[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v5 03/26] hostmem: Add hostmem-epc as a backend for SGX EPC
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [PATCH v5 03/26] hostmem: Add hostmem-epc as a backend for SGX EPC |
Date: |
Mon, 27 Sep 2021 07:38:17 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.1.0 |
On 9/24/21 13:24, Paolo Bonzini wrote:
> From: Sean Christopherson <sean.j.christopherson@intel.com>
>
> EPC (Enclave Page Cahe) is a specialized type of memory used by Intel
Typo "Enclave Page Cache".
> SGX (Software Guard Extensions). The SDM desribes EPC as:
>
> The Enclave Page Cache (EPC) is the secure storage used to store
> enclave pages when they are a part of an executing enclave. For an
> EPC page, hardware performs additional access control checks to
> restrict access to the page. After the current page access checks
> and translations are performed, the hardware checks that the EPC
> page is accessible to the program currently executing. Generally an
> EPC page is only accessed by the owner of the executing enclave or
> an instruction which is setting up an EPC page.
>
> Because of its unique requirements, Linux manages EPC separately from
> normal memory. Similar to memfd, the device /dev/sgx_vepc can be
> opened to obtain a file descriptor which can in turn be used to mmap()
> EPC memory.
>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Yang Zhong <yang.zhong@intel.com>
> Message-Id: <20210719112136.57018-3-yang.zhong@intel.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> backends/hostmem-epc.c | 82 +++++++++++++++++++++++++++++++++++
> backends/meson.build | 1 +
> include/hw/i386/hostmem-epc.h | 28 ++++++++++++
> 3 files changed, 111 insertions(+)
> create mode 100644 backends/hostmem-epc.c
> create mode 100644 include/hw/i386/hostmem-epc.h
- [PATCH v5 09/26] i386: Add SGX CPUID leaf FEAT_SGX_12_0_EBX, (continued)
- [PATCH v5 09/26] i386: Add SGX CPUID leaf FEAT_SGX_12_0_EBX, Paolo Bonzini, 2021/09/24
- [PATCH v5 10/26] i386: Add SGX CPUID leaf FEAT_SGX_12_1_EAX, Paolo Bonzini, 2021/09/24
- [PATCH v5 12/26] i386: Add feature control MSR dependency when SGX is enabled, Paolo Bonzini, 2021/09/24
- [PATCH v5 13/26] i386: Update SGX CPUID info according to hardware/KVM/user input, Paolo Bonzini, 2021/09/24
- [PATCH v5 15/26] i386: Propagate SGX CPUID sub-leafs to KVM, Paolo Bonzini, 2021/09/24
- [PATCH v5 05/26] i386: Add 'sgx-epc' device to expose EPC sections to guest, Paolo Bonzini, 2021/09/24
- [PATCH v5 16/26] Adjust min CPUID level to 0x12 when SGX is enabled, Paolo Bonzini, 2021/09/24
- [PATCH v5 18/26] hw/i386/pc: Account for SGX EPC sections when calculating device memory, Paolo Bonzini, 2021/09/24
- [PATCH v5 11/26] i386: Add get/set/migrate support for SGX_LEPUBKEYHASH MSRs, Paolo Bonzini, 2021/09/24
- [PATCH v5 03/26] hostmem: Add hostmem-epc as a backend for SGX EPC, Paolo Bonzini, 2021/09/24
- Re: [PATCH v5 03/26] hostmem: Add hostmem-epc as a backend for SGX EPC,
Philippe Mathieu-Daudé <=
- [PATCH v5 07/26] i386: Add primary SGX CPUID and MSR defines, Paolo Bonzini, 2021/09/24
- [PATCH v5 08/26] i386: Add SGX CPUID leaf FEAT_SGX_12_0_EAX, Paolo Bonzini, 2021/09/24
- [PATCH v5 14/26] i386: kvm: Add support for exposing PROVISIONKEY to guest, Paolo Bonzini, 2021/09/24
- [PATCH v5 17/26] hw/i386/fw_cfg: Set SGX bits in feature control fw_cfg accordingly, Paolo Bonzini, 2021/09/24
- [PATCH v5 20/26] i386: acpi: Add SGX EPC entry to ACPI tables, Paolo Bonzini, 2021/09/24
- [PATCH v5 21/26] q35: Add support for SGX EPC, Paolo Bonzini, 2021/09/24
- [PATCH v5 19/26] i386/pc: Add e820 entry for SGX EPC section(s), Paolo Bonzini, 2021/09/24
- [PATCH v5 22/26] i440fx: Add support for SGX EPC, Paolo Bonzini, 2021/09/24
- [PATCH v5 26/26] target/i386: Add the query-sgx-capabilities QMP command, Paolo Bonzini, 2021/09/24
- [PATCH v5 24/26] docs/system: Add SGX documentation to the system manual, Paolo Bonzini, 2021/09/24