Re: [RFC PATCH 00/15] RFC: SGX virtualization design and draft patches

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Wei Liu <wei.liu2@citrix.com>
To: "Huang, Kai" <kai.huang@linux.intel.com>
Cc: kevin.tian@intel.com, sstabellini@kernel.org,
	Wei Liu <wei.liu2@citrix.com>,
	George.Dunlap@eu.citrix.com, andrew.cooper3@citrix.com,
	tim@xen.org, xen-devel@lists.xen.org, jbeulich@suse.com,
	Kai Huang <kaih.linux@gmail.com>,
	ian.jackson@eu.citrix.com
Subject: Re: [RFC PATCH 00/15] RFC: SGX virtualization design and draft patches
Date: Fri, 28 Jul 2017 14:40:15 +0100	[thread overview]
Message-ID: <20170728134015.usyuvpdo5mdl4you@citrix.com> (raw)
In-Reply-To: <9db78ec7-a7d1-3b78-02e2-99a1a468a835@linux.intel.com>

On Tue, Jul 18, 2017 at 08:22:55PM +1200, Huang, Kai wrote:
> Hi Wei,
> 
> Thank you very much for comments. Please see my reply below.
> 
> On 7/17/2017 9:16 PM, Wei Liu wrote:
> > Hi Kai
> > 
> > Thanks for this nice write-up.
> > 
> > Some comments and questions below.
> > 
> > On Sun, Jul 09, 2017 at 08:03:10PM +1200, Kai Huang wrote:
> > > Hi all,
> > > 
> > [...]
> > > 2. SGX Virtualization Design
> > > 
> > > 2.1 High Level Toolstack Changes:
> > > 
> > > 2.1.1 New 'epc' parameter
> > > 
> > > EPC is limited resource. In order to use EPC efficiently among all domains,
> > > when creating guest, administrator should be able to specify domain's virtual
> > > EPC size. And admin
> > > alao should be able to get all domain's virtual EPC size.
> > > 
> > > For this purpose, a new 'epc = <size>' parameter is added to XL configuration
> > > file. This parameter specifies guest's virtual EPC size. The EPC base address
> > > will be calculated by toolstack internally, according to guest's memory size,
> > > MMIO size, etc. 'epc' is MB in unit and any 1MB aligned value will be accepted.
> > > 
> > > 2.1.2 New XL commands (?)
> > > 
> > > Administrator should be able to get physical EPC size, and all domain's virtual
> > > EPC size. For this purpose, we can introduce 2 additional commands:
> > > 
> > >      # xl sgxinfo
> > > 
> > > Which will print out physical EPC size, and other SGX info (such as SGX1, SGX2,
> > > etc) if necessary.
> > > 
> > >      # xl sgxlist <did>
> > > 
> > > Which will print out particular domain's virtual EPC size, or list all virtual
> > > EPC sizes for all supported domains.
> > > 
> > > Alternatively, we can also extend existing XL commands by adding new option
> > > 
> > >      # xl info -sgx
> > > 
> > > Which will print out physical EPC size along with other physinfo. And
> > > 
> > >      # xl list <did> -sgx
> > > 
> > > Which will print out domain's virtual EPC size.
> > > 
> > > Comments?
> > > 
> > 
> > Can a guest have multiple EPC? If so, the proposed parameter is not good
> > enough.
> 
> According to SDM a machine may have multiple EPC, but it may have doesn't
> mean it must have. EPC is typically reserved by BIOS as Processor Reserved
> Memory (PRM), and in my understanding, client machine  doesn't need to have
> multiple EPC. Currently, I don't see why we need to expose multiple EPC to
> guest. Even physical machine reports multiple EPC, exposing one EPC to guest
> is enough. Currently SGX should not be supported with virtual NUMA
> simultaneously for a single domain.
> 

When you say "is enough", do you mean Intel doesn't recommend users to
use more than one? I don't think from reading this doc precludes using
more then one technically.

> > 
> > Can a guest with EPC enabled be migrated? The answer to this question
> > can lead to multiple other questions.
> 
> See the last section of my design. I saw you've already seen it. :)
> 
> > 
> > Another question, is EPC going to be backed by normal memory? This is
> > related to memory accounting of the guest.
> 
> Although SDM says typically EPC is allocated by BIOS as PRM, but I think we
> can just treat EPC as PRM, so I believe yes, physically EPC is backed by
> normal memory. But EPC is reported as reserved memory in e820 table.
> 
> > 
> > Is EPC going to be modeled as a device or another type of memory? This
> > is related to how we manage it in the toolstack.
> 
> I think we'd better to treat EPC as another type of memory. I am not sure
> whether it should be modeled as device, as on real machine, EPC is also
> exposed in ACPI table via "INT0E0C" device under \_SB (however it is not
> modeled as PCIE device for sure).
> 
> > 
> > Finally why do you not allow the users to specify the base address?
> 
> I don't see any reason why user needs to specify base address. If we do,
> then specify what address? On real machine, BIOS set the base address, and
> for VM, I think toolstack/Xen should do this.

We can expose an option for user to control that if they want to and at
the same time provide the logic to calculate the base address
internally. I'm not sure if that's going to be very useful, but I'm not
convinced it is entirely useless either.

Thinking a bit more we can always extend the syntax and API to support
that if need be, so I'm fine with not providing such mechanism at early
stage.

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

next prev parent reply	other threads:[~2017-07-28 13:40 UTC|newest]

Thread overview: 58+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-07-09  8:03 [RFC PATCH 00/15] RFC: SGX virtualization design and draft patches Kai Huang
2017-07-09  8:04 ` [PATCH 01/15] xen: x86: expose SGX to HVM domain in CPU featureset Kai Huang
2017-07-12 11:09   ` Andrew Cooper
2017-07-17  6:20     ` Huang, Kai
2017-07-18 10:12   ` Andrew Cooper
2017-07-18 22:41     ` Huang, Kai
2017-07-09  8:09 ` [PATCH 02/15] xen: vmx: detect ENCLS VMEXIT Kai Huang
2017-07-12 11:11   ` Andrew Cooper
2017-07-12 18:54     ` Jan Beulich
2017-07-13  4:57       ` Huang, Kai
2017-07-09  8:09 ` [PATCH 03/15] xen: x86: add early stage SGX feature detection Kai Huang
2017-07-19 14:23   ` Andrew Cooper
2017-07-21  9:17     ` Huang, Kai
2017-07-22  1:06       ` Huang, Kai
2017-07-09  8:09 ` [PATCH 06/15] xen: x86: add SGX basic EPC management Kai Huang
2017-07-09  8:09 ` [PATCH 07/15] xen: x86: add functions to populate and destroy EPC for domain Kai Huang
2017-07-09  8:09 ` [PATCH 09/15] xen: vmx: handle SGX related MSRs Kai Huang
2017-07-19 17:27   ` Andrew Cooper
2017-07-21  9:42     ` Huang, Kai
2017-07-22  1:37       ` Huang, Kai
2017-07-09  8:09 ` [PATCH 10/15] xen: vmx: handle ENCLS VMEXIT Kai Huang
2017-07-09  8:09 ` [PATCH 11/15] xen: vmx: handle VMEXIT from SGX enclave Kai Huang
2017-07-09  8:09 ` [PATCH 12/15] xen: x86: reset EPC when guest got suspended Kai Huang
2017-07-09  8:10 ` [PATCH 04/15] xen: mm: add ioremap_cache Kai Huang
2017-07-11 20:14   ` Julien Grall
2017-07-12  1:52     ` Huang, Kai
2017-07-12  7:13       ` Julien Grall
2017-07-13  5:01         ` Huang, Kai
2017-07-12  6:17     ` Jan Beulich
2017-07-13  4:59       ` Huang, Kai
2017-07-09  8:10 ` [PATCH 08/15] xen: x86: add SGX cpuid handling support Kai Huang
2017-07-12 10:56   ` Andrew Cooper
2017-07-13  5:42     ` Huang, Kai
2017-07-14  7:37       ` Andrew Cooper
2017-07-14 11:08         ` Jan Beulich
2017-07-17  6:16         ` Huang, Kai
2017-07-09  8:12 ` [PATCH 05/15] xen: p2m: new 'p2m_epc' type for EPC mapping Kai Huang
2017-07-12 11:01   ` Andrew Cooper
2017-07-12 12:21     ` George Dunlap
2017-07-13  5:56       ` Huang, Kai
2017-07-09  8:14 ` [PATCH 13/15] xen: tools: add new 'epc' parameter support Kai Huang
2017-07-09  8:15 ` [PATCH 14/15] xen: tools: add SGX to applying CPUID policy Kai Huang
2017-07-09  8:16 ` [PATCH 15/15] xen: tools: expose EPC in ACPI table Kai Huang
2017-07-12 11:05   ` Andrew Cooper
2017-07-13  8:23     ` Huang, Kai
2017-07-14 11:31   ` Jan Beulich
2017-07-17  6:11     ` Huang, Kai
2017-07-17 10:54   ` Roger Pau Monné
2017-07-18  8:36     ` Huang, Kai
2017-07-18 10:21       ` Roger Pau Monné
2017-07-18 22:44         ` Huang, Kai
2017-07-11 14:13 ` [RFC PATCH 00/15] RFC: SGX virtualization design and draft patches Andrew Cooper
2017-07-17  6:08   ` Huang, Kai
2017-07-21  9:04     ` Huang, Kai
2017-07-17  9:16 ` Wei Liu
2017-07-18  8:22   ` Huang, Kai
2017-07-28 13:40     ` Wei Liu [this message]
2017-07-31  8:37       ` Huang, Kai

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170728134015.usyuvpdo5mdl4you@citrix.com \
    --to=wei.liu2@citrix.com \
    --cc=George.Dunlap@eu.citrix.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jbeulich@suse.com \
    --cc=kai.huang@linux.intel.com \
    --cc=kaih.linux@gmail.com \
    --cc=kevin.tian@intel.com \
    --cc=sstabellini@kernel.org \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).