1. Patchew
  2. linux
  3. [PATCH 0/4] Enable automatic SVN updates for SGX enclaves
  4. View patch

[PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]

Elena Reshetova posted 4 patches 9 months ago
There is a newer version of this series
[PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]
Posted by Elena Reshetova 9 months ago 
Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
process can know the execution state of EUPDATESVN.

Code is from previous submission in https://lore.kernel.org/all/20220520103904.1216-1-cathy.zhang@intel.com/T/#m1becf67078dc8c59d454e2e6c6d67ca64db341a4

Co-developed-by: Cathy Zhang <cathy.zhang@intel.com>
Signed-off-by: Cathy Zhang <cathy.zhang@intel.com>
Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
---
 arch/x86/include/asm/sgx.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
index 6a0069761508..8ba39bbf4e91 100644
--- a/arch/x86/include/asm/sgx.h
+++ b/arch/x86/include/asm/sgx.h
@@ -73,6 +73,11 @@ enum sgx_encls_function {
  *				public key does not match IA32_SGXLEPUBKEYHASH.
  * %SGX_PAGE_NOT_MODIFIABLE:	The EPC page cannot be modified because it
  *				is in the PENDING or MODIFIED state.
+ * %SGX_INSUFFICIENT_ENTROPY:	Insufficient entropy in RNG.
+ * %SGX_EPC_NOT_READY:		EPC is not ready for SVN update.
+ * %SGX_NO_UPDATE:		EUPDATESVN was successful, but CPUSVN was not
+ *				updated because current SVN was not newer than
+ *				CPUSVN.
  * %SGX_UNMASKED_EVENT:		An unmasked event, e.g. INTR, was received
  */
 enum sgx_return_code {
@@ -81,6 +86,9 @@ enum sgx_return_code {
 	SGX_CHILD_PRESENT		= 13,
 	SGX_INVALID_EINITTOKEN		= 16,
 	SGX_PAGE_NOT_MODIFIABLE		= 20,
+	SGX_INSUFFICIENT_ENTROPY	= 29,
+	SGX_EPC_NOT_READY		= 30,
+	SGX_NO_UPDATE			= 31,
 	SGX_UNMASKED_EVENT		= 128,
 };
 
-- 
2.45.2
Re: [PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]
Posted by Jarkko Sakkinen 8 months, 4 weeks ago 
On Fri, Mar 21, 2025 at 02:34:42PM +0200, Elena Reshetova wrote:
> Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
> process can know the execution state of EUPDATESVN.
> 

Enumerate the error codes. Do we need all of the three added?

> Code is from previous submission in https://lore.kernel.org/all/20220520103904.1216-1-cathy.zhang@intel.com/T/#m1becf67078dc8c59d454e2e6c6d67ca64db341a4
"Link: https://lore.kernel.org/all/20220520103904.1216-1-cathy.zhang@intel.com/T/#m1becf67078dc8c59d454e2e6c6d67ca64db341a4"

> 
> Co-developed-by: Cathy Zhang <cathy.zhang@intel.com>
> Signed-off-by: Cathy Zhang <cathy.zhang@intel.com>

> Co-developed-by: Elena Reshetova <elena.reshetova@intel.com>
Should be removed:
https://docs.kernel.org/process/submitting-patches.html#when-to-use-acked-by-cc-and-co-developed-by

> Signed-off-by: Elena Reshetova <elena.reshetova@intel.com>
> ---
>  arch/x86/include/asm/sgx.h | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h
> index 6a0069761508..8ba39bbf4e91 100644
> --- a/arch/x86/include/asm/sgx.h
> +++ b/arch/x86/include/asm/sgx.h
> @@ -73,6 +73,11 @@ enum sgx_encls_function {
>   *				public key does not match IA32_SGXLEPUBKEYHASH.
>   * %SGX_PAGE_NOT_MODIFIABLE:	The EPC page cannot be modified because it
>   *				is in the PENDING or MODIFIED state.
> + * %SGX_INSUFFICIENT_ENTROPY:	Insufficient entropy in RNG.
> + * %SGX_EPC_NOT_READY:		EPC is not ready for SVN update.
> + * %SGX_NO_UPDATE:		EUPDATESVN was successful, but CPUSVN was not
> + *				updated because current SVN was not newer than
> + *				CPUSVN.
>   * %SGX_UNMASKED_EVENT:		An unmasked event, e.g. INTR, was received
>   */
>  enum sgx_return_code {
> @@ -81,6 +86,9 @@ enum sgx_return_code {
>  	SGX_CHILD_PRESENT		= 13,
>  	SGX_INVALID_EINITTOKEN		= 16,
>  	SGX_PAGE_NOT_MODIFIABLE		= 20,
> +	SGX_INSUFFICIENT_ENTROPY	= 29,
> +	SGX_EPC_NOT_READY		= 30,
>  +	SGX_NO_UPDATE			= 31,



>  	SGX_UNMASKED_EVENT		= 128,
>  };
>  
> -- 
> 2.45.2
> 
> 

BR, Jarkko
RE: [PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]
Posted by Reshetova, Elena 8 months, 3 weeks ago 

> On Fri, Mar 21, 2025 at 02:34:42PM +0200, Elena Reshetova wrote:
> > Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
> > process can know the execution state of EUPDATESVN.
> >
> 
> Enumerate the error codes. 

You mean in the commit message or? 


> Do we need all of the three added?

Yes, we do. They are all valid error codes that can be received as a result of
execution of EUPDATESVN. 

Best Regards,
Elena.
Re: [PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]
Posted by Jarkko Sakkinen 8 months, 3 weeks ago 
On Mon, Mar 24, 2025 at 12:21:14PM +0000, Reshetova, Elena wrote:
> 
> 
> > On Fri, Mar 21, 2025 at 02:34:42PM +0200, Elena Reshetova wrote:
> > > Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
> > > process can know the execution state of EUPDATESVN.
> > >
> > 
> > Enumerate the error codes. 
> 
> You mean in the commit message or? 

I'm not really sure how kernel uses them.

> 
> 
> > Do we need all of the three added?
> 
> Yes, we do. They are all valid error codes that can be received as a result of
> execution of EUPDATESVN. 
> 
> Best Regards,
> Elena.

BR, Jarkko
RE: [PATCH 3/4] x86/sgx: Define error codes for ENCLS[EUPDATESVN]
Posted by Reshetova, Elena 8 months, 3 weeks ago 
 
> On Mon, Mar 24, 2025 at 12:21:14PM +0000, Reshetova, Elena wrote:
> >
> >
> > > On Fri, Mar 21, 2025 at 02:34:42PM +0200, Elena Reshetova wrote:
> > > > Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update
> > > > process can know the execution state of EUPDATESVN.
> > > >
> > >
> > > Enumerate the error codes.
> >
> > You mean in the commit message or?
> 
> I'm not really sure how kernel uses them.

The SGX_INSUFFICIENT_ENTROPY is used to make reties by kernel. 
The other two are only used to print the informational message. 

Best Regards,
Elena.

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.