Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2195545imu; Fri, 14 Dec 2018 07:15:35 -0800 (PST) X-Google-Smtp-Source: AFSGD/WnwUv7QuExSA6dOBM2pwfNDUseJt5XNv0yP1jrKI4+6RMj+qfEQJx5cay49IW2rm6aQhdb X-Received: by 2002:a65:4381:: with SMTP id m1mr3022231pgp.358.1544800535482; Fri, 14 Dec 2018 07:15:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544800535; cv=none; d=google.com; s=arc-20160816; b=HYLETqPTfGj4az0T2pKhVvRZ32MR3OL35Xmj78t96NbPGlCmNnVUm5afM8Q1cUhHV5 mdui3rcG4PXd4G+ljHvojJ/DRsBatHiN6svBLMDBoF4ZlEBhZmHEzXoVogGJmaMtCLOl mizZ8Ybe3/2EwW7HXftIWShhOCrZtygmfAVIUlYndFzQDPYQob3UbAwj4f/XUP78nIQ0 cxWq+rCgvFV4hvXQ/krK5vc9xF6t91qLfHUAZD2u3kBvwwv1rghKaPGqwNGUczn+fDyf ubBbbevVUC4G/Nh5KDT4s6dFujNmxBRdPLat/i/7dVukyiYJW+plwqfxuIkbUlGXbk8R 2YtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=7vDGkbbLPxqEuX8Ygv6n12U1kdcc+hgGeAZqB74LYP8=; b=eFWUkEacd5kIy5bjvB5pLxUdk3fjllvLoVPkopCwneGDBKO3jlMliHnMYbZph6b5Zt kazSHjgH47OZBKmupirqzvBIrWmpkghbH8xqNOaYI2Idbl3Z9OTObulfn5RfiNV1zmTC t5C3Edqc86qnmkcI4zUgKB3HKeEqrUIZ7gQi3bHVW09lI7XAVT3pgPSTAHthKaw0YXtp ZjliD5T0nMsrlOMXl8LU3qdVLGSW5KDG2eLlG8sunXdAfCZhq7ByWdNNVQ3KkQPpTDL2 7hcfd0bEmYGnAQNgLy6ygmX7Yhi5hS7DEiRdRoW9v4ikGf206ozQNXKPOfzX9TSEAHRO V7LA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k189si4117933pgd.589.2018.12.14.07.15.12; Fri, 14 Dec 2018 07:15:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730393AbeLNPMG (ORCPT + 99 others); Fri, 14 Dec 2018 10:12:06 -0500 Received: from mga02.intel.com ([134.134.136.20]:20686 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730324AbeLNPMG (ORCPT ); Fri, 14 Dec 2018 10:12:06 -0500 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Dec 2018 07:12:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,353,1539673200"; d="scan'208";a="109538652" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.154]) by fmsmga008.fm.intel.com with ESMTP; 14 Dec 2018 07:12:04 -0800 Date: Fri, 14 Dec 2018 07:12:04 -0800 From: Sean Christopherson To: Jethro Beekman Cc: Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "x86@kernel.org" , Dave Hansen , Peter Zijlstra , Jarkko Sakkinen , "H. Peter Anvin" , "linux-kernel@vger.kernel.org" , "linux-sgx@vger.kernel.org" , Andy Lutomirski , Josh Triplett , Haitao Huang , "Dr . Greg Wettstein" Subject: Re: [RFC PATCH v4 5/5] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions Message-ID: <20181214151204.GA22063@linux.intel.com> References: <20181213213135.12913-1-sean.j.christopherson@intel.com> <20181213213135.12913-6-sean.j.christopherson@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 14, 2018 at 09:55:49AM +0000, Jethro Beekman wrote: > On 2018-12-14 03:01, Sean Christopherson wrote: > >+struct sgx_enclave_regs { > >+ __u64 rdi; > >+ __u64 rsi; > >+ __u64 rdx; > >+ __u64 r8; > >+ __u64 r9; > >+ __u64 r10; > >+}; > > This is fine, but why not just cover all 13 normal registers that are not > used by SGX? Trying to balance flexibility/usability with unecessary overhead. And I think this ABI meshes well with the idea of requiring the enclave to be compliant with the x86-64 ABI (see below). > Minor comments below. > > >+/** > >+ * struct sgx_enclave_exception - structure to pass register in/out of enclave > > Typo in struct name. Doh, thanks. > >+ * by way of __vdso_sgx_enter_enclave > >+ * > >+ * @rdi: value of %rdi, loaded/saved on enter/exit > >+ * @rsi: value of %rsi, loaded/saved on enter/exit > >+ * @rdx: value of %rdx, loaded/saved on enter/exit > >+ * @r8: value of %r8, loaded/saved on enter/exit > >+ * @r9: value of %r9, loaded/saved on enter/exit > >+ * @r10: value of %r10, loaded/saved on enter/exit > >+ */ > > >+ /* load leaf, TCS and AEP for ENCLU */ > >+ mov %edi, %eax > >+ mov %rsi, %rbx > >+ lea 1f(%rip), %rcx > > If you move this below the jump, you can use %rcx for @regs EDI needs to be moved to EAX before it is potentially overwritten below and I wanted the loading of the three registers used by hardware grouped together. And IMO using the same register for accessing the structs in all flows improves readability. > >+ > >+ /* optionally copy @regs to registers */ > >+ test %rdx, %rdx > >+ je 1f > >+ > >+ mov %rdx, %r11 > >+ mov RDI(%r11), %rdi > >+ mov RSI(%r11), %rsi > >+ mov RDX(%r11), %rdx > >+ mov R8(%r11), %r8 > >+ mov R9(%r11), %r9 > >+ mov R10(%r11), %r10 > >+ > >+1: enclu > >+ > >+ /* ret = 0 */ > >+ xor %eax, %eax > >+ > >+ /* optionally copy registers to @regs */ > >+ mov -0x8(%rsp), %r11 > >+ test %r11, %r11 > >+ je 2f > >+ > >+ mov %rdi, RDI(%r11) > >+ mov %rsi, RSI(%r11) > >+ mov %rdx, RDX(%r11) > >+ mov %r8, R8(%r11) > >+ mov %r9, R9(%r11) > >+ mov %r10, R10(%r11) > > Here you can use %rax for @regs and clear it at the end. Clearing RAX early avoids the use of another label, though obviously that's not exactly critical. The comment about using the same register for accessing structs applies here as well. > >+2: pop %rbx > >+ pop %r12 > >+ pop %r13 > >+ pop %r14 > >+ pop %r15 > >+ pop %rbp > >+ ret > > x86-64 ABI requires that you call CLD here (enclave may set it). Ugh. Technically MXCSR and the x87 CW also need to be preserved. What if rather than treating the enclave as hostile we require it to be compliant with the x86-64 ABI like any other function? That would solve the EFLAGS.DF, MXCSR and x87 issues without adding unnecessary overhead. And we wouldn't have to save/restore R12-R15. It'd mean we couldn't use the stack's red zone to hold @regs and @e, but that's poor form anyways. > > -- > Jethro Beekman | Fortanix >