From nobody Sun Dec 14 12:16:13 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4741428313D; Thu, 22 May 2025 09:23:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905784; cv=none; b=tyMVvGTNIsDQ6W2kAhC4xrGl8FAECSDQnrjyBml3lT5Pr3ca1KsB0MKn14xRWcwhaP1SLW5oskPHuz2TL6oIAbPlQhs7NHgzs4iOlcQtnOaPtvh3mdyd4j/aRtRwfwbp9YMujdH+aeIXRln+Kv9Ao09rgUdX8CudZ5v9IS3CHA4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905784; c=relaxed/simple; bh=gXFPrPtwKLZsTD5Ey5rNSMwyikfjnKecvf8r8P40cfU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Vy9OOgKBKCXI5lY6+nGJ6p+vvbOjSVtV4ZjCYHdHfShaXninEo84iM2NRPdZJFPmdnqZx3mE5LmWfP+kQ+oAGSOK79za+Y6fL3rPhrny9IR/xNBVSQBZ59OMpF8yZyHsmiyAoVnYbm6kUQKz9U6rO3+22gOr2jz60MnwNTUlkpc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=W6zU02os; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="W6zU02os" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1747905782; x=1779441782; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gXFPrPtwKLZsTD5Ey5rNSMwyikfjnKecvf8r8P40cfU=; b=W6zU02oszcn9ExMtScXcsBsmAPZL6sp+VignjIFQQxyfpiNIr6nIqTzh bJggTaGTmguYVnIHGx7DgM1rqPNSp7MOgzpYjwu/Q13uDy8JOvWcbU9Cr Q6etnCa3M0+nUtOuAfSNfDefoA+AtTtfVIc4EnG2DlcPu135OVdbZnNKY AY0/aNq1bN7noQ7U77vQ9Vbh9fxrAYQwV6j9yyuuhdifO+xvkQT1aUhEh Vm8VJWEVxutsSrxWjHJqowvzbLXquF0EAJ7rfJfNv7Uc1u5T+CL1p3ySi WBVvVXG0Otam9mqS0ogvUr9b2yYFeRSVsrHfbKZW1Hm9qx5Xi3hDaZxpW g==; X-CSE-ConnectionGUID: j23rcIddTruO++yuN/kcbQ== X-CSE-MsgGUID: DrZ3cioqTWq3QGUX0KgNmw== X-IronPort-AV: E=McAfee;i="6700,10204,11440"; a="72445625" X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="72445625" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:02 -0700 X-CSE-ConnectionGUID: sxKsu8cIRWGZHiDA9wEkxg== X-CSE-MsgGUID: 2ViRFOWoRx61IS8j9fdeBw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="145661947" Received: from oandoniu-mobl3.ger.corp.intel.com (HELO eresheto-mobl3.ger.corp.intel.com) ([10.245.245.170]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:22:56 -0700 From: Elena Reshetova To: dave.hansen@intel.com Cc: jarkko@kernel.org, seanjc@google.com, kai.huang@intel.com, mingo@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, asit.k.mallick@intel.com, vincent.r.scarlata@intel.com, chongc@google.com, erdemaktas@google.com, vannapurve@google.com, dionnaglaze@google.com, bondarn@google.com, scott.raynor@intel.com, Elena Reshetova Subject: [PATCH v6 1/5] x86/sgx: Introduce a counter to count the sgx_(vepc_)open() Date: Thu, 22 May 2025 12:21:34 +0300 Message-ID: <20250522092237.7895-2-elena.reshetova@intel.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250522092237.7895-1-elena.reshetova@intel.com> References: <20250522092237.7895-1-elena.reshetova@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Currently SGX does not have a global counter to count the active users from userspace or hypervisor. Implement such a counter, sgx_usage_count. It will be used by the driver when attempting to call EUPDATESVN SGX instruction. Suggested-by: Sean Christopherson Signed-off-by: Elena Reshetova --- arch/x86/kernel/cpu/sgx/driver.c | 22 ++++++++++++++++------ arch/x86/kernel/cpu/sgx/encl.c | 1 + arch/x86/kernel/cpu/sgx/main.c | 14 ++++++++++++++ arch/x86/kernel/cpu/sgx/sgx.h | 3 +++ arch/x86/kernel/cpu/sgx/virt.c | 16 ++++++++++++++-- 5 files changed, 48 insertions(+), 8 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/driver.c b/arch/x86/kernel/cpu/sgx/dri= ver.c index 7f8d1e11dbee..a2994a74bdff 100644 --- a/arch/x86/kernel/cpu/sgx/driver.c +++ b/arch/x86/kernel/cpu/sgx/driver.c @@ -19,9 +19,15 @@ static int sgx_open(struct inode *inode, struct file *fi= le) struct sgx_encl *encl; int ret; =20 + ret =3D sgx_inc_usage_count(); + if (ret) + return ret; + encl =3D kzalloc(sizeof(*encl), GFP_KERNEL); - if (!encl) - return -ENOMEM; + if (!encl) { + ret =3D -ENOMEM; + goto err_usage_count; + } =20 kref_init(&encl->refcount); xa_init(&encl->page_array); @@ -31,14 +37,18 @@ static int sgx_open(struct inode *inode, struct file *f= ile) spin_lock_init(&encl->mm_lock); =20 ret =3D init_srcu_struct(&encl->srcu); - if (ret) { - kfree(encl); - return ret; - } + if (ret) + goto err_encl; =20 file->private_data =3D encl; =20 return 0; + +err_encl: + kfree(encl); +err_usage_count: + sgx_dec_usage_count(); + return ret; } =20 static int sgx_release(struct inode *inode, struct file *file) diff --git a/arch/x86/kernel/cpu/sgx/encl.c b/arch/x86/kernel/cpu/sgx/encl.c index 279148e72459..3b54889ae4a4 100644 --- a/arch/x86/kernel/cpu/sgx/encl.c +++ b/arch/x86/kernel/cpu/sgx/encl.c @@ -765,6 +765,7 @@ void sgx_encl_release(struct kref *ref) WARN_ON_ONCE(encl->secs.epc_page); =20 kfree(encl); + sgx_dec_usage_count(); } =20 /* diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c index 2de01b379aa3..a018b01b8736 100644 --- a/arch/x86/kernel/cpu/sgx/main.c +++ b/arch/x86/kernel/cpu/sgx/main.c @@ -917,6 +917,20 @@ int sgx_set_attribute(unsigned long *allowed_attribute= s, } EXPORT_SYMBOL_GPL(sgx_set_attribute); =20 +/* Counter to count the active SGX users */ +static atomic64_t sgx_usage_count; + +int sgx_inc_usage_count(void) +{ + atomic64_inc(&sgx_usage_count); + return 0; +} + +void sgx_dec_usage_count(void) +{ + atomic64_dec(&sgx_usage_count); +} + static int __init sgx_init(void) { int ret; diff --git a/arch/x86/kernel/cpu/sgx/sgx.h b/arch/x86/kernel/cpu/sgx/sgx.h index d2dad21259a8..f5940393d9bd 100644 --- a/arch/x86/kernel/cpu/sgx/sgx.h +++ b/arch/x86/kernel/cpu/sgx/sgx.h @@ -102,6 +102,9 @@ static inline int __init sgx_vepc_init(void) } #endif =20 +int sgx_inc_usage_count(void); +void sgx_dec_usage_count(void); + void sgx_update_lepubkeyhash(u64 *lepubkeyhash); =20 #endif /* _X86_SGX_H */ diff --git a/arch/x86/kernel/cpu/sgx/virt.c b/arch/x86/kernel/cpu/sgx/virt.c index 7aaa3652e31d..6ce908ed51c9 100644 --- a/arch/x86/kernel/cpu/sgx/virt.c +++ b/arch/x86/kernel/cpu/sgx/virt.c @@ -255,22 +255,34 @@ static int sgx_vepc_release(struct inode *inode, stru= ct file *file) xa_destroy(&vepc->page_array); kfree(vepc); =20 + sgx_dec_usage_count(); return 0; } =20 static int sgx_vepc_open(struct inode *inode, struct file *file) { struct sgx_vepc *vepc; + int ret; + + ret =3D sgx_inc_usage_count(); + if (ret) + return ret; =20 vepc =3D kzalloc(sizeof(struct sgx_vepc), GFP_KERNEL); - if (!vepc) - return -ENOMEM; + if (!vepc) { + ret =3D -ENOMEM; + goto err_usage_count; + } mutex_init(&vepc->lock); xa_init(&vepc->page_array); =20 file->private_data =3D vepc; =20 return 0; + +err_usage_count: + sgx_dec_usage_count(); + return ret; } =20 static long sgx_vepc_ioctl(struct file *file, --=20 2.45.2 From nobody Sun Dec 14 12:16:13 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5446A28313D; Thu, 22 May 2025 09:23:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905790; cv=none; b=rt0hxXbYTpvQjlLgdYSm7avDdkMlKxR32vtJ60seSIZu7PEoUSLK7w4vp4g+WB5CU+kEQiy/VVEFk+ioLR/bhuFJEVRxaMP4YQGAPJpRYYG/30Tg6CqNrRX77XscNIw40K76CYEGbPDDYc1E8xLP2SSS1OfObhaWoWoFJYIa2F4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905790; c=relaxed/simple; bh=5VlMjouywTImkkv1Ssed5OZLNdMxZuPdw+RQR2oOkrw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=d01E0mffJ051O5yLKYaGVLllp+qNKcK8+L/iRFblIiCdb3uPH9cfi8CA5xQLtuksYQIkxwvni3esnhPFaH/Z0eVkWufKf524H5778LEH9Xi06DCzccsOZHlLPJK758XAIyNYIrS9c8kYTWxGvDChCWXdFtVyG2Sggc+ugXoVw68= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=RJ0jjzq3; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="RJ0jjzq3" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1747905789; x=1779441789; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5VlMjouywTImkkv1Ssed5OZLNdMxZuPdw+RQR2oOkrw=; b=RJ0jjzq3xEo+9iYnVixQ3c3uBJodxv069Fi6R+G1sBd4l7XPRLidBtNp uciMzI1UNfaJDs9/gM4J33G78wxs5rt78GG6jMnRAVP+ZRaLCeL8S9UVe jVjm5l3BxkNfzAJ9wkCaqWq80ZR6zkpZTicghBjLOc89MzLAuMbuPqmAU rrqyqWtrpghjE/IUZaw7jX77BGfxbyujNz/4TMaPN26y/L8g1XgyuWdbn 1LrLTLI4NP1YNY/j6ajAwy/wDeHmzhKKXDlZO0in1PMUeZE4ww4dFXyGv ETJAJVGcN0OxfFOtEJhvMR1nh8zeX7tkWMqYvqhMl/Flm+xHZKuKh4y7S g==; X-CSE-ConnectionGUID: xrDUdBnNQEG7lTfAVECfKg== X-CSE-MsgGUID: WEPYR0Q2RC2Xd1tHCa5sWg== X-IronPort-AV: E=McAfee;i="6700,10204,11440"; a="72445636" X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="72445636" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:08 -0700 X-CSE-ConnectionGUID: fi/4cbGCSHuBIrSg7/aZrQ== X-CSE-MsgGUID: G0ep7rNeQWyZlglS+GM8Tw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="145661974" Received: from oandoniu-mobl3.ger.corp.intel.com (HELO eresheto-mobl3.ger.corp.intel.com) ([10.245.245.170]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:02 -0700 From: Elena Reshetova To: dave.hansen@intel.com Cc: jarkko@kernel.org, seanjc@google.com, kai.huang@intel.com, mingo@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, asit.k.mallick@intel.com, vincent.r.scarlata@intel.com, chongc@google.com, erdemaktas@google.com, vannapurve@google.com, dionnaglaze@google.com, bondarn@google.com, scott.raynor@intel.com, Elena Reshetova Subject: [PATCH v6 2/5] x86/cpufeatures: Add X86_FEATURE_SGX_EUPDATESVN feature flag Date: Thu, 22 May 2025 12:21:35 +0300 Message-ID: <20250522092237.7895-3-elena.reshetova@intel.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250522092237.7895-1-elena.reshetova@intel.com> References: <20250522092237.7895-1-elena.reshetova@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a flag indicating whenever ENCLS[EUPDATESVN] SGX instruction is supported. This will be used by SGX driver to perform CPU SVN updates. Signed-off-by: Elena Reshetova --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/kernel/cpu/cpuid-deps.c | 1 + arch/x86/kernel/cpu/scattered.c | 1 + tools/arch/x86/include/asm/cpufeatures.h | 1 + 4 files changed, 4 insertions(+) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpuf= eatures.h index 5b50e0e35129..ee8f0e30ab6c 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -483,6 +483,7 @@ #define X86_FEATURE_PREFER_YMM (21*32+ 8) /* Avoid ZMM registers due to d= ownclocking */ #define X86_FEATURE_APX (21*32+ 9) /* Advanced Performance Extensions */ #define X86_FEATURE_INDIRECT_THUNK_ITS (21*32+10) /* Use thunk for indirec= t branches in lower half of cacheline */ +#define X86_FEATURE_SGX_EUPDATESVN (21*32+11) /* Support for ENCLS[EUPDATE= SVN] instruction */ =20 /* * BUG word(s) diff --git a/arch/x86/kernel/cpu/cpuid-deps.c b/arch/x86/kernel/cpu/cpuid-d= eps.c index 46efcbd6afa4..3d9f49ad0efd 100644 --- a/arch/x86/kernel/cpu/cpuid-deps.c +++ b/arch/x86/kernel/cpu/cpuid-deps.c @@ -79,6 +79,7 @@ static const struct cpuid_dep cpuid_deps[] =3D { { X86_FEATURE_SGX_LC, X86_FEATURE_SGX }, { X86_FEATURE_SGX1, X86_FEATURE_SGX }, { X86_FEATURE_SGX2, X86_FEATURE_SGX1 }, + { X86_FEATURE_SGX_EUPDATESVN, X86_FEATURE_SGX1 }, { X86_FEATURE_SGX_EDECCSSA, X86_FEATURE_SGX1 }, { X86_FEATURE_XFD, X86_FEATURE_XSAVES }, { X86_FEATURE_XFD, X86_FEATURE_XGETBV1 }, diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattere= d.c index dbf6d71bdf18..2a29fc33a891 100644 --- a/arch/x86/kernel/cpu/scattered.c +++ b/arch/x86/kernel/cpu/scattered.c @@ -42,6 +42,7 @@ static const struct cpuid_bit cpuid_bits[] =3D { { X86_FEATURE_PER_THREAD_MBA, CPUID_ECX, 0, 0x00000010, 3 }, { X86_FEATURE_SGX1, CPUID_EAX, 0, 0x00000012, 0 }, { X86_FEATURE_SGX2, CPUID_EAX, 1, 0x00000012, 0 }, + { X86_FEATURE_SGX_EUPDATESVN, CPUID_EAX, 10, 0x00000012, 0 }, { X86_FEATURE_SGX_EDECCSSA, CPUID_EAX, 11, 0x00000012, 0 }, { X86_FEATURE_HW_PSTATE, CPUID_EDX, 7, 0x80000007, 0 }, { X86_FEATURE_CPB, CPUID_EDX, 9, 0x80000007, 0 }, diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/incl= ude/asm/cpufeatures.h index bc81b9d1aeca..769ee7e411c3 100644 --- a/tools/arch/x86/include/asm/cpufeatures.h +++ b/tools/arch/x86/include/asm/cpufeatures.h @@ -481,6 +481,7 @@ #define X86_FEATURE_AMD_HTR_CORES (21*32+ 6) /* Heterogeneous Core Topolog= y */ #define X86_FEATURE_AMD_WORKLOAD_CLASS (21*32+ 7) /* Workload Classificati= on */ #define X86_FEATURE_PREFER_YMM (21*32+ 8) /* Avoid ZMM registers due to d= ownclocking */ +#define X86_FEATURE_SGX_EUPDATESVN (21*32+11) /* Support for ENCLS[EUPDATE= SVN] instruction */ =20 /* * BUG word(s) --=20 2.45.2 From nobody Sun Dec 14 12:16:13 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2FA10286D6A; Thu, 22 May 2025 09:23:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905796; cv=none; b=eQ10iIci/FoRpKKlgT0gzSMz4pc3IhIA5ss4ckWTIYdgleJgJu4ZRkHsIXESQzw89LZPcCCz5aW0DIorOcOPOccZarQq17KNhkporYkKIY4MnVe80guOcNbj8pDwMhZmLTLeWVCo+3OSjdb09ln7hUQhYxQNCt/ZKP9ae+8Obh4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905796; c=relaxed/simple; bh=5tn1s0xpEgieBaW2rEVLCUgMZNIIbtgh5f8AiANQjxI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SfQvLJSaqpO6D/BotsNnOvQxj0RikMxneM3GWDJwD2+NpQ1yyXtvZ4ZVlXEfB37LzcevHCf6ZQxw+TiVNuVLsNHyuP2y8fsg+F45RqJKGSnveXVeuOdV3upmFlPF2wJrBhpgKpuStTgUdIR1gJcazoYtJXHGeeyF//Izk4+OsBY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=EOL5PQZI; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="EOL5PQZI" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1747905794; x=1779441794; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5tn1s0xpEgieBaW2rEVLCUgMZNIIbtgh5f8AiANQjxI=; b=EOL5PQZIYQ2ZAgBUHohTe4gx8JwC8L3FYIISO1pGCndAHAjl/oObS3Oe V+wp74+Bw1JPzaYjBDuf6j9lKNDUDOHyq9eblYitloVGSgHDlT+IGwdne vT4HFPcNh9PB8cEvIXNmj2hFQvKYN5A3mCat33H9kMtINT6AiKRyMDXxi f7gq1x4qm8gnfiyrHnf+Z/BB0VsUXhEZOLy7A9andDfWmYlLDUJvg7Wdp yaG9wwD6zXMIFhqmXq7R9qAhIev7iFlU2kXa5WtZAsKVjpDI292wN4ggz QRtrbQ306/GgK7xDVVV62uagcQWAADs8diQvGXQT+6m+jUp8WGZFl3IKQ Q==; X-CSE-ConnectionGUID: bROqRdDLSGmJHOLvnaqGKg== X-CSE-MsgGUID: nks5F31sRb+IZreMyFzy6A== X-IronPort-AV: E=McAfee;i="6700,10204,11440"; a="72445653" X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="72445653" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:14 -0700 X-CSE-ConnectionGUID: ++hLVAtgR82dczFwTf97sg== X-CSE-MsgGUID: GQ6LEdhNQJ6EsZAAMhseug== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="145661997" Received: from oandoniu-mobl3.ger.corp.intel.com (HELO eresheto-mobl3.ger.corp.intel.com) ([10.245.245.170]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:08 -0700 From: Elena Reshetova To: dave.hansen@intel.com Cc: jarkko@kernel.org, seanjc@google.com, kai.huang@intel.com, mingo@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, asit.k.mallick@intel.com, vincent.r.scarlata@intel.com, chongc@google.com, erdemaktas@google.com, vannapurve@google.com, dionnaglaze@google.com, bondarn@google.com, scott.raynor@intel.com, Elena Reshetova Subject: [PATCH v6 3/5] x86/sgx: Define error codes for use by ENCLS[EUPDATESVN] Date: Thu, 22 May 2025 12:21:36 +0300 Message-ID: <20250522092237.7895-4-elena.reshetova@intel.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250522092237.7895-1-elena.reshetova@intel.com> References: <20250522092237.7895-1-elena.reshetova@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add error codes for ENCLS[EUPDATESVN], then SGX CPUSVN update process can know the execution state of EUPDATESVN and notify userspace. Signed-off-by: Elena Reshetova --- arch/x86/include/asm/sgx.h | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/arch/x86/include/asm/sgx.h b/arch/x86/include/asm/sgx.h index 6a0069761508..1abf1461fab6 100644 --- a/arch/x86/include/asm/sgx.h +++ b/arch/x86/include/asm/sgx.h @@ -28,21 +28,22 @@ #define SGX_CPUID_EPC_MASK GENMASK(3, 0) =20 enum sgx_encls_function { - ECREATE =3D 0x00, - EADD =3D 0x01, - EINIT =3D 0x02, - EREMOVE =3D 0x03, - EDGBRD =3D 0x04, - EDGBWR =3D 0x05, - EEXTEND =3D 0x06, - ELDU =3D 0x08, - EBLOCK =3D 0x09, - EPA =3D 0x0A, - EWB =3D 0x0B, - ETRACK =3D 0x0C, - EAUG =3D 0x0D, - EMODPR =3D 0x0E, - EMODT =3D 0x0F, + ECREATE =3D 0x00, + EADD =3D 0x01, + EINIT =3D 0x02, + EREMOVE =3D 0x03, + EDGBRD =3D 0x04, + EDGBWR =3D 0x05, + EEXTEND =3D 0x06, + ELDU =3D 0x08, + EBLOCK =3D 0x09, + EPA =3D 0x0A, + EWB =3D 0x0B, + ETRACK =3D 0x0C, + EAUG =3D 0x0D, + EMODPR =3D 0x0E, + EMODT =3D 0x0F, + EUPDATESVN =3D 0x18, }; =20 /** @@ -73,6 +74,10 @@ enum sgx_encls_function { * public key does not match IA32_SGXLEPUBKEYHASH. * %SGX_PAGE_NOT_MODIFIABLE: The EPC page cannot be modified because it * is in the PENDING or MODIFIED state. + * %SGX_INSUFFICIENT_ENTROPY: Insufficient entropy in RNG. + * %SGX_NO_UPDATE: EUPDATESVN was successful, but CPUSVN was not + * updated because current SVN was not newer than + * CPUSVN. * %SGX_UNMASKED_EVENT: An unmasked event, e.g. INTR, was received */ enum sgx_return_code { @@ -81,6 +86,8 @@ enum sgx_return_code { SGX_CHILD_PRESENT =3D 13, SGX_INVALID_EINITTOKEN =3D 16, SGX_PAGE_NOT_MODIFIABLE =3D 20, + SGX_INSUFFICIENT_ENTROPY =3D 29, + SGX_NO_UPDATE =3D 31, SGX_UNMASKED_EVENT =3D 128, }; =20 --=20 2.45.2 From nobody Sun Dec 14 12:16:13 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB20D70814; Thu, 22 May 2025 09:23:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905802; cv=none; b=g21ZrUpWRUCSwGw9HaW1fcW8+H+vL5+pjNg/g/k3YspW+uFmDNjTCWUvJbXsmSnfD+NEclpIkMwi7XuBqMf5eNGIUB8QAd719GvDtoMOZuxGs8bzmHZ3wGjKpJneWCP0KrPmA38lgw6FDsvKLNuKcYO6Cii1GgubGG3bmoI4gYE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905802; c=relaxed/simple; bh=m4Dn+28HzpJ42BC0PlzyDJxQgYt1OoMrQ+6Ros5CU/M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rus8FouQvgGXSBLyharA4spLhrpySDJf2uuqFK8o2faBzd03QJ79abYbDiHz1HVLzYb/ukRrYmNnCFe3HBd5s8hPxuTDFGjN/tUaJgqdYu6KAvX7tTNpAUslWLuDguA8LzjLCJch7amsxIm5ED6LxU88aV2MU5RC7qhY8jcjA7w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=aOyt0MRw; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="aOyt0MRw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1747905801; x=1779441801; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=m4Dn+28HzpJ42BC0PlzyDJxQgYt1OoMrQ+6Ros5CU/M=; b=aOyt0MRwSr0DooiyauLNyxZiX15x1PDSPsMHoznXvA+ksGoIRZdOEged TUHesfixPR8xuc3PRhsc1tLUBrwQfDKtCdMK2iBuSAntDYMRhxAQPaXxU 6YPc0hyrzaMnmnMkU8T7u/5tkdm9DRBgDNjcdmbc83+ROfsMv1cgb/Kod spx/D2y+RHOgkZXlmVN9ZF9RR/rxo89XqRHyjK4QaZ3MgLi7sX//5B9cT DtvDhxwO5n5L5YUYgb1nMyZqVjjZ++QXRdhqLp/R568e9V5n/TRSMsn6H e9YWlU3ssBwUSIsTUwqiIVPPwpDxV4Lj5Wzs8fHC8VnhTuH364N5UkexQ A==; X-CSE-ConnectionGUID: yaFOxnMbS8OmaUupWjucbA== X-CSE-MsgGUID: BdAW2ywSSCuQyGlSRUrGFw== X-IronPort-AV: E=McAfee;i="6700,10204,11440"; a="72445679" X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="72445679" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:21 -0700 X-CSE-ConnectionGUID: lG+J6I/kSGS1GYL5gTZ2IQ== X-CSE-MsgGUID: fVcU2KcPSoSMUCEqQZJ1dQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="145662020" Received: from oandoniu-mobl3.ger.corp.intel.com (HELO eresheto-mobl3.ger.corp.intel.com) ([10.245.245.170]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:14 -0700 From: Elena Reshetova To: dave.hansen@intel.com Cc: jarkko@kernel.org, seanjc@google.com, kai.huang@intel.com, mingo@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, asit.k.mallick@intel.com, vincent.r.scarlata@intel.com, chongc@google.com, erdemaktas@google.com, vannapurve@google.com, dionnaglaze@google.com, bondarn@google.com, scott.raynor@intel.com, Elena Reshetova Subject: [PATCH v6 4/5] x86/sgx: Implement ENCLS[EUPDATESVN] Date: Thu, 22 May 2025 12:21:37 +0300 Message-ID: <20250522092237.7895-5-elena.reshetova@intel.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250522092237.7895-1-elena.reshetova@intel.com> References: <20250522092237.7895-1-elena.reshetova@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" All running enclaves and cryptographic assets (such as internal SGX encryption keys) are assumed to be compromised whenever an SGX-related microcode update occurs. To mitigate this assumed compromise the new supervisor SGX instruction ENCLS[EUPDATESVN] can generate fresh cryptographic assets. Before executing EUPDATESVN, all SGX memory must be marked as unused. This requirement ensures that no potentially compromised enclave survives the update and allows the system to safely regenerate cryptographic assets. Add the method to perform ENCLS[EUPDATESVN]. Signed-off-by: Elena Reshetova --- arch/x86/kernel/cpu/sgx/encls.h | 5 +++ arch/x86/kernel/cpu/sgx/main.c | 67 +++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) diff --git a/arch/x86/kernel/cpu/sgx/encls.h b/arch/x86/kernel/cpu/sgx/encl= s.h index 99004b02e2ed..d9160c89a93d 100644 --- a/arch/x86/kernel/cpu/sgx/encls.h +++ b/arch/x86/kernel/cpu/sgx/encls.h @@ -233,4 +233,9 @@ static inline int __eaug(struct sgx_pageinfo *pginfo, v= oid *addr) return __encls_2(EAUG, pginfo, addr); } =20 +/* Attempt to update CPUSVN at runtime. */ +static inline int __eupdatesvn(void) +{ + return __encls_ret_1(EUPDATESVN, ""); +} #endif /* _X86_ENCLS_H */ diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c index a018b01b8736..109d40c89fe8 100644 --- a/arch/x86/kernel/cpu/sgx/main.c +++ b/arch/x86/kernel/cpu/sgx/main.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "driver.h" #include "encl.h" #include "encls.h" @@ -920,6 +921,72 @@ EXPORT_SYMBOL_GPL(sgx_set_attribute); /* Counter to count the active SGX users */ static atomic64_t sgx_usage_count; =20 +/** + * sgx_updatesvn() - Attempt to call ENCLS[EUPDATESVN]. + * This instruction attempts to update CPUSVN to the + * currently loaded microcode update SVN and generate new + * cryptographic assets. Must be called when EPC is empty. + * Most of the time, there will be no update and that's OK. + * If the failure is due to SGX_INSUFFICIENT_ENTROPY, the + * operation can be safely retried. In other failure cases, + * the retry should not be attempted. + * + * Return: + * 0: Success or not supported + * -EAGAIN: Can be safely retried, failure is due to lack of + * entropy in RNG. + * -EIO: Unexpected error, retries are not advisable. + */ +static int sgx_update_svn(void) +{ + int ret; + + /* + * If EUPDATESVN is not available, it is ok to + * silently skip it to comply with legacy behavior. + */ + if (!cpu_feature_enabled(X86_FEATURE_SGX_EUPDATESVN)) + return 0; + + for (int i =3D 0; i < RDRAND_RETRY_LOOPS; i++) { + ret =3D __eupdatesvn(); + + /* Stop on success or unexpected errors: */ + if (ret !=3D SGX_INSUFFICIENT_ENTROPY) + break; + } + + /* + * SVN was already up-to-date. This is the most + * common case. + */ + if (ret =3D=3D SGX_NO_UPDATE) + return 0; + + /* + * SVN update failed due to lack of entropy in DRNG. + * Indicate to userspace that it should retry. + */ + if (ret =3D=3D SGX_INSUFFICIENT_ENTROPY) + return -EAGAIN; + + if (!ret) { + /* + * SVN successfully updated. + * Let users know when the update was successful. + */ + pr_info("SVN updated successfully\n"); + return 0; + } + + /* + * EUPDATESVN was called when EPC is empty, all other error + * codes are unexpected. + */ + ENCLS_WARN(ret, "EUPDATESVN"); + return -EIO; +} + int sgx_inc_usage_count(void) { atomic64_inc(&sgx_usage_count); --=20 2.45.2 From nobody Sun Dec 14 12:16:13 2025 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B11F8286D53; Thu, 22 May 2025 09:23:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.9 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905808; cv=none; b=hPYN0GEgO5Na8HcImhJGVZDAYmdt2e871MwjEGJtUr75ZNlBke9GlX8EjEBB9hPYM8m29Or6kcAzzP4pGmxsXn1rBrErMABDEr8NI27+NUqIQAw6rkwNXQR40GE+4ZFZwO/d+xPy37G9ATGEznM6+2J8rGZ2inB7xCk5A/maB7E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1747905808; c=relaxed/simple; bh=MinhFm0PGjr1VPx3DakOEMjlIRpdXNwH0lAO/loccDY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=rsa+PZz1NiiBKDT2l7thhvLBxGlQEUWrSLt60/evhw5DUXhLeJG5zqQmsw60EqDMjnx0q1af2FeYaiO9mrfa23K9vacatCAqVGxULoKm2d4NA7V8qJDzOtime59NCETrmkL0pzX1ZNLx175dBCkTBXXf9RctrSTbXp/ORtrxMHA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=djDVfTQK; arc=none smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="djDVfTQK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1747905807; x=1779441807; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MinhFm0PGjr1VPx3DakOEMjlIRpdXNwH0lAO/loccDY=; b=djDVfTQK2wcQhaDEuOYbMutSl71qmEe1uTPU4azKT5rp35zNyFbEsrgd yWSKAJEmEgmZMq4vTBp9Vc8GpYE93Fs7bntpYn87GLpub6C2IUHjH69Da nnx4in7mwdxrRhq43y2H9DZqVMYN8z3SkTlhI0b9GQus5JSZLpORi+fxO +Xr712ZYRGo9Y27EbZKXXweVunlB4l5/GlQKns0sKe/58205h8aSut9Ig 8TSrErh5VhkAHGhhEW/AGXDPcrq6hvTx74Al/LLht/b22mD4WkSIq7brN sOBUMf/WJk9D3fIK941hKahRI6yKhWxoBCfYRQBtW5VfcuSIA9jWZIGaN A==; X-CSE-ConnectionGUID: O4ia6yHzSqmThCofXP0I6g== X-CSE-MsgGUID: ggrPbB+4Ru623ONRdrHvUQ== X-IronPort-AV: E=McAfee;i="6700,10204,11440"; a="72445691" X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="72445691" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:27 -0700 X-CSE-ConnectionGUID: Aph0fXZaSWGZvzJJq74/Wg== X-CSE-MsgGUID: b3/qxbFcSS2hSM5pgvknZQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.15,305,1739865600"; d="scan'208";a="145662059" Received: from oandoniu-mobl3.ger.corp.intel.com (HELO eresheto-mobl3.ger.corp.intel.com) ([10.245.245.170]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 May 2025 02:23:21 -0700 From: Elena Reshetova To: dave.hansen@intel.com Cc: jarkko@kernel.org, seanjc@google.com, kai.huang@intel.com, mingo@kernel.org, linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, asit.k.mallick@intel.com, vincent.r.scarlata@intel.com, chongc@google.com, erdemaktas@google.com, vannapurve@google.com, dionnaglaze@google.com, bondarn@google.com, scott.raynor@intel.com, Elena Reshetova Subject: [PATCH v6 5/5] x86/sgx: Enable automatic SVN updates for SGX enclaves Date: Thu, 22 May 2025 12:21:38 +0300 Message-ID: <20250522092237.7895-6-elena.reshetova@intel.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20250522092237.7895-1-elena.reshetova@intel.com> References: <20250522092237.7895-1-elena.reshetova@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable =3D=3D Background =3D=3D ENCLS[EUPDATESVN] is a new SGX instruction [1] which allows enclave attestation to include information about updated microcode SVN without a reboot. Before an EUPDATESVN operation can be successful, all SGX memory (aka. EPC) must be marked as =E2=80=9Cunused=E2=80=9D in the SGX hardware m= etadata (aka.EPCM). This requirement ensures that no compromised enclave can survive the EUPDATESVN procedure and provides an opportunity to generate new cryptographic assets. =3D=3D Patch Contents =3D=3D Attempt to execute ENCLS[EUPDATESVN] every time the first file descriptor is obtained via sgx_(vepc_)open(). In the most common case the microcode SVN is already up-to-date, and the operation succeeds without updating SVN. If it fails with any other error code than SGX_INSUFFICIENT_ENTROPY, this is considered unexpected and the *open() returns an error. This should not happen in practice. On contrary, SGX_INSUFFICIENT_ENTROPY might happen due to a pressure on the system's DRNG (RDSEED) and therefore the *open() can be safely retried to allow normal enclave operation. [1] Runtime Microcode Updates with Intel Software Guard Extensions, https://cdrdv2.intel.com/v1/dl/getContent/648682 Signed-off-by: Elena Reshetova --- arch/x86/kernel/cpu/sgx/main.c | 35 ++++++++++++++++++++++++++++++++-- 1 file changed, 33 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c index 109d40c89fe8..73ec5ccff3ae 100644 --- a/arch/x86/kernel/cpu/sgx/main.c +++ b/arch/x86/kernel/cpu/sgx/main.c @@ -920,6 +920,8 @@ EXPORT_SYMBOL_GPL(sgx_set_attribute); =20 /* Counter to count the active SGX users */ static atomic64_t sgx_usage_count; +/* Mutex to ensure no concurrent EPC accesses during EUPDATESVN */ +static DEFINE_MUTEX(sgx_svn_lock); =20 /** * sgx_updatesvn() - Attempt to call ENCLS[EUPDATESVN]. @@ -989,8 +991,37 @@ static int sgx_update_svn(void) =20 int sgx_inc_usage_count(void) { - atomic64_inc(&sgx_usage_count); - return 0; + int ret; + + /* + * Increments from non-zero indicate potential other + * active EPC users and EUPDATESVN is not attempted. + */ + if (atomic64_inc_not_zero(&sgx_usage_count)) + return 0; + + /* + * Ensure no other concurrent threads can start + * touching EPC while EUPDATESVN is running. + */ + guard(mutex)(&sgx_svn_lock); + + if (atomic64_inc_not_zero(&sgx_usage_count)) + return 0; + + /* + * Attempt to call EUPDATESVN since EPC must be + * empty at this point. + */ + ret =3D sgx_update_svn(); + + /* + * If EUPDATESVN failed, return failure to sgx_(vepc_)open and + * do not increment the sgx_usage_count. + */ + if (!ret) + atomic64_inc(&sgx_usage_count); + return ret; } =20 void sgx_dec_usage_count(void) --=20 2.45.2