linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dave Hansen <dave.hansen@intel.com>
To: Jethro Beekman <jethro@fortanix.com>,
	Raoul Strackx <raoul.strackx@fortanix.com>,
	Jarkko Sakkinen <jarkko@kernel.org>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
	linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH RESEND 0/3] x86/sgx: eextend ioctl
Date: Fri, 2 Apr 2021 12:50:21 -0700	[thread overview]
Message-ID: <3eaead9e-e197-4bbb-5666-a6fb24b2b349@intel.com> (raw)
In-Reply-To: <3a8cec45-87e6-9192-e556-2f3c85ec16dd@fortanix.com>


On 4/2/21 12:38 PM, Jethro Beekman wrote:
> On 2021-04-02 20:42, Dave Hansen wrote:
>> On 4/2/21 11:31 AM, Jethro Beekman wrote:
>>> On 2021-04-02 17:53, Dave Hansen wrote:
>>>> But, why would an enclave loader application ever do this?
>>> 
>>> e.g. to save space
>> 
>> How does this save space, exactly?  What space does it save?
> 
> With the current driver interface, if you want to communicate an 
> application binary that has pages that are at least partially
> measured, you need to communicate the entire page (to ensure the same
> measurement for the entire page), even though most of  that page's contents
> are irrelevant to the application.

Again, how does this save space?

Are you literally talking about the temporary cost of allocating *one* page?

>> We don't blindly support CPU features in Linux.  They need to do
>> something *useful*.  I'm still missing what this does which is
>> useful.
> 
> Enclaves can only be loaded exactly as specified by the developer,
this is the whole point of the measurement architecture. By not
supporting arbitrary EADD/EEXTEND flows, the SGX application ecosystem
is effectively split into two: SGX applications that run everywhere and
SGX applications that run everywhere except on Linux. So, the "something
useful" is being compatible. Linux has plenty of features that exist
solely for compatibility with other systems, such as binfmt_misc.

That's a mildly compelling argument.  Is it theoretical or practical?
Are folks *practically* going to run the same enclave binaries on Linux
and Windows?

I guess the enclave never interacts with the OS directly, so this is
_possible_.  But, are enclaves really that divorced from the "runtimes"
which *are* OS-specific?

>> Does any actual, real-world enclave want this functionality?  Why?

I didn't see an answer on this one.

>> P.S. There are plenty of things you can do with the SGX
>> architecture that we probably won't ever implement in Linux.
> 
> How so? 

For example, the architecture allows swapping VA pages and guest enclave
pages.  But, we may never do either of those.

  reply	other threads:[~2021-04-02 19:50 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-31 12:50 [PATCH RESEND 0/3] x86/sgx: eextend ioctl Raoul Strackx
2021-03-31 15:53 ` Dave Hansen
2021-04-01 14:56   ` Raoul Strackx
2021-04-01 16:11     ` Dave Hansen
2021-04-01 17:49       ` Raoul Strackx
2021-04-01 18:40         ` Dave Hansen
2021-04-02  8:38           ` Jethro Beekman
2021-04-02 15:53             ` Dave Hansen
2021-04-02 18:31               ` Jethro Beekman
2021-04-02 18:42                 ` Dave Hansen
2021-04-02 19:38                   ` Jethro Beekman
2021-04-02 19:50                     ` Dave Hansen [this message]
2021-04-02 20:20                       ` Jethro Beekman
2021-04-02 20:48                         ` Dave Hansen
2021-04-08 15:27                           ` Jethro Beekman
2021-04-08 15:54                             ` Dave Hansen
2021-04-04 16:04                 ` Jarkko Sakkinen
2021-04-08 15:07                   ` Jethro Beekman
2021-04-01 17:59       ` Jethro Beekman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3eaead9e-e197-4bbb-5666-a6fb24b2b349@intel.com \
    --to=dave.hansen@intel.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=jarkko@kernel.org \
    --cc=jethro@fortanix.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-sgx@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=raoul.strackx@fortanix.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).