Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1710575imu; Wed, 28 Nov 2018 13:53:07 -0800 (PST) X-Google-Smtp-Source: AFSGD/Wc2+veNwkucfdCQLmBGV1yn+JGGKTK9ywY1c2iJhgpzgAHcIHh1uXjZqPgQw0vKHRulSrz X-Received: by 2002:a17:902:9a8b:: with SMTP id w11mr5788213plp.121.1543441987466; Wed, 28 Nov 2018 13:53:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543441987; cv=none; d=google.com; s=arc-20160816; b=DEJr4Pq8WYrVIRc88Sp/sr484m7Wbhnl6mf3tlgRG7vsVUIFhRDEDVg8LkgXoJ8mq7 Is4wVB41Ou2fdX188sAmUMJECJ0Ch+0KXZpnddtgD4kioPzAf03V2d6GI6hx+IoHrUSa 0FalKXBOqoCmzXMzptRtyna0FrzEKBNpg3hi0LjOY/IiiiKng7oN83U80zuohV800x2B AkgEFgOfiwXSPgvCMdlNtrKc6ijn8LPkHLXvlyo0p9N3A7134dhNRoVnZ6PXEn/kOe4t 6P0lSHy+S/zcN9av7r6S++aKoEH/n8xB46kTKQMwwYWx5GddxDbIx7/abft9P2UEfEm8 9PEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=+A6kKVDT/lzse7xZ8rGbuT3M9IaS07gutU1qZJ0FKGs=; b=qBOPo+Pe4/CQazaft0SZy3TbUNsybdRK0HN7Jmej2O97CzU2ZgL91ZFdfh03pUgJBF e2cNPxNagXWs6a+Qr8rIzo9nuO9AmoGaVW+GFbTLUOHLzQGfXAe4TnFwHhqRdeUIm7xJ xi/p2h0sFlLCQnQV6oqwDu++UoPZnFjtCsZZ7ZA8B90y6Nzw5YQ+RIK9hE/IyUl2LK/W ScgBJGUogiXyT9pRzr3RXdo7gfp3dHvZsQYss1ouopZmJ//56ysHpnjN2YnFI9nKYZnA hE5PbTZf4pE+677SIuXFeMIQCNm2qpwAsn7sZQ/p31gs1EONX6mq02flblq/xbAYw+dK tB2Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Ba9dJd4Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h69si8145613pge.121.2018.11.28.13.52.51; Wed, 28 Nov 2018 13:53:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=Ba9dJd4Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726414AbeK2IzT (ORCPT + 99 others); Thu, 29 Nov 2018 03:55:19 -0500 Received: from mail-wm1-f66.google.com ([209.85.128.66]:51334 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726307AbeK2IzT (ORCPT ); Thu, 29 Nov 2018 03:55:19 -0500 Received: by mail-wm1-f66.google.com with SMTP id s14so211026wmh.1 for ; Wed, 28 Nov 2018 13:52:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+A6kKVDT/lzse7xZ8rGbuT3M9IaS07gutU1qZJ0FKGs=; b=Ba9dJd4YCsnI+qe8Wnv/2jONoooWXrGAh+x0TELwQaOpSzPl2JSdtXT0OClCfZSAD5 LCyHfk0Mu1V1B+aDy/kz482gHNQeMI2xk5YhIb3AKpgf12FRGRcW80oqe5tUBwl39BTB 5fjN9GmunOq3dSkK1BoS/D7sJrE+Baqsqq+TLRY+Np068Vh72A8yjiyx7Yof6r6aiSas jWUI9TiwQwK2EqQJtdo/QYSisoW/xwfhdpa9UAav2YTVT4QMR9wr4OEGO8SdOrOOydCT LizZ6Jt4WBmGSX4d4Yd4e+AXoMlo9/jXaUj+Lwzw8o+ef8gi16XUtedy5Ar8cgbAjyLn uudQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+A6kKVDT/lzse7xZ8rGbuT3M9IaS07gutU1qZJ0FKGs=; b=iWiG8p3TA6KaDKQlyNOSOdKc9SxAH8+fYiZ9CybYcl772rI/WySDpexwVDJPNareCM LWAFIZ/8s0Hzswz26FnPp4WPc/IE+bQkRkPdSAZGpCpThDdCDJyUAs1BRQgRCdZencJQ 3/WUwZ/lzmTY0oOJUSnRMwEjRxP8dCbyhi39OhVz2sHWXLQ7wDm7b3Nmn6milFTWS6yW jodcZ/4iMX+mArW8kUK1bz6O6zwwOvj4JkMMCQUZKm5W5aiUVrQqT1JNacbrum4QWr3T EV3Qs1UK6i4l4hyxgILqUyte7jamD3HljzYDh69diO/kxwHP4bDcMpnbixLl8adP0a/o DjtA== X-Gm-Message-State: AA+aEWY0++yuT/aHBRnNoTqzWRLJog9lzZMOwKBFiZ/PG7XmrBfPdILX sGardytvYf4lJX926YLOzl5VYljaSIAn4+PO+/ntIQ== X-Received: by 2002:a1c:b1d5:: with SMTP id a204mr4500608wmf.32.1543441934150; Wed, 28 Nov 2018 13:52:14 -0800 (PST) MIME-Version: 1.0 References: <20181119161917.GF13298@linux.intel.com> <20181120120442.GA22172@linux.intel.com> <20181122111253.GA31150@wind.enjellic.com> <20181124172114.GB32210@linux.intel.com> <20181125145329.GA5777@linux.intel.com> <0669C300-02CB-4EA6-BF88-5C4B4DDAD4C7@amacapital.net> <20181126215145.GC868@linux.intel.com> <20181126230436.GA6737@linux.intel.com> <20181127085533.GA12247@wind.enjellic.com> In-Reply-To: <20181127085533.GA12247@wind.enjellic.com> From: Andy Lutomirski Date: Wed, 28 Nov 2018 13:52:00 -0800 Message-ID: Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver To: "Dr. Greg Wettstein" Cc: Jarkko Sakkinen , Andrew Lutomirski , X86 ML , Platform Driver , linux-sgx@vger.kernel.org, Dave Hansen , "Christopherson, Sean J" , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko , Thomas Gleixner , "Svahn, Kai" , mark.shanahan@intel.com, Suresh Siddha , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Darren Hart , Andy Shevchenko , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 27, 2018 at 12:55 AM Dr. Greg wrote: > Since the thread has become a bit divergent I wanted to note that we > have offered a proposal for a general policy management framework > based on MRSIGNER values. This framework is consistent with the SGX > security model, ie. cryptographic rather then DAC based policy > controls. This framework also allows a much more flexible policy > implementation that doesn't result in combinatoric issues. Can you give a concrete explanation of a problem that your proposal would solve? As far as I can tell, it gets rid of a case in which an unprivileged attacker who can run enclaves but hasn't compromised the kernel can learn the PPID and other SGX-related permanent platform identifiers, but it does nothing to prevent the same attacker from learning non-SGX-related permanent identifiers, nor does it prevent the attacker from using the Intel quoting enclave (unless configured in a surprising way) and thus attesting to a remote system. So what problem does it solve?