On Wed, Oct 12, 2022 at 11:01:49AM +0000, Huang, Kai wrote: > On Wed, 2022-10-12 at 13:09 +0800, Zhiquan Li wrote: > > > > SGX virtual EPC driver doesn't explicitly prevent virtual EPC instance > > > > being shared by multiple VMs via fork(). However KVM doesn't support > > > > running a VM across multiple mm structures, and the de facto userspace > > > > hypervisor (Qemu) doesn't use fork() to create a new VM, so in practice > > > > this should not happen. > > > > > > This is out of the blue. Why is this here? > > > > > > What happens if a hypervisor *DOES* fork()? What's the fallout? > > > > This part originates from below discussion: > > > > https://lore.kernel.org/linux-sgx/52dc7f50b68c99cecb9e1c3383d9c6d88734cd67.camel@xxxxxxxxx/#t > > > > It intents to answer the question: > > > > Do you think the processes sharing the same enclave need to be > > killed, even they had not touched the EPC page with hardware error? > > Sharing virtual EPC instance will very likely unexpectedly break enclaves in all > VMs. Whether kernel should explicitly prevent is another topic. To me I don't > see strong reason to enforce in the kernel. For instance, multiple VMs can map > the same file as memory backend with MAP_SHARED, in which case they can all > break. Userspace should use virtual EPC in the right way. Broadly speaking, for most of the time, and for any topic, kernel should not prevent anything, unless it can break kernel's internal state. > But the point is above is not directly related to your patch. On host where > multiple processes can share one enclave legally, it does the same thing. I > think you can just remove that paragraph from changelog. > > -- > Thanks, > -Kai > > BR, Jarkko
