Re: [PATCH v4 4/5] x86/sgx: Allows ioctl PROVISION to execute before CREATE

From: Tianjia Zhang
Date: Thu Feb 11 2021 - 01:13:43 EST




On 2/3/21 5:57 AM, Jarkko Sakkinen wrote:
On Mon, Feb 01, 2021 at 09:26:52PM +0800, Tianjia Zhang wrote:
In the function sgx_create_enclave(), the direct assignment
operation of attributes_mask determines that the ioctl PROVISION
operation must be executed after the ioctl CREATE operation,
which will limit the flexibility of sgx developers.

Please write acronyms correctly. It's not 'sgx'. It's 'SGX'.

Who are the "sgx developers" and how do they benefit from this?

/Jarkko


It mainly refers to application developers based on SGX technology.

One of the benefits that this brings is that the PROVISION operation can be called before or after the enclave is created, compared to the previous PROVISION operation can only be executed after the enclave is created.

Thanks,
Tianjia