On Mon, 2021-12-06 at 12:19 -0800, Dave Hansen wrote: > On 12/4/21 3:08 PM, Jarkko Sakkinen wrote: > > > Enclave page permission changes need to be approached with care and > > > for this reason this initial support is to allow enclave page > > > permission changes _only_ if the new permissions are the same or > > > more restrictive that the permissions originally vetted at the time the > > > pages were added to the enclave. Support for extending enclave page > > > permissions beyond what was originally vetted is deferred. > > This paragraph is out-of-scope for a commit message. You could have > > this in the cover letter but not here. I would just remove it. > > This does convey valuable information, though. It tells the reader that > this is a sub-optimal implementation. It also acknowledges that there > is further work to do. Maybe saying that it is "deferred" is not quite > the verbiage I would use, but the concept is fine. BTW, should we consistently speak about protection bits instead of permissions? /Jarkko
