Re: [PATCH] selftests/sgx: Fix an enclave built with extended instructions
From: Vladis Dronov
Date: Wed Apr 09 2025 - 13:17:33 EST
On Wed, Apr 9, 2025 at 7:07 PM Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>
> On 4/9/25 09:55, Vladis Dronov wrote:
> ...
> > Fix this by adding "-mno-avx" to ENCL_CFLAGS in Makefile. Add some comments
> > about this to code locations where enclave's xfrm field is set.
> >
> > Suggested-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> > Signed-off-by: Vladis Dronov <vdronov@xxxxxxxxxx>
>
> First of all, this looks fine to me:
>
> Acked-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
>
> The code comments are fine. I'm much less picky about selftests.
>
> I'm also open to other solutions here. We could, for instance, set
> xfrm=7 to allow AVX2 instructions (which are generated by
> "--with-arch_64=x86-64-v3") or use some compiler flags other than
> "-mno-avx".
>
> But "-mno-avx" does seem good to me.
>
Thank you for the ACK, Dave.
I've tested an enclave with xfrm=7 and it errors out at the AVX512
instruction (namely, vmovdqa64) in the same way. So if there is a
compiler built with "--with-arch_64=x86-64-v4" in some future, we
would get into the exact same situation.
So I believe a solution when we disable extended instruction sets
in an enclave as one covering all future cases.