Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp853661pxa; Wed, 19 Aug 2020 17:22:51 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzBDTF8Uo3Zo0qNn232FJv5tISeLYqIFMTfxcWvtBpQLt8ugzSnbEMduamQUf7mvIn7WkL4 X-Received: by 2002:a17:906:1c56:: with SMTP id l22mr839866ejg.84.1597882971332; Wed, 19 Aug 2020 17:22:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597882971; cv=none; d=google.com; s=arc-20160816; b=B8PCbBaTUjSlcO3r6Sb+i9XYAX0PHsqq2IKJjHZVnrslhIFqrMXOY+b0+USl+5hJSg BbpzOx1OXAyw39xzKgF404BCiEbPNM1Lp3Nc55km0Vi6+SfNcpWhasoce5dmIKHGfkRy FFFdrX4ZRARrymkfcaJIBge5M922/xedgw+4cxp0PRNGPHmuBDqCTbMg2mHtDdOdhOmU msUuOxLMhsdRqDJWWELaocpaugmUzS6H0HG+mH04FrOpRB3aVD5RIzXbBEJR5l0UYKTi nYfOOLIP7xORg3wUYgICR9yKgPqm05jrh7hSZdTDxPyY2cKukbphcLaGhQzh8ngF+nFu ACmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/zBH4aDgDrx3QuERCD1PHlx20clRRF8IEi046pLcjuo=; b=NtvaDWla7HHarMh1EWFtU0SbDgO5x5DL5uNTWVul6MfhNkh9i0oidh+cTIxjXW/ZJk gaWWe6iJSzoTRNxGQnwHuQwbSnwqMghKkYcnSPTwix4B8dI0p+KLQ6mxX/gIu4IvUSBt trz6dcVO6od3BUZGYHlApTRfYj7A9Whk/jSurXgPZXzkgFZXViuhtjdpBUNiDCqQcqME hiZHZmG6xOM0D5v40KmzPfYKq75fnvadvz2Nr0dQQTNnctRpHkm2PBPbLCV/5VDThnSm Hig2NWP6UfnXNivFHR0M5H3l56Nf1hKz8uXhOhUgywuaOTEiPeUMDd9QQcptzYtTdlEb AVUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="gWrlU/kp"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l12si340151edt.99.2020.08.19.17.22.26; Wed, 19 Aug 2020 17:22:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="gWrlU/kp"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726700AbgHTAT4 (ORCPT + 99 others); Wed, 19 Aug 2020 20:19:56 -0400 Received: from mail.kernel.org ([198.145.29.99]:48806 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726362AbgHTAT4 (ORCPT ); Wed, 19 Aug 2020 20:19:56 -0400 Received: from mail-wr1-f43.google.com (mail-wr1-f43.google.com [209.85.221.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1A7F521775 for ; Thu, 20 Aug 2020 00:19:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1597882795; bh=UoSSzOiBrRe7iK+l82T6x0wDhJm6VA4v7CJw4aj4dxQ=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=gWrlU/kpNE4mcIOu6IQxKmPZHQlr/iVoka4LgMeu/UTnBe7ElH+6QTk8bVOukXqs5 a+1fMbb2C5APS9xljnSx+HU1iUr9hIoCi11wtAcpsc5Iz1zM04gZkMeRoX7Ch7he5l /cVWSwq19hhhElKyCs/vR3/9/fHovzCHoy3pBcaw= Received: by mail-wr1-f43.google.com with SMTP id r4so417671wrx.9 for ; Wed, 19 Aug 2020 17:19:55 -0700 (PDT) X-Gm-Message-State: AOAM533zWVP8y0pIFTbtg2tM74TnCBK0wmj9iTnCbT9LOHVItLWje0nh yCVGuWtEIMAGCKn7Ua2r9lKjcyQ8VofMLqFiWBA+yw== X-Received: by 2002:a5d:5712:: with SMTP id a18mr497294wrv.184.1597882793738; Wed, 19 Aug 2020 17:19:53 -0700 (PDT) MIME-Version: 1.0 References: <20200716135303.276442-1-jarkko.sakkinen@linux.intel.com> <20200716135303.276442-22-jarkko.sakkinen@linux.intel.com> <20200818151524.GE132200@linux.intel.com> In-Reply-To: <20200818151524.GE132200@linux.intel.com> From: Andy Lutomirski Date: Wed, 19 Aug 2020 17:19:42 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v36 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call To: Jarkko Sakkinen Cc: Andy Lutomirski , Nathaniel McCallum , X86 ML , linux-sgx@vger.kernel.org, LKML , Sean Christopherson , Jethro Beekman , Cedric Xing , Andrew Morton , Andy Shevchenko , asapek@google.com, Borislav Petkov , chenalexchen@google.com, Conrad Parker , cyhanish@google.com, Dave Hansen , "Huang, Haitao" , Josh Triplett , "Huang, Kai" , "Svahn, Kai" , Keith Moyer , Christian Ludloff , Neil Horman , Patrick Uiterwijk , David Rientjes , Thomas Gleixner , yaozhangx@google.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 18, 2020 at 8:15 AM Jarkko Sakkinen wrote: > > On Mon, Aug 10, 2020 at 04:08:46PM -0700, Andy Lutomirski wrote: > > On Thu, Aug 6, 2020 at 7:55 AM Nathaniel McCallum wrote: > > > > > > In a past revision of this patch, I had requested a void *misc > > > parameter that could be passed through vdso_sgx_enter_enclave_t into > > > sgx_enclave_exit_handler_t. This request encountered some push back > > > and I dropped the issue. However, I'd like to revisit it or something > > > similar. > > > > Why do you need an exit handler at all? IIRC way back when I > > suggested that we simply not support it at all. If you want to > > call__vdso_sgx_enter_enclave() in a loop, call it in a loop. If you > > want to wrap it intelligently in Rust, you don't want a callback > > anyway -- that forces you have an FFI (or non-Rust, anyway) frame on > > the stack, which interacts poorly with panic handling and prevents you > > from using await in your Rust callback handler. If, on the other > > hand, you just call __vdso_sg_enter_enclave() in a loop, all these > > problems go away and, if you really want, you can pass in a callback > > in Rust and call the callback from Rust. > > How would Intel SDK be able to do its stack manipulation? The same as now. The enclave would see a pointer to a stack-like writable area in USER_RSP, but it just wouldn't be the actual stack. I suppose that the caller of the vdso can play these games just as well as the vdso itself, though, so maybe this is not helpful. --Andy