On Sun, 2023-03-12 at 03:25 +0200, jarkko@xxxxxxxxxx wrote: > On Tue, Mar 07, 2023 at 11:32:15PM +0000, Huang, Kai wrote: > > And in following mmap()s in which we want to map a small range of enclave: > > > > encl_addr = mmap(encl_addr, MAP_SHARED|MAP_FIXED, encl_fd, > > (encl_addr - encl_base) >> PAGE_SHIFT); > > > > ? > > > > Anything wrong above? > > I'm not sure I fully comprehended your response because it was > honestly a bit scattered so please correct me if I'm missing > something but: why a process would want to map a small range > of an enclave? For SGX2, if mmap(MAP_ANONYMOUS) was used to get the enclave base address before ECREATE, you will need to mmap(encl_fd) for any regions that are not pre- populated (via EADD), no matter whether the first mmap(MAP_ANONYMOUS) has covered all enclave range or not. Otherwise, the fault to SGX2 regions won't be handled by SGX driver. You can find such mmap() in patch 4 in this series too. Also, architecturally, for SGX2 the first mmap() (before ECREATE) doesn't have to map the entire enclave range. For SGX2 it's fine to pass a larger enclave range in ioctl(ECREATE) than the range got from the first mmap(). Userspace can later on choose to only mmap() the dynamic ranges that it wants to use.
