On Tue, Sep 04, 2018 at 07:54:51AM -0700, Sean Christopherson wrote: > I don't see any value in trying to rule out specific causes of > INVALID_TOKEN, but we should only retry EINIT if ret==INVALID_TOKEN > and RDMSR(HASH0) != sgx_lepubkeyhash[0]. Only the first MSR needs to > be checked for validity as they're a package deal, i.e. they'll all be > valid or all be reset. There shouldn't be a limit on retry attempts, > e.g. the MSRs could theoretically be reset between WRMSR and EINIT. Why is doing rdmsrs necessary? With the INVALID_TOKEN error we know we are out-of-sync i.e. have been sleeping and then one just needs to do wrmsrs. I think one retry should be enough given that VMM traps EINIT. One retry is needed to take care of the guest itself (or host if we are running on bare metal) having been in a sleep state. /Jarkko
