Hi All,
I evaluated V4 patch changes with Gramine and ran into an issue when trying to set EPC page permission to PROT_NONE. It looks like with V3 patch series a change was introduced which requires kernel to have at least R permission when calling RESTRICT IOCTL. This change was done under the assumption that EPCM requires at least R permission for EMODPE/EACCEPT to succeed. But when testing with V2 version, EACCEPT worked fine with page permission set to PROT_NONE.
Thanks to @Shanahan, Mark for confirming that EPCM does not need to have R value to allow EACCEPT or EMODPE. Given this, can we please revert this change?
Thanks, -Vijay
-----Original Message----- From: Jarkko Sakkinen jarkko@kernel.org Sent: Sunday, April 17, 2022 7:58 AM To: Dhanraj, Vijay vijay.dhanraj@intel.com; Chatre, Reinette reinette.chatre@intel.com; dave.hansen@linux.intel.com; tglx@linutronix.de; bp@alien8.de; Lutomirski, Andy luto@kernel.org; mingo@redhat.com; linux-sgx@vger.kernel.org; x86@kernel.org; shuah@kernel.org; linux-kselftest@vger.kernel.org Cc: Christopherson,, Sean seanjc@google.com; Huang, Kai kai.huang@intel.com; Zhang, Cathy cathy.zhang@intel.com; Xing, Cedric cedric.xing@intel.com; Huang, Haitao haitao.huang@intel.com; Shanahan, Mark mark.shanahan@intel.com; hpa@zytor.com; linux- kernel@vger.kernel.org Subject: Re: [PATCH V4 00/31] x86/sgx and selftests/sgx: Support SGX2
On Thu, 2022-04-14 at 18:35 +0000, Dhanraj, Vijay wrote:
Hi Jarkko,
I am working on enabling Gramine with this EDMM patch series. I had tested with V2 patch series and it looked fine. Will evaluate Gramine with
V4 patch series and post my updates in a couple of days.
OK, good to hear. Looking forward to it.
BR, Jarkko