[v1] Qemu SGX virtualization

[RESEND PATCH 13/32] linux-headers: Add placeholder for KVM_CAP_SGX_ATTRIBUTE

Posted by Yang Zhong 4 years, 9 months ago

From: Sean Christopherson <sean.j.christopherson@intel.com>

KVM_CAP_SGX_ATTRIBUTE is a proposed capability for Intel SGX that can be
used by userspace to enable privileged attributes, e.g. access to the
PROVISIONKEY.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Yang Zhong <yang.zhong@intel.com>
---
 linux-headers/linux/kvm.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index 020b62a619..0961b03007 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1056,6 +1056,7 @@ struct kvm_ppc_resize_hpt {
 #define KVM_CAP_ENFORCE_PV_FEATURE_CPUID 190
 #define KVM_CAP_SYS_HYPERV_CPUID 191
 #define KVM_CAP_DIRTY_LOG_RING 192
+#define KVM_CAP_SGX_ATTRIBUTE 195
 
 #ifdef KVM_CAP_IRQ_ROUTING
 
-- 
2.29.2.334.gfaefdd61ec

Re: [RESEND PATCH 13/32] linux-headers: Add placeholder for KVM_CAP_SGX_ATTRIBUTE

Posted by Kai Huang 4 years, 9 months ago

On Fri, 2021-04-30 at 14:24 +0800, Yang Zhong wrote:
> From: Sean Christopherson <sean.j.christopherson@intel.com>
> 
> KVM_CAP_SGX_ATTRIBUTE is a proposed capability for Intel SGX that can be
> used by userspace to enable privileged attributes, e.g. access to the
> PROVISIONKEY.
> 
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Yang Zhong <yang.zhong@intel.com>
> ---
>  linux-headers/linux/kvm.h | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
> index 020b62a619..0961b03007 100644
> --- a/linux-headers/linux/kvm.h
> +++ b/linux-headers/linux/kvm.h
> @@ -1056,6 +1056,7 @@ struct kvm_ppc_resize_hpt {
>  #define KVM_CAP_ENFORCE_PV_FEATURE_CPUID 190
>  #define KVM_CAP_SYS_HYPERV_CPUID 191
>  #define KVM_CAP_DIRTY_LOG_RING 192
> +#define KVM_CAP_SGX_ATTRIBUTE 195
>  
> 

This hasn't been updated to 196.


Btw, should we just copy the latest kvm.h from linux kernel? 193-195 are missing if only
define KVM_CAP_SGX_ATTRIBUTE here.

Re: [RESEND PATCH 13/32] linux-headers: Add placeholder for KVM_CAP_SGX_ATTRIBUTE

Posted by Yang Zhong 4 years, 9 months ago

On Thu, May 06, 2021 at 02:17:21PM +1200, Kai Huang wrote:
> On Fri, 2021-04-30 at 14:24 +0800, Yang Zhong wrote:
> > From: Sean Christopherson <sean.j.christopherson@intel.com>
> > 
> > KVM_CAP_SGX_ATTRIBUTE is a proposed capability for Intel SGX that can be
> > used by userspace to enable privileged attributes, e.g. access to the
> > PROVISIONKEY.
> > 
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> > Signed-off-by: Yang Zhong <yang.zhong@intel.com>
> > ---
> >  linux-headers/linux/kvm.h | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
> > index 020b62a619..0961b03007 100644
> > --- a/linux-headers/linux/kvm.h
> > +++ b/linux-headers/linux/kvm.h
> > @@ -1056,6 +1056,7 @@ struct kvm_ppc_resize_hpt {
> >  #define KVM_CAP_ENFORCE_PV_FEATURE_CPUID 190
> >  #define KVM_CAP_SYS_HYPERV_CPUID 191
> >  #define KVM_CAP_DIRTY_LOG_RING 192
> > +#define KVM_CAP_SGX_ATTRIBUTE 195
> >  
> > 
> 
> This hasn't been updated to 196.
>
  As for KVM_CAP_SGX_ATTRIBUTE is still 195, i mentioned this in the coverletter, and this release
  still rebased on KVM-SGX upstream branch(5.12.0-rc3+). Since the KVM-SGX series has been merged
  into linux release in 5/1, i will rebase Qemu SGX on linux release in the next version patch series. 

> 
> Btw, should we just copy the latest kvm.h from linux kernel? 193-195 are missing if only
> define KVM_CAP_SGX_ATTRIBUTE here.

  There are three macro definitions before KVM_CAP_SGX_ATTRIBUTE, and KVM_CAP_X86_BUS_LOCK_EXIT use case
  is being upstreamed by our colleague. 
  As for other two macro definitions, i am not sure if we need add those here. thanks!

  Yang