On Mon, Nov 26, 2018 at 06:35:34AM -0800, Sean Christopherson wrote: > And how would you determine the #UD is related to SGX? Hardware doesn't > provide any indication that a #UD (or any other fault) is related to SGX > or occurred in an enclave. The only fault that is special-cased in a > non-virtualized environment is #PF signaled by the EPCM, which gets the > PF_SGX bit set in the error code. Could you not detect #UD from address where it happened? Kernel knows where enclaves are mapped. BTW, how does Intel run-time emulate opcodes currently? Anyway, I've fully discarded the whole idea because implementing single stepping w/o well defined AEP handler is nasty. I think vDSO's are the only viable path that at least I'm aware off... /Jarkko
