Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp2212435yba; Fri, 19 Apr 2019 14:37:29 -0700 (PDT) X-Google-Smtp-Source: APXvYqyp57U+iIvVd9cczlyYUUkJMnXafqXtrvFt2nubTEx7OL5a+4TL5SLYFUtTy9u7fkN4Bicr X-Received: by 2002:a17:902:9048:: with SMTP id w8mr5986835plz.195.1555709848899; Fri, 19 Apr 2019 14:37:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1555709848; cv=none; d=google.com; s=arc-20160816; b=OsbYiwRI3OeHQ9GUrvb5ovQGLbrXVODO9qXx0HP6TnjkwaI3LXlFaqzqmit4YCpORw b0mXf+u49Gbde1Y3QGj/0Vu/A/s0qtEurxvG5Ak98TX+9Fo12hpfmEXf9FEzfkD8sSyC GwsCp1z+PrhlOshKwB8IZP7O5ol0sk4xl9CZzqY2Rko90FY9Ra+HpKDVcFUMkCs6Hhth 2DoNcx0ED3CeOHugA+2xfLYoGD/8OdKQGmgHvwHzMngVupunzAKdjR0xbiHuFlmsqWSU 52el5dfww51M6QJ94ptcQwAYpiVSj+NDCZ7n6TEzoa815pHkRLrSMNiULkCUJjVEsuLk 6Viw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=MveYOn37pam2my03msFn62YLS1vW5rTfg1yMIPO0iE8=; b=f353RY6EwVkh9g4WAWyFmFetmcRTRe/cOGSdbpzfKel2PZeDchL2sKelMsLnWWXwrt s8CEib9vbwM5itT6MylA5mSybHa7UqUFdp9fNPPa2MtG2lmhm9diuQ9YNdltPVEX7MG2 eMz4Sey3ZFttdD4M3ZApUKEeoTa99vflb0C1XxcpTu3onErCxRB2rHvwHFO2iNxMVteZ YZJwdyoEYLJQs/EfyjatjMoSkbTmCtjKK9c5J2bKbdpGS77eYCoPUvJKZl23lmKBXTZ4 j9J2ef1SZrp+OD2gEOIATeTSZwSPDCEIp+MeK0/Db9PGsVD+uXXiFRlYhgLegkBDqWGo x5CA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r5si5509206pgp.29.2019.04.19.14.37.13; Fri, 19 Apr 2019 14:37:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727259AbfDSVe4 (ORCPT + 99 others); Fri, 19 Apr 2019 17:34:56 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:42540 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726000AbfDSVe4 (ORCPT ); Fri, 19 Apr 2019 17:34:56 -0400 Received: from pd9ef12d2.dip0.t-ipconnect.de ([217.239.18.210] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hHb9j-0001fc-Do; Fri, 19 Apr 2019 23:34:47 +0200 Date: Fri, 19 Apr 2019 23:34:46 +0200 (CEST) From: Thomas Gleixner To: Jethro Beekman cc: Andy Lutomirski , Andy Lutomirski , "Dr. Greg" , Dave Hansen , Jarkko Sakkinen , Linus Torvalds , LKML , X86 ML , "linux-sgx@vger.kernel.org" , Andrew Morton , "Christopherson, Sean J" , "nhorman@redhat.com" , "npmccallum@redhat.com" , "Ayoun, Serge" , "Katz-zamir, Shay" , "Huang, Haitao" , Andy Shevchenko , "Svahn, Kai" , Borislav Petkov , Josh Triplett , "Huang, Kai" , David Rientjes Subject: Re: [PATCH v20 00/28] Intel SGX1 support In-Reply-To: <49b28ca1-6e66-87d9-2202-84c58f13fb99@fortanix.com> Message-ID: References: <20190417103938.7762-1-jarkko.sakkinen@linux.intel.com> <20190418171059.GA20819@wind.enjellic.com> <09ebfa1d-c03d-c1fe-ff0f-d99287b6ec3c@intel.com> <20190419141732.GA2269@wind.enjellic.com> <43aa8fdd-e777-74cb-e3f0-d36805ffa18b@fortanix.com> <8c5133bc-1301-24ca-418d-7151a6eac0e2@fortanix.com> <2AE80EA3-799E-4808-BBE4-3872F425BCF8@amacapital.net> <49b28ca1-6e66-87d9-2202-84c58f13fb99@fortanix.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="8323329-659989961-1555709687=:3174" X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --8323329-659989961-1555709687=:3174 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8BIT On Fri, 19 Apr 2019, Jethro Beekman wrote: > On 2019-04-19 14:15, Andy Lutomirski wrote: > > With plain mmap() + mprotect(), the LSM will prevent you from making > > memory that *was* writable executable. This is by design and SELinux > > supports it. I don’t remember the name of the associated SELinux > > permission off the top of my head. > > > > If we start enforcing equivalent rules on SGX, then the current API > > will simply not allow enclaves to be loaded — no matter how you slice > > it, loading an enclave with the current API is indistinguishable from > > making arbitrary data executable. > > > Yes this is exactly what I intended here: a very simple change that > stops SGX from confusing LSM. Just by enforcing that everything that > looks like a memory write (EADD, EAUG, EDBGWR, etc.) actually requires > write permissions, reality and LSM should be on the same page. And how so? You create writeable AND executable memory. That's a nono and you can argue in circles, that's not going to change with any of your proposed changes. Andy clearly made a proposal which solves it in a proper way. Thanks, tglx --8323329-659989961-1555709687=:3174--