Re: [RFC PATCH v3 00/27] KVM SGX virtualization support

[RFC PATCH v3 00/27] KVM SGX virtualization support · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Dave Hansen <hidden> · 2021-01-27
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Andy Lutomirski <luto@amacapital.net> · 2021-01-27
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Dave Hansen <hidden> · 2021-02-01
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Sean Christopherson <seanjc@google.com> · 2021-02-01
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Sean Christopherson <seanjc@google.com> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-03
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Dave Hansen <hidden> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-05
RE: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Huang, Kai <hidden> · 2021-02-05
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Kai Huang <hidden> · 2021-02-02
Re: [RFC PATCH v3 08/27] x86/sgx: Initialize virtual EPC driver even when SGX driver is disabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
[RFC PATCH v3 12/27] x86/sgx: Add encls_faulted() helper · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 12/27] x86/sgx: Add encls_faulted() helper · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
[RFC PATCH v3 13/27] x86/sgx: Add helper to update SGX_LEPUBKEYHASHn MSRs · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 13/27] x86/sgx: Add helper to update SGX_LEPUBKEYHASHn MSRs · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 13/27] x86/sgx: Add helper to update SGX_LEPUBKEYHASHn MSRs · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 13/27] x86/sgx: Add helper to update SGX_LEPUBKEYHASHn MSRs · Dave Hansen <hidden> · 2021-02-01
[RFC PATCH v3 25/27] KVM: VMX: Add ENCLS[EINIT] handler to support SGX Launch Control (LC) · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 26/27] KVM: VMX: Enable SGX virtualization for SGX1, SGX2 and LC · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 24/27] KVM: VMX: Add emulation of SGX Launch Control LE hash MSRs · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 22/27] KVM: VMX: Frame in ENCLS handler for SGX virtualization · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-04
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 23/27] KVM: VMX: Add SGX ENCLS[ECREATE] handler to enforce CPUID restrictions · Sean Christopherson <seanjc@google.com> · 2021-02-04
[RFC PATCH v3 19/27] KVM: x86: Add support for reverse CPUID lookup of scattered features · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 21/27] KVM: VMX: Add basic handling of VM-Exit from SGX enclave · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 20/27] KVM: x86: Add reverse-CPUID lookup support for scattered SGX features · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 27/27] KVM: x86: Add capability to grant VM access to privileged SGX attribute · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Kai Huang <hidden> · 2021-02-02
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Sean Christopherson <seanjc@google.com> · 2021-02-05
RE: [RFC PATCH v3 14/27] x86/sgx: Add helpers to expose ECREATE and EINIT to KVM · Huang, Kai <hidden> · 2021-02-05
[RFC PATCH v3 18/27] KVM: x86: Define new #PF SGX error code bit · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Kai Huang <hidden> · 2021-02-02
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Sean Christopherson <seanjc@google.com> · 2021-02-01
Re: [RFC PATCH v3 16/27] KVM: VMX: Convert vcpu_vmx.exit_reason to a union · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
[RFC PATCH v3 15/27] x86/sgx: Move provisioning device creation out of SGX driver · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 15/27] x86/sgx: Move provisioning device creation out of SGX driver · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
[RFC PATCH v3 17/27] KVM: x86: Export kvm_mmu_gva_to_gpa_{read,write}() for SGX (VMX) · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 11/27] x86/sgx: Add SGX2 ENCLS leaf definitions (EAUG, EMODPR and EMODT) · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 10/27] x86/sgx: Move ENCLS leaf definitions to sgx_arch.h · Kai Huang <hidden> · 2021-01-26
[RFC PATCH v3 09/27] x86/sgx: Expose SGX architectural definitions to the kernel · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 09/27] x86/sgx: Expose SGX architectural definitions to the kernel · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
[RFC PATCH v3 05/27] x86/sgx: Add SGX_CHILD_PRESENT hardware error code · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 05/27] x86/sgx: Add SGX_CHILD_PRESENT hardware error code · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 05/27] x86/sgx: Add SGX_CHILD_PRESENT hardware error code · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 05/27] x86/sgx: Add SGX_CHILD_PRESENT hardware error code · Dave Hansen <hidden> · 2021-01-27
Re: [RFC PATCH v3 05/27] x86/sgx: Add SGX_CHILD_PRESENT hardware error code · Kai Huang <hidden> · 2021-01-27
[RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Dave Hansen <hidden> · 2021-01-27
Re: [RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 06/27] x86/sgx: Introduce virtual EPC for use by KVM guests · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
[RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Dave Hansen <hidden> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Sean Christopherson <seanjc@google.com> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Sean Christopherson <seanjc@google.com> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 07/27] x86/cpu/intel: Allow SGX virtualization without Launch Control support · Kai Huang <hidden> · 2021-02-01
[RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Paolo Bonzini <pbonzini@redhat.com> · 2021-02-02
Re: [RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Kai Huang <hidden> · 2021-02-02
Re: [RFC PATCH v3 04/27] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page() · Dave Hansen <hidden> · 2021-02-02
[RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Sean Christopherson <seanjc@google.com> · 2021-01-26
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Dave Hansen <hidden> · 2021-01-27
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 03/27] x86/sgx: Remove a warn from sgx_free_epc_page() · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-03
[RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Kai Huang <hidden> · 2021-01-27
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-02
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Paolo Bonzini <pbonzini@redhat.com> · 2021-02-02
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Dave Hansen <hidden> · 2021-02-02
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Paolo Bonzini <pbonzini@redhat.com> · 2021-02-02
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Sean Christopherson <seanjc@google.com> · 2021-02-02
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 01/27] x86/cpufeatures: Add SGX1 and SGX2 sub-features · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
[RFC PATCH v3 02/27] x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit · Kai Huang <hidden> · 2021-01-26
Re: [RFC PATCH v3 02/27] x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit · Dave Hansen <hidden> · 2021-01-26
Re: [RFC PATCH v3 02/27] x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit · Jarkko Sakkinen <jarkko@kernel.org> · 2021-01-30
Re: [RFC PATCH v3 02/27] x86/cpufeatures: Make SGX_LC feature bit depend on SGX bit · Kai Huang <hidden> · 2021-02-01
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2021-02-02
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-02
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-02
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-02
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Paolo Bonzini <pbonzini@redhat.com> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Kai Huang <hidden> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-03
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-04
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Kai Huang <hidden> · 2021-02-04
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-04
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-04
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Kai Huang <hidden> · 2021-02-05
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Sean Christopherson <seanjc@google.com> · 2021-02-05
Re: [RFC PATCH v3 00/27] KVM SGX virtualization support · Dave Hansen <hidden> · 2021-02-02

From: Sean Christopherson <seanjc@google.com>
Date: 2021-02-02 22:37:06

On Tue, Feb 02, 2021, Edgecombe, Rick P wrote:

On Tue, 2021-01-26 at 23:10 +1300, Kai Huang wrote:

quoted

This series adds KVM SGX virtualization support. The first 15 patches
starting
with x86/sgx or x86/cpu.. are necessary changes to x86 and SGX
core/driver to
support KVM SGX virtualization, while the rest are patches to KVM
subsystem.

Do we need to restrict normal KVM host kernel access to EPC (i.e. via
__kvm_map_gfn() and friends)? As best I can tell the exact behavior of
this kind of access is undefined. The concern would be if any HW ever
treated it as an error, the guest could subject the host kernel to it.
Is it worth a check in those?

I don't think so.  The SDM does state that the exact behavior is uArch specific,
but it also explicitly states that the access will be altered, which IMO doesn't
leave any wiggle room for a future CPU to fault instead of using some form of
abort semantics.

  Attempts to execute, read, or write to linear addresses mapped to EPC pages
  when not inside an enclave will result in the processor altering the access to
  preserve the confidentiality and integrity of the enclave. The exact behavior
  may be different between implementations.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help