Re: [PATCH RESEND 0/3] x86/sgx: eextend ioctl

From: Dave Hansen
Date: Thu Apr 08 2021 - 11:54:38 EST

Next message: Siddharth Chandrasekaran: "Re: [PATCH 0/4] Add support for XMM fast hypercalls"
Previous message: Andy Shevchenko: "[PATCH v1 1/1] defconfig: enable GPIO_SIM"
In reply to: Jethro Beekman: "Re: [PATCH RESEND 0/3] x86/sgx: eextend ioctl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/8/21 8:27 AM, Jethro Beekman wrote:
> But the native “executable format” for SGX is very clearly defined in
> the Intel SDM as a specific sequence of ECREATE, EADD, EEXTEND and
> EINIT calls. It's that sequence that's used for loading the enclave
> and it's that sequence that's used for code signing. So when I say
> save space I mean save space in the native format.
>
> Not EEXTENDing unnecessarily also reduces enclave load time if
> you're looking for additional arguments.
I look forward to all of this being clearly explained in your resubmission.

> SGX defines lots of things and you may not see the use case for all
> of this immediately. No one has a usecase for creating enclaves with
> SECS.SSAFRAMESIZE = 1000 or TCS.NSSA = 3. Why did you not demand
> checks for this in the ECREATE/EADD ioctls?
There's a difference between adding code to support a feature and adding
code to *RESTRICT* use of a feature.

Next message: Siddharth Chandrasekaran: "Re: [PATCH 0/4] Add support for XMM fast hypercalls"
Previous message: Andy Shevchenko: "[PATCH v1 1/1] defconfig: enable GPIO_SIM"
In reply to: Jethro Beekman: "Re: [PATCH RESEND 0/3] x86/sgx: eextend ioctl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]