On Thu, Dec 6, 2018 at 2:19 PM Sean Christopherson <[email protected]> wrote: > + > + /* > + * Invoke the caller's exit handler if one was provided. The return > + * value tells us whether to re-enter the enclave (EENTER or ERESUME) > + * or to return (EEXIT). > + */ > + if (exit_handler) { > + leaf = exit_handler(exit_info, tcs, priv); > + if (leaf == SGX_EENTER || leaf == SGX_ERESUME) > + goto enter_enclave; > + if (leaf == SGX_EEXIT) > + return 0; > + return -EINVAL; > + } else if (leaf != SGX_EEXIT) { > + return -EFAULT; > + }
This still seems overcomplicated to me. How about letting the requested leaf (EENTER or ERESUME) be a parameter to the function and then just returning here? As it stands, you're requiring any ERESUME that gets issued (other than the implicit ones) to be issued in the same call stack, which is very awkward if you're doing something like forwarding the fault to a different task over a socket and then waiting in epoll_wait() or similar before resuming the enclave. --Andy
