Re: [PATCH v38 14/24] x86/sgx: Add SGX_IOC_ENCLAVE_INIT
From: Borislav Petkov
Date: Mon Sep 21 2020 - 14:28:03 EST
On Mon, Sep 21, 2020 at 11:10:21AM -0700, Sean Christopherson wrote:
> The LE pubkey hash MSRs are special snowflakes. They get reset to Intel's
> default key on any loss of EPC, e.g. if the system does a suspend/resume
> cycle. The approach we took (obviously) is to assume the kernel's cache can
> be stale at any given time. The alternative would be to try and track loss
> of EPC conditions and emulate the reset, but that's a bit dicey on bare
> metal as any missed case would hose SGX, and in a VM it's theoretically
> impossible to handle as a particularly unhelpful VMM could emulate loss of
> EPC at will.
Lemme try to understand this: the system could suspend/resume right
here:
sgx_update_lepubkeyhash_msrs(lepubkeyhash, false);
<--- suspend/resume
ret = __einit(sigstruct, token, sgx_get_epc_addr(secs));
and thus the MSRs would have the default key so you'd need the second
__einit() call?
But what happens if the system suspends before the second __einit()
call?
Why don't you simply drop that @enforce param and let the caller handle
any retries?
Or is the scenario something different?
Or you could perhaps disable suspend/resume around it, maybe something
like lock_system_sleep() or so, from a quick grep...
> Yes, this need a big fat comment.
Oh yeah.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette