From: Yang Zhong <yang.zhong@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
dave.hansen@linux.intel.com, seanjc@google.com, x86@kernel.org,
yang.zhong@intel.com, jarkko@kernel.org, bp@suse.de
Subject: Re: [PATCH v3 0/2] x86: sgx_vepc: implement ioctl to EREMOVE all pages
Date: Tue, 19 Oct 2021 18:17:44 +0800 [thread overview]
Message-ID: <20211019101744.GA30037@yangzhon-Virtual> (raw)
In-Reply-To: <20211016071434.167591-1-pbonzini@redhat.com>
On Sat, Oct 16, 2021 at 03:14:32AM -0400, Paolo Bonzini wrote:
> Add to /dev/sgx_vepc a ioctl that brings vEPC pages back to uninitialized
> state with EREMOVE. This is useful in order to match the expectations
> of guests after reboot, and to match the behavior of real hardware.
>
> The ioctl is a cleaner alternative to closing and reopening the
> /dev/sgx_vepc device; reopening /dev/sgx_vepc could be problematic in
> case userspace has sandboxed itself since the time it first opened the
> device, and has thus lost permissions to do so.
>
> If possible, I would like these patches to be included in 5.15 through
> either the x86 or the KVM tree.
>
Paolo, i verified this version with Qemu reset patch, and passed all
test.
(1). sgx windows guest reset test.
(2). single vepc or multiple vepc reset with 100 enlclaves are running
in the guest.
Thanks,
Yang
> Thanks,
>
> Paolo
>
> Changes from RFC:
> - improved commit messages, added documentation
> - renamed ioctl from SGX_IOC_VEPC_REMOVE to SGX_IOC_VEPC_REMOVE_ALL
>
> Change from v1:
> - fixed documentation and code to cover SGX_ENCLAVE_ACT errors
> - removed Tested-by since the code is quite different now
>
> Changes from v2:
> - return EBUSY also if EREMOVE causes a general protection fault
>
> Paolo Bonzini (2):
> x86: sgx_vepc: extract sgx_vepc_remove_page
> x86: sgx_vepc: implement SGX_IOC_VEPC_REMOVE_ALL ioctl
>
> Documentation/x86/sgx.rst | 35 +++++++++++++++++++++
> arch/x86/include/uapi/asm/sgx.h | 2 ++
> arch/x86/kernel/cpu/sgx/virt.c | 63 ++++++++++++++++++++++++++++++---
> 3 files changed, 95 insertions(+), 5 deletions(-)
>
> --
> 2.27.0
prev parent reply other threads:[~2021-10-19 10:32 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-16 7:14 [PATCH v3 0/2] x86: sgx_vepc: implement ioctl to EREMOVE all pages Paolo Bonzini
2021-10-16 7:14 ` [PATCH v3 1/2] x86: sgx_vepc: extract sgx_vepc_remove_page Paolo Bonzini
2021-10-16 7:14 ` [PATCH v3 2/2] x86: sgx_vepc: implement SGX_IOC_VEPC_REMOVE ioctl Paolo Bonzini
2021-10-18 17:17 ` Sean Christopherson
2021-10-18 17:45 ` Paolo Bonzini
2021-10-18 17:47 ` Sean Christopherson
2021-10-18 12:51 ` [PATCH v3 0/2] x86: sgx_vepc: implement ioctl to EREMOVE all pages Jarkko Sakkinen
2021-10-18 13:03 ` Paolo Bonzini
2021-10-18 13:28 ` Jarkko Sakkinen
2021-10-18 12:58 ` Borislav Petkov
2021-10-19 10:17 ` Yang Zhong [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211019101744.GA30037@yangzhon-Virtual \
--to=yang.zhong@intel.com \
--cc=bp@suse.de \
--cc=dave.hansen@linux.intel.com \
--cc=jarkko@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox