On 10/12/21 3:57 AM, Paolo Bonzini wrote: > For bare-metal SGX on real hardware, the hardware provides guarantees > SGX state at reboot. For instance, all pages start out uninitialized. > The vepc driver provides a similar guarantee today for freshly-opened > vepc instances, but guests such as Windows expect all pages to be in > uninitialized state on startup, including after every guest reboot. > > One way to do this is to simply close and reopen the /dev/sgx_vepc file > descriptor and re-mmap the virtual EPC. However, this is problematic > because it prevents sandboxing the userspace (for example forbidding > open() after the guest starts; this is doable with heavy use of SCM_RIGHTS > file descriptor passing). > > In order to implement this, we will need a ioctl that performs > EREMOVE on all pages mapped by a /dev/sgx_vepc file descriptor: > other possibilities, such as closing and reopening the device, > are racy. > > Start the implementation by creating a separate function with just > the __eremove wrapper. > > Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> Reviewed-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
