Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp4479438img; Tue, 26 Mar 2019 10:09:54 -0700 (PDT) X-Google-Smtp-Source: APXvYqwA4z5kzpO3BOPiFG3Tkzf97sC3/Lsr4qgEl8Ol14nFnltFa1jmyepl0hV+SWcUw6RXZxWd X-Received: by 2002:a65:43c3:: with SMTP id n3mr8411454pgp.375.1553620194228; Tue, 26 Mar 2019 10:09:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553620194; cv=none; d=google.com; s=arc-20160816; b=0SbvSFUWvbvleq1Og8YvVZKsaVG6dxMfM8hoJvE3JWDVfWWkCbFSrVfQ+4elkQE19M n/WPGCZjZ2AoA1itWej3UEz7LpPtOeagZFrRMHCWUfhnr1AeoZKFQuJQVaU5Om/XZYyn q+97MdDyWrPBRdPFT/B/JLEAXxtdKEVQMzsXPFSKX+faKZRP6l/QZ0HUF+DHcwnjlFuZ VNAtawh+ZdBPqE72EZ6iYCo9i0hmFNQc7/pZLB0vq/wWviMfm+dAx4RRM47EYxrmSObg EEupovZtFATXs5N24ogzZ2HolaWnjY9IfY3OQPBZNoxN1tTEEAWSUdDrNtnh51m7oHWU 6Yqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=PijTLBm2N23WMRylUMrekk14CuPBxzmLV7CzkbwjsKo=; b=lF++D0bmv35IvZljrWz10uof2m/Yu4qTyZmmlX16baX8ztv55c/BvS+PXHIhrPYrJM 7EtaTny2fAF75Ec1WWoDPFDUsGp3Z9EzduBeE4PrESqKgIU5dfk5Eh7jMD1TiqP/F96a TTNFDvagBn8J5MEtz5wBc5TsuKRrrlU7R9KbHoZqwnlsK3xeFVwgG0QB3GNRuT0KRTmA LwlOCPriguBRuVpnf8MoB3+qFoUzdVPgWPRM7hpxa059c2EgrRu/Lbg+p7ol9vgAuaFP jYzz9qbEuArkVQI8/1BWbujVn0XFPQGwtT9Pq4PVmyrFjbRAjyVa7bjnPgihx2gfpQhM /yYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=1z793o6k; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v47si3121717pgn.117.2019.03.26.10.09.39; Tue, 26 Mar 2019 10:09:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=1z793o6k; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731664AbfCZRIr (ORCPT + 99 others); Tue, 26 Mar 2019 13:08:47 -0400 Received: from mail.kernel.org ([198.145.29.99]:54738 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726278AbfCZRIq (ORCPT ); Tue, 26 Mar 2019 13:08:46 -0400 Received: from mail-wr1-f51.google.com (mail-wr1-f51.google.com [209.85.221.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E68BC20879 for ; Tue, 26 Mar 2019 17:08:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1553620125; bh=fnmB69yMKqMc+7KaVc4Qf/jiOL8ofWqwpwaUEsDlxdM=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=1z793o6kBznOuMvG1VODLsDenbvcNxaMmPpkkwB1Tj3T7YlGV8T30Hq0TK1+Bvfyr IKOqiMuj8qqmdyNrt2wRX2WCG3QNJinTIk3G+Ewij3Kh6xDYJzLsX0y+pVjIgXeoN2 /g+eZNCZh7jLZ1sr46YHSBpDeVejnxZ87Q428V3c= Received: by mail-wr1-f51.google.com with SMTP id q1so15310894wrp.0 for ; Tue, 26 Mar 2019 10:08:44 -0700 (PDT) X-Gm-Message-State: APjAAAVy/MijKns7y0wXf+GE3YE6xGAIRMolORmTO8zKfXyc5ZL1B3U+ 5SWl2J0VtT4FKkYjVAeZTvQltld+z/QSMOwxBuhngQ== X-Received: by 2002:adf:f011:: with SMTP id j17mr18108124wro.330.1553620123457; Tue, 26 Mar 2019 10:08:43 -0700 (PDT) MIME-Version: 1.0 References: <20190320162119.4469-1-jarkko.sakkinen@linux.intel.com> <20190320162119.4469-25-jarkko.sakkinen@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85C484@ORSMSX116.amr.corp.intel.com> <20190320191318.GF30469@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85C5AB@ORSMSX116.amr.corp.intel.com> <20190322215903.GE12666@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85E481@ORSMSX116.amr.corp.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85E989@ORSMSX116.amr.corp.intel.com> <20190325180349.GF31069@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85FABF@ORSMSX116.amr.corp.intel.com> In-Reply-To: <960B34DE67B9E140824F1DCDEC400C0F4E85FABF@ORSMSX116.amr.corp.intel.com> From: Andy Lutomirski Date: Tue, 26 Mar 2019 10:08:31 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v19,RESEND 24/27] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions To: "Xing, Cedric" Cc: Andy Lutomirski , "Christopherson, Sean J" , Jarkko Sakkinen , "linux-kernel@vger.kernel.org" , "x86@kernel.org" , "linux-sgx@vger.kernel.org" , "akpm@linux-foundation.org" , "Hansen, Dave" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , "andriy.shevchenko@linux.intel.com" , "tglx@linutronix.de" , "Svahn, Kai" , "bp@alien8.de" , "josh@joshtriplett.org" , "Huang, Kai" , "rientjes@google.com" , Dave Hansen , Haitao Huang , Jethro Beekman , "Dr . Greg Wettstein" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 25, 2019 at 9:53 PM Xing, Cedric wrote: > > > On Mon, Mar 25, 2019 at 11:03 AM Sean Christopherson > > wrote: > > > > > > On Sun, Mar 24, 2019 at 01:59:48AM -0700, Xing, Cedric wrote: > > > > As said in my previous email, this vDSO API isn't even compliant to > > > > x86_64 ABI and is absolutely NOT for average developers. Instead, > > > > host/enclave communications are expected to be handled by SDKs and > > > > those developers will be very aware of the limitations of their > > > > targeted environments, and will need the freedom to deploy optimal > > solutions. > > > > > I fully realize that the above approach saddles Cedric and the SDK > > > team with the extra task of justifying the need for two vDSO > > > interfaces, and likely reduces the probability of their proposal bein= g > > > accepted. But, we don't *force* the SDK to be rewritten, and we gain > > > a vDSO interface that many people want and is acceptable to the > > > maintainers (unless I've horribly misread Andy's position). > > > > I don't think you've horribly misread it. I would like to keep the > > stuff in the vDSO as minimal as possible. If we need to add a fancier > > interface down the line, then that's fine. > > Andy, I don't know "many people" is how many in Sean's email. I couldn't = tell you how long it took us to settle on the current SGX ISA because you w= ould just LAUGH! Why? Because it took insanely ridiculously long. Why that = long? Because the h/w and u-code teams would like to trim down the ISA as m= uch as possible. The fact is, whatever new is released, Intel will have to = maintain it on all future processors FOREVER! That means significant/on-goi= ng cost to Intel. So any addition to ISA has to undergo extensive reviews t= hat involve all kinds of experts from both within Intel and externally, and= would usually take years, before you can see what you are seeing today. As= I said in my earlier emails, RBP is NOT needed for interrupt/exception han= dlers, then how did RBP end up being restored at AEX? You can guess how man= y people were standing behind it! Sean has no clue! I can assure you! > > Guess we've talked enough on the technical front. So let's talk about it = on the business front. Let me take a step back. Let's say you are right, al= l enclaves would eventually be coded in the way you want. We (Intel SDK tea= m) were convinced to follow your approach. But there were existing enclaves= and a migration path would be needed. Would you like to support us? It'd b= e only 9 LOC on your side but how much would incur on our side? If you beli= eve you are doing right thing, then acceptance is the next thing you should= think of. You should offer an easy path for those who did "wrong" to get o= n your "right" boat. Don't you think so? > I suppose the real question is: are there a significant number of users who will want to run enclaves created using an old SDK on Linux? And will there actually be support for doing this in the software stack? If the answer to both questions is yes, then it seems like it could be reasonable to support it in the vDSO. But I still think it should probably be a different vDSO entry point so that the normal case doesn't become more complicated.