Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp227804imu;
        Tue, 27 Nov 2018 11:27:38 -0800 (PST)
X-Google-Smtp-Source: AFSGD/VT6hSK93KpNGXYx5cL2ZmkYKh7bfenX6m9Dtdyo0fjYaLSJbPgThzpZzmsPDOVtO/zMXQm
X-Received: by 2002:a63:200e:: with SMTP id g14mr30548524pgg.235.1543346858465;
        Tue, 27 Nov 2018 11:27:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543346858; cv=none;
        d=google.com; s=arc-20160816;
        b=HQ34eYA9Q/8dVpC6zeDctraRXbhQwZ2PmdjP/jzUvtupiODZ30PpOlOC8DbhsNL+zf
         3/yS0ol/f1Hp2FaUElRC/KbQak1PVdyqr7FKvkoqKWk+yQIbVmxtJ8ygHaRUlFs+Z7cb
         ohtQYTbY6RkFfEKwCBvr+r1BwCWZBkzx3f0xlwolqp07lHv1LF6OLaqMzVutJ8J7Wk0G
         UY1X6uipBXORp340uQiLlW6Mh777nBS26c+2J8qe42oT4eRBYzD1dYBwhaGp45wDPu38
         Bo9M20gqnt43iktVE4wdCParP2D9sgGzKQO8wim+8mj++FoOt+OLYLJaJ7BxWlPtQojX
         IrtA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:organization:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=HKJrDTzt7kk6Tri6BcITwH2WIY5l82ViLcyQxgzxg4A=;
        b=aHJd3DD/0GS6XII50dKSKEw6KpQ9pdEm1xmCnjVpVDFD7I6xWyjkOS3qpHXcFTCSNX
         kDHHdXmEznuMXtXLwWOJOjzgcS5UHLDH9tqRbIhYws+2WbqeTzq47hg1lH+SkZnxOK3I
         a9BIzIjlCOL0jl9AVaDKdjL6YsqC/z6Ev/4ZWLZLhTqDQ93ZVGTsqylFKR2/qtPwojkS
         8aylLteQZDjN17nMZgWHx/Oj+B6gr7fsIQqwaAbTUX/eNArSidPY4nv5glF/8+ivkELc
         fwiar7ck5KOgYCPbjUyOBajMabOprh3qNiv3ahxnaqHm0Y9kUt1o8SCk1HXYqxRab8+M
         ZvtQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 187si5040237pfv.238.2018.11.27.11.27.23;
        Tue, 27 Nov 2018 11:27:38 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731318AbeK1DpI (ORCPT <rfc822;austinkernel.kim@gmail.com>
        + 99 others); Tue, 27 Nov 2018 22:45:08 -0500
Received: from mga06.intel.com ([134.134.136.31]:48914 "EHLO mga06.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726729AbeK1DpH (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 27 Nov 2018 22:45:07 -0500
X-Amp-Result: UNSCANNABLE
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
  by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Nov 2018 08:46:38 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.56,287,1539673200"; 
   d="scan'208";a="112258264"
Received: from jsakkine-mobl1.jf.intel.com (HELO localhost) ([10.24.8.96])
  by fmsmga002.fm.intel.com with ESMTP; 27 Nov 2018 08:46:38 -0800
Date:   Tue, 27 Nov 2018 08:46:38 -0800
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     "Dr. Greg" <greg@enjellic.com>
Cc:     Andy Lutomirski <luto@amacapital.net>,
        Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
        Platform Driver <platform-driver-x86@vger.kernel.org>,
        linux-sgx@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>,
        "Christopherson, Sean J" <sean.j.christopherson@intel.com>,
        nhorman@redhat.com, npmccallum@redhat.com,
        "Ayoun, Serge" <serge.ayoun@intel.com>, shay.katz-zamir@intel.com,
        haitao.huang@linux.intel.com,
        Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        "Svahn, Kai" <kai.svahn@intel.com>, mark.shanahan@intel.com,
        Suresh Siddha <suresh.b.siddha@intel.com>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Darren Hart <dvhart@infradead.org>,
        Andy Shevchenko <andy@infradead.org>,
        LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver
Message-ID: <20181127164638.GA5646@linux.intel.com>
References: <CALCETrX+A4XaEMq3fJqmHUeeDHr_BdWh-Wk3ikXfY=L77BbaGA@mail.gmail.com>
 <20181120120442.GA22172@linux.intel.com>
 <20181122111253.GA31150@wind.enjellic.com>
 <CALCETrWJr-C6yK8NBCp=NbapwHOaBFphiDU9VKEtQ0NMRrdC2g@mail.gmail.com>
 <20181124172114.GB32210@linux.intel.com>
 <20181125145329.GA5777@linux.intel.com>
 <0669C300-02CB-4EA6-BF88-5C4B4DDAD4C7@amacapital.net>
 <20181126215145.GC868@linux.intel.com>
 <20181126230436.GA6737@linux.intel.com>
 <20181127085533.GA12247@wind.enjellic.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20181127085533.GA12247@wind.enjellic.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Nov 27, 2018 at 02:55:33AM -0600, Dr. Greg wrote:
> 3.) Enclaves with the SGX_FLAGS_LICENSE_KEY attribute set - i.e., 'Launch
> Enclaves'.

Kernel does not have to manage this. If the MSRs are read-only, they
should match your LE. If the MSRs writable, you don't need an LE.

This whole scheme sounds like adding own SELinux for SGX and it is
only words. No code available.

/Jarkko