On Mon, 2021-09-13 at 16:24 +0200, Paolo Bonzini wrote: > On 13/09/21 16:05, Dave Hansen wrote: > > On 9/13/21 6:11 AM, Paolo Bonzini wrote: > > > Windows expects all pages to be in uninitialized state on startup. > > > In order to implement this, we will need a ioctl that performs > > > EREMOVE on all pages mapped by a /dev/sgx_vepc file descriptor: > > > other possibilities, such as closing and reopening the device, > > > are racy. > > > > Hi Paolo, > > > > How does this end up happening in the first place? > > > > All enclave pages should start out on 'sgx_dirty_page_list' and > > ksgxd sanitizes them with EREMOVE before making them available. That > > should cover EREMOVE after reboots while SGX pages are initialized, > > including kexec(). > > By "Windows startup" I mean even after guest reboot. Because another > process could sneak in and steal your EPC pages between a close() and an > open(), I'd like to have a way to EREMOVE the pages while keeping them > assigned to the specific vEPC instance, i.e. *without* going through > sgx_vepc_free_page(). Isn't "other process in and steal your EPC pages" more like sysadmin problem, rather than software? I'm lacking of understanding what would be the collateral damage in the end. /Jarkko
