Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes

From: Dave Hansen
Date: Fri Dec 03 2021 - 13:15:05 EST

Next message: Dmitry Baryshkov: "Re: [PATCH] drm/msm/dpu: removed logically dead code"
Previous message: Ard Biesheuvel: "Re: [PATCH v2] x86/sme: Explicitly map new EFI memmap table as encrypted"
In reply to: Reinette Chatre: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Next in thread: Reinette Chatre: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/1/21 11:23 AM, Reinette Chatre wrote:
> Enclave page permission changes need to be approached with care and
> for this reason this initial support is to allow enclave page
> permission changes _only_ if the new permissions are the same or
> more restrictive that the permissions originally vetted at the time the
> pages were added to the enclave. Support for extending enclave page
> permissions beyond what was originally vetted is deferred.

It's probably worth adding a few examples here:

* RWX => RW => RX => RW => R => RWX
* RW => R => RW
* RX => R => RX

Next message: Dmitry Baryshkov: "Re: [PATCH] drm/msm/dpu: removed logically dead code"
Previous message: Ard Biesheuvel: "Re: [PATCH v2] x86/sme: Explicitly map new EFI memmap table as encrypted"
In reply to: Reinette Chatre: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Next in thread: Reinette Chatre: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]