[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [Notes for xen summit 2018 design session] SGX deep dive and SGX virtualization design discussion

The notes and PPT were sent to me by Kai to be published
An SGX back-ground presentation can be found at 

Key agreements during a discussion between present maintainers and Kai
* There is no need to  support SGX for PV guests at least initially: this is 
something that can be added in a second phase
* We don’t need to expose SGX to dom0 and let Xen hypervisor manage EPC
* Query SGX info: 
   - Ultimately the interface is the toolstack maintainer's call (aka Wei). 
   - George: maybe extending existing xl command is the best way forward: 
something like ‘xl info -sgx’, ‘xl list <did> -sgx’
* New XL parameter for SGX to create VM to allow admin to configure virtual EPC 
size and support launch control:
   - sgx = ‘epc=<size>,lehash=<sha256-hash>,lewr=<0|1>’
* EPC size configured by ‘epc=<size>’, EPC base calculated by toolstack.
   - KVM SGX will introduce new SGX parameter (similar to Xen’s) in Qemu
   - Should we pass SGX info to Qemu from XL? Andrew: No we should not. It 
should not be very complicated to calculate in XL.
* EPC management: we should integrate EPC management into the existing memory 
management framework to leverage existing MM code (ex, page allocation, etc).
* EPC virtualization: it’s perfectly fine to only support static partitioning, 
at least in a first implementation
   - When needed, we can extend to support EPC ballooning and oversubscription, 
depending on user requirements as they emerge
* CPUID handling: We should rebase patches based on Andrew’s CPUID and MSR 
   - Note from Lars: the patches in question are 
     - [PATCH 00/13] x86: CPUID and MSR policy marshalling support, which has 
been posted but it is only covering ⅓ of the needed patches and requires some 
     - Sergey is working on the libxc side and Andrew on the hypervisor 
     - Roger is working on topology support, which depends on the other three 
pieces, bit Lars is not sure whether these are needed for SGX
   - Andrew: it’s also good to review other patches not related to CPUID/MSR.
* Live migration, snapshot, checkpointing: we should support them as long as 
both Linux and Windows SGX drivers commit to support “sudden loss of EPC” 
(which is not hardware behaviour though).
* ACPI: Overall current approach is OK. We can review when patch is ready. Need 
to use 2 32-bit variables for 64-bit variables in ‘struct acpi_info’.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.