On Wed, Sep 23, 2020 at 04:20:49PM +0300, Jarkko Sakkinen wrote:
> Intel Sofware Guard eXtensions (SGX) allows creation of executable blobs
> called enclaves, which cannot be accessed by default when not executing
> inside the enclave. Enclaves can be entered by only using predefined memory
> addresses, which are defined the enclave is loaded.
^
"when" or "before". I think it is before.
> However, enclaves can defined as debug enclaves during the load time. In
"However, enclaves can be defined as debug enclaves at load time."
> debug enclaves data can be read and/or written a memory word at a time by
> using by using ENCLS[EDBGRD] and ENCLS[EDBGWR] leaf instructions.
only one "by using" is enough.
> Add 'access' implementation to vm_ops with the help of these functions.
"Add an ->access virtual MM function for accessing the enclave's memory... "
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
