Comments (6)
ved-rivos
commented on June 2, 2024
A supervisor domain should not be conflated with supervisor mode. In a M+U implementation, the supervisor domain only has U-mode. In a M+S+U implementation, it is M mode policy whether it allows execution in S-mode. The external debug control is for a Supervisor Domain - and not for S-Mode in a Supervisor Domain. When a Supervisor Domain is external debug allowed, all privilege modes in that Supervisor Domain are external debug allowed.
from riscv-smmtt.
AoteJin
commented on June 2, 2024
When a Supervisor Domain is external debug allowed, all privilege modes in that Supervisor Domain are external debug allowed.
Yes, this is exactly what I understood. But this will be an issue for TEE design like this: https://www.usenix.org/system/files/osdi21-feng.pdf
This TEE architecture has M+S+U privilege mode and creates U-mode only enclave to boost performance and improve memory utilization.
from riscv-smmtt.
ved-rivos
commented on June 2, 2024
But this will be an issue for TEE design like this
In such a design where RDSM only allows U-mode on a Supervisor Domain - that enclave is either external debug enabled or is not external debug enabled. Whether there is any execution in Supervisor Mode of that supervisor domain is not material. When running such U-mode only security domains there may or may not be page tables - if there are page tables setup for the U-mode then those page tables are managed by the RDSM and programmed into the satp. If there is no virtual memory used by those U-mode enclaves then RDSM sets the satp to Bare.
In the picture you listed you seem to imply that Domain 2 page tables will be in effect for Domain 1 execution. That is not correct. A page table, if used, has to be managed by the TCB of the domain 1 - and domain 2 is not in the TCB.
Could you elaborate on the specific issue?
from riscv-smmtt.
rsahita
commented on June 2, 2024
To add, the paper referenced above asserts that "The secure monitor maintains all the enclave page tables" on page 279 (memory isolation among enclaves). From the sw arch diagram, secure monitor runs in M-mode. If the M-mode RDSM is itself not under external debug, the U-mode SD can be ext-debug allowed without any impact to the enclave page tables managed by the RDSM.
from riscv-smmtt.
rsahita
commented on June 2, 2024
@AoteJin can i close this issue?
from riscv-smmtt.
rsahita
commented on June 2, 2024
closing this one - please re-open if required.
from riscv-smmtt.
Related Issues (20)
- Shareable data and SDID domains HOT 9
- Debug control for supervisor domains HOT 25
- How many MTT structures are necessary? HOT 1
- About MTTPPN[1:0] HOT 1
- Smsdia clarifications HOT 6
- Update supervisor domain diagram to show S-mode absent cases HOT 1
- Consider add a separate control bit in msdcfg for external trace HOT 27
- Moving the ISA part of external debug security to smmtt HOT 4
- TOCTOU mitigation of debug control check HOT 4
- Protections on external trigger HOT 3
- Trigger breakpoint exception action in debug mode HOT 27
- Document Supervisor domains interaction for RISC-V Capacity and Bandwidth Controller QoS Register Interface (CBQRI) HOT 1
- Selectively delegating some supervisor domain external interrupts HOT 24
- Does Smsdia have dependency on AIA for RV32 ? HOT 11
- Should mideleg[32] be hard-wired to 0 in Smsdia ? HOT 4
- Missing glossary HOT 4
- Access control of CSR seed HOT 6
- MTT implicit accesses should be treated as M-mode accesses for purposes of PMP checking HOT 1
- timedelta for supervisor domains HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from riscv-smmtt.