On Fri, Dec 21, 2018 at 09:12:46AM -0800, Andy Lutomirski wrote: > Hmm. I guess this makes some sense. My instinct would be to do it a > little differently and have: > > /dev/sgx/enclave: Each instance is an enclave. > > /dev/sgx/epc: Used to get raw EPC for KVM. Might have different > permissions, perhaps 0660 and group kvm. > > /dev/sgx/something_else: For when SGX v3 adds something else :) If I make a draw by saying that I will go with the "ioctls for enclave fd" as I'm already making good progress in implementation for v19 and we will look at it? Does not look like a fruitful conversation to continue forward without functional code. I will also update my selftest (as it is part of the patch set) to align with whatever we have so you can immediately run something. And since no one is giving me anything at all on swapping but instead cutting hairs on here, I will lock in (at least for v19) to use shmem again. Sounds like a plan? All the internals will work for whatever mess we want to introduce to the uapi. /Jarkko
