[RFC PATCH v3 0/4] x86: Add exception fixup for SGX ENCLU

From: Sean Christopherson
Date: Mon Dec 10 2018 - 18:22:00 EST

This is effectively v3 of the "x86: Add vDSO exception fixup for SGX"
series, but as you might of noticed, there are no vDSO changes here.

Andy's comment on Spectre/retpoline[1] and Jethro's comment on making
the vDSO as barebones as possible[2] got me wondering if we could let
userspace dynamically set the "return" target of the SGX vDSO function,
taking advantage of the fact that most (all?) SGX processes will have a
single entry point for all enclaves.

The initial idea was to make __vdso_sgx_enter_enclave() a barebones
"function" consisting of ENCLU and UD2. SGX would provide an IOCTL via
/dev/sgx that could be used to patch the UD2 in the current vDSO image
to a JMP rel32, with rel32 pointing at an address provided by the
user. Aside from the issues of rel32 in a 64-bit memory space,
patching the vDSO image added a lot of overhead just so that the kernel
could know the address of ENCLU.

At that point I realized it's a hell of a lot easier to simply provide
an IOCTL via /dev/sgx that allows userspace to register a per-process
ENCLU exception handler. At a high level, the basic idea is the same
as the vDSO approach: provide a hardcoded fixup handler for ENCLU and
attempt to fixup select unhandled exceptions that occurred in user code.

- No vDSO function.
- Minimal userspace changes.
- Smaller ABI, i.e. less bikeshedding (fingers crossed).
- Kernel doesn't prevent userspace from doing stupid things, e.g.
modifying the process' stack from within the enclave.
- Kernel can proactively enforce the ENCLU handler as the only
officialy supported ABI for enclave exception handling.

- Userspace can only register a single ENCLU handler per process.
- ABI is more esoteric than a standard function call.

This series is based on Jarkko's current master branch, which moves all
of the SGX code into arch/x86. The full code can be found here:


I have not actually tested this *exact* commit beyond compiling as I do
not know the health status of Jarkko's code. To test, I cherry-picked
the patches into an older stable version of the code. Git was able to
handle the file renaming.

v1: https://lkml.kernel.org/r/20181205232012.28920-1-sean.j.christopherson@xxxxxxxxx
v2: https://lkml.kernel.org/r/20181206221922.31012-1-sean.j.christopherson@xxxxxxxxx
- Replace the vDSO fixup with SGX specific fixup.
- Patches 2/4 and 3/4 are essentially identical, the only difference
being the name of the function that is called. The changelogs for
these patches still need a lot of attention.

[1] https://lkml.kernel.org/r/CALCETrVBR+2HjTqX=W4r9GOq69Xg36v4gmCKqK0wUjzAqBJnrw@xxxxxxxxxxxxxx
[2] https://lkml.kernel.org/r/f595c046-682c-0d4a-ce68-44d4634cedf2@xxxxxxxxxxxx

Sean Christopherson (4):
x86/sgx: Add a per-mm ENCLU exception fixup handler
x86/fault: Attempt to fixup unhandled #PF on ENCLU before signaling
x86/traps: Attempt to fixup exceptions in vDSO before signaling
x86/sgx: Add an SGX IOCTL to register a per-mm ENCLU exception handler

arch/x86/include/asm/mmu.h | 4 ++++
arch/x86/include/asm/sgx.h | 13 +++++++++++++
arch/x86/include/uapi/asm/sgx.h | 23 ++++++++++++++++++-----
arch/x86/kernel/cpu/sgx/driver/encl.c | 6 ++++++
arch/x86/kernel/cpu/sgx/driver/ioctl.c | 20 ++++++++++++++++++++
arch/x86/kernel/cpu/sgx/main.c | 18 ++++++++++++++++++
arch/x86/kernel/traps.c | 15 +++++++++++++++
arch/x86/mm/fault.c | 7 +++++++
8 files changed, 101 insertions(+), 5 deletions(-)