[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181031213036.GA23089@linux.intel.com>
Date: Wed, 31 Oct 2018 14:30:36 -0700
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Dave Hansen <dave.hansen@...el.com>
Cc: Jethro Beekman <jethro@...tanix.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
Andy Lutomirski <luto@...capital.net>,
Andrew Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>,
Platform Driver <platform-driver-x86@...r.kernel.org>,
"nhorman@...hat.com" <nhorman@...hat.com>,
"npmccallum@...hat.com" <npmccallum@...hat.com>,
"Ayoun, Serge" <serge.ayoun@...el.com>,
"shay.katz-zamir@...el.com" <shay.katz-zamir@...el.com>,
"linux-sgx@...r.kernel.org" <linux-sgx@...r.kernel.org>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v14 09/19] x86/mm: x86/sgx: Signal SEGV_SGXERR for #PFs
w/ PF_SGX
On Mon, Oct 01, 2018 at 03:03:30PM -0700, Dave Hansen wrote:
> On 10/01/2018 02:42 PM, Jethro Beekman wrote:
> >
> > 1) Even though the vDSO function exists, userspace may still call
> > `ENCLU[EENTER]` manually, so the fault handling as described in the
> > current patch should also be maintained.
>
> Why?
Circling back to this question, what if we take the easy way out and
simply signal SIGSEGV without an SGX-specific code? I.e. treat #PF
with X86_PF_SGX as an access error, no more no less. That should be
sufficient for userspace to function, albeit with a little more effort,
but presumably no more than would be needed to run on SGX1 hardware.
AFAIK there isn't a way to prevent userspace from manually invoking
EENTER, short of doing some really nasty text poking or PTE swizzling.
We could declare using EENTER as unsupported, but that seems like
cutting off the nose to spite the face. Supporting userspace EENTER
in a limited capacity would allow people to do whatever crazy tricks
they're wont to do without having to deal with absurd requests for
the vDSO interface.
If we go this route we could also add the vDSO stuff after basic SGX
support is in mainline, obviously with approval from the powers that
be.
Powered by blists - more mailing lists