On 04/05/21 18:20, Sean Christopherson wrote:
If it's just CPUID, one possibility could be to mark the EPC sections specially in KVM_SET_USER_MEMORY_REGION and synthesize the leaves within KVM; or even look inside the VMA structs and detect EPC regions that way.I experimented with those options, and a few others, and they all lack the flexibility of making EPC just another memory backend. For synthesizing CPUID within KVM: - Requires a vendor specific memory region flag for all architectures to work around a quirk of one userspace VMM. - Pushes a lot of complexity into KVM, e.g. KVM needs to update CPUID in response to memslot changes, and needs to query memslots in response to CPUID changes. - Does KVM or userspace define the section attributes, e.g. confidentiality, integrity, etc...? If KVM, are they hardcoded to match the host? What happens if a future Intel platform supports multiple EPC sections with different attributes? If userspace, how does userspace communicate the attributes? - How does userspace know what KVM enumerated to the guest? See the whole KVM_GET_CPUID2 fiasco... - Prevents userspace from enumerating EPC without a memslot, e.g. to trap on the first EPC access for tracking purposes.For probing VMAs:- In addition to the above issues, requires MMU notifier integration to update CPUID in response to a VMA change. - Requires SGX subsystem to provide a helper to identify EPC VMAs. In short, I feel very strongly that this is QEMU's problem to solve.
Makes sense, thanks. (Of course this or other design comments could have been in the commit message too; but in all fairness it's never obvious which misguided ideas the reviewers could come up with).
Paolo
