From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932116AbdK0TqL (ORCPT ); Mon, 27 Nov 2017 14:46:11 -0500 Received: from mga03.intel.com ([134.134.136.65]:23307 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753285AbdK0TqJ (ORCPT ); Mon, 27 Nov 2017 14:46:09 -0500 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.44,465,1505804400"; d="scan'208";a="6542855" Message-ID: <1511811708.9392.51.camel@intel.com> Subject: Re: [PATCH v5 11/11] intel_sgx: driver documentation From: Sean Christopherson To: Jarkko Sakkinen , Thomas Gleixner Cc: Darren Hart , platform-driver-x86@vger.kernel.org, LKML , Ingo Molnar , "H. Peter Anvin" , x86@kernel.org, linux-doc@vger.kernel.org, Jonathan Corbet , Paolo Bonzini , Radim =?UTF-8?Q?Kr=C4=8Dm=C3=A1=C5=99?= , kvm@vger.kernel.org Date: Mon, 27 Nov 2017 11:41:48 -0800 In-Reply-To: <1511802219.9392.44.camel@intel.com> References: <20171113194528.28557-1-jarkko.sakkinen@linux.intel.com> <20171113194528.28557-12-jarkko.sakkinen@linux.intel.com> <20171117214310.GB25974@fury> <20171120230843.ozqhqhj5h3uuds3f@linux.intel.com> <1511802219.9392.44.camel@intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org + Cc: KVM, Paolo and Radim On Mon, 2017-11-27 at 09:03 -0800, Sean Christopherson wrote: > On Tue, 2017-11-21 at 01:08 +0200, Jarkko Sakkinen wrote: > > > > On Sat, Nov 18, 2017 at 12:34:33AM +0100, Thomas Gleixner wrote: > > > > > > > > > This is architecural. From the cursory read of that series it seems there > > > are two parts to it: > > > > > >   1) The actual core handling, which should be in arch/x86 because that > > >      hardly qualifies as a 'platform' device driver. > > > > > >   2) The user space interface, which can be separated out perhaps. > > > > > > I don't know how intertwingled they are, but that's hard to tell from the > > > actual patches w/o doing a deep inspection. Jarkko should be able to > > > answer > > > that. > > > > > > Thanks, > > > > > > tglx > > Darren, tglx, > > > > You can leave user space device as separate module as sgx_ioctl.c merely > > calls stuff that I have inside sgx_encl.c. VMA creation is bound to file > > operations. > > > > My questions would be: > > > > 1. What is your recommendation on the deployment under arch/x86? > > 2. Which parts should be compilable as a LKM? Only the user interface > >    or both parts? > > > > /Jarkko > To enable KVM and a cgroup for EPC accounting, at a minimum arch/x86 needs to > manage the EPC pages (alloc/free/lrus/reclaim/etc...) and LE hash MSRs.  IMO, > ideally everything else would be left in the device driver, e.g. anything > involving ENCLS.  Keeping the majority of the driver out of arch/x86 minimizes > the footprint in arch/x86 and thereby the size of KVM's dependency required to > virtualize SGX, and allows the various SGX pieces, e.g. arch, driver and KVM, > to evolve more independently. > > Preferably the arch/x86 code would not be a loadable module, e.g. to simplify > KVM support. > > I have a branch based on Jarkko's patches (I believe it's up-to-date with v5) > that implements what I described.  I'd be happy to send RFC patches if that > would help. > > > Branches for those interested: > > https://github.com/sean-jc/linux.git sgx/arch   - move core EPC to arch/x86 > https://github.com/sean-jc/linux.git sgx/kvm    - KVM support for SGX > https://github.com/sean-jc/linux.git sgx/lc     - KVM support for Launch > Control > https://github.com/sean-jc/linux.git sgx/cgroup - EPC cgroup > > > branch relationships: > >     Jarkko's patches >             | >             | >          sgx/arch >         /        \ >      sgx/kvm    sgx/cgroup >       / >    sgx/lc