Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2460475imu; Fri, 14 Dec 2018 11:21:46 -0800 (PST) X-Google-Smtp-Source: AFSGD/VmRcQ9KbXfIJZT+zP7rIXwd1fURX7U8CbwBS4tT8eqolCYXBGclz7isuAGGyqdgpoFHYn6 X-Received: by 2002:a62:178f:: with SMTP id 137mr3921974pfx.226.1544815306312; Fri, 14 Dec 2018 11:21:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544815306; cv=none; d=google.com; s=arc-20160816; b=YyzdJviUCZoAtouOaOEyFGSNiDYtqXBJZkIaJMgPT2mcq2fsYg2QqfLvyEkrE5Znb0 KJo2ickm5XXIS6CRK6jdsHpV4eYMYbt4s1XWSV0z56isi3EnLPAtdXowkWBwzGFBfndW EcCh8fBLQheWC5bhrSTY9y6I5mpYjMjeI3IRLgkXypKQxp+oejAKaMy9ApErbplhsirc 6/M3Zoxo/ZHizZNfzWREhOd6M/vgCmTm1QT/J6sMC2RhncBMzV4SG7VmIotd+z1iK8KO UnlOh/wrbnqM4jWd5gbEiK/QZLVp1PjEWjCigSc4l5T8b9gcKBPHnF9RWMT+jh52iaou OpYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=M5NXO2SVHvJwln6IKa3wbJmNbJVXwLNI7imD9Kq/R/I=; b=HtVd6FHag0vKKXwDvffMuYAHX7Qhlc4GvDLVkYp3n0x9mi39TmsvaZMmKni/7VPjKl 2vgezHu93ltAzRvteOerNcq3If1Lv41viWMPinSQan9Hdt9kLdIJssdBbUxi0E+vg/ev smEa+dDTgCzTAt5efDlKTWY7sMZhIrqpHRgWYQPcSLTq7ZN1YIth0sGP4CSI73wA/3dM 5md9zadopCQyw2PE/Xr/5TZauWfCkRDg67VG1mVjxapyhhxA6BWa8dfDWrkDVGNmS5IV CYvnAOvlXCRjthF3Bel2j6U4C5xL8KeIqTduGkeFNwtmgrW1ssYxkVFLMs3+z3cztbVW V2eg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a2si4697101pgm.154.2018.12.14.11.21.30; Fri, 14 Dec 2018 11:21:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730653AbeLNTUK (ORCPT + 99 others); Fri, 14 Dec 2018 14:20:10 -0500 Received: from mga04.intel.com ([192.55.52.120]:57754 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730414AbeLNTUK (ORCPT ); Fri, 14 Dec 2018 14:20:10 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Dec 2018 11:20:09 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,354,1539673200"; d="scan'208";a="118898537" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.154]) by orsmga001.jf.intel.com with ESMTP; 14 Dec 2018 11:20:09 -0800 Date: Fri, 14 Dec 2018 11:20:09 -0800 From: Sean Christopherson To: Andy Lutomirski Cc: Jethro Beekman , Andy Lutomirski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "x86@kernel.org" , Dave Hansen , Peter Zijlstra , Jarkko Sakkinen , "H. Peter Anvin" , "linux-kernel@vger.kernel.org" , "linux-sgx@vger.kernel.org" , Josh Triplett , Haitao Huang , "Dr . Greg Wettstein" Subject: Re: [RFC PATCH v4 5/5] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions Message-ID: <20181214192009.GE22063@linux.intel.com> References: <20181213213135.12913-1-sean.j.christopherson@intel.com> <20181213213135.12913-6-sean.j.christopherson@intel.com> <20181214151204.GA22063@linux.intel.com> <20181214153830.GB22063@linux.intel.com> <20181214170310.GC22063@linux.intel.com> <90D05734-1583-4306-A9A4-18E4A1390F3B@amacapital.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <90D05734-1583-4306-A9A4-18E4A1390F3B@amacapital.net> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 14, 2018 at 10:44:10AM -0800, Andy Lutomirski wrote: > > > On Dec 14, 2018, at 9:03 AM, Sean Christopherson wrote: > > > > .pushsection .fixup, "ax" > > 2: pop %rcx > > test %rcx, %rcx > > je 3f > > > > mov %eax, EX_LEAF(%rcx) > > mov %di, EX_TRAPNR(%rcx) > > mov %si, EX_ERROR_CODE(%rcx) > > mov %rdx, EX_ADDRESS(%rcx) > > 3: mov $(-EFAULT), %rax > > ret > > I’m not totally sold on -EFAULT as the error code. That usually > indicates a bad pointer. I’m not sure I have a better suggestion. Hmm, one idea would be to return positive signal numbers, e.g. SIGILL for #UD. I don't like that approach though as it adds a fair amount of code to the fixup handler for dubious value, e.g. userspace would still need to check the exception error code to determine if the EPC is lost. And we'd have to update the vDSO if a new exception and/or signal was added, e.g. #CP for CET. Encapsulating "you faulted" in a single error code seems cleaner for both kernel and userspace code, and -EFAULT makes that pretty obvious even though we're bastardizing its meaning a bit. In general, I'd prefer to return only 0 or negative values so that userspace can easily merge in their own (positive value) error codes from the enclave, e.g. in the vDSO wrapper: /* Enclave's return value is in RDI, overwrite RAX on success */ test %rax, %rax cmove %rdi, %rax ret