From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
x86@kernel.org, platform-driver-x86@vger.kernel.org,
nhorman@redhat.com, npmccallum@redhat.com,
linux-sgx@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Suresh Siddha <suresh.b.siddha@intel.com>,
Serge Ayoun <serge.ayoun@intel.com>,
"open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v13 09/13] x86/sgx: Enclave Page Cache (EPC) memory manager
Date: Tue, 28 Aug 2018 14:52:40 -0700 [thread overview]
Message-ID: <20180828215240.GA29684@linux.intel.com> (raw)
In-Reply-To: <81adf7e1-b9c2-e906-95a3-c6e08cbcc52a@intel.com>
On Tue, Aug 28, 2018 at 02:26:36PM -0700, Dave Hansen wrote:
> On 08/28/2018 02:22 PM, Sean Christopherson wrote:
> > On Tue, Aug 28, 2018 at 07:07:33AM -0700, Dave Hansen wrote:
> >> On 08/28/2018 01:35 AM, Jarkko Sakkinen wrote:
> >>> On Mon, Aug 27, 2018 at 02:15:34PM -0700, Dave Hansen wrote:
> >>>> On 08/27/2018 11:53 AM, Jarkko Sakkinen wrote:
> >>>>> +struct sgx_epc_page_ops {
> >>>>> + bool (*get)(struct sgx_epc_page *epc_page);
> >>>>> + void (*put)(struct sgx_epc_page *epc_page);
> >>>>> + bool (*reclaim)(struct sgx_epc_page *epc_page);
> >>>>> + void (*block)(struct sgx_epc_page *epc_page);
> >>>>> + void (*write)(struct sgx_epc_page *epc_page);
> >>>>> +};
> >>>> Why do we need a fancy, slow (retpoline'd) set of function pointers when
> >>>> we only have one user of these (the SGX driver)?
> >>> KVM has its own implementation for these operations.
> >>
> >> That belongs in the changelog.
> >>
> >> Also, where is the implementation? How can we assess this code that was
> >> built to create an abstraction without both of the users?
> >
> > I can provide an early preview of the KVM reclaim code, but honestly
> > I think that would do more harm than good. The VMX architecture for
> > EPC reclaim is complex, even for SGX standards. Opening that can of
> > worms would likely derail this discussion. That being said, this
> > abstraction isn't exactly what KVM will need, but it's pretty close
> > and gives us something to build on.
>
> Please remove the abstraction code. We don't introduce infrastructure
> which no one will use.
The infrastructure is used in the sense that it allows us to split the
userspace-facing code, i.e. the driver, into a separate module. This
in turn allows virtualization of SGX without having to load the driver
or building it in the first place, e.g. to virtualize SGX on a system
that doesn't meet the driver's requirements.
We could eliminate the abstraction by moving the EPC management code
into the driver, but that would directly conflict with past feedback
and would need to be completely undone to enable KVM. The abstraction
could be dumbed down to a single function, but as mentioned earlier,
that comes with its own costs. I can dive into exactly what we lose
with a single function approach if this is a sticking point.
WARNING: multiple messages have this Message-ID (diff)
From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
<x86@kernel.org>, <platform-driver-x86@vger.kernel.org>,
<nhorman@redhat.com>, <npmccallum@redhat.com>,
<linux-sgx@vger.kernel.org>, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Suresh Siddha <suresh.b.siddha@intel.com>,
Serge Ayoun <serge.ayoun@intel.com>,
"open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v13 09/13] x86/sgx: Enclave Page Cache (EPC) memory manager
Date: Tue, 28 Aug 2018 14:52:40 -0700 [thread overview]
Message-ID: <20180828215240.GA29684@linux.intel.com> (raw)
In-Reply-To: <81adf7e1-b9c2-e906-95a3-c6e08cbcc52a@intel.com>
On Tue, Aug 28, 2018 at 02:26:36PM -0700, Dave Hansen wrote:
> On 08/28/2018 02:22 PM, Sean Christopherson wrote:
> > On Tue, Aug 28, 2018 at 07:07:33AM -0700, Dave Hansen wrote:
> >> On 08/28/2018 01:35 AM, Jarkko Sakkinen wrote:
> >>> On Mon, Aug 27, 2018 at 02:15:34PM -0700, Dave Hansen wrote:
> >>>> On 08/27/2018 11:53 AM, Jarkko Sakkinen wrote:
> >>>>> +struct sgx_epc_page_ops {
> >>>>> + bool (*get)(struct sgx_epc_page *epc_page);
> >>>>> + void (*put)(struct sgx_epc_page *epc_page);
> >>>>> + bool (*reclaim)(struct sgx_epc_page *epc_page);
> >>>>> + void (*block)(struct sgx_epc_page *epc_page);
> >>>>> + void (*write)(struct sgx_epc_page *epc_page);
> >>>>> +};
> >>>> Why do we need a fancy, slow (retpoline'd) set of function pointers when
> >>>> we only have one user of these (the SGX driver)?
> >>> KVM has its own implementation for these operations.
> >>
> >> That belongs in the changelog.
> >>
> >> Also, where is the implementation? How can we assess this code that was
> >> built to create an abstraction without both of the users?
> >
> > I can provide an early preview of the KVM reclaim code, but honestly
> > I think that would do more harm than good. The VMX architecture for
> > EPC reclaim is complex, even for SGX standards. Opening that can of
> > worms would likely derail this discussion. That being said, this
> > abstraction isn't exactly what KVM will need, but it's pretty close
> > and gives us something to build on.
>
> Please remove the abstraction code. We don't introduce infrastructure
> which no one will use.
The infrastructure is used in the sense that it allows us to split the
userspace-facing code, i.e. the driver, into a separate module. This
in turn allows virtualization of SGX without having to load the driver
or building it in the first place, e.g. to virtualize SGX on a system
that doesn't meet the driver's requirements.
We could eliminate the abstraction by moving the EPC management code
into the driver, but that would directly conflict with past feedback
and would need to be completely undone to enable KVM. The abstraction
could be dumbed down to a single function, but as mentioned earlier,
that comes with its own costs. I can dive into exactly what we lose
with a single function approach if this is a sticking point.
next prev parent reply other threads:[~2018-08-28 21:52 UTC|newest]
Thread overview: 259+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-27 18:53 [PATCH v13 00/13] Intel SGX1 support Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 01/13] x86/sgx: Update MAINTAINERS Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-09-03 12:56 ` Andy Shevchenko
2018-09-03 12:56 ` Andy Shevchenko
2018-09-03 19:10 ` Jarkko Sakkinen
2018-09-03 19:10 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 02/13] x86/cpufeature: Add SGX and SGX_LC CPU features Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-28 0:07 ` Huang, Kai
2018-08-28 0:07 ` Huang, Kai
2018-08-28 0:07 ` Huang, Kai
2018-08-28 7:17 ` Jarkko Sakkinen
2018-08-28 7:17 ` Jarkko Sakkinen
2018-08-29 7:36 ` Huang, Kai
2018-08-29 7:36 ` Huang, Kai
2018-08-29 7:36 ` Huang, Kai
2018-08-31 12:19 ` Jarkko Sakkinen
2018-08-31 12:19 ` Jarkko Sakkinen
2018-08-31 12:19 ` Jarkko Sakkinen
2018-08-31 16:18 ` Dr. Greg
2018-08-31 16:18 ` Dr. Greg
2018-08-31 16:18 ` Dr. Greg
2018-08-27 18:53 ` [PATCH v13 03/13] x86/cpufeatures: Add Intel-defined SGX leaf CPUID_12_EAX Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 19:39 ` Dave Hansen
2018-08-27 19:39 ` Dave Hansen
2018-08-27 19:39 ` Dave Hansen
2018-08-27 19:39 ` Dave Hansen
2018-08-28 7:23 ` Jarkko Sakkinen
2018-08-28 7:23 ` Jarkko Sakkinen
2018-08-28 10:21 ` Borislav Petkov
2018-08-28 10:21 ` Borislav Petkov
2018-08-28 10:38 ` Jarkko Sakkinen
2018-08-28 10:38 ` Jarkko Sakkinen
2018-08-28 10:38 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 04/13] x86/sgx: Architectural structures Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 19:41 ` Dave Hansen
2018-08-27 19:41 ` Dave Hansen
2018-08-27 19:41 ` Dave Hansen
2018-08-28 8:08 ` Jarkko Sakkinen
2018-08-28 8:08 ` Jarkko Sakkinen
2018-08-28 8:08 ` Jarkko Sakkinen
2018-09-03 13:16 ` Andy Shevchenko
2018-09-03 13:16 ` Andy Shevchenko
2018-09-03 19:17 ` Jarkko Sakkinen
2018-09-03 19:17 ` Jarkko Sakkinen
2018-09-04 16:04 ` Dave Hansen
2018-09-04 16:04 ` Dave Hansen
2018-09-04 16:06 ` Andy Shevchenko
2018-09-04 16:06 ` Andy Shevchenko
2018-09-05 17:32 ` Jarkko Sakkinen
2018-09-05 17:32 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 05/13] x86/msr: Add SGX definitions to msr-index.h Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 19:42 ` Dave Hansen
2018-08-27 19:42 ` Dave Hansen
2018-08-27 19:42 ` Dave Hansen
2018-08-28 8:11 ` Jarkko Sakkinen
2018-08-28 8:11 ` Jarkko Sakkinen
2018-08-28 8:11 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 06/13] x86/sgx: Detect Intel SGX Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 19:53 ` Dave Hansen
2018-08-27 19:53 ` Dave Hansen
2018-08-27 19:53 ` Dave Hansen
2018-08-28 8:28 ` Jarkko Sakkinen
2018-08-28 8:28 ` Jarkko Sakkinen
2018-08-28 8:28 ` Jarkko Sakkinen
2018-09-03 14:26 ` Andy Shevchenko
2018-09-03 14:26 ` Andy Shevchenko
2018-09-04 9:56 ` Jarkko Sakkinen
2018-09-04 9:56 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 07/13] x86/sgx: Add data structures for tracking the EPC pages Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 21:07 ` Dave Hansen
2018-08-27 21:07 ` Dave Hansen
2018-08-27 21:07 ` Dave Hansen
2018-08-28 10:30 ` Jarkko Sakkinen
2018-08-28 10:30 ` Jarkko Sakkinen
2018-08-28 10:30 ` Jarkko Sakkinen
2018-08-28 16:53 ` Dave Hansen
2018-08-28 16:53 ` Dave Hansen
2018-08-28 16:53 ` Dave Hansen
2018-08-28 21:34 ` Sean Christopherson
2018-08-28 21:34 ` Sean Christopherson
2018-08-28 21:34 ` Sean Christopherson
2018-08-31 11:13 ` Jarkko Sakkinen
2018-08-31 11:13 ` Jarkko Sakkinen
2018-08-31 11:13 ` Jarkko Sakkinen
2018-08-31 11:10 ` Jarkko Sakkinen
2018-08-31 11:10 ` Jarkko Sakkinen
2018-08-31 11:10 ` Jarkko Sakkinen
2018-09-03 14:41 ` Andy Shevchenko
2018-09-03 14:41 ` Andy Shevchenko
2018-09-04 9:59 ` Jarkko Sakkinen
2018-09-04 9:59 ` Jarkko Sakkinen
2018-09-04 17:49 ` Sean Christopherson
2018-09-04 17:49 ` Sean Christopherson
2018-09-04 18:01 ` Andy Shevchenko
2018-09-04 18:01 ` Andy Shevchenko
2018-09-04 18:17 ` Sean Christopherson
2018-09-04 18:17 ` Sean Christopherson
2018-09-05 17:36 ` Jarkko Sakkinen
2018-09-05 17:36 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 08/13] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-09-03 15:01 ` Andy Shevchenko
2018-09-03 15:01 ` Andy Shevchenko
2018-09-04 11:09 ` Jarkko Sakkinen
2018-09-04 11:09 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 09/13] x86/sgx: Enclave Page Cache (EPC) memory manager Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 21:14 ` Dave Hansen
2018-08-27 21:14 ` Dave Hansen
2018-08-27 21:14 ` Dave Hansen
2018-08-28 8:36 ` Jarkko Sakkinen
2018-08-28 8:36 ` Jarkko Sakkinen
2018-08-28 8:36 ` Jarkko Sakkinen
2018-08-27 21:15 ` Dave Hansen
2018-08-27 21:15 ` Dave Hansen
2018-08-27 21:15 ` Dave Hansen
2018-08-28 8:35 ` Jarkko Sakkinen
2018-08-28 8:35 ` Jarkko Sakkinen
2018-08-28 8:35 ` Jarkko Sakkinen
2018-08-28 14:07 ` Dave Hansen
2018-08-28 14:07 ` Dave Hansen
2018-08-28 14:07 ` Dave Hansen
2018-08-28 21:22 ` Sean Christopherson
2018-08-28 21:22 ` Sean Christopherson
2018-08-28 21:22 ` Sean Christopherson
2018-08-28 21:26 ` Dave Hansen
2018-08-28 21:26 ` Dave Hansen
2018-08-28 21:26 ` Dave Hansen
2018-08-28 21:52 ` Sean Christopherson [this message]
2018-08-28 21:52 ` Sean Christopherson
2018-08-28 21:52 ` Sean Christopherson
2018-08-31 11:22 ` Jarkko Sakkinen
2018-08-31 11:22 ` Jarkko Sakkinen
2018-08-31 11:22 ` Jarkko Sakkinen
2018-09-03 19:02 ` Andy Shevchenko
2018-09-03 19:02 ` Andy Shevchenko
2018-09-04 15:38 ` Jarkko Sakkinen
2018-09-04 15:38 ` Jarkko Sakkinen
2018-09-04 15:45 ` Sean Christopherson
2018-09-04 15:45 ` Sean Christopherson
2018-09-11 15:04 ` Sean Christopherson
2018-09-11 15:04 ` Sean Christopherson
2018-09-11 15:04 ` Sean Christopherson
2018-09-16 11:40 ` Jarkko Sakkinen
2018-09-16 11:40 ` Jarkko Sakkinen
2018-09-16 11:40 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 10/13] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 21:41 ` Huang, Kai
2018-08-27 21:41 ` Huang, Kai
2018-08-27 21:41 ` Huang, Kai
2018-08-28 7:01 ` Jarkko Sakkinen
2018-08-28 7:01 ` Jarkko Sakkinen
2018-08-29 7:33 ` Huang, Kai
2018-08-29 7:33 ` Huang, Kai
2018-08-29 7:33 ` Huang, Kai
2018-08-29 20:33 ` Sean Christopherson
2018-08-29 20:33 ` Sean Christopherson
2018-08-29 20:58 ` Huang, Kai
2018-08-29 20:58 ` Huang, Kai
2018-08-29 20:58 ` Huang, Kai
2018-08-29 21:09 ` Sean Christopherson
2018-08-29 21:09 ` Sean Christopherson
2018-08-30 1:45 ` Huang, Kai
2018-08-30 1:45 ` Huang, Kai
2018-08-30 1:45 ` Huang, Kai
2018-08-31 17:43 ` Sean Christopherson
2018-08-31 17:43 ` Sean Christopherson
2018-08-31 21:34 ` Dr. Greg
2018-08-31 21:34 ` Dr. Greg
2018-08-31 21:34 ` Dr. Greg
2018-09-03 19:27 ` Jarkko Sakkinen
2018-09-03 19:27 ` Jarkko Sakkinen
2018-09-03 18:15 ` Jarkko Sakkinen
2018-09-03 18:15 ` Jarkko Sakkinen
2018-08-31 12:17 ` Jarkko Sakkinen
2018-08-31 12:17 ` Jarkko Sakkinen
2018-08-31 18:15 ` Sean Christopherson
2018-08-31 18:15 ` Sean Christopherson
2018-09-03 19:19 ` Jarkko Sakkinen
2018-09-03 19:19 ` Jarkko Sakkinen
2018-09-03 23:45 ` Huang, Kai
2018-09-03 23:45 ` Huang, Kai
2018-09-03 23:45 ` Huang, Kai
2018-09-04 14:54 ` Sean Christopherson
2018-09-04 14:54 ` Sean Christopherson
2018-09-04 15:30 ` Jarkko Sakkinen
2018-09-04 15:30 ` Jarkko Sakkinen
2018-09-04 16:35 ` Sean Christopherson
2018-09-04 16:35 ` Sean Christopherson
2018-09-04 22:13 ` Huang, Kai
2018-09-04 22:13 ` Huang, Kai
2018-09-04 22:13 ` Huang, Kai
2018-09-05 17:39 ` Jarkko Sakkinen
2018-09-05 17:39 ` Jarkko Sakkinen
2018-09-04 15:26 ` Jarkko Sakkinen
2018-09-04 15:26 ` Jarkko Sakkinen
2018-09-03 13:53 ` Jann Horn
2018-09-03 13:53 ` Jann Horn
2018-09-04 9:55 ` Jarkko Sakkinen
2018-09-04 9:55 ` Jarkko Sakkinen
2018-09-04 16:05 ` Andy Shevchenko
2018-09-04 16:05 ` Andy Shevchenko
2018-08-27 18:53 ` [PATCH v13 11/13] platform/x86: Intel SGX driver Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-09-04 17:59 ` Andy Shevchenko
2018-09-04 17:59 ` Andy Shevchenko
2018-09-05 17:33 ` Jarkko Sakkinen
2018-09-05 17:33 ` Jarkko Sakkinen
2018-09-05 17:36 ` Andy Shevchenko
2018-09-05 17:36 ` Andy Shevchenko
2018-09-06 9:21 ` Jarkko Sakkinen
2018-09-06 9:21 ` Jarkko Sakkinen
2018-09-06 17:35 ` Miguel Ojeda
2018-09-06 17:35 ` Miguel Ojeda
2018-09-07 0:50 ` Joe Perches
2018-09-07 0:50 ` Joe Perches
2018-09-07 17:02 ` Sean Christopherson
2018-09-07 17:02 ` Sean Christopherson
2018-09-07 17:02 ` Sean Christopherson
2018-09-10 18:37 ` Jarkko Sakkinen
2018-09-10 18:37 ` Jarkko Sakkinen
2018-09-10 21:22 ` Joe Perches
2018-09-10 21:22 ` Joe Perches
2018-09-10 18:33 ` Jarkko Sakkinen
2018-09-10 18:33 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 12/13] platform/x86: ptrace() support for the " Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` [PATCH v13 13/13] x86/sgx: Driver documentation Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 18:53 ` Jarkko Sakkinen
2018-08-27 19:40 ` Randy Dunlap
2018-08-27 19:40 ` Randy Dunlap
2018-08-28 7:58 ` Jarkko Sakkinen
2018-08-28 7:58 ` Jarkko Sakkinen
2018-08-28 8:03 ` Jarkko Sakkinen
2018-08-28 8:03 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180828215240.GA29684@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=dave.hansen@intel.com \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=nhorman@redhat.com \
--cc=npmccallum@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=serge.ayoun@intel.com \
--cc=suresh.b.siddha@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.