On Thu, Jan 03, 2019 at 08:26:35AM -0800, Sean Christopherson wrote: > What I was trying to explain is that the uapi isn't for KVM, it's for > the userspace hypervisor, e.g. Qemu. Qemu will inform KVM of the > resulting guest memory region so that KVM can configure its guest page > tables accordingly, but that is done through KVM's existing memory uapi. OK, I now I got it, apologies it took such a long time :-) Now I see the analogy e.g. qemu creates independently VMAs and then fuels those regions to KVM. Similarly qemu would create regions for KVM using "/dev/sgx/mem". For me this is perfectly fine now I understand the reasoning and neither does make my job more difficult to implement the file based enclave change. Thanks for the patience with this... /Jarkko
