[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181118071548.GA4795@linux.intel.com>
Date: Sun, 18 Nov 2018 09:15:48 +0200
From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To: Andy Lutomirski <luto@...nel.org>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>,
"Christopherson, Sean J" <sean.j.christopherson@...el.com>,
Jethro Beekman <jethro@...tanix.com>,
Florian Weimer <fweimer@...hat.com>,
Linux API <linux-api@...r.kernel.org>,
Jann Horn <jannh@...gle.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
X86 ML <x86@...nel.org>,
linux-arch <linux-arch@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Rich Felker <dalias@...c.org>, nhorman@...hat.com,
npmccallum@...hat.com, "Ayoun, Serge" <serge.ayoun@...el.com>,
shay.katz-zamir@...el.com, linux-sgx@...r.kernel.org,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>
Subject: Re: RFC: userspace exception fixups
On Thu, Nov 01, 2018 at 10:53:40AM -0700, Andy Lutomirski wrote:
> Hi all-
>
> The people working on SGX enablement are grappling with a somewhat
> annoying issue: the x86 EENTER instruction is used from user code and
> can, as part of its normal-ish operation, raise an exception. It is
> also highly likely to be used from a library, and signal handling in
> libraries is unpleasant at best.
>
> There's been some discussion of adding a vDSO entry point to wrap
> EENTER and do something sensible with the exceptions, but I'm
> wondering if a more general mechanism would be helpful.
I haven't really followed all of this discussion because I've been busy
working on the patch set but for me all of these approaches look awfully
complicated.
I'll throw my own suggestion and apologize if this has been already
suggested and discarded: return-to-AEP.
My idea is to do just a small extension to SGX AEX handling. At the
moment hardware will RAX, RBX and RCX with ERESUME parameters. We can
fill extend this by filling other three spare registers with exception
information.
AEP handler can then do whatever it wants to do with this information
or just do ERESUME.
In some ways this dummied version of Sean's suggestion.
I think whatever the solution is it should be lightweight and this is
such solution. Why? Because exception handling could be then used to
implement other stuff than just error hadling like syscall wrapper
for the enclaves in nice and lean way.
/Jarkko
Powered by blists - more mailing lists