Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3849483imu; Mon, 10 Dec 2018 08:46:39 -0800 (PST) X-Google-Smtp-Source: AFSGD/Vi2sVQfUVhwBy5ajvaBOveqFOd1fiTAvMoNXSHEja2nc9mL1X21/mgF8eYF0I8lRHI6peq X-Received: by 2002:a63:3d03:: with SMTP id k3mr11459648pga.191.1544460399525; Mon, 10 Dec 2018 08:46:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544460399; cv=none; d=google.com; s=arc-20160816; b=l6j7xYOmDcizLnJZ+HsOgLoExSKkJXL2cvesrgM9767vPviGkh1OImbQYlPryvlTBN 2eS9jEIYo+59duZKeV27E3EY567l9M/DPi1EjZDljDmXu9aucia7iTCESWu+VBrYFlwZ +5/4+xnXFKRnNEotF2xJgkne2hLYi2Yb9L8cscF8y5dMSi3HBI1mb2jFO8E+9Q/pPwnN mJHIwGeAupZBKPim3nTo5e//6CpDMwWNI8KIQQzv7C+MDG75s1jicCLU3MPwXXUCO7S2 i70o5yxcnc4zCJHa+16cYO7TylNz1sWCRMozlSSSmUVTJr4x2p+w89iGKNlOD1zETGdj 1Z5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date; bh=KKAVNfTnxpRcBWFIYQdvq/u+EwMmmOJEHfNQugn1KhI=; b=zvnHdEgmQHL/ipud2n640p1WCgBCeV5N2VhLE7sA4EuYnTSlkSMhoTJ942iWLCi6I7 bx+5b3k+6JB8SdEqe0536f/eBzmSQ2WEpOtQEaW7rMx+H5VM0Xs2LdKWuC3lmTXNExdj NSIBNgMlESWtQfrQC3vaPuUEkC/v9A1OrlBPtXSyxYrIux5Ix4q5sWB20uCHjY22zyzA 6fDkjtVaXf4g42b5qXRGX29regZQ5JKnY/admYElqPOoCG7o1GaK7vR4KR3xKEx22Yhb V/YXgAO5it5C57f1Paq0H9bBwwd92KqnJRAx13A5jT7C+SKgBAiLWxQbzATRbfE1tS2w JomA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w12si9970589pgs.182.2018.12.10.08.46.23; Mon, 10 Dec 2018 08:46:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728062AbeLJOrz (ORCPT + 99 others); Mon, 10 Dec 2018 09:47:55 -0500 Received: from wind.enjellic.com ([76.10.64.91]:56588 "EHLO wind.enjellic.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726888AbeLJOrz (ORCPT ); Mon, 10 Dec 2018 09:47:55 -0500 Received: from wind.enjellic.com (localhost [127.0.0.1]) by wind.enjellic.com (8.15.2/8.15.2) with ESMTP id wBAEkiVw025426; Mon, 10 Dec 2018 08:46:44 -0600 Received: (from greg@localhost) by wind.enjellic.com (8.15.2/8.15.2/Submit) id wBAEkiFv025425; Mon, 10 Dec 2018 08:46:44 -0600 Date: Mon, 10 Dec 2018 08:46:44 -0600 From: "Dr. Greg" To: Pavel Machek Cc: Andy Lutomirski , Jarkko Sakkinen , X86 ML , Platform Driver , linux-sgx@vger.kernel.org, Dave Hansen , "Christopherson, Sean J" , nhorman@redhat.com, npmccallum@redhat.com, "Ayoun, Serge" , shay.katz-zamir@intel.com, haitao.huang@linux.intel.com, Andy Shevchenko , Thomas Gleixner , "Svahn, Kai" , mark.shanahan@intel.com, Suresh Siddha , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Darren Hart , andy@infradead.org, LKML Subject: Re: [PATCH v17 18/23] platform/x86: Intel SGX driver Message-ID: <20181210144644.GA25142@wind.enjellic.com> Reply-To: "Dr. Greg" References: <20181116010412.23967-1-jarkko.sakkinen@linux.intel.com> <20181116010412.23967-19-jarkko.sakkinen@linux.intel.com> <20181209170132.d4hhiic3dfoky4fr@devuan> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20181209170132.d4hhiic3dfoky4fr@devuan> User-Agent: Mutt/1.4i X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.3 (wind.enjellic.com [127.0.0.1]); Mon, 10 Dec 2018 08:46:44 -0600 (CST) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Dec 09, 2018 at 06:01:32PM +0100, Pavel Machek wrote: > Hi! Good morning to everyone. > > On Thu, Nov 15, 2018 at 5:08 PM Jarkko Sakkinen > > wrote: > > > > > > Intel Software Guard eXtensions (SGX) is a set of CPU instructions that > > > can be used by applications to set aside private regions of code and > > > data. The code outside the enclave is disallowed to access the memory > > > inside the enclave by the CPU access control. > > > > > > SGX driver provides a ioctl API for loading and initializing enclaves. > > > Address range for enclaves is reserved with mmap() and they are > > > destroyed with munmap(). Enclave construction, measurement and > > > initialization is done with the provided the ioctl API. > > > > I brought this up a while back, and I think I should re-ask it now > > that this driver is getting close to ready: > > > > As it stands, there's just one SGX character device, and I imagine > > that it'll be available to unprivileged applications. I'm concerned > > that this isn't quite what we want. I certainly think that everyone, > > or at least almost everyone, ought to be able to run normal > > enclaves. > I don't think nobody or postfix or guest should be running enclaves > on my systems. First, I'd like to be able to debug my systems. > > Second, sgx quite complex and tricky. It may turn out to be secure > in the end, but I'd not be surprised if we got few CVEs before we > get there. > > Last, I'd hate to find out in few years that I can't switch to amd > cpu because firefox now requires sgx. > > Just make it root-only or 660 by default. Users can get permission > in similar way they get rights to audio.. I'm not sure that using root or group restricted access to a character device is going to stop an ISV from embracing a technology, but that is an alternate debate. Relying on discretionary, or mandatory for that matter, access controls is not consistent with the security architecture of SGX. The technology was designed to provide robustness in the face of aggressors who may have compromised the operating system or hardware platform. The lingua franca of SGX security and access controls are MRSIGNER values. The SFLC patches that we will be making available, once we are convinced the upstream driver is working, implement MRSIGNER based security controls with an absolutely minimal TCB footprint in the kernel. This strategy allows the platform owner to use SGX compliant and cryptographically enforced access controls. Just as an aside, secondary to our perception that this technology and what it can do is not widely understood, we are developing a 2-part LWN article series on SGX and its implications for Linux. > Pavel Best wishes for a good day and a productive week. Dr. Greg As always, Dr. G.W. Wettstein, Ph.D. Enjellic Systems Development, LLC. 4206 N. 19th Ave. Specializing in information infra-structure Fargo, ND 58102 development. PH: 701-281-1686 FAX: 701-281-3949 EMAIL: greg@enjellic.com ------------------------------------------------------------------------------ "... remember that innovation is saying 'no' to 1000 things." -- Moxie Marlinspike