0001-Fix-compilation-on-5.8-kernel-120.patch

@@ -0,0 +1,207 @@
+From 276c5c6a064d22358542f5e0aa96b1c0ace5d695 Mon Sep 17 00:00:00 2001
+From: Don Porter <porter@cs.unc.edu>
+Date: Wed, 2 Sep 2020 14:26:40 -0400
+Subject: [PATCH 1/1] Fix compilation on 5.8 kernel (#120)
+
+* Fix compilation on 5.8 kernel
+
+Signed-off-by: Don Porter <porter@cs.unc.edu>
+
+* Address review comments
+
+* Address review comments
+
+Signed-off-by: chenmaodong <chenmaodong@huawei.com>
+---
+ sgx_encl.c       | 30 ++++++++++++++++++++++++++----
+ sgx_encl2.c      | 19 ++++++++++++++++++-
+ sgx_ioctl.c      |  9 +++++++++
+ sgx_page_cache.c |  9 +++++++++
+ 4 files changed, 62 insertions(+), 5 deletions(-)
+
+diff --git a/sgx_encl.c b/sgx_encl.c
+index 44439c8..04a1b9c 100644
+--- a/sgx_encl.c
++++ b/sgx_encl.c
+@@ -316,7 +316,11 @@ static void sgx_add_page_worker(struct work_struct *work)
+ 			goto next;
+ 		}
+ 
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++		mmap_read_lock(encl->mm);
++#else
+ 		down_read(&encl->mm->mmap_sem);
++#endif
+ 		mutex_lock(&encl->lock);
+ 
+ 		if (!sgx_process_add_page_req(req, epc_page)) {
+@@ -325,7 +329,11 @@ static void sgx_add_page_worker(struct work_struct *work)
+ 		}
+ 
+ 		mutex_unlock(&encl->lock);
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++		mmap_read_unlock(encl->mm);
++#else
+ 		up_read(&encl->mm->mmap_sem);
++#endif
+ 
+ next:
+ 		kfree(req);
+@@ -639,31 +647,45 @@ int sgx_encl_create(struct sgx_secs *secs)
+ 		goto out;
+ 	}
+ 
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_lock(current->mm);
++#else
+ 	down_read(&current->mm->mmap_sem);
++#endif
+ 	ret = sgx_encl_find(current->mm, secs->base, &vma);
+ 	if (ret != -ENOENT) {
+ 		if (!ret)
+ 			ret = -EINVAL;
+-		up_read(&current->mm->mmap_sem);
+-		goto out;
++		goto out_locked;
+ 	}
+ 
+ 	if (vma->vm_start != secs->base ||
+ 	    vma->vm_end != (secs->base + secs->size)
+ 	    /* vma->vm_pgoff != 0 */) {
+ 		ret = -EINVAL;
+-		up_read(&current->mm->mmap_sem);
+-		goto out;
++		goto out_locked;
+ 	}
+ 
+ 	vma->vm_private_data = encl;
++
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_unlock(current->mm);
++#else
+ 	up_read(&current->mm->mmap_sem);
++#endif
+ 
+ 	mutex_lock(&sgx_tgid_ctx_mutex);
+ 	list_add_tail(&encl->encl_list, &encl->tgid_ctx->encl_list);
+ 	mutex_unlock(&sgx_tgid_ctx_mutex);
+ 
+ 	return 0;
++out_locked:
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_unlock(current->mm);
++#else
++	up_read(&current->mm->mmap_sem);
++#endif
++
+ out:
+ 	if (encl)
+ 		kref_put(&encl->refcount, sgx_encl_release);
+diff --git a/sgx_encl2.c b/sgx_encl2.c
+index 2f5064f..0122efd 100644
+--- a/sgx_encl2.c
++++ b/sgx_encl2.c
+@@ -234,12 +234,22 @@ static int isolate_range(struct sgx_encl *encl,
+ 
+ 	address = rg->start_addr;
+ 	end = address + rg->nr_pages * PAGE_SIZE;
++
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_lock(encl->mm);
++#else
+ 	down_read(&encl->mm->mmap_sem);
++#endif
++
+ 
+ 	for (; address < end; address += PAGE_SIZE) {
+ 		ret = sgx_encl_find(encl->mm, address, &vma);
+ 		if (ret || encl != vma->vm_private_data) {
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++			mmap_read_unlock(encl->mm);
++#else
+ 			up_read(&encl->mm->mmap_sem);
++#endif
+ 			return -EINVAL;
+ 		}
+ 
+@@ -250,7 +260,11 @@ static int isolate_range(struct sgx_encl *encl,
+ 						   SGX_FAULT_RESERVE, NULL);
+ 
+ 		if (IS_ERR(encl_page)) {
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++			mmap_read_unlock(encl->mm);
++#else
+ 			up_read(&encl->mm->mmap_sem);
++#endif
+ 			sgx_err(encl, "sgx: No page found at address 0x%lx\n",
+ 				 address);
+ 			return PTR_ERR(encl_page);
+@@ -264,8 +278,11 @@ static int isolate_range(struct sgx_encl *encl,
+ 		encl_page->flags &= ~SGX_ENCL_PAGE_RESERVED;
+ 		mutex_unlock(&encl->lock);
+ 	}
+-
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_unlock(encl->mm);
++#else
+ 	up_read(&encl->mm->mmap_sem);
++#endif
+ 	return 0;
+ }
+ 
+diff --git a/sgx_ioctl.c b/sgx_ioctl.c
+index 0b3476d..56ab1e6 100644
+--- a/sgx_ioctl.c
++++ b/sgx_ioctl.c
+@@ -82,7 +82,11 @@ int sgx_get_encl(unsigned long addr, struct sgx_encl **encl)
+ 	if (addr & (PAGE_SIZE - 1))
+ 		return -EINVAL;
+ 
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_lock(mm);
++#else
+ 	down_read(&mm->mmap_sem);
++#endif
+ 
+ 	ret = sgx_encl_find(mm, addr, &vma);
+ 	if (!ret) {
+@@ -94,7 +98,12 @@ int sgx_get_encl(unsigned long addr, struct sgx_encl **encl)
+ 			kref_get(&(*encl)->refcount);
+ 	}
+ 
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_unlock(mm);
++#else
+ 	up_read(&mm->mmap_sem);
++#endif
++
+ 	return ret;
+ }
+ 
+diff --git a/sgx_page_cache.c b/sgx_page_cache.c
+index 3770ad4..77bea6e 100644
+--- a/sgx_page_cache.c
++++ b/sgx_page_cache.c
+@@ -376,10 +376,19 @@ static void sgx_swap_pages(unsigned long nr_to_scan)
+ 	if (!encl)
+ 		goto out;
+ 
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_lock(encl->mm);
++#else
+ 	down_read(&encl->mm->mmap_sem);
++#endif
++
+ 	sgx_isolate_pages(encl, &cluster, nr_to_scan);
+ 	sgx_write_pages(encl, &cluster);
++#if (LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0))
++	mmap_read_unlock(encl->mm);
++#else
+ 	up_read(&encl->mm->mmap_sem);
++#endif
+ 
+ 	kref_put(&encl->refcount, sgx_encl_release);
+ out:
+-- 
+1.8.3.1
+

0001-Modify-the-vm_flags-variable-through-interfaces.patch

@@ -1,32 +0,0 @@
-From 753fd239a08e331168f7fac6fed1f2c9f5632fe4 Mon Sep 17 00:00:00 2001
-From: zhoushuiqing <zhoushuiqing2@huawei.com>
-Date: Mon, 24 Jul 2023 15:08:24 +0800
-Subject: [PATCH] Modify the vm_flags variable through interfaces
-The kernel has set the vm_flags variable as const and provided a series of 
-interfaces to manipulate it. Therefore, it is necessary to make appropriate 
-modifications to the code in linux-sgx-driver.
-
-the kernel commit is https://github.com/torvalds/linux/commit/bc292ab00f6c7a661a8a605c714e8a148f629ef6
----
- sgx_main.c | 5 ++---
- 1 file changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/sgx_main.c b/sgx_main.c
-index ca52821..75951a2 100644
---- a/sgx_main.c
-+++ b/sgx_main.c
-@@ -109,9 +109,8 @@ bool sgx_has_sgx2;
- static int sgx_mmap(struct file *file, struct vm_area_struct *vma)
- {
- 	vma->vm_ops = &sgx_vm_ops;
--	vma->vm_flags |= VM_PFNMAP | VM_DONTEXPAND | VM_DONTDUMP | VM_IO |
--			 VM_DONTCOPY;
--
-+	vm_flags_set(vma, VM_PFNMAP | VM_DONTEXPAND | VM_DONTDUMP | VM_IO |
-+			 VM_DONTCOPY);
- 	return 0;
- }
- 
--- 
-2.33.0
-

0002-Use-cpuid-instead-of-boot_cpu_has-to-check-cpu-features.patch

@@ -0,0 +1,30 @@
+From ed2c256929962db1a8805db53bed09bb8f2f4de3 Mon Sep 17 00:00:00 2001
+From: Haitao Huang <4699115+haitaohuang@users.noreply.github.com>
+Date: Fri, 16 Apr 2021 20:12:10 +0000
+Subject: [PATCH] Use cpuid instead of boot_cpu_has to check cpu features
+
+For non-FLC platforms, Linux kernel 5.11 or above disables sgx feature flag
+so boot_cpu_has is not usable.
+
+Signed-off-by: Haitao Huang <4699115+haitaohuang@users.noreply.github.com>
+---
+ sgx_main.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sgx_main.c b/sgx_main.c
+index 4ff4e2b..ca52821 100644
+--- a/sgx_main.c
++++ b/sgx_main.c
+@@ -313,7 +313,8 @@ static int sgx_drv_probe(struct platform_device *pdev)
+ 	if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL)
+ 		return -ENODEV;
+ 
+-	if (!boot_cpu_has(X86_FEATURE_SGX)) {
++	cpuid(7, &eax, &ebx, &ecx, &edx);
++	if(!((ebx >> 2) & 0x1)){
+ 		pr_err("intel_sgx: the CPU is missing SGX\n");
+ 		return -ENODEV;
+ 	}
+-- 
+2.27.0
+

linux-sgx-driver.spec

@@ -1,6 +1,6 @@
 Name:		linux-sgx-driver
-Version:	2.14
+Version:	2.11
-Release:	2
+Release:	7
 Summary:	Intel SGX Linux* Driver
 ExclusiveArch:	x86_64
 License:	BSD-3-Clause and GPL-2.0 License
@@ -8,7 +8,8 @@ URL:		https://github.com/intel/linux-sgx-driver
 Source0:	https://github.com/intel/linux-sgx-driver/archive/sgx_driver_%{version}.tar.gz
 
 BuildRequires:	gcc kernel-devel make module-init-tools glibc uname-build-checks elfutils-devel
-Patch0:     0001-Modify-the-vm_flags-variable-through-interfaces.patch
+Patch0:		0001-Fix-compilation-on-5.8-kernel-120.patch
+Patch1:		0002-Use-cpuid-instead-of-boot_cpu_has-to-check-cpu-features.patch
 
 %define     kern_devel_ver  %(uname -r)
 Requires:   kernel=%{kern_devel_ver}
@@ -26,7 +27,7 @@ software stack, which will be used until the driver upstreaming process is compl
 
 
 %prep
-%autosetup -n %{name}-sgx_driver_2.14 -p1
+%autosetup -n %{name}-sgx_driver_2.11 -p1
 
 %build
 make
@@ -61,18 +62,6 @@ sed -i '/^isgx$/d' /etc/modules
 
 
 %changelog
-* Mon Jul 24 2023 zhoushuiqing <zhoushuiqing2@huawei.com> - 2.14-2
-- fix the compile error of vm_flags
-
-* Mon Jan 30 2023 wangyunjia <yunjia.wang@huawei.com> - 2.14-1
-- Update version to 2.14
-
-* Fri Dec 30 2022 xuxinyu <xuxinyu@xfusion.com> - 2.11-9
-- Update supported OSes by referring to releases
-
-* Thu Dec 29 2022 xuxinyu <xuxinyu@xfusion.com> - 2.11-8
-- Clean more files
-
 * Mon Jun 13 2022 wangyu <wangyu283@huawei.com> - 2.11-7
 - kernel 5.10 backport kernel 5.11 sgx driver patch, disables sgx feature flag for non-FLC platforms
 - use cpuid instead of boot_cpu_has to check cpu features
@@ -80,7 +69,7 @@ sed -i '/^isgx$/d' /etc/modules
 * Wed Sep 8 2021 wangcheng <wangcheng156@huawei.com> - 2.11.6
 - add elfutils-devel as BuildRequire to solve building error
 
-* Mon Jul 19 2021 chenmaodong <chenmaodong@huawei.com> - 2.11.5
+* Thu Aug 19 2021 chenmaodong <chenmaodong@huawei.com> - 2.11.5
 - set the requiers of kernel version with linux-sgx-driver building environment kernel
 
 * Thu Jul 1 2021 zhangguangzhi <zhangguangzhi3@huawei.com> - 2.11.4