the core and driver > > and functionality. > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > > --- > > Documentation/index.rst | 1 + > > Documentation/x86/index.rst | 8 ++ > > Documentation/x86/intel_sgx.rst | 233 ++++++++++++++++++++++++++++++++ > > 3 files changed, 242 insertions(+) > > create mode 100644 Documentation/x86/index.rst > > create mode 100644 Documentation/x86/intel_sgx.rst > > > diff --git a/Documentation/x86/intel_sgx.rst b/Documentation/x86/intel_sgx.rst > > new file mode 100644 > > index 000000000000..f51b43f9e125 > > --- /dev/null > > +++ b/Documentation/x86/intel_sgx.rst > > @@ -0,0 +1,233 @@ > > +=================== > > +Intel(R) SGX driver > > +=================== > > + > > +Introduction > > +============ > > + > > +Intel(R) SGX is a set of CPU instructions that can be used by applications to > > +set aside private regions of code and data. The code outside the enclave is > > +disallowed to access the memory inside the enclave by the CPU access control. > > +In a way you can think that SGX provides inverted sandbox. It protects the > > provides an inverted sandbox. > > > +application from a malicious host. > > + > > +You can tell if your CPU supports SGX by looking into ``/proc/cpuinfo``: > > + > > + ``cat /proc/cpuinfo | grep sgx`` > > + > > +Overview of SGX > > +=============== > > + > > +SGX has a set of data structures to maintain information about the enclaves and > > +their security properties. BIOS reserves a fixed size region of physical memory > > +for these structures by setting Processor Reserved Memory Range Registers > > +(PRMRR). > > + > > +This memory range is protected from outside access by the CPU and all the data > > +coming in and out of the CPU package is encrypted by a key that is generated for > > +each boot cycle. > > + > > +Enclaves execute in ring-3 in a special enclave submode using pages from the > > ring 3 > > > +reserved memory range. A fixed logical address range for the enclave is reserved > > +by ENCLS(ECREATE), a leaf instruction used to create enclaves. It is referred in > > referred to in > > > +the documentation commonly as the ELRANGE. > > + > > +Every memory access to the ELRANGE is asserted by the CPU. If the CPU is not > > +executing in the enclave mode inside the enclave, #GP is raised. On the other > > +hand, enclave code can make memory accesses both inside and outside of the > > +ELRANGE. > > + > > +Enclave can only execute code inside the ELRANGE. Instructions that may cause > > An enclave can only > > > +VMEXIT, IO instructions and instructions that require a privilege change are > > +prohibited inside the enclave. Interrupts and exceptions always cause enclave > > always cause an enclave > > > +to exit and jump to an address outside the enclave given when the enclave is > > +entered by using the leaf instruction ENCLS(EENTER). > > + > > +Protected memory > > +---------------- > > + > > +Enclave Page Cache (EPC) > > + Physical pages used with enclaves that are protected by the CPU from > > + unauthorized access. > > + > > +Enclave Page Cache Map (EPCM) > > + A database that describes the properties and state of the pages e.g. their > > + permissions or to which enclave they belong to. > > Drop one of those "to" words (either one). > > > + > > +Memory Encryption Engine (MEE) integrity tree > > + Autonomously updated integrity tree. The root of the tree located in on-die > > + SRAM. > > + > > +EPC data types > > +-------------- > > + > > +SGX Enclave Control Structure (SECS) > > + Describes the global properties of an enclave. Will not be mapped to the > > + ELRANGE. > > + > > +Regular (REG) > > + These pages contain code and data. > > + > > +Thread Control Structure (TCS) > > + The pages that define the entry points inside an enclave. An enclave can > > + only be entered through these entry points and each can host a single > > + hardware thread at a time. > > + > > +Version Array (VA) > > + The pages contain 64-bit version numbers for pages that have been swapped > > + outside the enclave. Each page has the capacity of 512 version numbers. > > + > > +Launch control > > +-------------- > > + > > +To launch an enclave, two structures must be provided for ENCLS(EINIT): > > + > > +1. **SIGSTRUCT:** signed measurement of the enclave binary. > > +2. **EINITTOKEN:** a cryptographic token CMAC-signed with a AES256-key called > > with an > > > + *launch key*, which is re-generated for each boot cycle. > > (prefer) regenerated > > > + > > +The CPU holds a SHA256 hash of a 3072-bit RSA public key inside > > +IA32_SGXLEPUBKEYHASHn MSRs. Enclaves with a SIGSTRUCT that is signed with this > > +key do not require a valid EINITTOKEN and can be authorized with special > > +privileges. One of those privileges is ability to acquire the launch key with > > +ENCLS(EGETKEY). > > + > > +**IA32_FEATURE_CONTROL[17]** is used by the BIOS configure whether > > by the BIOS to configure whether > > > +IA32_SGXLEPUBKEYHASH MSRs are read-only or read-write before locking the > > +feature control register and handing over control to the operating system. > > + > > +Enclave construction > > +-------------------- > > + > > +The construction is started by filling out the SECS that contains enclave > > +address range, privileged attributes and measurement of TCS and REG pages (pages > > +that will be mapped to the address range) among the other things. This structure > > +is passed out to the ENCLS(ECREATE) together with a physical address of a page > > This would make more sense to me: > > is passed to the ENCLS(ECREATE) instruction together with ... > > > +in EPC that will hold the SECS. > > + > > +The pages are added with ENCLS(EADD) and measured with ENCLS(EEXTEND) i.e. > > with ENCLS(EEXTEND), i.e. > > > +SHA256 hash MRENCLAVE residing in the SECS is extended with the page data. > > + > > +After all of the pages have been added, the enclave is initialized with > > +ENCLS(EINIT). It will check that the SIGSTRUCT is signed with the contained > > +public key. If the given EINITTOKEN has the valid bit set, the CPU checks that > > +the token is valid (CMAC'd with the launch key). If the token is not valid, > > +the CPU will check whether the enclave is signed with a key matching to the > > +IA32_SGXLEPUBKEYHASHn MSRs. > > + > > +Swapping pages > > +-------------- > > + > > +Enclave pages can be swapped out with ENCLS(EWB) to the unprotected memory. In > > +addition to the EPC page, ENCLS(EWB) takes in a VA page and address for PCMD > > +structure (Page Crypto MetaData) as input. The VA page will seal a version > > +number for the page. PCMD is 128 byte structure that contains tracking > > 128-byte Is having a space instead of dash always grammatically wrong or is this just to have a coherent style? Just asking for plain curiosity... > > > +information for the page, most importantly its MAC. With these structures the > > +enclave is sealed and rollback protected while it resides in the unprotected > > +memory. > > + > > +Before the page can be swapped out it must not have any active TLB references. > > +ENCLS(EBLOCK) instruction moves a page to the *blocked* state, which means > > The ENCLS(EBLOCK) instruction > > > +that no new TLB entries can be created to it by the hardware threads. > > + > > +After this a shootdown sequence is started with ENCLS(ETRACK), which sets an > > +increased counter value to the entering hardware threads. ENCLS(EWB) will > > +return SGX_NOT_TRACKED error while there are still threads with the earlier > > +couner value because that means that there might be hardware thread inside > > counter threads > > > > +the enclave with TLB entries to pages that are to be swapped. > > + > > +Kernel internals > > +================ > > + > > +Requirements > > +------------ > > + > > +Because SGX has an ever evolving and expanding feature set, it's possible for > > +a BIOS or VMM to configure a system in such a way that not all CPUs are equal, > > +e.g. where Launch Control is only enabled on a subset of CPUs. Linux does > > +*not* support such a heterogeneous system configuration, nor does it even > > +attempt to play nice in the face of a misconfigured system. With the exception > > +of Launch Control's hash MSRs, which can vary per CPU, Linux assumes that all > > +CPUs have a configuration that is identical to the boot CPU. > > + > > + > > +Roles and responsibilities > > +-------------------------- > > + > > +SGX introduces system resources, e.g. EPC memory, that must be accessible to > > +multiple entities, e.g. the native kernel driver (to expose SGX to userspace) > > +and KVM (to expose SGX to VMs), ideally without introducing any dependencies > > +between each SGX entity. To that end, the kernel owns and manages the shared > > +system resources, i.e. the EPC and Launch Control MSRs, and defines functions > > +that provide appropriate access to the shared resources. SGX support for > > +user space and VMs is left to the SGX platform driver and KVM respectively. > > + > > +Launching enclaves > > +------------------ > > + > > +The current kernel implementation supports only unlocked MSRs i.e. > > MSRs, i.e. > > > +FEATURE_CONTROL_SGX_LE_WR must be set. The launch is performed by setting the > > +MSRs to the hash of the public key modulus of the enclave signer, which is one > > +of the fields in the SIGSTRUCT. > > + > > +EPC management > > +-------------- > > + > > +Due to the unique requirements for swapping EPC pages, and because EPC pages > > +(currently) do not have associated page structures, management of the EPC is > > +not handled by the standard Linux swapper. SGX directly handles swapping > > +of EPC pages, including a kthread to initiate reclaim and a rudimentary LRU > > +mechanism. The consumers of EPC pages, e.g. the SGX driver, are required to > > +implement function callbacks that can be invoked by the kernel to age, > > +swap, and/or forcefully reclaim a target EPC page. In effect, the kernel > > +controls what happens and when, while the consumers (driver, KVM, etc..) do > > +the actual work. > > + > > +Exception handling > > +------------------ > > + > > +The PF_SGX bit is set if and only if the #PF is detected by the SGX Enclave Page > > +Cache Map (EPCM). The EPCM is a hardware-managed table that enforces accesses to > > +an enclave's EPC pages in addition to the software-managed kernel page tables, > > +i.e. the effective permissions for an EPC page are a logical AND of the kernel's > > +page tables and the corresponding EPCM entry. > > + > > +The EPCM is consulted only after an access walks the kernel's page tables, i.e.: > > + > > +1. the access was allowed by the kernel > > +2. the kernel's tables have become less restrictive than the EPCM > > +3. the kernel cannot fixup the cause of the fault > > + > > +Noteably, (2) implies that either the kernel has botched the EPC mappings or the > > Notably, > > > +EPCM has been invalidated (see below). Regardless of why the fault occurred, > > +userspace needs to be alerted so that it can take appropriate action, e.g. > > +restart the enclave. This is reinforced by (3) as the kernel doesn't really > > +have any other reasonable option, i.e. signalling SIGSEGV is actually the least > > +severe action possible. > > + > > +Although the primary purpose of the EPCM is to prevent a malicious or > > +compromised kernel from attacking an enclave, e.g. by modifying the enclave's > > +page tables, do not WARN on a #PF w/ PF_SGX set. The SGX architecture > > with > > > +effectively allows the CPU to invalidate all EPCM entries at will and requires > > +that software be prepared to handle an EPCM fault at any time. The architecture > > +defines this behavior because the EPCM is encrypted with an ephemeral key that > > +isn't exposed to software. As such, the EPCM entries cannot be preserved across > > +transitions that result in a new key being used, e.g. CPU power down as part of > > +an S3 transition or when a VM is live migrated to a new physical system. > > + > > +SGX uapi > > UAPI > > > +======== > > + > > +.. kernel-doc:: drivers/platform/x86/intel_sgx/sgx_ioctl.c > > + :functions: sgx_ioc_enclave_create > > + sgx_ioc_enclave_add_page > > + sgx_ioc_enclave_init > > + > > +.. kernel-doc:: arch/x86/include/uapi/asm/sgx.h > > + > > +References > > +========== > > + > > +* A Memory Encryption Engine Suitable for General Purpose Processors > > + <https://eprint.iacr.org/2016/204.pdf> > > +* System Programming Manual: 39.1.4 Intel® SGX Launch Control Configuration > > > ciao. > -- > ~Randy Great, thanks Randy, highly appreciated! /Jarkko
next prev parent reply index Thread overview: 161+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> 2018-11-16 1:01 ` [PATCH v17 01/23] x86/sgx: Update MAINTAINERS Jarkko Sakkinen 2018-11-16 14:22 ` Borislav Petkov 2018-11-16 15:07 ` Jarkko Sakkinen 2018-11-16 20:24 ` Borislav Petkov 2018-11-18 8:20 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 02/23] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen 2018-11-16 14:28 ` Borislav Petkov 2018-11-16 15:13 ` Jarkko Sakkinen 2018-11-16 15:18 ` Jarkko Sakkinen 2018-11-16 20:53 ` Borislav Petkov 2018-11-16 1:01 ` [PATCH v17 03/23] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen 2018-11-16 14:37 ` Borislav Petkov 2018-11-16 15:38 ` Sean Christopherson 2018-11-16 23:31 ` Dave Hansen 2018-11-18 8:36 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 04/23] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 05/23] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 06/23] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen 2018-11-16 23:32 ` Dave Hansen 2018-11-18 8:37 ` Jarkko Sakkinen 2018-11-21 18:17 ` Borislav Petkov 2018-11-24 13:54 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 07/23] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen 2018-11-16 23:33 ` Dave Hansen 2018-11-18 8:38 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 08/23] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 09/23] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 10/23] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 11/23] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 12/23] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 13/23] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen 2018-11-16 17:29 ` Sean Christopherson 2018-11-18 8:19 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 14/23] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 15/23] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 16/23] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 17/23] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 18/23] platform/x86: Intel SGX driver Jarkko Sakkinen 2018-11-16 1:37 ` Randy Dunlap 2018-11-16 11:23 ` Jarkko Sakkinen 2018-11-19 15:06 ` Jarkko Sakkinen 2018-11-19 16:22 ` Jethro Beekman 2018-11-19 17:19 ` Jarkko Sakkinen 2018-11-19 17:39 ` Jethro Beekman 2018-11-20 10:58 ` Jarkko Sakkinen 2018-11-21 15:24 ` Jarkko Sakkinen 2018-11-19 18:18 ` Andy Lutomirski 2018-11-20 11:00 ` Jarkko Sakkinen 2018-11-19 15:29 ` Andy Lutomirski 2018-11-19 16:19 ` Jarkko Sakkinen 2018-11-19 16:59 ` Andy Lutomirski 2018-11-20 12:04 ` Jarkko Sakkinen 2018-11-22 11:12 ` Dr. Greg 2018-11-22 15:21 ` Andy Lutomirski 2018-11-24 17:21 ` Jarkko Sakkinen 2018-11-24 20:13 ` Dr. Greg 2018-11-26 21:15 ` Jarkko Sakkinen 2018-11-25 14:53 ` Jarkko Sakkinen 2018-11-25 16:22 ` Andy Lutomirski 2018-11-25 18:55 ` Dr. Greg 2018-11-25 23:51 ` Jarkko Sakkinen [not found] ` <D45BC005-5064-4C75-B486-4E43C454E2F6@amacapital.net> 2018-11-26 0:37 ` Andy Lutomirski 2018-11-26 11:00 ` Dr. Greg 2018-11-26 18:22 ` Andy Lutomirski 2018-11-26 22:16 ` Jarkko Sakkinen 2018-11-26 21:51 ` Jarkko Sakkinen 2018-11-26 23:04 ` Jarkko Sakkinen 2018-11-27 8:55 ` Dr. Greg 2018-11-27 16:41 ` Jarkko Sakkinen 2018-11-27 17:55 ` Andy Lutomirski 2018-11-28 10:49 ` Dr. Greg 2018-11-28 19:22 ` Jarkko Sakkinen 2018-12-10 10:49 ` Dr. Greg 2018-12-12 18:00 ` Jarkko Sakkinen 2018-12-14 23:59 ` Dr. Greg 2018-12-15 0:06 ` Sean Christopherson 2018-12-15 23:22 ` Dr. Greg 2018-12-17 14:27 ` Sean Christopherson 2018-12-17 13:28 ` Jarkko Sakkinen 2018-12-17 13:39 ` Jarkko Sakkinen 2018-12-17 14:08 ` Jarkko Sakkinen 2018-12-17 14:13 ` Jarkko Sakkinen 2018-12-17 16:34 ` Dr. Greg 2018-12-17 17:31 ` Sean Christopherson 2018-12-17 17:49 ` Jarkko Sakkinen 2018-12-17 18:09 ` Sean Christopherson 2018-12-17 18:23 ` Jarkko Sakkinen 2018-12-17 18:46 ` Sean Christopherson 2018-12-17 19:36 ` Jarkko Sakkinen 2018-11-27 16:46 ` Jarkko Sakkinen 2018-11-28 21:52 ` Andy Lutomirski 2018-11-27 7:46 ` Jethro Beekman 2018-11-27 16:36 ` Jarkko Sakkinen 2018-11-22 20:56 ` Andy Lutomirski 2018-11-23 10:39 ` Dr. Greg 2018-11-24 16:45 ` Jarkko Sakkinen 2018-11-28 5:08 ` Jarkko Sakkinen 2018-11-28 5:38 ` Jethro Beekman 2018-12-09 17:01 ` Pavel Machek 2018-11-20 11:15 ` Dr. Greg 2018-11-24 16:15 ` Jarkko Sakkinen 2018-11-24 19:24 ` Dr. Greg 2018-11-26 19:39 ` Jarkko Sakkinen 2018-12-09 17:01 ` Pavel Machek 2018-12-10 14:46 ` Dr. Greg 2018-12-17 17:45 ` Dave Hansen 2018-12-17 18:01 ` Jarkko Sakkinen 2018-12-17 18:07 ` Dave Hansen 2018-12-17 18:31 ` Jarkko Sakkinen 2018-12-17 18:36 ` Sean Christopherson 2018-12-17 18:43 ` Jarkko Sakkinen 2018-12-17 18:47 ` Dave Hansen 2018-12-17 19:12 ` Andy Lutomirski 2018-12-17 19:17 ` Dave Hansen 2018-12-17 19:25 ` Andy Lutomirski 2018-12-17 19:54 ` Jarkko Sakkinen 2018-12-17 19:49 ` Jarkko Sakkinen 2018-12-17 19:53 ` Dave Hansen 2018-12-17 19:55 ` Andy Lutomirski 2018-12-17 20:03 ` Dave Hansen 2018-12-17 20:10 ` Andy Lutomirski 2018-12-17 20:15 ` Dave Hansen 2018-12-17 22:36 ` Sean Christopherson 2018-12-18 1:40 ` Jarkko Sakkinen 2018-12-17 22:20 ` Sean Christopherson 2018-12-18 1:39 ` Jarkko Sakkinen 2018-12-18 3:27 ` Jarkko Sakkinen 2018-12-18 5:02 ` Andy Lutomirski 2018-12-18 13:27 ` Jarkko Sakkinen 2018-12-18 4:55 ` Andy Lutomirski 2018-12-18 13:18 ` Jarkko Sakkinen 2018-12-18 4:59 ` Andy Lutomirski 2018-12-18 13:11 ` Jarkko Sakkinen 2018-12-18 15:44 ` Sean Christopherson 2018-12-18 18:53 ` Sean Christopherson 2018-12-19 5:00 ` Jarkko Sakkinen 2018-12-19 5:13 ` Jarkko Sakkinen 2018-12-21 18:28 ` Sean Christopherson 2018-12-22 0:01 ` Jarkko Sakkinen 2018-12-19 4:47 ` Jarkko Sakkinen 2018-12-19 5:24 ` Jarkko Sakkinen 2018-12-18 1:17 ` Jarkko Sakkinen 2018-12-18 1:31 ` Jarkko Sakkinen 2018-12-17 18:48 ` Sean Christopherson 2018-12-17 19:09 ` Dave Hansen 2018-12-17 19:37 ` Jarkko Sakkinen 2018-12-17 19:40 ` Dave Hansen 2018-12-17 19:33 ` Jarkko Sakkinen 2018-12-17 20:21 ` Jarkko Sakkinen 2018-12-18 13:13 ` Jarkko Sakkinen 2018-12-18 15:46 ` Sean Christopherson 2018-12-18 5:55 ` Andy Lutomirski 2018-12-19 5:22 ` Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 19/23] platform/x86: sgx: Add swapping functionality to the " Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 20/23] x86/sgx: Add a simple swapper for the EPC memory manager Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 21/23] platform/x86: ptrace() support for the SGX driver Jarkko Sakkinen 2018-11-16 1:01 ` [PATCH v17 22/23] x86/sgx: SGX documentation Jarkko Sakkinen 2018-12-03 3:28 ` Randy Dunlap 2018-12-03 9:32 ` Jarkko Sakkinen [this message] 2018-11-16 1:01 ` [PATCH v17 23/23] selftests/x86: Add a selftest for SGX Jarkko Sakkinen 2018-11-16 11:17 ` [PATCH v17 00/23] Intel SGX1 support Jarkko Sakkinen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20181203093221.GA29174@linux.intel.com \ --to=jarkko.sakkinen@linux.intel.com \ --cc=andriy.shevchenko@linux.intel.com \ --cc=bp@alien8.de \ --cc=corbet@lwn.net \ --cc=dave.hansen@intel.com \ --cc=haitao.huang@linux.intel.com \ --cc=hpa@zytor.com \ --cc=kai.svahn@intel.com \ --cc=linux-doc@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-sgx@vger.kernel.org \ --cc=luto@amacapital.net \ --cc=mark.shanahan@intel.com \ --cc=mingo@redhat.com \ --cc=nhorman@redhat.com \ --cc=npmccallum@redhat.com \ --cc=platform-driver-x86@vger.kernel.org \ --cc=rdunlap@infradead.org \ --cc=sean.j.christopherson@intel.com \ --cc=serge.ayoun@intel.com \ --cc=shay.katz-zamir@intel.com \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux-Sgx Archive on lore.kernel.org Archives are clonable: git clone --mirror https://lore.kernel.org/linux-sgx/0 linux-sgx/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 linux-sgx linux-sgx/ https://lore.kernel.org/linux-sgx \ linux-sgx@vger.kernel.org public-inbox-index linux-sgx Example config snippet for mirrors Newsgroup available over NNTP: nntp://nntp.lore.kernel.org/org.kernel.vger.linux-sgx AGPL code for this site: git clone https://public-inbox.org/public-inbox.git