On Fri, Jun 09, 2017 at 11:47:13AM +1200, Huang, Kai wrote:
In my understanding, although you only allows one LE in kernel, but
won't limit who's LE can be run (basically kernel can run LE signed by
anyone, but just one LE when kernel is running), so I don't see there is any
limitation to KVM guests here.
But it may still be better if SGX driver can provide function like:
int sgx_validate_sigstruct(struct sigstruct *sig);
for KVM to call, in case driver is changed (ex, to only allows LEs from some
particular ones to run), but this is not necessary now. KVM changes can be
done later when driver make the changes.
Am I understanding correctly? Does this make sense to you?
Nope. I don't even understand the *beginnings* what that function would
do. I don't understand what the validation means here and what VMM would
do if that functions reports "success".
How that would work on a system where MSRs cannot be changed?
In that kind of system the host OS must generate EINITTOKEN for the LE
running on inside the guest and maintain completely virtualized MSR
values for the guest.