On Wed, 20 Jan 2021 17:15:35 -0800 Dave Hansen wrote: > On 1/20/21 5:06 PM, Kai Huang wrote: > > > > /* > > * Update the SGX_LEPUBKEYHASH MSRs to the values specified by caller. > > * > > * EINITTOKEN is not used in enclave initialization, which requires > > * hash of enclave's signer must match values in SGX_LEPUBKEYHASH MSRs > > * to make EINIT be successful. > > */ > > I'm grumpy, but I hate it. > > I'll stop the bike shedding for now, though. Jarkko and Dave, I'll change to use below: /* * Update the SGX_LEPUBKEYHASH MSRs to the values specified by caller. * Bare-metal driver requires to update them to hash of enclave's signer * before EINIT. KVM needs to update them to guest's virtual MSR values * before doing EINIT from guest. */ Please let me know if are not OK with this.
