lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 28 May 2020 04:23:19 +0300
From:   Jarkko Sakkinen <>
To:     Borislav Petkov <>
Cc:     Sean Christopherson <>,,,,,,,,,,,,,,,,,,
        Jethro Beekman <>
Subject: Re: [PATCH v30 08/20] x86/sgx: Add functions to allocate and free
 EPC pages

On Wed, May 27, 2020 at 10:46:38PM +0200, Borislav Petkov wrote:
> On Tue, May 26, 2020 at 09:21:11PM -0700, Sean Christopherson wrote:
> > In other words, sgx_alloc_epc_section() is poorly named.  It doesn't
> > actually allocate EPC, it allocates kernel structures to map and track EPC.
> > sgx_(un)map_epc_section() would be more accurate and would hopefully
> > alleviate some of the confusion.
> Makes sense.
> > I have no objection to renaming __sgx_alloc_try_alloc_page() to something
> > like sgx_alloc_epc_page_section or whatever, but IMO using get/put will be
> > horrendously confusing.
> Ok. My only issue is that the naming nomenclature sounds strange and
> confusing as it is. "try" in an "alloc" function is kinda tautological -
> of course the function will try to do its best. :)
> And there are three functions having "alloc" in the name so I can
> imagine someone getting very confused when having to stare at that code.
> So at least naming them in a way so that it is clear what kind of pages
> they "allocate" - i.e., what they actually do - would be a step in the
> right direction...
> Thx.

I also think sgx_get_epc_page() is also kind of confusing name. The
reason is that "get" can many things.

I'm not sure I follow fully Sean's reasoning but the way alloc is used
mostly in Linux is to ask through some API the used kernel memory
allocator to give memory for some kernel data structures.

Agreed that it is not the best match on what we are doing.

The first common verb that comes to my mind about the action taken is
grabbing. Attached a patch reflecting this idea that I'm ready to


View attachment "0001-x86-sgx-sgx_alloc_page-to-sgx_grab_page.patch" of type "text/x-diff" (5258 bytes)

Powered by blists - more mailing lists