Re: [PATCH v22 24/24] docs: x86/sgx: Document kernel internals

From: Jarkko Sakkinen
Date: Tue Oct 01 2019 - 15:34:42 EST


On Fri, Sep 27, 2019 at 10:07:10AM -0700, Randy Dunlap wrote:
> On 9/3/19 7:26 AM, Jarkko Sakkinen wrote:
> > From: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> >
> > Document some of the more tricky parts of the kernel implementation
> > internals.
> >
> > Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx>
> > Co-developed-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
>
> Hi,
> Some edits for you to consider.

Thank you, great comments!

> > +ultimately all the launch decisions token are not needed for anything. We
>
> ultimately makes all the launch decisions, tokens are not

Here I rephrased the whole sentence as tokens are only single purpose.
The current form implies as if they were multipurpose. Also the last
sentence was just the first sentence rephrased differently.

I also more information about the launch and I ended up with this:

"The current kernel implementation supports only writable MSRs. The launch is
performed by setting the MSRs to the hash of the public key modulus of the
enclave signer and a token with the valid bit set to zero.

If the MSRs were read-only, the platform would need to provide a launch enclave
(LE), which would be signed with the key matching the MSRs. The LE creates
cryptographic tokens for other enclaves that they can pass together with their
signature to the ENCLS(EINIT) opcode, which is used to initialize enclaves."

/Jarkko