On Thu, 2025-08-14 at 10:34 +0300, Reshetova, Elena wrote: > All running enclaves and cryptographic assets (such as internal SGX > encryption keys) are assumed to be compromised whenever an SGX-related > microcode update occurs. To mitigate this assumed compromise the new > supervisor SGX instruction ENCLS[EUPDATESVN] can generate fresh > cryptographic assets. > > Before executing EUPDATESVN, all SGX memory must be marked as unused. This > requirement ensures that no potentially compromised enclave survives the > update and allows the system to safely regenerate cryptographic assets. > > Add the method to perform ENCLS[EUPDATESVN]. However, until the follow up > patch that wires calling sgx_update_svn() from sgx_inc_usage_count(), this > code is not reachable. > > Reviewed-by: Jarkko Sakkinen <[email protected]> > Signed-off-by: Elena Reshetova <[email protected]>
Reviewed-by: Kai Huang <[email protected]> > > + * Return: > + * * %0: - Success or not supported > + * * %-EAGAIN: - Can be safely retried, failure is due to lack > of > + * * entropy in RNG Nit: if another version is ever needed, I think it would be better to make the text vertical aligned w/o the leading '-', i.e., * %-EAGAIN: - Can be .... entropy in RNG. .. instead of * %-EAGAIN: - Can be .... entropy in RNG.
