On Mon, 2018-06-25 at 08:45 -0700, Andy Lutomirski wrote: > I'm personally rather strongly in favor of the vastly simpler model in > which we first merge SGX without LE support at all. Instead we use > the approach where we just twiddle the MSRs to launch normal enclaves > without an init token at all, which is probably considerably faster > and will remove several thousand lines of code. If and when a bona > fide use case for LE support shows up, we can work out the details and > merge it.
Andy, I was going to propose exactly the same :-) We can upstream SGX that supports only unlocked MSRs and that does not preventing to upstream support for locked MSRs later. Even if we had a consensus for locked MSRs, making two milestones for the mainline would make perfect sense. I came into this conclusion last night because all the other review comments not concerning the launch control are easily sorted out. /Jarkko
