On Tue, Sep 22, 2020 at 02:56:19PM +0200, Jethro Beekman wrote: > On 2020-09-22 10:29, Borislav Petkov wrote: > > On Mon, Sep 21, 2020 at 12:17:00PM -0700, Sean Christopherson wrote: > >> That was effectively my original suggestion as well, check for a stale cache > >> and retry indefinitely. I capitulated because it did feel like I was being > >> overly paranoid. I'm obviously ok going the retry indefinitely route :-). > >> > >> https://lkml.kernel.org/r/20180904163546.GA5421@xxxxxxxxxxxxxxx > > > > Right, so if EINIT is so expensive, why does it matter how many cyccles > > WRMSR has? I.e., you don't really need to cache - you simply write the 4 > > MSRs and you're done. Simple. Hmm, true. The 1200+ cycles to write the hash MSRs (they're 3x slower than other MSRs) seems scary, but compared to the 60k cycles it really doesn't matter. > > As to "indefinitely" - caller can increment a counter which counts > > how many times it returned SGX_INVALID_EINITTOKEN. I guess when it > > reaches some too high number which should not be reached during normal > > usage patterns, you can give up and issue a message to say that counter > > reached max retries or so but other than that, you should be ok. That > > thing is running interruptible in a loop anyway... > > I don't see why you'd need to retry indefinitely. Yes the MSRs may not match > the cached value for “reasons”, but if after you've written them once it > still doesn't work, clearly either 1) an “unhelpful” VMM is actively messing > with the MSRs which I'd say is at best a VMM bug or 2) there was an EPC reset > and your enclave is now invalid anyway, so no need to EINIT. Ah, also true, I overlooked that an MSR reset would also kill the enclave. So yeah, this can be simplified to: if (SGX_LC) { for (i = 0; i < 4; i++) wrmsrl(...); } return __einit(...);
