Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp37046rwe;
        Tue, 30 Aug 2022 20:22:07 -0700 (PDT)
X-Google-Smtp-Source: AA6agR68kbAcu5yuOfZrdHPIRN64fENZGpE+HN0ryrIykgKwzvfVv9PrF6Hw8rsfzlL84T6GC2bO
X-Received: by 2002:a17:907:72d6:b0:742:133b:42be with SMTP id du22-20020a17090772d600b00742133b42bemr4678073ejc.581.1661916126976;
        Tue, 30 Aug 2022 20:22:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1661916126; cv=none;
        d=google.com; s=arc-20160816;
        b=RBdoeWii+DVvXAYzTSyQIeCjuWfI3slu4Xd8wXSqeBFjq/Tz8AJIKND7zmAPeTXwDk
         eGkwtfcKAEAW/r6uhzWFK4BYvlJP89UhRnJ3PxaYktpALT5dE+H96q8MkSHCwWtkiezx
         nMGLsWtRfpkvzf6aHK2gE7roBPLC1qWbMw+ZCHWDQEop4w+gbT0YQlKUs9Ka+x2XOi0g
         aJX1up4PBj8qTz2H7AUwgiNe5ed/Q/QAiWvZhIsy2NfvhGTN053QRBUC0tsK2PBw1gmv
         kGbzmqTWncbwNZb68Fb8RblWJERaJG779ro9aiTLxG9DXj2qjVYPHgJLbABm6ycYzTgK
         x/gQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=jpe3banZVClsIW6+LdH31eRBJqAH9ClqvLST2Npbb00=;
        b=rejh0QCa8Y0p9o3zCXXPzOx6BOh0wr1EGApMH+Kcaji7Cb7kRY/Y9PYm9MmNCjGHmz
         960rOWjXURB9tLd50owaj6gkEjgWcVv8BHKg4SV8Lp2bfMDr2mF6KQr7spuMhF0aH9Ut
         go1CULSF4mTDjHCLS2Z0oQSZGZkaF/T54Bdr+Qp9gvAATWF8MV6K8tn67L5KXbJ6LZMw
         nVi6j2P3duY6BXlbSYcnZGHbbyt6+LvRmSvwZFf5+kSzaBZ2weMXfbbMtlCBdsHdBSLj
         qWRR2bArTf6uRfA5gETE78O4Ru35gQ7Ko3gjiYsyJwQLS0bjaS8FqcaWew+pMPLLFmRE
         7c3g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=efagX1rn;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id u27-20020a1709060b1b00b0073da49c06a2si8893749ejg.948.2022.08.30.20.21.42;
        Tue, 30 Aug 2022 20:22:06 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=efagX1rn;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231300AbiHaDKS (ORCPT
        <rfc822;andriy.druk.mailinglists@gmail.com> + 99 others);
        Tue, 30 Aug 2022 23:10:18 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43238 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230211AbiHaDKP (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 30 Aug 2022 23:10:15 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C248514019;
        Tue, 30 Aug 2022 20:10:12 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 64B1361958;
        Wed, 31 Aug 2022 03:10:12 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 47A27C433C1;
        Wed, 31 Aug 2022 03:10:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1661915411;
        bh=OQiPKVeqioWO/+rE4N2BPKMdkBg7d6Th1b+cLdAKenI=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=efagX1rnVLCh+yQv/KJvyaZIvAg06gKRqvKMx+JL8apeNDp8UiAGsmDyBKIujtRty
         bmG/PYq+HyR5cMZp/Cb3spqHtZXXmoHMmacQNYDzh8fOYXPYxJCvbI23rC3OsvNaRF
         P2XKaaYsbVckMutZj8yNBfnLwc0jA7xjXrjJ1/6Rb7mOYF0Q9IYmFdMjpBLwW3uxdy
         ZkeLxqwUnZptzCXp+JT1kSs8pgIcyO/uHJNLQZ7Qhkqk1SwJ9jEehOSGNusYO3VIN3
         eAf7KIHpKcZAVJzUQQWhpfjiiYYQc2gwQkqxDQIgsi7t1M563tdXX0OKWlNdEuB7r8
         xcEMuN3S4ILFg==
Date:   Wed, 31 Aug 2022 06:10:06 +0300
From:   Jarkko Sakkinen <jarkko@kernel.org>
To:     "Huang, Kai" <kai.huang@intel.com>
Cc:     "pmenzel@molgen.mpg.de" <pmenzel@molgen.mpg.de>,
        "linux-sgx@vger.kernel.org" <linux-sgx@vger.kernel.org>,
        "x86@kernel.org" <x86@kernel.org>,
        "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
        "Dhanraj, Vijay" <vijay.dhanraj@intel.com>,
        "Chatre, Reinette" <reinette.chatre@intel.com>,
        "mingo@redhat.com" <mingo@redhat.com>,
        "tglx@linutronix.de" <tglx@linutronix.de>,
        "bp@alien8.de" <bp@alien8.de>,
        "haitao.huang@linux.intel.com" <haitao.huang@linux.intel.com>,
        "hpa@zytor.com" <hpa@zytor.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 1/6] x86/sgx: Do not consider unsanitized pages an error
Message-ID: <Yw7RDhRrgJZ8M2EZ@kernel.org>
References: <20220830031206.13449-1-jarkko@kernel.org>
 <20220830031206.13449-2-jarkko@kernel.org>
 <1f43e7b9-c101-3872-bd1b-add66933b285@intel.com>
 <1b3308a364317d36ad41961ea9cfee24aa122f02.camel@intel.com>
 <Yw7EX5GCrEaLzpHV@kernel.org>
 <d07577c3f0b4b3fff0ce470c56f91fb634653703.camel@intel.com>
 <Yw7LJa7eRG+WZ0wv@kernel.org>
 <c3c085d69311ed759bff5bb325a2c182d423f91f.camel@intel.com>
 <Yw7OEh7QP8tb7BR1@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Yw7OEh7QP8tb7BR1@kernel.org>
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Aug 31, 2022 at 05:57:22AM +0300, jarkko@kernel.org wrote:
> On Wed, Aug 31, 2022 at 02:55:52AM +0000, Huang, Kai wrote:
> > On Wed, 2022-08-31 at 05:44 +0300, jarkko@kernel.org wrote:
> > > On Wed, Aug 31, 2022 at 02:35:53AM +0000, Huang, Kai wrote:
> > > > On Wed, 2022-08-31 at 05:15 +0300, jarkko@kernel.org wrote:
> > > > > On Wed, Aug 31, 2022 at 01:27:58AM +0000, Huang, Kai wrote:
> > > > > > On Tue, 2022-08-30 at 15:54 -0700, Reinette Chatre wrote:
> > > > > > > Hi Jarkko,
> > > > > > > 
> > > > > > > On 8/29/2022 8:12 PM, Jarkko Sakkinen wrote:
> > > > > > > > In sgx_init(), if misc_register() for the provision device fails, and
> > > > > > > > neither sgx_drv_init() nor sgx_vepc_init() succeeds, then ksgxd will be
> > > > > > > > prematurely stopped.
> > > > > > > 
> > > > > > > I do not think misc_register() is required to fail for the scenario to
> > > > > > > be triggered (rather use "or" than "and"?). Perhaps just
> > > > > > > "In sgx_init(), if a failure is encountered after ksgxd is started
> > > > > > > (via sgx_page_reclaimer_init()) ...".
> > > > > > 
> > > > > > IMHO "a failure" might be too vague.  For instance, failure to sgx_drv_init()
> > > > > > won't immediately result in ksgxd to stop prematurally.  As long as KVM SGX can
> > > > > > be initialized successfully, sgx_init() still returns 0.
> > > > > > 
> > > > > > Btw I was thinking whether we should move sgx_page_reclaimer_init() to the end
> > > > > > of sgx_init(), after we make sure at least one of the driver and the KVM SGX is
> > > > > > initialized successfully.  Then the code change in this patch won't be necessary
> > > > > > if I understand correctly.  AFAICT there's no good reason to start the ksgxd at
> > > > > > early stage before we are sure either the driver or KVM SGX will work.
> > > > > 
> > > > > I would focus fixing the existing flow rather than reinventing the flow.
> > > > > 
> > > > > It can be made to work, and therefore it is IMHO correct action to take.
> > > > 
> > > > From another perspective, the *existing flow* is the reason which causes this
> > > > bug.  A real fix is to fix the flow itself.
> > > 
> > > Any existing flow in part of the kernel can have a bug. That
> > > does not mean that switching flow would be proper way to fix
> > > a bug.
> > > 
> > > BR, Jarkko
> > 
> > Yes but I think this is only true when the flow is reasonable.  If the flow
> > itself isn't reasonable, we should fix the flow (given it's easy to fix AFAICT).
> > 
> > Anyway, let us also hear from others.
> 
> The flow can be made to work without issues, which in the
> context of a bug fix is exactly what a bug fix should do.
> Not more or less.
> 
> You don't gain any measurable value for the user with this
> switch idea.

And besides this not proper way to review patch anyway because you did
not review the code. I'll focus on fix what is broken e.g. so that it
is easy to backport to stable and distro kernels, and call it a day.
It certainly does not have to make code "perfect", as long as known
bugs are sorted out.

You are welcome to review the next version of the patch, once I've
resolved the issues that were pointed out by Reinette, if you still
see some issue but this type of speculative discussion is frankly just
wasting everyones time.

(need to check my mutt config, do not know why it is not always
putting real name to from field)

BR, Jarkko