Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4607863imu; Sun, 25 Nov 2018 06:54:35 -0800 (PST) X-Google-Smtp-Source: AFSGD/VBJ6uM/47d4sN8k6WBqqYDq5bH4HtTUi5RHfXG5CfpiTv8o/eNGC9b0mHcGdCZ48aVx703 X-Received: by 2002:a63:b17:: with SMTP id 23mr1745619pgl.423.1543157675399; Sun, 25 Nov 2018 06:54:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543157675; cv=none; d=google.com; s=arc-20160816; b=Xmi37UGLfyYkBOjHb3JQ6QvVNN+3ozFZ7NXDPiSmtAx089XFUaUCIab1n9UvBX8426 0qw9L1TBgJwdNP+z1sx8dznNdb5qsdktXx/EFAFI/kqiqmYU1n9ucZfFh0qZIK0HVBOF +dnzg7Tte5dwNeBM6b3xShVoPAchzNemhbzKWt4qP6f9o5JcUcmxwp0bok+INUwu+GeU jMC3eqfKSvZM0+SwFkdeh/6AHvtdFqZTNTcgpevJJPy9WhVKpHRPQ14nXkMfbu5bFQah CQf46JLVuQ2KC/Pp6HZ/fk20a2Uh2ob3AZ1uyyJiV3VDWs09nDA74roNd0xa9NgHJ9r/ KQqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:organization:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=6a+W43AE5BEcu0ZjNna1emmDcoYZvcr8EwZICfhSkF0=; b=YdqDXkMmIw8t9OETXN2TGidcs5BaGbmbmfdOJgi3/arLo+khsMK4lludiBT++1j2N2 UE/Zv63Yxint4Ts6hvzwBvbacLyIqaoIRszzZidRt5XcDQ6XBXqOv4bOGlOLSruxnvsd f38lCTnzNTcWpSo3jWAZoJsnapkHa4xD0CU/EoOc++uGwzQyU12fNnHuj0jEjiBehLJN 4+UBiyrW+9A3nWIEoY5wYGt5RtlAjjxRew54QzsCGIwvcPx/ZqLwQU4mPB7+CQy+GzI9 74HJAKnyqFcDsA7xtzIG0MMg5KAiksR6yQH8Icn6wr7+yznEGwpDaY1kHdi8JtquGkYP HqPQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w2si21119557pgp.546.2018.11.25.06.54.18; Sun, 25 Nov 2018 06:54:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726317AbeKZBoz (ORCPT + 99 others); Sun, 25 Nov 2018 20:44:55 -0500 Received: from mga04.intel.com ([192.55.52.120]:20124 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726090AbeKZBoz (ORCPT ); Sun, 25 Nov 2018 20:44:55 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Nov 2018 06:53:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,278,1539673200"; d="scan'208";a="109097807" Received: from djustese-mobl1.ger.corp.intel.com (HELO localhost) ([10.249.254.168]) by fmsmga004.fm.intel.com with ESMTP; 25 Nov 2018 06:53:30 -0800 Date: Sun, 25 Nov 2018 06:53:29 -0800 From: Jarkko Sakkinen To: Andy Lutomirski Cc: "Dr. Greg Wettstein" , X86 ML , Platform Driver , linux-sgx@vger.kernel.org, Dave Hansen , "Christopherson, Sean J" , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko , Thomas Gleixner , "Svahn, Kai" , mark.shanahan@intel.com, Suresh Siddha , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Darren Hart , Andy Shevchenko , LKML Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver Message-ID: <20181125145329.GA5777@linux.intel.com> References: <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> <20181116010412.23967-19-jarkko.sakkinen@linux.intel.com> <20181119161917.GF13298@linux.intel.com> <20181120120442.GA22172@linux.intel.com> <20181122111253.GA31150@wind.enjellic.com> <20181124172114.GB32210@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20181124172114.GB32210@linux.intel.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Nov 24, 2018 at 09:21:14AM -0800, Jarkko Sakkinen wrote: > On Thu, Nov 22, 2018 at 07:21:08AM -0800, Andy Lutomirski wrote: > > > At a high level, addressing these issues is straight forward. First, > > > the driver needs to support authorization equivalent to that which is > > > implemented in the current Intel Launch Enclave, ie. control over the > > > SGX_FLAGS_PROVISION_KEY attribute. > > > > I agree, hence my email :) > > Started to scratch my head that is it really an issue that any enclave > can provision in the end? > > Direct quote from your first response: > > "In particular, the ability to run enclaves with the provisioning bit set > is somewhat sensitive, since it effectively allows access to a stable > fingerprint of the system." > > As can be seen from the key derivation table this does not exactly hold > so you should refine your original argument before we can consider any > type of change. > > I just don't see what it is so wrong for any enclave to be able to tell > that it really is an enclave. I mean I can understand why Greg wants LE although I don't understand what benefit does it bring to anyone to lock in for enclave to allow to identify itself. What you are proposing does not really bring any additional security if we consider a threat model where the kernel is an adversary but it makes the software stack more clanky to use. /Jarkko