Re: [RFC PATCH v2 0/3] An alternative __vdso_sgx_enter_enclave() to allow enclave/host parameter passing using untrusted stack

[Xing, Cedric]

On 7/11/2019 2:36 AM, Jarkko Sakkinen wrote:
> On Wed, Jul 10, 2019 at 03:54:20PM -0700, Xing, Cedric wrote:
> > On 7/10/2019 3:46 PM, Jarkko Sakkinen wrote:
> > > On Wed, Jul 10, 2019 at 11:08:37AM -0700, Xing, Cedric wrote:
> > > > > With these conclusions I think the current vDSO API is sufficient for
> > > > > Linux.
> > > >
> > > > The new vDSO API is to support data exchange on stack. It has nothing to do
> > > > with debugging. BTW, the community has closed on this.
> > >
> > > And how that is useful?
> >
> > There is a lengthy discussion on its usefulness so I don't want to repeat.
> > In short, it allows using untrusted stack as a convenient method to exchange
> > data with the enclave. It is currently being used by Intel's SGX SDK for
> > e/o-calls parameters.
> >
> > > > The CFI directives are for stack unwinding. They don't affect what the code
> > > > does so you can just treat them as NOPs if you don't understand what they
> > > > do. However, they are useful to not only debuggers but also exception
> > > > handling code. libunwind also has a setjmp()/longjmp() implementation based
> > > > on CFI directives.
> > >
> > > Of course I won't merge code of which usefulness I don't understand.
> >
> > Sure.
> >
> > Any other questions I can help with?
>
> I dissected my concerns in other email. We can merge this feature after
> v21 if it makes sense.

Sent out v3 of vDSO changes last night. I hope your concerns have been 
properly addressed.

The new vDSO API is a community consensus. I can help on whatever 
technical problems you may have but I don't see a reason you should 
reject it.

> /Jarkko