Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call

From: Jethro Beekman
Date: Fri Sep 25 2020 - 07:44:05 EST

Next message: Vincenzo Frascino: "Re: [PATCH v3 30/39] arm64: kasan: Enable TBI EL1"
Previous message: Arnd Bergmann: "Re: [PATCH 1/2] staging: vchiq: fix __user annotations"
In reply to: Jarkko Sakkinen: "Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2020-09-25 13:17, Jarkko Sakkinen wrote:
> On Fri, Sep 25, 2020 at 10:39:58AM +0200, Jethro Beekman wrote:
>> On 2020-09-25 03:00, Jarkko Sakkinen wrote:
>>> End result:
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-sgx.git/tree/arch/x86/include/uapi/asm/sgx.h
>>>
>>> I'm wondering this sentence:
>>>
>>> "The calling convention is custom and does not follow System V x86-64 ABI."
>>>
>>> AFAIK, now the vDSO is fully C-callable but waiting for feedback before
>>> removing it.
>>
>> It's C-callable *iff your enclave follows the System V x86-64 ABI*. In
>> addition, all registers not clobbered by the SGX ISA are passed to the
>> enclave, not just those specified as parameter passing registers in
>> the ABI. This is intentional to make the vDSO function usable in
>> applications that use the current flexibility of ENCLU.
>
> Hold on, I really want to fix this bit of documentation before sending
> any new version, so I'll explain how I understand it.
>
> I think it is just SystemV ABI call with six parameters in the usual
> GPRs (rdi, rsi, rdx, rcx, r8, r9).
>
> I'm looking at vdso_sgx_enter_enclave.
>
> What I'm not getting?

This can't be observed from looking at the code in vdso_sgx_enter_enclave, because what makes this "custom" is the absence of code or code in the enclave.

If you call vdso_sgx_enter_enclave() from C but your enclave doesn't respect the ABI (for example, it clobbers callee-saved registers), your code will break. But if you call vdso_sgx_enter_enclave from assembly, you can use enclaves with any ABI as long as your assembly and the enclave agree on that ABI.

Alternatively, when using assembly, I can pass stuff to the enclave in registers besides rdi, rsi, rdx, rcx, r8, r9, just as if I were manually calling ENCLU from assembly.

The vDSO assembly has been carefully written to support both scenarios by only using rax, rbx, rcx, rbp, rsp and passing rdi, rsi, rdx, r8, r9 (and everything else).

> + * NOTE: __vdso_sgx_enter_enclave() does not ensure full compliance with the
> + * x86-64 ABI, e.g. doesn't handle XSAVE state. Except for non-volatile
> + * general purpose registers, EFLAGS.DF, and RSP alignment, preserving/setting
> + * state in accordance with the x86-64 ABI is the responsibility of the enclave
> + * and its runtime, i.e. __vdso_sgx_enter_enclave() cannot be called from C
> + * code without careful consideration by both the enclave and its runtime.
> + *
> + * All general purpose registers except RAX, RBX and RCX are passed as-is to
> + * the enclave. RAX, RBX and RCX are consumed by EENTER and ERESUME and are
> + * loaded with @leaf, asynchronous exit pointer, and @tcs respectively.

Perhaps this should be updated to read "All general purpose registers except RAX, RBX, RCX, RBP and RSP ..."

--
Jethro Beekman | Fortanix

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Next message: Vincenzo Frascino: "Re: [PATCH v3 30/39] arm64: kasan: Enable TBI EL1"
Previous message: Arnd Bergmann: "Re: [PATCH 1/2] staging: vchiq: fix __user annotations"
In reply to: Jarkko Sakkinen: "Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v38 21/24] x86/vdso: Implement a vDSO for Intel SGX enclave call"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]