Re: [RFC PATCH v2 0/3] An alternative __vdso_sgx_enter_enclave() to allow enclave/host parameter passing using untrusted stack

[Jarkko Sakkinen]

On Thu, Jul 11, 2019 at 08:50:37AM -0700, Sean Christopherson wrote:
> On Thu, Jul 11, 2019 at 12:38:09PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Jul 10, 2019 at 04:37:41PM -0700, Xing, Cedric wrote:
> > > We are not judging which vessel is better (or the best) among all possible
> > > vessels. We are trying to enable more vessels. Every vessel has its pros and
> > > cons so there's *no* single best vessel.
> > 
> > I think reasonable metric is actually the coverage of the Intel SDK
> > based enclaves. How widely are they in the wild? If the user base is
> > large, it should be reasonable to support this just based on that.
> 
> Large enough that Andy agreed to take the vDSO code with the optional
> callback, despite his personal opinion being that mucking with uR{B,S}P
> from within the enclave is poor form.

OK, the cover letter empahasized things that did not make sense to me,
which made me to do my initial conclusions. I don't recall even reading
the word "coverage" from it.

Anyways, I'm sure we can land this after v21 has been published now that
the rationale is clear.

/Jarkko