Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3707208imu; Sat, 24 Nov 2018 09:24:20 -0800 (PST) X-Google-Smtp-Source: AFSGD/W8qCCOy+h0FU4+5I7Xbapgk3HJ4Q+iXz5Yc2Qw9V0PtAs10WB2e7H0cL3yZ3wMF89o5LBU X-Received: by 2002:a63:d547:: with SMTP id v7mr18232019pgi.339.1543080260513; Sat, 24 Nov 2018 09:24:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543080260; cv=none; d=google.com; s=arc-20160816; b=lqBDDTJmmSb7iSWt+nZj3DXGlJKcelZ3QVfl081ZUzqe43/PDQAD9ASXwdkLDoKdFn +o52Q6Su3o72tS7c7lLfPotFBKCDsKkdxSVljWVkAHG3IuEOi3lWNJmSk1voMXdxs5y0 hCbUbG5VX6TP+pc08/qeZa0E96EPpSTgKpvxLYbzdotG3ClM0faYvnz7i/rAuc19K/BE hzzWOcLGcAOv7knyHHtHAY7aCsruC1sHDuKnB5W62lukY6TVLBV1MyeTBbWUGqQkVRF4 rEq//A+dR1gAObbxbxIGBM+tqOYfNbi1stAIdW7gL8fG1X0+i4JJl6Y/vnivcePGPFxP gcLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:organization:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=/c2PeQ90eTPlGHHN9UmkQNIpf+Yp5Ki7nPulwlhaIs4=; b=ZWsNDtudNdyC3zZibyh/NXos4COsQ3DikONooiqraCjuXGGmWdIyMbRb1URpr5Ea8d SjJe8MlwFokgox3MrlF0IPbNLclVML7T2ag6/tIUbfN197mm8vvFdfgjobgcSjKhLZrG B95kjL7PUHXpaYJSGIaVcQ8LwXTqZlAn+mqQIJZx3yaGqH5Ro4GhVviTLeDX9a8HMAro /6KELWT5/bomQDgekDeTio6uU6S+b1jcJlXveJPaO9ZrvnkI4R6Fsrz0iWAkQT6FjXqr RhwcUtgZvRI4mf6OE+VWPsNu1eAvvbVAd/mMozROKeuRU1bfNN7Ml0MBbsueqA7Ue+Zm EAAw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i66si29543377pfb.91.2018.11.24.09.24.05; Sat, 24 Nov 2018 09:24:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726460AbeKYEKm (ORCPT + 99 others); Sat, 24 Nov 2018 23:10:42 -0500 Received: from mga07.intel.com ([134.134.136.100]:11609 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725880AbeKYEKm (ORCPT ); Sat, 24 Nov 2018 23:10:42 -0500 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Nov 2018 09:21:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,273,1539673200"; d="scan'208";a="276509344" Received: from moellerb-mobl.ger.corp.intel.com (HELO localhost) ([10.249.254.169]) by orsmga005.jf.intel.com with ESMTP; 24 Nov 2018 09:21:21 -0800 Date: Sat, 24 Nov 2018 09:21:14 -0800 From: Jarkko Sakkinen To: Andy Lutomirski Cc: "Dr. Greg Wettstein" , X86 ML , Platform Driver , linux-sgx@vger.kernel.org, Dave Hansen , "Christopherson, Sean J" , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko , Thomas Gleixner , "Svahn, Kai" , mark.shanahan@intel.com, Suresh Siddha , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Darren Hart , Andy Shevchenko , LKML Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver Message-ID: <20181124172114.GB32210@linux.intel.com> References: <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> <20181116010412.23967-19-jarkko.sakkinen@linux.intel.com> <20181119161917.GF13298@linux.intel.com> <20181120120442.GA22172@linux.intel.com> <20181122111253.GA31150@wind.enjellic.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 22, 2018 at 07:21:08AM -0800, Andy Lutomirski wrote: > > At a high level, addressing these issues is straight forward. First, > > the driver needs to support authorization equivalent to that which is > > implemented in the current Intel Launch Enclave, ie. control over the > > SGX_FLAGS_PROVISION_KEY attribute. > > I agree, hence my email :) Started to scratch my head that is it really an issue that any enclave can provision in the end? Direct quote from your first response: "In particular, the ability to run enclaves with the provisioning bit set is somewhat sensitive, since it effectively allows access to a stable fingerprint of the system." As can be seen from the key derivation table this does not exactly hold so you should refine your original argument before we can consider any type of change. I just don't see what it is so wrong for any enclave to be able to tell that it really is an enclave. /Jarkko