| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Mar 2021 18:13:53 -0700
From: Sean Christopherson <seanjc@...gle.com>
To: Jarkko Sakkinen <jarkko@...nel.org>
Cc: Kai Huang <kai.huang@...el.com>, kvm@...r.kernel.org,
linux-sgx@...r.kernel.org, x86@...nel.org,
linux-kernel@...r.kernel.org, luto@...nel.org,
dave.hansen@...el.com, rick.p.edgecombe@...el.com,
haitao.huang@...el.com, pbonzini@...hat.com, bp@...en8.de,
tglx@...utronix.de, mingo@...hat.com, hpa@...or.com
Subject: Re: [PATCH v2 07/25] x86/sgx: Initialize virtual EPC driver even
when SGX driver is disabled
On Tue, Mar 16, 2021, Jarkko Sakkinen wrote:
> On Tue, Mar 16, 2021 at 01:05:05AM +0200, Jarkko Sakkinen wrote:
> > The way I've understood it is that given that KVM can support SGX
> > without FLC, vEPC should be available even if driver cannot be
> > enabled.
> >
> > This is also exactly what the short summary states.
> >
> > "Initialize virtual EPC driver even when SGX driver is disabled"
> >
> > It *does not* state:
> >
> > "Initialize SGX driver even when vEPC driver is disabled"
> >
> > Also, this is how I interpret the inline comment.
> >
> > All this considered, the other direction is undocumented functionality.
>
> Also:
>
> 1. There is *zero* good practical reasons to support the "2nd direction".
Uh, yes there is. CONFIG_KVM_INTEL=n and X86_FEATURE_VMX=n, either of which
will cause vEPC initialization to fail. The former is obvious, the latter is
possible via BIOS configuration.
> For KVM getting init'd with SGX, on the other hand, we have good
> practical reasons.
> 2. We can get something practically useful with simpler and more verbose
> code, i.e. better logging.
>
> /Jarkko
Powered by blists - more mailing lists