From: "Huang, Kai" <kai.huang@intel.com>
To: "linux-sgx@vger.kernel.org" <linux-sgx@vger.kernel.org>,
"Luck, Tony" <tony.luck@intel.com>,
"Li, Zhiquan1" <zhiquan1.li@intel.com>,
"Hansen, Dave" <dave.hansen@intel.com>,
"jarkko@kernel.org" <jarkko@kernel.org>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>
Cc: "tglx@linutronix.de" <tglx@linutronix.de>,
"Du, Fan" <fan.du@intel.com>, "Christopherson,,
Sean" <seanjc@google.com>, "Zhang, Cathy" <cathy.zhang@intel.com>,
"bp@suse.de" <bp@suse.de>
Subject: Re: [PATCH v9 3/3] x86/sgx: Fine grained SGX MCA behavior for virtualization
Date: Wed, 12 Oct 2022 11:01:49 +0000 [thread overview]
Message-ID: <188a334629319e430e16d4caf5e4a421b80c357a.camel@intel.com> (raw)
In-Reply-To: <14fabc80-a9fc-05b4-eda1-62f2b265e66b@intel.com>
On Wed, 2022-10-12 at 13:09 +0800, Zhiquan Li wrote:
> > > SGX virtual EPC driver doesn't explicitly prevent virtual EPC instance
> > > being shared by multiple VMs via fork(). However KVM doesn't support
> > > running a VM across multiple mm structures, and the de facto userspace
> > > hypervisor (Qemu) doesn't use fork() to create a new VM, so in practice
> > > this should not happen.
> >
> > This is out of the blue. Why is this here?
> >
> > What happens if a hypervisor *DOES* fork()? What's the fallout?
>
> This part originates from below discussion:
>
> https://lore.kernel.org/linux-sgx/52dc7f50b68c99cecb9e1c3383d9c6d88734cd67.camel@intel.com/#t
>
> It intents to answer the question:
>
> Do you think the processes sharing the same enclave need to be
> killed, even they had not touched the EPC page with hardware error?
Sharing virtual EPC instance will very likely unexpectedly break enclaves in all
VMs. Whether kernel should explicitly prevent is another topic. To me I don't
see strong reason to enforce in the kernel. For instance, multiple VMs can map
the same file as memory backend with MAP_SHARED, in which case they can all
break. Userspace should use virtual EPC in the right way.
But the point is above is not directly related to your patch. On host where
multiple processes can share one enclave legally, it does the same thing. I
think you can just remove that paragraph from changelog.
--
Thanks,
-Kai
next prev parent reply other threads:[~2022-10-12 11:01 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-20 6:39 [PATCH v9 0/3] x86/sgx: fine grained SGX MCA behavior Zhiquan Li
2022-09-20 6:39 ` [PATCH v9 1/3] x86/sgx: Rename the owner field of struct sgx_epc_page as encl_owner Zhiquan Li
2022-09-20 6:39 ` [PATCH v9 2/3] x86/sgx: Introduce union with vepc_vaddr field for virtualization case Zhiquan Li
2022-10-10 23:10 ` Dave Hansen
2022-10-11 5:49 ` Zhiquan Li
2022-10-11 13:57 ` Dave Hansen
2022-10-12 4:42 ` Zhiquan Li
2022-10-12 11:17 ` Huang, Kai
2022-09-20 6:39 ` [PATCH v9 3/3] x86/sgx: Fine grained SGX MCA behavior for virtualization Zhiquan Li
2022-10-10 23:20 ` Dave Hansen
2022-10-11 4:44 ` Zhiquan Li
2022-10-11 14:04 ` Dave Hansen
2022-10-12 5:09 ` Zhiquan Li
2022-10-12 11:01 ` Huang, Kai [this message]
2022-10-12 11:54 ` jarkko
2022-10-12 20:56 ` Huang, Kai
2022-10-13 2:05 ` Zhiquan Li
2022-10-12 14:36 ` Dave Hansen
2022-10-13 14:40 ` Zhiquan Li
2022-10-13 15:39 ` Dave Hansen
2022-10-14 5:42 ` Zhiquan Li
2022-10-14 5:41 ` Dave Hansen
2022-10-13 15:44 ` Dave Hansen
2022-10-13 21:49 ` Huang, Kai
2022-10-13 22:02 ` Dave Hansen
2022-10-13 22:15 ` Huang, Kai
2022-10-13 22:28 ` Dave Hansen
2022-10-13 23:40 ` Huang, Kai
2022-10-13 23:57 ` Dave Hansen
2022-10-14 0:19 ` Huang, Kai
2022-10-19 10:59 ` Huang, Kai
2022-10-23 20:39 ` jarkko
2022-10-24 1:32 ` Zhiquan Li
2022-11-01 0:46 ` jarkko
2022-11-02 1:38 ` Zhiquan Li
2022-11-07 11:36 ` jarkko
2022-11-07 12:19 ` Zhiquan Li
2022-11-04 10:17 ` Huang, Kai
2022-11-04 16:26 ` Sean Christopherson
2022-11-04 16:34 ` Dave Hansen
2022-11-07 8:55 ` Huang, Kai
2022-11-07 8:54 ` Huang, Kai
2022-10-24 22:23 ` Huang, Kai
2022-11-01 0:53 ` jarkko
2022-09-29 8:05 ` [PATCH v9 0/3] x86/sgx: fine grained SGX MCA behavior Zhiquan Li
2022-10-08 2:29 ` Zhiquan Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=188a334629319e430e16d4caf5e4a421b80c357a.camel@intel.com \
--to=kai.huang@intel.com \
--cc=bp@suse.de \
--cc=cathy.zhang@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=fan.du@intel.com \
--cc=jarkko@kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=zhiquan1.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.