On Tue, Aug 11, 2020 at 08:16:54AM -0700, Andy Lutomirski wrote: > > > On Aug 10, 2020, at 5:52 PM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote: > > > > > >>> On Aug 10, 2020, at 4:48 PM, Sean Christopherson <sean.j.christopherson@xxxxxxxxx> wrote: > >>> > >>> On Mon, Aug 10, 2020 at 04:08:46PM -0700, Andy Lutomirski wrote: > >>> What am I missing? I still don't really understand why we are > >>> supporting this mechanism at all. Just the asm code to invoke the > >>> callback seems to be about half of the entire function. > >> > >> Because the Intel SDK (and other SDKs?) wants to use the host stack to pass > >> parameters out of the enclave. > > > > Ugh, right. I forgot about that particular abomination. > > > > I suppose that passing a context pointer would be reasonable. > > The alternative would be to pass in a parameter that gets put in RSP before > entering the enclave. The idea is that the untrusted runtime would allocate a > couple pages with guard pages at either end, and enclaves using the > regrettable arguments-on-the-stack scheme would end up using the alternative > stack. > > At the end of the day, none of this really matters too much. Languages that > can do inline asm but can’t do container_of() can get fixed or use > workarounds. So, is your "official" opinion Go update the vDSO to allow passing an arbitrary pointer. or Eh, don't bother.
