On Tue, 6 Apr 2021 10:28:00 +0200 Borislav Petkov wrote:
> On Tue, Apr 06, 2021 at 09:46:34AM +1200, Kai Huang wrote:
> > Fine to me. Please let me know if you want me to resend patches. Thanks.
>
> Patch updated:
Looks fine. Thank you!
>
> ---
> From: Sean Christopherson
> Date: Fri, 19 Mar 2
On Tue, Apr 06, 2021 at 09:46:34AM +1200, Kai Huang wrote:
> Fine to me. Please let me know if you want me to resend patches. Thanks.
Patch updated:
---
From: Sean Christopherson
Date: Fri, 19 Mar 2021 20:22:21 +1300
Subject: [PATCH] x86/sgx: Introduce virtual EPC for use by KVM guests
Add a mi
On Mon, 5 Apr 2021 11:01:51 +0200 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 35391e94bd22..007912f67a06 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kconfig
> > @@ -1942,6 +1942,18 @@ con
On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 35391e94bd22..007912f67a06 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1942,6 +1942,18 @@ config X86_SGX
>
> If unsure, say N.
>
> +config X86_SGX_KVM
On Thu, 1 Apr 2021 20:31:59 +0200 Borislav Petkov wrote:
> On Thu, Apr 01, 2021 at 01:20:39AM +1300, Kai Huang wrote:
> > Could you help to review whether below change is OK?
>
> I ended up applying this:
Thank you!
>
> ---
> From: Sean Christopherson
> Date: Fri, 19 Mar 2021 20:22:21 +1300
>
On Thu, Apr 01, 2021 at 01:20:39AM +1300, Kai Huang wrote:
> Could you help to review whether below change is OK?
I ended up applying this:
---
From: Sean Christopherson
Date: Fri, 19 Mar 2021 20:22:21 +1300
Subject: [PATCH] x86/sgx: Introduce virtual EPC for use by KVM guests
Add a misc device
On Wed, 31 Mar 2021 21:53:45 +1300 Kai Huang wrote:
> On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> > On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang
> > wrote:
> > >How about adding explanation to Documentation/x86/sgx.rst?
> >
> > Sure, and then we should point users at it. The th
On Wed, 31 Mar 2021 21:53:45 +1300 Kai Huang wrote:
> On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> > On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang
> > wrote:
> > >How about adding explanation to Documentation/x86/sgx.rst?
> >
> > Sure, and then we should point users at it. The th
On Wed, 31 Mar 2021 09:44:39 +0200 Boris Petkov wrote:
> On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang wrote:
> >How about adding explanation to Documentation/x86/sgx.rst?
>
> Sure, and then we should point users at it. The thing is also indexed by
> search engines so hopefully people will f
On March 31, 2021 8:51:38 AM GMT+02:00, Kai Huang wrote:
>How about adding explanation to Documentation/x86/sgx.rst?
Sure, and then we should point users at it. The thing is also indexed by search
engines so hopefully people will find it.
Thx.
--
Sent from a small device: formatting sux and b
On Wed, 31 Mar 2021 08:44:23 +0200 Boris Petkov wrote:
> On March 31, 2021 3:10:32 AM GMT+02:00, Kai Huang
> wrote:
>
> > The admin will be aware of
> >such EPC
> >allocation disjoint situation, and deploy host enclaves/KVM SGX guests
> >accordingly.
>
> The admin will be aware because...
>
>
On March 31, 2021 3:10:32 AM GMT+02:00, Kai Huang wrote:
> The admin will be aware of
>such EPC
>allocation disjoint situation, and deploy host enclaves/KVM SGX guests
>accordingly.
The admin will be aware because...
1) he's following our discussion?
2) he'll read the commit messages and hope
On Fri, 26 Mar 2021 16:03:55 +0100 Borislav Petkov wrote:
> On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> > From: Sean Christopherson
> >
> > Add a misc device /dev/sgx_vepc to allow userspace to allocate "raw" EPC
> > without an associated enclave. The intended and only known use
On Fri, Mar 26, 2021 at 08:35:34AM -0700, Dave Hansen wrote:
> We could do it in the SGX core, but I think what we end up with will end
> up looking a lot like a cgroup controller. It seems like overkill, but
> I think there's enough infrastructure to leverage that it's simpler to
> do it with cgr
On 3/26/21 8:29 AM, Borislav Petkov wrote:
> On Fri, Mar 26, 2021 at 08:17:38AM -0700, Dave Hansen wrote:
>> We're working on a cgroup controller just for enclave pages that will
>> apply to guest use and bare metal. It would have been nice to have up
>> front, but we're trying to do things increm
On Fri, Mar 26, 2021 at 08:17:38AM -0700, Dave Hansen wrote:
> We're working on a cgroup controller just for enclave pages that will
> apply to guest use and bare metal. It would have been nice to have up
> front, but we're trying to do things incrementally. A cgroup controller
> should solve he
On 3/26/21 8:03 AM, Borislav Petkov wrote:
> Let's say all guests start using enclaves and baremetal cannot start any
> new ones anymore due to no more memory. Are we ok with that?
Yes, for now.
> What if baremetal creates a big fat enclave and starves guests all of a
> sudden. Are we ok with tha
On Fri, Mar 19, 2021 at 08:22:21PM +1300, Kai Huang wrote:
> From: Sean Christopherson
>
> Add a misc device /dev/sgx_vepc to allow userspace to allocate "raw" EPC
> without an associated enclave. The intended and only known use case for
> raw EPC allocation is to expose EPC to a KVM guest, henc
> +
> +static int sgx_vepc_free_page(struct sgx_epc_page *epc_page)
> +{
> + int ret;
> +
> + /*
> + * Take a previously guest-owned EPC page and return it to the
> + * general EPC page pool.
> + *
> + * Guests can not be trusted to have left this page in a good
> +
From: Sean Christopherson
Add a misc device /dev/sgx_vepc to allow userspace to allocate "raw" EPC
without an associated enclave. The intended and only known use case for
raw EPC allocation is to expose EPC to a KVM guest, hence the 'vepc'
moniker, virt.{c,h} files and X86_SGX_KVM Kconfig.
SGX
20 matches
Mail list logo
