Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp2698734ybz; Mon, 27 Apr 2020 02:51:17 -0700 (PDT) X-Google-Smtp-Source: APiQypJHQk/VMNVZlV56/S6M8cn2quqLO4ScdaAh/8pvRdSSzlt29LDWsCkmvR+2o5EE2vJaoX5i X-Received: by 2002:a17:906:551:: with SMTP id k17mr19177896eja.350.1587981077409; Mon, 27 Apr 2020 02:51:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587981077; cv=none; d=google.com; s=arc-20160816; b=k94bqICFJOFGcUriMciOduZX1dv+ziYMkxIC8JdmyexmYo6/x82FCSV8hvUhSxxaoN /Jy0ZcIIq4JIIoyYx55havXlc/FCC2FPhZQ5cR/5HHsMZa63yrLR3CQU0OhFWYUwF80P sRe3abkxKMnoLofpNkPtitnWTz8HtUqlTdWshkSQQyiNycDYiePBLmrTfSImUk0Vq8/n 0pIVwWgsSvpfWc145cyy7VjfI6nw0GeICd3mRdhqOcvZEoj7iVoisSISnbw58O7KXg1+ P1+B617atcviAdaU0X6JgNM8b5esKKUbcPuh7HuvhG1p4Q+AFoIa9RTwLGKijzCIuaC3 3O0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=qLuzVeIGtHjNnvhWI7G809z76fTCxCvUxioh1QTBMgc=; b=KNWC8y5jMcVQ2hscxCJZjfF+SXcOOeVubg/4b669yFBK0D6fvSAAEWGNiFoagbiwvh RpXW9MHEPXtsha4wnuHe90J5j/rtlONCbS20kyv8lpfbbVG5K2zxkYY3dlJrzxg6ZS1i 9A1VrjYdFGeH8C14pZk97SYKIpG0MA4QTSM2khHuRz9Xu9S2COiWvPn49+rstMB5mYzN ka5Vpb5uVZKHyrPv8U8naTyXZpGu5A2hZ1S/i7RDLb4n4BW7p13Nxh2dlE1jJhSNa6cZ +3XkwqjYOsPd2gvvpdKqfshXhXyyTakUgiOxksZo0G6P+vLfDCMdYPQCMcipUEWmuewV a3DQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FYefhIan; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s16si8294380ejr.170.2020.04.27.02.50.54; Mon, 27 Apr 2020 02:51:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FYefhIan; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726949AbgD0JtP (ORCPT + 99 others); Mon, 27 Apr 2020 05:49:15 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:54308 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726349AbgD0JtO (ORCPT ); Mon, 27 Apr 2020 05:49:14 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1587980953; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qLuzVeIGtHjNnvhWI7G809z76fTCxCvUxioh1QTBMgc=; b=FYefhIan+SRhLZQI5L60x5FZRF49LfqtWtf+tKfwLFOIWOKkAL11yrgGyoPGu54/LsBteX h0mLHkwPNHLDRWfhyj+UDkXPlaDPm/aH6Y23H6HcsNgFul/oKjFBKdT8jfOeSpSZAe1Lg8 d6bQPBd4l62gHnwstIdyUbJnNS9958U= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-512-WBwc64CSMJuM0TqGEqGQww-1; Mon, 27 Apr 2020 05:49:09 -0400 X-MC-Unique: WBwc64CSMJuM0TqGEqGQww-1 Received: by mail-wr1-f71.google.com with SMTP id r11so10247574wrx.21 for ; Mon, 27 Apr 2020 02:49:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=qLuzVeIGtHjNnvhWI7G809z76fTCxCvUxioh1QTBMgc=; b=ZrBPUfga0NQJ8CyeEH5R0RA+8Ef8kO592rW7I7nyRQVigrqCcO7HHXiQx8bCvRhPwT QbUDsrqiDZaMxU8fkQMD1ftzb583/FEm8TseKV0BBqWxK5iuiA0pwbGP2m/X0iYHrPK1 JRFB/6LTq8pUYS92xaPWXKO2u155/hiWJJR75mD7kXg2R0bwR/Dx1oZmZxcDGEybpvav +UHaveUs2/LgVVJlSkT+Gedn51p0zz7BFxSIdHcfIUlaBhIXA00PVvUJ9ne2szGRM0U1 KLXuRA/c4PcTCLu+3hxpUpVBXtdUqDlBpj3PTDhmD2XXXUHHBb/lp0zgYNlYsaF1nMNf EW0g== X-Gm-Message-State: AGi0PubB8QQpBuG+2cFZdvSbjdadM4/3Vy0Z5F5sWWLiPV0W9++SsN19 k0eB2yG3M0hS5HmV8EUwksAPL5fk3BiOrQCOLaE7ZtyqX5BeGQuPux+B/geYneDE28cpfYrBptz BD/cB++RoF3/vjIHnGgzRyNvb X-Received: by 2002:a7b:c84f:: with SMTP id c15mr23872494wml.166.1587980947748; Mon, 27 Apr 2020 02:49:07 -0700 (PDT) X-Received: by 2002:a7b:c84f:: with SMTP id c15mr23872476wml.166.1587980947509; Mon, 27 Apr 2020 02:49:07 -0700 (PDT) Received: from [192.168.10.150] ([93.56.170.5]) by smtp.gmail.com with ESMTPSA id s14sm15057222wme.33.2020.04.27.02.49.06 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 27 Apr 2020 02:49:07 -0700 (PDT) Subject: Re: [PATCH v1 00/15] Add support for Nitro Enclaves To: "Paraschiv, Andra-Irina" , Alexander Graf , linux-kernel@vger.kernel.org Cc: Anthony Liguori , Benjamin Herrenschmidt , Colm MacCarthaigh , Bjoern Doebel , David Woodhouse , Frank van der Linden , Martin Pohlack , Matt Wilson , Balbir Singh , Stewart Smith , Uwe Dannowski , kvm@vger.kernel.org, ne-devel-upstream@amazon.com References: <20200421184150.68011-1-andraprs@amazon.com> <18406322-dc58-9b59-3f94-88e6b638fe65@redhat.com> <2a4a15c5-7adb-c574-d558-7540b95e2139@redhat.com> <1ee5958d-e13e-5175-faf7-a1074bd9846d@amazon.com> <80489572-72a1-dbe7-5306-60799711dae0@amazon.com> <0467ce02-92f3-8456-2727-c4905c98c307@redhat.com> <5f8de7da-9d5c-0115-04b5-9f08be0b34b0@amazon.com> <095e3e9d-c9e5-61d0-cdfc-2bb099f02932@redhat.com> <602565db-d9a6-149a-0e1a-fe9c14a90ce7@amazon.com> From: Paolo Bonzini Message-ID: <617eb49c-0ad9-8cf4-54bc-6d2cdfbb189a@redhat.com> Date: Mon, 27 Apr 2020 11:46:57 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 27/04/20 11:22, Paraschiv, Andra-Irina wrote: >> >> >> 1) having the kernel and initrd loaded by the parent VM in enclave >> memory has the advantage that you save memory outside the enclave memory >> for something that is only needed inside the enclave > > Here you wanted to say disadvantage? :)Wrt saving memory, it's about > additional memory from the parent / primary VM needed for handling the > enclave image sections (such as the kernel, ramdisk) and setting the EIF > at a certain offset in enclave memory? No, it's an advantage. If the parent VM can load everything in enclave memory, it can read() into it directly. It doesn't to waste its own memory for a kernel and initrd, whose only reason to exist is to be copied into enclave memory. Paolo