Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp414711pxb;
        Fri, 16 Apr 2021 08:40:52 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJw4y9wdlsxIW4fvg4PF/+pd+Q/36pnu1W+LBYAUs6VR75tdR88NK7ZC4EwKHi83cWFhRYWG
X-Received: by 2002:a17:903:2c1:b029:eb:3000:2984 with SMTP id s1-20020a17090302c1b02900eb30002984mr10361688plk.15.1618587652259;
        Fri, 16 Apr 2021 08:40:52 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1618587652; cv=none;
        d=google.com; s=arc-20160816;
        b=NWkQFUvnqzx4/GbzEcNw4nxRXtv493jYiy2smSepc5ZU1e924r772HKlZ/3x+AvWFm
         Rx9oCG/rlgjNDuyN/EaBiDKhd2dOmDRTGJzW37eiQfDyPtJfumuFYw1CJsrbQuFM674r
         Rk+E1xQ0gd3Wak7JlKvLpwVOUoSxfJ+Uv+zeaBwBib35lV1fC3IpfSMIURFCc8vQLtXS
         NA061clPtTJkQCd5POrRh9FZkzvB1/WJUc/d4wz2HZATMBA6bkTghfE69MyrlY0DSZSq
         oHbEYdZ15LvWHFi5doog3Lmhsn26+dMtHQKQqkY5kvx8+Cn5c5J4jvjchPZEEnUQF/j0
         5e/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=iGdpndComXW3AnvyMHsfuWDpAjnEy7Hu+TteSbaZJ4c=;
        b=HkilD7vCyZT36B+PVyeVdfMd4jkeS7KBoTqEt9/6i/uYvR0Gh40UyK5V38A3+bGOcw
         esexC0WehnY4+VLq2DgeAX7+1AdLp4ua7KLFp4AKYdeG4Lm8onJS3R/7ajUvrkjf1gko
         98DgVPUh621xZ1hecWY7BGxXf1Q2YixYSwQncbr47n5PFSzEbmwPg9EsExtzKqRF+xR2
         PGN1jTSinW44FxhJmF/wHAqlPAEHQO8qyo2p3h+8oF8hd7352k2Op6GDA9P8kM8xmPi7
         uHbKC6IQUvz4WQHb2Fhll3gn+msYeK/4gaBNR/BkS74+SZQ0aKSeVkD/Jnh6JyrCakqv
         /qDA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OUqqncH3;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id kx6si7144019pjb.72.2021.04.16.08.40.40;
        Fri, 16 Apr 2021 08:40:52 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=OUqqncH3;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243334AbhDPNIk (ORCPT <rfc822;lishoy@gmail.com> + 99 others);
        Fri, 16 Apr 2021 09:08:40 -0400
Received: from mail.kernel.org ([198.145.29.99]:38786 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S241437AbhDPNIi (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 16 Apr 2021 09:08:38 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 668CF61153;
        Fri, 16 Apr 2021 13:08:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1618578493;
        bh=mwPfgfnLYMWrlprFdYGbybpPMqrVxtOGOCT8xeJ7Yqo=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=OUqqncH30KCU5S6KmmfB6SPBR4936PZ4Ac5XFAYVCN8zKkApbClolq1+/hfeo9nVk
         m5TT/ZsJmgOwbAcWfd9mi9WGzPMtJ2KEtPGsAbYQZDRFMGgBg/x7bm1re1PygUi5xX
         SypPgacUMYpoXTrhlATQ9KfqkbZeDYZ3yPUsp7fBN1tBE2p5mfTrsX7fiVZCOFtGyx
         cn+fyR35rwA7ILBMvKgfZZuQlTCMfI7EZ1rwUTidZS1+daYWCJnZKRelcX9+DLpQSm
         btQImylcAxRlqn5XPrq6jc3jsNX/82/YZuhXpi9cVsRCUqs4DVdVA1AwXdmktq7eJU
         syFa5OG9YIhog==
Date:   Fri, 16 Apr 2021 16:08:11 +0300
From:   Jarkko Sakkinen <jarkko@kernel.org>
To:     Jethro Beekman <jethro@fortanix.com>
Cc:     Raoul Strackx <raoul.strackx@fortanix.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
        linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 0/3] x86/sgx: eextend ioctl
Message-ID: <YHmMO51+jI8NXwuG@kernel.org>
References: <da7ae1e7-59b8-63db-a9f1-607b4e529639@fortanix.com>
 <YHbJfXqyhtUb1AKw@kernel.org>
 <928ded49-3e86-eae0-de87-f570cf477aef@fortanix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <928ded49-3e86-eae0-de87-f570cf477aef@fortanix.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Apr 14, 2021 at 01:01:02PM +0200, Jethro Beekman wrote:
> On 2021-04-14 12:52, Jarkko Sakkinen wrote:
> > On Mon, Apr 12, 2021 at 10:59:56AM +0200, Raoul Strackx wrote:
> >> Creation of an SGX enclave consists of three steps. First, a new enclave
> >> environment is created by the ECREATE leaf function. Some enclave settings
> >> are specified at this step by passing an SGX Enclave Control Structure
> >> (SECS) that contains the enclave MRENCLAVE, MRSIGNER, etc. This
> >> instruction also starts a cryptographic log of the enclave being built.
> >> (This log should eventually result in the MRENCLAVE.) Second, pages are
> >> added to the enclave. The EADD leaf function copies 4KB data to an empty
> >> EPC page. The cryptographic log records (among other properties) the
> >> location and access rights of the page being added. It _does not_ include
> >> an entry of the page content. When the enclave writer wishes to ensure the
> >> content of (a part of) the enclave page as well, she must use the EEXTEND
> >> leaf function. Extending the enclave cryptographic log can only be done
> >> per 256 bytes. Extending the log with a full 4K page thus requires 16
> >> invocations of the EEXTEND leaf function. It is however up to the enclave
> >> developer to decide if and how enclave memory is added to the 
> >> cryptographic log. EEXTEND functions may be issued only for relevant parts
> >> of an enclave page, may happen only after all pages have been added, and
> >> so on. Finally, the enclave is finalized by the EINIT leaf function. Any
> >> new invocations of the EADD or EEXTEND leaf functions will result in a
> >> fault. With EINIT a number of checks are performed as well. The 
> >> cryptographic hash of the final cryptographic log is compared to the
> >> MRENCLAVE field of the SECS structure passed to the ECREATE leaf function
> >> (see step one). The signature (MRSIGNER) over this MRENCLAVE is verified
> >> as well. When all checks pass, the enclave loading is complete and it
> >> enters the executable state.
> > 
> > Who do you expect to read this paragraph, seriously?
> 
> What do you mean? There was a request for more architectural details in the cover letter.

So you are saying that it is well structured text and not a brain dump?

/Jarkko