Re: [RFC PATCH v2 0/3] An alternative __vdso_sgx_enter_enclave() to allow enclave/host parameter passing using untrusted stack
From: Jarkko Sakkinen
Date: Thu Jul 11 2019 - 13:59:45 EST
On Thu, Jul 11, 2019 at 08:50:37AM -0700, Sean Christopherson wrote:
> On Thu, Jul 11, 2019 at 12:38:09PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Jul 10, 2019 at 04:37:41PM -0700, Xing, Cedric wrote:
> > > We are not judging which vessel is better (or the best) among all possible
> > > vessels. We are trying to enable more vessels. Every vessel has its pros and
> > > cons so there's *no* single best vessel.
> >
> > I think reasonable metric is actually the coverage of the Intel SDK
> > based enclaves. How widely are they in the wild? If the user base is
> > large, it should be reasonable to support this just based on that.
>
> Large enough that Andy agreed to take the vDSO code with the optional
> callback, despite his personal opinion being that mucking with uR{B,S}P
> from within the enclave is poor form.
OK, the cover letter empahasized things that did not make sense to me,
which made me to do my initial conclusions. I don't recall even reading
the word "coverage" from it.
Anyways, I'm sure we can land this after v21 has been published now that
the rationale is clear.
/Jarkko