Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
To:     "Jarkko Sakkinen" <jarkko@kernel.org>, dave.hansen@linux.intel.com,
        tglx@linutronix.de, bp@alien8.de, luto@kernel.org,
        mingo@redhat.com, linux-sgx@vger.kernel.org, x86@kernel.org,
        shuah@kernel.org, linux-kselftest@vger.kernel.org,
        "Reinette Chatre" <reinette.chatre@intel.com>
Cc:     seanjc@google.com, kai.huang@intel.com, cathy.zhang@intel.com,
        cedric.xing@intel.com, haitao.huang@intel.com,
        mark.shanahan@intel.com, vijay.dhanraj@intel.com, hpa@zytor.com,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH V4 14/31] x86/sgx: Support VA page allocation without
 reclaiming
References: <cover.1649878359.git.reinette.chatre@intel.com> <0ab32196f5056b25c34fb89fcc4dc28a5d875d2e.1649878359.git.reinette.chatre@intel.com> <bf2fcc93babdbf541fffc6cc5f5756f391773a75.camel@kernel.org> <767b99c5-f28e-4b8f-5147-6e1d290ca5c6@intel.com>
Date:   Fri, 15 Apr 2022 08:54:53 -0500
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From:   "Haitao Huang" <haitao.huang@linux.intel.com>
Organization: Intel Corp
Message-ID: <op.1kn59r1bwjvjmi@hhuan26-mobl1.mshome.net>
In-Reply-To: <767b99c5-f28e-4b8f-5147-6e1d290ca5c6@intel.com>
User-Agent: Opera Mail/1.0 (Win32)
Precedence: bulk

On Thu, 14 Apr 2022 11:30:34 -0500, Reinette Chatre  
<reinette.chatre@intel.com> wrote:

> Hi Jarkko,
>
> On 4/14/2022 4:18 AM, Jarkko Sakkinen wrote:
>> On Wed, 2022-04-13 at 14:10 -0700, Reinette Chatre wrote:
>>> struct sgx_encl should be protected with the mutex
>>> sgx_encl->lock. One exception is sgx_encl->page_cnt that
>>> is incremented (in sgx_encl_grow()) when an enclave page
>>> is added to the enclave. The reason the mutex is not held
>>> is to allow the reclaimer to be called directly if there are
>>> no EPC pages (in support of a new VA page) available at the time.
>>>
>>> Incrementing sgx_encl->page_cnt without sgc_encl->lock held
>>> is currently (before SGX2) safe from concurrent updates because
>>> all paths in which sgx_encl_grow() is called occur before
>>> enclave initialization and are protected with an atomic
>>> operation on SGX_ENCL_IOCTL.
>>>
>>> SGX2 includes support for dynamically adding pages after
>>> enclave initialization where the protection of SGX_ENCL_IOCTL
>>> is not available.
>>>
>>> Make direct reclaim of EPC pages optional when new VA pages
>>> are added to the enclave. Essentially the existing "reclaim"
>>> flag used when regular EPC pages are added to an enclave
>>> becomes available to the caller when used to allocate VA pages
>>> instead of always being "true".
>>>
>>> When adding pages without invoking the reclaimer it is possible
>>> to do so with sgx_encl->lock held, gaining its protection against
>>> concurrent updates to sgx_encl->page_cnt after enclave
>>> initialization.
>>>
>>> No functional change.
>>>
>>> Reported-by: Haitao Huang <haitao.huang@intel.com>
>>> Tested-by: Haitao Huang <haitao.huang@intel.com>
>>> Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
>>
>> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> Thank you.
>
>>
>> Nit: I don't think tested-by is in the right patch here. Maybe
>> Haitao's tested-by should be moved into patch that actually adds
>> support for EAUG? Not something I would NAK this patch, just
>> wondering...
>
> Yes, that is a good point. While this is the bulk of the fix where
> the new API is introduced, the test is only applicable when this API
> is used and that is in "x86/sgx: Support adding of pages to an
> initialized enclave". I will move the "Tested-by" to that patch.
>

You can also add my Tested-by for patches adding the new IOCTLs.
Our team and I have tested EAUG on #PF,  modifying types and permissions  
with Intel SGX SDK/PSW.
Thanks
Haitao