@@ -3,14 +3,25 @@
ifneq ($(KERNELRELEASE),)
+EXTRA_CFLAGS += -DHAVE_MMPUT_ASYNC
+EXTRA_CFLAGS += -DHAVE_KSYM_LOOKUP
+
obj-m += intel_sgx.o
intel_sgx-y := encl.o main.o reclaim.o driver.o ioctl.o
else
KDIR := /lib/modules/$(shell uname -r)/build
-
-INKERNEL_SGX :=$(shell cat $(KDIR)/.config | grep "CONFIG_INTEL_SGX=y")
+KSYM_MMPUT_ASYNC := $(shell grep "mmput_async\svmlinux\sEXPORT" $(KDIR)/Module.symvers)
+KSYM_LOOKUP := $(shell grep "kallsyms_lookup_name\svmlinux\sEXPORT" $(KDIR)/Module.symvers)
+EXTRA_CFLAGS :=
+ifneq ($(KSYM_MMPUT_ASYNC),)
+ EXTRA_CFLAGS += -DHAVE_MMPUT_ASYNC
+endif
+ifneq ($(KSYM_LOOKUP),)
+ EXTRA_CFLAGS += -DHAVE_KSYM_LOOKUP
+endif
+INKERNEL_SGX :=$(shell cat $(KDIR)/.config | grep "CONFIG_X86_SGX=y\|CONFIG_INTEL_SGX=y")
ifneq ($(INKERNEL_SGX),)
default:
$(error Can't install DCAP SGX driver with inkernel SGX support)
@@ -19,7 +30,7 @@ else
PWD := $(shell pwd)
default:
- $(MAKE) -C $(KDIR) M=$(PWD) CFLAGS_MODULE="-I$(PWD) -I$(PWD)/include" modules
+ $(MAKE) -C $(KDIR) M=$(PWD) CFLAGS_MODULE="-I$(PWD) -I$(PWD)/include $(EXTRA_CFLAGS)" modules
endif
endif
@@ -228,7 +228,9 @@ int sgx_encl_mm_add(struct sgx_encl *encl, struct mm_struct *mm)
* multiple encl_mm instances for a single mm_struct, i.e. it prevents
* races between checking sgx_encl_find_mm() and adding to mm_list.
*/
-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5,3,0))
+#if(LINUX_VERSION_CODE >= KERNEL_VERSION(5,8,0))
+ mmap_assert_write_locked(mm);
+#elif (LINUX_VERSION_CODE >= KERNEL_VERSION(5,3,0))
lockdep_assert_held_write(&mm->mmap_sem);
#else
lockdep_assert_held_exclusive(&mm->mmap_sem);
@@ -6,13 +6,13 @@
#include <linux/kthread.h>
#include <linux/pagemap.h>
#include <linux/ratelimit.h>
+#include <linux/sched/mm.h>
#include <linux/sched/signal.h>
#include <linux/slab.h>
#include "driver.h"
#include "encls.h"
#include <linux/module.h>
-#include <linux/version.h>
#include "version.h"
#include "dcap.h"
#ifndef MSR_IA32_FEAT_CTL
@@ -22,9 +22,7 @@
#ifndef FEAT_CTL_LOCKED
#define FEAT_CTL_LOCKED FEATURE_CONTROL_LOCKED
#endif
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0) )
void (*k_mmput_async)(struct mm_struct* mm);
-#endif
struct sgx_epc_section sgx_epc_sections[SGX_MAX_EPC_SECTIONS];
int sgx_nr_epc_sections;
@@ -303,15 +301,19 @@ static int __init sgx_init(void)
if (!sgx_page_cache_init())
return -EFAULT;
-
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0) )
+#ifdef HAVE_MMPUT_ASYNC
+ k_mmput_async = mmput_async;
+#else
+#ifdef HAVE_KSYM_LOOKUP
k_mmput_async = (void*)kallsyms_lookup_name("mmput_async");
+#else
+ #error "kernel version is not supported. We need either mmput_async or kallsyms_lookup_name exported from the kernel"
+#endif
+#endif
if (!k_mmput_async){
pr_err("intel_sgx: mmput_async support missing from kernel.\n");
return -EFAULT;
}
-#endif
-
if (!sgx_page_reclaimer_init())
goto err_page_cache;
@@ -14,9 +14,7 @@
#include "driver.h"
#include <linux/version.h>
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0) )
extern void (*k_mmput_async)(struct mm_struct* mm);
-#endif
struct task_struct *ksgxswapd_tsk;
DECLARE_WAIT_QUEUE_HEAD(ksgxswapd_waitq);
LIST_HEAD(sgx_active_page_list);
@@ -177,11 +175,7 @@ static bool sgx_reclaimer_age(struct sgx_epc_page *epc_page)
ret = !sgx_encl_test_and_clear_young(encl_mm->mm, page);
up_read(&encl_mm->mm->mmap_sem);
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0))
k_mmput_async(encl_mm->mm);
-#else
- mmput_async(encl_mm->mm);
-#endif
if (!ret || (atomic_read(&encl->flags) & SGX_ENCL_DEAD))
break;
@@ -228,11 +222,7 @@ static void sgx_reclaimer_block(struct sgx_epc_page *epc_page)
up_read(&encl_mm->mm->mmap_sem);
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0))
k_mmput_async(encl_mm->mm);
-#else
- mmput_async(encl_mm->mm);
-#endif
}
srcu_read_unlock(&encl->srcu, idx);
@@ -308,11 +298,7 @@ static const cpumask_t *sgx_encl_ewb_cpumask(struct sgx_encl *encl)
cpumask_or(cpumask, cpumask, mm_cpumask(encl_mm->mm));
-#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 4, 0))
k_mmput_async(encl_mm->mm);
-#else
- mmput_async(encl_mm->mm);
-#endif
}
srcu_read_unlock(&encl->srcu, idx);
BugLink: https://bugs.launchpad.net/bugs/1936240 https://github.com/intel/SGXDataCenterAttestationPrimitives ded9828792d9968f2db3b98adb8a66afc2d69a9f Linux Driver: look for exported symbols in Makefile In addition to the above commit, hard code HAVE_MMPUT_ASYNC and HAVE_KSYM_LOOKUP for v5.8. Since the Makefile is invoked directly by the kernel build, the DKMS logic that normally determines these macros is bypassed. However, we know what kernel version we're building and that these 2 macros should be set. Signed-off-by: Tim Gardner <tim.gardner@canonical.com> --- ubuntu/sgx/Makefile | 17 ++++++++++++++--- ubuntu/sgx/encl.c | 4 +++- ubuntu/sgx/main.c | 16 +++++++++------- ubuntu/sgx/reclaim.c | 14 -------------- 4 files changed, 26 insertions(+), 25 deletions(-)