Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp3727099img; Mon, 25 Mar 2019 16:55:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqzFLmddDdLdiwgifWU7wlGgngl/5N54u47SSnhuxCxUjKf4oRY2MMyeCVEIgPNdAZBVLUFf X-Received: by 2002:a65:6098:: with SMTP id t24mr26360484pgu.57.1553558126776; Mon, 25 Mar 2019 16:55:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553558126; cv=none; d=google.com; s=arc-20160816; b=pUOaBhB3F95Iy/TvpjNuBIP/yrbOzVsgCBdzNjqa1LaMUy2x3ZS3t9wdAArmoRMUWX KkSTZeksYYO5KsY4mW3Wj698LGdqaCiYexvfPPBO1UI7TQSh5atcY5VvaKzIhxMBjA6t y46wuUDhpnap6quB+5jf655g1NFGn4oxeR2HU143ggDH4JMcO4iPJZWSbZ4aT7v6rJAt PEbOiqH13yHZENSREec915/C/0pSHUE8Jz3FpSr94l2rpUgEKlF7XFtYg6ob18qQhbtI NN5C/tihbUkVDNu23kvQ9gohTP32pFDNbxYJ0dQ1KnGDjkSh4+0ArQ6SwCIycw+z2NI0 75jA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=sf4Zgo8LsaF6yFeASpEbsI/6LNWjJksYhLspDcrVhrQ=; b=fYSM65uq+pR97iCiEnll0Hc1rfGMbJyuUl6XEGuS71h6rMzd0FXelSohxNBvaOx484 WBseeX4+i8you3j1ZH1WoJ/z9hel47zhTqWAtuIQN5kg4PfxhZ2WzWKBYrcxZ+lSvXPM HQC11d3j/FlaY6rfL+JdqUWraOQYP2a1xd7e7QoDtqtIH/8i1vdIX0FoVQaVAbO9ofv7 zvAteJPHtRAI3avwuoTcFMEkw82d9zsWPw4I/l8wKE8hycLn5Ua4LkaPXYTN+e93O+8p bToBDqegR9yBxgqLZZMstwDTX/CDbz7k8MGLmk8PvDC7Zu97NCQoIAgHe6JebYnJWzoq Kw8Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="XzC69H/t"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j16si14695369pfe.152.2019.03.25.16.55.11; Mon, 25 Mar 2019 16:55:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="XzC69H/t"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727626AbfCYXyh (ORCPT + 99 others); Mon, 25 Mar 2019 19:54:37 -0400 Received: from mail.kernel.org ([198.145.29.99]:53122 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726301AbfCYXyh (ORCPT ); Mon, 25 Mar 2019 19:54:37 -0400 Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id AFFEF20870 for ; Mon, 25 Mar 2019 23:54:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1553558076; bh=7IXy9PmaCQVWs3dr2OsZDsoJ+4vRKTCXqWnIvRBz76k=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=XzC69H/tN4lPBbDrQRBTbjkRY6pxU0kBw05NZkNo+WwxSSCEW+YwwBkPfcL+qKXc7 DJ0EU73PLPfGHUC2u0kMPObp5DuSB1wL4y1Cvg6PeFGwRd0jd25QMTAt3j45p/DmMS 2ofeIPxMjX+kFyYDBDh/oQrIshVWbKj7oRQpLq10= Received: by mail-wr1-f54.google.com with SMTP id k11so4810241wro.5 for ; Mon, 25 Mar 2019 16:54:35 -0700 (PDT) X-Gm-Message-State: APjAAAWlyHBkEERK8Z5a39mM52fMG8fFcPUcNvt/8zrJtCuhH0ZhfvJ8 ozUz1I//4a8MdBzNUwRS3frbtmEKlNr3hK8P74zjLQ== X-Received: by 2002:adf:f011:: with SMTP id j17mr15065852wro.330.1553558074255; Mon, 25 Mar 2019 16:54:34 -0700 (PDT) MIME-Version: 1.0 References: <20190320162119.4469-1-jarkko.sakkinen@linux.intel.com> <20190320162119.4469-25-jarkko.sakkinen@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85C484@ORSMSX116.amr.corp.intel.com> <20190320191318.GF30469@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85C5AB@ORSMSX116.amr.corp.intel.com> <20190322215903.GE12666@linux.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85E481@ORSMSX116.amr.corp.intel.com> <960B34DE67B9E140824F1DCDEC400C0F4E85E989@ORSMSX116.amr.corp.intel.com> In-Reply-To: <960B34DE67B9E140824F1DCDEC400C0F4E85E989@ORSMSX116.amr.corp.intel.com> From: Andy Lutomirski Date: Mon, 25 Mar 2019 16:54:23 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v19,RESEND 24/27] x86/vdso: Add __vdso_sgx_enter_enclave() to wrap SGX enclave transitions To: "Xing, Cedric" Cc: Andy Lutomirski , "Christopherson, Sean J" , Jarkko Sakkinen , "linux-kernel@vger.kernel.org" , "x86@kernel.org" , "linux-sgx@vger.kernel.org" , "akpm@linux-foundation.org" , "Hansen, Dave" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , "andriy.shevchenko@linux.intel.com" , "tglx@linutronix.de" , "Svahn, Kai" , "bp@alien8.de" , "josh@joshtriplett.org" , "Huang, Kai" , "rientjes@google.com" , Dave Hansen , Haitao Huang , Jethro Beekman , "Dr . Greg Wettstein" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Mar 24, 2019 at 1:59 AM Xing, Cedric wrote: > > Hi Andy, > > Thank you for your valuable feedbacks! > > Per what you have been saying, your feedbacks come from different angles = - i.e. functionality vs. security, but they are mixed up somehow. I think you're misunderstanding me. I'm not talking about security at all here. SGX isn't a sandbox, full stop. I'm talking about the degree to which an SGX enclave acts like a well-behaved black box. > > > I=E2=80=99m going to put my vDSO maintainer hat on for a minute. Cedri= c, your > > proposal has the following issues related specifically to the vDSO: > > > > It inherently contains indirect branches. This means that, on retpolin= e > > configurations, it probably needs to use retpolines. This is doable, > > but it=E2=80=99s nasty, and you need to worry about register clobbers. > > Only the weakest link matters in security. With dynamic linking in use, t= his additional indirect CALL can't make things worse. But I'm open to, and = in fact also willing to, apply whatever mitigation that you think is satisf= actory (or that has been applied to other indirect branches, such as in PLT= ), such as retpoline. Btw, don't worry about register clobbers because we h= ave at least %rax at our disposal. There is no actual fundamental reason that dynamic linking has to work this way, and in principle, one could even use retpolines to the call the vDSO. In any event, the vDSO is currently compiled with retpolines enabled, and if we decide to turn that off, it would be decision to be made independently of SGX. > > > > > It uses effectively unbounded stack space. The vDSO timing functions ar= e > > already a problem for Go, and this is worse. > > If targeting the same functionality (i.e. no exit callback), my API uses = exactly 24 bytes more than Sean's. Is it really the case that those 24 byte= s will break Go? You're counting wrong. Your version uses 24 bytes + the stack size of the exit handler + the amount of stack consumed by the enclave, which is effectively unbounded. So this whole scheme becomes unusable on anything other than a stack that is "large" for a totally undefined value of large and that has guard pages. > > > > > Cedric, your proposal allows an enclave to muck with RSP, but not in a > > way that=E2=80=99s particularly pleasant. > > From security perspective, it is SGX ISA, but NOT any particular ABI, tha= t allows enclaves "to muck with RSP". Again, this has nothing to do with security. With your proposal, it's not possible for the caller of an enclave to decide, in an ocall handler, to pause and do something else. This isn't just theoretical. Suppose someone wants to send a network request in an ocall handler. With the current RSP approach, it's difficult to do this in a program that uses poll / select / epoll -- you can't return out from the ocall until you have an answer.