On 9/13/21 6:11 AM, Paolo Bonzini wrote: > Windows expects all pages to be in uninitialized state on startup. > In order to implement this, we will need a ioctl that performs > EREMOVE on all pages mapped by a /dev/sgx_vepc file descriptor: > other possibilities, such as closing and reopening the device, > are racy. Hi Paolo, How does this end up happening in the first place? All enclave pages should start out on 'sgx_dirty_page_list' and ksgxd sanitizes them with EREMOVE before making them available. That should cover EREMOVE after reboots while SGX pages are initialized, including kexec(). sgx_vepc_free_page() should do the same for pages that a guest not not clean up properly. sgx_encl_free_epc_page() does an EREMOVE after a normal enclave has used a page. Those are the only three cases that I can think of. So, it sounds like one of those is buggy, or there's another unexpected path out there. Ultimately, I think it would be really handy if we could do this EREMOVE implicitly and without any new ABI.
