[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <767b99c5-f28e-4b8f-5147-6e1d290ca5c6@intel.com>
Date: Thu, 14 Apr 2022 09:30:34 -0700
From: Reinette Chatre <reinette.chatre@...el.com>
To: Jarkko Sakkinen <jarkko@...nel.org>, <dave.hansen@...ux.intel.com>,
<tglx@...utronix.de>, <bp@...en8.de>, <luto@...nel.org>,
<mingo@...hat.com>, <linux-sgx@...r.kernel.org>, <x86@...nel.org>,
<shuah@...nel.org>, <linux-kselftest@...r.kernel.org>
CC: <seanjc@...gle.com>, <kai.huang@...el.com>,
<cathy.zhang@...el.com>, <cedric.xing@...el.com>,
<haitao.huang@...el.com>, <mark.shanahan@...el.com>,
<vijay.dhanraj@...el.com>, <hpa@...or.com>,
<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH V4 14/31] x86/sgx: Support VA page allocation without
reclaiming
Hi Jarkko,
On 4/14/2022 4:18 AM, Jarkko Sakkinen wrote:
> On Wed, 2022-04-13 at 14:10 -0700, Reinette Chatre wrote:
>> struct sgx_encl should be protected with the mutex
>> sgx_encl->lock. One exception is sgx_encl->page_cnt that
>> is incremented (in sgx_encl_grow()) when an enclave page
>> is added to the enclave. The reason the mutex is not held
>> is to allow the reclaimer to be called directly if there are
>> no EPC pages (in support of a new VA page) available at the time.
>>
>> Incrementing sgx_encl->page_cnt without sgc_encl->lock held
>> is currently (before SGX2) safe from concurrent updates because
>> all paths in which sgx_encl_grow() is called occur before
>> enclave initialization and are protected with an atomic
>> operation on SGX_ENCL_IOCTL.
>>
>> SGX2 includes support for dynamically adding pages after
>> enclave initialization where the protection of SGX_ENCL_IOCTL
>> is not available.
>>
>> Make direct reclaim of EPC pages optional when new VA pages
>> are added to the enclave. Essentially the existing "reclaim"
>> flag used when regular EPC pages are added to an enclave
>> becomes available to the caller when used to allocate VA pages
>> instead of always being "true".
>>
>> When adding pages without invoking the reclaimer it is possible
>> to do so with sgx_encl->lock held, gaining its protection against
>> concurrent updates to sgx_encl->page_cnt after enclave
>> initialization.
>>
>> No functional change.
>>
>> Reported-by: Haitao Huang <haitao.huang@...el.com>
>> Tested-by: Haitao Huang <haitao.huang@...el.com>
>> Signed-off-by: Reinette Chatre <reinette.chatre@...el.com>
>
> Reviewed-by: Jarkko Sakkinen <jarkko@...nel.org>
Thank you.
>
> Nit: I don't think tested-by is in the right patch here. Maybe
> Haitao's tested-by should be moved into patch that actually adds
> support for EAUG? Not something I would NAK this patch, just
> wondering...
Yes, that is a good point. While this is the bulk of the fix where
the new API is introduced, the test is only applicable when this API
is used and that is in "x86/sgx: Support adding of pages to an
initialized enclave". I will move the "Tested-by" to that patch.
Reinette
Powered by blists - more mailing lists