Re: x86/sgx: uapi change proposal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Dec 20, 2018 at 12:32:04PM +0200, Jarkko Sakkinen wrote:
> On Wed, Dec 19, 2018 at 06:58:48PM -0800, Andy Lutomirski wrote:
> > Can one of you explain why SGX_ENCLAVE_CREATE is better than just
> > opening a new instance of /dev/sgx for each encalve?
> 
> I think that fits better to the SCM_RIGHTS scenario i.e. you could send
> the enclav to a process that does not have necessarily have rights to
> /dev/sgx. Gives more robust environment to configure SGX.

Sean, is this why you wanted enclave fd and anon inode and not just use
the address space of /dev/sgx? Just taking notes of all observations.
I'm not sure what your rationale was (maybe it was somewhere). This was
something I made up, and this one is wrong deduction. You can easily
get the same benefit with /dev/sgx associated fd representing the
enclave.

This all means that for v19 I'm going without enclave fd involved with
fd to /dev/sgx representing the enclave. No anon inodes will be
involved.

/Jarkko



[Index of Archives]     [AMD Graphics]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux