* [PATCH] x86/sgx: Update correct attributes variable when allowing provisioning
@ 2020-10-01 21:02 Sean Christopherson
2020-10-01 22:10 ` Jarkko Sakkinen
0 siblings, 1 reply; 2+ messages in thread
From: Sean Christopherson @ 2020-10-01 21:02 UTC (permalink / raw)
To: Jarkko Sakkinen; +Cc: linux-sgx
Set the PROVISIONKEY flag in attributes_mask, a.k.a. the mask of allowed
attributes for the enclave, when the enclave's owner demonstrates access
to /dev/sgx/provision. Setting the flag in the enclave's attributes
effectively declares intent to access the key, whereas the ioctl()'s
intent is to grant access to the key.
Fixes: 80e062767a37 ("x86/sgx: Add SGX_IOC_ENCLAVE_PROVISION")
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
index ec38a9416788..16d0c9abafc2 100644
--- a/arch/x86/kernel/cpu/sgx/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/ioctl.c
@@ -763,7 +763,7 @@ static long sgx_ioc_enclave_provision(struct sgx_encl *encl, void __user *arg)
goto out;
}
- encl->attributes |= SGX_ATTR_PROVISIONKEY;
+ encl->attributes_mask |= SGX_ATTR_PROVISIONKEY;
ret = 0;
out:
--
2.28.0
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH] x86/sgx: Update correct attributes variable when allowing provisioning
2020-10-01 21:02 [PATCH] x86/sgx: Update correct attributes variable when allowing provisioning Sean Christopherson
@ 2020-10-01 22:10 ` Jarkko Sakkinen
0 siblings, 0 replies; 2+ messages in thread
From: Jarkko Sakkinen @ 2020-10-01 22:10 UTC (permalink / raw)
To: Sean Christopherson; +Cc: linux-sgx
On Thu, Oct 01, 2020 at 02:02:08PM -0700, Sean Christopherson wrote:
> Set the PROVISIONKEY flag in attributes_mask, a.k.a. the mask of allowed
> attributes for the enclave, when the enclave's owner demonstrates access
> to /dev/sgx/provision. Setting the flag in the enclave's attributes
> effectively declares intent to access the key, whereas the ioctl()'s
> intent is to grant access to the key.
>
> Fixes: 80e062767a37 ("x86/sgx: Add SGX_IOC_ENCLAVE_PROVISION")
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Thank you!
For this kind of fixes ignore the fixes tag and just put at most a lore
link to the response or something. I feel bad that you went all that
trouble writing the paragraph :-)
Anyway, thanks again.
> ---
> arch/x86/kernel/cpu/sgx/ioctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioctl.c
> index ec38a9416788..16d0c9abafc2 100644
> --- a/arch/x86/kernel/cpu/sgx/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/ioctl.c
> @@ -763,7 +763,7 @@ static long sgx_ioc_enclave_provision(struct sgx_encl *encl, void __user *arg)
> goto out;
> }
>
> - encl->attributes |= SGX_ATTR_PROVISIONKEY;
> + encl->attributes_mask |= SGX_ATTR_PROVISIONKEY;
> ret = 0;
>
> out:
> --
> 2.28.0
>
/Jarkko
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-10-01 22:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-01 21:02 [PATCH] x86/sgx: Update correct attributes variable when allowing provisioning Sean Christopherson
2020-10-01 22:10 ` Jarkko Sakkinen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).