On 11/2/18 10:06 AM, Sean Christopherson wrote: > On Fri, Nov 02, 2018 at 09:56:44AM -0700, Dave Hansen wrote: >> On 11/2/18 9:30 AM, Sean Christopherson wrote: >>> What if rather than having userspace register an address for fixup, the >>> kernel instead unconditionally does fixup on the ENCLU opcode? >> >> The problem is knowing what to do for the fixup. If we have a simple >> action to take that's universal, like backing up %RIP, or setting some >> other register state, it's not bad. > > Isn't the EENTER/RESUME behavior universal? Or am I missing something? Could someone write down all the ways we get in and out of the enclave? I think we always get in from userspace calling EENTER or ERESUME. We can't ever enter directly from the kernel, like via an IRET from what I understand. We get *out* from exceptions, hardware interrupts, or enclave-explicit EEXITs. Did I miss any? Remind me where the hardware lands the control flow in each of those exit cases.
