Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2198362yba; Fri, 19 Apr 2019 14:17:47 -0700 (PDT) X-Google-Smtp-Source: APXvYqzhhL4VUqP4vUwkMb4z1DuTR+Hfgp3CQcyKv+cIVxthHzuAYtXx5YOjwlHaJIFuBWdf5+4h X-Received: by 2002:a17:902:4827:: with SMTP id s36mr6144831pld.296.1555708667066; Fri, 19 Apr 2019 14:17:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555708667; cv=none; d=google.com; s=arc-20160816; b=vjQpFoqe9mvoa0OYxp36uC6pnTiYSGcJZ+wqn05TZhSaxsHN18U8ugh6skIYn11bxm IJWgOTGrg2e2delvtd4I3IjWu1UMIiH1pLl7hBpvF3Uf9NJA7sbwRWKeKEiihft5FMpJ 8TqrK2vSJ5JiOSHnbG+musGQEidFVfmfZ8d0qxAztyT8ikS8f8NbFSLRpkrgdm2GjJH0 YlSbfVcmOv1ZOWXW1hjtLeymnfX1xrsNQ+3AGS1GeD6kCKMn0G4WVHxRs9CNs1nAAqgG TKQRdBiPIu8lvNGQtifE5QqJKahoCE3YU04JBWz0GBPUeALoYfbSgGRfKC3/lGVMcuJR F3iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=WYpiZfRbbseRjJyVApEiFDNq4Hmmd0sUbCvSRw0KoEY=; b=fkr/i2FF8Rm0E9PkiO5PBzSwTkboiErLVXfrI0U6wFFQfzr0uJQSaayZqJRgmFzVUJ vLB5diV9e6Pvzuj9OEKpw4cQs/BIZFgSMtAgzdcYdKkI2c6TS/vtWGEefzNOnfMbYPUy p58Bs/hefS9P8FWxshI2xX/xDDzb4T7c+wZVteGNVjuNtagMn8iZzrqYUOLwuAgUdzpN Fcl5XSDzdi+qQAf+dLNVKM+/qOxVEZ7ES+EpkKZQsUCXfmm5wo7kIYFcocwNfKzEODBi S/CmRn1VyDdaI9U4I0jb6q5TvxKH8FjKf/mgzXGO2iCVY8ZJplaqfhNOKBobIjRVYcC3 +jfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=KD5N5gnu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r5si5509206pgp.29.2019.04.19.14.17.32; Fri, 19 Apr 2019 14:17:47 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=KD5N5gnu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727418AbfDSVPO (ORCPT + 99 others); Fri, 19 Apr 2019 17:15:14 -0400 Received: from mail-pl1-f194.google.com ([209.85.214.194]:36996 "EHLO mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726000AbfDSVPN (ORCPT ); Fri, 19 Apr 2019 17:15:13 -0400 Received: by mail-pl1-f194.google.com with SMTP id w23so3092290ply.4 for ; Fri, 19 Apr 2019 14:15:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=WYpiZfRbbseRjJyVApEiFDNq4Hmmd0sUbCvSRw0KoEY=; b=KD5N5gnuj0qJHhdNK14Ng0i18NnELyUBJN4d20cMkiMehCQ+Ih8IiW57Sm7Ma3iHt2 aep4wMeMz830Jd9n5XP8Pwb2AFKNZLF9bOZQIIZ6+fvZeqI65GZr4ou52YIzx0BgM7aA EhwV9wzl4lSWZrQSnEbz+46KKuAPsX4P223NxIkRLGhs735a4uVFL2moqhptyZB91/ka DEChuzJjoG033BJRhCCFAUYJr7tkKAsHaadZ59QBn6wSQttqM4zFSihCNLx4T2bl3ufn DW2/YWIfoEZkM7b4qrjhQkOFbwP1uGCLGv8/J8NiLp6HfksDeEkM+Yoc/6dF7Hzn848R 7rsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=WYpiZfRbbseRjJyVApEiFDNq4Hmmd0sUbCvSRw0KoEY=; b=LxtbwuB6HuQxGLuC3XRzt5NVufBNmJyJVCUAgQgEQGoYvHb2bn7uaWmSeK0MkaPygR YthT2Q5s2H4VGT1HOGA1TGbK4BMmKq9O3JB/SBcuNqXP0+yjBGWcG2Z+dIulM6WEw97Q 5ooDrXQE2W5bAg1rjQHBdsH5ZW1UC8xknHriHFwNHarlvkEjZMqDq9iRUFlIQjMhkCFj uBhY81Hy3iVH0IgAKCaF38l0Ab94bNm6Pt5B7mX+J6I7T8RoyDF/sbv+unqRZkunQOqE 0aNIB0a7+teA6pPMmlGbO812hKAbNqtdT9Exoh4TxoV49XXpibNaZHoKI6gNRyPRvA/0 Ux/A== X-Gm-Message-State: APjAAAWyYL67ttBCsgIeMLh62A1IlK6szJG9RZJB+Ot6q81OqI71dc4l Z6Or4miVypRQzMl9i0nXbwNOPpl/sN4= X-Received: by 2002:a17:902:b713:: with SMTP id d19mr6155722pls.54.1555708512862; Fri, 19 Apr 2019 14:15:12 -0700 (PDT) Received: from ?IPv6:2600:1010:b006:440c:5c39:392b:af18:8032? ([2600:1010:b006:440c:5c39:392b:af18:8032]) by smtp.gmail.com with ESMTPSA id u62sm8636613pfa.124.2019.04.19.14.15.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 19 Apr 2019 14:15:11 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (1.0) Subject: Re: [PATCH v20 00/28] Intel SGX1 support From: Andy Lutomirski X-Mailer: iPhone Mail (16E227) In-Reply-To: Date: Fri, 19 Apr 2019 14:15:08 -0700 Cc: Thomas Gleixner , Andy Lutomirski , "Dr. Greg" , Dave Hansen , Jarkko Sakkinen , Linus Torvalds , LKML , X86 ML , "linux-sgx@vger.kernel.org" , Andrew Morton , "Christopherson, Sean J" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , Andy Shevchenko , "Svahn, Kai" , Borislav Petkov , Josh Triplett , "Huang, Kai" , David Rientjes Content-Transfer-Encoding: quoted-printable Message-Id: <2AE80EA3-799E-4808-BBE4-3872F425BCF8@amacapital.net> References: <20190417103938.7762-1-jarkko.sakkinen@linux.intel.com> <20190418171059.GA20819@wind.enjellic.com> <09ebfa1d-c03d-c1fe-ff0f-d99287b6ec3c@intel.com> <20190419141732.GA2269@wind.enjellic.com> <43aa8fdd-e777-74cb-e3f0-d36805ffa18b@fortanix.com> <8c5133bc-1301-24ca-418d-7151a6eac0e2@fortanix.com> To: Jethro Beekman Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Apr 19, 2019, at 1:54 PM, Jethro Beekman wrote: >=20 >> On 2019-04-19 13:50, Thomas Gleixner wrote: >>> On Fri, 19 Apr 2019, Jethro Beekman wrote: >>>> On 2019-04-19 13:39, Thomas Gleixner wrote: >>>>> On Fri, 19 Apr 2019, Jethro Beekman wrote: >>>>>=20 >>>>>> On 2019-04-19 08:27, Andy Lutomirski wrote: >>>>>> There are many, >>>>>> many Linux systems that enforce a policy that *all* executable text >>>>>> needs to come from a verified source. On these systems, you can't >>>>>> mmap some writable memory, write to it, and then change it to >>>>>> executable. >>>>>=20 >>>>> How is this implemented on those systems? AFAIK there's no kernel conf= ig >>>>> option that changes the semantics of mmap as you describe. >>>>=20 >>>> That has nothing to do with mmap() semantics. You mmap() writeable memo= ry >>>> and then you change the permissions via mprotect(). mprotect() calls in= to >>>> LSM and depending on policy and security model this will reject the >>>> request. >>>>=20 >>>> Andy was pointing out that the SGX ioctl bypasses the LSM mechanics whi= ch >>>> is obviously a bad thing. >>>=20 >>> We could modify the driver such that when you call ioctl EADD, the page >>> table permissions need to be the PAGEINFO.SECINFO.FLAGS | PROT_WRITE, >>> otherwise you get EPERM or so. After EADD, if you want, you can restrict= >>> the page table permissions again using mprotect but the page table >>> permissions don't really matter for SGX. >>=20 >> And the point of that is? That you still can cirumvent LSM for feeding >> executable code into SGX. >=20 > How? LSM would see that you're trying to map a page RWX so you can do > your ioctl? With plain mmap() + mprotect(), the LSM will prevent you from making memory t= hat *was* writable executable. This is by design and SELinux supports it. I= don=E2=80=99t remember the name of the associated SELinux permission off th= e top of my head. If we start enforcing equivalent rules on SGX, then the current API will sim= ply not allow enclaves to be loaded =E2=80=94 no matter how you slice it, lo= ading an enclave with the current API is indistinguishable from making arbit= rary data executable. Put another way, you can compile your enclave, ship it as a file, and get it= appropriately verified (by LSM attribute, IMA, dm-verity, whatever) and run= it, but, with the current API, the kernel has no way of knowing that the us= erspace enclave loader is actually reading it from the file in question. So I think we need to work on the API. >=20 >> No, we are not making special cases and exceptions for SGX. >=20 > Maybe I didn't express myself clearly? I don't think I was suggesting > anything like that. >=20 > -- > Jethro Beekman | Fortanix