| /linux/Documentation/arch/x86/ |
| H A D | sgx.rst | 4 Software Guard eXtensions (SGX)
10 Software Guard eXtensions (SGX) hardware enables for user space applications
27 ``grep sgx /proc/cpuinfo``
29 SGX must both be supported in the processor and enabled by the BIOS. If SGX
32 and "Software Enabled" modes for SGX, choose "Enabled".
37 SGX utilizes an *Enclave Page Cache (EPC)* to store pages that are associated
40 the enclave during enclave construction with special, limited SGX instructions.
51 **SGX Enclave Control Structure (SECS)**
79 For all intents and purposes, the SGX architecture allows the processor to
90 In addition to the traditional compiler and linker build process, SGX has a
[all …]
|
| /linux/arch/x86/kernel/cpu/sgx/ |
| H A D | sgx.h | 11 #include <asm/sgx.h>
14 #define pr_fmt(fmt) "sgx: " fmt
17 "EREMOVE returned %d (0x%x) and an EPC page was leaked. SGX may become unusable. " \
18 "Refer to Documentation/arch/x86/sgx.rst for more information."
|
| H A D | virt.c | 3 * Device driver to expose SGX enclave memory to KVM guests.
15 #include <asm/sgx.h>
16 #include <uapi/asm/sgx.h>
19 #include "sgx.h"
310 /* SGX virtualization requires KVM to work */ in sgx_vepc_init()
342 * userspace. This can fault and call SGX or other fault handlers when in sgx_virt_ecreate()
400 * in host, SGX driver may rewrite the hardware values at wish, therefore KVM
|
| H A D | driver.c | 154 …pr_info("SGX disabled: SGX launch control CPU feature is not available, /dev/sgx_enclave disabled.… in sgx_drv_init()
161 pr_info("SGX disabled: SGX1 instruction support not available, /dev/sgx_enclave disabled.\n"); in sgx_drv_init()
179 pr_info("SGX disabled: Unable to register the /dev/sgx_enclave driver (%d).\n", ret); in sgx_drv_init()
|
| H A D | driver.h | 11 #include <uapi/asm/sgx.h>
12 #include "sgx.h"
|
| H A D | encls.h | 12 #include "sgx.h"
60 * And because SGX isn't complex enough as it is, function that return an error
65 * SGX error code on failure
139 /* Initialize an EPC page into an SGX Enclave Control Structure (SECS) page. */
|
| H A D | main.c | 18 #include <asm/sgx.h>
93 * page is now sanitized. Make it available via the SGX in __sgx_sanitize_pages()
388 * in locations where SGX memory resources might be low and might be
674 * error in an SGX EPC page.
688 * includes other address ranges besides SGX. in arch_memory_failure()
695 * the task. Hardware has already exited the SGX enclave and in arch_memory_failure()
760 /* Make all x86/ attributes invisible when SGX is not initialized: */ in arch_node_attr_is_visible()
839 /* Make SGX-specific node sysfs files visible: */ in sgx_page_cache_init()
|
| H A D | ioctl.c | 5 #include <asm/sgx.h>
85 backing = shmem_file_setup("SGX backing", encl_size + (encl_size >> 5), in sgx_encl_create()
664 * Some SGX functions require that no cached linear-to-physical address
671 * SGX function requiring that no cached linear-to-physical mappings
744 * SGX pages. Attempting this change on other pages will in sgx_enclave_restrict_permissions()
862 * sgx_enclave_modify_types() - Modify type of SGX enclave pages
1063 * sgx_encl_remove_pages() - Remove trimmed pages from SGX enclave
|
| /linux/arch/x86/include/asm/ |
| H A D | sgx.h | 5 * Intel Software Guard Extensions (SGX) support.
14 * This file contains both data structures defined by SGX architecture and Linux
19 /* The SGX specific CPUID function. */
56 * type of fault and on the exact SGX error code, i.e. we can't simply
61 * between positive (faults and SGX error codes) and negative (system
150 * struct sgx_secs - SGX Enclave Control Structure (SECS)
164 * SGX Enclave Control Structure (SECS) is a special enclave page that is not
409 * Do not put any hardware-defined SGX structure representations below this
|
| /linux/Documentation/admin-guide/hw-vuln/ |
| H A D | special-register-buffer-data-sampling.rst | 11 RDRAND, RDSEED and SGX EGETKEY.
88 Software Guard Extensions (Intel SGX) enclaves. On logical processors that
91 processors memory accesses. The opt-out mechanism does not affect Intel SGX
103 disables the mitigation for RDRAND and RDSEED executed outside of an Intel SGX
108 Note that inside of an Intel SGX enclave, the mitigation is applied regardless
|
| H A D | gather_data_sampling.rst | 32 Non-enclaves can infer SGX enclave data
39 lower-privilege contexts like guests and when running outside SGX enclaves.
41 The hardware enforces the mitigation for SGX. Likewise, VMMs should ensure
|
| /linux/tools/testing/selftests/sgx/ |
| H A D | defines.h | 19 #include "../../../../arch/x86/include/asm/sgx.h"
21 #include "../../../../arch/x86/include/uapi/asm/sgx.h"
|
| /linux/arch/x86/entry/vdso/ |
| H A D | extable.c | 22 * whether or not a #DB/#BP originated from within an SGX enclave and in fixup_vdso_exception()
23 * SGX enclaves are currently the only use case for vDSO fixup. in fixup_vdso_exception()
|
| /linux/drivers/scsi/qla2xxx/ |
| H A D | qla_iocb.c | 793 qla24xx_get_one_block_sg(uint32_t blk_sz, struct qla2_sgx *sgx, in qla24xx_get_one_block_sg() argument
800 if (sgx->num_bytes == sgx->tot_bytes) in qla24xx_get_one_block_sg()
803 sg = sgx->cur_sg; in qla24xx_get_one_block_sg()
804 cumulative_partial = sgx->tot_partial; in qla24xx_get_one_block_sg()
809 sgx->dma_addr = sg_dma_addr + sgx->bytes_consumed; in qla24xx_get_one_block_sg()
811 if ((cumulative_partial + (sg_len - sgx->bytes_consumed)) >= blk_sz) { in qla24xx_get_one_block_sg()
812 sgx->dma_len = (blk_sz - cumulative_partial); in qla24xx_get_one_block_sg()
813 sgx->tot_partial = 0; in qla24xx_get_one_block_sg()
814 sgx->num_bytes += blk_sz; in qla24xx_get_one_block_sg()
817 sgx->dma_len = sg_len - sgx->bytes_consumed; in qla24xx_get_one_block_sg()
[all …]
|
| /linux/arch/arm/boot/dts/ti/omap/ |
| H A D | omap34xx.dtsi | 151 * at all unlike on 36xx. Maybe SGX is permanently set to
153 * write-only at 0x50000e10. We detect SGX based on the SGX
|
| H A D | am3517.dtsi | 151 * similar to the omap34xx. Maybe SGX is permanently set to
153 * write-only at 0x50000e10. We detect SGX based on the SGX
|
| /linux/Documentation/devicetree/bindings/gpu/ |
| H A D | apple,agx.yaml | 33 - const: sgx
84 reg-names = "asc", "sgx";
|
| H A D | img,powervr-sgx.yaml | 6 $id: http://devicetree.org/schemas/gpu/img,powervr-sgx.yaml#
9 title: Imagination Technologies PowerVR SGX GPUs
|
| /linux/drivers/iio/chemical/ |
| H A D | vz89x.c | 3 * vz89x.c - Support for SGX Sensortech MiCS VZ89X VOC sensors
345 { .compatible = "sgx,vz89x", .data = &vz89x_chips[VZ89X] },
346 { .compatible = "sgx,vz89te", .data = &vz89x_chips[VZ89TE] },
405 MODULE_DESCRIPTION("SGX Sensortech MiCS VZ89X VOC sensors");
|
| H A D | Kconfig | 253 tristate "SGX Sensortech MiCS VZ89X VOC sensor"
256 Say Y here to build I2C interface support for the SGX
|
| /linux/drivers/bus/ |
| H A D | omap_l3_smx.h | 146 /* SGX has 1 ID */
208 /* SGX IA */
275 /* SGX TA */
|
| /linux/arch/x86/include/uapi/asm/ |
| H A D | sgx.h | 93 * @result: (output) SGX result code of ENCLS[EMODPR] function
111 * @result: (output) SGX result code of ENCLS[EMODT] function
189 * a vDSO function to enter an SGX enclave.
|
| /linux/Documentation/devicetree/bindings/ |
| H A D | trivial-devices.yaml | 370 # SGX Sensortech VZ89X Sensors
371 - sgx,vz89x
372 # SGX Sensortech VZ89TE Sensors
373 - sgx,vz89te
|
| /linux/arch/x86/kvm/ |
| H A D | Kconfig | 123 bool "Software Guard eXtensions (SGX) Virtualization"
127 Enables KVM guests to create SGX enclaves.
|
| /linux/Documentation/firmware-guide/acpi/apei/ |
| H A D | einj.rst | 251 Special notes for injection into SGX enclaves:
253 There may be a separate BIOS setup option to enable SGX injection.
257 address. But the h/w prevents any software outside of an SGX enclave
|