Re: [PATCH v36 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

From: Sean Christopherson
Date: Thu Aug 13 2020 - 15:38:46 EST


On Tue, Aug 11, 2020 at 08:16:54AM -0700, Andy Lutomirski wrote:
>
> > On Aug 10, 2020, at 5:52 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> >
> > 
> >>> On Aug 10, 2020, at 4:48 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote:
> >>>
> >>> On Mon, Aug 10, 2020 at 04:08:46PM -0700, Andy Lutomirski wrote:
> >>> What am I missing? I still don't really understand why we are
> >>> supporting this mechanism at all. Just the asm code to invoke the
> >>> callback seems to be about half of the entire function.
> >>
> >> Because the Intel SDK (and other SDKs?) wants to use the host stack to pass
> >> parameters out of the enclave.
> >
> > Ugh, right. I forgot about that particular abomination.
> >
> > I suppose that passing a context pointer would be reasonable.
>
> The alternative would be to pass in a parameter that gets put in RSP before
> entering the enclave. The idea is that the untrusted runtime would allocate a
> couple pages with guard pages at either end, and enclaves using the
> regrettable arguments-on-the-stack scheme would end up using the alternative
> stack.
>
> At the end of the day, none of this really matters too much. Languages that
> can do inline asm but can’t do container_of() can get fixed or use
> workarounds.

So, is your "official" opinion

Go update the vDSO to allow passing an arbitrary pointer.

or

Eh, don't bother.