Re: [PATCH v14 4/5] x86/sgx: Implement ENCLS[EUPDATESVN]
From: Huang, Kai
Date: Thu Aug 14 2025 - 05:47:52 EST
On Thu, 2025-08-14 at 10:34 +0300, Reshetova, Elena wrote:
> All running enclaves and cryptographic assets (such as internal SGX
> encryption keys) are assumed to be compromised whenever an SGX-related
> microcode update occurs. To mitigate this assumed compromise the new
> supervisor SGX instruction ENCLS[EUPDATESVN] can generate fresh
> cryptographic assets.
>
> Before executing EUPDATESVN, all SGX memory must be marked as unused. This
> requirement ensures that no potentially compromised enclave survives the
> update and allows the system to safely regenerate cryptographic assets.
>
> Add the method to perform ENCLS[EUPDATESVN]. However, until the follow up
> patch that wires calling sgx_update_svn() from sgx_inc_usage_count(), this
> code is not reachable.
>
> Reviewed-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
> Signed-off-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
Reviewed-by: Kai Huang <kai.huang@xxxxxxxxx>
>
> + * Return:
> + * * %0: - Success or not supported
> + * * %-EAGAIN: - Can be safely retried, failure is due to lack of
> + * * entropy in RNG
Nit: if another version is ever needed, I think it would be better to make
the text vertical aligned w/o the leading '-', i.e.,
* %-EAGAIN: - Can be ....
entropy in RNG.
.. instead of
* %-EAGAIN: - Can be ....
entropy in RNG.