Date: Tue, 19 Mar 2019 02:33:59 +0000 (UTC) From: Marcin Wojtas <mw@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r345288 - head/sys/amd64/sgx Message-ID: <201903190233.x2J2Xxu2084477@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mw Date: Tue Mar 19 02:33:58 2019 New Revision: 345288 URL: https://svnweb.freebsd.org/changeset/base/345288 Log: Prevent loading SGX with incorrect EPC data It may happen on some machines, that even if SGX is disabled in firmware, the driver would still attach despite EPC base and size equal zero. Such behaviour causes a kernel panic when the module is unloaded. Add a simple check to make sure we only attach when these values are correctly set. Submitted by: Kornel Duleba <mindal@semihalf.com> Reviewed by: br Obtained from: Semihalf Sponsored by: Stormshield Differential Revision: https://reviews.freebsd.org/D19595 Modified: head/sys/amd64/sgx/sgx.c Modified: head/sys/amd64/sgx/sgx.c ============================================================================== --- head/sys/amd64/sgx/sgx.c Tue Mar 19 00:29:18 2019 (r345287) +++ head/sys/amd64/sgx/sgx.c Tue Mar 19 02:33:58 2019 (r345288) @@ -1075,6 +1075,12 @@ sgx_get_epc_area(struct sgx_softc *sc) (cp[2] & 0xfffff000); sc->npages = sc->epc_size / SGX_PAGE_SIZE; + if (sc->epc_size == 0 || sc->epc_base == 0) { + printf("%s: Incorrect EPC data: EPC base %lx, size %lu\n", + __func__, sc->epc_base, sc->epc_size); + return (EINVAL); + } + if (cp[3] & 0xffff) sc->enclave_size_max = (1 << ((cp[3] >> 8) & 0xff)); else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201903190233.x2J2Xxu2084477>