On Mon, Mar 18, 2019 at 10:15:18AM -0700, Dave Hansen wrote: > On 3/17/19 2:14 PM, Jarkko Sakkinen wrote: > > + /* > > + * Access is blocked by the Enclave Page Cache Map (EPCM), i.e. the > > + * access is allowed by the PTE but not the EPCM. This usually happens > > + * when the EPCM is yanked out from under us, e.g. by hardware after a > > + * suspend/resume cycle. In any case, software, i.e. the kernel, can't > > + * fix the source of the fault as the EPCM can't be directly modified > > + * by software. Handle the fault as an access error in order to signal > > + * userspace, e.g. so that userspace can rebuild their enclave(s), even > > + * though userspace may not have actually violated access permissions. > > + */ > > + if (unlikely(error_code & X86_PF_SGX)) > > + return 1; > > A sanitized error_code gets passed up to userspace. Is that how > userspace figures out that this was a PF_SGX fault instead of something > more routine? Yes. Technically userspace can survive without PF_SGX, e.g. assume that SIGSEGV on EENTER itself indicates an EPCM fault, but the explicit flag does make things easier and cleaner.
