On Mon, Oct 07, 2019 at 07:50:11AM -0700, Sean Christopherson wrote:
> The caller is responsible for ensuring EREMOVE can be safely executed,
> e.g. by holding the enclave's lock.
lockdep_assert_held() here maybe?
> For many ENCLS leafs, EREMOVE included, the CPU requires exclusive access
> to the SGX Enclave Control Structures (SECS)[*] and will signal a #GP if
> a different logical CPU is already executing an ENCLS leaf that requires
> exclusive SECS access. The SGX subsystem uses a per-enclave mutex to
> serialize such ENCLS leafs, among other things.
>
> [*] The SECS is a per-enclave page that resides in the EPC and can only be
> directly accessed by the CPU. It's used to track metadata about the
> enclave, e.g. number of child pages, base, size, etc...
Ok.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
