RE: [PATCH v14 5/5] x86/sgx: Enable automatic SVN updates for SGX enclaves
From: Reshetova, Elena
Date: Fri Aug 15 2025 - 02:59:46 EST
> -----Original Message-----
> From: Huang, Kai <kai.huang@xxxxxxxxx>
> Sent: Friday, August 15, 2025 12:41 AM
> To: Reshetova, Elena <elena.reshetova@xxxxxxxxx>; Hansen, Dave
> <dave.hansen@xxxxxxxxx>
> Cc: seanjc@xxxxxxxxxx; mingo@xxxxxxxxxx; Scarlata, Vincent R
> <vincent.r.scarlata@xxxxxxxxx>; x86@xxxxxxxxxx; jarkko@xxxxxxxxxx;
> Annapurve, Vishal <vannapurve@xxxxxxxxxx>; linux-kernel@xxxxxxxxxxxxxxx;
> Mallick, Asit K <asit.k.mallick@xxxxxxxxx>; Aktas, Erdem
> <erdemaktas@xxxxxxxxxx>; Cai, Chong <chongc@xxxxxxxxxx>; Bondarevska,
> Nataliia <bondarn@xxxxxxxxxx>; linux-sgx@xxxxxxxxxxxxxxx; Raynor, Scott
> <scott.raynor@xxxxxxxxx>
> Subject: Re: [PATCH v14 5/5] x86/sgx: Enable automatic SVN updates for SGX
> enclaves
>
> On Thu, 2025-08-14 at 09:50 -0700, Dave Hansen wrote:
> > On 8/14/25 00:34, Elena Reshetova wrote:
> > > +/* Mutex to ensure no concurrent EPC accesses during EUPDATESVN */
> > > +static DEFINE_MUTEX(sgx_svn_lock);
> > > +
> > > int sgx_inc_usage_count(void)
> > > {
> > > + int ret;
> > > +
> > > + guard(mutex)(&sgx_svn_lock);
> > > +
> > > + if (!sgx_usage_count) {
> > > + ret = sgx_update_svn();
> > > + if (ret)
> > > + return ret;
> > > + }
> > > +
> > > + sgx_usage_count++;
> > > +
> > > return 0;
> > > }
> > >
> > > void sgx_dec_usage_count(void)
> > > {
> > > - return;
> > > + sgx_usage_count--;
> > > }
> >
> > How is a plain int-- safe?
> >
> > Where's the locking?
>
> Sorry I missed this during review too.
My line of thinking went that we don't actually
care or act on decrement (it is not a true ref counter)
and therefore, races here are ok. What I forgot is that
we loose basic atomicity also with plain int ((
I would personally like to go back to atomic (this is
what it is exactly for), but I can also just add another
mutex here. Preferences?
Best Regards,
Elena.