Linux-Sgx Archive on lore.kernel.org
 help / color / Atom feed
From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Borislav Petkov <bp@alien8.de>,
	linux-kernel@vger.kernel.org, x86@kernel.org,
	linux-sgx@vger.kernel.org, akpm@linux-foundation.org,
	dave.hansen@intel.com, nhorman@redhat.com, npmccallum@redhat.com,
	serge.ayoun@intel.com, shay.katz-zamir@intel.com,
	haitao.huang@intel.com, andriy.shevchenko@linux.intel.com,
	tglx@linutronix.de, kai.svahn@intel.com, josh@joshtriplett.org,
	luto@kernel.org, kai.huang@intel.com, rientjes@google.com,
	cedric.xing@intel.com
Subject: Re: [PATCH v22 05/24] x86/sgx: Add ENCLS architectural error codes
Date: Fri, 27 Sep 2019 10:20:12 -0700
Message-ID: <20190927172012.GE25513@linux.intel.com> (raw)
In-Reply-To: <20190927160842.GL10545@linux.intel.com>

On Fri, Sep 27, 2019 at 07:08:42PM +0300, Jarkko Sakkinen wrote:
> On Fri, Sep 27, 2019 at 12:20:13PM +0200, Borislav Petkov wrote:
> > On Tue, Sep 03, 2019 at 05:26:36PM +0300, Jarkko Sakkinen wrote:
> > > Document ENCLS architectural error codes. These error codes are returned by
> > > the SGX opcodes. Make the header as part of the uapi so that they can be
> > > used in some situations directly returned to the user space (ENCLS[EINIT]
> > > leaf function error codes could be one potential use case).
> > > 
> > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
> > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> > > ---
> > >  arch/x86/include/uapi/asm/sgx_errno.h | 91 +++++++++++++++++++++++++++
> > >  1 file changed, 91 insertions(+)
> > >  create mode 100644 arch/x86/include/uapi/asm/sgx_errno.h
> > > 
> > > diff --git a/arch/x86/include/uapi/asm/sgx_errno.h b/arch/x86/include/uapi/asm/sgx_errno.h
> > > new file mode 100644
> > > index 000000000000..48b87aed58d7
> > > --- /dev/null
> > > +++ b/arch/x86/include/uapi/asm/sgx_errno.h
> > > @@ -0,0 +1,91 @@
> > > +/* SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause */
> > > +/*
> > > + * Copyright(c) 2018 Intel Corporation.
> > > + *
> > > + * Contains the architecturally defined error codes that are returned by SGX
> > > + * instructions, e.g. ENCLS, and may be propagated to userspace via errno.
> > > + */
> > > +
> > > +#ifndef _UAPI_ASM_X86_SGX_ERRNO_H
> > > +#define _UAPI_ASM_X86_SGX_ERRNO_H
> > > +
> > > +/**
> > > + * enum sgx_encls_leaves - return codes for ENCLS, ENCLU and ENCLV
> > > + * %SGX_SUCCESS:		No error.
> > > + * %SGX_INVALID_SIG_STRUCT:	SIGSTRUCT contains an invalid value.
> > > + * %SGX_INVALID_ATTRIBUTE:	Enclave is not attempting to access a resource
> > 
> > That first "not" looks wrong.
> > 
> > > + *				for which it is not authorized.
> > > + * %SGX_BLKSTATE:		EPC page is already blocked.
> > > + * %SGX_INVALID_MEASUREMENT:	SIGSTRUCT or EINITTOKEN contains an incorrect
> > > + *				measurement.
> > > + * %SGX_NOTBLOCKABLE:		EPC page type is not one which can be blocked.
> > > + * %SGX_PG_INVLD:		EPC page is invalid (and cannot be blocked).
> > > + * %SGX_EPC_PAGE_CONFLICT:	EPC page in use by another SGX instruction.
> > > + * %SGX_INVALID_SIGNATURE:	Enclave's signature does not validate with
> > > + *				public key enclosed in SIGSTRUCT.
> > > + * %SGX_MAC_COMPARE_FAIL:	MAC check failed when reloading EPC page.
> > > + * %SGX_PAGE_NOT_BLOCKED:	EPC page is not marked as blocked.
> > > + * %SGX_NOT_TRACKED:		ETRACK has not been completed on the EPC page.
> > > + * %SGX_VA_SLOT_OCCUPIED:	Version array slot contains a valid entry.
> > > + * %SGX_CHILD_PRESENT:		Enclave has child pages present in the EPC.
> > > + * %SGX_ENCLAVE_ACT:		Logical processors are currently executing
> > > + *				inside the enclave.
> > > + * %SGX_ENTRYEPOCH_LOCKED:	SECS locked for EPOCH update, i.e. an ETRACK is
> > > + *				currently executing on the SECS.
> > > + * %SGX_INVALID_EINITTOKEN:	EINITTOKEN is invalid and enclave signer's
> > > + *				public key does not match IA32_SGXLEPUBKEYHASH.
> > > + * %SGX_PREV_TRK_INCMPL:	All processors did not complete the previous
> > > + *				tracking sequence.
> > > + * %SGX_PG_IS_SECS:		Target EPC page is an SECS and cannot be
> > > + *				blocked.
> > > + * %SGX_PAGE_ATTRIBUTES_MISMATCH:	Attributes of the EPC page do not match
> > > + *					the expected values.
> > 
> > You sometimes call it "PG" and sometimes "PAGE". Unify?

We pulled the names verbatim from the SDM.  I agree that diverging from
the SDM makes sense.  I'll also see if the SDM can be updated to use
consistent names.

> > > + * %SGX_PAGE_NOT_MODIFIABLE:	EPC page cannot be modified because it is in
> > > + *				the PENDING or MODIFIED state.
> > > + * %SGX_PAGE_NOT_DEBUGGABLE:	EPC page cannot be modified because it is in
> > > + *				the PENDING or MODIFIED state.
> > 
> > Same description text?
> 
> Thanks for the remarks. I think I define only the error codes in the
> next version that actually get used by the driver and document them
> properly. Should become way more cleaner.

Please keep all error codes.  For errors that inevitably occur during
development, it's very helpful to have the complete list in the kernel
(well, reasonably complete).  I hate having to open and search through the
SDM just to decipher a random numeric error code.

  reply index

Thread overview: 102+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-03 14:26 [PATCH v22 00/24] Intel SGX foundations Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 01/24] x86/cpufeatures: x86/msr: Add Intel SGX hardware bits Jarkko Sakkinen
2019-09-24 15:28   ` Borislav Petkov
2019-09-24 16:11     ` Sean Christopherson
2019-09-24 16:25       ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 02/24] x86/cpufeatures: x86/msr: Intel SGX Launch Control " Jarkko Sakkinen
2019-09-24 15:52   ` Borislav Petkov
2019-09-24 20:22     ` Sean Christopherson
2019-09-25  8:51       ` Borislav Petkov
2019-09-25 17:18         ` Sean Christopherson
2019-09-25 18:31           ` Borislav Petkov
2019-09-25 19:08             ` Sean Christopherson
2019-09-27 16:11           ` Jarkko Sakkinen
2019-09-25 14:09     ` Jarkko Sakkinen
2019-09-25 14:10       ` Jarkko Sakkinen
2019-09-25 14:38         ` Jarkko Sakkinen
2019-09-25 15:19       ` Borislav Petkov
2019-09-25 16:49         ` Sean Christopherson
2019-09-25 17:28           ` Borislav Petkov
2019-09-25 18:18             ` Sean Christopherson
2019-09-03 14:26 ` [PATCH v22 03/24] x86/mm: x86/sgx: Signal SIGSEGV with PF_SGX Jarkko Sakkinen
2019-09-24 16:04   ` Borislav Petkov
2019-09-25 14:16     ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 04/24] x86/cpu/intel: Detect SGX supprt Jarkko Sakkinen
2019-09-24 16:13   ` Borislav Petkov
2019-09-24 17:43     ` Sean Christopherson
2019-09-24 18:21       ` Borislav Petkov
2019-09-25 14:46         ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 05/24] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen
2019-09-27 10:20   ` Borislav Petkov
2019-09-27 16:08     ` Jarkko Sakkinen
2019-09-27 17:20       ` Sean Christopherson [this message]
2019-10-01 20:23         ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 06/24] x86/sgx: Add SGX microarchitectural data structures Jarkko Sakkinen
2019-09-27 16:27   ` Borislav Petkov
2019-10-01 19:10     ` Jarkko Sakkinen
2019-10-01 20:39     ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 07/24] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen
2019-10-04  9:45   ` Borislav Petkov
2019-10-04 18:56     ` Jarkko Sakkinen
2019-10-08  4:04     ` Sean Christopherson
2019-10-08  7:18       ` Borislav Petkov
2019-10-08 13:35         ` Sean Christopherson
2019-10-08 14:56           ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 08/24] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen
2019-10-05  9:26   ` Borislav Petkov
2019-10-07 11:58     ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 09/24] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen
2019-10-05 16:44   ` Borislav Petkov
2019-10-07 14:50     ` Sean Christopherson
2019-10-08  9:09       ` Borislav Petkov
2019-10-08 13:31         ` Sean Christopherson
2019-10-07 17:55     ` Jarkko Sakkinen
2019-10-07 18:09       ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 10/24] x86/sgx: Add sgx_einit() for wrapping ENCLS[EINIT] Jarkko Sakkinen
2019-10-08 17:30   ` Borislav Petkov
2019-10-08 17:45     ` Sean Christopherson
2019-10-08 17:46       ` Sean Christopherson
2019-10-08 17:53         ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 11/24] mm: Introduce vm_ops->may_mprotect() Jarkko Sakkinen
2019-10-08 17:41   ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 12/24] x86/sgx: Linux Enclave Driver Jarkko Sakkinen
2019-10-08 17:59   ` Borislav Petkov
2019-10-08 18:17     ` Sean Christopherson
2019-10-08 19:19       ` Borislav Petkov
2019-09-03 14:26 ` [PATCH v22 13/24] x86/sgx: Add provisioning Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 14/24] x86/sgx: Add a page reclaimer Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 15/24] x86/sgx: ptrace() support for the SGX driver Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 16/24] x86/vdso: Add support for exception fixup in vDSO functions Jarkko Sakkinen
2019-10-02 23:18   ` Jarkko Sakkinen
2019-10-02 23:45     ` Jarkko Sakkinen
2019-10-04  0:03     ` Sean Christopherson
2019-10-04 18:49       ` Jarkko Sakkinen
2019-10-04  0:15     ` Sean Christopherson
2019-10-04 18:52       ` Jarkko Sakkinen
2019-10-05 15:54         ` Sean Christopherson
2019-10-07  7:57           ` Jarkko Sakkinen
2019-10-07  8:10             ` Jarkko Sakkinen
2019-10-07 12:04               ` Jarkko Sakkinen
2019-10-08  4:54                 ` Sean Christopherson
2019-10-05 18:39         ` Sean Christopherson
2019-10-07  8:01           ` Jarkko Sakkinen
2019-10-06 23:38         ` Jarkko Sakkinen
2019-10-06 23:40           ` Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 17/24] x86/fault: Add helper function to sanitize error code Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 18/24] x86/traps: Attempt to fixup exceptions in vDSO before signaling Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 19/24] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 20/24] selftests/x86: Add a selftest for SGX Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 21/24] selftests/x86: Recurse into subdirectories Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 22/24] x86/sgx: Update MAINTAINERS Jarkko Sakkinen
2019-09-03 14:26 ` [PATCH v22 23/24] docs: x86/sgx: Document microarchitecture Jarkko Sakkinen
2019-09-27 18:15   ` Randy Dunlap
2019-09-03 14:26 ` [PATCH v22 24/24] docs: x86/sgx: Document kernel internals Jarkko Sakkinen
2019-09-27 17:07   ` Randy Dunlap
2019-10-01 19:34     ` Jarkko Sakkinen
2019-09-13 20:38 ` [PATCH v22 00/24] Intel SGX foundations Dave Hansen
2019-09-14 13:41   ` Jarkko Sakkinen
2019-09-14 15:32     ` Dave Hansen
2019-09-16  5:23       ` Jarkko Sakkinen
2019-09-24 17:20         ` Andy Lutomirski
2019-09-25 14:32           ` Jarkko Sakkinen
2019-10-02 23:42             ` Jarkko Sakkinen

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190927172012.GE25513@linux.intel.com \
    --to=sean.j.christopherson@intel.com \
    --cc=akpm@linux-foundation.org \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=cedric.xing@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=haitao.huang@intel.com \
    --cc=jarkko.sakkinen@linux.intel.com \
    --cc=josh@joshtriplett.org \
    --cc=kai.huang@intel.com \
    --cc=kai.svahn@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-sgx@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=nhorman@redhat.com \
    --cc=npmccallum@redhat.com \
    --cc=rientjes@google.com \
    --cc=serge.ayoun@intel.com \
    --cc=shay.katz-zamir@intel.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Sgx Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-sgx/0 linux-sgx/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-sgx linux-sgx/ https://lore.kernel.org/linux-sgx \
		linux-sgx@vger.kernel.org
	public-inbox-index linux-sgx

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-sgx


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git