On 24/04/20 14:56, Alexander Graf wrote: > Yes, that part is not documented in the patch set, correct. I would > personally just make an example user space binary the documentation for > now. Later we will publish a proper device specification outside of the > Linux ecosystem which will describe the register layout and image > loading semantics in verbatim, so that other OSs can implement the > driver too. But this is not part of the device specification, it's part of the child enclave view. And in my opinion, understanding the way the child enclave is programmed is very important to understand if Linux should at all support this new device. > To answer the question though, the target file is in a newly invented > file format called "EIF" and it needs to be loaded at offset 0x800000 of > the address space donated to the enclave. What is this EIF? * a new Linux kernel format? If so, are there patches in flight to compile Linux in this new format (and I would be surprised if they were accepted, since we already have PVH as a standard way to boot uncompressed Linux kernels)? * a userspace binary (the CPL3 that Andra was referring to)? In that case what is the rationale to prefer it over a statically linked ELF binary? * something completely different like WebAssembly? Again, I cannot provide a sensible review without explaining how to use all this. I understand that Amazon needs to do part of the design behind closed doors, but this seems to have the resulted in issues that reminds me of Intel's SGX misadventures. If Amazon has designed NE in a way that is incompatible with open standards, it's up to Amazon to fix it for the patches to be accepted. I'm very saddened to have to say this, because I do love the idea. Thanks, Paolo
