Enable /dev/sgx_vepc access for the group 'sgx'

Enable /dev/sgx_vepc access for the group 'sgx', which allows KVM-backed VMs to host Intel Software Guard eXtension (SGX) enclaves. The upcoming QEMU 6.2 uses /dev/sgx_vepc to reserve portions of Enclave Page Cache (EPC) for VMs. EPC is the reserved physical memory used for hosting enclaves.
author: Jarkko Sakkinen <jarkko.sakkinen@iki.fi> 2021-12-11 06:39:59 +0200
committer: Luca Boccassi <luca.boccassi@gmail.com> 2021-12-12 11:02:21 +0000
commit: b5d3138f9177bbc3505f42ba073d08d4f90b4888 (patch)
tree: 534fad0c09c417de49748c0f44b075a4f7e2007b /rules.d
parent: 6d7bc744ce851e3ea5ee1dd15142c27ba90ff0b6 (diff)
download: systemd-b5d3138f9177bbc3505f42ba073d08d4f90b4888.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in
index aead6b9ca2..8fae58f115 100644
--- a/rules.d/50-udev-default.rules.in
+++ b/rules.d/50-udev-default.rules.in
@@ -41,6 +41,7 @@ SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="{{GROUP_RENDER_MODE}
 SUBSYSTEM=="kfd", GROUP="render", MODE="{{GROUP_RENDER_MODE}}"
 
 SUBSYSTEM=="misc", KERNEL=="sgx_enclave", GROUP="sgx", MODE="0660"
+SUBSYSTEM=="misc", KERNEL=="sgx_vepc", GROUP="sgx", MODE="0660"
 
 # When using static_node= with non-default permissions, also update
 # tmpfiles.d/static-nodes-permissions.conf.in to keep permissions synchronized.
author	Jarkko Sakkinen <jarkko.sakkinen@iki.fi>	2021-12-11 06:39:59 +0200
committer	Luca Boccassi <luca.boccassi@gmail.com>	2021-12-12 11:02:21 +0000
commit	b5d3138f9177bbc3505f42ba073d08d4f90b4888 (patch)
tree	534fad0c09c417de49748c0f44b075a4f7e2007b /rules.d
parent	6d7bc744ce851e3ea5ee1dd15142c27ba90ff0b6 (diff)
download	systemd-b5d3138f9177bbc3505f42ba073d08d4f90b4888.tar.gz