On Tue, Jun 26, 2018 at 4:44 AM Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> wrote: > > On Mon, 2018-06-25 at 08:45 -0700, Andy Lutomirski wrote: > > I'm personally rather strongly in favor of the vastly simpler model in > > which we first merge SGX without LE support at all. Instead we use > > the approach where we just twiddle the MSRs to launch normal enclaves > > without an init token at all, which is probably considerably faster > > and will remove several thousand lines of code. If and when a bona > > fide use case for LE support shows up, we can work out the details and > > merge it. > > Andy, I was going to propose exactly the same :-) > > We can upstream SGX that supports only unlocked MSRs and that does > not preventing to upstream support for locked MSRs later. Even if > we had a consensus for locked MSRs, making two milestones for the > mainline would make perfect sense. > > I came into this conclusion last night because all the other review > comments not concerning the launch control are easily sorted out. +1. Let's do this and get it merged without launch enclave support lockdown now. We can revisit this once we have hands on experience with the technology.
