Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp5240919imm; Tue, 26 Jun 2018 08:06:07 -0700 (PDT) X-Google-Smtp-Source: ADUXVKKl7YSVcQS8vjMUXrwT5y9v7vxji1BcuR61aW+VJUUfQpVDGo3H/mfoZAOpR7yMSUJSQfkh X-Received: by 2002:a65:524d:: with SMTP id q13-v6mr1757339pgp.244.1530025567689; Tue, 26 Jun 2018 08:06:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530025567; cv=none; d=google.com; s=arc-20160816; b=U65D52S5mxIGlxkpb4DMt4Oh7nVN+fnw9Tmcv8KLNRPCXTHvGsAnWRZg6IRqVypQIZ Ml04RIloDVN5xlLCoYQjCBkffbeDi2wh3O1kgj4uKnFlVvlpWMXpC8hTSq1KdJ7NLFq1 bKTf+ffHS/646VehP1JKeM51Cp6aKJ3aUl/+Dk60uSa9obdfkBTaaTrg6SFwLxpL/Ths JbYrLMD5lnEvuM6zy+pHK4e+R7NMyEizw/iWPzoCL3nd6s+Q9qXyqGrBDSkwRdB7ekBa g1HoTTNUpIzX62XcwY2vgvlC4Ht511kDM09ka46F7vkYeEoluI0YW7I3l7FYnHCei6Kx 1jkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:arc-authentication-results; bh=0IeRJqtCb6u37ZiRjnoecCIdORLnSm5nvg4cyKtipbg=; b=BKxdAxcY0RSTLFYiCamdL0/HiuAOWwgRRC3y48i8ZYjQ9ZNa2D9XVOt37uR7jrnmE6 ubBG4JneOi/LLoXn6QT21UjEI/+VyH2y7/XWTcxUv5EnOAK2prvv1AULD4TgBSsKhHe4 iM/fOqGiewwMznpGr8bjZ5Lik/er6n3x1ozX7uELC5+TQbfSULFEe8+H9Rv2115bpm92 dkOUryh2DyjpJq21kxLC/m0PV7IdEZzLhInn2670h6r+mHAe0EYryqSs82wlnMK6SYWD /kovOjIU9MFijl88OIv1fR2OZo+1OeM5tTy1z3ww4+O5VjZNOj2OmUr8781m0cJpci4X O8cQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l4-v6si1734383plt.497.2018.06.26.08.05.46; Tue, 26 Jun 2018 08:06:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751043AbeFZPBs (ORCPT + 99 others); Tue, 26 Jun 2018 11:01:48 -0400 Received: from mail-oi0-f68.google.com ([209.85.218.68]:33076 "EHLO mail-oi0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750909AbeFZPBq (ORCPT ); Tue, 26 Jun 2018 11:01:46 -0400 Received: by mail-oi0-f68.google.com with SMTP id c6-v6so16312922oiy.0 for ; Tue, 26 Jun 2018 08:01:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0IeRJqtCb6u37ZiRjnoecCIdORLnSm5nvg4cyKtipbg=; b=nXjZ/T4dO8D3Ej0oVHoFP0kL2OZIJHtmFuaunxX1HGqlxzrtxMB/8/8NA/yEyeGAv2 jiE7WmT00GIfyFv5ec0b2CQgubhxbFa70Feg0nuJw9JfNKxs0JiskmgQzGcdeZYni8V+ 8tASnMuU/lJ3fH6UHmB9snYkdPD0nWzQrl42nbnY25Gy/wWlsU/OC+Ov2cuSgteEB30C NJ9A2sXuvzOM2NQqfW5BTj4CKKbk8liv+a32mE4Kpq/qk5VfpkzxH6oOI+3th+OLcy+5 4lgzFcQRy67eiIE4kyIDKQy10fEJP0dxqETLLfR6SOK9BKHGmT4fb0Xz59MFNnce+wox WVIw== X-Gm-Message-State: APt69E3S5S7y949AT/tjiYFiUZj2GkuI6VZ93lSBUsXdxFdY368rIdfa gE8P6UjktnL3AcShHQoFPboLS5+H7LJDClJwGXqoRQ== X-Received: by 2002:aca:5585:: with SMTP id j127-v6mr1034285oib.202.1530025305429; Tue, 26 Jun 2018 08:01:45 -0700 (PDT) MIME-Version: 1.0 References: <20180608171216.26521-14-jarkko.sakkinen@linux.intel.com> <20180611115255.GC22164@hmswarspite.think-freely.org> <20180612174535.GE19168@hmswarspite.think-freely.org> <20180620210158.GA24328@linux.intel.com> <73b7e4e3712074b73f4ac8211699d24dfdced6bf.camel@linux.intel.com> <689641dc26a91f7b4b6bfdb763fec90bf7c3e984.camel@linux.intel.com> In-Reply-To: <689641dc26a91f7b4b6bfdb763fec90bf7c3e984.camel@linux.intel.com> From: Nathaniel McCallum Date: Tue, 26 Jun 2018 11:01:34 -0400 Message-ID: Subject: Re: [intel-sgx-kernel-dev] [PATCH v11 13/13] intel_sgx: in-kernel launch enclave To: jarkko.sakkinen@linux.intel.com Cc: luto@kernel.org, sean.j.christopherson@intel.com, jethro@fortanix.com, Neil Horman , x86@kernel.org, platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org, mingo@redhat.com, intel-sgx-kernel-dev@lists.01.org, hpa@zytor.com, dvhart@infradead.org, tglx@linutronix.de, andy@infradead.org, Peter Jones Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 26, 2018 at 4:44 AM Jarkko Sakkinen wrote: > > On Mon, 2018-06-25 at 08:45 -0700, Andy Lutomirski wrote: > > I'm personally rather strongly in favor of the vastly simpler model in > > which we first merge SGX without LE support at all. Instead we use > > the approach where we just twiddle the MSRs to launch normal enclaves > > without an init token at all, which is probably considerably faster > > and will remove several thousand lines of code. If and when a bona > > fide use case for LE support shows up, we can work out the details and > > merge it. > > Andy, I was going to propose exactly the same :-) > > We can upstream SGX that supports only unlocked MSRs and that does > not preventing to upstream support for locked MSRs later. Even if > we had a consensus for locked MSRs, making two milestones for the > mainline would make perfect sense. > > I came into this conclusion last night because all the other review > comments not concerning the launch control are easily sorted out. +1. Let's do this and get it merged without launch enclave support lockdown now. We can revisit this once we have hands on experience with the technology.