• Sean Christopherson's avatar
    x86/sgx: Introduce virtual EPC for use by KVM guests · 540745dd
    Sean Christopherson authored
    Add a misc device /dev/sgx_vepc to allow userspace to allocate "raw"
    Enclave Page Cache (EPC) without an associated enclave. The intended
    and only known use case for raw EPC allocation is to expose EPC to a
    KVM guest, hence the 'vepc' moniker, virt.{c,h} files and X86_SGX_KVM
    Kconfig.
    
    The SGX driver uses the misc device /dev/sgx_enclave to support
    userspace in creating an enclave. Each file descriptor returned from
    opening /dev/sgx_enclave represents an enclave. Unlike the SGX driver,
    KVM doesn't control how the guest uses the EPC, therefore EPC allocated
    to a KVM guest is not associated with an enclave, and /dev/sgx_enclave
    is not suitable for allocating EPC for a KVM guest.
    
    Having separate device nodes for the SGX driver and KVM virtual EPC also
    allows separate permission control for running host SGX enclaves and KVM
    SGX guests.
    
    To use /dev/sgx_vepc to allocate a virtual EPC instance with particular
    size, the hypervisor opens /dev/sgx_vepc, and uses mmap() with the
    intended size to get an address range of virtual EPC. Then it may use
    the address range to create one KVM memory slot as virtual EPC for
    a guest.
    
    Implement the "raw" EPC allocation in the x86 core-SGX subsystem via
    /dev/sgx_vepc rather than in KVM. Doing so has two major advantages:
    
      - Does not require changes to KVM's uAPI, e.g. EPC gets handled as
        just another memory backend for guests.
    
      - EPC management is wholly contained in the SGX subsystem, e.g. SGX
        does not have to export any symbols, changes to reclaim flows don't
        need to be routed through KVM, SGX's dirty laundry doesn't have to
        get aired out for the world to see, and so on and so forth.
    
    The virtual EPC pages allocated to guests are currently not reclaimable.
    Reclaiming an EPC page used by enclave requires a special reclaim
    mechanism separate from normal page reclaim, and that mechanism is not
    supported for virutal EPC pages. Due to the complications of handling
    reclaim conflicts between guest and host, reclaiming virtual EPC pages
    is significantly more complex than basic support for SGX virtualization.
    
     [ bp:
       - Massage commit message and comments
       - use cpu_feature_enabled()
       - vertically align struct members init
       - massage Virtual EPC clarification text
       - move Kconfig prompt to Virtualization ]
    Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
    Co-developed-by: default avatarKai Huang <kai.huang@intel.com>
    Signed-off-by: default avatarKai Huang <kai.huang@intel.com>
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Acked-by: default avatarDave Hansen <dave.hansen@intel.com>
    Acked-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
    Link: https://lkml.kernel.org/r/0c38ced8c8e5a69872db4d6a1c0dabd01e07cad7.1616136308.git.kai.huang@intel.com
    540745dd
sgx.h 2.54 KB