On Tue, May 10, 2022 at 11:16:46AM +0800, Zhiquan Li wrote: > Hi everyone, > > This series contains a few patches to fine grained SGX MCA behavior. > > When VM guest access a SGX EPC page with memory failure, current > behavior will kill the guest, expected only kill the SGX application > inside it. > > To fix it we send SIGBUS with code BUS_MCEERR_AR and some extra > information for hypervisor to inject #MC information to guest, which > is helpful in SGX virtualization case. > > However, current SGX data structures are insufficient to track the > EPC pages for vepc, so we introduce a new struct sgx_vepc_page which > can be the owner of EPC pages for vepc and saves the useful info of > EPC pages for vepc, like struct sgx_encl_page. > > Moreover, canonical memory failure collects victim tasks by iterating > all the tasks one by one and use reverse mapping to get victim tasks’ > virtual address. This is not necessary for SGX - as one EPC page can > be mapped to ONE enclave only. So, this 1:1 mapping enforcement > allows us to find task virtual address with physical address > directly. Hmm... An enclave can be shared by multiple processes. The virtual address is the same but there can be variable number of processes having it mapped. > > Then we extend the solution for the normal SGX case, so that the task > has opportunity to make further decision while EPC page has memory > failure. > > Tests: > 1. MCE injection test for SGX in VM. > As we expected, the application was killed and VM was alive. > 2. MCE injection test for SGX on host. > As we expected, the application received SIGBUS with extra info. > 3. Kernel selftest/sgx: PASS > 4. Internal SGX stress test: PASS > 5. kmemleak test: No memory leakage detected. > > Zhiquan Li (4): > x86/sgx: Move struct sgx_vepc definition to sgx.h > x86/sgx: add struct sgx_vepc_page to manage EPC pages for vepc > x86/sgx: Fine grained SGX MCA behavior for virtualization > x86/sgx: Fine grained SGX MCA behavior for normal case > > arch/x86/kernel/cpu/sgx/main.c | 24 ++++++++++++++++++++++-- > arch/x86/kernel/cpu/sgx/sgx.h | 12 ++++++++++++ > arch/x86/kernel/cpu/sgx/virt.c | 29 +++++++++++++++++++---------- > 3 files changed, 53 insertions(+), 12 deletions(-) > > -- > 2.25.1 > BR, Jarkko
