Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes

From: Reinette Chatre
Date: Fri Dec 03 2021 - 13:49:56 EST

Next message: Dmitry Baryshkov: "Re: [PATCH] drm/msm/a5xx: Add support for Adreno 506 GPU"
Previous message: Lucas De Marchi: "Re: [PATCH] x86/mm: Fix PAGE_KERNEL_IO removal breakage"
In reply to: Dave Hansen: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Next in thread: Andy Lutomirski: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Dave,

On 12/3/2021 10:14 AM, Dave Hansen wrote:

On 12/1/21 11:23 AM, Reinette Chatre wrote:

Enclave page permission changes need to be approached with care and
for this reason this initial support is to allow enclave page
permission changes _only_ if the new permissions are the same or
more restrictive that the permissions originally vetted at the time the
pages were added to the enclave. Support for extending enclave page
permissions beyond what was originally vetted is deferred.

It's probably worth adding a few examples here:

* RWX => RW => RX => RW => R => RWX
* RW => R => RW
* RX => R => RX

Indeed - that would make the implications of this change clear.

Will do. Thank you very much.

Reinette

Next message: Dmitry Baryshkov: "Re: [PATCH] drm/msm/a5xx: Add support for Adreno 506 GPU"
Previous message: Lucas De Marchi: "Re: [PATCH] x86/mm: Fix PAGE_KERNEL_IO removal breakage"
In reply to: Dave Hansen: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Next in thread: Andy Lutomirski: "Re: [PATCH 10/25] x86/sgx: Support enclave page permission changes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]