[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <C107C4D3-1730-41BA-960C-C75B32DB43A0@amacapital.net>
Date: Tue, 11 Aug 2020 08:16:54 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Sean Christopherson <sean.j.christopherson@...el.com>
Cc: Andy Lutomirski <luto@...nel.org>,
Nathaniel McCallum <npmccallum@...hat.com>,
Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
X86 ML <x86@...nel.org>, linux-sgx@...r.kernel.org,
LKML <linux-kernel@...r.kernel.org>,
Jethro Beekman <jethro@...tanix.com>,
Cedric Xing <cedric.xing@...el.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
asapek@...gle.com, Borislav Petkov <bp@...en8.de>,
chenalexchen@...gle.com, Conrad Parker <conradparker@...gle.com>,
cyhanish@...gle.com, Dave Hansen <dave.hansen@...el.com>,
"Huang, Haitao" <haitao.huang@...el.com>,
Josh Triplett <josh@...htriplett.org>,
"Huang, Kai" <kai.huang@...el.com>,
"Svahn, Kai" <kai.svahn@...el.com>, Keith Moyer <kmoy@...gle.com>,
Christian Ludloff <ludloff@...gle.com>,
Neil Horman <nhorman@...hat.com>,
Patrick Uiterwijk <puiterwijk@...hat.com>,
David Rientjes <rientjes@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>, yaozhangx@...gle.com
Subject: Re: [PATCH v36 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call
> On Aug 10, 2020, at 5:52 PM, Andy Lutomirski <luto@...capital.net> wrote:
>
>
>>> On Aug 10, 2020, at 4:48 PM, Sean Christopherson <sean.j.christopherson@...el.com> wrote:
>>>
>>> On Mon, Aug 10, 2020 at 04:08:46PM -0700, Andy Lutomirski wrote:
>>> What am I missing? I still don't really understand why we are
>>> supporting this mechanism at all. Just the asm code to invoke the
>>> callback seems to be about half of the entire function.
>>
>> Because the Intel SDK (and other SDKs?) wants to use the host stack to pass
>> parameters out of the enclave.
>
> Ugh, right. I forgot about that particular abomination.
>
> I suppose that passing a context pointer would be reasonable.
The alternative would be to pass in a parameter that gets put in RSP before entering the enclave. The idea is that the untrusted runtime would allocate a couple pages with guard pages at either end, and enclaves using the regrettable arguments-on-the-stack scheme would end up using the alternative stack.
At the end of the day, none of this really matters too much. Languages that can do inline asm but can’t do container_of() can get fixed or use workarounds.
Powered by blists - more mailing lists