On Mon, Oct 26, 2020 at 02:26:13PM -0700, Dave Hansen wrote:
> What were you concerned about here? Was it how long the syscall could
> take, or that one user could exhaust all the enclave memory in one call?
More the latter. And generally, to have a sanity-check on all requests
coming from luserspace.
> Some later versions of this patch have a 1MB limit per to reduce how
> long each SGX_IOC_ENCLAVE_ADD_PAGES call spends in the kernel. But, I'm
> not _sure_ that's what you were intending.
Yeah, that was not my main goal - rather to sanity-check user input and
impose a sane limit.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
