From: Dave Hansen <dave.hansen@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: x86@kernel.org, platform-driver-x86@vger.kernel.org,
linux-sgx@vger.kernel.org, sean.j.christopherson@intel.com,
nhorman@redhat.com, npmccallum@redhat.com, serge.ayoun@intel.com,
shay.katz-zamir@intel.com, haitao.huang@intel.com,
mark.shanahan@intel.com, andriy.shevchenko@linux.intel.com,
Jonathan Corbet <corbet@lwn.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v15 23/23] x86/sgx: Driver documentation
Date: Tue, 6 Nov 2018 08:45:37 -0800 [thread overview]
Message-ID: <e7b4c432-7005-308c-4da0-a80e0d294244@intel.com> (raw)
In-Reply-To: <20181106054911.GA15575@linux.intel.com>
On 11/5/18 9:49 PM, Jarkko Sakkinen wrote:
> On Mon, Nov 05, 2018 at 12:27:11PM -0800, Dave Hansen wrote:
>> The ABI seems entirely undocumented and rather lightly designed, which
>> seems like something we should fix before this is merged.
>
> ABI is documented in arch/x86/include/uapi/asm/sgx.h that from which the
> documentation is included to intel_sgx.rst. I'm not saying that there is
> no space refine it but it is neither undocumented.
I specifically mean the instruction flow around asynchronous exits or
explicit enclave exit calls via EEXIT. Signals are part of the ABI but
go unmentioned in the documentation.
It's also worth noting that EENTER *can* act (from the kernel's
perspective) like an instruction that both jumps and sets a bunch of
registers (including %rsp). It's certainly abnormal in that regard.
In fact, in the docs:
> +Enclave can only execute code inside the ELRANGE. Instructions that may cause
> +VMEXIT, IO instructions and instructions that require a privilege change are
> +prohibited inside the enclave. Interrupts and exceptions always cause enclave
> +to exit and jump to an address outside the enclave given when the enclave is
> +entered by using the leaf instruction ENCLS(EENTER).
it's probably a really good idea to explain that the address outside of
the enclave is enclave-provided, and is not, for instance, just the next
instruction after EENTER.
>> Also, for a feature as massive and complicated as this one, it seems
>> irresponsible to not have a selftest. Is that not feasible for some reason?
>
> I do have the in-kernel launch enclave stuff backed up here:
>
> https://github.com/jsakkine-intel/sgx-le-host
> https://github.com/jsakkine-intel/sgx-le
>
> This is about as simple as it gets without any type of run-time.
Does this code run when I type "make kselftest"? If not, I think we
should rectify that.
WARNING: multiple messages have this Message-ID (diff)
From: Dave Hansen <dave.hansen@intel.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: <x86@kernel.org>, <platform-driver-x86@vger.kernel.org>,
<linux-sgx@vger.kernel.org>, <sean.j.christopherson@intel.com>,
<nhorman@redhat.com>, <npmccallum@redhat.com>,
<serge.ayoun@intel.com>, <shay.katz-zamir@intel.com>,
<haitao.huang@intel.com>, <mark.shanahan@intel.com>,
<andriy.shevchenko@linux.intel.com>,
"Jonathan Corbet" <corbet@lwn.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v15 23/23] x86/sgx: Driver documentation
Date: Tue, 6 Nov 2018 08:45:37 -0800 [thread overview]
Message-ID: <e7b4c432-7005-308c-4da0-a80e0d294244@intel.com> (raw)
In-Reply-To: <20181106054911.GA15575@linux.intel.com>
On 11/5/18 9:49 PM, Jarkko Sakkinen wrote:
> On Mon, Nov 05, 2018 at 12:27:11PM -0800, Dave Hansen wrote:
>> The ABI seems entirely undocumented and rather lightly designed, which
>> seems like something we should fix before this is merged.
>
> ABI is documented in arch/x86/include/uapi/asm/sgx.h that from which the
> documentation is included to intel_sgx.rst. I'm not saying that there is
> no space refine it but it is neither undocumented.
I specifically mean the instruction flow around asynchronous exits or
explicit enclave exit calls via EEXIT. Signals are part of the ABI but
go unmentioned in the documentation.
It's also worth noting that EENTER *can* act (from the kernel's
perspective) like an instruction that both jumps and sets a bunch of
registers (including %rsp). It's certainly abnormal in that regard.
In fact, in the docs:
> +Enclave can only execute code inside the ELRANGE. Instructions that may cause
> +VMEXIT, IO instructions and instructions that require a privilege change are
> +prohibited inside the enclave. Interrupts and exceptions always cause enclave
> +to exit and jump to an address outside the enclave given when the enclave is
> +entered by using the leaf instruction ENCLS(EENTER).
it's probably a really good idea to explain that the address outside of
the enclave is enclave-provided, and is not, for instance, just the next
instruction after EENTER.
>> Also, for a feature as massive and complicated as this one, it seems
>> irresponsible to not have a selftest. Is that not feasible for some reason?
>
> I do have the in-kernel launch enclave stuff backed up here:
>
> https://github.com/jsakkine-intel/sgx-le-host
> https://github.com/jsakkine-intel/sgx-le
>
> This is about as simple as it gets without any type of run-time.
Does this code run when I type "make kselftest"? If not, I think we
should rectify that.
next prev parent reply other threads:[~2018-11-06 16:45 UTC|newest]
Thread overview: 143+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-02 23:10 [PATCH v15 00/23] Intel SGX1 Jarkko Sakkinen
2018-11-02 23:10 ` Jarkko Sakkinen
2018-11-02 23:10 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 01/23] x86/sgx: Update MAINTAINERS Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 02/23] x86/cpufeatures: Add Intel-defined SGX feature bit Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:33 ` Borislav Petkov
2018-11-02 23:33 ` Borislav Petkov
2018-11-02 23:33 ` Borislav Petkov
2018-11-02 23:55 ` Jarkko Sakkinen
2018-11-02 23:55 ` Jarkko Sakkinen
2018-11-02 23:55 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 03/23] x86/cpufeatures: Add SGX sub-features (as Linux-defined bits) Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 04/23] x86/msr: Add IA32_FEATURE_CONTROL.SGX_ENABLE definition Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 05/23] x86/cpu/intel: Detect SGX support and update caps appropriately Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-03 13:05 ` Andy Shevchenko
2018-11-03 13:05 ` Andy Shevchenko
2018-11-03 13:05 ` Andy Shevchenko
2018-11-05 14:09 ` Jarkko Sakkinen
2018-11-05 14:09 ` Jarkko Sakkinen
2018-11-05 14:09 ` Jarkko Sakkinen
2018-11-05 14:11 ` Jarkko Sakkinen
2018-11-05 14:11 ` Jarkko Sakkinen
2018-11-05 14:11 ` Jarkko Sakkinen
2018-11-05 14:31 ` Andy Shevchenko
2018-11-05 14:31 ` Andy Shevchenko
2018-11-05 14:31 ` Andy Shevchenko
2018-11-02 23:11 ` [PATCH v15 06/23] x86/mm: x86/sgx: Add new 'PF_SGX' page fault error code bit Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 07/23] x86/mm: x86/sgx: Signal SIGSEGV for userspace #PFs w/ PF_SGX Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 08/23] x86/sgx: Define SGX1 and SGX2 ENCLS leafs Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 09/23] x86/sgx: Add ENCLS architectural error codes Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 10/23] x86/sgx: Add SGX1 and SGX2 architectural data structures Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 11/23] x86/sgx: Add definitions for SGX's CPUID leaf and variable sub-leafs Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-03 13:11 ` Andy Shevchenko
2018-11-03 13:11 ` Andy Shevchenko
2018-11-05 14:35 ` Jarkko Sakkinen
2018-11-05 14:35 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 12/23] x86/cpufeatures: Add Intel-defined SGX_LC feature bit Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 13/23] x86/msr: Add SGX Launch Control MSR definitions Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 14/23] x86/cpu/intel: Clear SGX_LC capability if not enabled in FEATURE_CONTROL Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-03 13:15 ` Andy Shevchenko
2018-11-03 13:15 ` Andy Shevchenko
2018-11-03 13:15 ` Andy Shevchenko
2018-11-05 14:37 ` Jarkko Sakkinen
2018-11-05 14:37 ` Jarkko Sakkinen
2018-11-05 14:37 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 15/23] x86/sgx: Add wrappers for ENCLS leaf functions Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-03 13:17 ` Andy Shevchenko
2018-11-03 13:17 ` Andy Shevchenko
2018-11-05 17:30 ` Jarkko Sakkinen
2018-11-05 17:30 ` Jarkko Sakkinen
2018-11-05 20:39 ` Andy Shevchenko
2018-11-05 20:39 ` Andy Shevchenko
2018-11-06 12:03 ` Jarkko Sakkinen
2018-11-06 12:03 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 16/23] x86/sgx: Enumerate and track EPC sections Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-03 1:07 ` Jethro Beekman
2018-11-03 1:07 ` Jethro Beekman
2018-11-03 1:07 ` Jethro Beekman
2018-11-05 17:31 ` Jarkko Sakkinen
2018-11-05 17:31 ` Jarkko Sakkinen
2018-11-05 17:31 ` Jarkko Sakkinen
2018-11-03 13:22 ` Andy Shevchenko
2018-11-03 13:22 ` Andy Shevchenko
2018-11-05 17:35 ` Jarkko Sakkinen
2018-11-05 17:35 ` Jarkko Sakkinen
2018-11-06 12:10 ` Jarkko Sakkinen
2018-11-06 12:10 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 17/23] x86/sgx: Add functions to allocate and free EPC pages Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 18/23] x86/sgx: Add sgx_einit() for initializing enclaves Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 19/23] platform/x86: Intel SGX driver Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 20/23] platform/x86: sgx: Add swapping functionality to the " Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 21/23] x86/sgx: Add a simple swapper for the EPC memory manager Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 22/23] platform/x86: ptrace() support for the SGX driver Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` [PATCH v15 23/23] x86/sgx: Driver documentation Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-02 23:11 ` Jarkko Sakkinen
2018-11-04 8:15 ` Mike Rapoport
2018-11-04 8:15 ` Mike Rapoport
2018-11-05 17:39 ` Jarkko Sakkinen
2018-11-05 17:39 ` Jarkko Sakkinen
2018-11-05 20:27 ` Dave Hansen
2018-11-05 20:27 ` Dave Hansen
2018-11-06 5:49 ` Jarkko Sakkinen
2018-11-06 5:49 ` Jarkko Sakkinen
2018-11-06 6:20 ` Jarkko Sakkinen
2018-11-06 6:20 ` Jarkko Sakkinen
2018-11-06 16:45 ` Dave Hansen [this message]
2018-11-06 16:45 ` Dave Hansen
2018-11-07 16:30 ` Jarkko Sakkinen
2018-11-07 16:30 ` Jarkko Sakkinen
2018-11-07 17:09 ` Dave Hansen
2018-11-07 17:09 ` Dave Hansen
2018-11-08 14:39 ` Jarkko Sakkinen
2018-11-08 14:39 ` Jarkko Sakkinen
2018-11-08 19:20 ` Jarkko Sakkinen
2018-11-08 19:20 ` Jarkko Sakkinen
2018-11-13 15:13 ` Jarkko Sakkinen
2018-11-06 6:26 ` Jarkko Sakkinen
2018-11-06 6:26 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e7b4c432-7005-308c-4da0-a80e0d294244@intel.com \
--to=dave.hansen@intel.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=haitao.huang@intel.com \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-sgx@vger.kernel.org \
--cc=mark.shanahan@intel.com \
--cc=mingo@redhat.com \
--cc=nhorman@redhat.com \
--cc=npmccallum@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=serge.ayoun@intel.com \
--cc=shay.katz-zamir@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.