Re: [PATCH v39 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call
From: Jarkko Sakkinen
Date: Wed Oct 07 2020 - 04:04:43 EST
On Wed, Oct 07, 2020 at 10:39:23AM +0300, Jarkko Sakkinen wrote:
> On Tue, Oct 06, 2020 at 09:34:19PM -0700, Sean Christopherson wrote:
> > Even more hypothetical would be if Andy gets one of his wishes, and EENTER2
> > comes along that doesn't allow the enclave to dictate the exit point,
> > "returns" an error code on enclave failure, and allows the kernel to
> > auto-restart the enclave on IRQs/NMIs. That (very hypothetical) scenario
> > fits nicely into the exit_reason handling.
> >
> > I'm not arguing that any of the above is even remotely likely. I just don't
> > understand why we'd want an API that at best requires heuristics in userspace
> > to determine why the enclave stopped running, and at worst will saddle us with
> > an ugly mess in the future. All to save 4 bytes that no one cares about (they
> > literally cost nothing), and a single MOV in a flow that is hundreds, if not
> > thousands, of cycles.
>
> I don't care as much as saving bytes as defining API, which has zero
> ambiguous state variables.
>
> And since the field 'leaf' is there, and was before too, no degrees of
> freedom are lost. Removing one variable does not make more of a mess.
I think the reserved space should be expanded though.
I'd go with that 256 bytes as it was before. It's still fast to validate
and the loop construct for that is already in place. I complement that
with addition to the changelog with the reasoning that I gave earlier.
That was lacking for that detail in earlier patch set versions.
/Jarkko