Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2118205imm; Thu, 27 Sep 2018 07:42:51 -0700 (PDT) X-Google-Smtp-Source: ACcGV62PfVsB4pKh5FpbbZBAvgK9mjZx5uy0eSeVLeU7kB5Fnkdar5ZYRD4Y0s7lzmc0TR6Zrg7/ X-Received: by 2002:a17:902:6b47:: with SMTP id g7-v6mr11706902plt.128.1538059371322; Thu, 27 Sep 2018 07:42:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538059371; cv=none; d=google.com; s=arc-20160816; b=kYpucEFxYJbgK/Lpa7+hkqw1SmC3AF0M34hpGbXB14Zt0CCC2VkF9vCzmPzEowK//B cCAfWPICdwQBntikhjwT96WTLp8PB3IhMLoW4UfyWlZCiNgJOGMlfQx/s5StAkPS+EtL AR9wN3fqS1uINix6QGDNvImoEjonVQgLk0Ltt2rlFF0HywwvkmXB4UpUvejRGwd/FO0o UrYhnh/P6cfwUMNMBtyOwXUOFtKBdLrFIxranQx4bed6EApSaLCXkREfmzBNY4xfodUM hobEY66z9rpE/0kMs/ag3GGsN2bu9GyoBsPTAN6s1v14qxJbhPPtAsEgbOHoLkwj46Ew RRwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=60nCAir1PGjGMBK+U/3RcSGcSVVouC3TH3bY/jjtnvs=; b=WbBsc58SDk1WOh/62rXyKWmALPfTa2I6H1ny6qGIs9x0yB1y6l7y1TeQpl1CXER0SH 3fSm0ChchPWOLdAjUh6PJzwErXWZnrAemE/k1wK7LZ8s0NgKi81M1m0hywrJR8IMiFW2 kHxD3bPNIMHQCodpDyLyU0N1zibL7PW6TK9IGfOugE9Tq6wzdNcmgGhbGp8RqLNreP0a iOBTcwWiG8vcH3bc3kXwY+iIqXuE8cbR3TsnLJb0WIuUfVrjUo9NiPq6PdUB4RFVmMzj z1ELkmBbs0AV0royXm3NBYSnN2GG9OtkDk4o7Zknwq7ps9l4CietVgJoD7dVTkgPg0/J JvDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Zuik0yFM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f65-v6si236176pff.276.2018.09.27.07.42.35; Thu, 27 Sep 2018 07:42:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Zuik0yFM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727722AbeI0U7i (ORCPT + 99 others); Thu, 27 Sep 2018 16:59:38 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:46333 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727212AbeI0U7i (ORCPT ); Thu, 27 Sep 2018 16:59:38 -0400 Received: by mail-pf1-f195.google.com with SMTP id d8-v6so2052046pfo.13 for ; Thu, 27 Sep 2018 07:41:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=60nCAir1PGjGMBK+U/3RcSGcSVVouC3TH3bY/jjtnvs=; b=Zuik0yFMnIJAgZAEoK2yExASPX4BFhf+w7/EKYwunA+PPIhTs9pySF2NSstf1D2YNJ h9im+nmWTTVG8+kZLh/o8e7Srq5H0nahIPl0GGLKpE7t2WN4cPqr7nUJrPlcF6xIvZwr VQ0/losgwJKqGrN4k/CGTFVc04/Il7hzrZZS7y4YeXTYLb72OeqokP30N46aftvmkpsq lzTZJ764hZltpEj16umSjIkIdvAHQFsrenNlm4vrhRaL+UYTAnQukuNM5aWKjKge80WF 3ySVUpiCO4Ny4HveC9lQLBhMOLx6r+LiGL3qRvYAWIuLB/mcGNI1EFh9riHoVcmyU+ie lt1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=60nCAir1PGjGMBK+U/3RcSGcSVVouC3TH3bY/jjtnvs=; b=XIjabIyK68OvbaALaufz7jNZvw0cJVXZTRlCyUFr2uq8yqnL+dtWdTvPB5P0qR5Qb2 14pXxTmcLVqEgmkr9TGe3uNfl1ZSs38EtIFA2dn3uZAoHb4Oq41DpRvEGQi2In2jK7xI q+2LCR3nPA+09fe4ZK/hOVHqjxgAa9BPZcU0TOJP5APCgPIQRU/f6h6HEI6KLfAm9Uog Cqnnfd7dRqD3lv3zIvUh4On1Al9KwbouB0lG4hCVSDzZ/doGp3hTGhfA2astAVdEAKZZ YQweyJGip9zYfYS5vcWaR2FxSSbwHecDzVu8UCtulFasTLckAJ9ypF17z35l8CcPQG4L xdhg== X-Gm-Message-State: ABuFfoi9uCyIOx1IlCUKvs7GVOVZcdeDqAnWpFYuO8reBTF0yh9QLNWw Foh+16JYjxDG7teujgiI/wT2BGL5wTc= X-Received: by 2002:a62:438f:: with SMTP id l15-v6mr12028806pfi.196.1538059262380; Thu, 27 Sep 2018 07:41:02 -0700 (PDT) Received: from ?IPv6:2601:646:c200:7429:65ac:9fec:cd12:82c1? ([2601:646:c200:7429:65ac:9fec:cd12:82c1]) by smtp.gmail.com with ESMTPSA id 203-v6sm2898779pgb.14.2018.09.27.07.41.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 27 Sep 2018 07:41:01 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: [PATCH v14 09/19] x86/mm: x86/sgx: Signal SEGV_SGXERR for #PFs w/ PF_SGX From: Andy Lutomirski X-Mailer: iPhone Mail (16A366) In-Reply-To: <20180927142158.GG8242@linux.intel.com> Date: Thu, 27 Sep 2018 07:41:00 -0700 Cc: Dave Hansen , "Christopherson, Sean J" , Andrew Lutomirski , X86 ML , Platform Driver , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, linux-sgx@vger.kernel.org, Andy Shevchenko , Dave Hansen , Peter Zijlstra , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , LKML Content-Transfer-Encoding: quoted-printable Message-Id: References: <20180925130845.9962-10-jarkko.sakkinen@linux.intel.com> <20180926173516.GA10920@linux.intel.com> <2D60780F-ADB4-48A4-AB74-15683493D369@amacapital.net> <9835e288-ba98-2f9e-ac73-504db9512bb9@intel.com> <20180926204400.GA11446@linux.intel.com> <992b1d6d-cc0f-776f-d938-2a1f7cad52c8@intel.com> <20180927142158.GG8242@linux.intel.com> To: Jarkko Sakkinen Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Sep 27, 2018, at 7:21 AM, Jarkko Sakkinen wrote: >=20 >> On Wed, Sep 26, 2018 at 03:37:45PM -0700, Andy Lutomirski wrote: >> Yeah. Maybe like this: > > xorl %eax,%eax > eenter_insn: >> ENCLU[whatever] >> eenter_landing_pad: >> ret >>=20 >> And the kernel would use the existing vdso2c vdso-symbol-finding >> mechanism to do the fixup. >>=20 >>>=20 >>> How would a syscall work, though? I assume we can't just enter the >>> enclave from ring0. >>=20 >> My understanding of how AEX works is a bit vague, but maybe a syscall >> could reuse the mechanism? The vDSO approach seems considerably >> simpler. >>=20 >> We do need to make sure that a fault that happens on or after return >> from an AEX event does the right thing. But I'm still vague on how >> that works, sigh. >>=20 >> --Andy >=20 > Returning from AEX does not differ from any other memory access event so > AFAIK it should be handled right with the proposed solution already. > For convenience I think we could have a fixed trampoline for AEX e.g. > this how it is implemented in the open source LE that I did: >=20 > sgx_get_token: > push %rbx > mov $0x02, %rax > mov %rsi, %rbx > mov %rdx, %rsi > mov $sgx_async_exit, %rcx > sgx_async_exit: > ENCLU > pop %rbx > ret >=20 > BTW, if I converted the in-kernel LE as a standalone test program, would > that be useful for basic testing of the series? >=20 >=20 Definitely. Especially if you stick it in selftests/x86 and make it exit cle= anly (error code 0) on unsupported hardware.=