Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp4206104yba; Tue, 23 Apr 2019 17:28:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqxDazLGt9MNP3UbjdYO7NshhKqsPLE3wufQvurZoics/IlcwzrKKgxx2E18/M25a8vpaDcu X-Received: by 2002:a65:5009:: with SMTP id f9mr27409487pgo.390.1556065704149; Tue, 23 Apr 2019 17:28:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556065704; cv=none; d=google.com; s=arc-20160816; b=rpOITxmb3v2nobOcAM+WgyKKHgdfb76hRCvIM/1PQWuV2T0W1Cth3M6HBZndgU7aWc UD8cvT1Y6/9ejuhSoHNNXWTcNFHJsgSIsYQ8v7zENK36pTrlbbsXVwVkr+VuV+42l/hF 5gfZ9VXoieOFhbtmm9SBBRTKb1JKZrJKdsYjQTBiQx5qDmeCaneiDy18XMmOz79mlPQ2 YmGgksmj8/NxXKSKeloVIHZkq4GRSIJdkr7+/ejWx5sLz7oaq4jd77P6Tf4poU6VBGa8 OD0Ri+SRdz+/zbEAhKG1XlPpRim7z26kNBR9+2ZijBSoqZEPA1Kmphvf7Oil/j0D9n5k FzIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=oSrNsJV7DWXfDZLQSIZFLivePD8u8bbfXxOrCNZodB8=; b=u3tQRVJ3fg8Hf37kIaqa/vd/mAV4XNWGjxqgF4nVrgMsWmYe9EVjZxJlxvKjagn5D7 cgzwkbfR2OJxQB7q8ZJOXWjbcr2M6E3e0vo1onVYHUEiD67U334dX+ne2uX9MpQptRSR /aF6K2kJ5wodYku2DQy2qpDo+7KvlQB+MT30qUo7QH2/eHUuivsnahNR9NNMqLOt6H6i 91Kd1Ti0A0TSSSrKPOeQl+b5+nON990sBiQHE0VkVZ0mYzV7IRha9QR3h8a1Jh/W/Tok L19N/WBTUYhuisdIdoIrHVd0CMSVBamPoYdn1j15n/Q9Ej7YtmNOka1iWI944FMEOJ4e 9mWg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5si17060975plk.328.2019.04.23.17.28.08; Tue, 23 Apr 2019 17:28:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728729AbfDXA0z (ORCPT + 99 others); Tue, 23 Apr 2019 20:26:55 -0400 Received: from mga12.intel.com ([192.55.52.136]:57120 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726339AbfDXA0z (ORCPT ); Tue, 23 Apr 2019 20:26:55 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Apr 2019 17:26:54 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,387,1549958400"; d="scan'208";a="164464910" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.181]) by fmsmga004.fm.intel.com with ESMTP; 23 Apr 2019 17:26:53 -0700 Date: Tue, 23 Apr 2019 17:26:53 -0700 From: Sean Christopherson To: Jethro Beekman Cc: Jarkko Sakkinen , "linux-kernel@vger.kernel.org" , "x86@kernel.org" , "linux-sgx@vger.kernel.org" , "akpm@linux-foundation.org" , "dave.hansen@intel.com" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "serge.ayoun@intel.com" , "shay.katz-zamir@intel.com" , "haitao.huang@intel.com" , "andriy.shevchenko@linux.intel.com" , "tglx@linutronix.de" , "kai.svahn@intel.com" , "bp@alien8.de" , "josh@joshtriplett.org" , "luto@kernel.org" , "kai.huang@intel.com" , "rientjes@google.com" Subject: Re: [PATCH v20 15/28] x86/sgx: Add the Linux SGX Enclave Driver Message-ID: <20190424002653.GB14422@linux.intel.com> References: <20190417103938.7762-1-jarkko.sakkinen@linux.intel.com> <20190417103938.7762-16-jarkko.sakkinen@linux.intel.com> <20190422215831.GL1236@linux.intel.com> <6dd981a7-0e38-1273-45c1-b2c0d8bf6fed@fortanix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6dd981a7-0e38-1273-45c1-b2c0d8bf6fed@fortanix.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 23, 2019 at 11:29:24PM +0000, Jethro Beekman wrote: > On 2019-04-22 14:58, Sean Christopherson wrote: > >+Cc Jethro > > > >On Wed, Apr 17, 2019 at 01:39:25PM +0300, Jarkko Sakkinen wrote: > >>Intel Software Guard eXtensions (SGX) is a set of CPU instructions that > >>can be used by applications to set aside private regions of code and > >>data. The code outside the enclave is disallowed to access the memory > >>inside the enclave by the CPU access control. > >> > >>This commit adds the Linux SGX Enclave Driver that provides an ioctl API > >>to manage enclaves. The address range for an enclave, commonly referred > >>as ELRANGE in the documentation (e.g. Intel SDM), is reserved with > >>mmap() against /dev/sgx/enclave. After that a set ioctls is used to > >>build the enclave to the ELRANGE. > >> > >>Signed-off-by: Jarkko Sakkinen > >>Co-developed-by: Sean Christopherson > >>Signed-off-by: Sean Christopherson > >>Co-developed-by: Serge Ayoun > >>Signed-off-by: Serge Ayoun > >>Co-developed-by: Shay Katz-zamir > >>Signed-off-by: Shay Katz-zamir > >>Co-developed-by: Suresh Siddha > >>Signed-off-by: Suresh Siddha > >>--- > > > >... > > > >>+#ifdef CONFIG_ACPI > >>+static struct acpi_device_id sgx_device_ids[] = { > >>+ {"INT0E0C", 0}, > >>+ {"", 0}, > >>+}; > >>+MODULE_DEVICE_TABLE(acpi, sgx_device_ids); > >>+#endif > >>+ > >>+static struct platform_driver sgx_drv = { > >>+ .probe = sgx_drv_probe, > >>+ .remove = sgx_drv_remove, > >>+ .driver = { > >>+ .name = "sgx", > >>+ .acpi_match_table = ACPI_PTR(sgx_device_ids), > >>+ }, > >>+}; > > > >Where do we stand on removing the ACPI and platform_driver dependencies? > >Can we get rid of them sooner rather than later? > > You know my position on this... > https://www.spinics.net/lists/linux-sgx/msg00624.html . I don't really have > any new arguments. > > Considering the amount of planned changes for the driver post-merge, I think > it's crucial that the driver part can be swapped out with alternative > implementations. This gets far outside of my area of expertise as I think this is more of a policy question as opposed to a technical question, e.g. do we export function simply to allow out-of-tree alternatives. > >Now that the core SGX code is approaching stability, I'd like to start > >sending RFCs for the EPC virtualization and KVM bits to hash out that side > >of things. The ACPI crud is the last chunk of code that would require > >non-trivial changes to the core SGX code for the proposed virtualization > >implementation. I'd strongly prefer to get it out of the way before > >sending the KVM RFCs. > > What kind of changes? Wouldn't KVM just be another consumer of the same API > used by the driver? Nope, userspace "only" needs to be able to mmap() arbitrary chunks of EPC. Except for EPC management, which is already in built into the kernel, the EPC virtualization code has effectively zero overlap with the driver. Of course this is all technically speculative since none of this is upstream...