On 1/26/21 1:30 AM, Kai Huang wrote: > From: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > > SGX virtualization requires to allocate "raw" EPC and use it as "virtual > EPC" for SGX guest. Unlike EPC used by SGX driver, virtual EPC doesn't > track how EPC pages are used in VM, e.g. (de)construction of enclaves, > so it cannot guarantee EREMOVE success, e.g. it doesn't have a priori > knowledge of which pages are SECS with non-zero child counts. The grammar there is a bit questionable in spots. Here's a rewrite: SGX can accurately track how bare-metal enclave pages are used. This enables SECS to be specifically targeted and EREMOVE'd only after all child pages have been EREMOVE'd. This ensures that bare-metal SGX will never encounter SGX_CHILD_PRESENT in normal operation. Virtual EPC is different. The host does not track how EPC pages are used by the guest, so it cannot guarantee EREMOVE success. It might, for instance, encounter a SECS with a non-zero child count. Aside: Would it be *possible* for the host to figure out where the SECS pages are? If not, we can say "host can not track" versus what I said: "host does not track". > Add SGX_CHILD_PRESENT for use by SGX virtualization to assert EREMOVE > failures are expected, but only due to SGX_CHILD_PRESENT. > > Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> > Signed-off-by: Kai Huang <kai.huang@xxxxxxxxx> With the improved changelog: Acked-by: Dave Hansen <dave.hansen@xxxxxxxxx>
