[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RESEND PATCH 05/32] vl: Add "sgx-epc" option to expose SGX EPC sect
From: |
Sean Christopherson |
Subject: |
Re: [RESEND PATCH 05/32] vl: Add "sgx-epc" option to expose SGX EPC sections to guest |
Date: |
Tue, 4 May 2021 16:20:13 +0000 |
On Tue, May 04, 2021, Paolo Bonzini wrote:
> On 04/05/21 02:09, Sean Christopherson wrote:
> > Is there a way to process "-device sgx-epc..." before vCPUs are realized?
> > The
> > ordering problem was the only reason I added a dedicated option.
>
> If it's just CPUID, one possibility could be to mark the EPC sections
> specially in KVM_SET_USER_MEMORY_REGION and synthesize the leaves within
> KVM; or even look inside the VMA structs and detect EPC regions that way.
I experimented with those options, and a few others, and they all lack the
flexibility of making EPC just another memory backend.
For synthesizing CPUID within KVM:
- Requires a vendor specific memory region flag for all architectures to work
around a quirk of one userspace VMM.
- Pushes a lot of complexity into KVM, e.g. KVM needs to update CPUID in
response to memslot changes, and needs to query memslots in response to
CPUID changes.
- Does KVM or userspace define the section attributes, e.g. confidentiality,
integrity, etc...? If KVM, are they hardcoded to match the host? What
happens if a future Intel platform supports multiple EPC sections with
different attributes? If userspace, how does userspace communicate the
attributes?
- How does userspace know what KVM enumerated to the guest? See the whole
KVM_GET_CPUID2 fiasco...
- Prevents userspace from enumerating EPC without a memslot, e.g. to trap on
the first EPC access for tracking purposes.
For probing VMAs:
- In addition to the above issues, requires MMU notifier integration to update
CPUID in response to a VMA change.
- Requires SGX subsystem to provide a helper to identify EPC VMAs.
In short, I feel very strongly that this is QEMU's problem to solve.
> Otherwise, the -M solution would work.
>
> Paolo
>
> > From the changelog:
> >
> > Because SGX EPC is enumerated through CPUID, EPC "devices" need to be
> > realized prior to realizing the vCPUs themselves, i.e. long before
> > generic devices are parsed and realized.
> >
> > So even though EPC sections could be realized through the generic
> > -devices command, they need to be created much earlier for them to
> > actually be usable by the guest.
>