Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2121663imu; Tue, 6 Nov 2018 09:21:29 -0800 (PST) X-Google-Smtp-Source: AJdET5dRSiIgRxsTZXKW7bhHUtxasDVf/NHUk/bQ5IrAS+FXxuoT/pZEYofV43/h326p4EDqF+zl X-Received: by 2002:a17:902:700b:: with SMTP id y11-v6mr906709plk.323.1541524889714; Tue, 06 Nov 2018 09:21:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1541524889; cv=none; d=google.com; s=arc-20160816; b=lRPkacrKdsRoygR321I1HnAHyTOsNQpzqXKtORcMHm9S96rPDEVqMTEg/f3Mt0T1Td rqikLfjy1LFUVcd1+6Mvtn/mIHIRdPq+ohiNK3dyi+hiJSM5wyvQ51n3bymc21O+0+fh JrnDwD394UHx/wiAJjuK16FgmkO33pgWMfR+CRafU423bmMdpBly+61Y7Yz9O8yk+55d COBuursCo/ORJGdACwkzI5h2rgPdyuJmg0L1PAmYsq6GUldEvL+4OJpLuI/7XsnNwDUw +FkOZx5cyFSEQ4W74USC+GYT+gXqcK3i+GKjZQA5k1Nl9peb+i/krOrYoBX8NpZtz0Q4 M3Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id; bh=dLiIApz0+gnMdpYgbcvc/8OnWl6dsmf4lG48/UHjTR0=; b=NG/iACmXypoTOlff0kfeYIdjdxTt4jlpWFwH4JaPIpkGnDx0X+NZAf9oLOaT08/6Px 9WUCVB+ac6Q7wGh67iI3EDJqfi/iwjj5TDz7FrIsEx1p3OGYtZa3EK/CQpvhA4MW9OBr Qy8fyCnzbtqA80PFi11/1gNeWHj38+PkjOA5/Xtxghj5OIZaF4acXZPuKrotphWe7thy 1Rl/EvmczzZKgYU4ecIt7fI2Wf5453AJs0oBdj+27MCf0XOcIh5WHa3ck/ufPJCwEIZK zzF/ztOS/CKe+9T/L4sxgISyCWdbRhTYL+HvBc3p2is0ptUUhzEOiRfI3Wvz3+HCD+zE thXg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u189-v6si50903513pfu.263.2018.11.06.09.21.13; Tue, 06 Nov 2018 09:21:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389578AbeKGCpX (ORCPT + 99 others); Tue, 6 Nov 2018 21:45:23 -0500 Received: from mga11.intel.com ([192.55.52.93]:57795 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389427AbeKGCpX (ORCPT ); Tue, 6 Nov 2018 21:45:23 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Nov 2018 09:19:11 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,472,1534834800"; d="scan'208";a="106372057" Received: from sjchrist-coffee.jf.intel.com ([10.54.74.154]) by orsmga002.jf.intel.com with ESMTP; 06 Nov 2018 09:19:10 -0800 Message-ID: <1541524750.7839.51.camel@intel.com> Subject: Re: RFC: userspace exception fixups From: Sean Christopherson To: Andy Lutomirski Cc: Andy Lutomirski , Jann Horn , Dave Hansen , Linus Torvalds , Rich Felker , Dave Hansen , Jethro Beekman , Jarkko Sakkinen , Florian Weimer , Linux API , X86 ML , linux-arch , LKML , Peter Zijlstra , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, linux-sgx@vger.kernel.org, Andy Shevchenko , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Carlos O'Donell , adhemerval.zanella@linaro.org Date: Tue, 06 Nov 2018 09:19:10 -0800 In-Reply-To: References: <20181102163034.GB7393@linux.intel.com> <7050972d-a874-dc08-3214-93e81181da60@intel.com> <20181102170627.GD7393@linux.intel.com> <20181102173350.GF7393@linux.intel.com> <20181102182712.GG7393@linux.intel.com> <20181102220437.GI7393@linux.intel.com> <1541518670.7839.31.camel@intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2018-11-06 at 08:57 -0800, Andy Lutomirski wrote: > > So I guess the non-enclave code basically can’t trust its stack pointer > because of these shenanigans. And the AEP code has to live with the fact > that its RSP is basically arbitrary and probably can’t even be unwound > by a debugger? The SDK provides a Python GDB plugin to hook into the out-call flow and do more stack shenanigans.  From what I can tell it's fudging the stack to make it look like a normal stack frame so the debugger can do it's thing. > And the EENTER code has to deal with the fact that its red zone can be > blatantly violated by the enclave? That's my understanding of things.  So yeah, if it wasn't obvious before, the trusted and untrusted parts of the SDK are very tightly coupled.