Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1016458ybz; Sat, 25 Apr 2020 09:07:52 -0700 (PDT) X-Google-Smtp-Source: APiQypLLyV17g3rVtiKKimJIf6bpEjtQGWklWCvsH0BH3xF0SU75WpJnnsqx0XDK6jdtE3JKKvDI X-Received: by 2002:a17:906:af6f:: with SMTP id os15mr12473177ejb.78.1587830871913; Sat, 25 Apr 2020 09:07:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587830871; cv=none; d=google.com; s=arc-20160816; b=IZ+/rCDPwlkq9uLa2CoMZQw4xuVneduggmYXe0JAK0CS86LkmDHsCjZh259JI7fXoo mLkoP+HnhZ8thV6LbVZvPId1iWVET6ZDeireJQCDhprbc9LleIf6dE/tM/HKZsDy2Rp0 b1AKp4DP+vxD/PSxHdJBi0eROgSPwyhIZpQFzw3c2cja5lval/GJxZsKh/wy2T+D/Uk6 Ygszox0lL4Pw6KXziHodEeNjQccd0S9NTvYXajJQnenFBuimLby7vDBo4YzyWXD10Nyp ETtQRKfZ9gZKFvMip9H6pjp7MkyEIDu/CjQA6JKlLH9S3UG8oksY+E5csEdhj9JI2wG4 01rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=xrOeXcOZqBMJ5lhnZJFD0uuCM8TXUygNv7A1BN4CiBk=; b=LkljF8lW7y2944BVIdIUpjpxZg9jtR3FMZwLrf8NAq4sDqcSwFKyDyDHkXVllki9no Bt7IphASI3BbU/vIlHr4a3mDi3M53k9nxzBtMpSEf2bip0tLFHhzoAfND0W82WZHMIqp 4vhLqyqZ4GMrEBHbdEtT/GP/NtX5TWVIREpfUJKVg4Z0IPWOgRwwnSH++bxB1E3ci2q6 ZOofRxVb/kLwTbCWiOmzcyUgaJ0udU1hr0RUf+GBPwumJGl6VtJVy1OhtKLba50sEySR OP/UgjeHaerNrYymCH7wEmOpWD6wakPDHdFa2Bv/mE92IUgRXXCzhzrj/8jNnGbeHD8c JSWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DKJoCL5v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ca19si5776837edb.334.2020.04.25.09.07.28; Sat, 25 Apr 2020 09:07:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=DKJoCL5v; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726076AbgDYQFg (ORCPT + 99 others); Sat, 25 Apr 2020 12:05:36 -0400 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:31765 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726112AbgDYQFf (ORCPT ); Sat, 25 Apr 2020 12:05:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1587830733; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xrOeXcOZqBMJ5lhnZJFD0uuCM8TXUygNv7A1BN4CiBk=; b=DKJoCL5vlVmJIfmBnEIShQ6mLc9XvTzR6SKKa22smTuXDgSQnV2cBaCL93Zsw4y7xs1/DS e2ySnBRRRXKsP39Folxk7KPpm90tGkvYWGEmMSsazmbztmzYoQfRHCwhLO4G1z2EVfU8qW 9kXMLrOIbDTsHHGi0RkUd47U4Tn5WQU= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-76-G5qncL3wN66ZV9_PWRadWg-1; Sat, 25 Apr 2020 12:05:32 -0400 X-MC-Unique: G5qncL3wN66ZV9_PWRadWg-1 Received: by mail-wm1-f69.google.com with SMTP id f17so6096643wmm.5 for ; Sat, 25 Apr 2020 09:05:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=xrOeXcOZqBMJ5lhnZJFD0uuCM8TXUygNv7A1BN4CiBk=; b=WYM/XG1UQzW0Dr9qooYc1dJla+ioTMVmP0kNI8v27WB6tI2OzKzfRq9LvBlIpuwQIA DhhgD47xMVSprYwa0qrKT+IcZNgBpD6+jznDgbAdpg8Umo0NvpUq7aBdDE0m2gy7gySc 3MCXRBEpgW2XqSW9xLzJe4rX1K96P5WW1fB9gGEHu0tkLy3tyX4eUUjwajoaNqoI1ayF 1O1QoKa3M1Kx0EWEzQobfzxle8UiRHuQqqknMcKs4vJFNg5Aj2NLlJKxbbAzAEtU8ETR 8QhEuUECCXhakNE+IHOD0wU5DtijfOa8hHZiHkx+fKYrZ3HOgimXkgaS5tO83MxEh/gU OKUQ== X-Gm-Message-State: AGi0PuZ/59VOv42z6fPIltiHMmp1LaruVutDuwTGpU9UB4lHMlSeWud4 4B0JsKPuLquZn73De9xIUeaa4hWApKIg1giygckaeH5q/oBp5tgRh43NQvYTLO770RfTN7Yz2+5 ZUnZM8BJEA3ZpJbpy+AzG/Jrd X-Received: by 2002:a5d:6b8a:: with SMTP id n10mr17218851wrx.36.1587830729828; Sat, 25 Apr 2020 09:05:29 -0700 (PDT) X-Received: by 2002:a5d:6b8a:: with SMTP id n10mr17218823wrx.36.1587830729566; Sat, 25 Apr 2020 09:05:29 -0700 (PDT) Received: from [192.168.10.150] ([93.56.170.5]) by smtp.gmail.com with ESMTPSA id v131sm7961138wmb.19.2020.04.25.09.05.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 25 Apr 2020 09:05:28 -0700 (PDT) Subject: Re: [PATCH v1 00/15] Add support for Nitro Enclaves To: Alexander Graf , "Paraschiv, Andra-Irina" , linux-kernel@vger.kernel.org Cc: Anthony Liguori , Benjamin Herrenschmidt , Colm MacCarthaigh , Bjoern Doebel , David Woodhouse , Frank van der Linden , Martin Pohlack , Matt Wilson , Balbir Singh , Stewart Smith , Uwe Dannowski , kvm@vger.kernel.org, ne-devel-upstream@amazon.com References: <20200421184150.68011-1-andraprs@amazon.com> <18406322-dc58-9b59-3f94-88e6b638fe65@redhat.com> <2a4a15c5-7adb-c574-d558-7540b95e2139@redhat.com> <1ee5958d-e13e-5175-faf7-a1074bd9846d@amazon.com> <80489572-72a1-dbe7-5306-60799711dae0@amazon.com> <0467ce02-92f3-8456-2727-c4905c98c307@redhat.com> <5f8de7da-9d5c-0115-04b5-9f08be0b34b0@amazon.com> <095e3e9d-c9e5-61d0-cdfc-2bb099f02932@redhat.com> <602565db-d9a6-149a-0e1a-fe9c14a90ce7@amazon.com> From: Paolo Bonzini Message-ID: Date: Sat, 25 Apr 2020 18:05:27 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <602565db-d9a6-149a-0e1a-fe9c14a90ce7@amazon.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 24/04/20 21:11, Alexander Graf wrote: > What I was saying above is that maybe code is easier to transfer that > than a .txt file that gets lost somewhere in the Documentation directory > :). whynotboth.jpg :D >>> To answer the question though, the target file is in a newly invented >>> file format called "EIF" and it needs to be loaded at offset 0x800000 of >>> the address space donated to the enclave. >> >> What is this EIF? > > It's just a very dumb container format that has a trivial header, a > section with the bzImage and one to many sections of initramfs. > > As mentioned earlier in this thread, it really is just "-kernel" and > "-initrd", packed into a single binary for transmission to the host. Okay, got it. So, correct me if this is wrong, the information that is needed to boot the enclave is: * the kernel, in bzImage format * the initrd * a consecutive amount of memory, to be mapped with KVM_SET_USER_MEMORY_REGION Off list, Alex and I discussed having a struct that points to kernel and initrd off enclave memory, and have the driver build EIF at the appropriate point in enclave memory (the 8 MiB ofset that you mentioned). This however has two disadvantages: 1) having the kernel and initrd loaded by the parent VM in enclave memory has the advantage that you save memory outside the enclave memory for something that is only needed inside the enclave 2) it is less extensible (what if you want to use PVH in the future for example) and puts in the driver policy that should be in userspace. So why not just start running the enclave at 0xfffffff0 in real mode? Yes everybody hates it, but that's what OSes are written against. In the simplest example, the parent enclave can load bzImage and initrd at 0x10000 and place firmware tables (MPTable and DMI) somewhere at 0xf0000; the firmware would just be a few movs to segment registers followed by a long jmp. If you want to keep EIF, we measured in QEMU that there is no measurable difference between loading the kernel in the host and doing it in the guest, so Amazon could provide an EIF loader stub at 0xfffffff0 for backwards compatibility. >> Again, I cannot provide a sensible review without explaining how to use >> all this.  I understand that Amazon needs to do part of the design >> behind closed doors, but this seems to have the resulted in issues that >> reminds me of Intel's SGX misadventures. If Amazon has designed NE in a >> way that is incompatible with open standards, it's up to Amazon to fix > > Oh, if there's anything that conflicts with open standards here, I would > love to hear it immediately. I do not believe in security by obscurity  :). That's great to hear! Paolo