From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Huang, Kai" <kai.huang@linux.intel.com>
Subject: Re: [intel-sgx-kernel-dev] [PATCH 08/10] kvm: vmx: add guest's
 IA32_SGXLEPUBKEYHASHn runtime switch support
Date: Wed, 24 May 2017 20:20:35 +1200
Message-ID: <1d543e56-d5bc-930b-b783-0803b34bafc0@linux.intel.com>
References: <20170508052434.3627-1-kai.huang@linux.intel.com>
 <20170508052434.3627-9-kai.huang@linux.intel.com>
 <58dcdb2d-6894-b0a3-8d6f-2ab752fd6d22@linux.intel.com>
 <CALCETrXG6KZEuxzDRwrAC5Wp=tCFaUBt4oPMQE40gdYB4p_A_Q@mail.gmail.com>
 <20170515124622.piupyk57vjdoppl5@intel.com>
 <478d9303-00b7-4f29-6124-0c1433851952@linux.intel.com>
 <1495030889.23465.13.camel@intel.com>
 <fc64a298-a15a-3fa6-413a-cca01623abe1@linux.intel.com>
 <CALCETrXYQCciYszYaGjL1-h+kf71AXq3YYJLyVNGpv1bCtxQZg@mail.gmail.com>
 <24a2198f-fd0f-6db3-274d-3392a9037265@linux.intel.com>
 <CALCETrXP5YH2rp1aksapV7Dyeqa7sGtNZotjj3NeKONHD7c+cg@mail.gmail.com>
 <b9e6901c-59b0-30c1-4470-5efba072474d@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Sean Christopherson <sean.j.christopherson@intel.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        haim.cohen@intel.com,
        "intel-sgx-kernel-dev@lists.01.org"
        <intel-sgx-kernel-dev@ml01.01.org>, kvm list <kvm@vger.kernel.org>,
        Radim Krcmar <rkrcmar@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
        Andy Lutomirski <luto@kernel.org>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mga11.intel.com ([192.55.52.93]:37462 "EHLO mga11.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S935202AbdEXIUs (ORCPT <rfc822;kvm@vger.kernel.org>);
        Wed, 24 May 2017 04:20:48 -0400
In-Reply-To: <b9e6901c-59b0-30c1-4470-5efba072474d@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>



On 5/24/2017 4:43 AM, Paolo Bonzini wrote:
>
>
> On 23/05/2017 18:34, Andy Lutomirski wrote:
>>
>>> Using MTF is also a little bit tricky, as when we turn on MTF VMEXIT upon
>>> ENCLS VMEXIT, the MTF won't be absolutely pending at end of that ENCLS. For
>>> example, MTF may be pending at end of interrupt (cannot recall exactly) if
>>> event is pending during VMENTRY from ENCLS VMEXIT. Therefore we have to do
>>> additional thing to check whether this MTF VMEXIT really happens after ENCLS
>>> run (step 3 above). And depending on what we need to do, we may need to
>>> check whether ENCLS succeeded or not in guest, which is also tricky, as
>>> ENCLS can fail in either setting error code in RAX, or generating #GP or #UD
>>> (step 4 above). We may still need to do gva->gpa->hpa, ex, in order to
>>> locate EPC/SECS page and update status, depending on the purpose of trapping
>>> ENCLS.
>> I think there are some issues here.
>>
>> First, you're making a big assumption that, when you resume the guest
>> with MTF set, the instruction that gets executed is still
>> ENCLS[EINIT].  That's not guaranteed as is -- you could race against
>> another vCPU that changes the instruction, the instruction could be in
>> IO space, host userspace could be messing with you, etc.  Second, I
>> don't think there's any precedent at all in KVM for doing this.
>> Third, you still need to make sure that the MSRs retain the value you
>> want them to have by the time ENCLS happens.  I think that, by the
>> time you resolve all of these issues, it'll look a lot like the
>> pseudocode I emailed out, and MTF won't be necessary any more.
>
> Agreed.  Emulation in the host is better.

Hi Andy/Paolo,

Thanks for comments. I'll follow your suggestion in v2.

Thanks,
-Kai

>
> Paolo
>