On Thu, Sep 24, 2020 at 02:11:37PM -0500, Haitao Huang wrote: > > For me this has caused months of confusion and misunderstanding of this > > feature. I only recently realized that "oh, right, we invented this". > > > > They are contrived scenarios enough that they should be considered when > > the workloads hit. > > > > Either we fully support noexec or not at all. Any "partial" thing is a > > two edged sword: it can bring some robustness with the price of > > complexity and possible unknown uknown scenarios where they might become > > API issue. > > > > I rather think later on how to extend API in some way to enable such > > contrivid scenarios rather than worrying about how this could be abused. > > > > The whole SGX is complex beast already so lets not add any extra when > > there is no a hard requirement to do so. > > > > I'll categorically deny noexec in the next patch set version. > > > > /Jarkko > > There are use cases supported currently in which enclave binary is received > via IPC/RPC and held in buffers before EADD. Denying noexec altogether would > break those, right? I do not see why data cannot be provided at run-time. AFAIK, it is not different from executables how this works when it comes to noexec. /Jarkko
