Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Reinette Chatre <reinette.chatre@xxxxxxxxx>
Subject: Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
From: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
Date: Mon, 14 Mar 2022 05:45:45 +0200
Cc: Haitao Huang <haitao.huang@xxxxxxxxxxxxxxx>, "Dhanraj, Vijay" <vijay.dhanraj@xxxxxxxxx>, "dave.hansen@xxxxxxxxxxxxxxx" <dave.hansen@xxxxxxxxxxxxxxx>, "tglx@xxxxxxxxxxxxx" <tglx@xxxxxxxxxxxxx>, "bp@xxxxxxxxx" <bp@xxxxxxxxx>, "Lutomirski, Andy" <luto@xxxxxxxxxx>, "mingo@xxxxxxxxxx" <mingo@xxxxxxxxxx>, "linux-sgx@xxxxxxxxxxxxxxx" <linux-sgx@xxxxxxxxxxxxxxx>, "x86@xxxxxxxxxx" <x86@xxxxxxxxxx>, "Christopherson,, Sean" <seanjc@xxxxxxxxxx>, "Huang, Kai" <kai.huang@xxxxxxxxx>, "Zhang, Cathy" <cathy.zhang@xxxxxxxxx>, "Xing, Cedric" <cedric.xing@xxxxxxxxx>, "Huang, Haitao" <haitao.huang@xxxxxxxxx>, "Shanahan, Mark" <mark.shanahan@xxxxxxxxx>, "hpa@xxxxxxxxx" <hpa@xxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>
In-reply-to: <Yi65sM+yCvZU0/am@iki.fi>
References: <YhLhoMFPyOFZ2fsX@iki.fi> <DM8PR11MB55917F499CDF4CC7D426B0A7F63C9@DM8PR11MB5591.namprd11.prod.outlook.com> <YimWaAqEnXHbLdjh@iki.fi> <op.1itu5vkewjvjmi@hhuan26-mobl1.mshome.net> <Yis8LV99mORcLYs6@iki.fi> <Yis9rA8uC/0bmWCF@iki.fi> <97565fed-dc67-bab1-28d4-c40201c9f055@intel.com> <YiuQx+X9UQ2l22un@iki.fi> <e1c04077-0165-c5ec-53be-7fd732965e80@intel.com> <Yi65sM+yCvZU0/am@iki.fi>

On Mon, Mar 14, 2022 at 05:42:43AM +0200, Jarkko Sakkinen wrote:
> On Fri, Mar 11, 2022 at 11:28:27AM -0800, Reinette Chatre wrote:
> > Supporting permission restriction in an ioctl() enables the runtime to manage
> > the enclave memory without needing to map it.
> 
> Which is opposite what you do in EAUG. You can also augment pages without
> needing the map them. Sure you get that capability, but it is quite useless
> in practice.

Essentially you are tuning for a niche artifical use case over the common
case that most people end up doing. It makes no sense.

BR, Jarkko

Follow-Ups:
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen

References:
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen
- RE: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Dhanraj, Vijay
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Haitao Huang
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Reinette Chatre
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Reinette Chatre
- Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
  - From: Jarkko Sakkinen

Prev by Date: Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
Next by Date: Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
Previous by thread: Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
Next by thread: Re: [PATCH V2 16/32] x86/sgx: Support restricting of enclave page permissions
Index(es):
- Date
- Thread

[Index of Archives] [AMD Graphics] [Linux USB Devel] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]